dialog
initDialog
make_unicode
show
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
Setup.exe
Resource
win7-20240708-en
windows7-x64
4 signatures
150 seconds
Behavioral task
behavioral2
Sample
Setup.exe
Resource
win10v2004-20240802-en
windows10-2004-x64
3 signatures
150 seconds
General
-
Target
Setup.exe.v
-
Size
104.3MB
-
MD5
7fa83fe4857eaaf6fc6db9297c844038
-
SHA1
2a327cb8fbfd1273c18947817899dd98affe0051
-
SHA256
933ade515e0f2d50619c89a7db18a898e6029448437ce72d6306fe67e269b507
-
SHA512
b61ecf63897e0fb48d1a732cd4bb5537d3e6f6ada31a6011c12ffe1516cadc68a4e1cf1f806c735d127282ca2528b9b373976ddb0baefacdfcad4163f00f6db0
-
SSDEEP
1572864:0X+S+V9LyN0C1qh6maqmmRoF+dnQ6dkkGFinQ6dkkGFinQYPcAtjTDhlHYxZGf8A:0X+p3uN0CaFlQ9FiQ9FiQYEAlHQZGf8A
Score
3/10
Malware Config
Signatures
-
Unsigned PE 4 IoCs
Checks for missing Authenticode signature.
resource Setup.exe.v unpack001/$PLUGINSDIR/InstallOptions.dll unpack001/$PLUGINSDIR/System.dll unpack001/launch9.exe
Files
-
Setup.exe.v.exe windows:4 windows x86 arch:x86
f4639a0b3116c2cfc71144b88a929cfd
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
advapi32
RegEnumValueW
RegEnumKeyW
RegQueryValueExW
RegSetValueExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegOpenKeyExW
RegCreateKeyExW
shell32
SHGetPathFromIDListW
SHBrowseForFolderW
SHGetFileInfoW
SHFileOperationW
ShellExecuteExW
ole32
CoCreateInstance
OleUninitialize
OleInitialize
IIDFromString
CoTaskMemFree
comctl32
ImageList_Destroy
ord17
ImageList_AddMasked
ImageList_Create
user32
MessageBoxIndirectW
GetDlgItemTextW
SetDlgItemTextW
CreatePopupMenu
AppendMenuW
TrackPopupMenu
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
IsWindowVisible
CallWindowProcW
GetMessagePos
CheckDlgButton
LoadCursorW
SetCursor
GetSysColor
SetWindowPos
GetWindowLongW
IsWindowEnabled
SetClassLongW
GetSystemMenu
EnableMenuItem
GetWindowRect
ScreenToClient
EndDialog
RegisterClassW
SystemParametersInfoW
CharPrevW
GetClassInfoW
DialogBoxParamW
CharNextW
ExitWindowsEx
DestroyWindow
CreateDialogParamW
SetTimer
SetWindowTextW
PostQuitMessage
SetForegroundWindow
ShowWindow
wsprintfW
SendMessageTimeoutW
FindWindowExW
IsWindow
GetDlgItem
SetWindowLongW
LoadImageW
GetDC
ReleaseDC
EnableWindow
InvalidateRect
SendMessageW
DefWindowProcW
BeginPaint
GetClientRect
FillRect
DrawTextW
EndPaint
CharNextA
wsprintfA
DispatchMessageW
CreateWindowExW
PeekMessageW
GetSystemMetrics
gdi32
GetDeviceCaps
SetBkColor
SelectObject
DeleteObject
CreateBrushIndirect
CreateFontIndirectW
SetBkMode
SetTextColor
kernel32
lstrcmpiA
CreateFileW
GetTempFileNameW
RemoveDirectoryW
CreateProcessW
CreateDirectoryW
GetLastError
CreateThread
GlobalLock
GlobalUnlock
GetDiskFreeSpaceW
WideCharToMultiByte
lstrcpynW
lstrlenW
SetErrorMode
GetVersionExW
GetCommandLineW
GetTempPathW
GetWindowsDirectoryW
WriteFile
CopyFileW
ExitProcess
GetCurrentProcess
GetModuleFileNameW
GetFileSize
GetTickCount
Sleep
SetFileAttributesW
GetFileAttributesW
SetCurrentDirectoryW
MoveFileW
GetFullPathNameW
GetShortPathNameW
SearchPathW
CompareFileTime
SetFileTime
CloseHandle
lstrcmpiW
lstrcmpW
ExpandEnvironmentStringsW
GlobalFree
GlobalAlloc
GetModuleHandleW
LoadLibraryExW
FreeLibrary
WritePrivateProfileStringW
GetPrivateProfileStringW
lstrlenA
MultiByteToWideChar
ReadFile
SetFilePointer
FindClose
FindNextFileW
FindFirstFileW
DeleteFileW
MulDiv
lstrcpyA
MoveFileExW
lstrcatW
GetSystemDirectoryW
GetProcAddress
GetModuleHandleA
GetExitCodeProcess
WaitForSingleObject
SetEnvironmentVariableW
Sections
.text Size: 26KB - Virtual size: 26KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 5KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1KB - Virtual size: 170KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.ndata Size: - Virtual size: 72KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 17KB - Virtual size: 16KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
$PLUGINSDIR/InstallOptions.dll.dll windows:4 windows x86 arch:x86
85f08eb0cbec010ecbc287fa68321173
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
SetCurrentDirectoryW
GetCurrentDirectoryW
GlobalUnlock
GlobalLock
GetModuleHandleW
CloseHandle
SetEndOfFile
GetPrivateProfileIntW
SetFilePointer
MultiByteToWideChar
ReadFile
GetFileSize
CreateFileW
lstrcmpiW
GetPrivateProfileStringW
lstrcatW
lstrcpynW
WritePrivateProfileStringW
lstrlenW
lstrcpyW
GlobalFree
WriteFile
GlobalAlloc
user32
PtInRect
LoadCursorW
GetDlgCtrlID
CloseClipboard
GetClipboardData
OpenClipboard
GetClientRect
SetWindowRgn
LoadIconW
LoadImageW
SetWindowLongW
CreateWindowExW
MapDialogRect
SetWindowPos
GetWindowRect
CreateDialogParamW
ShowWindow
EnableMenuItem
GetSystemMenu
EnableWindow
GetDlgItem
DestroyIcon
DestroyWindow
DispatchMessageW
TranslateMessage
GetMessageW
IsDialogMessageW
SetCursor
DrawTextW
GetWindowLongW
DrawFocusRect
CallWindowProcW
PostMessageW
MessageBoxW
GetSysColor
CharNextW
wsprintfW
GetWindowTextW
SetWindowTextW
SendMessageW
MapWindowPoints
gdi32
SetTextColor
CreateCompatibleDC
GetObjectW
GetDIBits
CreateRectRgn
CombineRgn
DeleteObject
SelectObject
shell32
SHBrowseForFolderW
SHGetDesktopFolder
SHGetPathFromIDListW
ShellExecuteW
comdlg32
GetOpenFileNameW
GetSaveFileNameW
CommDlgExtendedError
ole32
CoTaskMemFree
Exports
Exports
Sections
.text Size: 7KB - Virtual size: 7KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 2KB - Virtual size: 19KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 152B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$PLUGINSDIR/System.dll.dll windows:4 windows x86 arch:x86
