xworm | NursultanAlpha[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

NursultanAlpha.zip
Size

1.4MB
MD5

752cd89ede2727e12a1ea9f2e74c278b
SHA1

c524f3a720b5c88bad2b92eac894866e302a1b7f
SHA256

cc03eab40dbf92d65eb7af70a0dbb84bf22feedd867f812b278c30447c71f7dc
SHA512

0ee596092291b5a11f62ef37d03d8c32cacd49b84d89b2c35619a1cb9524cbb22996eb2f9e5c97c6b7e0df3962339d40e3651126e983247e30388f26a8852952
SSDEEP

24576:PgiwGtgYYTdRisGkX7oCJeZ0o7NMQ84qG5HZa1GQr6jRgIFF04TolnBGgqwEp5LI:PgiwqvYTdQWYMlHG55agjRgIMuoPGgqc

Score

10^/10

xworm

Malware Config

Extracted

Family

xworm

22.ip.gl.ply.gg:61996

Attributes

Install_directory
%ProgramData%
install_file
svchost.exe
telegram
https://api.telegram.org/bot6997638498:AAHa9TMLloZsFrAsEGC8rfuzrK0fiaQAI5Q/sendMessage?chat_id=1031836490

Signatures

Detect Xworm Payload 1 IoCs

resource	yara_rule
static1/unpack001/Nursultan Alpha/workspace/nur.exe	family_xworm

Xworm family
xworm

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Nursultan Alpha/workspace/nur.exe

Files

NursultanAlpha.zip
.zip
Nursultan Alpha/api-ms-win-core-datetime-l1-1-0.dll
.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:03:df:fb:6a:e3:f4:27:ec:b6:a3:00:00:00:00:03:df
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

15/12/2020, 21:24

Not After

02/12/2021, 21:24

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

8a:9d:ae:ec:c1:0b:09:10:55:1c:c0:63:c6:94:72:c5:98:ef:01:ca:6b:cd:f0:52:02:66:ac:48:79:a0:3e:2c
Signer

Actual PE Digest

8a:9d:ae:ec:c1:0b:09:10:55:1c:c0:63:c6:94:72:c5:98:ef:01:ca:6b:cd:f0:52:02:66:ac:48:79:a0:3e:2c

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-datetime-l1-1-0.pdb

Exports

Exports

GetDateFormatA
GetDateFormatW
GetTimeFormatA
GetTimeFormatW

Sections

.rdata
Size: 4KB - Virtual size: 600B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Nursultan Alpha/api-ms-win-core-debug-l1-1-0.dll
.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:03:df:fb:6a:e3:f4:27:ec:b6:a3:00:00:00:00:03:df
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

15/12/2020, 21:24

Not After

02/12/2021, 21:24

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

93:bd:4a:7f:f3:52:27:a9:04:07:83:2d:9b:5d:6a:2a:e3:ec:28:18:97:92:2b:27:2e:fe:ad:cf:87:ae:73:e0
Signer

Actual PE Digest

93:bd:4a:7f:f3:52:27:a9:04:07:83:2d:9b:5d:6a:2a:e3:ec:28:18:97:92:2b:27:2e:fe:ad:cf:87:ae:73:e0

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-debug-l1-1-0.pdb

Exports

Exports

DebugBreak
IsDebuggerPresent
OutputDebugStringA
OutputDebugStringW

Sections

.rdata
Size: 4KB - Virtual size: 612B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Nursultan Alpha/api-ms-win-core-errorhandling-l1-1-0.dll
.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:03:df:fb:6a:e3:f4:27:ec:b6:a3:00:00:00:00:03:df
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

15/12/2020, 21:24

Not After

02/12/2021, 21:24

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

48:57:8d:12:25:59:c9:41:b8:20:d6:14:93:76:1d:fc:0a:32:88:23:7d:89:3d:65:3a:5a:1e:71:e7:1f:a3:53
Signer

Actual PE Digest

48:57:8d:12:25:59:c9:41:b8:20:d6:14:93:76:1d:fc:0a:32:88:23:7d:89:3d:65:3a:5a:1e:71:e7:1f:a3:53

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-errorhandling-l1-1-0.pdb

Exports

Exports

GetErrorMode
GetLastError
RaiseException
SetErrorMode
SetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter

Sections

.rdata
Size: 4KB - Virtual size: 792B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Nursultan Alpha/api-ms-win-core-handle-l1-1-0.dll
.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:03:df:fb:6a:e3:f4:27:ec:b6:a3:00:00:00:00:03:df
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

15/12/2020, 21:24

Not After

02/12/2021, 21:24

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

85:fb:5f:fd:16:42:a6:c9:4d:d5:77:4f:b5:fb:95:4e:a5:e5:76:20:b4:1a:a6:15:3c:14:96:95:2f:a3:46:59
Signer

Actual PE Digest

85:fb:5f:fd:16:42:a6:c9:4d:d5:77:4f:b5:fb:95:4e:a5:e5:76:20:b4:1a:a6:15:3c:14:96:95:2f:a3:46:59

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-handle-l1-1-0.pdb

Exports

Exports

CloseHandle
CompareObjectHandles
DuplicateHandle
GetHandleInformation
SetHandleInformation

Sections

.rdata
Size: 4KB - Virtual size: 680B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Nursultan Alpha/attach.dll
.dll windows:6 windows x64 arch:x64

487503ade661fe711b795f2abbae0379

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

03:72:bc:44:f5:59:f6:94:64:40:b5:8d:0a:19:21:a0
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

27/06/2023, 00:00

Not After

26/06/2026, 23:59

Subject

CN=Azul Systems\, Inc.,O=Azul Systems\, Inc.,L=Sunnyvale,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

eb:f0:b1:f8:91:5c:f5:46:2a:d5:9d:9d:a5:80:09:f6:c4:b4:18:8c:f8:2e:8e:b6:01:3e:47:c1:24:12:7b:f0
Signer

Actual PE Digest

eb:f0:b1:f8:91:5c:f5:46:2a:d5:9d:9d:a5:80:09:f6:c4:b4:18:8c:f8:2e:8e:b6:01:3e:47:c1:24:12:7b:f0

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

attach.pdb

Imports

java

JNU_ThrowInternalError
JNU_ThrowByName
JNU_ReleaseStringPlatformChars
JNU_ThrowIOExceptionWithLastError
JNU_ThrowIOException
JNU_GetStringPlatformChars
JNU_NewStringPlatform

advapi32

LookupPrivilegeValueA
ImpersonateSelf
AdjustTokenPrivileges
OpenThreadToken
ConvertStringSecurityDescriptorToSecurityDescriptorA

psapi

GetModuleBaseNameA
EnumProcessModules
EnumProcesses

kernel32

GetCurrentThreadId
InitializeSListHead
IsDebuggerPresent
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
RtlLookupFunctionEntry
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
GetTempPathA
GetVolumeInformationA
CloseHandle
OpenProcess
ReadFile
DuplicateHandle
GetLastError
SetLastError
ConnectNamedPipe
WaitForSingleObject
GetCurrentProcess
GetCurrentProcessId
CreateRemoteThread
GetCurrentThread
GetExitCodeThread
VirtualAllocEx
WriteProcessMemory
VirtualFreeEx
IsWow64Process
GetModuleHandleA
GetProcAddress
LocalFree
CreateNamedPipeA
RtlCaptureContext
UnhandledExceptionFilter
RtlVirtualUnwind

vcruntime140

__C_specific_handler
memset
__std_type_info_destroy_list

api-ms-win-crt-string-l1-1-0

strcmp
strcpy
strncpy

api-ms-win-crt-heap-l1-1-0

malloc
free

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf

api-ms-win-crt-runtime-l1-1-0

_cexit
_execute_onexit_table
_initialize_onexit_table
_initterm_e
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm

Exports

Exports

Java_sun_tools_attach_AttachProviderImpl_enumProcesses
Java_sun_tools_attach_AttachProviderImpl_isLibraryLoadedByProcess
Java_sun_tools_attach_AttachProviderImpl_tempPath
Java_sun_tools_attach_AttachProviderImpl_volumeFlags
Java_sun_tools_attach_VirtualMachineImpl_closePipe
Java_sun_tools_attach_VirtualMachineImpl_closeProcess
Java_sun_tools_attach_VirtualMachineImpl_connectPipe
Java_sun_tools_attach_VirtualMachineImpl_createPipe
Java_sun_tools_attach_VirtualMachineImpl_enqueue
Java_sun_tools_attach_VirtualMachineImpl_generateStub
Java_sun_tools_attach_VirtualMachineImpl_init
Java_sun_tools_attach_VirtualMachineImpl_openProcess
Java_sun_tools_attach_VirtualMachineImpl_readPipe

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 624B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 880B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Nursultan Alpha/awt.dll
.dll windows:6 windows x64 arch:x64

eb4df3a145e0d9119dcc30bb7c231ebd

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

03:72:bc:44:f5:59:f6:94:64:40:b5:8d:0a:19:21:a0
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

27/06/2023, 00:00

Not After

26/06/2026, 23:59

Subject

CN=Azul Systems\, Inc.,O=Azul Systems\, Inc.,L=Sunnyvale,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

69:a8:88:f7:aa:92:ca:94:d6:77:21:53:ff:a6:d3:46:76:9a:23:f5:ee:da:58:04:0d:cc:ce:09:8c:b2:79:00
Signer

Actual PE Digest

69:a8:88:f7:aa:92:ca:94:d6:77:21:53:ff:a6:d3:46:76:9a:23:f5:ee:da:58:04:0d:cc:ce:09:8c:b2:79:00

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

awt.pdb

Imports

kernel32

GetTickCount
GetVersionExW
FreeLibrary
GetModuleHandleW
GetProcAddress
GetCurrentThreadId
TlsAlloc
TlsGetValue
TlsSetValue
MultiByteToWideChar
GetLastError
WaitForSingleObject
GlobalAlloc
GlobalFree
lstrcpynW
lstrlenW
GetProfileStringW
SetLastError
GlobalSize
GlobalUnlock
GlobalLock
LocalFree
FormatMessageW
GetACP
GetLocaleInfoW
ExpandEnvironmentStringsW
lstrcpyW
CloseHandle
ReleaseMutex
CreateMutexW
LocalAlloc
SetCurrentDirectoryW
GetCurrentDirectoryW
GetVersion
ReadFile
SetFilePointer
WideCharToMultiByte
GetCurrentProcessId
LCMapStringW
GetEnvironmentVariableW
GetFileAttributesW
SetEvent
ResetEvent
CreateEventW
LoadLibraryW
lstrcmpW
GetWindowsDirectoryW
GetSystemDefaultLangID
GetSystemTimeAsFileTime
QueryPerformanceCounter
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
WaitForSingleObjectEx
InitializeCriticalSectionAndSpinCount
LoadLibraryExA
VirtualQuery
VirtualProtect
GetSystemInfo
RaiseException
InitializeSListHead
Sleep
DeleteCriticalSection
TryEnterCriticalSection
LeaveCriticalSection
EnterCriticalSection
CreateFileW
InitializeCriticalSection

jvm

jio_snprintf
JVM_CurrentTimeMillis
JVM_RaiseSignal

java

JNU_ThrowIllegalArgumentException
JNU_NewObjectByName
JNU_GetFieldByName
JNU_CallMethodByNameV
getEncodingFromLangID
getJavaIDFromLangID
JNU_ClassString
JNU_ThrowByName
JNU_ThrowIOException
JNU_GetStaticFieldByName
JNU_NewStringPlatform
JNU_ThrowArrayIndexOutOfBoundsException
JNU_SetFieldByName
JNU_CallStaticMethodByName
JNU_ThrowInternalError
JNU_GetEnv
JDK_LoadSystemLibrary
JNU_CallMethodByName
JNU_ThrowOutOfMemoryError
JNU_ThrowNullPointerException
JNU_IsInstanceOfByName

