C:\Users\Penguin\source\repos\KeyAuthEmulator\obj\Debug\net8.0\KeyAuthEmulator.pdb
Overview
overview
9Static
static
9tox tweaki...or.exe
windows11-21h2-x64
1tox tweaki...or.exe
windows11-21h2-x64
1tox tweaki...CK.exe
windows11-21h2-x64
9tox tweaki...ew.exe
windows11-21h2-x64
6tox tweaki...up.exe
windows11-21h2-x64
1tox tweaki...8.appx
windows11-21h2-x64
1Microsoft.UI.Xaml.dll
windows11-21h2-x64
1Microsoft.UI.Xaml.dll
windows11-21h2-x64
1tox tweaki...up.exe
windows11-21h2-x64
8tox tweaki...LG.exe
windows11-21h2-x64
1tox tweaki...el.exe
windows11-21h2-x64
1tox tweaki...un.exe
windows11-21h2-x64
3Export.bat
windows11-21h2-x64
1Import.bat
windows11-21h2-x64
1SCEWIN_64.exe
windows11-21h2-x64
1amifldrv64.sys
windows11-21h2-x64
1amigendrv64.sys
windows11-21h2-x64
1tox tweaki...64.exe
windows11-21h2-x64
1tox tweaki...CL.exe
windows11-21h2-x64
1tox tweaki...64.exe
windows11-21h2-x64
7tox tweaki...64.sys
windows11-21h2-x64
1tox tweaki...64.sys
windows11-21h2-x64
1tox tweaki...vc.exe
windows11-21h2-x64
1CRU/CRU.exe
windows11-21h2-x64
3CRU/reset-all.exe
windows11-21h2-x64
3CRU/restart.exe
windows11-21h2-x64
5CRU/restart64.exe
windows11-21h2-x64
5tox tweaki...on.exe
windows11-21h2-x64
1Export.bat
windows11-21h2-x64
3tox tweaki...ll.exe
windows11-21h2-x64
7tox tweaki...xp.exe
windows11-21h2-x64
8tox tweaki...tr.exe
windows11-21h2-x64
1Static task
static1
Behavioral task
behavioral1
Sample
tox tweaking/Emu/KeyAuthEmulator.exe
Resource
win11-20241007-en
Behavioral task
behavioral2
Sample
tox tweaking/Emu/KeyAuthEmulator.exe
Resource
win11-20241007-en
Behavioral task
behavioral3
Sample
tox tweaking/ToX Premium UtilityCRACK.exe
Resource
win11-20241007-en
Behavioral task
behavioral4
Sample
tox tweaking/niggers/DevManView.exe
Resource
win11-20241007-en
Behavioral task
behavioral5
Sample
tox tweaking/niggers/DeviceCleanup.exe
Resource
win11-20241007-en
Behavioral task
behavioral6
Sample
tox tweaking/niggers/Microsoft-uiXAML2.8.appx
Resource
win11-20241023-en
Behavioral task
behavioral7
Sample
Microsoft.UI.Xaml.dll
Resource
win11-20241007-en
Behavioral task
behavioral8
Sample
Microsoft.UI.Xaml.dll
Resource
win11-20241007-en
Behavioral task
behavioral9
Sample
tox tweaking/niggers/MicrosoftEdgeSetup.exe
Resource
win11-20241007-en
Behavioral task
behavioral10
Sample
tox tweaking/niggers/NSudoLG.exe
Resource
win11-20241007-en
Behavioral task
behavioral11
Sample
tox tweaking/niggers/NVIDIA Control Panel.exe
Resource
win11-20241007-en
Behavioral task
behavioral12
Sample
tox tweaking/niggers/PowerRun.exe
Resource
win11-20241007-en
Behavioral task
behavioral13
Sample
Export.bat
Resource
win11-20241007-en
Behavioral task
behavioral14
Sample
Import.bat
Resource
win11-20241007-en
Behavioral task
behavioral15
Sample
SCEWIN_64.exe
Resource
win11-20241007-en
Behavioral task
behavioral16
Sample
amifldrv64.sys
Resource
win11-20241007-en
Behavioral task
behavioral17
Sample
amigendrv64.sys
Resource
win11-20241023-en
Behavioral task
behavioral18
Sample
tox tweaking/niggers/SCEWIN_64.exe
Resource
win11-20241007-en
Behavioral task
behavioral19
Sample
tox tweaking/niggers/SetACL.exe
Resource
win11-20241007-en
Behavioral task
behavioral20
Sample
tox tweaking/niggers/VC_redist.x64.exe
Resource
win11-20241007-en
Behavioral task
behavioral21
Sample
tox tweaking/niggers/amifldrv64.sys
Resource
win11-20241007-en
Behavioral task
behavioral22
Sample
tox tweaking/niggers/amigendrv64.sys
Resource
win11-20241007-en
Behavioral task
behavioral23
Sample
tox tweaking/niggers/bfsvc.exe
Resource
win11-20241023-en
Behavioral task
behavioral24
Sample
CRU/CRU.exe
Resource
win11-20241007-en
Behavioral task
behavioral25
Sample
CRU/reset-all.exe
Resource
win11-20241007-en
Behavioral task
behavioral26
Sample
CRU/restart.exe
Resource
win11-20241007-en
Behavioral task
behavioral27
Sample
CRU/restart64.exe
Resource
win11-20241007-en
Behavioral task
behavioral28
Sample
tox tweaking/niggers/devcon.exe
Resource
win11-20241007-en
Behavioral task
behavioral29
Sample
Export.bat
Resource
win11-20241007-en
Behavioral task
behavioral30
Sample
tox tweaking/niggers/openshell.exe
Resource
win11-20241007-en
Behavioral task
behavioral31
Sample
tox tweaking/niggers/procexp.exe
Resource
win11-20241007-en
Behavioral task
behavioral32
Sample
tox tweaking/niggers/str.exe
Resource
win11-20241007-en
General
-
Target
edkdpu.zip
-
Size
77.7MB
-
MD5
4b83e98030b4931166fb6be77773bce8
-
SHA1
11d6e04430abe5e4143845fcf0ad0f86b87fc74d
-
SHA256
f45bcf726922fe01b71eb17cdaea8fcea57bdeefced3054e118732a41805f15f
-
SHA512
37e2b382e3f906d8b9a7fbeee6511a20e6186770f8454c48f9f374f9b7eddd1467634d59a39605fe79c3f3e854068f31c0ceee79bac22ffb18011344519f7166
-
SSDEEP
1572864:e/RuquMtjMd/wG3F+Z+NQ2RdnBW0vW67scv2TmCYh+vzFtnDdX5vFoQkBBr:eE3d/H3FTpnnBpvW67smNDh+LdXT+nr
Malware Config
Signatures
-
Detected Nirsoft tools 1 IoCs
Free utilities often used by attackers which can steal passwords, product keys, etc.
resource yara_rule static1/unpack001/tox tweaking/niggers/DevManView.exe Nirsoft -
Unsigned PE 13 IoCs
Checks for missing Authenticode signature.
