animedede_1[.]0[.]0[.]msix

resource
unpack001/animedede.exe
unpack001/api-ms-win-downlevel-kernel32-l2-1-0.dll
unpack001/auto_update_plugin.dll
unpack001/discord_rpc_plugin.dll
unpack001/flutter_js_plugin.dll
unpack001/flutter_secure_storage_windows_plugin.dll
unpack001/flutter_windows.dll
unpack001/libc%2B%2B.dll
unpack001/libmpv-2.dll
unpack001/media_kit_libs_windows_video_plugin.dll
unpack001/media_kit_native_event_loop.dll
unpack001/media_kit_video_plugin.dll
unpack001/quickjs_c_bridge.dll
unpack001/screen_brightness_windows_plugin.dll
unpack001/screen_retriever_plugin.dll
unpack001/system_tray_plugin.dll
unpack001/window_manager_plugin.dll
unpack001/window_size_plugin.dll
unpack001/zlib.dll

animedede_1.0.0.msix

.appx

AppxBlockMap.xml

.xml

AppxManifest.xml

.xml

AppxMetadata/CodeIntegrity.cat

AppxSignature.p7x

Images/BadgeLogo.scale-100.png

.png

Images/BadgeLogo.scale-125.png

.png

Images/BadgeLogo.scale-150.png

.png

Images/BadgeLogo.scale-200.png

.png

Images/BadgeLogo.scale-400.png

.png

Images/LargeTile.scale-100.png

.png

Images/LargeTile.scale-125.png

.png

Images/LargeTile.scale-150.png

.png

Images/LargeTile.scale-200.png

.png

Images/LargeTile.scale-400.png

.png

Images/SmallTile.scale-100.png

.png

Images/SmallTile.scale-125.png

.png

Images/SmallTile.scale-150.png

.png

Images/SmallTile.scale-200.png

.png

Images/SmallTile.scale-400.png

.png

Images/SplashScreen.scale-100.png

.png

Images/SplashScreen.scale-125.png

.png

Images/SplashScreen.scale-150.png

.png

Images/SplashScreen.scale-200.png

.png

Images/SplashScreen.scale-400.png

.png

Images/Square150x150Logo.scale-100.png

.png

Images/Square150x150Logo.scale-125.png

.png

Images/Square150x150Logo.scale-150.png

.png

Images/Square150x150Logo.scale-200.png

.png

Images/Square150x150Logo.scale-400.png

.png

Images/Square44x44Logo.altform-lightunplated_targetsize-16.png

.png

Images/Square44x44Logo.altform-lightunplated_targetsize-20.png

.png

Images/Square44x44Logo.altform-lightunplated_targetsize-24.png

.png

Images/Square44x44Logo.altform-lightunplated_targetsize-256.png

.png

Images/Square44x44Logo.altform-lightunplated_targetsize-30.png

.png

Images/Square44x44Logo.altform-lightunplated_targetsize-32.png

.png

Images/Square44x44Logo.altform-lightunplated_targetsize-36.png

.png

Images/Square44x44Logo.altform-lightunplated_targetsize-40.png

.png

Images/Square44x44Logo.altform-lightunplated_targetsize-48.png

.png

Images/Square44x44Logo.altform-lightunplated_targetsize-60.png

.png

Images/Square44x44Logo.altform-lightunplated_targetsize-64.png

.png

Images/Square44x44Logo.altform-lightunplated_targetsize-72.png

.png

Images/Square44x44Logo.altform-lightunplated_targetsize-80.png

.png

Images/Square44x44Logo.altform-lightunplated_targetsize-96.png

.png

Images/Square44x44Logo.altform-unplated_targetsize-16.png

.png

Images/Square44x44Logo.altform-unplated_targetsize-20.png

.png

Images/Square44x44Logo.altform-unplated_targetsize-24.png

.png

Images/Square44x44Logo.altform-unplated_targetsize-256.png

.png

Images/Square44x44Logo.altform-unplated_targetsize-30.png

.png

Images/Square44x44Logo.altform-unplated_targetsize-32.png

.png

Images/Square44x44Logo.altform-unplated_targetsize-36.png

.png

Images/Square44x44Logo.altform-unplated_targetsize-40.png

.png

Images/Square44x44Logo.altform-unplated_targetsize-48.png

.png

Images/Square44x44Logo.altform-unplated_targetsize-60.png

.png

Images/Square44x44Logo.altform-unplated_targetsize-64.png

.png

Images/Square44x44Logo.altform-unplated_targetsize-72.png

.png

Images/Square44x44Logo.altform-unplated_targetsize-80.png

.png

Images/Square44x44Logo.altform-unplated_targetsize-96.png

.png

Images/Square44x44Logo.scale-100.png

.png

Images/Square44x44Logo.scale-125.png

.png

Images/Square44x44Logo.scale-150.png

.png

Images/Square44x44Logo.scale-200.png

.png

Images/Square44x44Logo.scale-400.png

.png

Images/Square44x44Logo.targetsize-16.png

.png

Images/Square44x44Logo.targetsize-20.png

.png

Images/Square44x44Logo.targetsize-24.png

.png

Images/Square44x44Logo.targetsize-256.png

.png

Images/Square44x44Logo.targetsize-30.png

.png

Images/Square44x44Logo.targetsize-32.png

.png

Images/Square44x44Logo.targetsize-36.png

.png

Images/Square44x44Logo.targetsize-40.png

.png

Images/Square44x44Logo.targetsize-48.png

.png

Images/Square44x44Logo.targetsize-60.png

.png

Images/Square44x44Logo.targetsize-64.png

.png

Images/Square44x44Logo.targetsize-72.png

.png

Images/Square44x44Logo.targetsize-80.png

.png

Images/Square44x44Logo.targetsize-96.png

.png

Images/StoreLogo.scale-100.png

.png

Images/StoreLogo.scale-125.png

.png

Images/StoreLogo.scale-150.png

.png

Images/StoreLogo.scale-200.png

.png

Images/StoreLogo.scale-400.png

.png

Images/Wide310x150Logo.scale-100.png

.png

Images/Wide310x150Logo.scale-125.png

.png

Images/Wide310x150Logo.scale-150.png

.png

Images/Wide310x150Logo.scale-200.png

.png

Images/Wide310x150Logo.scale-400.png

.png

[Content_Types].xml

.xml

animedede.exe

.exe windows:6 windows x64 arch:x64

41bb24896a09b56f979fe3ccdf71667a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

auto_update_plugin

AutoUpdatePluginRegisterWithRegistrar

discord_rpc_plugin

DiscordRpcPluginRegisterWithRegistrar

flutter_js_plugin

FlutterJsPluginRegisterWithRegistrar

flutter_secure_storage_windows_plugin

FlutterSecureStorageWindowsPluginRegisterWithRegistrar

media_kit_libs_windows_video_plugin

MediaKitLibsWindowsVideoPluginCApiRegisterWithRegistrar

media_kit_video_plugin

MediaKitVideoPluginCApiRegisterWithRegistrar

screen_brightness_windows_plugin

ScreenBrightnessWindowsPluginRegisterWithRegistrar

screen_retriever_plugin

ScreenRetrieverPluginRegisterWithRegistrar

system_tray_plugin

SystemTrayPluginRegisterWithRegistrar

window_manager_plugin

WindowManagerPluginRegisterWithRegistrar

window_size_plugin

WindowSizePluginRegisterWithRegistrar

flutter_windows

FlutterDesktopEngineDestroy

FlutterDesktopEngineReloadSystemFonts

FlutterDesktopEngineGetPluginRegistrar

FlutterDesktopEngineGetMessenger

FlutterDesktopEngineCreate

FlutterDesktopViewControllerCreate

FlutterDesktopViewControllerDestroy

FlutterDesktopViewControllerGetView

FlutterDesktopGetDpiForMonitor

FlutterDesktopResyncOutputStreams

FlutterDesktopViewGetHWND

FlutterDesktopMessengerSend

FlutterDesktopMessengerSendWithReply

FlutterDesktopMessengerSendResponse

FlutterDesktopMessengerSetCallback

FlutterDesktopMessengerAddRef

FlutterDesktopMessengerRelease

FlutterDesktopMessengerIsAvailable

FlutterDesktopMessengerLock

FlutterDesktopMessengerUnlock

FlutterDesktopTextureRegistrarRegisterExternalTexture

FlutterDesktopTextureRegistrarUnregisterExternalTexture

FlutterDesktopTextureRegistrarMarkExternalTextureFrameAvailable

FlutterDesktopPluginRegistrarSetDestructionHandler

FlutterDesktopPluginRegistrarGetView

FlutterDesktopPluginRegistrarGetMessenger

FlutterDesktopRegistrarGetTextureRegistrar

FlutterDesktopViewControllerHandleTopLevelWindowProc

dwmapi

DwmExtendFrameIntoClientArea

comctl32

ord410

ord413

kernel32

GetCurrentProcessId

QueryPerformanceCounter

IsProcessorFeaturePresent

TerminateProcess

GetCurrentProcess

SetUnhandledExceptionFilter

UnhandledExceptionFilter

RtlVirtualUnwind

RtlLookupFunctionEntry

RtlCaptureContext

SleepConditionVariableSRW

WakeAllConditionVariable

AcquireSRWLockExclusive

InitializeSListHead

GetCurrentThreadId

GetProcessHeap

HeapFree

LoadLibraryA

GetProcAddress

GetModuleHandleW

FreeLibrary

AllocConsole

WideCharToMultiByte

LocalFree

GetCommandLineW

AttachConsole

IsDebuggerPresent

GetSystemTimeAsFileTime

ReleaseSRWLockExclusive

GetStartupInfoW

user32

MonitorFromPoint

SendMessageW

IsZoomed

ReleaseCapture

GetSystemMetrics

SetPropW

SetWindowLongPtrW

GetCursorPos

ScreenToClient

SetWindowsHookExW

UnhookWindowsHookEx

MonitorFromWindow

GetMonitorInfoW

SetParent

SetWindowTextW

LoadCursorW

LoadIconW

GetMessageW

TranslateMessage

DispatchMessageW

DefWindowProcW

PostQuitMessage

RegisterClassW

UnregisterClassW

CreateWindowExW

DestroyWindow

MoveWindow

SetWindowPos

SetFocus

GetClientRect

GetWindowLongPtrW

shell32

CommandLineToArgvW

ole32

CoUninitialize

CoInitializeEx

msvcp140

?good@ios_base@std@@QEBA_NXZ

?_Xbad_function_call@std@@YAXXZ

?sync_with_stdio@ios_base@std@@SA_N_N@Z

?flags@ios_base@std@@QEBAHXZ

?_Xlength_error@std@@YAXPEBD@Z

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z

?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A

?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ

?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z

?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ

?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z

?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADXZ

?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ

?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ

?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z

?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z

?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z

?width@ios_base@std@@QEAA_J_J@Z

?width@ios_base@std@@QEBA_JXZ

?_Raise_handler@std@@3P6AXAEBVexception@stdext@@@ZEA

vcruntime140_1

__CxxFrameHandler4

vcruntime140

__current_exception

_CxxThrowException

__std_exception_destroy

__std_exception_copy

__C_specific_handler

memcmp

__std_type_info_compare

memmove

__std_terminate

memset

memcpy

__current_exception_context

api-ms-win-crt-runtime-l1-1-0

_get_wide_winmain_command_line

_c_exit

_initterm_e

_cexit

_set_app_type

_seh_filter_exe

_register_thread_local_exe_atexit_callback

exit

_exit

_initterm

terminate

_configure_wide_argv

_initialize_wide_environment

_invoke_watson

_invalid_parameter_noinfo_noreturn

_initialize_onexit_table

_register_onexit_function

_crt_atexit

api-ms-win-crt-stdio-l1-1-0

_fileno

__acrt_iob_func

_set_fmode

_dup2

__p__commode

freopen_s

api-ms-win-crt-math-l1-1-0

ceil

__setusermatherr

api-ms-win-crt-heap-l1-1-0

_set_new_mode

_callnewh

malloc

free

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

Exports

bitsdojo_window_api

Sections

.text
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 416B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

animedede.exp

animedede.lib

api-ms-win-core-console-l1-1-0.dll

.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

9a:21:b0:8b:85:a9:de:1f:d9:4f:fe:56:97:d3:7b:37:3d:86:6f:aa:be:dd:dc:05:03:e3:b6:57:a0:0f:c9:53
Signer

Actual PE Digest

9a:21:b0:8b:85:a9:de:1f:d9:4f:fe:56:97:d3:7b:37:3d:86:6f:aa:be:dd:dc:05:03:e3:b6:57:a0:0f:c9:53

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-console-l1-1-0.pdb

Exports

AllocConsole

GetConsoleCP

GetConsoleMode

GetConsoleOutputCP

GetNumberOfConsoleInputEvents

PeekConsoleInputA

ReadConsoleA

ReadConsoleInputA

ReadConsoleInputW

ReadConsoleW

SetConsoleCtrlHandler

SetConsoleMode

WriteConsoleA

WriteConsoleW

Sections

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

api-ms-win-core-console-l1-2-0.dll

.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

10:a4:b7:d1:65:d5:bc:cf:9e:2c:dc:b7:61:13:97:0c:5a:4a:25:b4:e9:74:66:0a:a2:cc:88:c1:1b:f7:26:c7
Signer

Actual PE Digest

10:a4:b7:d1:65:d5:bc:cf:9e:2c:dc:b7:61:13:97:0c:5a:4a:25:b4:e9:74:66:0a:a2:cc:88:c1:1b:f7:26:c7

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-console-l1-2-0.pdb

Exports

AllocConsole

AttachConsole

FreeConsole

GetConsoleCP

GetConsoleMode

GetConsoleOutputCP

GetNumberOfConsoleInputEvents

PeekConsoleInputA

PeekConsoleInputW

ReadConsoleA

ReadConsoleInputA

ReadConsoleInputW

ReadConsoleW

SetConsoleCtrlHandler

SetConsoleMode

WriteConsoleA

WriteConsoleW

Sections

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

api-ms-win-core-datetime-l1-1-0.dll

.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

29:8c:72:37:c7:ec:6f:9a:e3:b3:d0:6f:37:88:23:05:94:c6:24:84:37:0a:be:d7:8c:6c:4b:84:3c:e9:91:15
Signer

Actual PE Digest

29:8c:72:37:c7:ec:6f:9a:e3:b3:d0:6f:37:88:23:05:94:c6:24:84:37:0a:be:d7:8c:6c:4b:84:3c:e9:91:15

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-datetime-l1-1-0.pdb

Exports

GetDateFormatA

GetDateFormatW

GetTimeFormatA

GetTimeFormatW

Sections

.rdata
Size: 1024B - Virtual size: 584B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

api-ms-win-core-debug-l1-1-0.dll

.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

39:b9:fd:ac:5b:dc:e8:1e:8f:2d:e8:ee:54:da:31:11:3e:3c:73:70:81:d0:4c:16:a0:a4:c0:b2:28:d9:9d:33
Signer

Actual PE Digest

39:b9:fd:ac:5b:dc:e8:1e:8f:2d:e8:ee:54:da:31:11:3e:3c:73:70:81:d0:4c:16:a0:a4:c0:b2:28:d9:9d:33

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-debug-l1-1-0.pdb

Exports

DebugBreak

IsDebuggerPresent

OutputDebugStringA

OutputDebugStringW

Sections

.rdata
Size: 1024B - Virtual size: 596B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

api-ms-win-core-errorhandling-l1-1-0.dll

.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

38:c7:b6:7e:d3:49:27:25:36:5f:9c:fc:32:93:06:e7:d4:59:b3:98:d6:44:e0:e1:df:74:fc:11:88:2a:76:2e
Signer

Actual PE Digest

38:c7:b6:7e:d3:49:27:25:36:5f:9c:fc:32:93:06:e7:d4:59:b3:98:d6:44:e0:e1:df:74:fc:11:88:2a:76:2e

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-errorhandling-l1-1-0.pdb

Exports

GetErrorMode

GetLastError

RaiseException

SetErrorMode

SetLastError

SetUnhandledExceptionFilter

UnhandledExceptionFilter

Sections

.rdata
Size: 1024B - Virtual size: 776B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

api-ms-win-core-fibers-l1-1-0.dll

.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:03:df:fb:6a:e3:f4:27:ec:b6:a3:00:00:00:00:03:df
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

15/12/2020, 21:24

Not After

02/12/2021, 21:24

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

b9:c4:d0:91:aa:4c:0c:bc:0b:e8:d6:2c:f2:ba:6b:d9:da:c0:f5:c0:1f:62:2b:0d:b7:4b:f2:9c:83:c7:e6:e6
Signer

Actual PE Digest

b9:c4:d0:91:aa:4c:0c:bc:0b:e8:d6:2c:f2:ba:6b:d9:da:c0:f5:c0:1f:62:2b:0d:b7:4b:f2:9c:83:c7:e6:e6

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-fibers-l1-1-0.pdb

Exports

FlsAlloc

FlsFree

FlsGetValue

FlsSetValue

Sections

.rdata
Size: 4KB - Virtual size: 560B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

api-ms-win-core-file-l1-1-0.dll

.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

73:6f:69:75:0f:67:32:4b:fb:6f:48:bb:b3:bf:f0:1d:9f:13:4e:c8:03:5e:3a:64:44:91:63:65:78:e2:f6:56
Signer