advapi32

RegCloseKey
RegOpenKeyExW
RegQueryValueExW
RegOpenKeyExA
RegQueryValueExA
RegNotifyChangeKeyValue

oleaut32

SysAllocString
SysFreeString
SysAllocStringByteLen
SysStringLen
VariantClear

msvcp140

?_Xlength_error@std@@YAXPEBD@Z

vcruntime140

wcsstr
__current_exception
wcschr
__current_exception_context
__C_specific_handler
memmove
memset
memcpy
__std_terminate
_CxxThrowException
strchr
_purecall
strstr
memcmp
__std_type_info_destroy_list

vcruntime140_1

__CxxFrameHandler4

api-ms-win-crt-heap-l1-1-0

_set_new_mode
free
malloc
realloc
calloc

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vswprintf
fopen
__stdio_common_vfprintf
__stdio_common_vsscanf
__acrt_iob_func
__stdio_common_vsprintf
fflush
__stdio_common_vswprintf_s
__stdio_common_vswscanf

api-ms-win-crt-string-l1-1-0

_wcsicmp
strncmp
wcsncmp
wcscpy_s
strcspn
wcsncpy
tolower
_strupr_s
_wcsdup
wcsncpy_s
iswspace
wcstok
strcmp

api-ms-win-crt-environment-l1-1-0

getenv
_wgetenv

api-ms-win-crt-math-l1-1-0

cos
sin
ceil
sqrt
pow
floor
round

api-ms-win-crt-utility-l1-1-0

bsearch
qsort

api-ms-win-crt-runtime-l1-1-0

_crt_atexit
_execute_onexit_table
_initterm_e
_initialize_onexit_table
_initialize_narrow_environment
_control87
_configure_narrow_argv
_seh_filter_dll
terminate
_cexit
_invalid_parameter_noinfo
_errno
_register_onexit_function
_beginthreadex
_initterm
_set_new_handler

