C:\projects\leaf-xnet\Leaf.xNet\obj\Release\net45\Leaf.xNet.pdb
Overview
overview
10Static
static
3AppSetup(Full).rar
windows7-x64
3AppSetup(Full).rar
windows10-2004-x64
1Add/Leaf.xNet.dll
windows7-x64
1Add/Leaf.xNet.dll
windows10-2004-x64
1Add/Newton...on.dll
windows7-x64
1Add/Newton...on.dll
windows10-2004-x64
1Add/Useful...ns.dll
windows7-x64
1Add/Useful...ns.dll
windows10-2004-x64
1Add/libGLESV2.dll
windows7-x64
3Add/libGLESV2.dll
windows10-2004-x64
3App_Installer.exe
windows7-x64
1App_Installer.exe
windows10-2004-x64
10Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
AppSetup(Full).rar
Resource
win7-20240903-en
windows7-x64
7 signatures
150 seconds
Behavioral task
behavioral2
Sample
AppSetup(Full).rar
Resource
win10v2004-20241007-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral3
Sample
Add/Leaf.xNet.dll
Resource
win7-20240903-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral4
Sample
Add/Leaf.xNet.dll
Resource
win10v2004-20241007-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral5
Sample
Add/Newtonsoft.Json.dll
Resource
win7-20240903-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral6
Sample
Add/Newtonsoft.Json.dll
Resource
win10v2004-20241007-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral7
Sample
Add/UsefulExtensions.dll
Resource
win7-20240903-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral8
Sample
Add/UsefulExtensions.dll
Resource
win10v2004-20241007-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral9
Sample
Add/libGLESV2.dll
Resource
win7-20240903-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral10
Sample
Add/libGLESV2.dll
Resource
win10v2004-20241007-en
windows10-2004-x64
2 signatures
150 seconds
Behavioral task
behavioral11
Sample
App_Installer.exe
Resource
win7-20240903-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral12
Sample
App_Installer.exe
Resource
win10v2004-20241007-en
windows10-2004-x64
10 signatures
150 seconds
General
-
Target
AppSetup(Full).rar
-
Size
70.5MB
-
MD5
164530b6e179cc1a1b5417e805165f48
-
SHA1
6e7950770c0b2195cb021b4ac2720d8d6ec98f69
-
SHA256
4c403a03cf490252f38fc7791cf2713141d4da22191a1c5667ee6880a4f97b78
-
SHA512
e6cfa323e0455d58bb9c3a24fe864d13d49e3936eb3f4fcd029b3af25dbb868b69d30ae04f1e8db8a367440a2edbf028f5f553a02f4d41793d478654be846f37
-
SSDEEP
1572864:ay2Cw3jnMfFCbOCYKXXDUxG7nykzTvlaM9GLR1c5RhHfW+f:a3PTnMRdKXw0TykXvgrurHO2
Score
3/10
Malware Config
Signatures
-
Unsigned PE 3 IoCs
Checks for missing Authenticode signature.
resource unpack001/Add/Leaf.xNet.dll unpack001/Add/UsefulExtensions.dll unpack001/App_Installer.exe
Files
-
AppSetup(Full).rar.rar
Password: 2024
-
Add/Leaf.xNet.dll.dll windows:4 windows x86 arch:x86
Password: 2024
dae02f32a21e03ce65412f6e56942daa
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
Imports
mscoree
_CorDllMain
Sections
.text Size: 127KB - Virtual size: 126KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
Add/Newtonsoft.Json.dll.dll windows:4 windows x86 arch:x86
Password: 2024
dae02f32a21e03ce65412f6e56942daa
Code Sign
02:ac:5c:26:6a:0b:40:9b:8f:0b:79:f2:ae:46:25:77Certificate
IssuerCN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before10/11/2006, 00:00Not After10/11/2031, 00:00SubjectCN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