resource unpack001/tox tweaking/Emu/KeyAuthEmulator.dll unpack001/tox tweaking/Emu/KeyAuthEmulator.exe unpack001/tox tweaking/ToX Premium UtilityCRACK.exe unpack002/Microsoft.UI.Xaml.winmd unpack001/tox tweaking/niggers/NSudoLG.exe unpack001/tox tweaking/niggers/bfsvc.exe unpack004/CRU/CRU.exe unpack004/CRU/reset-all.exe unpack004/CRU/restart.exe unpack004/CRU/restart64.exe unpack001/tox tweaking/niggers/devcon.exe unpack001/tox tweaking/niggers/openshell.exe unpack001/tox tweaking/niggers/str.exe
Files
-
edkdpu.zip.zip
-
tox tweaking/Emu/KeyAuthEmulator.deps.json
-
tox tweaking/Emu/KeyAuthEmulator.dll.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
Imports
mscoree
_CorExeMain
Sections
.text Size: 20KB - Virtual size: 19KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
tox tweaking/Emu/KeyAuthEmulator.exe.exe windows:6 windows x64 arch:x64
6a91eb82bfd19d2706c7d43c46f7064e
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
D:\a\_work\1\s\artifacts\obj\win-x64.Release\corehost\apphost\standalone\apphost.pdb
Imports
kernel32
FreeLibrary
LoadLibraryExW
OutputDebugStringW
FindFirstFileExW
EnterCriticalSection
GetFullPathNameW
FindNextFileW
GetCurrentProcess
GetModuleHandleExW
GetModuleFileNameW
LeaveCriticalSection
GetEnvironmentVariableW
GetModuleHandleW
MultiByteToWideChar
GetFileAttributesExW
LoadLibraryA
DeleteCriticalSection
WideCharToMultiByte
IsWow64Process
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
GetProcAddress
GetWindowsDirectoryW
FindResourceW
GetLastError
ActivateActCtx
FindClose
CreateActCtxW
SetLastError
RaiseException
RtlPcToFileHeader
RtlUnwindEx
InitializeSListHead
GetCurrentProcessId
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetStringTypeW
SwitchToThread
GetCurrentThreadId
InitializeCriticalSectionEx
EncodePointer
DecodePointer
LCMapStringEx
QueryPerformanceCounter
GetSystemTimeAsFileTime
user32
MessageBoxW
shell32
ShellExecuteW
advapi32
RegOpenKeyExW
RegGetValueW
DeregisterEventSource
RegisterEventSourceW
ReportEventW
RegCloseKey
api-ms-win-crt-runtime-l1-1-0
_invalid_parameter_noinfo_noreturn
_exit
exit
_initterm_e
_initterm
_get_initial_wide_environment
_initialize_wide_environment
_configure_wide_argv
_set_app_type
_seh_filter_exe
_cexit
_crt_atexit
_register_onexit_function
_initialize_onexit_table
_errno
abort
__p___wargv
_c_exit
_register_thread_local_exe_atexit_callback
terminate
__p___argc
api-ms-win-crt-stdio-l1-1-0
__acrt_iob_func
fputwc
__p__commode
_set_fmode
fputws
_wfsopen
fflush
__stdio_common_vfwprintf
__stdio_common_vsnwprintf_s
__stdio_common_vswprintf
setvbuf
api-ms-win-crt-heap-l1-1-0
calloc
_set_new_mode
free
_callnewh
malloc
api-ms-win-crt-string-l1-1-0
toupper
_wcsdup
wcsncmp
wcsnlen
strcpy_s
api-ms-win-crt-convert-l1-1-0
wcstoul
_wtoi
api-ms-win-crt-time-l1-1-0
_gmtime64_s
_time64
wcsftime
api-ms-win-crt-locale-l1-1-0
setlocale
___mb_cur_max_func
_configthreadlocale
___lc_codepage_func
___lc_locale_name_func
__pctype_func
_lock_locales
_unlock_locales
api-ms-win-crt-math-l1-1-0
__setusermatherr
Sections
.text Size: 86KB - Virtual size: 86KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 38KB - Virtual size: 37KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 2KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 5KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1024B - Virtual size: 808B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
tox tweaking/Emu/KeyAuthEmulator.runtimeconfig.json
-
tox tweaking/Emu/secret.txt
-
tox tweaking/ToX Premium UtilityCRACK.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
mscoree
_CorExeMain
Sections
.text Size: 37.6MB - Virtual size: 37.6MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 133KB - Virtual size: 132KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
tox tweaking/niggers/Basic.nip
-
tox tweaking/niggers/DevManView.exe.exe windows:4 windows x64 arch:x64
fe266af95ae0f37d1609f05d789a2fe0
Code Sign
f7:a0:a7:30:c8:7d:94:cd:83:02:e3:ea:7f:66:1b:b7Certificate
IssuerCN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GBNot Before09/09/2019, 00:00Not After09/09/2023, 23:59SubjectCN=Nir Sofer,O=Nir Sofer,POSTALCODE=7135117,STREET=Dakar 21\, Unit 82,L=Lod,C=ILExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6aCertificate
IssuerCN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=USNot Before02/11/2018, 00:00Not After31/12/2030, 23:59SubjectCN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GBExtended Key Usages
ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43Certificate
IssuerCN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GBNot Before11/05/2022, 00:00Not After10/08/2033, 23:59SubjectCN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GBExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate
IssuerCN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=USNot Before02/05/2019, 00:00Not After18/01/2038, 23:59SubjectCN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GBExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
c7:d7:bf:56:a6:1d:b8:67:0d:16:c4:f5:e3:52:70:4b:73:a0:bd:14:3d:2a:3b:1d:3c:5d:ec:8a:96:4b:c9:0dSigner
Actual PE Digestc7:d7:bf:56:a6:1d:b8:67:0d:16:c4:f5:e3:52:70:4b:73:a0:bd:14:3d:2a:3b:1d:3c:5d:ec:8a:96:4b:c9:0dDigest Algorithmsha256PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
f:\Projects\VS2005\DevManView\x64\Release\DevManView.pdb
Imports
msvcrt
_initterm
__wgetmainargs
_wcmdln
__setusermatherr
_cexit
_exit
_c_exit
_XcptFilter
__C_specific_handler
_onexit
__dllonexit
_commode
_fmode
__set_app_type
exit
strlen
qsort
_wcslwr
towupper
wcscmp
_ultow
malloc
_memicmp
free
modf
memcmp
wcstoul
??2@YAPEAX_K@Z
??3@YAXPEAX@Z
wcschr
wcsrchr
_itow
_wcsnicmp
_purecall
_wtoi
wcslen
_wcsicmp
memcpy
wcscpy
memset
wcscat
_snwprintf
wcsncat
comctl32
ImageList_Create
ImageList_AddMasked
ImageList_SetImageCount
CreateToolbarEx
CreateStatusWindowW
ImageList_SetOverlayImage
ImageList_ReplaceIcon
ord17
version
GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW
kernel32
Process32FirstW
GetCurrentThreadId
WinExec
EnumResourceTypesW
GetStartupInfoW
CreateToolhelp32Snapshot
GetProcAddress
FreeLibrary
GetModuleFileNameW
LoadLibraryExW
CompareFileTime
GetLastError
SystemTimeToFileTime
LoadLibraryW
FileTimeToSystemTime
CloseHandle
OpenProcess
ExpandEnvironmentStringsW
GetDriveTypeW
GetLogicalDrives
GetTickCount
DeviceIoControl
CreateFileW
QueryDosDeviceW
GetFileAttributesW
WriteFile
ReadFile
FindResourceW
LoadResource
GetWindowsDirectoryW
SystemTimeToTzSpecificLocalTime
FileTimeToLocalFileTime
GlobalAlloc
GetSystemDirectoryW
lstrlenW
LocalFree
LockResource
lstrcpyW
WideCharToMultiByte
GlobalUnlock
GetTempPathW
GetDateFormatW
GetTempFileNameW
GlobalLock
GetFileSize
SizeofResource
FormatMessageW
GetVersionExW
GetModuleHandleW
GetTimeFormatW
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
EnumResourceNamesW
GetStdHandle
Sleep
SetErrorMode
CreateProcessW
DeleteFileW
ExitProcess
GetCurrentProcessId
GetCurrentProcess
ReadProcessMemory
Process32NextW
user32
ReleaseDC
GetDC
LoadCursorW
GetSysColorBrush
ShowWindow
ChildWindowFromPoint
GetWindow
EndPaint
DrawFrameControl
SetWindowTextW
GetWindowPlacement
SetCursor
SetDlgItemInt
SetDlgItemTextW
GetDlgItemTextW
BeginPaint
GetSystemMetrics
GetClientRect
DeferWindowPos
CreateWindowExW
SetWindowPos
SendDlgItemMessageW
EndDialog
GetWindowRect
GetDlgItem
GetDlgItemInt
InvalidateRect
SetWindowPlacement
SetMenu
LoadAcceleratorsW
DefWindowProcW
PostMessageW
SendMessageW
RegisterClassW
MessageBoxW
TranslateAcceleratorW
LoadImageW
DestroyIcon
LoadIconW
SetWindowLongW
GetWindowLongW
SetFocus
KillTimer
SetTimer
EndDeferWindowPos
BeginDeferWindowPos
GetParent
GetSysColor
MapWindowPoints
CloseClipboard
GetMenu
EmptyClipboard
EnableMenuItem
MoveWindow
OpenClipboard
GetSubMenu
GetClassNameW