509a34b3a68a773e0afb4259e68f9f82
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
GlobalAlloc
GlobalFree
GlobalSize
lstrcpynW
lstrcpyW
GetProcAddress
WideCharToMultiByte
VirtualFree
FreeLibrary
lstrlenW
LoadLibraryW
GetModuleHandleW
MultiByteToWideChar
VirtualAlloc
VirtualProtect
GetLastError
user32
wsprintfW
ole32
StringFromGUID2
CLSIDFromString
Exports
Exports
Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc
Sections
.text Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1024B - Virtual size: 867B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 120B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 1024B - Virtual size: 662B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$PLUGINSDIR/ioSpecial.ini
-
$PLUGINSDIR/modern-wizard.bmp
-
Potato_b5632ac/Potato.exe.exe windows:5 windows x86 arch:x86
b6230bbe811acccf26e4892517cc89db
Code Sign
08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate
IssuerCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before29/04/2021, 00:00Not After28/04/2036, 23:59SubjectCN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
08:a4:b5:84:d8:ed:95:e5:6b:f2:17:9a:f2:3c:1e:8cCertificate
IssuerCN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=USNot Before17/06/2021, 00:00Not After19/06/2024, 23:59SubjectSERIALNUMBER=CHE-451.531.994,CN=Horsemen Technologies SA,O=Horsemen Technologies SA,L=Sarnen,ST=Obwalden,C=CH,1.3.6.1.4.1.311.60.2.1.2=#13084f6277616c64656e,1.3.6.1.4.1.311.60.2.1.3=#13024348,2.5.4.15=#131450726976617465204f7267616e697a6174696f6eExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate
IssuerCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before29/04/2021, 00:00Not After28/04/2036, 23:59SubjectCN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
08:a4:b5:84:d8:ed:95:e5:6b:f2:17:9a:f2:3c:1e:8cCertificate
IssuerCN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=USNot Before17/06/2021, 00:00Not After19/06/2024, 23:59SubjectSERIALNUMBER=CHE-451.531.994,CN=Horsemen Technologies SA,O=Horsemen Technologies SA,L=Sarnen,ST=Obwalden,C=CH,1.3.6.1.4.1.311.60.2.1.2=#13084f6277616c64656e,1.3.6.1.4.1.311.60.2.1.3=#13024348,2.5.4.15=#131450726976617465204f7267616e697a6174696f6eExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
a8:32:ad:9e:cc:f6:d2:86:ef:04:a1:fa:f8:31:33:79:a1:50:46:88:eb:0b:fc:bd:1f:39:e5:8e:1f:71:d1:31Signer
Actual PE Digesta8:32:ad:9e:cc:f6:d2:86:ef:04:a1:fa:f8:31:33:79:a1:50:46:88:eb:0b:fc:bd:1f:39:e5:8e:1f:71:d1:31Digest Algorithmsha256PE Digest Matchestruebe:da:08:5d:80:6e:01:1a:7c:59:3d:d9:17:a8:3d:b8:94:33:83:6eSigner
Actual PE Digestbe:da:08:5d:80:6e:01:1a:7c:59:3d:d9:17:a8:3d:b8:94:33:83:6eDigest Algorithmsha1PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
D:\TBuild\potato_pc\out\Release\Potato.exe.pdb
Imports
winmm
timeSetEvent
timeKillEvent
waveInClose
waveInStop
waveInPrepareHeader
waveInGetNumDevs
waveInReset
waveInUnprepareHeader
waveInGetDevCapsW
waveInOpen
waveInStart
waveInAddBuffer
waveOutWrite
waveOutGetNumDevs
waveOutGetDevCapsW
waveOutUnprepareHeader
waveOutClose
waveOutOpen
waveOutPrepareHeader
ws2_32
gethostname
WSANtohs
WSANtohl
WSAHtonl
WSAConnect
WSAAccept
htonl
WSASocketW
getnameinfo
__WSAFDIsSet
bind
closesocket
select
ntohl
getaddrinfo
WSAStartup
getsockname
shutdown
WSASendTo
WSARecvFrom
getpeername
WSASend
WSARecv
WSAIoctl
inet_ntop
gethostbyaddr
WSAAsyncSelect
htons
WSAGetLastError
setsockopt
sendto
freeaddrinfo
recv
recvfrom
socket
inet_ntoa
inet_addr
listen
WSACleanup
gethostbyname
getsockopt
send
WSASetLastError
kernel32
EnterCriticalSection
UnlockFile
LockFile
VirtualAllocEx
CreateThread
VirtualFree
VirtualProtect
VirtualAlloc
DeleteFileW
CopyFileW
FindClose
FindNextFileW
FindFirstFileExW
GetFileInformationByHandle
RtlCaptureContext
GetCurrentThread
FreeLibrary
GetCurrentDirectoryW
GetCurrentProcessId
GetCurrentProcess
LoadLibraryW
GetFileAttributesW
ReadProcessMemory
FormatMessageW
GetUserDefaultUILanguage
GetModuleFileNameW
GetLocaleInfoW
GetEnvironmentVariableW
GetTickCount
RaiseException
GetModuleHandleW
GetCommandLineW
LocalFree
WriteFile
CreateFileW
WriteConsoleW
GetProcessHeap
SetEnvironmentVariableW
WinExec
QueryPerformanceFrequency
QueryPerformanceCounter
ReadFile
SetThreadPriority
GetStartupInfoW
CloseHandle
CreatePipe
GetProcAddress
GetLastError
LoadLibraryA
GetOEMCP
HeapQueryInformation
HeapSize
HeapReAlloc
EnumSystemLocalesW
IsValidLocale
HeapAlloc
HeapFree
GetFileSizeEx
GetConsoleOutputCP
SetFileAttributesW
GetCommandLineA
SystemTimeToTzSpecificLocalTime
SetStdHandle
SetConsoleCtrlHandler
RtlUnwind
CreateTimerQueue
GetVersionExW
LeaveCriticalSection
ReleaseSemaphore
FreeLibraryAndExitThread
GetThreadTimes
UnregisterWait
SetThreadAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
SignalObjectAndWait
QueryDepthSList
InterlockedPopEntrySList
UnhandledExceptionFilter
GetStringTypeW
GetModuleFileNameA
InitializeCriticalSection
Sleep
DeleteCriticalSection
WaitForSingleObject
CreateSemaphoreA
GetUserDefaultLangID
CloseThreadpoolWait
SetThreadpoolWait
CreateThreadpoolWait
CreateSemaphoreW
InitializeSListHead
InterlockedPushEntrySList
InterlockedFlushSList
ResetEvent
WaitForSingleObjectEx
SetEvent
GetModuleHandleA
WideCharToMultiByte
CreateProcessW
CloseThreadpoolTimer
WaitForThreadpoolTimerCallbacks
SetThreadpoolTimer
CreateThreadpoolTimer
FreeLibraryWhenCallbackReturns
GetCurrentProcessorNumber
FlushProcessWriteBuffers
CreateSemaphoreExW
CreateEventExW
LCMapStringEx
DecodePointer
EncodePointer
SleepConditionVariableSRW