07:b0:41:8d:a5:1e:14:8c:33:1b:bc:de:b7:13:83:23Certificate
IssuerCN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before27/04/2018, 12:41Not After27/04/2028, 12:41SubjectCN=.NET Foundation Projects Code Signing CA,O=.NET Foundation,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
0a:71:a1:b0:c2:96:f5:c7:90:65:47:0a:3c:20:53:7eCertificate
IssuerCN=.NET Foundation Projects Code Signing CA,O=.NET Foundation,C=USNot Before25/10/2018, 00:00Not After29/10/2021, 12:00SubjectSERIALNUMBER=603 389 068,CN=Json.NET (.NET Foundation),O=Json.NET (.NET Foundation),L=Redmond,ST=wa,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:ddCertificate
IssuerCN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before01/01/2021, 00:00Not After06/01/2031, 00:00SubjectCN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate
IssuerCN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before07/01/2016, 12:00Not After07/01/2031, 12:00SubjectCN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
2e:83:93:14:a9:06:f5:64:04:02:a1:dc:eb:a3:1a:a7:e9:21:c8:88:2c:dd:c2:3c:e4:c0:45:50:4c:ee:75:10Signer
Actual PE Digest2e:83:93:14:a9:06:f5:64:04:02:a1:dc:eb:a3:1a:a7:e9:21:c8:88:2c:dd:c2:3c:e4:c0:45:50:4c:ee:75:10Digest Algorithmsha256PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
/_/Src/Newtonsoft.Json/obj/Release/net45/Newtonsoft.Json.pdb
Imports
mscoree
_CorDllMain
Sections
.text Size: 675KB - Virtual size: 675KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
Add/UsefulExtensions.dll.dll windows:4 windows x86 arch:x86
Password: 2024
dae02f32a21e03ce65412f6e56942daa
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
C:\Users\admin\source\git\UsefulExtensions\UsefulExtensions\obj\Release\netstandard2.0\UsefulExtensions.pdb
Imports
mscoree
_CorDllMain
Sections
.text Size: 56KB - Virtual size: 55KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
Add/libGLESV2.dll.dll windows:6 windows x86 arch:x86
Password: 2024
abea2434f9b7d3b2a3c225bb90b22116
Code Sign
e4:12:82:66:79:32:d8:54:6f:96:d4:d4:62:32:c0:6fCertificate
IssuerCN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GBNot Before09/09/2019, 00:00Not After08/09/2024, 23:59SubjectCN=Artem Shevchenko,O=Artem Shevchenko,POSTALCODE=04050,STREET=Melnikova st. 15\, 5 apt.,L=Kiev,ST=Kiev,C=UAExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6aCertificate
IssuerCN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=USNot Before02/11/2018, 00:00Not After31/12/2030, 23:59SubjectCN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GBExtended Key Usages
ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
2b:73:db:74:63:11:4c:5a:5b:32:4a:f2:30:57:72:49Certificate
IssuerCN=COMODO Time Stamping CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GBNot Before02/05/2019, 00:00Not After30/05/2020, 10:48SubjectCN=Sectigo SHA-1 Time Stamping Signer,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GBExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
62:5c:4d:90:8c:d5:42:fb:ab:2e:a5:73:3f:f1:54:19Certificate
IssuerCN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=USNot Before27/04/2011, 00:00Not After30/05/2020, 10:48SubjectCN=COMODO Time Stamping CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GBExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