api-ms-win-crt-convert-l1-1-0

_i64tow
strtod
wcstoul
_wtoi

api-ms-win-crt-locale-l1-1-0

setlocale

api-ms-win-crt-filesystem-l1-1-0

_wfullpath

api-ms-win-crt-time-l1-1-0

_localtime64
_ftime64
wcsftime

Exports

Exports

??0D3DContext@@AEAA@PEAUIDirect3D9@@I@Z
??0D3DContext@@QEAA@AEBV0@@Z
??0D3DPipelineManager@@AEAA@XZ
??0D3DVertexCacher@@AEAA@XZ
??1D3DContext@@UEAA@XZ
??1D3DPipelineManager@@AEAA@XZ
??1D3DVertexCacher@@QEAA@XZ
??4D3DContext@@QEAAAEAV0@AEBV0@@Z
??4D3DPipelineManager@@QEAAAEAV0@AEBV0@@Z
??4D3DVertexCacher@@QEAAAEAV0@AEBV0@@Z
??_7D3DContext@@6B@
?BeginScene@D3DContext@@QEAAJC@Z
?BeginShapeClip@D3DContext@@QEAAJXZ
?CheckAdaptersInfo@D3DPipelineManager@@AEAAJXZ
?CheckAndResetDevice@D3DContext@@QEAAJXZ
?CheckDeviceCaps@D3DPipelineManager@@AEAAJI@Z
?CheckForBadHardware@D3DPipelineManager@@CAJKK_J@Z
?CheckOSVersion@D3DPipelineManager@@CAJXZ
?ConfigureContext@D3DContext@@QEAAJPEAU_D3DPRESENT_PARAMETERS_@@@Z
?CreateDefaultFocusWindow@D3DPipelineManager@@AEAAPEAUHWND__@@XZ
?CreateFragmentProgram@D3DContext@@AEAAPEAUIDirect3DPixelShader9@@PEAPEAKPEAUShaderList@@J@Z
?CreateInstance@D3DContext@@SAJPEAUIDirect3D9@@IPEAPEAV1@@Z
?CreateInstance@D3DPipelineManager@@CAPEAV1@XZ
?CreateInstance@D3DVertexCacher@@SAJPEAVD3DContext@@PEAPEAV1@@Z
?D3DBL_CopyImageToIntXrgbSurface@@YAJPEAUSurfaceDataRasInfo@@HPEAVD3DResource@@JJJJJJ@Z
?D3DBL_CopySurfaceToIntArgbImage@@YAJPEAUIDirect3DSurface9@@PEAUSurfaceDataRasInfo@@JJJJJJ@Z
?D3DBlitLoops_IsoBlit@@YAJPEAUJNIEnv_@@PEAVD3DContext@@_J2EJEEJJJJNNNN@Z
?D3DBlitToSurfaceViaTexture@@YAJPEAVD3DContext@@PEAUSurfaceDataRasInfo@@HPEAU_D3DSDOps@@EJJJJJNNNN@Z
?D3DEnabledOnAdapter@D3DPipelineManager@@AEAAJI@Z
?D3DRenderer_DrawAAParallelogram@@YAJPEAVD3DContext@@MMMMMMMM@Z
?D3DRenderer_DrawLine@@YAJPEAVD3DContext@@JJJJ@Z
?D3DRenderer_DrawParallelogram@@YAJPEAVD3DContext@@MMMMMMMM@Z
?D3DRenderer_DrawPoly@@YAJPEAVD3DContext@@JEJJPEAJ1@Z
?D3DRenderer_DrawRect@@YAJPEAVD3DContext@@JJJJ@Z
?D3DRenderer_DrawScanlines@@YAJPEAVD3DContext@@JPEAJ@Z
?D3DRenderer_FillAAParallelogram@@YAJPEAVD3DContext@@MMMMMM@Z
?D3DRenderer_FillParallelogram@@YAJPEAVD3DContext@@MMMMMM@Z
?D3DRenderer_FillRect@@YAJPEAVD3DContext@@JJJJ@Z
?D3DRenderer_FillSpans@@YAJPEAVD3DContext@@JPEAJ@Z
?DeleteInstance@D3DPipelineManager@@CAXXZ
?DisableAAParallelogramProgram@D3DContext@@QEAAJXZ
?DrawLine@D3DVertexCacher@@QEAAJHHHH@Z
?DrawParallelogramAA@D3DVertexCacher@@QEAAJMMMMMMMMMMMM@Z
?DrawPoly@D3DVertexCacher@@QEAAJJEJJPEAJ0@Z
?DrawRect@D3DVertexCacher@@QEAAJHHHH@Z
?DrawScanlines@D3DVertexCacher@@QEAAJJPEAJ@Z
?DrawTexture@D3DVertexCacher@@QEAAJMMMMMMMM@Z
?DrawTexture@D3DVertexCacher@@QEAAJMMMMMMMMMMMM@Z
?EnableAAParallelogramProgram@D3DContext@@QEAAJXZ
?EnableBasicGradientProgram@D3DContext@@QEAAJJ@Z
?EnableConvolveProgram@D3DContext@@QEAAJJ@Z
?EnableFragmentProgram@D3DContext@@AEAAJPEAPEAKPEAUShaderList@@J@Z
?EnableLCDTextProgram@D3DContext@@QEAAJXZ
?EnableLinearGradientProgram@D3DContext@@QEAAJJ@Z
?EnableLookupProgram@D3DContext@@QEAAJJ@Z
?EnableRadialGradientProgram@D3DContext@@QEAAJJ@Z
?EnableRescaleProgram@D3DContext@@QEAAJJ@Z
?EndScene@D3DContext@@QEAAJXZ
?EndShapeClip@D3DContext@@QEAAJXZ
?EnsureCapacity@D3DVertexCacher@@AEAAJW4_D3DPRIMITIVETYPE@@I@Z
?FillParallelogram@D3DVertexCacher@@QEAAJMMMMMM@Z
?FillParallelogramAA@D3DVertexCacher@@QEAAJMMMMMM@Z
?FillRect@D3DVertexCacher@@QEAAJHHHH@Z
?FillSpans@D3DVertexCacher@@QEAAJJPEAJ@Z
?FlushVertexQueue@D3DContext@@QEAAJXZ
?GDICheckForBadHardware@D3DPipelineManager@@CAJXZ
?Get3DDevice@D3DContext@@QEAAPEAUIDirect3DDevice9@@XZ
?Get3DObject@D3DContext@@QEAAPEAUIDirect3D9@@XZ
?GetAdapterOrdinalByHmon@D3DPipelineManager@@AEAAIPEAUHMONITOR__@@@Z
?GetAdapterOrdinalForScreen@D3DPipelineManager@@QEAAIJ@Z
?GetClipType@D3DContext@@QEAA?AW4ClipType@@XZ
?GetColor@D3DVertexCacher@@QEAAJXZ
?GetContextCaps@D3DContext@@QEAAHXZ
?GetCurrentFocusWindow@D3DPipelineManager@@QEAAPEAUHWND__@@XZ
?GetD3DContext@D3DPipelineManager@@QEAAJIPEAPEAVD3DContext@@@Z
?GetD3DObject@D3DPipelineManager@@QEAAPEAUIDirect3D9@@XZ
?GetDeviceCaps@D3DContext@@QEAAPEAU_D3DCAPS9@@XZ
?GetDeviceType@D3DPipelineManager@@QEAA?AW4_D3DDEVTYPE@@XZ
?GetFreeVertices@D3DVertexCacher@@QEAAIXZ
?GetGrayscaleGlyphCache@D3DContext@@QEAAPEAVD3DGlyphCache@@XZ
?GetInstance@D3DPipelineManager@@SAPEAV1@XZ
?GetLCDGlyphCache@D3DContext@@QEAAPEAVD3DGlyphCache@@XZ
?GetMaskCache@D3DContext@@QEAAPEAVD3DMaskCache@@XZ
?GetMatchingDepthStencilFormat@D3DPipelineManager@@QEAA?AW4_D3DFORMAT@@IW42@0@Z
?GetPaintState@D3DContext@@QEAAJXZ
?GetPresentationParams@D3DContext@@QEAAPEAU_D3DPRESENT_PARAMETERS_@@XZ
?GetResourceManager@D3DContext@@QEAAPEAVD3DResourceManager@@XZ
?HandleAdaptersChange@D3DPipelineManager@@SAJPEAPEAUHMONITOR__@@I@Z
?HandleLostDevices@D3DPipelineManager@@QEAAJXZ
?Init@D3DVertexCacher@@QEAAJPEAVD3DContext@@@Z
?InitAdapters@D3DPipelineManager@@AEAAJXZ
?InitContext@D3DContext@@QEAAJXZ
?InitContextCaps@D3DContext@@AEAAJXZ
?InitD3D@D3DPipelineManager@@AEAAJXZ
?InitDepthStencilBuffer@D3DContext@@AEAAJPEAU_D3DSURFACE_DESC@@@Z
?InitDevice@D3DContext@@AEAAJPEAUIDirect3DDevice9@@@Z
?InitGrayscaleGlyphCache@D3DContext@@QEAAJXZ
?InitLCDGlyphCache@D3DContext@@QEAAJXZ
?IsAlphaRTSurfaceSupported@D3DContext@@QEAAHXZ
?IsAlphaRTTSupported@D3DContext@@QEAAHXZ
?IsDepthStencilBufferOk@D3DContext@@AEAAHPEAU_D3DSURFACE_DESC@@@Z
?IsDynamicTextureSupported@D3DContext@@QEAAHXZ
?IsGradientInstructionExtensionSupported@D3DContext@@QEAAHXZ
?IsHWRasterizer@D3DContext@@QEAAHXZ
?IsIdentityTx@D3DContext@@QEAAHXZ
?IsImmediateIntervalSupported@D3DContext@@QEAAHXZ
?IsMultiTexturingSupported@D3DContext@@QEAAHXZ
?IsOpaqueRTTSupported@D3DContext@@QEAAHXZ
?IsPixelShader20Supported@D3DContext@@QEAAHXZ
?IsPixelShader30Supported@D3DContext@@QEAAHXZ
?IsPow2TexturesOnly@D3DContext@@QEAAHXZ
?IsSquareTexturesOnly@D3DContext@@QEAAHXZ
?IsStretchRectFilteringSupported@D3DContext@@QEAAHW4_D3DTEXTUREFILTERTYPE@@@Z
?IsTextureFilteringSupported@D3DContext@@QEAAHW4_D3DTEXTUREFILTERTYPE@@@Z
?IsTextureFormatSupported@D3DContext@@QEAAHW4_D3DFORMAT@@K@Z
?ReleaseAdapters@D3DPipelineManager@@AEAAJXZ
?ReleaseContextResources@D3DContext@@QEAAXXZ
?ReleaseD3D@D3DPipelineManager@@AEAAJXZ
?ReleaseDefPoolResources@D3DContext@@QEAAXXZ
?ReleaseDefPoolResources@D3DVertexCacher@@QEAAXXZ
?Render@D3DVertexCacher@@QEAAJH@Z
?ResetClip@D3DContext@@QEAAJXZ
?ResetComposite@D3DContext@@QEAAJXZ
?ResetContext@D3DContext@@QEAAJXZ
?ResetTransform@D3DContext@@QEAAJXZ
?SelectDeviceType@D3DPipelineManager@@AEAA?AW4_D3DDEVTYPE@@XZ
?SetAlphaComposite@D3DContext@@QEAAJJMJ@Z
?SetColor@D3DVertexCacher@@QEAAXJ@Z
?SetFSFocusWindow@D3DPipelineManager@@QEAAPEAUHWND__@@IPEAU2@@Z
?SetPaintState@D3DContext@@QEAAXJ@Z
?SetRectClip@D3DContext@@QEAAJHHHH@Z
?SetRenderTarget@D3DContext@@QEAAJPEAUIDirect3DSurface9@@@Z
?SetTexture@D3DContext@@QEAAJPEAUIDirect3DTexture9@@K@Z
?SetTransform@D3DContext@@QEAAJNNNNNN@Z
?Sync@D3DContext@@QEAAJXZ
?UpdateState@D3DContext@@QEAAJC@Z
?UpdateTextureColorState@D3DContext@@QEAAJKK@Z
?UploadTileToTexture@D3DContext@@QEAAJPEAVD3DResource@@PEAXJJJJJJJW4TileFormat@@PEAJ3@Z
?pMgr@D3DPipelineManager@@0PEAV1@EA
AWTIsHeadless
AccelGlyphCache_RemoveAllCellInfos
DSFreeDrawingSurface
DSGetComponent
DSGetDrawingSurface
DSLockAWT
DSUnlockAWT
Disposer_AddRecord
GDIWinSD_InitDC
GDIWindowSurfaceData_GetComp
GDIWindowSurfaceData_GetOps
GDIWindowSurfaceData_GetOpsNoSetup
GDIWindowSurfaceData_GetWindow
GetNativePrim
GrPrim_CompGetAlphaInfo
GrPrim_CompGetXorColor
GrPrim_CompGetXorInfo
GrPrim_Sg2dGetClip
GrPrim_Sg2dGetCompInfo
GrPrim_Sg2dGetEaRGB
GrPrim_Sg2dGetLCDTextContrast
GrPrim_Sg2dGetPixel
J2dTraceImpl
J2dTraceInit
JNI_OnLoad
Java_java_awt_AWTEvent_initIDs
Java_java_awt_AWTEvent_nativeSetSource
Java_java_awt_Button_initIDs
Java_java_awt_CheckboxMenuItem_initIDs
Java_java_awt_Checkbox_initIDs
Java_java_awt_Choice_initIDs
Java_java_awt_Color_initIDs
Java_java_awt_Component_initIDs
Java_java_awt_Container_initIDs
Java_java_awt_Cursor_finalizeImpl
Java_java_awt_Cursor_initIDs
Java_java_awt_Dialog_initIDs
Java_java_awt_Dimension_initIDs
Java_java_awt_Event_initIDs
Java_java_awt_FileDialog_initIDs
Java_java_awt_FontMetrics_initIDs
Java_java_awt_Font_initIDs
Java_java_awt_Frame_initIDs
Java_java_awt_Insets_initIDs
Java_java_awt_KeyboardFocusManager_initIDs
Java_java_awt_Label_initIDs
Java_java_awt_MenuBar_initIDs
Java_java_awt_MenuComponent_initIDs
Java_java_awt_MenuItem_initIDs
Java_java_awt_Menu_initIDs
Java_java_awt_Rectangle_initIDs
Java_java_awt_ScrollPaneAdjustable_initIDs
Java_java_awt_ScrollPane_initIDs
Java_java_awt_Scrollbar_initIDs
Java_java_awt_TextArea_initIDs
Java_java_awt_TextField_initIDs
Java_java_awt_Toolkit_initIDs
Java_java_awt_TrayIcon_initIDs
Java_java_awt_Window_initIDs
Java_java_awt_event_InputEvent_initIDs
Java_java_awt_event_KeyEvent_initIDs
Java_java_awt_event_MouseEvent_initIDs
Java_java_awt_image_BufferedImage_initIDs
Java_java_awt_image_ColorModel_initIDs
Java_java_awt_image_IndexColorModel_initIDs
Java_java_awt_image_Kernel_initIDs
Java_java_awt_image_Raster_initIDs
Java_java_awt_image_SampleModel_initIDs
Java_java_awt_image_SinglePixelPackedSampleModel_initIDs
Java_sun_awt_DebugSettings_setCTracingOn__Z
Java_sun_awt_DebugSettings_setCTracingOn__ZLjava_lang_String_2
Java_sun_awt_DebugSettings_setCTracingOn__ZLjava_lang_String_2I
Java_sun_awt_FontDescriptor_initIDs
Java_sun_awt_PlatformFont_initIDs
Java_sun_awt_SunToolkit_closeSplashScreen
Java_sun_awt_Win32FontManager_deRegisterFontWithPlatform
Java_sun_awt_Win32FontManager_getEUDCFontFile
Java_sun_awt_Win32FontManager_registerFontWithPlatform
Java_sun_awt_Win32GraphicsConfig_getBounds
Java_sun_awt_Win32GraphicsConfig_initIDs
Java_sun_awt_Win32GraphicsDevice_configDisplayMode
Java_sun_awt_Win32GraphicsDevice_enterFullScreenExclusive
Java_sun_awt_Win32GraphicsDevice_enumDisplayModes
Java_sun_awt_Win32GraphicsDevice_exitFullScreenExclusive
Java_sun_awt_Win32GraphicsDevice_getCurrentDisplayMode
Java_sun_awt_Win32GraphicsDevice_getDefaultPixIDImpl
Java_sun_awt_Win32GraphicsDevice_getMaxConfigsImpl
Java_sun_awt_Win32GraphicsDevice_getNativeScaleX
Java_sun_awt_Win32GraphicsDevice_getNativeScaleY
Java_sun_awt_Win32GraphicsDevice_initDevice
Java_sun_awt_Win32GraphicsDevice_initIDs
Java_sun_awt_Win32GraphicsDevice_initNativeScale
Java_sun_awt_Win32GraphicsDevice_isPixFmtSupported
Java_sun_awt_Win32GraphicsDevice_makeColorModel
Java_sun_awt_Win32GraphicsDevice_setNativeScale
Java_sun_awt_Win32GraphicsEnvironment_getDefaultScreen
Java_sun_awt_Win32GraphicsEnvironment_getNumScreens
Java_sun_awt_Win32GraphicsEnvironment_getXResolution
Java_sun_awt_Win32GraphicsEnvironment_getYResolution
Java_sun_awt_Win32GraphicsEnvironment_initDisplay
Java_sun_awt_Win32GraphicsEnvironment_isVistaOS
Java_sun_awt_image_BufImgSurfaceData_initIDs
Java_sun_awt_image_BufImgSurfaceData_initRaster
Java_sun_awt_image_ByteComponentRaster_initIDs
Java_sun_awt_image_BytePackedRaster_initIDs
Java_sun_awt_image_DataBufferNative_getElem
Java_sun_awt_image_DataBufferNative_setElem
Java_sun_awt_image_GifImageDecoder_initIDs
Java_sun_awt_image_GifImageDecoder_parseImage
Java_sun_awt_image_ImageRepresentation_initIDs
Java_sun_awt_image_ImageRepresentation_setDiffICM
Java_sun_awt_image_ImageRepresentation_setICMpixels
Java_sun_awt_image_ImagingLib_convolveBI
Java_sun_awt_image_ImagingLib_convolveRaster
Java_sun_awt_image_ImagingLib_init
Java_sun_awt_image_ImagingLib_lookupByteBI
Java_sun_awt_image_ImagingLib_lookupByteRaster
Java_sun_awt_image_ImagingLib_transformBI
Java_sun_awt_image_ImagingLib_transformRaster
Java_sun_awt_image_IntegerComponentRaster_initIDs
Java_sun_awt_image_ShortComponentRaster_initIDs
Java_sun_awt_shell_Win32ShellFolder2_bindToObject
Java_sun_awt_shell_Win32ShellFolder2_combinePIDLs
Java_sun_awt_shell_Win32ShellFolder2_compareIDs