SleepConditionVariableCS
WakeAllConditionVariable
WakeConditionVariable
InitializeConditionVariable
InitializeCriticalSectionEx
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
InitializeSRWLock
SetLastError
GetSystemTime
SystemTimeToFileTime
GetModuleHandleExW
InitializeCriticalSectionAndSpinCount
GetCurrentThreadId
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SwitchToFiber
DeleteFiber
CreateFiber
FindFirstFileW
MultiByteToWideChar
GetSystemTimeAsFileTime
GetStdHandle
GetFileType
ConvertFiberToThread
ConvertThreadToFiber
GetConsoleMode
SetConsoleMode
ReadConsoleA
ReadConsoleW
CreateEventA
IsDebuggerPresent
DebugBreak
SwitchToThread
VirtualQuery
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
CreateEventW
GetSystemInfo
TryEnterCriticalSection
WaitForMultipleObjects
ExitThread
GetExitCodeThread
IsValidCodePage
GetACP
GetCPInfo
IsDBCSLeadByteEx
CreateIoCompletionPort
GetQueuedCompletionStatus
PostQueuedCompletionStatus
GetTimeZoneInformation
GetProcessId
ResumeThread
TerminateThread
VirtualQueryEx
SetUnhandledExceptionFilter
DuplicateHandle
WaitNamedPipeW
MoveFileExA
MoveFileExW
ReleaseMutex
GetConsoleScreenBufferInfo
SetConsoleTextAttribute
GetProcessAffinityMask
GetSystemDirectoryW
LoadLibraryExA
LoadLibraryExW
CreateMutexA
GlobalFree
ConnectNamedPipe
CreateNamedPipeW
GetOverlappedResult
DisconnectNamedPipe
SetHandleInformation
GetVolumeInformationW
GetLongPathNameW
GetDriveTypeW
GetConsoleWindow
ExitProcess
GetNativeSystemInfo
CompareStringEx
GetThreadPriority
GetLocalTime
OutputDebugStringW
TerminateProcess
IsProcessorFeaturePresent
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetExitCodeProcess
GetTickCount64
UnregisterWaitEx
RegisterWaitForSingleObject
ReadFileEx
PeekNamedPipe
CancelIoEx
SleepEx
WriteFileEx
CompareStringW
LCMapStringW
FlushFileBuffers
GetLogicalDrives
SetEndOfFile
SetFilePointerEx
SetErrorMode
SetCurrentDirectoryW
CreateDirectoryW
GetFileAttributesExW
GetFullPathNameW
RemoveDirectoryW
SetFileTime
GetTempPathW
GetVolumePathNamesForVolumeNameW
DeviceIoControl
MoveFileW
TzSpecificLocalTimeToSystemTime
FileTimeToSystemTime
GetFileInformationByHandleEx
GetDateFormatW
GetTimeFormatW
GetCurrencyFormatW
GetUserDefaultLCID
GetUserPreferredUILanguages
FindCloseChangeNotification
FindFirstChangeNotificationW
FindNextChangeNotification
GetGeoInfoW
GetUserGeoID
OpenProcess
CreateMutexW
WTSGetActiveConsoleSessionId
ExpandEnvironmentStringsW
CheckRemoteDebuggerPresent
GlobalAlloc
GlobalUnlock
GlobalLock
GlobalSize
user32
GetForegroundWindow
GetMonitorInfoW
MonitorFromRect
AdjustWindowRectEx
GetClientRect
SetMenuItemInfoW
GetMenuItemInfoW
GetSystemMenu
GetWindowThreadProcessId
GetWindowLongW
RegisterWindowMessageW
SendMessageW
SetForegroundWindow
DestroyWindow
UpdateLayeredWindow
GetWindowRect
ShowWindow
GetWindowTextW
MoveWindow
GetSystemMetrics
GetDC
DrawIconEx
ReleaseDC
DestroyIcon
CopyImage
CreatePopupMenu
InsertMenuItemW
FlashWindowEx
SetWindowPos
SetWindowLongW
CreateWindowExW
RegisterClassExW
DefWindowProcW
DestroyMenu
TrackPopupMenu
SetCaretPos
SetFocus
MonitorFromPoint
GetWindowPlacement
GetProcessWindowStation
GetUserObjectInformationW
MessageBoxW
GetMessageA
PostThreadMessageA
RegisterHotKey
UnregisterHotKey
VkKeyScanW
GetDesktopWindow
EnableMenuItem
GetSysColor
SystemParametersInfoW
CreateIconIndirect
GetIconInfo
PostMessageW
PostThreadMessageW
TranslateMessage
DispatchMessageW
PeekMessageW
RegisterClassW
UnregisterClassW
GetQueueStatus
MsgWaitForMultipleObjectsEx
SetTimer
KillTimer
SetWindowsHookExW
UnhookWindowsHookEx
CallNextHookEx
CharNextExA
RegisterDeviceNotificationW
UnregisterDeviceNotification
GetDoubleClickTime
IsWindow
MessageBeep
GetCaretBlinkTime
UpdateLayeredWindowIndirect
AttachThreadInput
IsChild
SetLayeredWindowAttributes
SetWindowPlacement
IsIconic
RegisterTouchWindow
UnregisterTouchWindow
IsTouchWindow
GetCapture
SetCapture
ReleaseCapture
BeginPaint
EndPaint
GetUpdateRect
SetWindowRgn
InvalidateRect
SetWindowTextW
SetCursor
ClientToScreen
ScreenToClient
GetParent
SetParent
DestroyCursor
GetAncestor
GetKeyboardLayoutList
GetClassInfoW
GetFocus
GetCursorPos
WindowFromPoint
ChildWindowFromPointEx
GetSysColorBrush
LoadImageW
SetMenu
DrawMenuBar
CreateMenu
InsertMenuW
AppendMenuW
ModifyMenuW
RemoveMenu
EnumDisplayMonitors
LoadIconW
IsHungAppWindow
SetClipboardViewer
ChangeClipboardChain
RegisterClipboardFormatW
GetKeyboardLayout
IsWindowEnabled
CreateCaret
DestroyCaret
HideCaret
ShowCaret
GetLastInputInfo
FindWindowA
IsZoomed
GetKeyState
GetKeyboardState
ToAscii
ToUnicode
MapVirtualKeyW
GetMenu
TrackPopupMenuEx
SetCursorPos
GetCursor
LoadCursorW
CreateCursor
GetCursorInfo
EnumDisplayDevicesW
GetClipboardFormatNameW
TrackMouseEvent
GetMessageExtraInfo
GetAsyncKeyState
GetTouchInputInfo
CloseTouchInputHandle
RealGetWindowClassW
ChangeWindowMessageFilterEx
wsprintfW
IsWindowVisible
GetWindow
MonitorFromWindow
EnumWindows
GetMenuItemCount
gdi32
CombineRgn
CreateRectRgn
OffsetRgn
SelectClipRgn
GetDeviceCaps
CreateDCW
GetBitmapBits
BitBlt
GetDIBits
CreateBitmap
DeleteObject
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
DeleteDC
CreateDIBSection
CreateFontIndirectW
EnumFontFamiliesExW
GetFontData
GetStockObject
AddFontResourceExW
RemoveFontResourceExW
AddFontMemResourceEx
RemoveFontMemResourceEx
GetTextMetricsW
GetTextFaceW
GdiFlush
GetCharABCWidthsW
GetCharABCWidthsFloatW
GetGlyphOutlineW
GetOutlineTextMetricsW
GetTextExtentPoint32W
GetCharABCWidthsI
SetBkMode
SetGraphicsMode
ExtTextOutW
SetTextColor
SetTextAlign