42:1a:f2:94:09:84:19:1f:52:0a:4b:c6:24:26:a7:4bCertificate
IssuerCN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SENot Before07/06/2005, 08:09Not After30/05/2020, 10:48SubjectCN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=USKey Usages
KeyUsageCertSign
KeyUsageCRLSign
07:76:ce:03:73:62:be:f7:84:27:05:15:62:fa:be:5a:eb:2f:86:63Signer
Actual PE Digest07:76:ce:03:73:62:be:f7:84:27:05:15:62:fa:be:5a:eb:2f:86:63Digest Algorithmsha1PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
Sleep
GetTempPathA
GetTempFileNameA
FreeLibrary
GetProcAddress
LoadLibraryW
GetLastError
SetLastError
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
QueryPerformanceFrequency
GetModuleHandleW
VerSetConditionMask
VerifyVersionInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
DecodePointer
EncodePointer
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetSystemTimeAsFileTime
user32
DestroyWindow
WindowFromDC
CallWindowProcW
SetPropW
GetPropW
RemovePropW
SetWindowLongW
GetClientRect
IsIconic
IsWindow
CreateWindowExW
GetWindowThreadProcessId
InvalidateRect
d3d9
D3DPERF_SetMarker
D3DPERF_GetStatus
Direct3DCreate9
D3DPERF_EndEvent
D3DPERF_BeginEvent
msvcp120
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAI@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_J@Z
??_7?$basic_istream@DU?$char_traits@D@std@@@std@@6B@
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAM@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAH@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?imbue@?$basic_ios@DU?$char_traits@D@std@@@std@@QAE?AVlocale@2@ABV32@@Z
?classic@locale@std@@SAABV12@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@M@Z
?_Xbad_alloc@std@@YAXXZ
?_Xlength_error@std@@YAXPBD@Z
?_Xout_of_range@std@@YAXPBD@Z
?_Syserror_map@std@@YAPBDH@Z
?_Winerror_map@std@@YAPBDH@Z
?_Ios_base_dtor@ios_base@std@@CAXPAV12@@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
?_BADOFF@std@@3_JB
??_7ios_base@std@@6B@
??_7?$basic_ios@DU?$char_traits@D@std@@@std@@6B@
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@PBD_J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
?_Orphan_all@_Container_base0@std@@QAEXXZ
_FNan
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_K@Z
msvcr120
_amsg_exit
_malloc_crt
_initterm
_initterm_e
_except_handler4_common
_crt_debugger_hook
__crtUnhandledException
__crtTerminateProcess
__clean_type_info_names_internal
__CppXcptFilter
_purecall
??2@YAPAXI@Z
??3@YAXPAX@Z
memmove
_libm_sse2_log_precise
_libm_sse2_pow_precise
floor
memcpy
fclose
fopen
fwrite
free
malloc
__CxxFrameHandler3
memset
atoi
memchr
strncpy
??_V@YAXPAX@Z
ceil
_wgetenv
sprintf_s
strncmp
strstr
wcstombs
ldexp
modf
_snprintf
__iob_func
fprintf
_errno
exit
realloc
_lock
_unlock
_calloc_crt
__dllonexit
_onexit
_except1
??1type_info@@UAE@XZ
_vsnprintf
?terminate@@YAXXZ
Exports
Exports
?ANGLEPlatformCurrent@@YAPAVPlatform@angle@@XZ
?ANGLEPlatformInitialize@@YAXPAVPlatform@angle@@@Z
?ANGLEPlatformShutdown@@YAXXZ
?ActiveTexture@gl@@YGXI@Z
?AttachShader@gl@@YGXII@Z
?BeginQuery@gl@@YGXII@Z
?BeginQueryEXT@gl@@YGXII@Z
?BeginTransformFeedback@gl@@YGXI@Z
?BindAPI@egl@@YGII@Z
?BindAttribLocation@gl@@YGXIIPBD@Z
?BindBuffer@gl@@YGXII@Z
?BindBufferBase@gl@@YGXIII@Z