Actual PE Digest

73:6f:69:75:0f:67:32:4b:fb:6f:48:bb:b3:bf:f0:1d:9f:13:4e:c8:03:5e:3a:64:44:91:63:65:78:e2:f6:56

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-file-l1-1-0.pdb

Exports

CompareFileTime

CreateDirectoryA

CreateDirectoryW

CreateFileA

CreateFileW

DefineDosDeviceW

DeleteFileA

DeleteFileW

DeleteVolumeMountPointW

FileTimeToLocalFileTime

FindClose

FindCloseChangeNotification

FindFirstChangeNotificationA

FindFirstChangeNotificationW

FindFirstFileA

FindFirstFileExA

FindFirstFileExW

FindFirstFileW

FindFirstVolumeW

FindNextChangeNotification

FindNextFileA

FindNextFileW

FindNextVolumeW

FindVolumeClose

FlushFileBuffers

GetDiskFreeSpaceA

GetDiskFreeSpaceExA

GetDiskFreeSpaceExW

GetDiskFreeSpaceW

GetDriveTypeA

GetDriveTypeW

GetFileAttributesA

GetFileAttributesExA

GetFileAttributesExW

GetFileAttributesW

GetFileInformationByHandle

GetFileSize

GetFileSizeEx

GetFileTime

GetFileType

GetFinalPathNameByHandleA

GetFinalPathNameByHandleW

GetFullPathNameA

GetFullPathNameW

GetLogicalDriveStringsW

GetLogicalDrives

GetLongPathNameA

GetLongPathNameW

GetShortPathNameW

GetTempFileNameW

GetVolumeInformationByHandleW

GetVolumeInformationW

GetVolumePathNameW

LocalFileTimeToFileTime

LockFile

LockFileEx

QueryDosDeviceW

ReadFile

ReadFileEx

ReadFileScatter

RemoveDirectoryA

RemoveDirectoryW

SetEndOfFile

SetFileAttributesA

SetFileAttributesW

SetFileInformationByHandle

SetFilePointer

SetFilePointerEx

SetFileTime

SetFileValidData

UnlockFile

UnlockFileEx

WriteFile

WriteFileEx

WriteFileGather

Sections

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

api-ms-win-core-file-l1-2-0.dll

.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

a6:49:26:84:e3:13:01:27:f8:8e:a6:8c:bb:14:73:f6:bd:5c:f3:a6:4d:07:65:93:4b:75:2b:a5:11:0d:b3:a3
Signer

Actual PE Digest

a6:49:26:84:e3:13:01:27:f8:8e:a6:8c:bb:14:73:f6:bd:5c:f3:a6:4d:07:65:93:4b:75:2b:a5:11:0d:b3:a3

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-file-l1-2-0.pdb

Exports

CreateFile2

GetTempPathW

GetVolumeNameForVolumeMountPointW

GetVolumePathNamesForVolumeNameW

Sections

.rdata
Size: 1024B - Virtual size: 640B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

api-ms-win-core-file-l2-1-0.dll

.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

8f:84:7a:72:4f:97:ae:8a:73:6f:56:ae:84:c4:4e:1f:36:11:20:32:46:16:4e:50:68:b9:5f:14:5a:0f:2a:61
Signer

Actual PE Digest

8f:84:7a:72:4f:97:ae:8a:73:6f:56:ae:84:c4:4e:1f:36:11:20:32:46:16:4e:50:68:b9:5f:14:5a:0f:2a:61

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-file-l2-1-0.pdb

Exports

CopyFile2

CopyFileExW

CreateDirectoryExW

CreateHardLinkW

CreateSymbolicLinkW

GetFileInformationByHandleEx

MoveFileExW

MoveFileWithProgressW

ReOpenFile

ReadDirectoryChangesW

ReplaceFileW

Sections

.rdata
Size: 1024B - Virtual size: 964B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

api-ms-win-core-handle-l1-1-0.dll

.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

97:33:0d:58:6e:31:17:79:5b:77:9d:fb:14:b4:ba:03:51:4a:e4:86:99:aa:43:ce:4d:57:5a:b5:8c:1a:e7:1b
Signer

Actual PE Digest

97:33:0d:58:6e:31:17:79:5b:77:9d:fb:14:b4:ba:03:51:4a:e4:86:99:aa:43:ce:4d:57:5a:b5:8c:1a:e7:1b

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-handle-l1-1-0.pdb

Exports

CloseHandle

CompareObjectHandles

DuplicateHandle

GetHandleInformation

SetHandleInformation

Sections

.rdata
Size: 1024B - Virtual size: 664B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

api-ms-win-core-heap-l1-1-0.dll

.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

8d:c1:dc:51:8f:ed:e4:c0:51:8a:9a:09:38:47:61:4e:40:c5:f7:3d:f6:0a:a2:71:99:59:fe:80:07:86:ff:9a
Signer

Actual PE Digest

8d:c1:dc:51:8f:ed:e4:c0:51:8a:9a:09:38:47:61:4e:40:c5:f7:3d:f6:0a:a2:71:99:59:fe:80:07:86:ff:9a

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-heap-l1-1-0.pdb

Exports

GetProcessHeap

GetProcessHeaps

HeapAlloc

HeapCompact

HeapCreate

HeapDestroy

HeapFree

HeapLock

HeapQueryInformation

HeapReAlloc

HeapSetInformation

HeapSize

HeapSummary

HeapUnlock

HeapValidate

HeapWalk

Sections

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

api-ms-win-core-interlocked-l1-1-0.dll

.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

a7:61:3e:3a:f8:e6:bc:36:b5:c6:dd:88:44:05:3a:cd:00:e8:03:e3:6f:a3:7e:11:54:ac:bf:4d:c8:5a:0d:a3
Signer

Actual PE Digest

a7:61:3e:3a:f8:e6:bc:36:b5:c6:dd:88:44:05:3a:cd:00:e8:03:e3:6f:a3:7e:11:54:ac:bf:4d:c8:5a:0d:a3

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-interlocked-l1-1-0.pdb

Exports

InitializeSListHead

InterlockedFlushSList

InterlockedPopEntrySList

InterlockedPushEntrySList

InterlockedPushListSList

QueryDepthSList

Sections

.rdata
Size: 1024B - Virtual size: 780B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

api-ms-win-core-libraryloader-l1-1-0.dll

.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

6f:15:91:7e:6a:2d:30:3d:be:80:51:68:51:26:3a:6f:0d:ca:72:17:ee:ba:f9:33:63:f7:76:ed:89:48:32:05
Signer

Actual PE Digest

6f:15:91:7e:6a:2d:30:3d:be:80:51:68:51:26:3a:6f:0d:ca:72:17:ee:ba:f9:33:63:f7:76:ed:89:48:32:05

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-libraryloader-l1-1-0.pdb

Exports

AddDllDirectory

DisableThreadLibraryCalls

FindResourceExW

FindStringOrdinal

FreeLibrary

FreeLibraryAndExitThread

FreeResource

GetModuleFileNameA

GetModuleFileNameW

GetModuleHandleA

GetModuleHandleExA

GetModuleHandleExW

GetModuleHandleW

GetProcAddress

LoadLibraryExA

LoadLibraryExW

LoadResource

LoadStringA

LoadStringW

LockResource

RemoveDllDirectory

SetDefaultDllDirectories

SizeofResource

Sections

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

api-ms-win-core-localization-l1-2-0.dll

.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

f5:69:af:08:5e:4f:96:78:41:63:67:62:7f:aa:e1:b7:ef:02:f7:e0:1f:2b:4b:4c:a8:34:16:3d:44:0a:40:42
Signer

Actual PE Digest

f5:69:af:08:5e:4f:96:78:41:63:67:62:7f:aa:e1:b7:ef:02:f7:e0:1f:2b:4b:4c:a8:34:16:3d:44:0a:40:42

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-localization-l1-2-0.pdb

Exports

ConvertDefaultLocale

EnumSystemGeoID

EnumSystemLocalesA

EnumSystemLocalesW

FindNLSString

FindNLSStringEx

FormatMessageA

FormatMessageW

GetACP

GetCPInfo

GetCPInfoExW

GetCalendarInfoEx

GetCalendarInfoW

GetFileMUIInfo

GetFileMUIPath

GetGeoInfoW

GetLocaleInfoA

GetLocaleInfoEx

GetLocaleInfoW

GetNLSVersion

GetNLSVersionEx

GetOEMCP

GetProcessPreferredUILanguages

GetSystemDefaultLCID

GetSystemDefaultLangID

GetSystemPreferredUILanguages

GetThreadLocale

GetThreadPreferredUILanguages

GetThreadUILanguage

GetUILanguageInfo

GetUserDefaultLCID

GetUserDefaultLangID

GetUserDefaultLocaleName

GetUserGeoID

GetUserPreferredUILanguages

IdnToAscii

IdnToUnicode

IsDBCSLeadByte

IsDBCSLeadByteEx

IsNLSDefinedString

IsValidCodePage

IsValidLanguageGroup

IsValidLocale

IsValidLocaleName

IsValidNLSVersion

LCMapStringA

LCMapStringEx

LCMapStringW

LocaleNameToLCID

ResolveLocaleName

SetCalendarInfoW

SetLocaleInfoW

SetProcessPreferredUILanguages

SetThreadLocale

SetThreadPreferredUILanguages

SetThreadUILanguage

SetUserGeoID

VerLanguageNameA

VerLanguageNameW

Sections

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

api-ms-win-core-memory-l1-1-0.dll

.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

02:39:ec:92:4c:b0:dc:b8:75:90:05:f9:11:43:08:12:eb:d9:8b:75:36:c7:1c:2e:1d:36:07:16:58:7a:6e:78
Signer

Actual PE Digest

02:39:ec:92:4c:b0:dc:b8:75:90:05:f9:11:43:08:12:eb:d9:8b:75:36:c7:1c:2e:1d:36:07:16:58:7a:6e:78

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-memory-l1-1-0.pdb

Exports

CreateFileMappingW

FlushViewOfFile

MapViewOfFile

MapViewOfFileEx

OpenFileMappingW

ReadProcessMemory

UnmapViewOfFile

VirtualAlloc

VirtualAllocEx

VirtualFree

VirtualFreeEx

VirtualProtect

VirtualProtectEx

VirtualQuery

VirtualQueryEx

WriteProcessMemory

Sections

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

api-ms-win-core-namedpipe-l1-1-0.dll

.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

36:0b:f1:4e:1a:55:55:57:d9:b3:67:d8:d3:f8:13:7b:e1:51:39:7d:6b:19:5f:a1:e2:22:dd:25:06:1e:ca:33
Signer

Actual PE Digest

36:0b:f1:4e:1a:55:55:57:d9:b3:67:d8:d3:f8:13:7b:e1:51:39:7d:6b:19:5f:a1:e2:22:dd:25:06:1e:ca:33

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-namedpipe-l1-1-0.pdb

Exports

ConnectNamedPipe

CreateNamedPipeW

CreatePipe

DisconnectNamedPipe

GetNamedPipeClientComputerNameW

ImpersonateNamedPipeClient

PeekNamedPipe

SetNamedPipeHandleState

TransactNamedPipe

WaitNamedPipeW

Sections

.rdata
Size: 1024B - Virtual size: 980B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

api-ms-win-core-processenvironment-l1-1-0.dll

.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

5a:69:b2:24:c4:45:ef:64:a3:50:c7:0b:fa:32:3e:d4:ad:57:88:0d:ae:b3:ad:09:88:cd:70:ed:31:f6:aa:c4
Signer

Actual PE Digest

5a:69:b2:24:c4:45:ef:64:a3:50:c7:0b:fa:32:3e:d4:ad:57:88:0d:ae:b3:ad:09:88:cd:70:ed:31:f6:aa:c4

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-processenvironment-l1-1-0.pdb

Exports

ExpandEnvironmentStringsA

ExpandEnvironmentStringsW

FreeEnvironmentStringsA

FreeEnvironmentStringsW

GetCommandLineA

GetCommandLineW

GetCurrentDirectoryA

GetCurrentDirectoryW

GetEnvironmentStrings

GetEnvironmentStringsW

GetEnvironmentVariableA

GetEnvironmentVariableW

GetStdHandle

SearchPathW

SetCurrentDirectoryA

SetCurrentDirectoryW

SetEnvironmentStringsW

SetEnvironmentVariableA

SetEnvironmentVariableW

SetStdHandle

SetStdHandleEx

Sections

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

api-ms-win-core-processthreads-l1-1-0.dll

.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

89:60:95:ee:d1:89:4a:71:e9:0b:72:83:76:ab:99:b5:33:c9:ad:c4:82:da:2e:f2:e7:c2:cc:ff:60:15:d3:a2
Signer

Actual PE Digest

89:60:95:ee:d1:89:4a:71:e9:0b:72:83:76:ab:99:b5:33:c9:ad:c4:82:da:2e:f2:e7:c2:cc:ff:60:15:d3:a2

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-processthreads-l1-1-0.pdb

Exports

CreateProcessA

CreateProcessAsUserW

CreateProcessW

CreateRemoteThread

CreateRemoteThreadEx

CreateThread

DeleteProcThreadAttributeList

ExitProcess

ExitThread

FlushProcessWriteBuffers

GetCurrentProcess

GetCurrentProcessId

GetCurrentThread

GetCurrentThreadId

GetExitCodeProcess

GetExitCodeThread

GetPriorityClass

GetProcessId

GetProcessIdOfThread

GetProcessTimes

GetProcessVersion

GetStartupInfoW

GetThreadId

GetThreadPriority

GetThreadPriorityBoost

InitializeProcThreadAttributeList

OpenProcessToken

OpenThread

OpenThreadToken

ProcessIdToSessionId

QueryProcessAffinityUpdateMode

QueueUserAPC

ResumeThread

SetPriorityClass

SetProcessAffinityUpdateMode

SetProcessShutdownParameters

SetThreadPriority

SetThreadPriorityBoost

SetThreadStackGuarantee

SetThreadToken

SuspendThread

SwitchToThread

TerminateProcess

TerminateThread

TlsAlloc

TlsFree

TlsGetValue

TlsSetValue

UpdateProcThreadAttribute

Sections

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

api-ms-win-core-processthreads-l1-1-1.dll

.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

1f:2c:05:2f:23:c7:b5:cb:ab:e7:e7:b5:10:11:09:fb:1d:ae:bd:8b:e2:06:6b:b9:3f:c9:0e:0f:79:ae:91:9b
Signer

Actual PE Digest

1f:2c:05:2f:23:c7:b5:cb:ab:e7:e7:b5:10:11:09:fb:1d:ae:bd:8b:e2:06:6b:b9:3f:c9:0e:0f:79:ae:91:9b

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-processthreads-l1-1-1.pdb

Exports

FlushInstructionCache

GetCurrentProcessorNumber

GetCurrentProcessorNumberEx

GetCurrentThreadStackLimits

GetProcessHandleCount

GetProcessMitigationPolicy

GetThreadContext

GetThreadIdealProcessorEx

GetThreadTimes

IsProcessorFeaturePresent

OpenProcess

SetProcessMitigationPolicy

SetThreadContext

SetThreadIdealProcessorEx

Sections

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

api-ms-win-core-profile-l1-1-0.dll

.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

d6:cb:43:ca:0b:6b:66:8d:af:48:cf:42:ed:3c:78:d0:4d:19:c9:d0:51:9f:14:ea:59:67:eb:83:98:e0:18:02
Signer

Actual PE Digest

d6:cb:43:ca:0b:6b:66:8d:af:48:cf:42:ed:3c:78:d0:4d:19:c9:d0:51:9f:14:ea:59:67:eb:83:98:e0:18:02

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-profile-l1-1-0.pdb

Exports

QueryPerformanceCounter

QueryPerformanceFrequency

Sections

.rdata
Size: 1024B - Virtual size: 528B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

api-ms-win-core-rtlsupport-l1-1-0.dll

.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

a2:4f:f4:be:16:db:3b:f4:f4:72:a1:62:16:8e:8d:d7:8b:f9:0e:9c:58:9c:c2:37:07:4d:c2:35:68:53:34:9b
Signer

Actual PE Digest

a2:4f:f4:be:16:db:3b:f4:f4:72:a1:62:16:8e:8d:d7:8b:f9:0e:9c:58:9c:c2:37:07:4d:c2:35:68:53:34:9b

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-rtlsupport-l1-1-0.pdb

Exports

RtlAddFunctionTable

RtlCaptureContext

RtlCaptureStackBackTrace

RtlCompareMemory

RtlDeleteFunctionTable

RtlInstallFunctionTableCallback

RtlLookupFunctionEntry

RtlPcToFileHeader

RtlRaiseException

RtlRestoreContext

RtlUnwind

RtlUnwindEx

RtlVirtualUnwind

Sections

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

api-ms-win-core-string-l1-1-0.dll

.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

59:33:ef:74:7e:cd:84:4a:50:41:dc:e8:bb:81:bf:3c:d7:0c:d4:6c:2d:67:d9:a6:0e:15:22:ce:4a:f9:2a:21
Signer