SetWorldTransform
GetObjectW
advapi32
SetSecurityDescriptorOwner
CopySid
AccessCheck
SystemFunction036
SetSecurityDescriptorGroup
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
InitializeAcl
GetTokenInformation
GetLengthSid
FreeSid
AllocateAndInitializeSid
AddAccessAllowedAce
OpenProcessToken
RegNotifyChangeKeyValue
CryptGenRandom
CryptAcquireContextA
CryptEnumProvidersW
CryptSignHashW
CryptDestroyHash
CryptCreateHash
CryptDecrypt
CryptExportKey
CryptGetUserKey
CryptGetProvParam
CryptSetHashParam
CryptDestroyKey
CryptReleaseContext
CryptAcquireContextW
ReportEventW
RegisterEventSourceW
DeregisterEventSource
RegOpenKeyExW
RegQueryInfoKeyW
RegFlushKey
RegEnumValueW
RegEnumKeyExW
RegDeleteValueW
BuildTrusteeWithSidW
GetNamedSecurityInfoW
GetEffectiveRightsFromAclW
LookupAccountSidW
MapGenericMask
RegQueryValueExW
RegCloseKey
RegSetValueExW
RegCreateKeyExW
RegDeleteKeyW
DuplicateToken
shell32
SHFileOperationW
SHGetSpecialFolderPathW
SHGetKnownFolderPath
SHGetFileInfoW
SHGetStockIconInfo
ord727
CommandLineToArgvW
SHCreateItemFromParsingName
SHGetMalloc
SHGetPathFromIDListW
SHGetKnownFolderIDList
SHBrowseForFolderW
Shell_NotifyIconW
Shell_NotifyIconGetRect
ExtractIconW
ord155
SHOpenFolderAndSelectItems
SHGetFolderPathW
ord190
ShellExecuteW
SHCreateItemFromIDList
ole32
StringFromCLSID
StringFromGUID2
CoCreateGuid
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
OleInitialize
OleUninitialize
OleSetClipboard
OleGetClipboard
OleFlushClipboard
OleIsCurrentClipboard
DoDragDrop
ReleaseStgMedium
CoGetMalloc
CoInitialize
CoInitializeEx
PropVariantClear
CoTaskMemAlloc
CoTaskMemFree
CoUninitialize
CoCreateInstance
shlwapi
ord487
iphlpapi
ConvertInterfaceIndexToLuid
ConvertInterfaceLuidToNameW
ConvertInterfaceNameToLuidW
GetAdaptersAddresses
ConvertInterfaceLuidToIndex
gdiplus
GdipAlloc
GdipCreateSolidFill
GdipSetSolidFillColor
GdipFree
GdipCloneBrush
GdipDeleteBrush
GdipFillRectangleI
GdipCreatePen1
GdipDeletePen
GdipCreateFromHDC
GdipDeleteGraphics
GdipSetCompositingMode
GdipDrawLineI
GdiplusStartup
crypt32
CertCloseStore
CertGetCertificateContextProperty
CertOpenStore
CertGetCertificateChain
CertCreateCertificateContext
CertFreeCertificateContext
CertDuplicateCertificateContext
CertFindCertificateInStore
CertEnumCertificatesInStore
CertFreeCertificateChain
bcrypt
BCryptGenRandom
imm32
ImmSetCandidateWindow
ImmSetCompositionWindow
ImmNotifyIME
ImmGetOpenStatus
ImmGetCompositionStringW
ImmAssociateContextEx
ImmAssociateContext
ImmReleaseContext
ImmGetContext
ImmGetDefaultIMEWnd
ImmGetVirtualKey
oleaut32
SafeArrayPutElement
SafeArrayCreateVector
SysAllocString
netapi32
NetApiBufferFree
NetShareEnum
userenv
GetUserProfileDirectoryW
version
VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW
dwmapi
DwmEnableBlurBehindWindow
DwmIsCompositionEnabled
wtsapi32
WTSFreeMemory
WTSQuerySessionInformationW
Exports
Exports
??0Animation@rlottie@@AAE@XZ
??0Surface@rlottie@@QAE@PAIIII@Z
??0Surface@rlottie@@QAE@XZ
??0Tunnel@pt@@QAE@$$QAV01@@Z
??0Tunnel@pt@@QAE@ABV01@@Z
??0Tunnel@pt@@QAE@XZ
??1Animation@rlottie@@QAE@XZ
??1Tunnel@pt@@QAE@XZ
??4Surface@rlottie@@QAEAAV01@$$QAV01@@Z
??4Surface@rlottie@@QAEAAV01@ABV01@@Z
??4Tunnel@pt@@QAEAAV01@$$QAV01@@Z
??4Tunnel@pt@@QAEAAV01@ABV01@@Z
?buffer@Surface@rlottie@@QBEPAIXZ
?bytesPerLine@Surface@rlottie@@QBEIXZ
?cipher@Tunnel@pt@@QAEHAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?configureModelCacheSize@@YAXI@Z
?create@Tunnel@pt@@SA?AV?$shared_ptr@VTunnel@pt@@@std@@ABV?$function@$$A6AXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0@Z@4@ABV?$function@$$A6AXW4Trap@pt@@@Z@4@@Z
?drainOutgoingData@Tunnel@pt@@QAEXXZ
?drawRegionHeight@Surface@rlottie@@QBEIXZ
?drawRegionPosX@Surface@rlottie@@QBEIXZ
?drawRegionPosY@Surface@rlottie@@QBEIXZ
?drawRegionWidth@Surface@rlottie@@QBEIXZ
?duration@Animation@rlottie@@QBENXZ
?frameAtPos@Animation@rlottie@@QAEIN@Z
?frameRate@Animation@rlottie@@QBENXZ
?height@Surface@rlottie@@QBEIXZ
?layers@Animation@rlottie@@QBEABV?$vector@V?$tuple@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@HH@std@@V?$allocator@V?$tuple@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@HH@std@@@2@@std@@XZ
?loadFromData@Animation@rlottie@@SA?AV?$unique_ptr@VAnimation@rlottie@@U?$default_delete@VAnimation@rlottie@@@std@@@std@@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@4@ABV54@1_NABV?$vector@U?$pair@II@std@@V?$allocator@U?$pair@II@std@@@2@@4@@Z
?loadFromFile@Animation@rlottie@@SA?AV?$unique_ptr@VAnimation@rlottie@@U?$default_delete@VAnimation@rlottie@@@std@@@std@@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@4@_N@Z
?plain@Tunnel@pt@@QAEHAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?render@Animation@rlottie@@QAE?AV?$future@VSurface@rlottie@@@std@@IVSurface@2@_N@Z
?renderSync@Animation@rlottie@@QAEXIVSurface@2@_N@Z
?renderTree@Animation@rlottie@@QBEPBULOTLayerNode@@III@Z
?sendCached@Tunnel@pt@@QAEXXZ
?setDrawRegion@Surface@rlottie@@QAEXIIII@Z
?setParams@Tunnel@pt@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@00@Z
?setValue@Animation@rlottie@@AAEXUColor_Type@2@W4Property@2@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@$$QAV?$function@$$A6A?AUColor@rlottie@@ABUFrameInfo@2@@Z@6@@Z
?setValue@Animation@rlottie@@AAEXUColor_Type@2@W4Property@2@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@UColor@2@@Z
?setValue@Animation@rlottie@@AAEXUFloat_Type@2@W4Property@2@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@$$QAV?$function@$$A6AMABUFrameInfo@rlottie@@@Z@6@@Z