?BindBufferRange@gl@@YGXIIIJJ@Z
?BindFramebuffer@gl@@YGXII@Z
?BindRenderbuffer@gl@@YGXII@Z
?BindSampler@gl@@YGXII@Z
?BindTexImage@egl@@YGIPAX0H@Z
?BindTexture@gl@@YGXII@Z
?BindTransformFeedback@gl@@YGXII@Z
?BindVertexArray@gl@@YGXI@Z
?BlendColor@gl@@YGXMMMM@Z
?BlendEquation@gl@@YGXI@Z
?BlendEquationSeparate@gl@@YGXII@Z
?BlendFunc@gl@@YGXII@Z
?BlendFuncSeparate@gl@@YGXIIII@Z
?BlitFramebuffer@gl@@YGXHHHHHHHHII@Z
?BlitFramebufferANGLE@gl@@YGXHHHHHHHHII@Z
?BufferData@gl@@YGXIJPBXI@Z
?BufferSubData@gl@@YGXIJJPBX@Z
?CheckFramebufferStatus@gl@@YGII@Z
?ChooseConfig@egl@@YGIPAXPBHPAPAXHPAH@Z
?Clear@gl@@YGXI@Z
?ClearBufferfi@gl@@YGXIHMH@Z
?ClearBufferfv@gl@@YGXIHPBM@Z
?ClearBufferiv@gl@@YGXIHPBH@Z
?ClearBufferuiv@gl@@YGXIHPBI@Z
?ClearColor@gl@@YGXMMMM@Z
?ClearDepthf@gl@@YGXM@Z
?ClearStencil@gl@@YGXH@Z
?ClientWaitSync@egl@@YGHPAX0H_K@Z
?ClientWaitSync@gl@@YGIPAU__GLsync@@I_K@Z
?ColorMask@gl@@YGXEEEE@Z
?CompileShader@gl@@YGXI@Z
?CompressedTexImage2D@gl@@YGXIHIHHHHPBX@Z
?CompressedTexImage3D@gl@@YGXIHIHHHHHPBX@Z
?CompressedTexSubImage2D@gl@@YGXIHHHHHIHPBX@Z
?CompressedTexSubImage3D@gl@@YGXIHHHHHHHIHPBX@Z
?CopyBufferSubData@gl@@YGXIIJJJ@Z
?CopyBuffers@egl@@YGIPAX0PAUHBITMAP__@@@Z
?CopyTexImage2D@gl@@YGXIHIHHHHH@Z
?CopyTexSubImage2D@gl@@YGXIHHHHHHH@Z
?CopyTexSubImage3D@gl@@YGXIHHHHHHHH@Z
?CreateContext@egl@@YGPAXPAX00PBH@Z
?CreateImage@egl@@YGPAXPAX0I0PBH@Z
?CreatePbufferFromClientBuffer@egl@@YGPAXPAXI00PBH@Z
?CreatePbufferSurface@egl@@YGPAXPAX0PBH@Z
?CreatePixmapSurface@egl@@YGPAXPAX0PAUHBITMAP__@@PBH@Z
?CreatePlatformPixmapSurface@egl@@YGPAXPAX00PBH@Z
?CreatePlatformWindowSurface@egl@@YGPAXPAX00PBH@Z
?CreateProgram@gl@@YGIXZ
?CreateShader@gl@@YGII@Z
?CreateSync@egl@@YGPAXPAXIPBH@Z
?CreateWindowSurface@egl@@YGPAXPAX0PAUHWND__@@PBH@Z
?CullFace@gl@@YGXI@Z
?DeleteBuffers@gl@@YGXHPBI@Z
?DeleteFencesNV@gl@@YGXHPBI@Z
?DeleteFramebuffers@gl@@YGXHPBI@Z
?DeleteProgram@gl@@YGXI@Z
?DeleteQueries@gl@@YGXHPBI@Z
?DeleteQueriesEXT@gl@@YGXHPBI@Z
?DeleteRenderbuffers@gl@@YGXHPBI@Z
?DeleteSamplers@gl@@YGXHPBI@Z
?DeleteShader@gl@@YGXI@Z
?DeleteSync@gl@@YGXPAU__GLsync@@@Z
?DeleteTextures@gl@@YGXHPBI@Z
?DeleteTransformFeedbacks@gl@@YGXHPBI@Z
?DeleteVertexArrays@gl@@YGXHPBI@Z
?DepthFunc@gl@@YGXI@Z
?DepthMask@gl@@YGXE@Z
?DepthRangef@gl@@YGXMM@Z
?DestroyContext@egl@@YGIPAX0@Z
?DestroyImage@egl@@YGIPAX0@Z
?DestroySurface@egl@@YGIPAX0@Z
?DestroySync@egl@@YGIPAX0@Z
?DetachShader@gl@@YGXII@Z
?Disable@gl@@YGXI@Z
?DisableVertexAttribArray@gl@@YGXI@Z
?DrawArrays@gl@@YGXIHH@Z
?DrawArraysInstanced@gl@@YGXIHHH@Z
?DrawArraysInstancedANGLE@gl@@YGXIHHH@Z
?DrawBuffers@gl@@YGXHPBI@Z
?DrawBuffersEXT@gl@@YGXHPBI@Z
?DrawElements@gl@@YGXIHIPBX@Z
?DrawElementsInstanced@gl@@YGXIHIPBXH@Z
?DrawElementsInstancedANGLE@gl@@YGXIHIPBXH@Z
?DrawRangeElements@gl@@YGXIIIHIPBX@Z
?Enable@gl@@YGXI@Z
?EnableVertexAttribArray@gl@@YGXI@Z
?EndQuery@gl@@YGXI@Z
?EndQueryEXT@gl@@YGXI@Z
?EndTransformFeedback@gl@@YGXXZ
?FenceSync_@gl@@YGPAU__GLsync@@II@Z
?Finish@gl@@YGXXZ
?FinishFenceNV@gl@@YGXI@Z
?Flush@gl@@YGXXZ
?FlushMappedBufferRange@gl@@YGXIJJ@Z
?FlushMappedBufferRangeEXT@gl@@YGXIJJ@Z
?FramebufferRenderbuffer@gl@@YGXIIII@Z
?FramebufferTexture2D@gl@@YGXIIIIH@Z
?FramebufferTextureLayer@gl@@YGXIIIHH@Z
?FrontFace@gl@@YGXI@Z
?GenBuffers@gl@@YGXHPAI@Z
?GenFencesNV@gl@@YGXHPAI@Z