InsertMenuItemW
CheckMenuItem
GetMenuItemCount
GetMenuStringW
GetCursorPos
SetClipboardData
EnableWindow
DialogBoxParamW
CreateDialogParamW
EnumChildWindows
LoadStringW
GetDesktopWindow
DestroyWindow
GetWindowTextW
LoadMenuW
ModifyMenuW
GetMenuItemInfoW
GetDlgCtrlID
DestroyMenu
CreatePopupMenu
SetMenuItemInfoW
GetKeyState
RegisterWindowMessageW
TrackPopupMenu
DispatchMessageW
PostQuitMessage
GetMessageW
IsDialogMessageW
TranslateMessage
DrawTextExW
InsertMenuW
RemoveMenu
DeleteMenu
GetMonitorInfoW
MonitorFromWindow
GetWindowThreadProcessId
EnumWindows
AttachThreadInput
SetForegroundWindow
UpdateWindow
gdi32
GetDeviceCaps
DeleteObject
GetStockObject
GetTextExtentPoint32W
SetBkColor
SelectObject
CreateFontIndirectW
SetTextColor
SetBkMode
comdlg32
FindTextW
GetOpenFileNameW
GetSaveFileNameW
advapi32
CloseServiceHandle
ControlService
OpenSCManagerW
StartServiceW
QueryServiceStatus
OpenServiceW
ChangeServiceConfigW
RegSetKeySecurity
RegLoadKeyW
RegCloseKey
RegSetValueExW
RegEnumKeyExW
RegOpenKeyExW
RegQueryInfoKeyW
RegQueryValueExW
RegConnectRegistryW
RegGetKeySecurity
RegUnLoadKeyW
shell32
ExtractIconExW
ShellExecuteW
SHGetFileInfoW
Shell_NotifyIconW
ole32
CoCreateInstance
CoUninitialize
CoInitialize
Sections
.text Size: 104KB - Virtual size: 104KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 23KB - Virtual size: 23KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 2KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 20KB - Virtual size: 19KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
tox tweaking/niggers/DeviceCleanup.exe.exe windows:5 windows x64 arch:x64
c08d3d26064239a79f795d1f80fb52a5
Code Sign
5b:16:02:a6:5c:10:8c:b5:47:a1:5f:08:9a:33:5c:5bCertificate
IssuerCN=Uwe Sieber,O=www.uwe-sieber.de,1.2.840.113549.1.9.1=#0c126d61696c407577652d7369656265722e6465Not Before08/09/2011, 13:43Not After30/12/2099, 22:00SubjectCN=Uwe Sieber,O=www.uwe-sieber.de,1.2.840.113549.1.9.1=#0c126d61696c407577652d7369656265722e6465Extended Key Usages
ExtKeyUsageCodeSigning
7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before21/12/2012, 00:00Not After30/12/2020, 23:59SubjectCN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate
IssuerCN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=USNot Before18/10/2012, 00:00Not After29/12/2020, 23:59SubjectCN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
87:31:e9:97:23:1c:67:39:45:3c:68:b3:84:49:f1:24:3f:48:05:e5Signer
Actual PE Digest87:31:e9:97:23:1c:67:39:45:3c:68:b3:84:49:f1:24:3f:48:05:e5Digest Algorithmsha1PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
u:\1Source\VC\DeviceCleanupCmd070\Release_x64\DeviceCleanupCmd.pdb
Imports
setupapi
SetupDiSetClassInstallParamsA
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInfo
CM_Get_DevNode_Status
CM_Get_Parent
CM_Get_DevNode_Registry_PropertyA
CM_Get_Device_IDA
SetupDiGetClassDevsA
CM_Locate_DevNode_ExA
CM_Reenumerate_DevNode_Ex
SetupDiRemoveDevice
shlwapi
StrToIntA
StrStrIA
StrRChrA
StrChrA
kernel32
GetSystemTime
SystemTimeToFileTime
CloseHandle
GetLastError
OpenProcess
GetWindowsDirectoryA
GetCurrentProcess
ReadConsoleInputA
FlushConsoleInputBuffer
Sleep
GetCurrentProcessId
GetConsoleWindow
GetNumberOfConsoleInputEvents
GetTickCount
SetConsoleTextAttribute
GetStdHandle
PeekConsoleInputA
lstrcpyA
GetConsoleScreenBufferInfo
SetConsoleMode
SetConsoleCtrlHandler
GetModuleFileNameA
HeapAlloc
HeapFree
lstrlenA
GetCommandLineA
GetSystemDirectoryA
SetFileAttributesA
GetFileAttributesA
GetProcAddress
ExitProcess
GetModuleHandleA
GetProcessHeap
WriteFile
lstrcatA
SetConsoleWindowInfo
SetConsoleScreenBufferSize
LoadLibraryA
GetVersionExA
SetLastError
FreeLibrary
user32
GetDesktopWindow
GetWindowPlacement
IsWindowVisible
CharUpperA
GetWindowThreadProcessId
wsprintfA
wvsprintfA
MessageBoxA
advapi32
CheckTokenMembership
FreeSid
LookupPrivilegeValueA
AdjustTokenPrivileges
RegOpenKeyExA
RegQueryInfoKeyA
RegCloseKey
OpenProcessToken
AllocateAndInitializeSid
Sections
.text Size: 8KB - Virtual size: 7KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 6KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 512B - Virtual size: 372B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
tox tweaking/niggers/GameUserSettings.ini
-
tox tweaking/niggers/LowGraphics.nip
-
tox tweaking/niggers/MaxFPS.nip
-
tox tweaking/niggers/Microsoft-uiXAML2.8.Appx.appx
-
AppxBlockMap.xml.xml
-
AppxManifest.xml.xml
-
AppxMetadata/CodeIntegrity.cat
-
AppxSignature.p7x
-
Microsoft.UI.Xaml.dll.dll windows:6 windows x64 arch:x64
cd2511fe0afac31e49793c33a75ecb68
Code Sign
33:00:00:03:4d:4e:91:a6:1a:28:b0:78:8f:00:00:00:00:03:4dCertificate
IssuerCN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before16/03/2023, 18:43Not After14/03/2024, 18:43SubjectCN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USExtended Key Usages
ExtKeyUsageCodeSigning
61:0e:90:d2:00:00:00:00:00:03Certificate
IssuerCN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before08/07/2011, 20:59Not After08/07/2026, 21:09SubjectCN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
df:57:92:12:54:9b:38:ac:c1:21:72:00:13:a5:bc:10:c0:77:a1:7c:c8:79:7d:6e:56:d8:9f:2d:74:7e:94:14Signer
Actual PE Digestdf:57:92:12:54:9b:38:ac:c1:21:72:00:13:a5:bc:10:c0:77:a1:7c:c8:79:7d:6e:56:d8:9f:2d:74:7e:94:14Digest Algorithmsha256PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_APPCONTAINER
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
C:\__w\1\s\BuildOutput\Release\x64\Microsoft.UI.Xaml\Microsoft.UI.Xaml.pdb
Imports
api-ms-win-core-processthreads-l1-1-0
GetCurrentThreadId
TlsSetValue
TlsFree
TlsAlloc
TlsGetValue
api-ms-win-core-errorhandling-l1-1-2
RaiseFailFastException
api-ms-win-eventing-provider-l1-1-0
EventUnregister
EventWriteTransfer
EventRegister
EventSetInformation
api-ms-win-core-debug-l1-1-0
OutputDebugStringW
api-ms-win-core-localization-l1-2-0
FormatMessageW
GetUserDefaultLocaleName
api-ms-win-core-heap-l2-1-0
LocalFree
api-ms-win-core-string-l1-1-0
MultiByteToWideChar
WideCharToMultiByte
api-ms-win-core-com-l1-1-0
CoCreateGuid
CoCreateFreeThreadedMarshaler
CoTaskMemFree
CoGetObjectContext
CoGetApartmentType
CoCreateInstance
CoTaskMemAlloc
api-ms-win-core-threadpool-l1-2-0
CreateThreadpoolTimer
CreateThreadpoolWait
SetThreadpoolWait
CloseThreadpoolWait
CloseThreadpoolTimer
TrySubmitThreadpoolCallback
SetThreadpoolTimer
api-ms-win-core-synch-l1-2-0
InitOnceExecuteOnce
api-ms-win-core-profile-l1-1-0
QueryPerformanceFrequency
QueryPerformanceCounter
api-ms-win-core-synch-l1-1-0
CreateEventW
InitializeCriticalSectionAndSpinCount
WaitForSingleObject
SetEvent
api-ms-win-core-errorhandling-l1-1-0
GetLastError
SetLastError
api-ms-win-core-libraryloader-l1-2-0
DisableThreadLibraryCalls
GetModuleHandleW
FreeLibrary
GetProcAddress
LoadLibraryExW
oleaut32
GetErrorInfo
SysFreeString
SafeArrayCreateVector
SetErrorInfo
SysAllocString
SysStringLen
SafeArrayPutElement
api-ms-win-core-winrt-string-l1-1-0
WindowsGetStringRawBuffer
api-ms-win-core-registry-l1-1-0
RegGetValueW
api-ms-win-core-handle-l1-1-0
CloseHandle
api-ms-win-core-winrt-l1-1-0
RoGetActivationFactory
d2d1
ord1
api-ms-win-crt-runtime-l1-1-0
_invalid_parameter_noinfo
_initterm_e
_errno
terminate
_wassert
_invalid_parameter_noinfo_noreturn
abort
_initterm
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_atexit
_cexit
api-ms-win-crt-string-l1-1-0
wcsnlen
strcpy_s
_wcsicmp
_wcsdup
towupper
iswspace
wcsncmp
api-ms-win-crt-convert-l1-1-0
wcstol
wcstof
_wtoi
wcstoul
api-ms-win-crt-math-l1-1-0
round
ceil
_fdclass
cos
floor
nextafterf
floorf
_dclass
pow
sqrt
roundf
atan2
sin
ceilf
api-ms-win-crt-stdio-l1-1-0
__stdio_common_vswprintf
api-ms-win-crt-heap-l1-1-0
calloc
malloc
realloc
_callnewh
free
kernel32
GetSystemTimeAsFileTime
SleepConditionVariableSRW
WakeAllConditionVariable