?setValue@Animation@rlottie@@AAEXUFloat_Type@2@W4Property@2@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@M@Z
?setValue@Animation@rlottie@@AAEXUPoint_Type@2@W4Property@2@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@$$QAV?$function@$$A6A?AUPoint@rlottie@@ABUFrameInfo@2@@Z@6@@Z
?setValue@Animation@rlottie@@AAEXUPoint_Type@2@W4Property@2@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@UPoint@2@@Z
?setValue@Animation@rlottie@@AAEXUSize_Type@2@W4Property@2@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@$$QAV?$function@$$A6A?AUSize@rlottie@@ABUFrameInfo@2@@Z@6@@Z
?setValue@Animation@rlottie@@AAEXUSize_Type@2@W4Property@2@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@USize@2@@Z
?size@Animation@rlottie@@QBEXAAI0@Z
?start@Tunnel@pt@@QAEHXZ
?started@Tunnel@pt@@QAE_NXZ
?totalFrame@Animation@rlottie@@QBEIXZ
?wantSend@Tunnel@pt@@QBEIXZ
?width@Surface@rlottie@@QBEIXZ
alAuxiliaryEffectSlotf
alAuxiliaryEffectSlotfv
alAuxiliaryEffectSloti
alAuxiliaryEffectSlotiv
alBuffer3f
alBuffer3i
alBufferData
alBufferSamplesSOFT
alBufferStorageSOFT
alBufferSubDataSOFT
alBufferSubSamplesSOFT
alBufferf
alBufferfv
alBufferi
alBufferiv
alDeferUpdatesSOFT
alDeleteAuxiliaryEffectSlots
alDeleteBuffers
alDeleteEffects
alDeleteFilters
alDeleteSources
alDisable
alDistanceModel
alDopplerFactor
alDopplerVelocity
alEffectf
alEffectfv
alEffecti
alEffectiv
alEnable
alEventCallbackSOFT
alEventControlSOFT
alFilterf
alFilterfv
alFilteri
alFilteriv
alFlushMappedBufferSOFT
alGenAuxiliaryEffectSlots
alGenBuffers
alGenEffects
alGenFilters
alGenSources
alGetAuxiliaryEffectSlotf
alGetAuxiliaryEffectSlotfv
alGetAuxiliaryEffectSloti
alGetAuxiliaryEffectSlotiv
alGetBoolean
alGetBooleanv
alGetBuffer3f
alGetBuffer3i
alGetBufferSamplesSOFT
alGetBufferf
alGetBufferfv
alGetBufferi
alGetBufferiv
alGetDouble
alGetDoublev
alGetEffectf
alGetEffectfv
alGetEffecti
alGetEffectiv
alGetEnumValue
alGetError
alGetFilterf
alGetFilterfv
alGetFilteri
alGetFilteriv
alGetFloat
alGetFloatv
alGetInteger
alGetInteger64SOFT
alGetInteger64vSOFT
alGetIntegerv
alGetListener3f
alGetListener3i
alGetListenerf
alGetListenerfv
alGetListeneri
alGetListeneriv
alGetPointerSOFT
alGetPointervSOFT
alGetProcAddress
alGetSource3dSOFT
alGetSource3f
alGetSource3i
alGetSource3i64SOFT
alGetSourcedSOFT
alGetSourcedvSOFT
alGetSourcef
alGetSourcefv
alGetSourcei
alGetSourcei64SOFT
alGetSourcei64vSOFT
alGetSourceiv
alGetString
alGetStringiSOFT
alIsAuxiliaryEffectSlot
alIsBuffer
alIsBufferFormatSupportedSOFT
alIsEffect
alIsEnabled
alIsExtensionPresent
alIsFilter
alIsSource
alListener3f
alListener3i
alListenerf
alListenerfv
alListeneri
alListeneriv
alMapBufferSOFT
alProcessUpdatesSOFT
alSource3dSOFT
alSource3f
alSource3i
alSource3i64SOFT
alSourcePause
alSourcePausev
alSourcePlay
alSourcePlayv
alSourceQueueBufferLayersSOFT
alSourceQueueBuffers
alSourceRewind
alSourceRewindv
alSourceStop
alSourceStopv
alSourceUnqueueBuffers
alSourcedSOFT
alSourcedvSOFT
alSourcef
alSourcefv
alSourcei
alSourcei64SOFT
alSourcei64vSOFT
alSourceiv
alSpeedOfSound
alUnmapBufferSOFT
alcCaptureCloseDevice
alcCaptureOpenDevice
alcCaptureSamples
alcCaptureStart
alcCaptureStop
alcCloseDevice
alcCreateContext
alcDestroyContext
alcDevicePauseSOFT
alcDeviceResumeSOFT
alcGetContextsDevice
alcGetCurrentContext
alcGetEnumValue
alcGetError
alcGetInteger64vSOFT
alcGetIntegerv
alcGetProcAddress
alcGetString
alcGetStringiSOFT
alcGetThreadContext
alcIsExtensionPresent
alcIsRenderFormatSupportedSOFT
alcLoopbackOpenDeviceSOFT
alcMakeContextCurrent
alcOpenDevice
alcProcessContext
alcRenderSamplesSOFT
alcResetDeviceSOFT
alcSetThreadContext
alcSuspendContext
alsoft_get_version
Sections
.text Size: 24.3MB - Virtual size: 24.3MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rodata Size: 7KB - Virtual size: 6KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 24.7MB - Virtual size: 24.7MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 5.0MB - Virtual size: 8.2MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.qtmetad Size: 512B - Virtual size: 503B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_RDATA Size: 512B - Virtual size: 48B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.ptext Size: 1024KB - Virtual size: 1024KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 363KB - Virtual size: 362KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1.3MB - Virtual size: 1.3MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
Potato_b5632ac/Updater.exe.exe windows:5 windows x86 arch:x86
82b4485d40d6c4a0a4ed72120ae1361b
Code Sign
08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate
IssuerCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before29/04/2021, 00:00Not After28/04/2036, 23:59SubjectCN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
08:a4:b5:84:d8:ed:95:e5:6b:f2:17:9a:f2:3c:1e:8cCertificate
IssuerCN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=USNot Before17/06/2021, 00:00Not After19/06/2024, 23:59SubjectSERIALNUMBER=CHE-451.531.994,CN=Horsemen Technologies SA,O=Horsemen Technologies SA,L=Sarnen,ST=Obwalden,C=CH,1.3.6.1.4.1.311.60.2.1.2=#13084f6277616c64656e,1.3.6.1.4.1.311.60.2.1.3=#13024348,2.5.4.15=#131450726976617465204f7267616e697a6174696f6eExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate
IssuerCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before29/04/2021, 00:00Not After28/04/2036, 23:59SubjectCN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
08:a4:b5:84:d8:ed:95:e5:6b:f2:17:9a:f2:3c:1e:8cCertificate