Java_sun_awt_shell_Win32ShellFolder2_compareIDsByColumn
Java_sun_awt_shell_Win32ShellFolder2_copyFirstPIDLEntry
Java_sun_awt_shell_Win32ShellFolder2_disposeIcon
Java_sun_awt_shell_Win32ShellFolder2_doGetColumnInfo
Java_sun_awt_shell_Win32ShellFolder2_doGetColumnValue
Java_sun_awt_shell_Win32ShellFolder2_extractIcon
Java_sun_awt_shell_Win32ShellFolder2_getAttributes0
Java_sun_awt_shell_Win32ShellFolder2_getDisplayNameOf
Java_sun_awt_shell_Win32ShellFolder2_getEnumObjects
Java_sun_awt_shell_Win32ShellFolder2_getExecutableType
Java_sun_awt_shell_Win32ShellFolder2_getFileSystemPath0
Java_sun_awt_shell_Win32ShellFolder2_getFolderType
Java_sun_awt_shell_Win32ShellFolder2_getIShellIcon
Java_sun_awt_shell_Win32ShellFolder2_getIcon
Java_sun_awt_shell_Win32ShellFolder2_getIconBits
Java_sun_awt_shell_Win32ShellFolder2_getIconIndex
Java_sun_awt_shell_Win32ShellFolder2_getIconResource
Java_sun_awt_shell_Win32ShellFolder2_getLinkLocation
Java_sun_awt_shell_Win32ShellFolder2_getNextChild
Java_sun_awt_shell_Win32ShellFolder2_getNextPIDLEntry
Java_sun_awt_shell_Win32ShellFolder2_getStandardViewButton0
Java_sun_awt_shell_Win32ShellFolder2_getSystemIcon
Java_sun_awt_shell_Win32ShellFolder2_hiResIconAvailable
Java_sun_awt_shell_Win32ShellFolder2_initDesktop
Java_sun_awt_shell_Win32ShellFolder2_initIDs
Java_sun_awt_shell_Win32ShellFolder2_initSpecial
Java_sun_awt_shell_Win32ShellFolder2_loadKnownFolders
Java_sun_awt_shell_Win32ShellFolder2_parseDisplayName0
Java_sun_awt_shell_Win32ShellFolder2_releaseEnumObjects
Java_sun_awt_shell_Win32ShellFolder2_releaseIShellFolder
Java_sun_awt_shell_Win32ShellFolder2_releasePIDL
Java_sun_awt_shell_Win32ShellFolderManager2_initializeCom
Java_sun_awt_shell_Win32ShellFolderManager2_uninitializeCom
Java_sun_awt_windows_ThemeReader_closeTheme
Java_sun_awt_windows_ThemeReader_getBoolean
Java_sun_awt_windows_ThemeReader_getColor
Java_sun_awt_windows_ThemeReader_getEnum
Java_sun_awt_windows_ThemeReader_getInt
Java_sun_awt_windows_ThemeReader_getPartSize
Java_sun_awt_windows_ThemeReader_getPoint
Java_sun_awt_windows_ThemeReader_getPosition
Java_sun_awt_windows_ThemeReader_getSysBoolean
Java_sun_awt_windows_ThemeReader_getThemeBackgroundContentMargins
Java_sun_awt_windows_ThemeReader_getThemeMargins
Java_sun_awt_windows_ThemeReader_getThemeTransitionDuration
Java_sun_awt_windows_ThemeReader_initThemes
Java_sun_awt_windows_ThemeReader_isThemePartDefined
Java_sun_awt_windows_ThemeReader_openTheme
Java_sun_awt_windows_ThemeReader_paintBackground
Java_sun_awt_windows_ThemeReader_setWindowTheme
Java_sun_awt_windows_WButtonPeer_create
Java_sun_awt_windows_WButtonPeer_initIDs
Java_sun_awt_windows_WButtonPeer_setLabel
Java_sun_awt_windows_WCanvasPeer_create
Java_sun_awt_windows_WCanvasPeer_setNativeBackgroundErase
Java_sun_awt_windows_WCheckboxMenuItemPeer_setState
Java_sun_awt_windows_WCheckboxPeer_create
Java_sun_awt_windows_WCheckboxPeer_getCheckMarkSize
Java_sun_awt_windows_WCheckboxPeer_setCheckboxGroup
Java_sun_awt_windows_WCheckboxPeer_setLabel
Java_sun_awt_windows_WCheckboxPeer_setState
Java_sun_awt_windows_WChoicePeer_addItems
Java_sun_awt_windows_WChoicePeer_closeList
Java_sun_awt_windows_WChoicePeer_create
Java_sun_awt_windows_WChoicePeer_remove
Java_sun_awt_windows_WChoicePeer_removeAll
Java_sun_awt_windows_WChoicePeer_reshape
Java_sun_awt_windows_WChoicePeer_select
Java_sun_awt_windows_WClipboard_closeClipboard
Java_sun_awt_windows_WClipboard_getClipboardData
Java_sun_awt_windows_WClipboard_getClipboardFormats
Java_sun_awt_windows_WClipboard_init
Java_sun_awt_windows_WClipboard_openClipboard
Java_sun_awt_windows_WClipboard_publishClipboardData
Java_sun_awt_windows_WClipboard_registerClipboardViewer
Java_sun_awt_windows_WComponentPeer__1dispose
Java_sun_awt_windows_WComponentPeer__1setBackground
Java_sun_awt_windows_WComponentPeer__1setFont
Java_sun_awt_windows_WComponentPeer__1setForeground
Java_sun_awt_windows_WComponentPeer_addNativeDropTarget
Java_sun_awt_windows_WComponentPeer_beginValidate
Java_sun_awt_windows_WComponentPeer_createPrintedPixels
Java_sun_awt_windows_WComponentPeer_disable
Java_sun_awt_windows_WComponentPeer_enable
Java_sun_awt_windows_WComponentPeer_endValidate
Java_sun_awt_windows_WComponentPeer_getLocationOnScreen
Java_sun_awt_windows_WComponentPeer_getTargetGC
Java_sun_awt_windows_WComponentPeer_hide
Java_sun_awt_windows_WComponentPeer_isObscured
Java_sun_awt_windows_WComponentPeer_nativeHandleEvent
Java_sun_awt_windows_WComponentPeer_nativeHandlesWheelScrolling
Java_sun_awt_windows_WComponentPeer_pSetParent
Java_sun_awt_windows_WComponentPeer_pShow
Java_sun_awt_windows_WComponentPeer_removeNativeDropTarget
Java_sun_awt_windows_WComponentPeer_reshape
Java_sun_awt_windows_WComponentPeer_reshapeNoCheck
Java_sun_awt_windows_WComponentPeer_setFocus
Java_sun_awt_windows_WComponentPeer_setRectangularShape
Java_sun_awt_windows_WComponentPeer_setZOrder
Java_sun_awt_windows_WComponentPeer_start
Java_sun_awt_windows_WComponentPeer_updateWindow
Java_sun_awt_windows_WCustomCursor_createCursorIndirect
Java_sun_awt_windows_WCustomCursor_getCursorHeight
Java_sun_awt_windows_WCustomCursor_getCursorWidth
Java_sun_awt_windows_WDataTransferer_dragQueryFile
Java_sun_awt_windows_WDataTransferer_getClipboardFormatName
Java_sun_awt_windows_WDataTransferer_imageDataToPlatformImageBytes
Java_sun_awt_windows_WDataTransferer_platformImageBytesToImageData
Java_sun_awt_windows_WDataTransferer_registerClipboardFormat
Java_sun_awt_windows_WDefaultFontCharset_canConvert
Java_sun_awt_windows_WDefaultFontCharset_initIDs
Java_sun_awt_windows_WDesktopPeer_ShellExecute
Java_sun_awt_windows_WDesktopPeer_init
Java_sun_awt_windows_WDesktopPeer_moveToTrash
Java_sun_awt_windows_WDesktopPeer_setSuddenTerminationEnabled
Java_sun_awt_windows_WDesktopProperties_getWindowsParameters
Java_sun_awt_windows_WDesktopProperties_init
Java_sun_awt_windows_WDesktopProperties_initIDs
Java_sun_awt_windows_WDesktopProperties_playWindowsSound
Java_sun_awt_windows_WDialogPeer_createAwtDialog
Java_sun_awt_windows_WDialogPeer_endModal
Java_sun_awt_windows_WDialogPeer_pSetIMMOption
Java_sun_awt_windows_WDialogPeer_showModal
Java_sun_awt_windows_WDragSourceContextPeer_createDragSource
Java_sun_awt_windows_WDragSourceContextPeer_doDragDrop
Java_sun_awt_windows_WDragSourceContextPeer_setNativeCursor
Java_sun_awt_windows_WDropTargetContextPeerFileStream_freeStgMedium
Java_sun_awt_windows_WDropTargetContextPeerIStream_Available
Java_sun_awt_windows_WDropTargetContextPeerIStream_Close
Java_sun_awt_windows_WDropTargetContextPeerIStream_Read
Java_sun_awt_windows_WDropTargetContextPeerIStream_ReadBytes
Java_sun_awt_windows_WDropTargetContextPeer_dropDone
Java_sun_awt_windows_WDropTargetContextPeer_getData
Java_sun_awt_windows_WEmbeddedFramePeer_create
Java_sun_awt_windows_WEmbeddedFramePeer_getBoundsPrivate
Java_sun_awt_windows_WEmbeddedFrame_initIDs
Java_sun_awt_windows_WEmbeddedFrame_isPrinterDC
Java_sun_awt_windows_WEmbeddedFrame_notifyModalBlockedImpl
Java_sun_awt_windows_WEmbeddedFrame_printBand
Java_sun_awt_windows_WFileDialogPeer__1dispose
Java_sun_awt_windows_WFileDialogPeer__1hide
Java_sun_awt_windows_WFileDialogPeer__1show
Java_sun_awt_windows_WFileDialogPeer_getLocationOnScreen
Java_sun_awt_windows_WFileDialogPeer_initIDs
Java_sun_awt_windows_WFileDialogPeer_setFilterString
Java_sun_awt_windows_WFileDialogPeer_toBack
Java_sun_awt_windows_WFileDialogPeer_toFront
Java_sun_awt_windows_WFontMetrics_bytesWidth
Java_sun_awt_windows_WFontMetrics_charsWidth
Java_sun_awt_windows_WFontMetrics_init
Java_sun_awt_windows_WFontMetrics_initIDs
Java_sun_awt_windows_WFontMetrics_stringWidth
Java_sun_awt_windows_WFontPeer_initIDs
Java_sun_awt_windows_WFramePeer_clearMaximizedBounds
Java_sun_awt_windows_WFramePeer_createAwtFrame
Java_sun_awt_windows_WFramePeer_getState
Java_sun_awt_windows_WFramePeer_getSysMenuHeight
Java_sun_awt_windows_WFramePeer_initIDs
Java_sun_awt_windows_WFramePeer_pSetIMMOption
Java_sun_awt_windows_WFramePeer_setMaximizedBounds
Java_sun_awt_windows_WFramePeer_setMenuBar0
Java_sun_awt_windows_WFramePeer_setState
Java_sun_awt_windows_WFramePeer_synthesizeWmActivate
Java_sun_awt_windows_WGlobalCursorManager_findHeavyweightUnderCursor
Java_sun_awt_windows_WGlobalCursorManager_getCursorPos
Java_sun_awt_windows_WGlobalCursorManager_getLocationOnScreen
Java_sun_awt_windows_WGlobalCursorManager_setCursor
Java_sun_awt_windows_WInputMethodDescriptor_getNativeAvailableLocales
Java_sun_awt_windows_WInputMethod_createNativeContext
Java_sun_awt_windows_WInputMethod_destroyNativeContext
Java_sun_awt_windows_WInputMethod_disableNativeIME
Java_sun_awt_windows_WInputMethod_enableNativeIME
Java_sun_awt_windows_WInputMethod_endCompositionNative
Java_sun_awt_windows_WInputMethod_getConversionStatus
Java_sun_awt_windows_WInputMethod_getNativeIMMDescription
Java_sun_awt_windows_WInputMethod_getNativeLocale
Java_sun_awt_windows_WInputMethod_getOpenStatus
Java_sun_awt_windows_WInputMethod_handleNativeIMEEvent
Java_sun_awt_windows_WInputMethod_isCompositionStringAvailable
Java_sun_awt_windows_WInputMethod_openCandidateWindow
Java_sun_awt_windows_WInputMethod_setConversionStatus
Java_sun_awt_windows_WInputMethod_setNativeLocale
Java_sun_awt_windows_WInputMethod_setOpenStatus
Java_sun_awt_windows_WInputMethod_setStatusWindowVisible
Java_sun_awt_windows_WKeyboardFocusManagerPeer_getNativeFocusOwner
Java_sun_awt_windows_WKeyboardFocusManagerPeer_getNativeFocusedWindow
Java_sun_awt_windows_WKeyboardFocusManagerPeer_setNativeFocusOwner
Java_sun_awt_windows_WLabelPeer_create
Java_sun_awt_windows_WLabelPeer_lazyPaint
Java_sun_awt_windows_WLabelPeer_setAlignment
Java_sun_awt_windows_WLabelPeer_setText
Java_sun_awt_windows_WLightweightFramePeer_overrideNativeHandle
Java_sun_awt_windows_WListPeer_addItems
Java_sun_awt_windows_WListPeer_create
Java_sun_awt_windows_WListPeer_delItems
Java_sun_awt_windows_WListPeer_deselect
Java_sun_awt_windows_WListPeer_getMaxWidth
Java_sun_awt_windows_WListPeer_isSelected
Java_sun_awt_windows_WListPeer_makeVisible
Java_sun_awt_windows_WListPeer_select
Java_sun_awt_windows_WListPeer_setMultipleSelections
Java_sun_awt_windows_WListPeer_updateMaxItemWidth
Java_sun_awt_windows_WMenuBarPeer_addMenu
Java_sun_awt_windows_WMenuBarPeer_create
Java_sun_awt_windows_WMenuBarPeer_delMenu
Java_sun_awt_windows_WMenuItemPeer__1dispose
Java_sun_awt_windows_WMenuItemPeer__1setFont
Java_sun_awt_windows_WMenuItemPeer__1setLabel
Java_sun_awt_windows_WMenuItemPeer_create
Java_sun_awt_windows_WMenuItemPeer_enable
Java_sun_awt_windows_WMenuItemPeer_initIDs
Java_sun_awt_windows_WMenuPeer_createMenu
Java_sun_awt_windows_WMenuPeer_createSubMenu
Java_sun_awt_windows_WMenuPeer_delItem
Java_sun_awt_windows_WMouseInfoPeer_fillPointWithCoords
Java_sun_awt_windows_WMouseInfoPeer_isWindowUnderMouse
Java_sun_awt_windows_WObjectPeer_initIDs
Java_sun_awt_windows_WPageDialogPeer__1show
Java_sun_awt_windows_WPageDialog_initIDs
Java_sun_awt_windows_WPanelPeer_initIDs
Java_sun_awt_windows_WPopupMenuPeer__1show
Java_sun_awt_windows_WPopupMenuPeer_createMenu
Java_sun_awt_windows_WPrintDialogPeer__1show
Java_sun_awt_windows_WPrintDialogPeer_initIDs
Java_sun_awt_windows_WPrintDialogPeer_toBack
Java_sun_awt_windows_WPrintDialogPeer_toFront
Java_sun_awt_windows_WPrintDialog_initIDs
Java_sun_awt_windows_WPrinterJob__1startDoc
Java_sun_awt_windows_WPrinterJob_abortDoc
Java_sun_awt_windows_WPrinterJob_beginPath
Java_sun_awt_windows_WPrinterJob_closeFigure
Java_sun_awt_windows_WPrinterJob_deleteDC
Java_sun_awt_windows_WPrinterJob_deviceEndPage
Java_sun_awt_windows_WPrinterJob_deviceStartPage
Java_sun_awt_windows_WPrinterJob_drawDIBImage
Java_sun_awt_windows_WPrinterJob_endDoc
Java_sun_awt_windows_WPrinterJob_endPath