?GenFramebuffers@gl@@YGXHPAI@Z
?GenQueries@gl@@YGXHPAI@Z
?GenQueriesEXT@gl@@YGXHPAI@Z
?GenRenderbuffers@gl@@YGXHPAI@Z
?GenSamplers@gl@@YGXHPAI@Z
?GenTextures@gl@@YGXHPAI@Z
?GenTransformFeedbacks@gl@@YGXHPAI@Z
?GenVertexArrays@gl@@YGXHPAI@Z
?GenerateMipmap@gl@@YGXI@Z
?GetActiveAttrib@gl@@YGXIIHPAH0PAIPAD@Z
?GetActiveUniform@gl@@YGXIIHPAH0PAIPAD@Z
?GetActiveUniformBlockName@gl@@YGXIIHPAHPAD@Z
?GetActiveUniformBlockiv@gl@@YGXIIIPAH@Z
?GetActiveUniformsiv@gl@@YGXIHPBIIPAH@Z
?GetAttachedShaders@gl@@YGXIHPAHPAI@Z
?GetAttribLocation@gl@@YGHIPBD@Z
?GetBooleanv@gl@@YGXIPAE@Z
?GetBufferParameteri64v@gl@@YGXIIPA_J@Z
?GetBufferParameteriv@gl@@YGXIIPAH@Z
?GetBufferPointerv@gl@@YGXIIPAPAX@Z
?GetBufferPointervOES@gl@@YGXIIPAPAX@Z
?GetConfigAttrib@egl@@YGIPAX0HPAH@Z
?GetConfigs@egl@@YGIPAXPAPAXHPAH@Z
?GetCurrentContext@egl@@YGPAXXZ
?GetCurrentDisplay@egl@@YGPAXXZ
?GetCurrentSurface@egl@@YGPAXH@Z
?GetDisplay@egl@@YGPAXPAUHDC__@@@Z
?GetError@egl@@YGHXZ
?GetError@gl@@YGIXZ
?GetFenceivNV@gl@@YGXIIPAH@Z
?GetFloatv@gl@@YGXIPAM@Z
?GetFragDataLocation@gl@@YGHIPBD@Z
?GetFramebufferAttachmentParameteriv@gl@@YGXIIIPAH@Z
?GetGraphicsResetStatusEXT@gl@@YGIXZ
?GetInteger64i_v@gl@@YGXIIPA_J@Z
?GetInteger64v@gl@@YGXIPA_J@Z
?GetIntegeri_v@gl@@YGXIIPAH@Z
?GetIntegerv@gl@@YGXIPAH@Z
?GetInternalformativ@gl@@YGXIIIHPAH@Z
?GetPlatformDisplay@egl@@YGPAXIPAXPBH@Z
?GetPlatformDisplayEXT@egl@@YGPAXIPAXPBH@Z
?GetProcAddress@egl@@YGP6AXXZPBD@Z
?GetProgramBinary@gl@@YGXIHPAHPAIPAX@Z
?GetProgramBinaryOES@gl@@YGXIHPAHPAIPAX@Z
?GetProgramInfoLog@gl@@YGXIHPAHPAD@Z
?GetProgramiv@gl@@YGXIIPAH@Z
?GetQueryObjectuiv@gl@@YGXIIPAI@Z
?GetQueryObjectuivEXT@gl@@YGXIIPAI@Z
?GetQueryiv@gl@@YGXIIPAH@Z
?GetQueryivEXT@gl@@YGXIIPAH@Z
?GetRenderbufferParameteriv@gl@@YGXIIPAH@Z
?GetSamplerParameterfv@gl@@YGXIIPAM@Z
?GetSamplerParameteriv@gl@@YGXIIPAH@Z
?GetShaderInfoLog@gl@@YGXIHPAHPAD@Z
?GetShaderPrecisionFormat@gl@@YGXIIPAH0@Z
?GetShaderSource@gl@@YGXIHPAHPAD@Z
?GetShaderiv@gl@@YGXIIPAH@Z
?GetString@gl@@YGPBEI@Z
?GetStringi@gl@@YGPBEII@Z
?GetSyncAttrib@egl@@YGIPAX0HPAH@Z
?GetSynciv@gl@@YGXPAU__GLsync@@IHPAH1@Z
?GetTexParameterfv@gl@@YGXIIPAM@Z
?GetTexParameteriv@gl@@YGXIIPAH@Z
?GetTransformFeedbackVarying@gl@@YGXIIHPAH0PAIPAD@Z
?GetTranslatedShaderSourceANGLE@gl@@YGXIHPAHPAD@Z
?GetUniformBlockIndex@gl@@YGIIPBD@Z
?GetUniformIndices@gl@@YGXIHPBQBDPAI@Z
?GetUniformLocation@gl@@YGHIPBD@Z
?GetUniformfv@gl@@YGXIHPAM@Z
?GetUniformiv@gl@@YGXIHPAH@Z
?GetUniformuiv@gl@@YGXIHPAI@Z
?GetVertexAttribIiv@gl@@YGXIIPAH@Z
?GetVertexAttribIuiv@gl@@YGXIIPAI@Z
?GetVertexAttribPointerv@gl@@YGXIIPAPAX@Z
?GetVertexAttribfv@gl@@YGXIIPAM@Z
?GetVertexAttribiv@gl@@YGXIIPAH@Z
?GetnUniformfvEXT@gl@@YGXIHHPAM@Z
?GetnUniformivEXT@gl@@YGXIHHPAH@Z
?Hint@gl@@YGXII@Z
?Initialize@egl@@YGIPAXPAH1@Z
?InvalidateFramebuffer@gl@@YGXIHPBI@Z
?InvalidateSubFramebuffer@gl@@YGXIHPBIHHHH@Z
?IsBuffer@gl@@YGEI@Z
?IsEnabled@gl@@YGEI@Z
?IsFenceNV@gl@@YGEI@Z
?IsFramebuffer@gl@@YGEI@Z
?IsProgram@gl@@YGEI@Z
?IsQuery@gl@@YGEI@Z
?IsQueryEXT@gl@@YGEI@Z
?IsRenderbuffer@gl@@YGEI@Z
?IsSampler@gl@@YGEI@Z
?IsShader@gl@@YGEI@Z
?IsSync@gl@@YGEPAU__GLsync@@@Z
?IsTexture@gl@@YGEI@Z
?IsTransformFeedback@gl@@YGEI@Z
?IsVertexArray@gl@@YGEI@Z
?LineWidth@gl@@YGXM@Z
?LinkProgram@gl@@YGXI@Z
?MakeCurrent@egl@@YGIPAX000@Z