IssuerCN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=USNot Before17/06/2021, 00:00Not After19/06/2024, 23:59SubjectSERIALNUMBER=CHE-451.531.994,CN=Horsemen Technologies SA,O=Horsemen Technologies SA,L=Sarnen,ST=Obwalden,C=CH,1.3.6.1.4.1.311.60.2.1.2=#13084f6277616c64656e,1.3.6.1.4.1.311.60.2.1.3=#13024348,2.5.4.15=#131450726976617465204f7267616e697a6174696f6eExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
85:81:13:ac:88:eb:f7:a3:6b:24:3a:c0:a0:66:24:58:c1:45:23:ce:01:b0:f0:fa:5b:37:75:c7:e7:43:0f:3dSigner
Actual PE Digest85:81:13:ac:88:eb:f7:a3:6b:24:3a:c0:a0:66:24:58:c1:45:23:ce:01:b0:f0:fa:5b:37:75:c7:e7:43:0f:3dDigest Algorithmsha256PE Digest Matchestrued6:fc:09:0e:a0:a0:49:c3:8d:f0:cb:d6:18:aa:e3:45:f4:0d:6d:e0Signer
Actual PE Digestd6:fc:09:0e:a0:a0:49:c3:8d:f0:cb:d6:18:aa:e3:45:f4:0d:6d:e0Digest Algorithmsha1PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
D:\TBuild\potato_pc\out\Release\Updater.exe.pdb
Imports
kernel32
FindNextFileW
GetCurrentProcess
WriteFile
ExpandEnvironmentStringsW
RemoveDirectoryW
GetModuleFileNameW
GetEnvironmentVariableW
FindClose
CreateFileW
GetCurrentThreadId
Sleep
FormatMessageW
GetLastError
GetFullPathNameW
CloseHandle
LoadLibraryW
GetLocalTime
GetProcAddress
LocalFree
GetCurrentProcessId
GetModuleHandleW
CopyFileW
SetUnhandledExceptionFilter
FlushFileBuffers
WriteConsoleW
SetFilePointerEx
GetCommandLineW
FindFirstFileExW
ReadFile
DeleteFileW
CreateDirectoryW
GetConsoleMode
GetConsoleCP
HeapReAlloc
HeapSize
GetStringTypeW
SetStdHandle
GetFileType
GetProcessHeap
UnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
RtlUnwind
RaiseException
SetLastError
EncodePointer
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
ExitProcess
GetModuleHandleExW
GetStdHandle
HeapAlloc
HeapFree
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
MultiByteToWideChar
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
LCMapStringW
DecodePointer
user32
MessageBoxW
wsprintfW
advapi32
RegSetValueExW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
shell32
ShellExecuteW
CommandLineToArgvW
SHFileOperationW
ole32
CoCreateInstance
CoUninitialize
CoInitialize
shlwapi
PathCanonicalizeW
Sections
.text Size: 75KB - Virtual size: 74KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 31KB - Virtual size: 31KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 5KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
Potato_b5632ac/plugin/g7tuiyvcgh8
-
Potato_b5632ac/plugin/webrtcmedia.dll.dll windows:5 windows x86 arch:x86
c619f5005698cd50698a72f66ef8c732
Code Sign
7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before21/12/2012, 00:00Not After30/12/2020, 23:59SubjectCN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate
IssuerCN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=USNot Before18/10/2012, 00:00Not After29/12/2020, 23:59SubjectCN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
2a:95:32:18:e1:0b:4b:7b:6f:d1:4b:2a:9e:c3:0d:26Certificate
IssuerCN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=USNot Before12/05/2016, 00:00Not After11/05/2026, 23:59SubjectCN=Symantec Class 3 Extended Validation Code Signing CA - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
14:85:bb:0f:97:c1:51:57:17:f9:2f:bf:0c:f8:4e:d0Certificate
IssuerCN=Symantec Class 3 Extended Validation Code Signing CA - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=USNot Before10/01/2018, 00:00Not After09/01/2021, 23:59SubjectSERIALNUMBER=CHE-451.531.994,CN=Horsemen Technologies SA,O=Horsemen Technologies SA,L=Sarnen,ST=Obwalden,C=CH,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.1=#13065361726e656e,1.3.6.1.4.1.311.60.2.1.2=#13084f6277616c64656e,1.3.6.1.4.1.311.60.2.1.3=#13024348Extended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
2a:95:32:18:e1:0b:4b:7b:6f:d1:4b:2a:9e:c3:0d:26Certificate
IssuerCN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=USNot Before12/05/2016, 00:00Not After11/05/2026, 23:59SubjectCN=Symantec Class 3 Extended Validation Code Signing CA - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
14:85:bb:0f:97:c1:51:57:17:f9:2f:bf:0c:f8:4e:d0Certificate
IssuerCN=Symantec Class 3 Extended Validation Code Signing CA - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=USNot Before10/01/2018, 00:00Not After09/01/2021, 23:59SubjectSERIALNUMBER=CHE-451.531.994,CN=Horsemen Technologies SA,O=Horsemen Technologies SA,L=Sarnen,ST=Obwalden,C=CH,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.1=#13065361726e656e,1.3.6.1.4.1.311.60.2.1.2=#13084f6277616c64656e,1.3.6.1.4.1.311.60.2.1.3=#13024348Extended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12Certificate
IssuerCN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=USNot Before12/01/2016, 00:00Not After11/01/2031, 23:59SubjectCN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12Certificate
IssuerCN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=USNot Before23/12/2017, 00:00Not After22/03/2029, 23:59SubjectCN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
4f:a7:2d:5a:de:36:df:f0:80:f7:f2:28:e2:ab:be:84:57:01:ae:82:93:b4:01:53:b4:71:02:ab:1f:a8:ce:48Signer
Actual PE Digest4f:a7:2d:5a:de:36:df:f0:80:f7:f2:28:e2:ab:be:84:57:01:ae:82:93:b4:01:53:b4:71:02:ab:1f:a8:ce:48Digest Algorithmsha256PE Digest Matchestrue1d:9c:7f:e1:79:32:65:98:c3:bf:ca:35:20:3e:7b:e4:1e:a9:b7:04Signer
Actual PE Digest1d:9c:7f:e1:79:32:65:98:c3:bf:ca:35:20:3e:7b:e4:1e:a9:b7:04Digest Algorithmsha1PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
webrtcmedia.dll.pdb
Imports