Sections

.text
Size: 954KB - Virtual size: 953KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 288KB - Virtual size: 288KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 196KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Nursultan Alpha/dt_shmem.dll
.dll windows:6 windows x64 arch:x64

a6030c7e1f1d030e1b27153c1c018ed6

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

03:72:bc:44:f5:59:f6:94:64:40:b5:8d:0a:19:21:a0
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

27/06/2023, 00:00

Not After

26/06/2026, 23:59

Subject

CN=Azul Systems\, Inc.,O=Azul Systems\, Inc.,L=Sunnyvale,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

d2:0b:87:2e:d1:19:89:49:04:25:85:e4:fb:b7:97:22:8b:0e:33:de:ec:ec:e3:55:f5:8e:fc:60:d4:35:47:a8
Signer

Actual PE Digest

d2:0b:87:2e:d1:19:89:49:04:25:85:e4:fb:b7:97:22:8b:0e:33:de:ec:ec:e3:55:f5:8e:fc:60:d4:35:47:a8

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

dt_shmem.pdb

Imports

kernel32

CloseHandle
GetLastError
SetEvent
ReleaseMutex
CreateMutexA
CreateEventA
OpenEventA
Sleep
WaitForMultipleObjects
GetCurrentProcessId
TlsAlloc
TlsGetValue
TlsSetValue
OpenProcess
MapViewOfFile
UnmapViewOfFile
FormatMessageA
OpenMutexA
CreateFileMappingA
OpenFileMappingA
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead
IsDebuggerPresent

vcruntime140

memset
memcpy
__C_specific_handler
__std_type_info_destroy_list

api-ms-win-crt-heap-l1-1-0

malloc
free

api-ms-win-crt-stdio-l1-1-0

__acrt_iob_func
__stdio_common_vsprintf
__stdio_common_vfprintf

api-ms-win-crt-string-l1-1-0

strlen
strcat
strcpy

api-ms-win-crt-runtime-l1-1-0

_cexit
_execute_onexit_table
exit
_initterm
_initterm_e
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table

Exports

Exports

Java_com_sun_tools_jdi_SharedMemoryConnection_close0
Java_com_sun_tools_jdi_SharedMemoryConnection_receiveByte0
Java_com_sun_tools_jdi_SharedMemoryConnection_receivePacket0
Java_com_sun_tools_jdi_SharedMemoryConnection_sendByte0
Java_com_sun_tools_jdi_SharedMemoryConnection_sendPacket0
Java_com_sun_tools_jdi_SharedMemoryTransportService_accept0
Java_com_sun_tools_jdi_SharedMemoryTransportService_attach0
Java_com_sun_tools_jdi_SharedMemoryTransportService_initialize
Java_com_sun_tools_jdi_SharedMemoryTransportService_name
Java_com_sun_tools_jdi_SharedMemoryTransportService_startListening0
Java_com_sun_tools_jdi_SharedMemoryTransportService_stopListening0
jdwpTransport_OnLoad

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 888B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Nursultan Alpha/dt_socket.dll
.dll windows:6 windows x64 arch:x64

83ad103e7555dd523ba4ba6ff6fb8af1

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

03:72:bc:44:f5:59:f6:94:64:40:b5:8d:0a:19:21:a0
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

27/06/2023, 00:00

Not After

26/06/2026, 23:59

Subject

CN=Azul Systems\, Inc.,O=Azul Systems\, Inc.,L=Sunnyvale,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

ab:a8:19:0d:5d:e4:b6:9e:93:0e:a3:db:8a:02:8d:bb:0c:0e:c0:88:c3:e6:17:fb:a2:a1:86:d2:74:7f:69:67
Signer

Actual PE Digest

ab:a8:19:0d:5d:e4:b6:9e:93:0e:a3:db:8a:02:8d:bb:0c:0e:c0:88:c3:e6:17:fb:a2:a1:86:d2:74:7f:69:67

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

dt_socket.pdb

Imports

ws2_32

recv
ntohs
ntohl
listen
htons
htonl
getsockopt
send
ioctlsocket
setsockopt
connect
closesocket
bind
accept
__WSAFDIsSet
inet_pton
getnameinfo
freeaddrinfo
shutdown
socket
getprotobyname
select
getaddrinfo
WSAGetLastError
WSACleanup
getsockname
WSAStartup

iphlpapi

if_nametoindex

kernel32

IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
SystemTimeToFileTime
GetSystemTime
TlsSetValue
TlsGetValue
TlsAlloc
SetHandleInformation
UnhandledExceptionFilter
IsProcessorFeaturePresent

vcruntime140

__std_type_info_destroy_list
__C_specific_handler
strrchr
strchr
memset
memcpy
memcmp

api-ms-win-crt-stdio-l1-1-0

__acrt_iob_func
__stdio_common_vfprintf
__stdio_common_vsprintf

api-ms-win-crt-string-l1-1-0

strcpy
strlen
strcat
strpbrk
strncmp
strcmp

api-ms-win-crt-convert-l1-1-0

strtoul

api-ms-win-crt-runtime-l1-1-0

_cexit
_execute_onexit_table
_initialize_onexit_table
_initialize_narrow_environment
_initterm
_initterm_e
_seh_filter_dll
_configure_narrow_argv

Exports

Exports

jdwpTransport_OnLoad

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 876B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 892B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Nursultan Alpha/fontmanager.dll
.dll windows:6 windows x64 arch:x64

d4a49c1cd5c35588611c50c96bc70ed0

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

03:72:bc:44:f5:59:f6:94:64:40:b5:8d:0a:19:21:a0
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

27/06/2023, 00:00

Not After

26/06/2026, 23:59

Subject

CN=Azul Systems\, Inc.,O=Azul Systems\, Inc.,L=Sunnyvale,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

4a:24:cb:02:9d:a2:13:71:3d:d8:e6:c7:18:a1:09:ea:9f:c8:6e:68:62:ed:0b:f4:db:29:9a:2a:ba:b7:12:84
Signer

Actual PE Digest

4a:24:cb:02:9d:a2:13:71:3d:d8:e6:c7:18:a1:09:ea:9f:c8:6e:68:62:ed:0b:f4:db:29:9a:2a:ba:b7:12:84

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

fontmanager.pdb

Imports

freetype

FT_Init_FreeType
FT_Open_Face
FT_Property_Set
FT_Library_SetLcdFilter
FT_Outline_Embolden
FT_Outline_Translate
FT_Outline_Get_CBox
FT_Outline_Decompose
FT_Activate_Size
FT_Outline_Get_BBox
FT_Matrix_Multiply
FT_MulFix
FT_Get_Char_Index
FT_Render_Glyph
FT_Set_Transform
FT_Load_Glyph
FT_Set_Char_Size
FT_New_Memory_Face
FT_Done_FreeType
FT_Done_Face

java

JNU_ThrowArrayIndexOutOfBoundsException
JNU_NewStringPlatform
JNU_ThrowInternalError
JNU_ThrowOutOfMemoryError

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryInfoKeyW
RegEnumValueW

user32

FillRect
GetWindowDC
GetDesktopWindow
ReleaseDC
GetDC
SystemParametersInfoA

gdi32

GetDIBits
GetDeviceCaps
DeleteObject
CreateFontIndirectW
GetGlyphOutlineA
CreateCompatibleBitmap
EnumFontFamiliesExW
SetTextColor
GetTextMetricsA
ExtTextOutW
GetFontData
GetStockObject
SelectObject
CreateCompatibleDC
SetMapMode
SetBkColor

awt

GrPrim_Sg2dGetCompInfo
GrPrim_Sg2dGetClip
GrPrim_Sg2dGetPixel
SurfaceData_GetOps
GetNativePrim
SurfaceData_InitOps
GrPrim_Sg2dGetEaRGB
AccelGlyphCache_RemoveAllCellInfos
GrPrim_Sg2dGetLCDTextContrast
SurfaceData_IntersectBounds

kernel32

GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead
IsDebuggerPresent
SetUnhandledExceptionFilter
GetCurrentProcess
GetCurrentThreadId
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
InitializeCriticalSection
GetSystemDirectoryA
GetWindowsDirectoryA
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
TerminateProcess
UnhandledExceptionFilter

vcruntime140

memset
strrchr
wcsrchr
strstr
memcpy
memmove
strchr
memcmp
__C_specific_handler
__std_type_info_destroy_list
wcsstr

api-ms-win-crt-heap-l1-1-0

realloc
calloc
malloc
free

api-ms-win-crt-math-l1-1-0

sqrt
pow
floor
cosf
sinf
tanf
_hypotf
floorf
ceilf

api-ms-win-crt-environment-l1-1-0

getenv

api-ms-win-crt-convert-l1-1-0

strtol

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf
__stdio_common_vfprintf
__acrt_iob_func

api-ms-win-crt-string-l1-1-0

strncpy
_wcsicmp
_stricmp
strncmp
strcmp

api-ms-win-crt-runtime-l1-1-0

_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_seh_filter_dll
_cexit
_initterm
_execute_onexit_table
_errno
_initterm_e