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
CompareStringEx
LCMapStringEx
DecodePointer
EncodePointer
DeleteCriticalSection
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
SwitchToThread
InitOnceBeginInitialize
InitOnceComplete
RaiseException
RtlPcToFileHeader
GetStringTypeW
RtlCaptureContext
RtlLookupFunctionEntry
InitializeSListHead
GetCurrentProcessId
RtlVirtualUnwind
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
api-ms-win-core-rtlsupport-l1-1-0
RtlUnwindEx
api-ms-win-core-interlocked-l1-1-0
InterlockedPushEntrySList
InterlockedFlushSList
api-ms-win-crt-locale-l1-1-0
_unlock_locales
setlocale
__pctype_func
_lock_locales
___lc_locale_name_func
___lc_codepage_func
___lc_collate_cp_func
___mb_cur_max_func
api-ms-win-core-heap-l1-1-0
HeapAlloc
HeapFree
GetProcessHeap
api-ms-win-core-libraryloader-l1-2-1
LoadLibraryW
Exports
Exports
DllCanUnloadNow
DllGetActivationFactory
DllMain
SendTelemetryOnSuspend
Sections
.text Size: 4.1MB - Virtual size: 4.1MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1.4MB - Virtual size: 1.4MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 19KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 301KB - Virtual size: 301KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_RDATA Size: 512B - Virtual size: 348B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 992B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 59KB - Virtual size: 58KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
Microsoft.UI.Xaml.winmd.dll windows:6 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Sections
.text Size: 278KB - Virtual size: 278KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
-
Microsoft.UI.Xaml/Assets/NoiseAsset_256x256_PNG.png.png
-
[Content_Types].xml.xml
-
logo.png.png
-
resources.pri
-
tox tweaking/niggers/MicrosoftEdgeSetup.exe.exe windows:5 windows x86 arch:x86
7899cb8ba886a0690bdc28d8b481bbd1
Code Sign
33:00:00:03:a5:41:11:e8:f0:7f:be:0b:75:00:00:00:00:03:a5Certificate
IssuerCN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before19/10/2023, 19:51Not After16/10/2024, 19:51SubjectCN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USExtended Key Usages
ExtKeyUsageCodeSigning
61:0e:90:d2:00:00:00:00:00:03Certificate
IssuerCN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before08/07/2011, 20:59Not After08/07/2026, 21:09SubjectCN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
15:e2:29:fe:14:35:70:74:b6:6a:98:f8:0b:49:59:7cCertificate
IssuerCN=C2RService,O=C2RService,L=Redmond,ST=Washington,C=USNot Before17/02/2017, 00:12Not After31/12/2039, 23:59SubjectCN=C2RService,O=C2RService,L=Redmond,ST=Washington,C=USb3:6c:15:ca:d5:64:3c:a7:06:bd:26:b3:90:91:6b:ae:69:90:07:92:c6:e2:fc:86:56:4c:26:69:9e:d6:54:dcSigner
Actual PE Digestb3:6c:15:ca:d5:64:3c:a7:06:bd:26:b3:90:91:6b:ae:69:90:07:92:c6:e2:fc:86:56:4c:26:69:9e:d6:54:dcDigest Algorithmsha256PE Digest Matchestrueb3:6c:15:ca:d5:64:3c:a7:06:bd:26:b3:90:91:6b:ae:69:90:07:92:c6:e2:fc:86:56:4c:26:69:9e:d6:54:dcSigner
Actual PE Digestb3:6c:15:ca:d5:64:3c:a7:06:bd:26:b3:90:91:6b:ae:69:90:07:92:c6:e2:fc:86:56:4c:26:69:9e:d6:54:dcDigest Algorithmsha256PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
mi_exe_stub.pdb
Imports
kernel32
GetStdHandle
WriteFile
GetModuleFileNameW
ExitProcess
GetModuleHandleExW
OutputDebugStringW
HeapAlloc
HeapFree
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
MultiByteToWideChar
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetStdHandle
GetFileType
RaiseException
LCMapStringW
GetProcessHeap
HeapSize
HeapReAlloc
FlushFileBuffers
GetConsoleOutputCP
GetConsoleMode
SetFilePointerEx
CreateFileW
CloseHandle
WriteConsoleW
DecodePointer
VirtualProtect
EncodePointer
LoadLibraryExW
QueryPerformanceCounter
GetProcAddress
FreeLibrary
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
SetLastError
GetLastError
RtlUnwind
TerminateProcess
GetCurrentProcess
GetModuleHandleW
IsProcessorFeaturePresent
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
GetStringTypeW
CreateDirectoryW
SizeofResource
FindFirstFileW
Wow64DisableWow64FsRedirection
RemoveDirectoryW
GetTempPathW
FormatMessageW
Wow64RevertWow64FsRedirection
GetFileAttributesExW
GetDiskFreeSpaceExW
LockResource
DeleteFileW
FindResourceExW
LoadResource
FindResourceW
HeapDestroy
LocalFree
VerSetConditionMask
CopyFileW
VerifyVersionInfoW
GetTempFileNameW
lstrcmpiW
CreateMutexW
WaitForSingleObject
ReleaseMutex
CreateEventW
SetEvent
CreateThread
UnmapViewOfFile
CreateFileMappingW
MapViewOfFile
VirtualQuery
CreateProcessW
GetExitCodeProcess
ResetEvent
WaitForSingleObjectEx
GetSystemInfo
LoadLibraryExA
advapi32
RegSetValueExA
SetSecurityDescriptorDacl
GetAclInformation
SetSecurityDescriptorOwner
GetSidSubAuthority
GetSidLengthRequired
CopySid
InitializeSid
IsValidSid
AddAce
InitializeSecurityDescriptor
InitializeAcl
GetLengthSid
GetSecurityDescriptorLength
MakeSelfRelativeSD
MakeAbsoluteSD
SetSecurityDescriptorGroup
RegOpenKeyExW
RegQueryValueExW
GetSecurityDescriptorSacl
GetSecurityDescriptorDacl
GetSecurityDescriptorGroup
GetSecurityDescriptorControl
GetSecurityDescriptorOwner
RegCloseKey
RegQueryValueExA
RegCreateKeyExA
RegSetValueExW
RegOpenKeyExA
RegDeleteValueA
ole32
CoTaskMemFree
CoUninitialize
CoInitializeEx
shell32
SHGetKnownFolderPath
ord680
CommandLineToArgvW
SHGetFolderPathW
user32
CharLowerBuffW
MessageBoxW
Sections
.text Size: 108KB - Virtual size: 107KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 36KB - Virtual size: 36KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 2KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.didat Size: 512B - Virtual size: 44B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1.4MB - Virtual size: 1.4MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 5KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
tox tweaking/niggers/NSudoLG.exe.exe windows:6 windows x64 arch:x64
1188b455132bc86c7e9e68ae98ce4171
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
D:\Projects\MouriNaruto\NSudoPrivate\Source\Native\Output\Binaries\Release\x64\NSudoLG.pdb
Imports
kernel32
ExpandEnvironmentStringsW
GetModuleFileNameW
OpenProcess
CreateEventW
MultiByteToWideChar
GetTickCount64
LockResource
QueryPerformanceFrequency
FindResourceExW
LoadResource
GetProcAddress
VerSetConditionMask
FreeLibrary
SleepEx
GetFileInformationByHandleEx
QueryPerformanceCounter
LoadLibraryExW
GetModuleHandleExW
ExitProcess
Sleep
RtlUnwindEx
OutputDebugStringW
LoadLibraryExA
VirtualFree
VirtualAlloc
FlushInstructionCache
InterlockedPushEntrySList
InterlockedPopEntrySList
EncodePointer
InitializeSListHead
GetSystemTimeAsFileTime
GetStartupInfoW
IsDebuggerPresent
SizeofResource
GetLocalTime
GetCurrentProcessId
ResumeThread
WaitForSingleObjectEx
InitializeCriticalSection
GetCurrentProcess
SetPriorityClass
MulDiv
GetModuleHandleW
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
RaiseException
CloseHandle
GetThreadUILanguage
GetLastError
GetCurrentThreadId
GetFileAttributesW
CreateFileW
InitializeCriticalSectionEx
LeaveCriticalSection
SetThreadUILanguage
GetCommandLineW
EnterCriticalSection
SetLastError
HeapFree
VerifyVersionInfoW
ReadFile
RtlCaptureContext
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
InitializeCriticalSectionAndSpinCount
user32
LoadImageW
DialogBoxParamW
EndDialog
SendMessageW
GetWindowTextW
EndPaint
BeginPaint
DrawIconEx
GetClientRect
LoadIconW
ChangeWindowMessageFilter
DestroyIcon
UnregisterClassW
SetWindowLongPtrW
MonitorFromWindow
GetDC
GetDlgItem
SetWindowTextW
gdi32
DeleteDC
GetDeviceCaps
comdlg32
GetOpenFileNameW
advapi32
AdjustTokenPrivileges
GetAce
CloseServiceHandle
OpenSCManagerW
AllocateAndInitializeSid
IsWellKnownSid
AddAce
CreateRestrictedToken
FreeSid
StartServiceW
InitializeAcl
OpenServiceW
GetLengthSid
AddAccessAllowedAce
QueryServiceStatusEx