kernel32
AcquireSRWLockExclusive
AcquireSRWLockShared
CloseHandle
CompareStringW
CreateEventW
CreateFileW
CreateSemaphoreW
CreateThread
DecodePointer
DeleteCriticalSection
EncodePointer
EnterCriticalSection
EnumSystemLocalesW
ExitProcess
ExitThread
FindClose
FindFirstFileExW
FindNextFileW
FlushFileBuffers
FormatMessageA
FormatMessageW
FreeEnvironmentStringsW
FreeLibrary
FreeLibraryAndExitThread
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetConsoleMode
GetConsoleOutputCP
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetDateFormatW
GetEnvironmentStringsW
GetFileSizeEx
GetFileType
GetLastError
GetLocaleInfoW
GetModuleFileNameW
GetModuleHandleExW
GetModuleHandleW
GetNativeSystemInfo
GetOEMCP
GetProcAddress
GetProcessHeap
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemTimeAsFileTime
GetTimeFormatW
GetTimeZoneInformation
GetUserDefaultLCID
GlobalAlloc
GlobalFree
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
InitOnceExecuteOnce
InitializeConditionVariable
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InitializeCriticalSectionEx
InitializeSListHead
InitializeSRWLock
InterlockedFlushSList
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
IsValidLocale
LCMapStringW
LeaveCriticalSection
LoadLibraryExW
LoadLibraryW
MultiByteToWideChar
OpenThread
OutputDebugStringA
QueryPerformanceCounter
QueryPerformanceFrequency
QueueUserAPC
RaiseException
ReadConsoleW
ReadFile
ReleaseSRWLockExclusive
ReleaseSRWLockShared
ReleaseSemaphore
ResetEvent
RtlUnwind
SetEndOfFile
SetEnvironmentVariableW
SetEvent
SetFilePointerEx
SetLastError
SetStdHandle
SetThreadPriority
SetUnhandledExceptionFilter
Sleep
SleepConditionVariableCS
SleepConditionVariableSRW
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
TryEnterCriticalSection
UnhandledExceptionFilter
VerSetConditionMask
VerifyVersionInfoW
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WaitForSingleObjectEx
WakeAllConditionVariable
WakeConditionVariable
WideCharToMultiByte
WriteConsoleW
WriteFile
lstrcpyW
lstrcpynW
lstrlenW
ws2_32
WSAAsyncGetHostByName
WSAAsyncSelect
WSACancelAsyncRequest
WSACleanup
WSACloseEvent
WSACreateEvent
WSAEnumNetworkEvents
WSAEventSelect
WSAGetLastError
WSAResetEvent
WSASetEvent
WSASocketW
WSAStartup
WSAWaitForMultipleEvents
accept
bind
closesocket
connect
freeaddrinfo
getaddrinfo
getpeername
getsockname
getsockopt
htonl
htons
ioctlsocket
listen
ntohl
ntohs
recv
recvfrom
send
sendto
setsockopt
socket
user32
CreateWindowExW
DefWindowProcW
DestroyWindow
DispatchMessageW
GetAsyncKeyState
GetMessageW
GetWindow
GetWindowLongW
IsDialogMessageW
IsWindow
KillTimer
MessageBoxA
MsgWaitForMultipleObjectsEx
PeekMessageW
PostMessageW
PostThreadMessageW
RegisterClassExW
RegisterWindowMessageW
SetRectEmpty
SetTimer
SetWindowLongW
TranslateMessage
winmm
timeBeginPeriod
timeEndPeriod
timeGetTime
timeKillEvent
timeSetEvent
ole32
CoCreateInstance
CoInitializeEx
CoTaskMemAlloc
CoTaskMemFree
CoUninitialize
PropVariantClear
StringFromGUID2
msdmo
MoFreeMediaType
MoInitMediaType
oleaut32
OleCreatePropertyFrame
VariantClear
VariantInit
iphlpapi
GetAdaptersAddresses
advapi32
SystemFunction036
secur32
AcquireCredentialsHandleA
CompleteAuthToken
DeleteSecurityContext
FreeCredentialsHandle
InitializeSecurityContextA
Exports
Exports
webrtc_pt_interface_free
webrtc_pt_interface_get_local_frame
webrtc_pt_interface_get_local_frame_pre
webrtc_pt_interface_get_remote_frame
webrtc_pt_interface_get_remote_frame_pre
webrtc_pt_interface_handle_pt_message
webrtc_pt_interface_handle_sdp_message
webrtc_pt_interface_init
webrtc_pt_interface_set_video_flip
webrtc_pt_interface_static_call
Sections
.text Size: 5.7MB - Virtual size: 5.7MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 872KB - Virtual size: 871KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 10KB - Virtual size: 51KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.00cfg Size: 512B - Virtual size: 4B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rodata Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.tls Size: 512B - Virtual size: 177B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.voltbl Size: 512B - Virtual size: 304B
.reloc Size: 161KB - Virtual size: 161KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
d.bmp
-
h.bmp
-
launch9.exe.exe windows:5 windows x86 arch:x86
a4de0ba99eaf25c5b0c13cc5a8ac11d4
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
D:\Jenkins\workspace\zhanmeng_pc\zhanmeng_pc\svn_dir\independent\GameInstall\Release\GameLaunch.pdb
Imports
kernel32
MoveFileExW
RemoveDirectoryW
GetFileAttributesW
SetFileAttributesW
WriteConsoleW
GetStdHandle
OutputDebugStringW
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ReleaseSemaphore
TerminateThread
GetExitCodeThread
SetFilePointerEx
FreeLibrary
FlushFileBuffers
SetEndOfFile
HeapAlloc
GetProcessHeap
HeapFree
GetSystemTimeAsFileTime
QueryPerformanceFrequency
CreateEventW
SetConsoleMode
ReadConsoleInputA
GetCurrentProcessId
WaitForSingleObject
DeleteFileW
GetSystemTime
FlushConsoleInputBuffer
GlobalMemoryStatus
GetVersion
GetFullPathNameA
GetFileInformationByHandle
FindFirstFileExA
GetDriveTypeA
FileTimeToLocalFileTime
FileTimeToSystemTime
GetModuleHandleA
FindResourceW
ExpandEnvironmentStringsA
PeekNamedPipe
FormatMessageA
GetSystemDirectoryA
TerminateProcess
SleepEx
GetDiskFreeSpaceExW
CompareStringW
CreateFileA
SetStdHandle
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStringTypeW
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
IsValidCodePage