Actual PE Digest

59:33:ef:74:7e:cd:84:4a:50:41:dc:e8:bb:81:bf:3c:d7:0c:d4:6c:2d:67:d9:a6:0e:15:22:ce:4a:f9:2a:21

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-string-l1-1-0.pdb

Exports

CompareStringEx

CompareStringOrdinal

CompareStringW

FoldStringW

GetStringTypeExW

GetStringTypeW

MultiByteToWideChar

WideCharToMultiByte

Sections

.rdata
Size: 1024B - Virtual size: 812B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

api-ms-win-core-synch-l1-1-0.dll

.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

8c:5c:a9:6d:67:a8:2a:0d:05:92:40:7f:de:cd:93:12:bc:7a:2e:b4:49:f3:14:77:99:8f:ac:79:78:83:0c:af
Signer

Actual PE Digest

8c:5c:a9:6d:67:a8:2a:0d:05:92:40:7f:de:cd:93:12:bc:7a:2e:b4:49:f3:14:77:99:8f:ac:79:78:83:0c:af

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-synch-l1-1-0.pdb

Exports

AcquireSRWLockExclusive

AcquireSRWLockShared

CancelWaitableTimer

CreateEventA

CreateEventExA

CreateEventExW

CreateEventW

CreateMutexA

CreateMutexExA

CreateMutexExW

CreateMutexW

CreateSemaphoreExW

CreateWaitableTimerExW

DeleteCriticalSection

EnterCriticalSection

InitializeCriticalSection

InitializeCriticalSectionAndSpinCount

InitializeCriticalSectionEx

InitializeSRWLock

LeaveCriticalSection

OpenEventA

OpenEventW

OpenMutexW

OpenSemaphoreW

OpenWaitableTimerW

ReleaseMutex

ReleaseSRWLockExclusive

ReleaseSRWLockShared

ReleaseSemaphore

ResetEvent

SetCriticalSectionSpinCount

SetEvent

SetWaitableTimer

SetWaitableTimerEx

SleepEx

TryAcquireSRWLockExclusive

TryAcquireSRWLockShared

TryEnterCriticalSection

WaitForMultipleObjectsEx

WaitForSingleObject

WaitForSingleObjectEx

Sections

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

api-ms-win-core-synch-l1-2-0.dll

.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

67:be:a8:c4:d7:a1:32:52:b1:2c:33:14:01:f8:51:a1:d7:9f:2d:1b:e8:d7:1b:56:77:24:ed:70:68:fc:ad:38
Signer

Actual PE Digest

67:be:a8:c4:d7:a1:32:52:b1:2c:33:14:01:f8:51:a1:d7:9f:2d:1b:e8:d7:1b:56:77:24:ed:70:68:fc:ad:38

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-synch-l1-2-0.pdb

Exports

DeleteSynchronizationBarrier

EnterSynchronizationBarrier

InitOnceBeginInitialize

InitOnceComplete

InitOnceExecuteOnce

InitOnceInitialize

InitializeConditionVariable

InitializeSynchronizationBarrier

SignalObjectAndWait

Sleep

SleepConditionVariableCS

SleepConditionVariableSRW

WaitOnAddress

WakeAllConditionVariable

WakeByAddressAll

WakeByAddressSingle

WakeConditionVariable

Sections

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

api-ms-win-core-sysinfo-l1-1-0.dll

.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

cc:2e:cb:89:b9:14:b9:65:90:79:ec:3a:12:58:e7:c6:ed:48:1d:17:8b:d6:d3:66:71:d9:29:fe:99:85:56:9c
Signer

Actual PE Digest

cc:2e:cb:89:b9:14:b9:65:90:79:ec:3a:12:58:e7:c6:ed:48:1d:17:8b:d6:d3:66:71:d9:29:fe:99:85:56:9c

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-sysinfo-l1-1-0.pdb

Exports

GetComputerNameExA

GetComputerNameExW

GetLocalTime

GetLogicalProcessorInformation

GetLogicalProcessorInformationEx

GetSystemDirectoryA

GetSystemDirectoryW

GetSystemInfo

GetSystemTime

GetSystemTimeAdjustment

GetSystemTimeAsFileTime

GetSystemWindowsDirectoryA

GetSystemWindowsDirectoryW

GetTickCount

GetTickCount64

GetVersion

GetVersionExA

GetVersionExW

GetWindowsDirectoryA

GetWindowsDirectoryW

GlobalMemoryStatusEx

SetLocalTime

Sections

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

api-ms-win-core-timezone-l1-1-0.dll

.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

78:4c:6f:99:c2:05:c7:f3:53:93:23:bd:09:52:75:d3:98:9b:87:68:f9:f8:e7:bc:9f:0a:9e:75:a4:ee:3a:b9
Signer

Actual PE Digest

78:4c:6f:99:c2:05:c7:f3:53:93:23:bd:09:52:75:d3:98:9b:87:68:f9:f8:e7:bc:9f:0a:9e:75:a4:ee:3a:b9

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-timezone-l1-1-0.pdb

Exports

EnumDynamicTimeZoneInformation

FileTimeToSystemTime

GetDynamicTimeZoneInformation

GetDynamicTimeZoneInformationEffectiveYears

GetTimeZoneInformation

GetTimeZoneInformationForYear

SetDynamicTimeZoneInformation

SetTimeZoneInformation

SystemTimeToFileTime

SystemTimeToTzSpecificLocalTime

SystemTimeToTzSpecificLocalTimeEx

TzSpecificLocalTimeToSystemTime

TzSpecificLocalTimeToSystemTimeEx

Sections

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

api-ms-win-core-util-l1-1-0.dll

.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

ea:3a:dd:89:19:d5:35:79:fd:06:0e:c9:52:2a:3a:87:a6:56:fc:69:c6:a6:30:e9:bf:59:b5:71:1d:43:dc:49
Signer

Actual PE Digest

ea:3a:dd:89:19:d5:35:79:fd:06:0e:c9:52:2a:3a:87:a6:56:fc:69:c6:a6:30:e9:bf:59:b5:71:1d:43:dc:49

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-util-l1-1-0.pdb

Exports

Beep

DecodePointer

DecodeSystemPointer

EncodePointer

EncodeSystemPointer

Sections

.rdata
Size: 1024B - Virtual size: 624B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

api-ms-win-crt-conio-l1-1-0.dll

.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

7f:c4:bc:06:a1:27:e4:af:0f:05:e1:69:23:40:a0:29:02:17:12:d3:53:9f:bc:26:8e:5a:de:88:c8:7b:dd:77
Signer

Actual PE Digest

7f:c4:bc:06:a1:27:e4:af:0f:05:e1:69:23:40:a0:29:02:17:12:d3:53:9f:bc:26:8e:5a:de:88:c8:7b:dd:77

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

api-ms-win-crt-conio-l1-1-0.pdb

Exports

__conio_common_vcprintf

__conio_common_vcprintf_p

__conio_common_vcprintf_s

__conio_common_vcscanf

__conio_common_vcwprintf

__conio_common_vcwprintf_p

__conio_common_vcwprintf_s

__conio_common_vcwscanf

_cgets

_cgets_s

_cgetws

_cgetws_s

_cputs

_cputws

_getch

_getch_nolock

_getche

_getche_nolock

_getwch

_getwch_nolock

_getwche

_getwche_nolock

_putch

_putch_nolock

_putwch

_putwch_nolock

_ungetch

_ungetch_nolock

_ungetwch

_ungetwch_nolock

Sections

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

api-ms-win-crt-convert-l1-1-0.dll

.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

11:70:1c:dc:fc:48:4f:d4:94:d0:b4:0a:86:0b:e3:f3:30:37:94:f3:4d:48:64:48:e6:82:6a:21:64:36:37:76
Signer

Actual PE Digest

11:70:1c:dc:fc:48:4f:d4:94:d0:b4:0a:86:0b:e3:f3:30:37:94:f3:4d:48:64:48:e6:82:6a:21:64:36:37:76

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

api-ms-win-crt-convert-l1-1-0.pdb

Exports

__toascii

_atodbl

_atodbl_l

_atof_l

_atoflt

_atoflt_l

_atoi64

_atoi64_l

_atoi_l

_atol_l

_atoldbl

_atoldbl_l

_atoll_l

_ecvt

_ecvt_s

_fcvt

_fcvt_s

_gcvt

_gcvt_s

_i64toa

_i64toa_s

_i64tow

_i64tow_s

_itoa

_itoa_s

_itow

_itow_s

_ltoa

_ltoa_s

_ltow

_ltow_s

_strtod_l

_strtof_l

_strtoi64

_strtoi64_l

_strtoimax_l

_strtol_l

_strtold_l

_strtoll_l

_strtoui64

_strtoui64_l

_strtoul_l

_strtoull_l

_strtoumax_l

_ui64toa

_ui64toa_s

_ui64tow

_ui64tow_s

_ultoa

_ultoa_s

_ultow

_ultow_s

_wcstod_l

_wcstof_l

_wcstoi64

_wcstoi64_l

_wcstoimax_l

_wcstol_l

_wcstold_l

_wcstoll_l

_wcstombs_l

_wcstombs_s_l

_wcstoui64

_wcstoui64_l

_wcstoul_l

_wcstoull_l

_wcstoumax_l

_wctomb_l

_wctomb_s_l

_wtof

_wtof_l

_wtoi

_wtoi64

_wtoi64_l

_wtoi_l

_wtol

_wtol_l

_wtoll

_wtoll_l

atof

atoi

atol

atoll

btowc

c16rtomb

c32rtomb

mbrtoc16

mbrtoc32

mbrtowc

mbsrtowcs

mbsrtowcs_s

mbstowcs

mbstowcs_s

mbtowc

strtod

strtof

strtoimax

strtol

strtold

strtoll

strtoul

strtoull

strtoumax

wcrtomb

wcrtomb_s

wcsrtombs

wcsrtombs_s

wcstod

wcstof

wcstoimax

wcstol

wcstold

wcstoll

wcstombs

wcstombs_s

wcstoul

wcstoull

wcstoumax

wctob

wctomb

wctomb_s

wctrans

Sections

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

api-ms-win-crt-environment-l1-1-0.dll

.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

ca:05:94:9b:7e:3b:46:a7:3d:9f:d3:6a:8c:33:12:40:55:6c:06:5b:65:cc:f8:32:e5:2f:b4:c6:17:97:49:d4
Signer

Actual PE Digest

ca:05:94:9b:7e:3b:46:a7:3d:9f:d3:6a:8c:33:12:40:55:6c:06:5b:65:cc:f8:32:e5:2f:b4:c6:17:97:49:d4

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

api-ms-win-crt-environment-l1-1-0.pdb

Exports

__p__environ

__p__wenviron

_dupenv_s

_putenv

_putenv_s

_searchenv

_searchenv_s

_wdupenv_s

_wgetcwd

_wgetdcwd

_wgetenv

_wgetenv_s

_wputenv

_wputenv_s

_wsearchenv

_wsearchenv_s

getenv

getenv_s

Sections

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

api-ms-win-crt-filesystem-l1-1-0.dll

.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

e7:62:9f:f3:5d:82:9e:32:0f:c1:53:1f:c7:ad:d4:82:2f:e2:21:34:e0:e1:11:27:0b:5a:56:21:eb:b4:54:13
Signer

Actual PE Digest

e7:62:9f:f3:5d:82:9e:32:0f:c1:53:1f:c7:ad:d4:82:2f:e2:21:34:e0:e1:11:27:0b:5a:56:21:eb:b4:54:13

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

api-ms-win-crt-filesystem-l1-1-0.pdb

Exports

_access

_access_s

_chdir

_chdrive

_chmod

_findclose

_findfirst32

_findfirst32i64

_findfirst64

_findfirst64i32

_findnext32

_findnext32i64

_findnext64

_findnext64i32

_fstat32

_fstat32i64

_fstat64

_fstat64i32

_fullpath

_getdiskfree

_getdrive

_getdrives

_lock_file

_makepath

_makepath_s

_mkdir

_rmdir

_splitpath

_splitpath_s

_stat32

_stat32i64

_stat64

_stat64i32

_umask

_umask_s

_unlink

_unlock_file

_waccess

_waccess_s

_wchdir

_wchmod

_wfindfirst32

_wfindfirst32i64

_wfindfirst64

_wfindfirst64i32

_wfindnext32

_wfindnext32i64

_wfindnext64

_wfindnext64i32

_wfullpath

_wmakepath

_wmakepath_s

_wmkdir

_wremove

_wrename

_wrmdir

_wsplitpath

_wsplitpath_s

_wstat32

_wstat32i64

_wstat64

_wstat64i32

_wunlink

remove

rename

Sections

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

api-ms-win-crt-heap-l1-1-0.dll

.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

a7:00:04:99:2f:7c:e6:46:fd:e2:e1:af:5f:4d:79:b8:86:e6:35:7b:53:6c:44:1f:c7:2b:c8:a1:c7:1f:88:3e
Signer

Actual PE Digest

a7:00:04:99:2f:7c:e6:46:fd:e2:e1:af:5f:4d:79:b8:86:e6:35:7b:53:6c:44:1f:c7:2b:c8:a1:c7:1f:88:3e

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

api-ms-win-crt-heap-l1-1-0.pdb

Exports

_aligned_free

_aligned_malloc

_aligned_msize

_aligned_offset_malloc

_aligned_offset_realloc

_aligned_offset_recalloc

_aligned_realloc

_aligned_recalloc

_callnewh

_calloc_base

_expand

_free_base

_get_heap_handle

_heapchk

_heapmin

_heapwalk

_malloc_base

_msize

_query_new_handler

_query_new_mode

_realloc_base

_recalloc

_set_new_mode

calloc

free

malloc

realloc

Sections

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

api-ms-win-crt-locale-l1-1-0.dll

.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

a8:50:43:72:83:2b:15:35:cc:f3:f7:71:eb:51:c8:d4:b8:62:01:1b:fa:b7:40:fc:25:96:4b:57:e7:7a:06:b9
Signer

Actual PE Digest

a8:50:43:72:83:2b:15:35:cc:f3:f7:71:eb:51:c8:d4:b8:62:01:1b:fa:b7:40:fc:25:96:4b:57:e7:7a:06:b9

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

api-ms-win-crt-locale-l1-1-0.pdb

Exports

___lc_codepage_func

___lc_collate_cp_func

___lc_locale_name_func

___mb_cur_max_func

___mb_cur_max_l_func

__initialize_lconv_for_unsigned_char

__pctype_func

__pwctype_func

_configthreadlocale

_create_locale

_free_locale

_get_current_locale

_getmbcp

_lock_locales

_setmbcp

_unlock_locales

_wcreate_locale

_wsetlocale

localeconv

setlocale

Sections

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

api-ms-win-crt-math-l1-1-0.dll

.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

2e:e4:73:61:28:5d:4d:09:7d:a5:80:d5:c1:84:d3:94:3e:3a:65:b4:1a:6a:89:dd:cd:29:2c:9f:44:f0:6e:43
Signer

Actual PE Digest

2e:e4:73:61:28:5d:4d:09:7d:a5:80:d5:c1:84:d3:94:3e:3a:65:b4:1a:6a:89:dd:cd:29:2c:9f:44:f0:6e:43

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

api-ms-win-crt-math-l1-1-0.pdb

Exports

_Cbuild

_Cmulcc

_Cmulcr

_FCbuild

_FCmulcc

_FCmulcr

_LCbuild

_LCmulcc

_LCmulcr

__setusermatherr

_cabs

_chgsign

_chgsignf

_copysign

_copysignf

_d_int

_dclass

_dexp

_dlog

_dnorm

_dpcomp

_dpoly

_dscale

_dsign

_dsin

_dtest

_dunscale

_except1

_fd_int

_fdclass

_fdexp

_fdlog

_fdnorm

_fdopen

_fdpcomp

_fdpoly

_fdscale

_fdsign

_fdsin

_fdtest

_fdunscale

_finite

_finitef

_fpclass

_fpclassf

_get_FMA3_enable

_hypot

_hypotf

_isnan

_isnanf

_j0

_j1

_jn

_ld_int

_ldclass

_ldexp

_ldlog

_ldpcomp

_ldpoly

_ldscale

_ldsign

_ldsin

_ldtest

_ldunscale

_logb

_logbf

_nextafter

_nextafterf

_scalb

_scalbf

_set_FMA3_enable

_y0

_y1

_yn

acos

acosf

acosh

acoshf

acoshl

asin

asinf

asinh

asinhf

asinhl

atan

atan2

atan2f

atanf

atanh

atanhf

atanhl

cabs

cabsf

cabsl

cacos

cacosf

cacosh

cacoshf

cacoshl

cacosl

carg

cargf

cargl

casin

casinf

casinh

casinhf

casinhl

casinl

catan

catanf

catanh

catanhf

catanhl

catanl

cbrt

cbrtf

cbrtl

ccos

ccosf

ccosh

ccoshf

ccoshl

ccosl

ceil

ceilf

cexp

cexpf

cexpl

cimag

cimagf

cimagl

clog

clog10

clog10f

clog10l

clogf

clogl

conj

conjf

conjl

copysign

copysignf

copysignl

cos

cosf

cosh

coshf

cpow

cpowf

cpowl

cproj

cprojf

cprojl

creal

crealf

creall

csin

csinf

csinh

csinhf

csinhl

csinl

csqrt

csqrtf

csqrtl

ctan

ctanf

ctanh

ctanhf

ctanhl

ctanl

erf

erfc

erfcf

erfcl

erff

erfl

exp

exp2

exp2f

exp2l

expf

expm1

expm1f

expm1l

fabs

fdim

fdimf

fdiml

floor

floorf

fma

fmaf

fmal

fmax

fmaxf

fmaxl

fmin

fminf

fminl

fmod

fmodf

frexp

hypot

ilogb

ilogbf

ilogbl

ldexp

lgamma

lgammaf

lgammal

llrint

llrintf

llrintl

llround

llroundf

llroundl

log

log10

log10f

log1p

log1pf

log1pl

log2

log2f

log2l

logb

logbf

logbl

logf

lrint

lrintf

lrintl

lround

lroundf

lroundl

modf

modff

nan

nanf

nanl

nearbyint

nearbyintf

nearbyintl

nextafter

nextafterf

nextafterl

nexttoward

nexttowardf

nexttowardl

norm

normf

norml

pow

powf

remainder

remainderf

remainderl

remquo

remquof

remquol

rint

rintf

rintl

round

roundf

roundl

scalbln

scalblnf

scalblnl

scalbn

scalbnf

scalbnl

sin

sinf

sinh

sinhf

sqrt

sqrtf

tan

tanf

tanh

tanhf

tgamma

tgammaf

tgammal

trunc

truncf

truncl

Sections

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

api-ms-win-crt-multibyte-l1-1-0.dll

.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

ea:06:4f:f0:2a:66:44:2c:c8:d0:c6:74:a9:fe:b3:9d:59:96:af:b0:dd:16:fe:e9:9c:ee:bf:cd:59:08:21:da
Signer