LookupPrivilegeValueW
SetTokenInformation
OpenProcessToken
SetThreadToken
CreateProcessAsUserW
DuplicateTokenEx
GetTokenInformation
shell32
DragQueryFileW
DragFinish
ole32
CoInitializeEx
userenv
CreateEnvironmentBlock
DestroyEnvironmentBlock
wtsapi32
WTSFreeMemory
WTSEnumerateProcessesW
WTSQueryUserToken
WTSEnumerateSessionsW
msvcrt
strcpy_s
__pctype_func
tolower
___mb_cur_max_func
wcsnlen
wcstol
_mbtowc_l
?terminate@@YAXXZ
__wgetmainargs
_msize
_XcptFilter
_errno
_wcmdln
?_set_new_mode@@YAHH@Z
_commode
___lc_codepage_func
realloc
ceil
log10
_clearfp
_set_fmode
_initterm_e
_initterm
_callnewh
memcpy
_wcsnicmp
malloc
free
strncmp
_wcsicmp
strrchr
__DestructExceptionObject
_amsg_exit
memmove
memset
__C_specific_handler
_CxxThrowException
wcsstr
wcsrchr
abort
__set_app_type
memcmp
Sections
.text Size: 93KB - Virtual size: 93KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 29KB - Virtual size: 29KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1024B - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 5KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 43KB - Virtual size: 43KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 288B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
tox tweaking/niggers/NVIDIA Control Panel.exe.exe windows:6 windows x64 arch:x64
3d7eeab1dee7f38fb22072ebd77b5fea
Code Sign
62:e7:45:e9:21:65:21:3c:97:1f:5c:49:0a:ea:12:a5Certificate
IssuerCN=Symantec Class 3 SHA256 Code Signing CA - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=USNot Before09/07/2018, 00:00Not After09/07/2021, 23:59SubjectCN=NVIDIA Corporation,OU=IT-MIS,O=NVIDIA Corporation,L=Santa Clara,ST=California,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:ddCertificate
IssuerCN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before01/01/2021, 00:00Not After06/01/2031, 00:00SubjectCN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate
IssuerCN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before07/01/2016, 12:00Not After07/01/2031, 12:00SubjectCN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
7c:1b:35:35:4a:e7:db:74:e7:41:5f:11:69:ca:6b:a8Certificate
IssuerCN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=USNot Before22/07/2014, 00:00Not After21/07/2024, 23:59SubjectCN=Symantec Class 3 SHA256 Code Signing CA - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
59:f7:57:97:81:4c:5d:17:f3:e8:98:38:27:d5:53:56:ce:cb:71:c3:57:64:0a:d1:a3:2e:cd:94:39:55:e3:7eSigner
Actual PE Digest59:f7:57:97:81:4c:5d:17:f3:e8:98:38:27:d5:53:56:ce:cb:71:c3:57:64:0a:d1:a3:2e:cd:94:39:55:e3:7eDigest Algorithmsha256PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
C:\dvs\p4\build\sw\rel\gpu_drv\r465\r466_61\drivers\ui\Sedona\Sedona\x64\Release\bin\nvCplUI.pdb
Imports
version
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW
rpcrt4
UuidFromStringW
gdiplus
GdipDrawImageRectI
GdipCreateFontFamilyFromName
GdipDeleteFontFamily
GdipCreateFontFromLogfontW
GdipCreateFont
GdipDeleteFont
GdipGetLogFontW
GdipDrawString
GdipMeasureString
GdipCreateStringFormat
GdipSetTextRenderingHint
GdipSetStringFormatAlign
GdipGetDpiY
GdipGetFontHeightGivenDPI
GdipLoadImageFromStream
GdipCloneImage
GdipDisposeImage
GdiplusStartup
GdiplusShutdown
GdipGetFontHeight
GdipDeleteGraphics
GdipCreateFromHDC
GdipGetImageWidth
GdipGetImageHeight
GdipGetImageDimension
GdipCreateSolidFill
GdipDeleteBrush
GdipFree
GdipCloneBrush
GdipDeleteStringFormat
GdipCreateBitmapFromScan0
GdipSetInterpolationMode
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageGraphicsContext
GdipAlloc
wtsapi32
WTSRegisterSessionNotification
WTSQueryUserToken
WTSUnRegisterSessionNotification
shlwapi
StrFormatKBSizeW
PathFindExtensionW
PathStripToRootW
PathIsUNCW
PathFindFileNameW
PathFileExistsW
SHSetValueW
SHGetValueW
PathRemoveFileSpecW
comctl32
ImageList_AddMasked
ImageList_Create
ImageList_Draw
ImageList_ReplaceIcon
InitCommonControlsEx
ord17
msimg32
TransparentBlt
AlphaBlend
setupapi
SetupDiEnumDeviceInfo
CM_Get_Parent
SetupDiGetDeviceRegistryPropertyW
SetupDiOpenDevRegKey
SetupDiGetClassDevsW
SetupDiGetDeviceInstanceIdW
SetupDiDestroyDeviceInfoList
kernel32
SetFilePointer
UnlockFile
DuplicateHandle
MoveFileW
GetStringTypeExW
GlobalGetAtomNameW
CompareStringA
GetPrivateProfileIntW
GetPrivateProfileStringW
WritePrivateProfileStringW
SearchPathW
GetTempPathW
GetProfileIntW
FileTimeToLocalFileTime
GetFileAttributesExW
GetShortPathNameW
SystemTimeToTzSpecificLocalTime
InitializeCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalReAlloc
GlobalHandle
LocalReAlloc
CompareStringW
GetSystemDefaultUILanguage
GlobalFlags
VirtualProtect
lstrcpyW
GetCurrentDirectoryW
SetErrorMode
GetWindowsDirectoryW
ResetEvent
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
SetEndOfFile
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetFileSize
FlushFileBuffers
DeleteFileW
GetUserDefaultLCID
SystemTimeToFileTime
ReplaceFileW
SetFileTime
GetTempFileNameW
GetFileTime
GetDiskFreeSpaceW
ResumeThread
SetThreadPriority
CreateEventW
InitializeCriticalSectionAndSpinCount
QueryActCtxW
FindActCtxSectionStringW
DeactivateActCtx
ActivateActCtx
CreateActCtxW
GlobalFindAtomW
GlobalAddAtomW
GlobalDeleteAtom
GetModuleHandleExW
EncodePointer
OutputDebugStringA
CopyFileW
GlobalSize
LoadLibraryExA
ExpandEnvironmentStringsA
lstrcmpA
CreateProcessW
GetFullPathNameW
ReadFile
LockFile
UnhandledExceptionFilter
GetVolumeInformationW
InterlockedPopEntrySList
InterlockedPushEntrySList
FlushInstructionCache
VirtualAlloc
VirtualFree
GetModuleHandleExA
OpenMutexW
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
WideCharToMultiByte
GetSystemTimeAsFileTime
GetProcessTimes
CreateEventA
WaitForSingleObjectEx
SetEvent
QueryPerformanceFrequency
QueryPerformanceCounter
WriteFile
GetFileSizeEx
ExpandEnvironmentStringsW
SetThreadUILanguage
SetThreadLocale
GetSystemDirectoryW
GetCurrentThread
GetCurrentProcess
DecodePointer
GetComputerNameW
GetLocalTime
CreateFileW
GetTickCount
CreateMutexW
ReleaseMutex
OutputDebugStringW
lstrcmpW
OpenEventW
WaitForSingleObject
GetFileAttributesW
FindFirstFileW
FindClose
GetEnvironmentVariableW
GlobalFree
GlobalLock
GetStringTypeW
LCMapStringW
GetCPInfo
FormatMessageA
GlobalUnlock
GlobalAlloc
lstrcatW
lstrlenW
MultiByteToWideChar
lstrcmpiW
MulDiv
LoadLibraryExW
DeleteCriticalSection
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
RaiseException
GetCurrentThreadId
IsBadReadPtr
GetModuleHandleW
GetModuleFileNameW
GetUserDefaultUILanguage
LoadLibraryW
ProcessIdToSessionId
GetCurrentProcessId
CloseHandle
FileTimeToSystemTime
GetProcAddress
FreeLibrary
LocalAlloc
CreateThread
Sleep
GetThreadLocale
VerifyVersionInfoW
lstrcpynW
FreeResource
FindResourceExW
GetVersionExW
VerSetConditionMask
GetSystemDefaultLCID
GetUserDefaultLangID
GetLocaleInfoW
FormatMessageW
LocalFree
FindResourceW
SizeofResource
LockResource
LoadResource
SetLastError
GetLastError
CreateDirectoryW
FindNextFileW
RemoveDirectoryW
SetFilePointerEx
DeviceIoControl
GetModuleHandleA
MoveFileExW
AreFileApisANSI
RtlUnwindEx
RtlPcToFileHeader
ExitThread
FreeLibraryAndExitThread
GetCommandLineA
GetCommandLineW
HeapQueryInformation
GetSystemInfo
VirtualQuery
SetStdHandle
GetFileType
GetStdHandle
ExitProcess
GetConsoleCP
GetConsoleMode
GetDateFormatW
GetTimeFormatW
IsValidLocale
EnumSystemLocalesW
GetTimeZoneInformation
ReadConsoleW
FindFirstFileExW
IsValidCodePage
GetACP
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
LocalFileTimeToFileTime
WriteConsoleW
user32
EnableScrollBar
UpdateLayeredWindow
DrawEdge
DrawStateW
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
GetAsyncKeyState
RealChildWindowFromPoint
UnionRect
LockWindowUpdate
MonitorFromPoint
MapDialogRect
SetWindowContextHelpId
RegisterClipboardFormatW
ShowOwnedPopups
PostQuitMessage
IsZoomed
ReuseDDElParam