GetOEMCP
GetConsoleMode
GetConsoleCP
HeapCreate
SetHandleCount
HeapSize
SetLastError
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetLocaleInfoW
SetConsoleCtrlHandler
InitializeCriticalSectionAndSpinCount
IsProcessorFeaturePresent
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCPInfo
LCMapStringW
RtlUnwind
RaiseException
GetDateFormatW
GetTimeFormatW
GetTimeZoneInformation
HeapReAlloc
GetStartupInfoW
HeapSetInformation
GetCommandLineW
CreateThread
ExitThread
LocalFree
DecodePointer
EncodePointer
InterlockedExchange
WaitForMultipleObjects
OpenProcess
CreateProcessW
GetDriveTypeW
GetLogicalDriveStringsW
SizeofResource
LockResource
LoadResource
GetPrivateProfileStringW
SetEvent
OpenEventW
CloseHandle
ReleaseMutex
GetLastError
CreateMutexW
QueryPerformanceCounter
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
VerifyVersionInfoW
VerSetConditionMask
GetLocalTime
MulDiv
InterlockedIncrement
InterlockedDecrement
DuplicateHandle
GetFileType
WideCharToMultiByte
WriteFile
SystemTimeToFileTime
SetFilePointer
DosDateTimeToFileTime
ReadFile
GetFileSize
CreateFileW
GetACP
GetProcAddress
GetCurrentDirectoryW
LoadLibraryW
ExitProcess
FreeResource
GetModuleHandleW
FindNextFileW
GetCurrentThreadId
GetModuleFileNameW
FindClose
FindFirstFileW
GetCurrentProcess
GetVersionExW
GetSystemInfo
CreateDirectoryW
MultiByteToWideChar
GetTickCount
SetEnvironmentVariableA
Sleep
LoadLibraryA
WritePrivateProfileStringW
GetVersionExA
user32
TranslateAcceleratorW
TranslateMessage
DispatchMessageW
MessageBoxA
GetProcessWindowStation
GetUserObjectInformationW
KillTimer
IsZoomed
GetWindowRect
SetWindowPos
SetTimer
EnableMenuItem
IsWindow
GetSystemMenu
PostQuitMessage
InvalidateRect
SetForegroundWindow
GetWindowLongW
DefWindowProcW
wsprintfW
RegisterClassW
CreateWindowExW
UnregisterClassW
SetWindowLongW
DestroyWindow
ShowWindow
IsWindowVisible
GetMessageW
FindWindowW
IsIconic
GetMonitorInfoW
MonitorFromWindow
GetWindowTextLengthW
SetWindowTextW
CharPrevW
SetRect
GetWindowTextW
InvalidateRgn
CreateAcceleratorTableW
SetScrollRange
CreateCaret
ClientToScreen
ScreenToClient
GetClientRect
SetWindowRgn
MessageBoxW
GetSysColor
RegisterWindowMessageW
PostMessageW
GetWindow
EnableWindow
SetFocus
LoadImageW
FillRect
DrawTextW
GetSystemMetrics
SendMessageW
LoadCursorW
GetClassInfoExW
RegisterClassExW
CallWindowProcW
SetPropW
GetPropW
GetKeyState
ReleaseDC
GetDC
GetUpdateRect
BeginPaint
EndPaint
IsRectEmpty
UpdateLayeredWindow
MapWindowPoints
GetCursorPos
GetFocus
SetCapture
InvertRect
HideCaret
ShowCaret
SetCaretPos
MoveWindow
CharNextW
IntersectRect
SetCursor
InflateRect
OffsetRect
GetParent
PtInRect
ReleaseCapture
gdi32
TextOutW
GetTextExtentPoint32W
GetCharABCWidthsW
RoundRect
LineTo
MoveToEx
CreatePenIndirect
CreateSolidBrush
ExtTextOutW
SetStretchBltMode
SetBkMode
SetBkColor
SetTextColor
StretchBlt
CombineRgn
ExtSelectClipRgn
CreateRectRgnIndirect
GetClipBox
SelectClipRgn
CreateDIBSection
GetObjectA
GetTextMetricsW
SetWindowOrgEx
Rectangle
BitBlt
RestoreDC
SaveDC
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
DeleteDC
CreatePen
CreateFontIndirectW
GetStockObject
GetObjectW
DeleteObject
CreateRoundRectRgn
GetDeviceCaps
advapi32
RegCloseKey
RegQueryValueExW
OpenProcessToken
RegSetValueExW
LookupPrivilegeValueW
AdjustTokenPrivileges
RegOpenKeyExW
DeregisterEventSource
ReportEventA
RegisterEventSourceA
shell32
SHBrowseForFolderW
ShellExecuteW
SHGetSpecialFolderLocation
SHGetPathFromIDListW
ole32
CoInitialize
OleInitialize
OleUninitialize
CoUninitialize
CoTaskMemFree
CoCreateInstance
CLSIDFromProgID
OleLockRunning
CLSIDFromString
RevokeDragDrop
RegisterDragDrop
oleaut32
VariantInit
SysFreeString
VariantClear
SysAllocString
SysAllocStringLen
gdiplus
GdipFree
GdipAlloc
GdipCloneBrush
GdipDrawString
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipSetSmoothingMode
GdipCreatePath
GdipDeletePath
GdipAddPathArcI
GdipAddPathLineI
GdipCreateTexture
GdipSetPixelOffsetMode
GdipFillPath
GdiplusStartup
GdiplusShutdown
GdipCreateFontFromDC
GdipCreateFontFromLogfontA
GdipCreateLineBrushI
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipDeleteStringFormat
GdipCreateStringFormat
GdipSetTextRenderingHint
GdipDeleteGraphics
GdipCreateFromHDC
GdipDeleteFont
GdipDeleteBrush
shlwapi
PathAppendW
PathFileExistsW
PathRemoveFileSpecW
winmm
timeBeginPeriod
timeEndPeriod
comctl32
InitCommonControlsEx
ord17
_TrackMouseEvent
msimg32
AlphaBlend
psapi
GetModuleFileNameExW
snmpapi
SnmpUtilOidNCmp
SnmpUtilVarBindFree
SnmpUtilOidCpy
iphlpapi
GetAdaptersAddresses
ws2_32
WSAStartup
gethostname
WSACleanup
gethostbyname
inet_ntoa
inet_addr
socket
WSACreateEvent
WSAEventSelect
htons
sendto
WSAWaitForMultipleEvents
WSAEnumNetworkEvents
recvfrom
ntohs
ntohl
setsockopt
closesocket
WSAGetLastError
select
ioctlsocket
listen
accept
getservbyport
WSASetLastError
__WSAFDIsSet
recv
send
WSAIoctl
getsockname
bind
getsockopt
getpeername
connect
htonl
getservbyname
gethostbyaddr
shutdown
wldap32
ord200
ord35
ord26
ord50
ord60
ord79
ord301
ord32
ord33
ord27
ord41
ord30
ord22
ord143
ord211
ord46
Sections
.text Size: 1.7MB - Virtual size: 1.7MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 453KB - Virtual size: 453KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 67KB - Virtual size: 97KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 26.8MB - Virtual size: 26.8MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 125KB - Virtual size: 124KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
t9.bmp
-
tank.bmp
-
tex1.bmp.zip