Actual PE Digest

ea:06:4f:f0:2a:66:44:2c:c8:d0:c6:74:a9:fe:b3:9d:59:96:af:b0:dd:16:fe:e9:9c:ee:bf:cd:59:08:21:da

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

api-ms-win-crt-multibyte-l1-1-0.pdb

Exports

__p__mbcasemap

__p__mbctype

_ismbbalnum

_ismbbalnum_l

_ismbbalpha

_ismbbalpha_l

_ismbbblank

_ismbbblank_l

_ismbbgraph

_ismbbgraph_l

_ismbbkalnum

_ismbbkalnum_l

_ismbbkana

_ismbbkana_l

_ismbbkprint

_ismbbkprint_l

_ismbbkpunct

_ismbbkpunct_l

_ismbblead

_ismbblead_l

_ismbbprint

_ismbbprint_l

_ismbbpunct

_ismbbpunct_l

_ismbbtrail

_ismbbtrail_l

_ismbcalnum

_ismbcalnum_l

_ismbcalpha

_ismbcalpha_l

_ismbcblank

_ismbcblank_l

_ismbcdigit

_ismbcdigit_l

_ismbcgraph

_ismbcgraph_l

_ismbchira

_ismbchira_l

_ismbckata

_ismbckata_l

_ismbcl0

_ismbcl0_l

_ismbcl1

_ismbcl1_l

_ismbcl2

_ismbcl2_l

_ismbclegal

_ismbclegal_l

_ismbclower

_ismbclower_l

_ismbcprint

_ismbcprint_l

_ismbcpunct

_ismbcpunct_l

_ismbcspace

_ismbcspace_l

_ismbcsymbol

_ismbcsymbol_l

_ismbcupper

_ismbcupper_l

_ismbslead

_ismbslead_l

_ismbstrail

_ismbstrail_l

_mbbtombc

_mbbtombc_l

_mbbtype

_mbbtype_l

_mbcasemap

_mbccpy

_mbccpy_l

_mbccpy_s

_mbccpy_s_l

_mbcjistojms

_mbcjistojms_l

_mbcjmstojis

_mbcjmstojis_l

_mbclen

_mbclen_l

_mbctohira

_mbctohira_l

_mbctokata

_mbctokata_l

_mbctolower

_mbctolower_l

_mbctombb

_mbctombb_l

_mbctoupper

_mbctoupper_l

_mblen_l

_mbsbtype

_mbsbtype_l

_mbscat_s

_mbscat_s_l

_mbschr

_mbschr_l

_mbscmp

_mbscmp_l

_mbscoll

_mbscoll_l

_mbscpy_s

_mbscpy_s_l

_mbscspn

_mbscspn_l

_mbsdec

_mbsdec_l

_mbsdup

_mbsicmp

_mbsicmp_l

_mbsicoll

_mbsicoll_l

_mbsinc

_mbsinc_l

_mbslen

_mbslen_l

_mbslwr

_mbslwr_l

_mbslwr_s

_mbslwr_s_l

_mbsnbcat

_mbsnbcat_l

_mbsnbcat_s

_mbsnbcat_s_l

_mbsnbcmp

_mbsnbcmp_l

_mbsnbcnt

_mbsnbcnt_l

_mbsnbcoll

_mbsnbcoll_l

_mbsnbcpy

_mbsnbcpy_l

_mbsnbcpy_s

_mbsnbcpy_s_l

_mbsnbicmp

_mbsnbicmp_l

_mbsnbicoll

_mbsnbicoll_l

_mbsnbset

_mbsnbset_l

_mbsnbset_s

_mbsnbset_s_l

_mbsncat

_mbsncat_l

_mbsncat_s

_mbsncat_s_l

_mbsnccnt

_mbsnccnt_l

_mbsncmp

_mbsncmp_l

_mbsncoll

_mbsncoll_l

_mbsncpy

_mbsncpy_l

_mbsncpy_s

_mbsncpy_s_l

_mbsnextc

_mbsnextc_l

_mbsnicmp

_mbsnicmp_l

_mbsnicoll

_mbsnicoll_l

_mbsninc

_mbsninc_l

_mbsnlen

_mbsnlen_l

_mbsnset

_mbsnset_l

_mbsnset_s

_mbsnset_s_l

_mbspbrk

_mbspbrk_l

_mbsrchr

_mbsrchr_l

_mbsrev

_mbsrev_l

_mbsset

_mbsset_l

_mbsset_s

_mbsset_s_l

_mbsspn

_mbsspn_l

_mbsspnp

_mbsspnp_l

_mbsstr

_mbsstr_l

_mbstok

_mbstok_l

_mbstok_s

_mbstok_s_l

_mbstowcs_l

_mbstowcs_s_l

_mbstrlen

_mbstrlen_l

_mbstrnlen

_mbstrnlen_l

_mbsupr

_mbsupr_l

_mbsupr_s

_mbsupr_s_l

_mbtowc_l

Sections

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

api-ms-win-crt-private-l1-1-0.dll

.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

56:9a:11:13:75:72:4a:94:11:6d:e7:dc:88:94:a4:a9:b8:bb:e1:a4:c7:bf:40:70:c2:de:7c:d6:32:81:24:26
Signer

Actual PE Digest

56:9a:11:13:75:72:4a:94:11:6d:e7:dc:88:94:a4:a9:b8:bb:e1:a4:c7:bf:40:70:c2:de:7c:d6:32:81:24:26