Exports

Exports

Java_sun_awt_Win32FontManager_getFontPath
Java_sun_awt_Win32FontManager_populateFontFileNameMap0
Java_sun_font_ColorGlyphSurfaceData_initOps
Java_sun_font_ColorGlyphSurfaceData_setCurrentGlyph
Java_sun_font_FileFontStrike__1getGlyphImageFromWindows
Java_sun_font_FileFontStrike_initNative
Java_sun_font_FreetypeFontScaler_createScalerContextNative
Java_sun_font_FreetypeFontScaler_disposeNativeScaler
Java_sun_font_FreetypeFontScaler_getFontMetricsNative
Java_sun_font_FreetypeFontScaler_getGlyphAdvanceNative
Java_sun_font_FreetypeFontScaler_getGlyphCodeNative
Java_sun_font_FreetypeFontScaler_getGlyphImageNative
Java_sun_font_FreetypeFontScaler_getGlyphMetricsNative
Java_sun_font_FreetypeFontScaler_getGlyphOutlineBoundsNative
Java_sun_font_FreetypeFontScaler_getGlyphOutlineNative
Java_sun_font_FreetypeFontScaler_getGlyphPointNative
Java_sun_font_FreetypeFontScaler_getGlyphVectorOutlineNative
Java_sun_font_FreetypeFontScaler_getMissingGlyphCodeNative
Java_sun_font_FreetypeFontScaler_getNumGlyphsNative
Java_sun_font_FreetypeFontScaler_getUnitsPerEMNative
Java_sun_font_FreetypeFontScaler_initIDs
Java_sun_font_FreetypeFontScaler_initNativeScaler
Java_sun_font_NullFontScaler_getGlyphImage
Java_sun_font_NullFontScaler_getNullScalerContext
Java_sun_font_StrikeCache_freeIntMemory
Java_sun_font_StrikeCache_freeIntPointer
Java_sun_font_StrikeCache_freeLongMemory
Java_sun_font_StrikeCache_freeLongPointer
Java_sun_font_StrikeCache_getGlyphCacheDescription
Java_sun_font_SunFontManager_initIDs
Java_sun_font_SunLayoutEngine_createFace
Java_sun_font_SunLayoutEngine_disposeFace
Java_sun_font_SunLayoutEngine_shape
Java_sun_java2d_loops_DrawGlyphListAA_DrawGlyphListAA
Java_sun_java2d_loops_DrawGlyphListLCD_DrawGlyphListLCD
Java_sun_java2d_loops_DrawGlyphList_DrawGlyphList
getSunFontIDs
isNullScalerContext

Sections

.text
Size: 554KB - Virtual size: 554KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 230KB - Virtual size: 230KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 900B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Nursultan Alpha/freetype.dll
.dll windows:6 windows x64 arch:x64

1d0701f397473e809596b2f46cd100dc

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

03:72:bc:44:f5:59:f6:94:64:40:b5:8d:0a:19:21:a0
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

27/06/2023, 00:00

Not After

26/06/2026, 23:59

Subject

CN=Azul Systems\, Inc.,O=Azul Systems\, Inc.,L=Sunnyvale,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

79:16:73:3f:15:1e:54:47:5c:20:20:e3:c4:3c:ae:d7:60:45:1f:85:04:49:bf:2e:af:43:a8:97:bd:a8:64:2b
Signer

Actual PE Digest

79:16:73:3f:15:1e:54:47:5c:20:20:e3:c4:3c:ae:d7:60:45:1f:85:04:49:bf:2e:af:43:a8:97:bd:a8:64:2b

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

freetype.pdb

Imports

kernel32

RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead
IsDebuggerPresent

vcruntime140

memset
memcpy
strstr
memcmp
memmove
longjmp
strrchr
memchr
__intrinsic_setjmp
__C_specific_handler
__std_type_info_destroy_list

api-ms-win-crt-convert-l1-1-0

strtol

api-ms-win-crt-string-l1-1-0

strncmp
strcmp
strncpy

api-ms-win-crt-utility-l1-1-0

qsort

api-ms-win-crt-environment-l1-1-0

getenv

api-ms-win-crt-stdio-l1-1-0

ftell
fseek
fread
fopen
fclose

api-ms-win-crt-heap-l1-1-0

malloc
free
realloc

api-ms-win-crt-runtime-l1-1-0

_execute_onexit_table
_configure_narrow_argv
_cexit
_initterm
_initterm_e
_seh_filter_dll
_initialize_onexit_table
_initialize_narrow_environment

Exports

Exports

FT_Activate_Size
FT_Add_Default_Modules
FT_Add_Module
FT_Angle_Diff
FT_Atan2
FT_Attach_File
FT_Attach_Stream
FT_Bitmap_Blend
FT_Bitmap_Convert
FT_Bitmap_Copy
FT_Bitmap_Done
FT_Bitmap_Embolden
FT_Bitmap_Init
FT_Bitmap_New
FT_CeilFix
FT_Cos
FT_DivFix
FT_Done_Face
FT_Done_FreeType
FT_Done_Glyph
FT_Done_Library
FT_Done_MM_Var
FT_Done_Size
FT_Face_CheckTrueTypePatents
FT_Face_GetCharVariantIndex
FT_Face_GetCharVariantIsDefault
FT_Face_GetCharsOfVariant
FT_Face_GetVariantSelectors
FT_Face_GetVariantsOfChar
FT_Face_Properties
FT_Face_SetUnpatentedHinting
FT_FloorFix
FT_Get_Advance
FT_Get_Advances
FT_Get_CID_From_Glyph_Index
FT_Get_CID_Is_Internally_CID_Keyed
FT_Get_CID_Registry_Ordering_Supplement
FT_Get_CMap_Format
FT_Get_CMap_Language_ID
FT_Get_Char_Index
FT_Get_Charmap_Index
FT_Get_Color_Glyph_ClipBox
FT_Get_Color_Glyph_Layer
FT_Get_Color_Glyph_Paint
FT_Get_Colorline_Stops
FT_Get_FSType_Flags
FT_Get_First_Char
FT_Get_Font_Format
FT_Get_Gasp
FT_Get_Glyph
FT_Get_Glyph_Name
FT_Get_Kerning
FT_Get_MM_Blend_Coordinates
FT_Get_MM_Var
FT_Get_MM_WeightVector
FT_Get_Module
FT_Get_Multi_Master
FT_Get_Name_Index
FT_Get_Next_Char
FT_Get_PS_Font_Info
FT_Get_PS_Font_Private
FT_Get_PS_Font_Value
FT_Get_Paint
FT_Get_Paint_Layers
FT_Get_Postscript_Name
FT_Get_Renderer
FT_Get_Sfnt_LangTag
FT_Get_Sfnt_Name
FT_Get_Sfnt_Name_Count
FT_Get_Sfnt_Table
FT_Get_SubGlyph_Info
FT_Get_Track_Kerning
FT_Get_Transform
FT_Get_TrueType_Engine_Type
FT_Get_Var_Axis_Flags
FT_Get_Var_Blend_Coordinates
FT_Get_Var_Design_Coordinates
FT_Get_X11_Font_Format
FT_GlyphSlot_Embolden
FT_GlyphSlot_Oblique
FT_GlyphSlot_Own_Bitmap
FT_GlyphSlot_Slant
FT_Glyph_Copy
FT_Glyph_Get_CBox
FT_Glyph_Stroke
FT_Glyph_StrokeBorder
FT_Glyph_To_Bitmap
FT_Glyph_Transform
FT_Has_PS_Glyph_Names
FT_Init_FreeType
FT_Library_SetLcdFilter
FT_Library_SetLcdFilterWeights
FT_Library_SetLcdGeometry
FT_Library_Version
FT_List_Add
FT_List_Finalize
FT_List_Find
FT_List_Insert
FT_List_Iterate
FT_List_Remove
FT_List_Up
FT_Load_Char
FT_Load_Glyph
FT_Load_Sfnt_Table
FT_Matrix_Invert
FT_Matrix_Multiply
FT_MulDiv
FT_MulFix
FT_New_Face
FT_New_Glyph
FT_New_Library
FT_New_Memory_Face
FT_New_Size
FT_Open_Face
FT_Outline_Check
FT_Outline_Copy
FT_Outline_Decompose
FT_Outline_Done
FT_Outline_Embolden
FT_Outline_EmboldenXY
FT_Outline_GetInsideBorder
FT_Outline_GetOutsideBorder
FT_Outline_Get_BBox
FT_Outline_Get_Bitmap
FT_Outline_Get_CBox
FT_Outline_Get_Orientation
FT_Outline_New
FT_Outline_Render
FT_Outline_Reverse
FT_Outline_Transform
FT_Outline_Translate
FT_Palette_Data_Get
FT_Palette_Select
FT_Palette_Set_Foreground_Color
FT_Property_Get
FT_Property_Set
FT_Reference_Face
FT_Reference_Library
FT_Remove_Module
FT_Render_Glyph
FT_Request_Size
FT_RoundFix
FT_Select_Charmap
FT_Select_Size
FT_Set_Char_Size
FT_Set_Charmap
FT_Set_Debug_Hook
FT_Set_Default_Log_Handler
FT_Set_Default_Properties
FT_Set_Log_Handler
FT_Set_MM_Blend_Coordinates
FT_Set_MM_Design_Coordinates
FT_Set_MM_WeightVector
FT_Set_Named_Instance
FT_Set_Pixel_Sizes
FT_Set_Renderer
FT_Set_Transform
FT_Set_Var_Blend_Coordinates
FT_Set_Var_Design_Coordinates
FT_Sfnt_Table_Info
FT_Sin
FT_Stroker_BeginSubPath
FT_Stroker_ConicTo
FT_Stroker_CubicTo
FT_Stroker_Done
FT_Stroker_EndSubPath
FT_Stroker_Export
FT_Stroker_ExportBorder
FT_Stroker_GetBorderCounts
FT_Stroker_GetCounts
FT_Stroker_LineTo
FT_Stroker_New
FT_Stroker_ParseOutline
FT_Stroker_Rewind
FT_Stroker_Set
FT_Tan
FT_Trace_Set_Default_Level
FT_Trace_Set_Level
FT_Vector_From_Polar
FT_Vector_Length
FT_Vector_Polarize
FT_Vector_Rotate
FT_Vector_Transform
FT_Vector_Unit
TT_New_Context
TT_RunIns

Sections

.text
Size: 360KB - Virtual size: 360KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 137KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Nursultan Alpha/instrument.dll
.dll windows:6 windows x64 arch:x64

eab6d3c185c000b807c2cc89514ab40c

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

03:72:bc:44:f5:59:f6:94:64:40:b5:8d:0a:19:21:a0
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

27/06/2023, 00:00

Not After

26/06/2026, 23:59

Subject

CN=Azul Systems\, Inc.,O=Azul Systems\, Inc.,L=Sunnyvale,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

17:2f:f2:b0:0c:36:99:55:86:12:b7:98:25:71:47:0b:2d:88:22:f7:d2:d7:1b:c3:59:0d:7a:0f:85:5e:db:2b
Signer

Actual PE Digest

17:2f:f2:b0:0c:36:99:55:86:12:b7:98:25:71:47:0b:2d:88:22:f7:d2:d7:1b:c3:59:0d:7a:0f:85:5e:db:2b