?MapBufferOES@gl@@YGPAXII@Z
?MapBufferRange@gl@@YGPAXIJJI@Z
?MapBufferRangeEXT@gl@@YGPAXIJJI@Z
?PauseTransformFeedback@gl@@YGXXZ
?PixelStorei@gl@@YGXIH@Z
?PolygonOffset@gl@@YGXMM@Z
?PostSubBufferNV@egl@@YGIPAX0HHHH@Z
?ProgramBinary@gl@@YGXIIPBXH@Z
?ProgramBinaryOES@gl@@YGXIIPBXH@Z
?ProgramParameteri@gl@@YGXIIH@Z
?QueryAPI@egl@@YGIXZ
?QueryContext@egl@@YGIPAX0HPAH@Z
?QueryString@egl@@YGPBDPAXH@Z
?QuerySurface@egl@@YGIPAX0HPAH@Z
?QuerySurfacePointerANGLE@egl@@YGIPAX0HPAPAX@Z
?ReadBuffer@gl@@YGXI@Z
?ReadPixels@gl@@YGXHHHHIIPAX@Z
?ReadnPixelsEXT@gl@@YGXHHHHIIHPAX@Z
?ReleaseShaderCompiler@gl@@YGXXZ
?ReleaseTexImage@egl@@YGIPAX0H@Z
?ReleaseThread@egl@@YGIXZ
?RenderbufferStorage@gl@@YGXIIHH@Z
?RenderbufferStorageMultisample@gl@@YGXIHIHH@Z
?RenderbufferStorageMultisampleANGLE@gl@@YGXIHIHH@Z
?ResumeTransformFeedback@gl@@YGXXZ
?SampleCoverage@gl@@YGXME@Z
?SamplerParameterf@gl@@YGXIIM@Z
?SamplerParameterfv@gl@@YGXIIPBM@Z
?SamplerParameteri@gl@@YGXIIH@Z
?SamplerParameteriv@gl@@YGXIIPBH@Z
?Scissor@gl@@YGXHHHH@Z
?SetFenceNV@gl@@YGXII@Z
?ShaderBinary@gl@@YGXHPBIIPBXH@Z
?ShaderSource@gl@@YGXIHPBQBDPBH@Z
?StencilFunc@gl@@YGXIHI@Z
?StencilFuncSeparate@gl@@YGXIIHI@Z
?StencilMask@gl@@YGXI@Z
?StencilMaskSeparate@gl@@YGXII@Z
?StencilOp@gl@@YGXIII@Z
?StencilOpSeparate@gl@@YGXIIII@Z
?SurfaceAttrib@egl@@YGIPAX0HH@Z
?SwapBuffers@egl@@YGIPAX0@Z
?SwapInterval@egl@@YGIPAXH@Z
?Terminate@egl@@YGIPAX@Z
?TestFenceNV@gl@@YGEI@Z
?TexImage2D@gl@@YGXIHHHHHIIPBX@Z
?TexImage3D@gl@@YGXIHHHHHHIIPBX@Z
?TexParameterf@gl@@YGXIIM@Z
?TexParameterfv@gl@@YGXIIPBM@Z
?TexParameteri@gl@@YGXIIH@Z
?TexParameteriv@gl@@YGXIIPBH@Z
?TexStorage2D@gl@@YGXIHIHH@Z
?TexStorage2DEXT@gl@@YGXIHIHH@Z
?TexStorage3D@gl@@YGXIHIHHH@Z
?TexSubImage2D@gl@@YGXIHHHHHIIPBX@Z
?TexSubImage3D@gl@@YGXIHHHHHHHIIPBX@Z
?TransformFeedbackVaryings@gl@@YGXIHPBQBDI@Z
?Uniform1f@gl@@YGXHM@Z
?Uniform1fv@gl@@YGXHHPBM@Z
?Uniform1i@gl@@YGXHH@Z
?Uniform1iv@gl@@YGXHHPBH@Z
?Uniform1ui@gl@@YGXHI@Z
?Uniform1uiv@gl@@YGXHHPBI@Z
?Uniform2f@gl@@YGXHMM@Z
?Uniform2fv@gl@@YGXHHPBM@Z
?Uniform2i@gl@@YGXHHH@Z
?Uniform2iv@gl@@YGXHHPBH@Z
?Uniform2ui@gl@@YGXHII@Z
?Uniform2uiv@gl@@YGXHHPBI@Z
?Uniform3f@gl@@YGXHMMM@Z
?Uniform3fv@gl@@YGXHHPBM@Z
?Uniform3i@gl@@YGXHHHH@Z
?Uniform3iv@gl@@YGXHHPBH@Z
?Uniform3ui@gl@@YGXHIII@Z
?Uniform3uiv@gl@@YGXHHPBI@Z
?Uniform4f@gl@@YGXHMMMM@Z
?Uniform4fv@gl@@YGXHHPBM@Z
?Uniform4i@gl@@YGXHHHHH@Z
?Uniform4iv@gl@@YGXHHPBH@Z
?Uniform4ui@gl@@YGXHIIII@Z
?Uniform4uiv@gl@@YGXHHPBI@Z
?UniformBlockBinding@gl@@YGXIII@Z
?UniformMatrix2fv@gl@@YGXHHEPBM@Z
?UniformMatrix2x3fv@gl@@YGXHHEPBM@Z
?UniformMatrix2x4fv@gl@@YGXHHEPBM@Z
?UniformMatrix3fv@gl@@YGXHHEPBM@Z
?UniformMatrix3x2fv@gl@@YGXHHEPBM@Z
?UniformMatrix3x4fv@gl@@YGXHHEPBM@Z
?UniformMatrix4fv@gl@@YGXHHEPBM@Z
?UniformMatrix4x2fv@gl@@YGXHHEPBM@Z
?UniformMatrix4x3fv@gl@@YGXHHEPBM@Z
?UnmapBuffer@gl@@YGEI@Z
?UnmapBufferOES@gl@@YGEI@Z
?UseProgram@gl@@YGXI@Z
?ValidateProgram@gl@@YGXI@Z
?VertexAttrib1f@gl@@YGXIM@Z
?VertexAttrib1fv@gl@@YGXIPBM@Z
?VertexAttrib2f@gl@@YGXIMM@Z
?VertexAttrib2fv@gl@@YGXIPBM@Z
?VertexAttrib3f@gl@@YGXIMMM@Z
?VertexAttrib3fv@gl@@YGXIPBM@Z
?VertexAttrib4f@gl@@YGXIMMMM@Z
?VertexAttrib4fv@gl@@YGXIPBM@Z
?VertexAttribDivisor@gl@@YGXII@Z
?VertexAttribDivisorANGLE@gl@@YGXII@Z
?VertexAttribI4i@gl@@YGXIHHHH@Z