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

api-ms-win-crt-private-l1-1-0.pdb

Exports

_CreateFrameInfo

_CxxThrowException

_FindAndUnlinkFrame

_GetImageBase

_GetThrowImageBase

_IsExceptionObjectToBeDestroyed

_SetImageBase

_SetThrowImageBase

_SetWinRTOutOfMemoryExceptionCallback

__AdjustPointer

__BuildCatchObject

__BuildCatchObjectHelper

__C_specific_handler

__C_specific_handler_noexcept

__CxxDetectRethrow

__CxxExceptionFilter

__CxxFrameHandler

__CxxFrameHandler2

__CxxFrameHandler3

__CxxFrameHandler4

__CxxQueryExceptionSize

__CxxRegisterExceptionObject

__CxxUnregisterExceptionObject

__DestructExceptionObject

__FrameUnwindFilter

__GetPlatformExceptionInfo

__NLG_Dispatch2

__NLG_Return2

__RTCastToVoid

__RTDynamicCast

__RTtypeid

__TypeMatch

__current_exception

__current_exception_context

__dcrt_get_wide_environment_from_os

__dcrt_initial_narrow_environment

__intrinsic_setjmp

__intrinsic_setjmpex

__processing_throw

__report_gsfailure

__std_exception_copy

__std_exception_destroy

__std_terminate

__std_type_info_compare

__std_type_info_destroy_list

__std_type_info_hash

__std_type_info_name

__unDName

__unDNameEx

__uncaught_exception

__uncaught_exceptions

_get_purecall_handler

_get_unexpected

_is_exception_typeof

_local_unwind

_o__Getdays

_o__Getmonths

_o__Gettnames

_o__Strftime

_o__W_Getdays

_o__W_Getmonths

_o__W_Gettnames

_o__Wcsftime

_o____lc_codepage_func

_o____lc_collate_cp_func

_o____lc_locale_name_func

_o____mb_cur_max_func

_o___acrt_iob_func

_o___conio_common_vcprintf

_o___conio_common_vcprintf_p

_o___conio_common_vcprintf_s

_o___conio_common_vcscanf

_o___conio_common_vcwprintf

_o___conio_common_vcwprintf_p

_o___conio_common_vcwprintf_s

_o___conio_common_vcwscanf

_o___daylight

_o___dstbias

_o___fpe_flt_rounds

_o___p___argc

_o___p___argv

_o___p___wargv

_o___p__acmdln

_o___p__commode

_o___p__environ

_o___p__fmode

_o___p__mbcasemap

_o___p__mbctype

_o___p__pgmptr

_o___p__wcmdln

_o___p__wenviron

_o___p__wpgmptr

_o___pctype_func

_o___pwctype_func

_o___std_exception_copy

_o___std_exception_destroy

_o___std_type_info_destroy_list

_o___std_type_info_name

_o___stdio_common_vfprintf

_o___stdio_common_vfprintf_p

_o___stdio_common_vfprintf_s

_o___stdio_common_vfscanf

_o___stdio_common_vfwprintf

_o___stdio_common_vfwprintf_p

_o___stdio_common_vfwprintf_s

_o___stdio_common_vfwscanf

_o___stdio_common_vsnprintf_s

_o___stdio_common_vsnwprintf_s

_o___stdio_common_vsprintf

_o___stdio_common_vsprintf_p

_o___stdio_common_vsprintf_s

_o___stdio_common_vsscanf

_o___stdio_common_vswprintf

_o___stdio_common_vswprintf_p

_o___stdio_common_vswprintf_s

_o___stdio_common_vswscanf

_o___timezone

_o___tzname

_o___wcserror

_o__access

_o__access_s

_o__aligned_free

_o__aligned_malloc

_o__aligned_msize

_o__aligned_offset_malloc

_o__aligned_offset_realloc

_o__aligned_offset_recalloc

_o__aligned_realloc

_o__aligned_recalloc

_o__atodbl

_o__atodbl_l

_o__atof_l

_o__atoflt

_o__atoflt_l

_o__atoi64

_o__atoi64_l

_o__atoi_l

_o__atol_l

_o__atoldbl

_o__atoldbl_l

_o__atoll_l

_o__beep

_o__beginthread

_o__beginthreadex

_o__cabs

_o__callnewh

_o__calloc_base

_o__cexit

_o__cgets

_o__cgets_s

_o__cgetws

_o__cgetws_s

_o__chdir

_o__chdrive

_o__chmod

_o__chsize

_o__chsize_s

_o__close

_o__commit

_o__configthreadlocale

_o__configure_narrow_argv

_o__configure_wide_argv

_o__controlfp_s

_o__cputs

_o__cputws

_o__creat

_o__create_locale

_o__crt_atexit

_o__ctime32_s

_o__ctime64_s

_o__cwait

_o__d_int

_o__dclass

_o__difftime32

_o__difftime64

_o__dlog

_o__dnorm

_o__dpcomp

_o__dpoly

_o__dscale

_o__dsign

_o__dsin

_o__dtest

_o__dunscale

_o__dup

_o__dup2

_o__dupenv_s

_o__ecvt

_o__ecvt_s

_o__endthread

_o__endthreadex

_o__eof

_o__errno

_o__except1

_o__execute_onexit_table

_o__execv

_o__execve

_o__execvp

_o__execvpe

_o__exit

_o__expand

_o__fclose_nolock

_o__fcloseall

_o__fcvt

_o__fcvt_s

_o__fd_int

_o__fdclass

_o__fdexp

_o__fdlog

_o__fdopen

_o__fdpcomp

_o__fdpoly

_o__fdscale

_o__fdsign

_o__fdsin

_o__fflush_nolock

_o__fgetc_nolock

_o__fgetchar

_o__fgetwc_nolock

_o__fgetwchar

_o__filelength

_o__filelengthi64

_o__fileno

_o__findclose

_o__findfirst32

_o__findfirst32i64

_o__findfirst64

_o__findfirst64i32

_o__findnext32

_o__findnext32i64

_o__findnext64

_o__findnext64i32

_o__flushall

_o__fpclass

_o__fpclassf

_o__fputc_nolock

_o__fputchar

_o__fputwc_nolock

_o__fputwchar

_o__fread_nolock

_o__fread_nolock_s

_o__free_base

_o__free_locale

_o__fseek_nolock

_o__fseeki64

_o__fseeki64_nolock

_o__fsopen

_o__fstat32

_o__fstat32i64

_o__fstat64

_o__fstat64i32

_o__ftell_nolock

_o__ftelli64

_o__ftelli64_nolock

_o__ftime32

_o__ftime32_s

_o__ftime64

_o__ftime64_s

_o__fullpath

_o__futime32

_o__futime64

_o__fwrite_nolock

_o__gcvt

_o__gcvt_s

_o__get_daylight

_o__get_doserrno

_o__get_dstbias

_o__get_errno

_o__get_fmode

_o__get_heap_handle

_o__get_initial_narrow_environment

_o__get_initial_wide_environment

_o__get_invalid_parameter_handler

_o__get_narrow_winmain_command_line

_o__get_osfhandle

_o__get_pgmptr

_o__get_stream_buffer_pointers

_o__get_terminate

_o__get_thread_local_invalid_parameter_handler

_o__get_timezone

_o__get_tzname

_o__get_wide_winmain_command_line

_o__get_wpgmptr

_o__getc_nolock

_o__getch

_o__getch_nolock

_o__getche

_o__getche_nolock

_o__getcwd

_o__getdcwd

_o__getdiskfree

_o__getdllprocaddr

_o__getdrive

_o__getdrives

_o__getmbcp

_o__getsystime

_o__getw

_o__getwc_nolock

_o__getwch

_o__getwch_nolock

_o__getwche

_o__getwche_nolock

_o__getws

_o__getws_s

_o__gmtime32

_o__gmtime32_s

_o__gmtime64

_o__gmtime64_s

_o__heapchk

_o__heapmin

_o__hypot

_o__hypotf

_o__i64toa

_o__i64toa_s

_o__i64tow

_o__i64tow_s

_o__initialize_narrow_environment

_o__initialize_onexit_table

_o__initialize_wide_environment

_o__invalid_parameter_noinfo

_o__invalid_parameter_noinfo_noreturn

_o__isatty

_o__isctype

_o__isctype_l

_o__isleadbyte_l

_o__ismbbalnum

_o__ismbbalnum_l

_o__ismbbalpha

_o__ismbbalpha_l

_o__ismbbblank

_o__ismbbblank_l

_o__ismbbgraph

_o__ismbbgraph_l

_o__ismbbkalnum

_o__ismbbkalnum_l

_o__ismbbkana

_o__ismbbkana_l

_o__ismbbkprint

_o__ismbbkprint_l

_o__ismbbkpunct

_o__ismbbkpunct_l

_o__ismbblead

_o__ismbblead_l

_o__ismbbprint

_o__ismbbprint_l

_o__ismbbpunct

_o__ismbbpunct_l

_o__ismbbtrail

_o__ismbbtrail_l

_o__ismbcalnum

_o__ismbcalnum_l

_o__ismbcalpha

_o__ismbcalpha_l

_o__ismbcblank

_o__ismbcblank_l

_o__ismbcdigit

_o__ismbcdigit_l

_o__ismbcgraph

_o__ismbcgraph_l

_o__ismbchira

_o__ismbchira_l

_o__ismbckata

_o__ismbckata_l

_o__ismbcl0

_o__ismbcl0_l

_o__ismbcl1

_o__ismbcl1_l

_o__ismbcl2

_o__ismbcl2_l

_o__ismbclegal

_o__ismbclegal_l

_o__ismbclower

_o__ismbclower_l

_o__ismbcprint

_o__ismbcprint_l

_o__ismbcpunct

_o__ismbcpunct_l

_o__ismbcspace

_o__ismbcspace_l

_o__ismbcsymbol

_o__ismbcsymbol_l

_o__ismbcupper

_o__ismbcupper_l

_o__ismbslead

_o__ismbslead_l

_o__ismbstrail

_o__ismbstrail_l

_o__iswctype_l

_o__itoa

_o__itoa_s

_o__itow

_o__itow_s

_o__j0

_o__j1

_o__jn

_o__kbhit

_o__ld_int

_o__ldclass

_o__ldexp

_o__ldlog

_o__ldpcomp

_o__ldpoly

_o__ldscale

_o__ldsign

_o__ldsin

_o__ldtest

_o__ldunscale

_o__lfind

_o__lfind_s

_o__loaddll

_o__localtime32

_o__localtime32_s

_o__localtime64

_o__localtime64_s

_o__lock_file

_o__locking

_o__logb

_o__logbf

_o__lsearch

_o__lsearch_s

_o__lseek

_o__lseeki64

_o__ltoa

_o__ltoa_s

_o__ltow

_o__ltow_s

_o__makepath

_o__makepath_s

_o__malloc_base

_o__mbbtombc

_o__mbbtombc_l

_o__mbbtype

_o__mbbtype_l

_o__mbccpy

_o__mbccpy_l

_o__mbccpy_s

_o__mbccpy_s_l

_o__mbcjistojms

_o__mbcjistojms_l

_o__mbcjmstojis

_o__mbcjmstojis_l

_o__mbclen

_o__mbclen_l

_o__mbctohira

_o__mbctohira_l

_o__mbctokata

_o__mbctokata_l

_o__mbctolower

_o__mbctolower_l

_o__mbctombb

_o__mbctombb_l

_o__mbctoupper

_o__mbctoupper_l

_o__mblen_l

_o__mbsbtype

_o__mbsbtype_l

_o__mbscat_s

_o__mbscat_s_l

_o__mbschr

_o__mbschr_l

_o__mbscmp

_o__mbscmp_l

_o__mbscoll

_o__mbscoll_l

_o__mbscpy_s

_o__mbscpy_s_l

_o__mbscspn

_o__mbscspn_l

_o__mbsdec

_o__mbsdec_l

_o__mbsicmp

_o__mbsicmp_l

_o__mbsicoll

_o__mbsicoll_l

_o__mbsinc

_o__mbsinc_l

_o__mbslen

_o__mbslen_l

_o__mbslwr

_o__mbslwr_l

_o__mbslwr_s

_o__mbslwr_s_l

_o__mbsnbcat

_o__mbsnbcat_l

_o__mbsnbcat_s

_o__mbsnbcat_s_l

_o__mbsnbcmp

_o__mbsnbcmp_l

_o__mbsnbcnt

_o__mbsnbcnt_l

_o__mbsnbcoll

_o__mbsnbcoll_l

_o__mbsnbcpy

_o__mbsnbcpy_l

_o__mbsnbcpy_s

_o__mbsnbcpy_s_l

_o__mbsnbicmp

_o__mbsnbicmp_l

_o__mbsnbicoll

_o__mbsnbicoll_l

Sections

.rdata
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

api-ms-win-crt-process-l1-1-0.dll

.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

f7:d0:05:2c:d7:24:6d:c6:af:9d:9d:db:89:12:8f:a0:ca:1c:ea:2d:57:a9:e9:ae:44:3f:b2:6d:29:62:46:c0
Signer

Actual PE Digest

f7:d0:05:2c:d7:24:6d:c6:af:9d:9d:db:89:12:8f:a0:ca:1c:ea:2d:57:a9:e9:ae:44:3f:b2:6d:29:62:46:c0

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

api-ms-win-crt-process-l1-1-0.pdb

Exports

_beep

_cwait

_execl

_execle

_execlp

_execlpe

_execv

_execve

_execvp

_execvpe

_loaddll

_spawnl

_spawnle

_spawnlp

_spawnlpe

_spawnv

_spawnve

_spawnvp

_spawnvpe

_unloaddll

_wexecl

_wexecle

_wexeclp

_wexeclpe

_wexecv

_wexecve

_wexecvp

_wexecvpe

_wspawnl

_wspawnle

_wspawnlp

_wspawnlpe

_wspawnv

_wspawnve

_wspawnvp

_wspawnvpe

Sections

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

api-ms-win-crt-runtime-l1-1-0.dll

.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

20:fc:50:cb:59:16:c1:43:b3:c0:c4:28:9c:53:56:2e:1d:50:b4:4c:72:07:e1:41:12:c1:a6:b2:22:86:1a:10
Signer

Actual PE Digest

20:fc:50:cb:59:16:c1:43:b3:c0:c4:28:9c:53:56:2e:1d:50:b4:4c:72:07:e1:41:12:c1:a6:b2:22:86:1a:10

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

api-ms-win-crt-runtime-l1-1-0.pdb

Exports

_Exit

__doserrno

__fpe_flt_rounds

__fpecode

__p___argc

__p___argv

__p___wargv

__p__acmdln

__p__pgmptr

__p__wcmdln

__p__wpgmptr

__pxcptinfoptrs

__sys_errlist

__sys_nerr

__threadhandle

__threadid

__wcserror

__wcserror_s

_assert

_beginthread

_beginthreadex

_c_exit

_cexit

_clearfp

_configure_narrow_argv

_configure_wide_argv

_control87

_controlfp

_controlfp_s

_crt_at_quick_exit

_crt_atexit

_endthread

_endthreadex

_errno

_execute_onexit_table

_exit

_fpieee_flt

_fpreset

_get_doserrno

_get_errno

_get_initial_narrow_environment

_get_initial_wide_environment

_get_invalid_parameter_handler

_get_narrow_winmain_command_line

_get_pgmptr

_get_terminate

_get_thread_local_invalid_parameter_handler

_get_wide_winmain_command_line

_get_wpgmptr

_getdllprocaddr

_getpid

_initialize_narrow_environment

_initialize_onexit_table

_initialize_wide_environment

_initterm

_initterm_e

_invalid_parameter_noinfo

_invalid_parameter_noinfo_noreturn

_invoke_watson

_query_app_type

_register_onexit_function

_register_thread_local_exe_atexit_callback

_resetstkoflw

_seh_filter_dll

_seh_filter_exe

_set_abort_behavior

_set_app_type

_set_controlfp

_set_doserrno

_set_errno

_set_error_mode

_set_invalid_parameter_handler

_set_new_handler

_set_thread_local_invalid_parameter_handler

_seterrormode

_sleep

_statusfp

_strerror

_strerror_s

_wassert

_wcserror

_wcserror_s

_wperror

_wsystem

abort

exit

feclearexcept

fegetenv

fegetexceptflag

fegetround

feholdexcept

fesetenv

fesetexceptflag

fesetround

fetestexcept

perror

quick_exit

raise

set_terminate

signal

strerror

strerror_s

system

terminate

Sections

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

api-ms-win-crt-stdio-l1-1-0.dll

.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

00:43:f2:ac:36:51:c7:c4:77:4b:9b:bd:85:93:41:7b:bd:d0:c4:f5:03:2d:c3:4c:4d:77:e8:43:91:5e:cc:1b
Signer

Actual PE Digest

00:43:f2:ac:36:51:c7:c4:77:4b:9b:bd:85:93:41:7b:bd:d0:c4:f5:03:2d:c3:4c:4d:77:e8:43:91:5e:cc:1b

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

api-ms-win-crt-stdio-l1-1-0.pdb

Exports

__acrt_iob_func

__p__commode

__p__fmode

__stdio_common_vfprintf

__stdio_common_vfprintf_p

__stdio_common_vfprintf_s

__stdio_common_vfscanf

__stdio_common_vfwprintf

__stdio_common_vfwprintf_p

__stdio_common_vfwprintf_s

__stdio_common_vfwscanf

__stdio_common_vsnprintf_s

__stdio_common_vsnwprintf_s

__stdio_common_vsprintf

__stdio_common_vsprintf_p

__stdio_common_vsprintf_s

__stdio_common_vsscanf

__stdio_common_vswprintf

__stdio_common_vswprintf_p

__stdio_common_vswprintf_s

__stdio_common_vswscanf

_chsize

_chsize_s

_close

_commit

_creat

_dup

_dup2

_eof

_fclose_nolock

_fcloseall

_fflush_nolock

_fgetc_nolock

_fgetchar

_fgetwc_nolock

_fgetwchar

_filelength

_filelengthi64

_fileno

_flushall

_fputc_nolock

_fputchar

_fputwc_nolock

_fputwchar

_fread_nolock

_fread_nolock_s

_fseek_nolock

_fseeki64

_fseeki64_nolock

_fsopen

_ftell_nolock

_ftelli64

_ftelli64_nolock

_fwrite_nolock

_get_fmode

_get_osfhandle

_get_printf_count_output

_get_stream_buffer_pointers

_getc_nolock

_getcwd

_getdcwd

_getmaxstdio

_getw

_getwc_nolock

_getws

_getws_s

_isatty

_kbhit

_locking

_lseek

_lseeki64

_mktemp

_mktemp_s

_open

_open_osfhandle

_pclose

_pipe

_popen

_putc_nolock

_putw

_putwc_nolock

_putws

_read

_rmtmp

_set_fmode

_set_printf_count_output

_setmaxstdio

_setmode

_sopen

_sopen_dispatch

_sopen_s

_tell

_telli64

_tempnam

_ungetc_nolock

_ungetwc_nolock

_wcreat

_wfdopen

_wfopen

_wfopen_s

_wfreopen

_wfreopen_s

_wfsopen

_wmktemp

_wmktemp_s

_wopen

_wpopen

_write

_wsopen

_wsopen_dispatch

_wsopen_s

_wtempnam

_wtmpnam

_wtmpnam_s

clearerr

clearerr_s

fclose

feof

ferror

fflush

fgetc

fgetpos

fgets

fgetwc

fgetws

fopen

fopen_s

fputc

fputs

fputwc

fputws

fread

fread_s

freopen

freopen_s

fseek

fsetpos

ftell

fwrite

getc

getchar

gets

gets_s

getwc

getwchar

putc

putchar

puts

putwc

putwchar

rewind

setbuf

setvbuf

tmpfile

tmpfile_s

tmpnam

tmpnam_s

ungetc

ungetwc

Sections

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

api-ms-win-crt-string-l1-1-0.dll

.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

19:69:cb:7b:91:a3:b1:a8:93:fa:0a:ea:60:88:f9:32:1e:56:f5:8a:11:10:ff:0c:31:be:39:fe:b4:af:2b:34
Signer

Actual PE Digest

19:69:cb:7b:91:a3:b1:a8:93:fa:0a:ea:60:88:f9:32:1e:56:f5:8a:11:10:ff:0c:31:be:39:fe:b4:af:2b:34

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

api-ms-win-crt-string-l1-1-0.pdb

Exports

__isascii

__iscsym

__iscsymf

__iswcsym

__iswcsymf

__strncnt

__wcsncnt

_isalnum_l

_isalpha_l

_isblank_l

_iscntrl_l

_isctype

_isctype_l

_isdigit_l

_isgraph_l

_isleadbyte_l

_islower_l

_isprint_l

_ispunct_l

_isspace_l

_isupper_l

_iswalnum_l

_iswalpha_l

_iswblank_l

_iswcntrl_l

_iswcsym_l

_iswcsymf_l

_iswctype_l

_iswdigit_l

_iswgraph_l

_iswlower_l

_iswprint_l

_iswpunct_l

_iswspace_l

_iswupper_l

_iswxdigit_l

_isxdigit_l

_memccpy

_memicmp

_memicmp_l

_strcoll_l

_strdup

_stricmp

_stricmp_l

_stricoll

_stricoll_l

_strlwr

_strlwr_l

_strlwr_s

_strlwr_s_l

_strncoll

_strncoll_l

_strnicmp

_strnicmp_l

_strnicoll

_strnicoll_l

_strnset

_strnset_s

_strrev

_strset

_strset_s

_strupr

_strupr_l

_strupr_s

_strupr_s_l

_strxfrm_l

_tolower

_tolower_l

_toupper

_toupper_l

_towlower_l

_towupper_l

_wcscoll_l

_wcsdup

_wcsicmp

_wcsicmp_l

_wcsicoll

_wcsicoll_l

_wcslwr

_wcslwr_l

_wcslwr_s

_wcslwr_s_l

_wcsncoll

_wcsncoll_l

_wcsnicmp

_wcsnicmp_l

_wcsnicoll

_wcsnicoll_l

_wcsnset

_wcsnset_s

_wcsrev

_wcsset

_wcsset_s

_wcsupr

_wcsupr_l

_wcsupr_s

_wcsupr_s_l

_wcsxfrm_l

_wctype

is_wctype

isalnum

isalpha

isblank

iscntrl

isdigit

isgraph

isleadbyte

islower

isprint

ispunct

isspace

isupper

iswalnum

iswalpha

iswascii

iswblank

iswcntrl

iswctype

iswdigit

iswgraph

iswlower

iswprint

iswpunct

iswspace

iswupper

iswxdigit

isxdigit

mblen

mbrlen

memcpy_s

memmove_s

memset

strcat

strcat_s

strcmp

strcoll

strcpy

strcpy_s

strcspn

strlen

strncat

strncat_s

strncmp

strncpy

strncpy_s

strnlen

strpbrk

strspn

strtok

strtok_s

strxfrm

tolower

toupper

towctrans

towlower

towupper

wcscat

wcscat_s

wcscmp

wcscoll

wcscpy

wcscpy_s

wcscspn

wcslen

wcsncat

wcsncat_s

wcsncmp

wcsncpy

wcsncpy_s

wcsnlen

wcspbrk

wcsspn

wcstok

wcstok_s

wcsxfrm

wctype

wmemcpy_s

wmemmove_s

Sections

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

api-ms-win-crt-time-l1-1-0.dll

.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

16:fa:1a:fc:b0:e3:97:b8:8e:09:6c:34:28:0f:c8:a6:95:ea:a1:d6:ed:97:82:a3:7d:9b:c8:ff:55:ab:34:a3
Signer

Actual PE Digest

16:fa:1a:fc:b0:e3:97:b8:8e:09:6c:34:28:0f:c8:a6:95:ea:a1:d6:ed:97:82:a3:7d:9b:c8:ff:55:ab:34:a3

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

api-ms-win-crt-time-l1-1-0.pdb

Exports

_Getdays

_Getmonths

_Gettnames

_Strftime

_W_Getdays

_W_Getmonths

_W_Gettnames

_Wcsftime

__daylight

__dstbias

__timezone

__tzname

_ctime32

_ctime32_s

_ctime64

_ctime64_s

_difftime32

_difftime64

_ftime32

_ftime32_s

_ftime64

_ftime64_s

_futime32

_futime64

_get_daylight

_get_dstbias

_get_timezone

_get_tzname

_getsystime

_gmtime32

_gmtime32_s

_gmtime64

_gmtime64_s

_localtime32

_localtime32_s

_localtime64

_localtime64_s

_mkgmtime32

_mkgmtime64

_mktime32

_mktime64

_setsystime

_strdate

_strdate_s

_strftime_l

_strtime

_strtime_s

_time32

_time64

_timespec32_get

_timespec64_get

_tzset

_utime32

_utime64

_wasctime

_wasctime_s

_wcsftime_l

_wctime32

_wctime32_s

_wctime64

_wctime64_s

_wstrdate

_wstrdate_s

_wstrtime

_wstrtime_s

_wutime32

_wutime64

asctime

asctime_s

clock

strftime

wcsftime

Sections

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

api-ms-win-crt-utility-l1-1-0.dll

.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

cf:4f:6c:3e:d6:66:5c:65:97:01:b7:87:1d:a7:7d:ad:6f:f3:a9:63:9c:f4:f5:51:3f:09:26:76:ea:6c:3a:79
Signer

Actual PE Digest

cf:4f:6c:3e:d6:66:5c:65:97:01:b7:87:1d:a7:7d:ad:6f:f3:a9:63:9c:f4:f5:51:3f:09:26:76:ea:6c:3a:79