UnpackDDElParam
InsertMenuItemW
TranslateAcceleratorW
LoadAcceleratorsW
BringWindowToTop
CharUpperW
GetMessageW
GetIconInfo
CopyImage
GetNextDlgGroupItem
GetWindowDC
TabbedTextOutW
GrayStringW
DrawTextExW
MapVirtualKeyW
GetKeyNameTextW
SendDlgItemMessageA
GetActiveWindow
CreateDialogIndirectParamW
CheckDlgButton
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetScrollInfo
GetLastActivePopup
GetTopWindow
EqualRect
MessageBoxW
AdjustWindowRectEx
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
ValidateRect
GetForegroundWindow
SetActiveWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
DeferWindowPos
SetWindowPlacement
GetWindowPlacement
GetClassInfoExW
GetClassInfoW
GetMessageTime
GetMessagePos
GetMenuState
GetMenuStringW
SetRectEmpty
GetWindowThreadProcessId
GetShellWindow
PeekMessageW
DispatchMessageW
TranslateMessage
DrawFocusRect
GetUpdateRect
DestroyCursor
CallWindowProcW
SystemParametersInfoW
GetClassLongPtrW
GetDCEx
GetSystemMenu
ReleaseCapture
SetCapture
EndDeferWindowPos
BeginDeferWindowPos
LoadImageW
FillRect
DrawIcon
SetParent
EnumDisplayDevicesW
EnumWindows
FindWindowExW
SetWindowTextW
SetForegroundWindow
DestroyAcceleratorTable
IsClipboardFormatAvailable
GetCursorPos
InflateRect
IsChild
GetClassNameW
GetKeyState
SetFocus
GetMenuItemInfoW
DeleteMenu
DestroyMenu
LoadMenuIndirectW
WindowFromPoint
ScreenToClient
EnumDisplayMonitors
EnumDisplaySettingsW
GetWindow
FindWindowW
GetDesktopWindow
SetRect
LockSetForegroundWindow
UpdateWindow
RemoveMenu
AppendMenuW
InsertMenuW
GetMenuItemCount
GetMenuItemID
GetSubMenu
CreatePopupMenu
LoadMenuW
IsWindowEnabled
GetFocus
CharLowerW
GetNextDlgTabItem
CreateWindowExW
SendNotifyMessageW
wsprintfW
SetWindowLongW
GetWindowLongW
CopyRect
GetWindowTextLengthW
GetWindowTextW
DrawTextW
IsRectEmpty
EndPaint
BeginPaint
RegisterClassW
DefWindowProcW
GetParent
IntersectRect
SetCursor
TrackMouseEvent
WinHelpW
IsDialogMessageW
DestroyIcon
ReleaseDC
GetDC
GetSystemMetrics
CharNextW
GetDialogBaseUnits
CreateDialogParamW
DestroyWindow
UnregisterClassW
DrawIconEx
LoadCursorW
CallNextHookEx
GetTabbedTextExtentW
MessageBeep
PostThreadMessageW
CopyAcceleratorTableW
InvalidateRgn
CreateMenu
GetMenuDefaultItem
HideCaret
InvertRect
NotifyWinEvent
SetClassLongPtrW
SetCursorPos
CopyIcon
FrameRect
UnhookWindowsHookEx
SetWindowsHookExW
PtInRect
ClientToScreen
RedrawWindow
SetWindowRgn
KillTimer
SetTimer
IsWindowVisible
RegisterClassExW
ToUnicodeEx
GetWindowRgn
DrawFrameControl
IsWindow
GetSysColorBrush
GetSysColor
LoadBitmapW
InvalidateRect
SetLayeredWindowAttributes
PostMessageW
RegisterWindowMessageW
GetMonitorInfoW
MonitorFromWindow
SetScrollInfo
SetWindowLongPtrW
GetWindowLongPtrW
GetClientRect
SetScrollPos
ScrollWindow
EnableWindow
MoveWindow
LoadIconW
MapWindowPoints
MessageBoxExW
GetWindowRect
GetDlgCtrlID
SendDlgItemMessageW
IsDlgButtonChecked
SetDlgItemTextW
GetDlgItem
EndDialog
DialogBoxParamW
SetWindowPos
ShowWindow
SendMessageW
CreateAcceleratorTableW
GetKeyboardState
SubtractRect
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
DrawMenuBar
CharUpperBuffW
MapVirtualKeyExW
IsCharLowerW
GetComboBoxInfo
WaitMessage
ModifyMenuW
SetMenuDefaultItem
OffsetRect
GetDoubleClickTime
IsIconic
GetKeyboardLayout
IsMenu
gdi32
GetObjectW
SetTextColor
SetBkMode
SelectObject
OffsetViewportOrgEx
CreateBitmap
BitBlt
SetWindowOrgEx
CreateCompatibleDC
GetBitmapDimensionEx
GetDeviceCaps
StretchBlt
SetBitmapDimensionEx
GetTextExtentPoint32W
CombineRgn
CreateRectRgn
CreateRoundRectRgn
CreateSolidBrush
FrameRgn
GetRgnBox
ScaleViewportExtEx
ScaleWindowExtEx
SetRectRgn
GetBkColor
CreateEllipticRgn
Ellipse
LPtoDP
CreateFontW
GetCharWidthW
StretchDIBits
SetWindowExtEx
StartPage
EndPage
AbortDoc
SetAbortProc
GetViewportOrgEx
CreateDIBitmap
GetTextCharsetInfo
RealizePalette
SetPixel
SetDIBColorTable
Polygon
Polyline
GetROP2
GetBkMode
GetNearestColor
GetPolyFillMode
GetStretchBltMode
GetTextAlign
GetWindowOrgEx
EnumFontFamiliesExW
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
OffsetRgn
RoundRect
FillRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
SetViewportExtEx
GetViewportExtEx
TextOutW
MoveToEx
StartDocW
SetTextAlign
SetStretchBltMode
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SelectPalette
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
GetStockObject
DeleteObject
LineTo
IntersectClipRect
EndDoc
CreateFontIndirectW
GetPixel
GetObjectType
GetCurrentPositionEx
ExcludeClipRect
Escape
CreatePatternBrush
CreateHatchBrush
CopyMetaFileW
DPtoLP
SetMapMode
SetBkColor
GetMapMode
CreateDIBSection
SetDIBitsToDevice
SetViewportOrgEx
Rectangle
PatBlt
CreatePen
CreateDCW
GetTextColor
ExtTextOutW
EnumFontFamiliesW
CreateRectRgnIndirect
OffsetWindowOrgEx
GetClipBox
GetTextFaceW
DeleteDC
CreateCompatibleBitmap
GetTextMetricsW
GetTextExtentPointW
GetCurrentObject
CreatePolygonRgn
GetWindowExtEx
winspool.drv
ClosePrinter
DocumentPropertiesW
OpenPrinterW
GetJobW
advapi32
RegEnumKeyW
SetFileSecurityW
GetFileSecurityW
RegSetValueW
RegOpenKeyExA
RegQueryValueExA
EqualSid
TraceMessage
RegEnumValueW
GetTraceEnableFlags
GetTraceEnableLevel
GetTraceLoggerHandle
UnregisterTraceGuids
RegisterTraceGuidsW
SetSecurityDescriptorOwner
SetSecurityDescriptorGroup
SetSecurityDescriptorDacl
IsValidSecurityDescriptor
InitializeSecurityDescriptor
InitializeAcl
ImpersonateSelf
GetTokenInformation
GetLengthSid
FreeSid
AllocateAndInitializeSid
AddAccessAllowedAce
AccessCheck
OpenThreadToken
OpenProcessToken
RegQueryInfoKeyW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RevertToSelf
ImpersonateLoggedOnUser
RegSetValueExW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
RegQueryValueW
shell32
SHGetFileInfoW
ShellExecuteExW
ExtractAssociatedIconW
ShellExecuteW
DragQueryFileW
DragFinish
SHAddToRecentDocs
ExtractIconW
SHGetFolderPathW
SHGetPathFromIDListW
SHBrowseForFolderW
SHAppBarMessage
SHGetDesktopFolder
SHGetSpecialFolderLocation
ole32
RegisterDragDrop
DoDragDrop
OleDuplicateData
ReleaseStgMedium
OleLockRunning
StringFromCLSID
StringFromGUID2
CoRevokeClassObject
CoRegisterClassObject
CLSIDFromString
CreateStreamOnHGlobal
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CoCreateInstance
CoGetMalloc
CoDisconnectObject
CoUninitialize
CoInitializeEx
CoCreateGuid
CoInitialize
CoFreeUnusedLibraries
OleInitialize
OleUninitialize
CLSIDFromProgID
CoGetClassObject
OleFlushClipboard
OleIsCurrentClipboard
CoRegisterMessageFilter
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleGetClipboard
CoLockObjectExternal
RevokeDragDrop
oleaut32
VarBstrFromDate
VariantCopy
OleCreateFontIndirect
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
VariantChangeType
VariantClear
VariantInit
UnRegisterTypeLi
RegisterTypeLi
LoadRegTypeLi
LoadTypeLi
VarUI4FromStr
SysStringLen
SysFreeString
SysAllocStringLen
SysAllocString
oledlg
OleUIBusyW
oleacc
AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject
uxtheme
CloseThemeData
DrawThemeBackground
GetThemePartSize
IsThemeBackgroundPartiallyTransparent
GetThemeSysColor
GetWindowTheme
GetCurrentThemeName
GetThemeColor
DrawThemeText
DrawThemeParentBackground
IsAppThemed
OpenThemeData
winmm
PlaySoundW
imm32
ImmReleaseContext
ImmGetContext
ImmGetOpenStatus
Sections
.text Size: 2.7MB - Virtual size: 2.7MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1006KB - Virtual size: 1005KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 52KB - Virtual size: 104KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 129KB - Virtual size: 129KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.tls Size: 512B - Virtual size: 9B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 9.5MB - Virtual size: 9.5MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 74KB - Virtual size: 73KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
tox tweaking/niggers/New_Project_1.png.png