?VertexAttribI4iv@gl@@YGXIPBH@Z
?VertexAttribI4ui@gl@@YGXIIIII@Z
?VertexAttribI4uiv@gl@@YGXIPBI@Z
?VertexAttribIPointer@gl@@YGXIHIHPBX@Z
?VertexAttribPointer@gl@@YGXIHIEHPBX@Z
?Viewport@gl@@YGXHHHH@Z
?WaitClient@egl@@YGIXZ
?WaitGL@egl@@YGIXZ
?WaitNative@egl@@YGIH@Z
?WaitSync@egl@@YGIPAX0H@Z
?WaitSync@gl@@YGXPAU__GLsync@@I_K@Z
SetTraceFunctionPointers
glActiveTexture
glAttachShader
glBeginQuery
glBeginQueryEXT
glBeginTransformFeedback
glBindAttribLocation
glBindBuffer
glBindBufferBase
glBindBufferRange
glBindFramebuffer
glBindRenderbuffer
glBindSampler
glBindTexture
glBindTransformFeedback
glBindVertexArray
glBlendColor
glBlendEquation
glBlendEquationSeparate
glBlendFunc
glBlendFuncSeparate
glBlitFramebuffer
glBlitFramebufferANGLE
glBufferData
glBufferSubData
glCheckFramebufferStatus
glClear
glClearBufferfi
glClearBufferfv
glClearBufferiv
glClearBufferuiv
glClearColor
glClearDepthf
glClearStencil
glClientWaitSync
glColorMask
glCompileShader
glCompressedTexImage2D
glCompressedTexImage3D
glCompressedTexSubImage2D
glCompressedTexSubImage3D
glCopyBufferSubData
glCopyTexImage2D
glCopyTexSubImage2D
glCopyTexSubImage3D
glCreateProgram
glCreateShader
glCullFace
glDeleteBuffers
glDeleteFencesNV
glDeleteFramebuffers
glDeleteProgram
glDeleteQueries
glDeleteQueriesEXT
glDeleteRenderbuffers
glDeleteSamplers
glDeleteShader
glDeleteSync
glDeleteTextures
glDeleteTransformFeedbacks
glDeleteVertexArrays
glDepthFunc
glDepthMask
glDepthRangef
glDetachShader
glDisable
glDisableVertexAttribArray
glDrawArrays
glDrawArraysInstanced
glDrawArraysInstancedANGLE
glDrawBuffers
glDrawBuffersEXT
glDrawElements
glDrawElementsInstanced
glDrawElementsInstancedANGLE
glDrawRangeElements
glEnable
glEnableVertexAttribArray
glEndQuery
glEndQueryEXT
glEndTransformFeedback
glFenceSync
glFinish
glFinishFenceNV
glFlush
glFlushMappedBufferRange
glFlushMappedBufferRangeEXT
glFramebufferRenderbuffer
glFramebufferTexture2D
glFramebufferTextureLayer
glFrontFace
glGenBuffers
glGenFencesNV
glGenFramebuffers
glGenQueries
glGenQueriesEXT
glGenRenderbuffers
glGenSamplers
glGenTextures
glGenTransformFeedbacks
glGenVertexArrays
glGenerateMipmap
glGetActiveAttrib
glGetActiveUniform
glGetActiveUniformBlockName
glGetActiveUniformBlockiv
glGetActiveUniformsiv
glGetAttachedShaders
glGetAttribLocation
glGetBooleanv
glGetBufferParameteri64v
glGetBufferParameteriv
glGetBufferPointerv
glGetBufferPointervOES
glGetError
glGetFenceivNV
glGetFloatv
glGetFragDataLocation
glGetFramebufferAttachmentParameteriv
glGetGraphicsResetStatusEXT
glGetInteger64i_v
glGetInteger64v
glGetIntegeri_v
glGetIntegerv
glGetInternalformativ
glGetProgramBinary
glGetProgramBinaryOES
glGetProgramInfoLog
glGetProgramiv
glGetQueryObjectuiv
glGetQueryObjectuivEXT
glGetQueryiv
glGetQueryivEXT
glGetRenderbufferParameteriv
glGetSamplerParameterfv
glGetSamplerParameteriv
glGetShaderInfoLog
glGetShaderPrecisionFormat
glGetShaderSource
glGetShaderiv
glGetString
glGetStringi
glGetSynciv
glGetTexParameterfv
glGetTexParameteriv
glGetTransformFeedbackVarying
glGetTranslatedShaderSourceANGLE
glGetUniformBlockIndex
glGetUniformIndices
glGetUniformLocation
glGetUniformfv
glGetUniformiv
glGetUniformuiv
glGetVertexAttribIiv
glGetVertexAttribIuiv
glGetVertexAttribPointerv
glGetVertexAttribfv
glGetVertexAttribiv