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

api-ms-win-crt-utility-l1-1-0.pdb

Exports

_abs64

_byteswap_uint64

_byteswap_ulong

_byteswap_ushort

_lfind

_lfind_s

_lrotl

_lrotr

_lsearch

_lsearch_s

_rotl

_rotl64

_rotr

_rotr64

_swab

abs

bsearch

bsearch_s

div

imaxabs

imaxdiv

labs

ldiv

llabs

lldiv

qsort

qsort_s

rand

rand_s

srand

Sections

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

api-ms-win-downlevel-kernel32-l2-1-0.dll

.dll windows:10 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

api-ms-win-downlevel-kernel32-l2-1-0.pdb

Exports

AddAtomA

AddAtomW

BackupRead

BackupWrite

BindIoCompletionCallback

ConvertFiberToThread

ConvertThreadToFiber

CopyFileA

CopyFileW

CreateFiber

CreateFileMappingA

CreateFileTransactedW

CreateMailslotA

CreateNamedPipeA

CreateSemaphoreW

DeleteAtom

DeleteFiber

DnsHostnameToComputerNameW

DosDateTimeToFileTime

FatalAppExitA

FatalAppExitW

FileTimeToDosDateTime

FindAtomA

FindAtomW

FindResourceA

FindResourceExA

FindResourceW

GetActiveProcessorCount

GetAtomNameA

GetAtomNameW

GetComputerNameA

GetComputerNameW

GetConsoleWindow

GetDurationFormatEx

GetFirmwareEnvironmentVariableW

GetMaximumProcessorGroupCount

GetNamedPipeClientProcessId

GetNamedPipeServerProcessId

GetPrivateProfileIntA

GetPrivateProfileIntW

GetPrivateProfileSectionW

GetPrivateProfileStringA

GetPrivateProfileStringW

GetProcessAffinityMask

GetProcessIoCounters

GetProfileIntA

GetProfileIntW

GetProfileSectionA

GetProfileSectionW

GetProfileStringA

GetProfileStringW

GetShortPathNameA

GetStartupInfoA

GetStringTypeExA

GetSystemPowerStatus

GetSystemWow64DirectoryA

GetSystemWow64DirectoryW

GetTapeParameters

GetTempPathA

GetThreadSelectorEntry

GlobalAddAtomA

GlobalAddAtomW

GlobalAlloc

GlobalDeleteAtom

GlobalFindAtomA

GlobalFindAtomW

GlobalFlags

GlobalFree

GlobalGetAtomNameA

GlobalGetAtomNameW

GlobalHandle

GlobalLock

GlobalMemoryStatus

GlobalReAlloc

GlobalSize

GlobalUnlock

InitAtomTable

LoadLibraryA

LoadLibraryW

LocalAlloc

LocalFlags

LocalFree

LocalLock

LocalReAlloc

LocalSize

LocalUnlock

MoveFileA

MoveFileExA

MoveFileW

MulDiv

OpenFile

PulseEvent

RaiseFailFastException

RegisterWaitForSingleObject

SetConsoleTitleA

SetFileCompletionNotificationModes

SetFirmwareEnvironmentVariableW

SetHandleCount

SetMailslotInfo

SetProcessAffinityMask

SetThreadAffinityMask

SetThreadIdealProcessor

SetVolumeLabelW

SwitchToFiber

UnregisterWait

WTSGetActiveConsoleSessionId

WaitForMultipleObjects

WritePrivateProfileSectionA

WritePrivateProfileSectionW

WritePrivateProfileStringA

WritePrivateProfileStringW

lstrcatW

lstrcmpA

lstrcmpW

lstrcmpiA

lstrcmpiW

lstrcpyW

lstrcpynA

lstrcpynW

lstrlenA

lstrlenW

Sections

.text
Size: 4KB - Virtual size: 7B

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

api-ms-win-eventing-provider-l1-1-0.dll

.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:03:df:fb:6a:e3:f4:27:ec:b6:a3:00:00:00:00:03:df
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

15/12/2020, 21:24

Not After

02/12/2021, 21:24

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

42:5c:f6:47:8e:78:61:bb:bc:e0:99:3b:3e:f2:03:29:9d:79:5d:ce:2b:bd:c9:a4:2a:ce:f2:f4:bd:4c:9b:b6
Signer

Actual PE Digest

42:5c:f6:47:8e:78:61:bb:bc:e0:99:3b:3e:f2:03:29:9d:79:5d:ce:2b:bd:c9:a4:2a:ce:f2:f4:bd:4c:9b:b6

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

API-MS-Win-Eventing-Provider-L1-1-0.pdb

Exports

EventActivityIdControl

EventEnabled

EventProviderEnabled

EventRegister

EventSetInformation

EventUnregister

EventWrite

EventWriteEx

EventWriteString

EventWriteTransfer

Sections

.rdata
Size: 4KB - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

auto_update_plugin.dll

.dll windows:6 windows x64 arch:x64

39995e3d21c8640cb61857333892d7d5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

Imports

flutter_windows

FlutterDesktopPluginRegistrarSetDestructionHandler

FlutterDesktopPluginRegistrarGetView

FlutterDesktopMessengerSend

FlutterDesktopRegistrarGetTextureRegistrar

FlutterDesktopPluginRegistrarGetMessenger

FlutterDesktopTextureRegistrarMarkExternalTextureFrameAvailable

FlutterDesktopTextureRegistrarUnregisterExternalTexture

FlutterDesktopTextureRegistrarRegisterExternalTexture

FlutterDesktopMessengerUnlock

FlutterDesktopMessengerLock

FlutterDesktopMessengerIsAvailable

FlutterDesktopMessengerRelease

FlutterDesktopMessengerAddRef

FlutterDesktopMessengerSetCallback

FlutterDesktopMessengerSendResponse

FlutterDesktopMessengerSendWithReply

kernel32

IsDebuggerPresent

InitializeSListHead

DisableThreadLibraryCalls

GetSystemTimeAsFileTime

GetCurrentThreadId

GetCurrentProcessId

QueryPerformanceCounter

IsProcessorFeaturePresent

TerminateProcess

GetCurrentProcess

SetUnhandledExceptionFilter

UnhandledExceptionFilter

RtlVirtualUnwind

RtlLookupFunctionEntry

RtlCaptureContext

VerSetConditionMask

GetModuleFileNameW

VerifyVersionInfoW

MultiByteToWideChar

WideCharToMultiByte

GetUserDefaultLangID

AcquireSRWLockExclusive

SleepConditionVariableSRW

WakeAllConditionVariable

ReleaseSRWLockExclusive

shell32

SHGetKnownFolderPath

ShellExecuteW

ole32

CoTaskMemFree

msvcp140

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z

?_Xlength_error@std@@YAXPEBD@Z

?good@ios_base@std@@QEBA_NXZ

?flags@ios_base@std@@QEBAHXZ

?width@ios_base@std@@QEBA_JXZ

?width@ios_base@std@@QEAA_J_J@Z

??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ

??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ

?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z

?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z

?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ

?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ

?pbase@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ

?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ

?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ

?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXH@Z

?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD00@Z

?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ

?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD0@Z

?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD00@Z

?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ

??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ

?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z

?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ

?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ

?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADXZ

?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z

??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ

??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z

??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ

?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z

?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z

?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ

?_Xbad_function_call@std@@YAXXZ

?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z

?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ

?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z

?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z

?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z

?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ

?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ

?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ

?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ

?_Raise_handler@std@@3P6AXAEBVexception@stdext@@@ZEA

?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A

version

VerQueryValueW

GetFileVersionInfoW

GetFileVersionInfoSizeW

vcruntime140

__std_exception_copy

__std_type_info_destroy_list

__std_terminate

_CxxThrowException

memcmp

memcpy

memmove

memset

__std_type_info_compare

__current_exception

__current_exception_context

__C_specific_handler

__std_exception_destroy

vcruntime140_1

__CxxFrameHandler4

api-ms-win-crt-runtime-l1-1-0

_initterm_e

_initterm

terminate

_initialize_narrow_environment

_initialize_onexit_table

_register_onexit_function

_execute_onexit_table

_crt_atexit

_cexit

_invoke_watson

_invalid_parameter_noinfo_noreturn

_seh_filter_dll

_configure_narrow_argv

api-ms-win-crt-heap-l1-1-0

_callnewh

malloc

free

Exports

AutoUpdatePluginRegisterWithRegistrar

Sections

.text
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 380B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

bitsdojo_window_windows_plugin.lib

concrt140.dll

.dll windows:6 windows x64 arch:x64

5f9b23bd4b0029001f687a1ad625be31

Code Sign

33:00:00:02:55:18:1d:a4:2e:e0:86:fc:15:00:00:00:00:02:55
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

02/09/2021, 18:33

Not After

01/09/2022, 18:33

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

c0:b3:96:2f:58:a6:50:8c:e0:de:cc:0a:1e:36:0a:90:c5:8a:4c:5e:44:2c:18:fe:4c:88:bf:5e:cb:0d:97:8f
Signer

Actual PE Digest

c0:b3:96:2f:58:a6:50:8c:e0:de:cc:0a:1e:36:0a:90:c5:8a:4c:5e:44:2c:18:fe:4c:88:bf:5e:cb:0d:97:8f

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

d:\a01\_work\43\s\\binaries\amd64ret\bin\amd64\\concrt140.amd64.pdb

Imports

msvcp140

?_Xbad_function_call@std@@YAXXZ

?GetCurrentThreadId@platform@details@Concurrency@@YAJXZ

_Mtx_init_in_situ

_Mtx_destroy_in_situ

_Mtx_lock

_Mtx_unlock

_Cnd_init_in_situ

_Cnd_destroy_in_situ

_Cnd_wait

_Cnd_broadcast

?_Throw_C_error@std@@YAXH@Z

?_Xbad_alloc@std@@YAXXZ

?_Xlength_error@std@@YAXPEBD@Z

?_Xout_of_range@std@@YAXPEBD@Z

?__ExceptionPtrDestroy@@YAXPEAX@Z

?__ExceptionPtrCreate@@YAXPEAX@Z

?__ExceptionPtrCopy@@YAXPEAXPEBX@Z

?__ExceptionPtrCurrentException@@YAXPEAX@Z

?__ExceptionPtrRethrow@@YAXPEBX@Z

vcruntime140_1

__CxxFrameHandler4

vcruntime140

_purecall

__std_terminate

__std_exception_copy

__std_exception_destroy

_CxxThrowException

memset

__uncaught_exception

memcpy

__C_specific_handler

__RTDynamicCast

__std_type_info_destroy_list

__current_exception_context

__current_exception

api-ms-win-crt-runtime-l1-1-0

_invalid_parameter_noinfo_noreturn

_initterm_e

_initterm

_cexit

terminate

_seh_filter_dll

_configure_narrow_argv

_initialize_narrow_environment

_initialize_onexit_table

_register_onexit_function

_execute_onexit_table

_crt_atexit

api-ms-win-crt-heap-l1-1-0

free

malloc

_callnewh

api-ms-win-crt-math-l1-1-0

exp

sqrt

api-ms-win-crt-string-l1-1-0

wcsncpy_s

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vfwprintf

__stdio_common_vswprintf_s

__acrt_iob_func

fflush

kernel32

GetCurrentProcess

DisableThreadLibraryCalls

GetSystemTimeAsFileTime

GetCurrentProcessId

QueryPerformanceCounter

IsDebuggerPresent

IsProcessorFeaturePresent

TerminateProcess

SetUnhandledExceptionFilter

UnhandledExceptionFilter

RtlVirtualUnwind

RtlLookupFunctionEntry

RtlCaptureContext

GetModuleHandleA

GetModuleFileNameW

FreeLibraryAndExitThread

FreeLibrary

CloseThreadpoolWait

SetThreadpoolWait

CreateThreadpoolWait

CloseThreadpoolTimer

WaitForThreadpoolTimerCallbacks

CreateThreadpoolTimer

FreeLibraryWhenCallbackReturns

GetThreadTimes

EncodePointer

OutputDebugStringW

LoadLibraryW

LoadLibraryExW

SetLastError

SetThreadpoolTimer

UnregisterWaitEx

CreateSemaphoreExW

ReleaseSemaphore

InitializeSListHead

SetProcessAffinityMask

VirtualFree

VirtualProtect

VirtualAlloc

GetVersionExW

GetCurrentProcessorNumber

FlushProcessWriteBuffers

DeleteCriticalSection

TryEnterCriticalSection

LeaveCriticalSection

EnterCriticalSection

UnregisterWait

RegisterWaitForSingleObject

SetThreadAffinityMask

GetProcessAffinityMask

GetNumaHighestNodeNumber

GetProcAddress

GetModuleHandleW

DeleteTimerQueueTimer

ChangeTimerQueueTimer

CreateTimerQueueTimer

GetLogicalProcessorInformation

GetTickCount64

TlsFree

TlsSetValue

InterlockedPopEntrySList

InterlockedPushEntrySList

InterlockedFlushSList

QueryDepthSList

CreateTimerQueue

GetCurrentThread

CloseHandle

DuplicateHandle

GetLastError

SetEvent

WaitForSingleObjectEx

TlsAlloc

GetCurrentThreadId

InitializeCriticalSectionEx

CreateEventExW

Sleep

SignalObjectAndWait

SwitchToThread

CreateThread

SetThreadPriority

GetThreadPriority

TlsGetValue

Exports

??0?$_SpinWait@$00@details@Concurrency@@QEAA@P6AXXZ@Z

??0?$_SpinWait@$0A@@details@Concurrency@@QEAA@P6AXXZ@Z

??0SchedulerPolicy@Concurrency@@QEAA@AEBV01@@Z

??0SchedulerPolicy@Concurrency@@QEAA@XZ

??0SchedulerPolicy@Concurrency@@QEAA@_KZZ

??0_Cancellation_beacon@details@Concurrency@@QEAA@XZ

??0_Concurrent_queue_base_v4@details@Concurrency@@IEAA@_K@Z

??0_Concurrent_queue_iterator_base_v4@details@Concurrency@@IEAA@AEBV_Concurrent_queue_base_v4@12@@Z

??0_Condition_variable@details@Concurrency@@QEAA@XZ

??0_Context@details@Concurrency@@QEAA@PEAVContext@2@@Z

??0_NonReentrantBlockingLock@details@Concurrency@@QEAA@XZ

??0_NonReentrantPPLLock@details@Concurrency@@QEAA@XZ

??0_ReaderWriterLock@details@Concurrency@@QEAA@XZ

??0_ReentrantBlockingLock@details@Concurrency@@QEAA@XZ

??0_ReentrantLock@details@Concurrency@@QEAA@XZ

??0_ReentrantPPLLock@details@Concurrency@@QEAA@XZ

??0_Runtime_object@details@Concurrency@@QEAA@H@Z

??0_Runtime_object@details@Concurrency@@QEAA@XZ

??0_Scheduler@details@Concurrency@@QEAA@PEAVScheduler@2@@Z

??0_Scoped_lock@_NonReentrantPPLLock@details@Concurrency@@QEAA@AEAV123@@Z

??0_Scoped_lock@_ReentrantPPLLock@details@Concurrency@@QEAA@AEAV123@@Z

??0_SpinLock@details@Concurrency@@QEAA@AECJ@Z

??0_StructuredTaskCollection@details@Concurrency@@QEAA@PEAV_CancellationTokenState@12@@Z