-
tox tweaking/niggers/OpenShell Settings.xml.xml
-
tox tweaking/niggers/PowerRun.exe.exe windows:5 windows x86 arch:x86
870b8e75c7190e202e9c6c81dff1040c
Code Sign
3d:34:42:6b:94:3c:02:46:bb:2a:dd:6c:e2:9e:2a:e6Certificate
IssuerCN=Sordum SoftwareNot Before31/12/2005, 21:00Not After31/12/2025, 21:00SubjectCN=Sordum SoftwareExtended Key Usages
ExtKeyUsageCodeSigning
04:00:00:00:00:01:21:58:53:08:a2Certificate
IssuerCN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSignNot Before18/03/2009, 10:00Not After18/03/2029, 10:00SubjectCN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSignKey Usages
KeyUsageCertSign
KeyUsageCRLSign
01:f2:40:42:40:ce:fd:22:db:e9:6c:71:fcCertificate
IssuerCN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSignNot Before20/02/2019, 00:00Not After18/03/2029, 10:00SubjectCN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSignKey Usages
KeyUsageCertSign
KeyUsageCRLSign
01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74Certificate
IssuerCN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSignNot Before20/06/2018, 00:00Not After10/12/2034, 00:00SubjectCN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BEKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
01:84:d3:a8:ce:37:81:eb:57:f4:fd:87:7b:83:ae:b2Certificate
IssuerCN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BENot Before27/05/2021, 10:00Not After28/06/2032, 10:00SubjectCN=Globalsign TSA for MS Authenticode Advanced - G4,O=GlobalSign nv-sa,C=BEExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
ce:5e:43:01:ef:03:b0:b7:18:a7:d1:71:ff:fa:d6:b2:e2:48:11:7fSigner
Actual PE Digestce:5e:43:01:ef:03:b0:b7:18:a7:d1:71:ff:fa:d6:b2:e2:48:11:7fDigest Algorithmsha1PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
Imports
wsock32
__WSAFDIsSet
setsockopt
ntohs
recvfrom
sendto
htons
select
listen
WSAStartup
bind
closesocket
connect
socket
send
WSACleanup
ioctlsocket
accept
WSAGetLastError
inet_addr
gethostbyname
gethostname
recv
version
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW
winmm
timeGetTime
waveOutSetVolume
mciSendStringW
comctl32
ImageList_Remove
ImageList_SetDragCursorImage
ImageList_BeginDrag
ImageList_DragEnter
ImageList_DragLeave
ImageList_EndDrag
ImageList_DragMove
ImageList_ReplaceIcon
ImageList_Create
InitCommonControlsEx
ImageList_Destroy
mpr
WNetCancelConnection2W
WNetGetConnectionW
WNetAddConnection2W
WNetUseConnectionW
wininet
InternetReadFile
InternetCloseHandle
InternetOpenW
InternetSetOptionW
InternetCrackUrlW
HttpQueryInfoW
InternetConnectW
HttpOpenRequestW
HttpSendRequestW
FtpOpenFileW
FtpGetFileSize
InternetOpenUrlW
InternetQueryOptionW
InternetQueryDataAvailable
psapi
EnumProcesses
GetModuleBaseNameW
GetProcessMemoryInfo
EnumProcessModules
userenv
CreateEnvironmentBlock
DestroyEnvironmentBlock
UnloadUserProfile
LoadUserProfileW
kernel32
HeapAlloc
Sleep
GetCurrentThreadId
RaiseException
MulDiv
GetVersionExW
GetSystemInfo
MultiByteToWideChar
WideCharToMultiByte
GetModuleHandleW
QueryPerformanceCounter
VirtualFreeEx
OpenProcess
VirtualAllocEx
WriteProcessMemory
ReadProcessMemory
CreateFileW
SetFilePointerEx
ReadFile
WriteFile
FlushFileBuffers
TerminateProcess
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
SetFileTime
GetFileAttributesW
FindFirstFileW
FindClose
DeleteFileW
FindNextFileW
lstrcmpiW
MoveFileW
CopyFileW
CreateDirectoryW
RemoveDirectoryW
SetSystemPowerState
QueryPerformanceFrequency
FindResourceW
LoadResource
LockResource
SizeofResource
GetProcessHeap
OutputDebugStringW
GetLocalTime
CompareStringW
CompareStringA
InterlockedIncrement
InterlockedDecrement
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
GetStdHandle
CreatePipe
InterlockedExchange
TerminateThread
GetTempPathW
GetTempFileNameW
VirtualFree
FormatMessageW
GetExitCodeProcess
SetErrorMode
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileSectionW
WritePrivateProfileSectionW
GetPrivateProfileSectionNamesW
FileTimeToLocalFileTime
FileTimeToSystemTime
SystemTimeToFileTime
LocalFileTimeToFileTime
GetDriveTypeW
GetDiskFreeSpaceExW
GetDiskFreeSpaceW
GetVolumeInformationW
SetVolumeLabelW
CreateHardLinkW
DeviceIoControl
SetFileAttributesW
GetShortPathNameW
CreateEventW
SetEvent
GetEnvironmentVariableW
SetEnvironmentVariableW
GlobalLock
GlobalUnlock
GlobalAlloc
GetFileSize
GlobalFree
GlobalMemoryStatusEx
Beep
GetComputerNameW
GetWindowsDirectoryW
GetSystemDirectoryW
GetCurrentProcessId
GetCurrentThread
GetProcessIoCounters
CreateProcessW
SetPriorityClass
LoadLibraryW
VirtualAlloc
LoadLibraryExW
HeapFree
WaitForSingleObject
CreateThread
DuplicateHandle
GetLastError
CloseHandle
GetCurrentProcess
GetProcAddress
LoadLibraryA
FreeLibrary
GetModuleFileNameW
GetFullPathNameW
ExitProcess
ExitThread
GetSystemTimeAsFileTime
SetCurrentDirectoryW
IsDebuggerPresent
GetCurrentDirectoryW
ResumeThread
GetStartupInfoW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
HeapSize
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetModuleFileNameA
HeapReAlloc
HeapCreate
SetHandleCount
GetFileType
GetStartupInfoA
SetStdHandle
GetConsoleCP
GetConsoleMode
LCMapStringW
LCMapStringA
RtlUnwind
SetFilePointer
GetTimeZoneInformation
GetTimeFormatA
GetDateFormatA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetTickCount
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetModuleHandleA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEndOfFile
EnumResourceNamesW
SetEnvironmentVariableA
user32
SetWindowPos
GetCursorInfo
RegisterHotKey
ClientToScreen
GetKeyboardLayoutNameW
IsCharAlphaW
IsCharAlphaNumericW
IsCharLowerW
IsCharUpperW
GetMenuStringW
GetSubMenu
GetCaretPos
IsZoomed
MonitorFromPoint
GetMonitorInfoW
SetWindowLongW
SetLayeredWindowAttributes
FlashWindow
GetClassLongW
TranslateAcceleratorW
IsDialogMessageW
GetSysColor
InflateRect
DrawFocusRect
DrawTextW
FrameRect
DrawFrameControl
FillRect
PtInRect
DestroyAcceleratorTable
CreateAcceleratorTableW
SetCursor
GetWindowDC
GetSystemMetrics
GetActiveWindow
CharNextW
wsprintfW
RedrawWindow
DrawMenuBar
DestroyMenu
SetMenu
GetWindowTextLengthW
CreateMenu
IsDlgButtonChecked
DefDlgProcW
ReleaseCapture
SetCapture
WindowFromPoint
CreateIconFromResourceEx
mouse_event
ExitWindowsEx
SetActiveWindow
FindWindowExW
EnumThreadWindows
SetMenuDefaultItem
InsertMenuItemW
IsMenu
TrackPopupMenuEx
GetCursorPos
DeleteMenu
CheckMenuRadioItem
CopyImage
GetMenuItemCount
SetMenuItemInfoW
GetMenuItemInfoW
SetForegroundWindow
IsIconic
FindWindowW
SystemParametersInfoW
PeekMessageW
SendInput
GetAsyncKeyState
SetKeyboardState
GetKeyboardState
GetKeyState
VkKeyScanW
LoadStringW
DialogBoxParamW
MessageBeep
EndDialog
SendDlgItemMessageW
GetDlgItem
SetWindowTextW
CopyRect
ReleaseDC
GetDC
EndPaint
BeginPaint
GetClientRect
GetMenu
DestroyWindow
EnumWindows
GetDesktopWindow
IsWindow
IsWindowEnabled
IsWindowVisible
EnableWindow
InvalidateRect
GetWindowThreadProcessId
AttachThreadInput
GetFocus
GetWindowTextW
ScreenToClient
SendMessageTimeoutW
EnumChildWindows
CharUpperBuffW
GetClassNameW
GetParent
GetDlgCtrlID
SendMessageW
MapVirtualKeyW
PostMessageW
GetWindowRect
SetUserObjectSecurity
GetUserObjectSecurity
CloseDesktop
CloseWindowStation
OpenDesktopW
SetProcessWindowStation
GetProcessWindowStation
OpenWindowStationW
MessageBoxW
DefWindowProcW
MoveWindow
AdjustWindowRectEx
SetRect
SetClipboardData
EmptyClipboard
CountClipboardFormats
CloseClipboard
GetClipboardData
IsClipboardFormatAvailable
OpenClipboard
BlockInput
GetMessageW
LockWindowUpdate
DispatchMessageW
GetMenuItemID
TranslateMessage
SetFocus
PostQuitMessage
KillTimer
CreatePopupMenu
RegisterWindowMessageW
SetTimer
ShowWindow
CreateWindowExW
RegisterClassExW
LoadIconW
LoadCursorW
GetSysColorBrush
GetForegroundWindow
MessageBoxA
DestroyIcon
UnregisterHotKey
CharLowerBuffW
MonitorFromRect
keybd_event
LoadImageW