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

instrument.pdb

Imports

java

JDK_Canonicalize

jli

JLI_ManifestIterate

kernel32

SetUnhandledExceptionFilter
IsDebuggerPresent
InitializeSListHead
MultiByteToWideChar
WideCharToMultiByte
GetACP
GetLocaleInfoA
GetUserDefaultLCID
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls

vcruntime140

__C_specific_handler
__std_type_info_destroy_list
memcpy
strchr
memset
strrchr

api-ms-win-crt-heap-l1-1-0

realloc
calloc
free
malloc

api-ms-win-crt-convert-l1-1-0

atoi

api-ms-win-crt-stdio-l1-1-0

__acrt_iob_func
__stdio_common_vfprintf

api-ms-win-crt-string-l1-1-0

strlen
strcpy
strncpy
_strdup
_stricmp

api-ms-win-crt-runtime-l1-1-0

_execute_onexit_table
_initialize_narrow_environment
_cexit
_initterm
_initterm_e
_seh_filter_dll
_configure_narrow_argv
_initialize_onexit_table

Exports

Exports

Agent_OnAttach
Agent_OnLoad
Agent_OnUnload
Java_sun_instrument_InstrumentationImpl_appendToClassLoaderSearch0
Java_sun_instrument_InstrumentationImpl_getAllLoadedClasses0
Java_sun_instrument_InstrumentationImpl_getInitiatedClasses0
Java_sun_instrument_InstrumentationImpl_getObjectSize0
Java_sun_instrument_InstrumentationImpl_isModifiableClass0
Java_sun_instrument_InstrumentationImpl_isRetransformClassesSupported0
Java_sun_instrument_InstrumentationImpl_loadAgent0
Java_sun_instrument_InstrumentationImpl_redefineClasses0
Java_sun_instrument_InstrumentationImpl_retransformClasses0
Java_sun_instrument_InstrumentationImpl_setHasRetransformableTransformers
Java_sun_instrument_InstrumentationImpl_setHasTransformers
Java_sun_instrument_InstrumentationImpl_setNativeMethodPrefixes

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 896B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Nursultan Alpha/j2gss.dll
.dll windows:6 windows x64 arch:x64

854e2e696f5b156acbad82967ba7d9e5

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

03:72:bc:44:f5:59:f6:94:64:40:b5:8d:0a:19:21:a0
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

27/06/2023, 00:00

Not After

26/06/2026, 23:59

Subject

CN=Azul Systems\, Inc.,O=Azul Systems\, Inc.,L=Sunnyvale,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

2d:b1:df:c8:ba:d1:0d:1a:5e:d1:34:4f:4a:8e:b5:02:08:bc:bc:0b:94:16:d3:0a:b0:be:1e:19:c2:92:ca:00
Signer

Actual PE Digest

2d:b1:df:c8:ba:d1:0d:1a:5e:d1:34:4f:4a:8e:b5:02:08:bc:bc:0b:94:16:d3:0a:b0:be:1e:19:c2:92:ca:00

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

j2gss.pdb

Imports

kernel32

GetLastError
FormatMessageA
CloseHandle
GetProcAddress
LoadLibraryA
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead
IsDebuggerPresent

vcruntime140

memcmp
memset
__C_specific_handler
__std_type_info_destroy_list

api-ms-win-crt-stdio-l1-1-0

fflush
__acrt_iob_func
__stdio_common_vfprintf

api-ms-win-crt-heap-l1-1-0

malloc
free

api-ms-win-crt-runtime-l1-1-0

_cexit
_initterm
_initterm_e
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_execute_onexit_table

Exports

Exports

JNI_OnLoad
JNI_OnUnload
Java_sun_security_jgss_wrapper_GSSLibStub_acceptContext
Java_sun_security_jgss_wrapper_GSSLibStub_acquireCred
Java_sun_security_jgss_wrapper_GSSLibStub_canonicalizeName
Java_sun_security_jgss_wrapper_GSSLibStub_compareName
Java_sun_security_jgss_wrapper_GSSLibStub_deleteContext
Java_sun_security_jgss_wrapper_GSSLibStub_displayName
Java_sun_security_jgss_wrapper_GSSLibStub_exportContext
Java_sun_security_jgss_wrapper_GSSLibStub_exportName
Java_sun_security_jgss_wrapper_GSSLibStub_getContextMech
Java_sun_security_jgss_wrapper_GSSLibStub_getContextName
Java_sun_security_jgss_wrapper_GSSLibStub_getContextTime
Java_sun_security_jgss_wrapper_GSSLibStub_getCredName
Java_sun_security_jgss_wrapper_GSSLibStub_getCredTime
Java_sun_security_jgss_wrapper_GSSLibStub_getCredUsage
Java_sun_security_jgss_wrapper_GSSLibStub_getMechPtr
Java_sun_security_jgss_wrapper_GSSLibStub_getMic
Java_sun_security_jgss_wrapper_GSSLibStub_importContext
Java_sun_security_jgss_wrapper_GSSLibStub_importName
Java_sun_security_jgss_wrapper_GSSLibStub_indicateMechs
Java_sun_security_jgss_wrapper_GSSLibStub_init
Java_sun_security_jgss_wrapper_GSSLibStub_initContext
Java_sun_security_jgss_wrapper_GSSLibStub_inquireContext
Java_sun_security_jgss_wrapper_GSSLibStub_inquireNamesForMech
Java_sun_security_jgss_wrapper_GSSLibStub_releaseCred
Java_sun_security_jgss_wrapper_GSSLibStub_releaseName
Java_sun_security_jgss_wrapper_GSSLibStub_unwrap
Java_sun_security_jgss_wrapper_GSSLibStub_verifyMic
Java_sun_security_jgss_wrapper_GSSLibStub_wrap
Java_sun_security_jgss_wrapper_GSSLibStub_wrapSizeLimit

Sections

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 876B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Nursultan Alpha/j2pcsc.dll
.dll windows:6 windows x64 arch:x64

84a048f45e64e733e74f38ef888fc52a

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

03:72:bc:44:f5:59:f6:94:64:40:b5:8d:0a:19:21:a0
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

27/06/2023, 00:00

Not After

26/06/2026, 23:59

Subject

CN=Azul Systems\, Inc.,O=Azul Systems\, Inc.,L=Sunnyvale,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

9b:81:18:87:ba:e5:45:40:91:62:d8:c1:ae:f2:7a:c9:19:8d:c8:79:b9:74:42:9e:d6:a7:41:c5:5c:ac:3d:c9
Signer

Actual PE Digest

9b:81:18:87:ba:e5:45:40:91:62:d8:c1:ae:f2:7a:c9:19:8d:c8:79:b9:74:42:9e:d6:a7:41:c5:5c:ac:3d:c9

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

j2pcsc.pdb

Imports

winscard

SCardConnectA
SCardDisconnect
SCardListReadersA
SCardEstablishContext
SCardBeginTransaction
SCardEndTransaction
SCardStatusA
SCardTransmit
SCardControl
SCardGetStatusChangeA

kernel32

IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess

vcruntime140

__std_type_info_destroy_list
__C_specific_handler
memset

api-ms-win-crt-heap-l1-1-0

free
malloc
calloc

api-ms-win-crt-string-l1-1-0

strlen
_strdup

api-ms-win-crt-runtime-l1-1-0

_initterm
_initterm_e
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_execute_onexit_table
_cexit

Exports

Exports

JNI_OnLoad
Java_sun_security_smartcardio_PCSC_SCardBeginTransaction
Java_sun_security_smartcardio_PCSC_SCardConnect
Java_sun_security_smartcardio_PCSC_SCardControl
Java_sun_security_smartcardio_PCSC_SCardDisconnect
Java_sun_security_smartcardio_PCSC_SCardEndTransaction
Java_sun_security_smartcardio_PCSC_SCardEstablishContext
Java_sun_security_smartcardio_PCSC_SCardGetStatusChange
Java_sun_security_smartcardio_PCSC_SCardListReaders
Java_sun_security_smartcardio_PCSC_SCardStatus
Java_sun_security_smartcardio_PCSC_SCardTransmit

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 624B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 880B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Nursultan Alpha/j2pkcs11.dll
.dll windows:6 windows x64 arch:x64

8286584201c9939507c643b2384f491c

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

03:72:bc:44:f5:59:f6:94:64:40:b5:8d:0a:19:21:a0
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

27/06/2023, 00:00

Not After

26/06/2026, 23:59

Subject

CN=Azul Systems\, Inc.,O=Azul Systems\, Inc.,L=Sunnyvale,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

7d:10:4b:d8:f3:46:84:b1:09:dd:0d:34:e3:92:9f:99:53:8d:d3:16:d3:5f:bf:24:eb:9c:41:82:86:90:c6:53
Signer

Actual PE Digest

7d:10:4b:d8:f3:46:84:b1:09:dd:0d:34:e3:92:9f:99:53:8d:d3:16:d3:5f:bf:24:eb:9c:41:82:86:90:c6:53

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

j2pkcs11.pdb

Imports

kernel32

GetLastError
GetModuleHandleA
GetProcAddress
LoadLibraryA
LocalFree
FormatMessageA
FreeLibrary
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead
IsDebuggerPresent

vcruntime140

memcpy
memset
__C_specific_handler
__std_type_info_destroy_list

api-ms-win-crt-string-l1-1-0

strncmp
strlen
strcat
strcmp
strcpy

api-ms-win-crt-stdio-l1-1-0

fflush
__acrt_iob_func
__stdio_common_vsprintf
__stdio_common_vfprintf

api-ms-win-crt-heap-l1-1-0

malloc
free
calloc

api-ms-win-crt-runtime-l1-1-0

_cexit
_execute_onexit_table
_initialize_onexit_table
_initialize_narrow_environment
_initterm
_initterm_e
_seh_filter_dll
_configure_narrow_argv