??0_TaskCollection@details@Concurrency@@QEAA@PEAV_CancellationTokenState@12@@Z

??0_TaskCollection@details@Concurrency@@QEAA@XZ

??0_Timer@details@Concurrency@@IEAA@I_N@Z

??0agent@Concurrency@@QEAA@AEAVScheduleGroup@1@@Z

??0agent@Concurrency@@QEAA@AEAVScheduler@1@@Z

??0agent@Concurrency@@QEAA@XZ

??0bad_target@Concurrency@@QEAA@PEBD@Z

??0bad_target@Concurrency@@QEAA@XZ

??0context_self_unblock@Concurrency@@QEAA@PEBD@Z

??0context_self_unblock@Concurrency@@QEAA@XZ

??0context_unblock_unbalanced@Concurrency@@QEAA@PEBD@Z

??0context_unblock_unbalanced@Concurrency@@QEAA@XZ

??0critical_section@Concurrency@@QEAA@XZ

??0default_scheduler_exists@Concurrency@@QEAA@PEBD@Z

??0default_scheduler_exists@Concurrency@@QEAA@XZ

??0event@Concurrency@@QEAA@XZ

??0improper_lock@Concurrency@@QEAA@PEBD@Z

??0improper_lock@Concurrency@@QEAA@XZ

??0improper_scheduler_attach@Concurrency@@QEAA@PEBD@Z

??0improper_scheduler_attach@Concurrency@@QEAA@XZ

??0improper_scheduler_detach@Concurrency@@QEAA@PEBD@Z

??0improper_scheduler_detach@Concurrency@@QEAA@XZ

??0improper_scheduler_reference@Concurrency@@QEAA@PEBD@Z

??0improper_scheduler_reference@Concurrency@@QEAA@XZ

??0invalid_link_target@Concurrency@@QEAA@PEBD@Z

??0invalid_link_target@Concurrency@@QEAA@XZ

??0invalid_multiple_scheduling@Concurrency@@QEAA@PEBD@Z

??0invalid_multiple_scheduling@Concurrency@@QEAA@XZ

??0invalid_oversubscribe_operation@Concurrency@@QEAA@PEBD@Z

??0invalid_oversubscribe_operation@Concurrency@@QEAA@XZ

??0invalid_scheduler_policy_key@Concurrency@@QEAA@PEBD@Z

??0invalid_scheduler_policy_key@Concurrency@@QEAA@XZ

??0invalid_scheduler_policy_thread_specification@Concurrency@@QEAA@PEBD@Z

??0invalid_scheduler_policy_thread_specification@Concurrency@@QEAA@XZ

??0invalid_scheduler_policy_value@Concurrency@@QEAA@PEBD@Z

??0invalid_scheduler_policy_value@Concurrency@@QEAA@XZ

??0message_not_found@Concurrency@@QEAA@PEBD@Z

??0message_not_found@Concurrency@@QEAA@XZ

??0missing_wait@Concurrency@@QEAA@PEBD@Z

??0missing_wait@Concurrency@@QEAA@XZ

??0nested_scheduler_missing_detach@Concurrency@@QEAA@PEBD@Z

??0nested_scheduler_missing_detach@Concurrency@@QEAA@XZ

??0operation_timed_out@Concurrency@@QEAA@PEBD@Z

??0operation_timed_out@Concurrency@@QEAA@XZ

??0reader_writer_lock@Concurrency@@QEAA@XZ

??0scheduler_not_attached@Concurrency@@QEAA@PEBD@Z

??0scheduler_not_attached@Concurrency@@QEAA@XZ

??0scheduler_resource_allocation_error@Concurrency@@QEAA@J@Z

??0scheduler_resource_allocation_error@Concurrency@@QEAA@PEBDJ@Z

??0scheduler_worker_creation_error@Concurrency@@QEAA@J@Z

??0scheduler_worker_creation_error@Concurrency@@QEAA@PEBDJ@Z

??0scoped_lock@critical_section@Concurrency@@QEAA@AEAV12@@Z

??0scoped_lock@reader_writer_lock@Concurrency@@QEAA@AEAV12@@Z

??0scoped_lock_read@reader_writer_lock@Concurrency@@QEAA@AEAV12@@Z

??0unsupported_os@Concurrency@@QEAA@PEBD@Z

??0unsupported_os@Concurrency@@QEAA@XZ

??1SchedulerPolicy@Concurrency@@QEAA@XZ

??1_Cancellation_beacon@details@Concurrency@@QEAA@XZ

??1_Concurrent_queue_base_v4@details@Concurrency@@MEAA@XZ

??1_Concurrent_queue_iterator_base_v4@details@Concurrency@@IEAA@XZ

??1_Concurrent_vector_base_v4@details@Concurrency@@IEAA@XZ

??1_Condition_variable@details@Concurrency@@QEAA@XZ

??1_NonReentrantBlockingLock@details@Concurrency@@QEAA@XZ

??1_ReentrantBlockingLock@details@Concurrency@@QEAA@XZ

??1_Scoped_lock@_NonReentrantPPLLock@details@Concurrency@@QEAA@XZ

??1_Scoped_lock@_ReentrantPPLLock@details@Concurrency@@QEAA@XZ

??1_SpinLock@details@Concurrency@@QEAA@XZ

??1_StructuredTaskCollection@details@Concurrency@@QEAA@XZ

??1_TaskCollection@details@Concurrency@@QEAA@XZ

??1_Timer@details@Concurrency@@MEAA@XZ

??1agent@Concurrency@@UEAA@XZ

??1critical_section@Concurrency@@QEAA@XZ

??1event@Concurrency@@QEAA@XZ

??1reader_writer_lock@Concurrency@@QEAA@XZ

??1scoped_lock@critical_section@Concurrency@@QEAA@XZ

??1scoped_lock@reader_writer_lock@Concurrency@@QEAA@XZ

??1scoped_lock_read@reader_writer_lock@Concurrency@@QEAA@XZ

??4?$_SpinWait@$00@details@Concurrency@@QEAAAEAV012@$$QEAV012@@Z

??4?$_SpinWait@$00@details@Concurrency@@QEAAAEAV012@AEBV012@@Z

??4?$_SpinWait@$0A@@details@Concurrency@@QEAAAEAV012@$$QEAV012@@Z

??4?$_SpinWait@$0A@@details@Concurrency@@QEAAAEAV012@AEBV012@@Z

??4SchedulerPolicy@Concurrency@@QEAAAEAV01@AEBV01@@Z

??_F?$_SpinWait@$00@details@Concurrency@@QEAAXXZ

??_F?$_SpinWait@$0A@@details@Concurrency@@QEAAXXZ

??_F_Context@details@Concurrency@@QEAAXXZ

??_F_Scheduler@details@Concurrency@@QEAAXXZ

?AgentEventGuid@Concurrency@@3U_GUID@@B

?Alloc@Concurrency@@YAPEAX_K@Z

?Block@Context@Concurrency@@SAXXZ

?ChoreEventGuid@Concurrency@@3U_GUID@@B

?ConcRTEventGuid@Concurrency@@3U_GUID@@B

?ConcRT_ProviderGuid@Concurrency@@3U_GUID@@B

?ContextEventGuid@Concurrency@@3U_GUID@@B

?Create@CurrentScheduler@Concurrency@@SAXAEBVSchedulerPolicy@2@@Z

?Create@Scheduler@Concurrency@@SAPEAV12@AEBVSchedulerPolicy@2@@Z

?CreateResourceManager@Concurrency@@YAPEAUIResourceManager@1@XZ

?CreateScheduleGroup@CurrentScheduler@Concurrency@@SAPEAVScheduleGroup@2@AEAVlocation@2@@Z

?CreateScheduleGroup@CurrentScheduler@Concurrency@@SAPEAVScheduleGroup@2@XZ

?CurrentContext@Context@Concurrency@@SAPEAV12@XZ

?Detach@CurrentScheduler@Concurrency@@SAXXZ

?DisableTracing@Concurrency@@YAJXZ

?EnableTracing@Concurrency@@YAJXZ

?Free@Concurrency@@YAXPEAX@Z

?Get@CurrentScheduler@Concurrency@@SAPEAVScheduler@2@XZ

?GetExecutionContextId@Concurrency@@YAIXZ

?GetNumberOfVirtualProcessors@CurrentScheduler@Concurrency@@SAIXZ

?GetOSVersion@Concurrency@@YA?AW4OSVersion@IResourceManager@1@XZ

?GetPolicy@CurrentScheduler@Concurrency@@SA?AVSchedulerPolicy@2@XZ

?GetPolicyValue@SchedulerPolicy@Concurrency@@QEBAIW4PolicyElementKey@2@@Z

?GetProcessorCount@Concurrency@@YAIXZ

?GetProcessorNodeCount@Concurrency@@YAIXZ

?GetSchedulerId@Concurrency@@YAIXZ

?GetSharedTimerQueue@details@Concurrency@@YAPEAXXZ

?Id@Context@Concurrency@@SAIXZ

?Id@CurrentScheduler@Concurrency@@SAIXZ

?IsAvailableLocation@CurrentScheduler@Concurrency@@SA_NAEBVlocation@2@@Z

?IsCurrentTaskCollectionCanceling@Context@Concurrency@@SA_NXZ

?LockEventGuid@Concurrency@@3U_GUID@@B

?Log2@details@Concurrency@@YAK_K@Z

?NFS_Allocate@details@Concurrency@@YAPEAX_K0PEAX@Z

?NFS_Free@details@Concurrency@@YAXPEAX@Z

?NFS_GetLineSize@details@Concurrency@@YA_KXZ

?Oversubscribe@Context@Concurrency@@SAX_N@Z

?PPLParallelForEventGuid@Concurrency@@3U_GUID@@B

?PPLParallelForeachEventGuid@Concurrency@@3U_GUID@@B

?PPLParallelInvokeEventGuid@Concurrency@@3U_GUID@@B

?RegisterShutdownEvent@CurrentScheduler@Concurrency@@SAXPEAX@Z

?ResetDefaultSchedulerPolicy@Scheduler@Concurrency@@SAXXZ

?ResourceManagerEventGuid@Concurrency@@3U_GUID@@B

?ScheduleGroupEventGuid@Concurrency@@3U_GUID@@B

?ScheduleGroupId@Context@Concurrency@@SAIXZ

?ScheduleTask@CurrentScheduler@Concurrency@@SAXP6AXPEAX@Z0@Z

?ScheduleTask@CurrentScheduler@Concurrency@@SAXP6AXPEAX@Z0AEAVlocation@2@@Z

?SchedulerEventGuid@Concurrency@@3U_GUID@@B

?SetConcurrencyLimits@SchedulerPolicy@Concurrency@@QEAAXII@Z

?SetDefaultSchedulerPolicy@Scheduler@Concurrency@@SAXAEBVSchedulerPolicy@2@@Z

?SetPolicyValue@SchedulerPolicy@Concurrency@@QEAAIW4PolicyElementKey@2@I@Z

?VirtualProcessorEventGuid@Concurrency@@3U_GUID@@B

?VirtualProcessorId@Context@Concurrency@@SAIXZ

?Yield@Context@Concurrency@@SAXXZ

?_Abort@_StructuredTaskCollection@details@Concurrency@@AEAAXXZ

?_Acquire@_NonReentrantBlockingLock@details@Concurrency@@QEAAXXZ

?_Acquire@_NonReentrantPPLLock@details@Concurrency@@QEAAXPEAX@Z

?_Acquire@_ReentrantBlockingLock@details@Concurrency@@QEAAXXZ

?_Acquire@_ReentrantLock@details@Concurrency@@QEAAXXZ

?_Acquire@_ReentrantPPLLock@details@Concurrency@@QEAAXPEAX@Z

?_AcquireRead@_ReaderWriterLock@details@Concurrency@@QEAAXXZ

?_AcquireWrite@_ReaderWriterLock@details@Concurrency@@QEAAXXZ

?_Advance@_Concurrent_queue_iterator_base_v4@details@Concurrency@@IEAAXXZ

?_Assign@_Concurrent_queue_iterator_base_v4@details@Concurrency@@IEAAXAEBV123@@Z

?_Byte_reverse_table@details@Concurrency@@3QBEB

?_Cancel@_StructuredTaskCollection@details@Concurrency@@QEAAXXZ

?_Cancel@_TaskCollection@details@Concurrency@@QEAAXXZ

?_CheckTaskCollection@_UnrealizedChore@details@Concurrency@@IEAAXXZ

?_CleanupToken@_StructuredTaskCollection@details@Concurrency@@AEAAXXZ

?_ConcRT_CoreAssert@details@Concurrency@@YAXPEBD0H@Z

?_ConcRT_Trace@details@Concurrency@@YAXHPEB_WZZ

?_Confirm_cancel@_Cancellation_beacon@details@Concurrency@@QEAA_NXZ

?_CurrentContext@_Context@details@Concurrency@@SA?AV123@XZ

?_Current_node@location@Concurrency@@SA?AV12@XZ

?_Destroy@_AsyncTaskCollection@details@Concurrency@@EEAAXXZ

?_DoYield@?$_SpinWait@$00@details@Concurrency@@IEAAXXZ

?_DoYield@?$_SpinWait@$0A@@details@Concurrency@@IEAAXXZ

?_Get@_CurrentScheduler@details@Concurrency@@SA?AV_Scheduler@23@XZ

?_GetCombinableSize@details@Concurrency@@YA_KXZ

?_GetConcRTTraceInfo@Concurrency@@YAPEBU_CONCRT_TRACE_INFO@details@1@XZ

?_GetConcurrency@details@Concurrency@@YAIXZ

?_GetCurrentInlineDepth@_StackGuard@details@Concurrency@@CAAEA_KXZ

?_GetNumberOfVirtualProcessors@_CurrentScheduler@details@Concurrency@@SAIXZ

?_GetScheduler@_Scheduler@details@Concurrency@@QEAAPEAVScheduler@3@XZ

?_Id@_CurrentScheduler@details@Concurrency@@SAIXZ

?_Internal_assign@_Concurrent_vector_base_v4@details@Concurrency@@IEAAXAEBV123@_KP6AXPEAX1@ZP6AX2PEBX1@Z5@Z

?_Internal_capacity@_Concurrent_vector_base_v4@details@Concurrency@@IEBA_KXZ

?_Internal_clear@_Concurrent_vector_base_v4@details@Concurrency@@IEAA_KP6AXPEAX_K@Z@Z

?_Internal_compact@_Concurrent_vector_base_v4@details@Concurrency@@IEAAPEAX_KPEAXP6AX10@ZP6AX1PEBX0@Z@Z

?_Internal_copy@_Concurrent_vector_base_v4@details@Concurrency@@IEAAXAEBV123@_KP6AXPEAXPEBX1@Z@Z

?_Internal_empty@_Concurrent_queue_base_v4@details@Concurrency@@IEBA_NXZ

?_Internal_finish_clear@_Concurrent_queue_base_v4@details@Concurrency@@IEAAXXZ

?_Internal_grow_by@_Concurrent_vector_base_v4@details@Concurrency@@IEAA_K_K0P6AXPEAXPEBX0@Z2@Z

?_Internal_grow_to_at_least_with_result@_Concurrent_vector_base_v4@details@Concurrency@@IEAA_K_K0P6AXPEAXPEBX0@Z2@Z

?_Internal_move_push@_Concurrent_queue_base_v4@details@Concurrency@@IEAAXPEAX@Z

?_Internal_pop_if_present@_Concurrent_queue_base_v4@details@Concurrency@@IEAA_NPEAX@Z

?_Internal_push@_Concurrent_queue_base_v4@details@Concurrency@@IEAAXPEBX@Z

?_Internal_push_back@_Concurrent_vector_base_v4@details@Concurrency@@IEAAPEAX_KAEA_K@Z

?_Internal_reserve@_Concurrent_vector_base_v4@details@Concurrency@@IEAAX_K00@Z

?_Internal_resize@_Concurrent_vector_base_v4@details@Concurrency@@IEAAX_K00P6AXPEAX0@ZP6AX1PEBX0@Z3@Z

?_Internal_size@_Concurrent_queue_base_v4@details@Concurrency@@IEBA_KXZ

?_Internal_swap@_Concurrent_queue_base_v4@details@Concurrency@@IEAAXAEAV123@@Z

?_Internal_swap@_Concurrent_vector_base_v4@details@Concurrency@@IEAAXAEAV123@@Z

?_Internal_throw_exception@_Concurrent_queue_base_v4@details@Concurrency@@IEBAXXZ

?_Internal_throw_exception@_Concurrent_vector_base_v4@details@Concurrency@@IEBAX_K@Z

?_IsCanceling@_StructuredTaskCollection@details@Concurrency@@QEAA_NXZ

?_IsCanceling@_TaskCollection@details@Concurrency@@QEAA_NXZ

?_IsSynchronouslyBlocked@_Context@details@Concurrency@@QEBA_NXZ

?_NewCollection@_AsyncTaskCollection@details@Concurrency@@SAPEAV123@PEAV_CancellationTokenState@23@@Z

?_NumberOfSpins@?$_SpinWait@$00@details@Concurrency@@IEAAKXZ

?_NumberOfSpins@?$_SpinWait@$0A@@details@Concurrency@@IEAAKXZ

?_Oversubscribe@_Context@details@Concurrency@@SAX_N@Z

?_Reference@_Scheduler@details@Concurrency@@QEAAIXZ

?_Release@_NonReentrantBlockingLock@details@Concurrency@@QEAAXXZ

?_Release@_NonReentrantPPLLock@details@Concurrency@@QEAAXXZ

?_Release@_ReentrantBlockingLock@details@Concurrency@@QEAAXXZ

?_Release@_ReentrantLock@details@Concurrency@@QEAAXXZ

?_Release@_ReentrantPPLLock@details@Concurrency@@QEAAXXZ

?_Release@_Scheduler@details@Concurrency@@QEAAIXZ

?_ReleaseRead@_ReaderWriterLock@details@Concurrency@@QEAAXXZ

?_ReleaseWrite@_ReaderWriterLock@details@Concurrency@@QEAAXXZ

?_Reset@?$_SpinWait@$00@details@Concurrency@@IEAAXXZ

?_Reset@?$_SpinWait@$0A@@details@Concurrency@@IEAAXXZ

?_RunAndWait@_StructuredTaskCollection@details@Concurrency@@QEAA?AW4_TaskCollectionStatus@23@PEAV_UnrealizedChore@23@@Z

?_RunAndWait@_TaskCollection@details@Concurrency@@QEAA?AW4_TaskCollectionStatus@23@PEAV_UnrealizedChore@23@@Z

?_Schedule@_StructuredTaskCollection@details@Concurrency@@QEAAXPEAV_UnrealizedChore@23@@Z

?_Schedule@_StructuredTaskCollection@details@Concurrency@@QEAAXPEAV_UnrealizedChore@23@PEAVlocation@3@@Z

?_Schedule@_TaskCollection@details@Concurrency@@QEAAXPEAV_UnrealizedChore@23@@Z

?_Schedule@_TaskCollection@details@Concurrency@@QEAAXPEAV_UnrealizedChore@23@PEAVlocation@3@@Z