glGetnUniformfvEXT
glGetnUniformivEXT
glHint
glInvalidateFramebuffer
glInvalidateSubFramebuffer
glIsBuffer
glIsEnabled
glIsFenceNV
glIsFramebuffer
glIsProgram
glIsQuery
glIsQueryEXT
glIsRenderbuffer
Sections
.text Size: 1.2MB - Virtual size: 1.2MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 258KB - Virtual size: 258KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 9KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 480B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 52KB - Virtual size: 52KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
App_Installer.exe.exe windows:6 windows x86 arch:x86
Password: 2024
7aa92096b259e09d092b7ede5bb0f176
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
VerifyVersionInfoW
SetSystemPowerState
VerLanguageNameW
HeapSize
GetProcessHeap
SetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
HeapReAlloc
ReadConsoleW
IsSystemResumeAutomatic
GetFileSizeEx
ReadFile
GetConsoleMode
GetConsoleOutputCP
FlushFileBuffers
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
VirtualProtect
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
GetFileType
HeapAlloc
HeapFree
RequestWakeupLatency
LoadLibraryA
GetProcAddress
FreeLibrary
GetLastError
CloseHandle
WriteFile
CreateFileW
SetFilePointerEx
VerSetConditionMask
GetModuleHandleExW
ExitProcess
GetModuleFileNameW
GetStdHandle
LoadLibraryExW
TlsFree
TlsSetValue
WideCharToMultiByte
MultiByteToWideChar
GetStringTypeW
RaiseException
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
DeleteCriticalSection
EncodePointer
DecodePointer
LCMapStringEx
GetCPInfo
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
GetModuleHandleW
GetCurrentProcess
TerminateProcess
RtlUnwind
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
WriteConsoleW
ole32
StringFromGUID2
CLSIDFromProgID
StringFromCLSID
CoInitializeSecurity
CoRevokeClassObject
CoTaskMemAlloc
CoGetClassObject
CoInitializeEx
CoGetCurrentProcess
CoUninitialize
CoGetMalloc
CoTaskMemFree
CoCreateGuid
CoRegisterClassObject
powrprof
GetPwrCapabilities
PowerDeterminePlatformRoleEx
PowerSettingRegisterNotification
PowerSettingUnregisterNotification
IsPwrSuspendAllowed
IsPwrHibernateAllowed
IsPwrShutdownAllowed
SetSuspendState
shlwapi
PathAddBackslashW
StrCmpW
StrTrimW
PathFileExistsW
StrStrW
StrChrW
PathFindExtensionW
PathRemoveFileSpecW
StrToIntW
PathIsDirectoryW
cfgmgr32
CM_Locate_DevNodeW
CM_Is_Version_Available
CM_Get_Sibling
CM_Get_Parent
CM_Get_Device_Interface_List_SizeW
CM_Get_DevNode_Status
CM_Get_Device_ID_Size
CM_Get_Device_IDW
CM_Get_Depth
CM_Get_Child
version
GetFileVersionInfoW
GetFileVersionInfoSizeExW
GetFileVersionInfoExW
VerQueryValueW
GetFileVersionInfoSizeW
VerInstallFileW
VerFindFileW
Sections
.text Size: 258KB - Virtual size: 257KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 79KB - Virtual size: 79KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 5KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
_RDATA Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.fptable Size: 512B - Virtual size: 128B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 67.8MB - Virtual size: 67.8MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 12KB - Virtual size: 11KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