Exports

Exports

JNI_OnLoad
Java_sun_security_pkcs11_Secmod_nssGetLibraryHandle
Java_sun_security_pkcs11_Secmod_nssGetModuleList
Java_sun_security_pkcs11_Secmod_nssInitialize
Java_sun_security_pkcs11_Secmod_nssLoadLibrary
Java_sun_security_pkcs11_Secmod_nssVersionCheck
Java_sun_security_pkcs11_wrapper_PKCS11_C_1CloseSession
Java_sun_security_pkcs11_wrapper_PKCS11_C_1CopyObject
Java_sun_security_pkcs11_wrapper_PKCS11_C_1CreateObject
Java_sun_security_pkcs11_wrapper_PKCS11_C_1Decrypt
Java_sun_security_pkcs11_wrapper_PKCS11_C_1DecryptFinal
Java_sun_security_pkcs11_wrapper_PKCS11_C_1DecryptInit
Java_sun_security_pkcs11_wrapper_PKCS11_C_1DecryptUpdate
Java_sun_security_pkcs11_wrapper_PKCS11_C_1DeriveKey
Java_sun_security_pkcs11_wrapper_PKCS11_C_1DestroyObject
Java_sun_security_pkcs11_wrapper_PKCS11_C_1DigestFinal
Java_sun_security_pkcs11_wrapper_PKCS11_C_1DigestInit
Java_sun_security_pkcs11_wrapper_PKCS11_C_1DigestKey
Java_sun_security_pkcs11_wrapper_PKCS11_C_1DigestSingle
Java_sun_security_pkcs11_wrapper_PKCS11_C_1DigestUpdate
Java_sun_security_pkcs11_wrapper_PKCS11_C_1Encrypt
Java_sun_security_pkcs11_wrapper_PKCS11_C_1EncryptFinal
Java_sun_security_pkcs11_wrapper_PKCS11_C_1EncryptInit
Java_sun_security_pkcs11_wrapper_PKCS11_C_1EncryptUpdate
Java_sun_security_pkcs11_wrapper_PKCS11_C_1Finalize
Java_sun_security_pkcs11_wrapper_PKCS11_C_1FindObjects
Java_sun_security_pkcs11_wrapper_PKCS11_C_1FindObjectsFinal
Java_sun_security_pkcs11_wrapper_PKCS11_C_1FindObjectsInit
Java_sun_security_pkcs11_wrapper_PKCS11_C_1GenerateKey
Java_sun_security_pkcs11_wrapper_PKCS11_C_1GenerateKeyPair
Java_sun_security_pkcs11_wrapper_PKCS11_C_1GenerateRandom
Java_sun_security_pkcs11_wrapper_PKCS11_C_1GetAttributeValue
Java_sun_security_pkcs11_wrapper_PKCS11_C_1GetInfo
Java_sun_security_pkcs11_wrapper_PKCS11_C_1GetMechanismInfo
Java_sun_security_pkcs11_wrapper_PKCS11_C_1GetMechanismList
Java_sun_security_pkcs11_wrapper_PKCS11_C_1GetOperationState
Java_sun_security_pkcs11_wrapper_PKCS11_C_1GetSessionInfo
Java_sun_security_pkcs11_wrapper_PKCS11_C_1GetSlotInfo
Java_sun_security_pkcs11_wrapper_PKCS11_C_1GetSlotList
Java_sun_security_pkcs11_wrapper_PKCS11_C_1GetTokenInfo
Java_sun_security_pkcs11_wrapper_PKCS11_C_1Initialize
Java_sun_security_pkcs11_wrapper_PKCS11_C_1Login
Java_sun_security_pkcs11_wrapper_PKCS11_C_1Logout
Java_sun_security_pkcs11_wrapper_PKCS11_C_1OpenSession
Java_sun_security_pkcs11_wrapper_PKCS11_C_1SeedRandom
Java_sun_security_pkcs11_wrapper_PKCS11_C_1SetAttributeValue
Java_sun_security_pkcs11_wrapper_PKCS11_C_1SetOperationState
Java_sun_security_pkcs11_wrapper_PKCS11_C_1Sign
Java_sun_security_pkcs11_wrapper_PKCS11_C_1SignFinal
Java_sun_security_pkcs11_wrapper_PKCS11_C_1SignInit
Java_sun_security_pkcs11_wrapper_PKCS11_C_1SignRecover
Java_sun_security_pkcs11_wrapper_PKCS11_C_1SignRecoverInit
Java_sun_security_pkcs11_wrapper_PKCS11_C_1SignUpdate
Java_sun_security_pkcs11_wrapper_PKCS11_C_1UnwrapKey
Java_sun_security_pkcs11_wrapper_PKCS11_C_1Verify
Java_sun_security_pkcs11_wrapper_PKCS11_C_1VerifyFinal
Java_sun_security_pkcs11_wrapper_PKCS11_C_1VerifyInit
Java_sun_security_pkcs11_wrapper_PKCS11_C_1VerifyRecover
Java_sun_security_pkcs11_wrapper_PKCS11_C_1VerifyRecoverInit
Java_sun_security_pkcs11_wrapper_PKCS11_C_1VerifyUpdate
Java_sun_security_pkcs11_wrapper_PKCS11_C_1WrapKey
Java_sun_security_pkcs11_wrapper_PKCS11_connect
Java_sun_security_pkcs11_wrapper_PKCS11_createNativeKey
Java_sun_security_pkcs11_wrapper_PKCS11_disconnect
Java_sun_security_pkcs11_wrapper_PKCS11_finalizeLibrary
Java_sun_security_pkcs11_wrapper_PKCS11_freeMechanism
Java_sun_security_pkcs11_wrapper_PKCS11_getNativeKeyInfo
Java_sun_security_pkcs11_wrapper_PKCS11_initializeLibrary

Sections

.text
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 888B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Nursultan Alpha/jaas.dll
.dll windows:6 windows x64 arch:x64

4ee80664227fb531e08b0ca437d2cae5

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

03:72:bc:44:f5:59:f6:94:64:40:b5:8d:0a:19:21:a0
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

27/06/2023, 00:00

Not After

26/06/2026, 23:59

Subject

CN=Azul Systems\, Inc.,O=Azul Systems\, Inc.,L=Sunnyvale,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

69:e9:00:99:91:54:8c:e7:cd:db:80:04:84:14:57:01:8b:7c:18:67:b3:cd:99:b2:ad:ed:83:60:dd:b1:65:b1
Signer

Actual PE Digest

69:e9:00:99:91:54:8c:e7:cd:db:80:04:84:14:57:01:8b:7c:18:67:b3:cd:99:b2:ad:ed:83:60:dd:b1:65:b1

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

jaas.pdb

Imports

user32

wsprintfA

advapi32

GetSidSubAuthority
LookupAccountNameA
OpenProcessToken
OpenThreadToken
DuplicateToken
GetSidIdentifierAuthority
IsValidSid
GetSidSubAuthorityCount
GetTokenInformation
LookupAccountSidA

kernel32

RtlCaptureContext
IsProcessorFeaturePresent
GetStdHandle
WriteFile
CloseHandle
GetLastError
SetLastError
HeapAlloc
HeapFree
GetProcessHeap
GetCurrentProcess
GetCurrentThread
FreeLibrary
LoadLibraryExA
LocalFree
FormatMessageA
lstrlenA
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter

vcruntime140

__std_type_info_destroy_list
memset
__C_specific_handler

api-ms-win-crt-stdio-l1-1-0

__acrt_iob_func
__stdio_common_vfprintf

api-ms-win-crt-string-l1-1-0

strcmp

api-ms-win-crt-runtime-l1-1-0

_cexit
_initterm
_initterm_e
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_execute_onexit_table

Exports

Exports

Java_com_sun_security_auth_module_NTSystem_getCurrent
Java_com_sun_security_auth_module_NTSystem_getImpersonationToken0

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 516B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 872B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Nursultan Alpha/start.bat
Nursultan Alpha/workspace/nur.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Инструкция 2.txt

Sharing

General

Malware Config

Extracted

Signatures

Files

Code Sign

33:00:00:03:df:fb:6a:e3:f4:27:ec:b6:a3:00:00:00:00:03:dfCertificate

Extended Key Usages

61:0c:52:4c:00:00:00:00:00:03Certificate

Key Usages

8a:9d:ae:ec:c1:0b:09:10:55:1c:c0:63:c6:94:72:c5:98:ef:01:ca:6b:cd:f0:52:02:66:ac:48:79:a0:3e:2cSigner

Headers

DLL Characteristics

File Characteristics

PDB Paths

Exports

Exports

Sections

.rdata Size: 4KB - Virtual size: 600B

.data Size: - Virtual size: 128B

.rsrc Size: 4KB - Virtual size: 1008B

Code Sign

33:00:00:03:df:fb:6a:e3:f4:27:ec:b6:a3:00:00:00:00:03:dfCertificate

Extended Key Usages

61:0c:52:4c:00:00:00:00:00:03Certificate

Key Usages

93:bd:4a:7f:f3:52:27:a9:04:07:83:2d:9b:5d:6a:2a:e3:ec:28:18:97:92:2b:27:2e:fe:ad:cf:87:ae:73:e0Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Exports

Exports

Sections

.rdata Size: 4KB - Virtual size: 612B

.data Size: - Virtual size: 128B

.rsrc Size: 4KB - Virtual size: 1008B

Code Sign

33:00:00:03:df:fb:6a:e3:f4:27:ec:b6:a3:00:00:00:00:03:dfCertificate

Extended Key Usages

61:0c:52:4c:00:00:00:00:00:03Certificate

Key Usages

48:57:8d:12:25:59:c9:41:b8:20:d6:14:93:76:1d:fc:0a:32:88:23:7d:89:3d:65:3a:5a:1e:71:e7:1f:a3:53Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Exports

Exports

Sections

.rdata Size: 4KB - Virtual size: 792B

.data Size: - Virtual size: 128B

.rsrc Size: 4KB - Virtual size: 1008B

Code Sign

33:00:00:03:df:fb:6a:e3:f4:27:ec:b6:a3:00:00:00:00:03:dfCertificate

Extended Key Usages

61:0c:52:4c:00:00:00:00:00:03Certificate

Key Usages

85:fb:5f:fd:16:42:a6:c9:4d:d5:77:4f:b5:fb:95:4e:a5:e5:76:20:b4:1a:a6:15:3c:14:96:95:2f:a3:46:59Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Exports

Exports

Sections

.rdata Size: 4KB - Virtual size: 680B

.data Size: - Virtual size: 128B

.rsrc Size: 4KB - Virtual size: 1008B

487503ade661fe711b795f2abbae0379

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

03:72:bc:44:f5:59:f6:94:64:40:b5:8d:0a:19:21:a0Certificate

Extended Key Usages

Key Usages

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate

Extended Key Usages

33:00:00:03:df:fb:6a:e3:f4:27:ec:b6:a3:00:00:00:00:03:df
Certificate

61:0c:52:4c:00:00:00:00:00:03
Certificate

8a:9d:ae:ec:c1:0b:09:10:55:1c:c0:63:c6:94:72:c5:98:ef:01:ca:6b:cd:f0:52:02:66:ac:48:79:a0:3e:2c
Signer

.rdata
Size: 4KB - Virtual size: 600B

.data
Size: - Virtual size: 128B

.rsrc
Size: 4KB - Virtual size: 1008B

33:00:00:03:df:fb:6a:e3:f4:27:ec:b6:a3:00:00:00:00:03:df
Certificate

61:0c:52:4c:00:00:00:00:00:03
Certificate

93:bd:4a:7f:f3:52:27:a9:04:07:83:2d:9b:5d:6a:2a:e3:ec:28:18:97:92:2b:27:2e:fe:ad:cf:87:ae:73:e0
Signer

.rdata
Size: 4KB - Virtual size: 612B

.data
Size: - Virtual size: 128B

.rsrc
Size: 4KB - Virtual size: 1008B

33:00:00:03:df:fb:6a:e3:f4:27:ec:b6:a3:00:00:00:00:03:df
Certificate

61:0c:52:4c:00:00:00:00:00:03
Certificate

48:57:8d:12:25:59:c9:41:b8:20:d6:14:93:76:1d:fc:0a:32:88:23:7d:89:3d:65:3a:5a:1e:71:e7:1f:a3:53
Signer

.rdata
Size: 4KB - Virtual size: 792B

.data
Size: - Virtual size: 128B

.rsrc
Size: 4KB - Virtual size: 1008B

33:00:00:03:df:fb:6a:e3:f4:27:ec:b6:a3:00:00:00:00:03:df
Certificate

61:0c:52:4c:00:00:00:00:00:03
Certificate

85:fb:5f:fd:16:42:a6:c9:4d:d5:77:4f:b5:fb:95:4e:a5:e5:76:20:b4:1a:a6:15:3c:14:96:95:2f:a3:46:59
Signer

.rdata
Size: 4KB - Virtual size: 680B

.data
Size: - Virtual size: 128B

.rsrc
Size: 4KB - Virtual size: 1008B

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

03:72:bc:44:f5:59:f6:94:64:40:b5:8d:0a:19:21:a0
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

eb:f0:b1:f8:91:5c:f5:46:2a:d5:9d:9d:a5:80:09:f6:c4:b4:18:8c:f8:2e:8e:b6:01:3e:47:c1:24:12:7b:f0
Signer

.text
Size: 7KB - Virtual size: 7KB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 512B - Virtual size: 1KB

.pdata
Size: 1024B - Virtual size: 624B

.rsrc
Size: 1024B - Virtual size: 880B

.reloc
Size: 512B - Virtual size: 40B

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

03:72:bc:44:f5:59:f6:94:64:40:b5:8d:0a:19:21:a0
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

69:a8:88:f7:aa:92:ca:94:d6:77:21:53:ff:a6:d3:46:76:9a:23:f5:ee:da:58:04:0d:cc:ce:09:8c:b2:79:00
Signer