?_ScheduleTask@_CurrentScheduler@details@Concurrency@@SAXP6AXPEAX@Z0@Z

?_Segment_index_of@_Concurrent_vector_base_v4@details@Concurrency@@KA_K_K@Z

?_SetSpinCount@?$_SpinWait@$00@details@Concurrency@@QEAAXI@Z

?_SetSpinCount@?$_SpinWait@$0A@@details@Concurrency@@QEAAXI@Z

?_ShouldSpinAgain@?$_SpinWait@$00@details@Concurrency@@IEAA_NXZ

?_ShouldSpinAgain@?$_SpinWait@$0A@@details@Concurrency@@IEAA_NXZ

?_SpinOnce@?$_SpinWait@$00@details@Concurrency@@QEAA_NXZ

?_SpinOnce@?$_SpinWait@$0A@@details@Concurrency@@QEAA_NXZ

?_SpinYield@Context@Concurrency@@SAXXZ

?_Start@_Timer@details@Concurrency@@IEAAXXZ

?_Stop@_Timer@details@Concurrency@@IEAAXXZ

?_Trace_agents@Concurrency@@YAXW4Agents_EventType@1@_JZZ

?_Trace_ppl_function@Concurrency@@YAXAEBU_GUID@@EW4ConcRT_EventType@1@@Z

?_TryAcquire@_NonReentrantBlockingLock@details@Concurrency@@QEAA_NXZ

?_TryAcquire@_ReentrantBlockingLock@details@Concurrency@@QEAA_NXZ

?_TryAcquire@_ReentrantLock@details@Concurrency@@QEAA_NXZ

?_TryAcquireWrite@_ReaderWriterLock@details@Concurrency@@QEAA_NXZ

?_UnderlyingYield@details@Concurrency@@YAXXZ

?_Value@_SpinCount@details@Concurrency@@SAIXZ

?_Yield@_Context@details@Concurrency@@SAXXZ

?cancel@agent@Concurrency@@QEAA_NXZ

?current@location@Concurrency@@SA?AV12@XZ

?done@agent@Concurrency@@IEAA_NXZ

?from_numa_node@location@Concurrency@@SA?AV12@G@Z

?get_error_code@scheduler_resource_allocation_error@Concurrency@@QEBAJXZ

?is_current_task_group_canceling@Concurrency@@YA_NXZ

?lock@critical_section@Concurrency@@QEAAXXZ

?lock@reader_writer_lock@Concurrency@@QEAAXXZ

?lock_read@reader_writer_lock@Concurrency@@QEAAXXZ

?native_handle@critical_section@Concurrency@@QEAAAEAV12@XZ

?notify_all@_Condition_variable@details@Concurrency@@QEAAXXZ

?notify_one@_Condition_variable@details@Concurrency@@QEAAXXZ

?reset@event@Concurrency@@QEAAXXZ

?set@event@Concurrency@@QEAAXXZ

?set_task_execution_resources@Concurrency@@YAXGPEAU_GROUP_AFFINITY@@@Z

?set_task_execution_resources@Concurrency@@YAX_K@Z

?start@agent@Concurrency@@QEAA_NXZ

?status@agent@Concurrency@@QEAA?AW4agent_status@2@XZ

?status_port@agent@Concurrency@@QEAAPEAV?$ISource@W4agent_status@Concurrency@@@2@XZ

?try_lock@critical_section@Concurrency@@QEAA_NXZ

?try_lock@reader_writer_lock@Concurrency@@QEAA_NXZ

?try_lock_for@critical_section@Concurrency@@QEAA_NI@Z

?try_lock_read@reader_writer_lock@Concurrency@@QEAA_NXZ

?unlock@critical_section@Concurrency@@QEAAXXZ

?unlock@reader_writer_lock@Concurrency@@QEAAXXZ

?wait@Concurrency@@YAXI@Z

?wait@_Condition_variable@details@Concurrency@@QEAAXAEAVcritical_section@3@@Z

?wait@agent@Concurrency@@SA?AW4agent_status@2@PEAV12@I@Z

?wait@event@Concurrency@@QEAA_KI@Z

?wait_for@_Condition_variable@details@Concurrency@@QEAA_NAEAVcritical_section@3@I@Z

?wait_for_all@agent@Concurrency@@SAX_KPEAPEAV12@PEAW4agent_status@2@I@Z

?wait_for_multiple@event@Concurrency@@SA_KPEAPEAV12@_K_NI@Z

?wait_for_one@agent@Concurrency@@SAX_KPEAPEAV12@AEAW4agent_status@2@AEA_KI@Z

Sections

.text
Size: 183KB - Virtual size: 182KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 83KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.pdata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

d3dcompiler_47.dll

.dll windows:10 windows x64 arch:x64

dc71769f237c0a3ba38879380c54a4e6

Code Sign

33:00:00:03:df:fb:6a:e3:f4:27:ec:b6:a3:00:00:00:00:03:df
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

15/12/2020, 21:24

Not After

02/12/2021, 21:24

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

2d:f8:dd:06:41:e0:b2:af:59:69:78:fa:5a:2b:28:9b:e2:27:f3:64:44:dd:1d:c6:3e:05:f0:29:0b:70:4c:49
Signer

Actual PE Digest

2d:f8:dd:06:41:e0:b2:af:59:69:78:fa:5a:2b:28:9b:e2:27:f3:64:44:dd:1d:c6:3e:05:f0:29:0b:70:4c:49

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

D3DCompiler_47.pdb

Imports

kernel32

WriteFile

FreeLibrary

Sleep

TlsAlloc

TlsSetValue

HeapDestroy

TlsGetValue

TlsFree

GetFullPathNameW

GetFullPathNameA

GetEnvironmentVariableA

VirtualFree

VirtualAlloc

GetSystemInfo

GetProcAddress

LoadLibraryExW

SetLastError

RtlCaptureContext

RtlLookupFunctionEntry

RtlVirtualUnwind

IsDebuggerPresent

UnhandledExceptionFilter

SetUnhandledExceptionFilter

GetCurrentProcess

TerminateProcess

IsProcessorFeaturePresent

GetCurrentThreadId

GetStdHandle

GetFileType

GetStartupInfoW

FlsAlloc

FlsGetValue

FlsSetValue

FlsFree

InitializeCriticalSectionAndSpinCount

GetSystemTimeAsFileTime

CompareStringW

LCMapStringW

GetLocaleInfoW

IsValidLocale

GetUserDefaultLCID

EnumSystemLocalesW

ExitProcess

GetModuleHandleW

GetModuleHandleExW

IsValidCodePage

GetACP

GetOEMCP

GetCPInfo

SetFilePointerEx

GetStringTypeW

SetStdHandle

ReadFile

FreeEnvironmentStringsW

SetEnvironmentVariableW

RaiseException

FlushFileBuffers

GetConsoleOutputCP

GetConsoleMode

GetModuleFileNameW

ReadConsoleW

HeapSize

HeapReAlloc

WriteConsoleW

QueryPerformanceCounter

GetCurrentProcessId

InitializeSListHead

RtlUnwindEx

InterlockedFlushSList

EncodePointer

InitializeCriticalSectionEx

RtlPcToFileHeader

LocalAlloc

LocalFree

GetFileSizeEx

GetLastError

CreateFileW

HeapFree

GetProcessHeap

UnmapViewOfFile

GetFileSize

CreateFileMappingW

MapViewOfFile

GetFileAttributesW

SetFileAttributesW

DeleteFileW

SetEndOfFile

DeviceIoControl

MapViewOfFileEx

CreateFileMappingA

ExpandEnvironmentStringsW

HeapAlloc

OutputDebugStringA

CloseHandle

LeaveCriticalSection

EnterCriticalSection

lstrcmpiA

HeapCreate

GetModuleFileNameA

CreateFileA

DeleteCriticalSection

InitializeCriticalSection

WideCharToMultiByte

FindClose

FindFirstFileExW

FindNextFileW

GetCommandLineA

GetCommandLineW

GetDriveTypeW

GetCurrentDirectoryW

SetEvent

ResetEvent

WaitForSingleObjectEx

CreateEventW

MultiByteToWideChar

GetEnvironmentStringsW

DisableThreadLibraryCalls

advapi32

CryptDestroyHash

CryptAcquireContextW

RegQueryValueExA

RegEnumKeyExA

RegOpenKeyExA

CryptGetHashParam

CryptCreateHash

CryptHashData

RegQueryValueExW

RegOpenKeyExW

RegCloseKey

CryptReleaseContext

rpcrt4

UuidCreate

Exports

D3DAssemble

D3DCompile

D3DCompile2

D3DCompileFromFile

D3DCompressShaders

D3DCreateBlob

D3DCreateFunctionLinkingGraph

D3DCreateLinker

D3DDecompressShaders

D3DDisassemble

D3DDisassemble10Effect

D3DDisassemble11Trace

D3DDisassembleRegion

D3DGetBlobPart

D3DGetDebugInfo

D3DGetInputAndOutputSignatureBlob

D3DGetInputSignatureBlob

D3DGetOutputSignatureBlob

D3DGetTraceInstructionOffsets

D3DLoadModule

D3DPreprocess

D3DReadFileToBlob

D3DReflect

D3DReflectLibrary

D3DReturnFailure1

D3DSetBlobPart

D3DStripShader

D3DWriteBlobToFile

DebugSetMute

Sections

.text
Size: 3.5MB - Virtual size: 3.5MB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 912KB - Virtual size: 911KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.pdata
Size: 128KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

data/app.so

.elf linux x64

data/flutter_assets/AssetManifest.bin

data/flutter_assets/AssetManifest.json

data/flutter_assets/FontManifest.json

data/flutter_assets/NOTICES.Z

.gz

NOTICES.Z

data/flutter_assets/assets/img/icon.ico

data/flutter_assets/assets/img/icon.png

.png

data/flutter_assets/assets/img/komi_text.png

.png

data/flutter_assets/assets/img/logo-beta.png

.png

data/flutter_assets/assets/img/logo.png

.png

data/flutter_assets/assets/status/emiting.png

.png

data/flutter_assets/assets/status/finish.png

.png

data/flutter_assets/assets/status/pending.png

.png

data/flutter_assets/fonts/MaterialIcons-Regular.otf

data/flutter_assets/packages/cupertino_icons/assets/CupertinoIcons.ttf

data/flutter_assets/packages/flutter_js/assets/js/fetch.js

.js

data/flutter_assets/packages/flutter_octicons/lib/fonts/octicons12.ttf

data/flutter_assets/packages/flutter_octicons/lib/fonts/octicons16.ttf

data/flutter_assets/packages/flutter_octicons/lib/fonts/octicons24.ttf

data/flutter_assets/packages/flutter_octicons/lib/fonts/octicons48.ttf

data/flutter_assets/packages/flutter_octicons/lib/fonts/octicons96.ttf

data/flutter_assets/packages/media_kit/assets/web/hls1.4.10.js

.js

data/flutter_assets/packages/wakelock_plus/assets/no_sleep.js

.js

data/flutter_assets/packages/window_manager/images/ic_chrome_close.png

.png

data/flutter_assets/packages/window_manager/images/ic_chrome_maximize.png

.png

data/flutter_assets/packages/window_manager/images/ic_chrome_minimize.png

.png

data/flutter_assets/packages/window_manager/images/ic_chrome_unmaximize.png

.png

data/flutter_assets/shaders/ink_sparkle.frag

data/icudtl.dat

discord-rpc.dll

.dll windows:6 windows x64 arch:x64

293914ac82b04d32c243e6e36fe73039

Code Sign

02:8a:a6:e7:b5:16:c0:d1:55:f1:5d:62:90:a4:30:e3
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

26/03/2018, 00:00

Not After

31/03/2021, 12:00

Subject

SERIALNUMBER=5128862,CN=Discord Inc.,O=Discord Inc.,L=San Francisco,ST=California,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

09:c0:fc:46:c8:04:42:13:b5:59:8b:af:28:4f:4e:41
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

04/01/2017, 00:00

Not After

18/01/2028, 00:00

Subject

CN=DigiCert SHA2 Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

26:6d:43:5a:c4:f7:18:52:4b:cf:f0:05:de:62:41:dd:b6:93:92:0b:56:06:46:22:78:0b:9c:60:db:67:ec:c0
Signer

Actual PE Digest

26:6d:43:5a:c4:f7:18:52:4b:cf:f0:05:de:62:41:dd:b6:93:92:0b:56:06:46:22:78:0b:9c:60:db:67:ec:c0

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

Imports

advapi32

RegCreateKeyExW

RegOpenKeyExW

RegQueryValueExW

RegSetValueExW

RegCloseKey

kernel32

CreateFileW

ReadFile

WriteFile

CloseHandle

GetLastError

PeekNamedPipe

WaitNamedPipeW

GetCurrentProcessId

GetModuleFileNameW

lstrlenW

MultiByteToWideChar

DuplicateHandle

WaitForSingleObjectEx

Sleep

GetCurrentProcess

GetCurrentThread

GetCurrentThreadId

GetExitCodeThread

QueryPerformanceCounter

EnterCriticalSection

LeaveCriticalSection

TryEnterCriticalSection

DeleteCriticalSection

SetLastError

InitializeCriticalSectionAndSpinCount

CreateEventW

TlsAlloc

TlsGetValue

TlsSetValue

TlsFree

GetSystemTimeAsFileTime

GetTickCount

GetModuleHandleW

GetProcAddress

WideCharToMultiByte

SetEvent

RtlCaptureContext

RtlLookupFunctionEntry

RtlVirtualUnwind

IsDebuggerPresent

UnhandledExceptionFilter

SetUnhandledExceptionFilter

GetStartupInfoW

IsProcessorFeaturePresent

TerminateProcess

InitializeSListHead

CreateTimerQueue

SignalObjectAndWait

SwitchToThread

CreateThread

SetThreadPriority

GetThreadPriority

GetLogicalProcessorInformation

CreateTimerQueueTimer

ChangeTimerQueueTimer

DeleteTimerQueueTimer

GetNumaHighestNodeNumber

GetProcessAffinityMask

SetThreadAffinityMask

RegisterWaitForSingleObject

UnregisterWait

EncodePointer

GetThreadTimes

FreeLibrary

FreeLibraryAndExitThread

GetModuleHandleA

LoadLibraryExW

GetVersionExW

VirtualAlloc

VirtualFree

VirtualProtect

ReleaseSemaphore

InterlockedPopEntrySList

InterlockedPushEntrySList

InterlockedFlushSList

QueryDepthSList

UnregisterWaitEx

LoadLibraryW

RtlPcToFileHeader

RaiseException

RtlUnwindEx

ExitThread

GetModuleHandleExW

HeapAlloc

HeapFree

ExitProcess

GetModuleFileNameA

LCMapStringW

GetStdHandle

GetFileType

GetACP

GetProcessHeap

FindClose

FindFirstFileExA

FindNextFileA

IsValidCodePage

GetOEMCP

GetCPInfo

GetCommandLineA

GetCommandLineW

GetEnvironmentStringsW

FreeEnvironmentStringsW

FlushFileBuffers

GetConsoleCP

GetConsoleMode

GetStringTypeW

SetStdHandle

SetFilePointerEx

HeapSize

HeapReAlloc

WriteConsoleW

DecodePointer

Exports

Discord_ClearPresence

Discord_Initialize

Discord_Register

Discord_RegisterSteamGame

Discord_Respond

Discord_RunCallbacks

Discord_Shutdown

Discord_UpdateHandlers

Discord_UpdatePresence

Sections

.text
Size: 249KB - Virtual size: 249KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 95KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 234KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.pdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.gfids
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

discord_rpc_plugin.dll

.dll windows:6 windows x64 arch:x64

899eb19fa7a4269a01248664735f98d8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

Imports

flutter_windows

FlutterDesktopPluginRegistrarSetDestructionHandler

FlutterDesktopRegistrarGetTextureRegistrar

FlutterDesktopPluginRegistrarGetMessenger

FlutterDesktopTextureRegistrarMarkExternalTextureFrameAvailable

FlutterDesktopTextureRegistrarUnregisterExternalTexture

FlutterDesktopTextureRegistrarRegisterExternalTexture

FlutterDesktopMessengerUnlock

FlutterDesktopMessengerLock

FlutterDesktopMessengerIsAvailable

FlutterDesktopMessengerRelease

FlutterDesktopMessengerAddRef

FlutterDesktopMessengerSetCallback

FlutterDesktopMessengerSendResponse

FlutterDesktopMessengerSendWithReply

FlutterDesktopMessengerSend

FlutterDesktopPluginRegistrarGetView

msvcp140

?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z

?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z

?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z

?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ

?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ

?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADXZ

?width@ios_base@std@@QEAA_J_J@Z

?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z

?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z

?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ

?_Xbad_function_call@std@@YAXXZ

?_Raise_handler@std@@3P6AXAEBVexception@stdext@@@ZEA

?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z

?_Xlength_error@std@@YAXPEBD@Z

?good@ios_base@std@@QEBA_NXZ

?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z

?width@ios_base@std@@QEBA_JXZ

?flags@ios_base@std@@QEBAHXZ

vcruntime140

memcmp

memmove

memset

__C_specific_handler

__std_exception_copy

__std_exception_destroy

_CxxThrowException

__std_type_info_destroy_list

memcpy

__std_type_info_compare

__std_terminate

vcruntime140_1

__CxxFrameHandler4

api-ms-win-crt-runtime-l1-1-0

_initialize_onexit_table

_register_onexit_function

_execute_onexit_table

_crt_atexit

_cexit

_configure_narrow_argv

_initterm_e

_initialize_narrow_environment

_invoke_watson

_invalid_parameter_noinfo_noreturn

_seh_filter_dll

_initterm

api-ms-win-crt-heap-l1-1-0

malloc

_callnewh

free

kernel32

ReleaseSRWLockExclusive

IsDebuggerPresent

InitializeSListHead

DisableThreadLibraryCalls

GetSystemTimeAsFileTime

GetCurrentThreadId

GetCurrentProcessId

QueryPerformanceCounter

IsProcessorFeaturePresent

TerminateProcess

GetCurrentProcess

SetUnhandledExceptionFilter

UnhandledExceptionFilter

RtlVirtualUnwind

RtlLookupFunctionEntry

AcquireSRWLockExclusive

WakeAllConditionVariable

SleepConditionVariableSRW

RtlCaptureContext

Exports

DiscordRpcPluginRegisterWithRegistrar

Sections

.text
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 328B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

flutter_js_plugin.dll

.dll windows:6 windows x64 arch:x64

07bb8998b3a35465a3bc6dc8d9726b74