GetWindowLongW
gdi32
DeleteObject
GetObjectW
GetTextExtentPoint32W
ExtCreatePen
StrokeAndFillPath
StrokePath
EndPath
SetPixel
CloseFigure
CreateCompatibleBitmap
CreateCompatibleDC
SelectObject
StretchBlt
GetDIBits
LineTo
AngleArc
MoveToEx
Ellipse
PolyDraw
BeginPath
Rectangle
GetDeviceCaps
SetBkMode
RoundRect
SetBkColor
CreatePen
CreateSolidBrush
SetTextColor
CreateFontW
GetTextFaceW
GetStockObject
CreateDCW
GetPixel
DeleteDC
SetViewportOrgEx
comdlg32
GetSaveFileNameW
GetOpenFileNameW
advapi32
RegEnumValueW
RegDeleteValueW
RegDeleteKeyW
RegSetValueExW
RegCreateKeyExW
GetUserNameW
RegConnectRegistryW
RegEnumKeyExW
CloseServiceHandle
UnlockServiceDatabase
LockServiceDatabase
OpenSCManagerW
InitiateSystemShutdownExW
AdjustTokenPrivileges
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
OpenThreadToken
OpenProcessToken
LookupPrivilegeValueW
DuplicateTokenEx
CreateProcessAsUserW
CreateProcessWithLogonW
InitializeSecurityDescriptor
InitializeAcl
GetLengthSid
SetSecurityDescriptorDacl
CopySid
LogonUserW
GetTokenInformation
GetAclInformation
GetAce
AddAce
GetSecurityDescriptorDacl
shell32
DragQueryPoint
ShellExecuteExW
SHGetFolderPathW
DragQueryFileW
SHEmptyRecycleBinW
SHBrowseForFolderW
SHFileOperationW
SHGetPathFromIDListW
SHGetDesktopFolder
SHGetMalloc
ExtractIconExW
Shell_NotifyIconW
ShellExecuteW
DragFinish
ole32
OleSetMenuDescriptor
MkParseDisplayName
OleSetContainedObject
CoInitialize
CoUninitialize
CoCreateInstance
CreateStreamOnHGlobal
CoTaskMemAlloc
CoTaskMemFree
CLSIDFromString
StringFromCLSID
IIDFromString
StringFromIID
OleInitialize
CreateBindCtx
CLSIDFromProgID
CoInitializeSecurity
CoCreateInstanceEx
CoSetProxyBlanket
OleUninitialize
oleaut32
SafeArrayAllocData
SafeArrayAllocDescriptorEx
SysAllocString
OleLoadPicture
SafeArrayGetVartype
SafeArrayDestroyData
SafeArrayAccessData
VarR8FromDec
VariantTimeToSystemTime
VariantClear
VariantCopy
VariantInit
SafeArrayDestroyDescriptor
LoadRegTypeLi
GetActiveObject
SafeArrayUnaccessData
Sections
.text Size: 512KB - Virtual size: 512KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 54KB - Virtual size: 54KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 26KB - Virtual size: 105KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 60KB - Virtual size: 60KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
tox tweaking/niggers/SCEWIN.zip.zip
-
Export.bat
-
Import.bat
-
SCEWIN_64.exe.exe windows:5 windows x64 arch:x64
c6ad08a1589dd9cf353748c20ce378ce
Code Sign
b9:96:37:58:ea:d2:36:c6:e1:5c:d4:8b:a5:43:3a:aeCertificate
IssuerCN=COMODO RSA Extended Validation Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GBNot Before21/09/2020, 00:00Not After21/09/2023, 23:59SubjectSERIALNUMBER=7155083,CN=AMI US HOLDINGS INC,O=AMI US HOLDINGS INC,POSTALCODE=30093,STREET=5555 Oakbrook Parkway Suite 200,L=Norcross,ST=Georgia,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553Extended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
6d:d4:72:eb:02:ae:04:06:e3:dd:84:3f:5f:e1:45:e1Certificate
IssuerCN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GBNot Before03/12/2014, 00:00Not After02/12/2029, 23:59SubjectCN=COMODO RSA Extended Validation Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GBExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
61:18:54:86:00:00:00:00:00:24Certificate
IssuerCN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before11/04/2011, 22:06Not After11/04/2021, 22:16SubjectCN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GBKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6bCertificate
IssuerCN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GBNot Before23/10/2020, 00:00Not After22/01/2032, 23:59SubjectCN=Sectigo RSA Time Stamping Signer #2,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GBExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate
IssuerCN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=USNot Before02/05/2019, 00:00Not After18/01/2038, 23:59SubjectCN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GBExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
a0:4f:56:4e:4f:9b:a7:68:c9:b1:53:d9:6b:ae:32:32:e5:c1:99:ae:20:01:3d:d6:fd:62:2d:be:df:b4:f3:c2Signer
Actual PE Digesta0:4f:56:4e:4f:9b:a7:68:c9:b1:53:d9:6b:ae:32:32:e5:c1:99:ae:20:01:3d:d6:fd:62:2d:be:df:b4:f3:c2Digest Algorithmsha256PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
kernel32
SetHandleCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
EncodePointer
DecodePointer
FlsFree
SetLastError
FlsSetValue
FlsGetValue
GetLastError
GetCurrentThreadId
FlsAlloc
HeapSetInformation
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
OutputDebugStringA
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
RtlUnwindEx
SetConsoleCtrlHandler
FreeLibrary
InitializeCriticalSectionAndSpinCount
GetEnvironmentStringsW
HeapFree
HeapAlloc
GetCPInfo
GetACP
GetOEMCP
Sleep
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
LCMapStringW
MultiByteToWideChar
GetStringTypeW
HeapReAlloc
VirtualProtect
VirtualAlloc
SetThreadStackGuarantee
GetSystemInfo
VirtualQuery
RaiseException
RtlPcToFileHeader
HeapSize
WideCharToMultiByte
FreeEnvironmentStringsW
GetModuleFileNameA
GetStdHandle
WriteFile
ExitProcess
GetModuleHandleW
GetProcAddress
SetUnhandledExceptionFilter
GetVersionExW
LoadLibraryExW
GetCommandLineA
GetProcessHeap
SetEndOfFile
GetWindowsDirectoryA
LoadLibraryA
GetSystemDirectoryA
CloseHandle
GetFullPathNameA
GetSystemFirmwareTable
SetThreadExecutionState
CreateMutexA
SetProcessAffinityMask
GetVersionExA
GetCurrentDirectoryA
GetModuleHandleA
DeleteFileA
CreateFileA
DeviceIoControl
CreateNamedPipeA
ReadFile
CreateThread
LocalFree
GetLocalTime
DebugBreak
ReadConsoleInputA
SetConsoleMode
GetConsoleMode
GetConsoleCP
FlushFileBuffers
SetFilePointer
CreateFileW
WriteConsoleW
SetStdHandle
advapi32
DeleteService
ControlService
OpenServiceA
StartServiceA
CreateServiceA
CloseServiceHandle
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegOpenKeyExA
OpenSCManagerA
shell32
ShellExecuteA
user32
SystemParametersInfoA
BlockInput
ExitWindowsEx
MessageBoxA
RegisterClassExA
DefWindowProcA
DispatchMessageA
TranslateMessage
GetMessageA
CreateWindowExA
wsprintfA
Sections
.text Size: 523KB - Virtual size: 523KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 104KB - Virtual size: 103KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 13KB - Virtual size: 53KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 16KB - Virtual size: 16KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
amifldrv64.sys.sys windows:6 windows x64 arch:x64
4fbdc03e4487f98fb59360ea5b3e640d
Code Sign
61:20:4d:b4:00:00:00:00:00:27Certificate
IssuerCN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before15/04/2011, 19:45Not After15/04/2021, 19:55SubjectCN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
0e:55:cd:b4:e7:e8:ee:b9:dd:5d:89:fc:1d:75:88:caCertificate
IssuerCN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=USNot Before30/08/2017, 00:00Not After24/09/2020, 12:00SubjectSERIALNUMBER=J912954,CN=American Megatrends\, Inc.,O=American Megatrends\, Inc.,L=Norcross,ST=Georgia,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130747656f72676961,1.3.6.1.4.1.311.60.2.1.3=#13025553Extended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66Certificate
IssuerCN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before22/10/2014, 00:00Not After22/10/2024, 00:00SubjectCN=DigiCert Timestamp Responder,O=DigiCert,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5cCertificate
IssuerCN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before18/04/2012, 12:00Not After18/04/2027, 12:00SubjectCN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1bCertificate
IssuerCN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before10/11/2006, 00:00Not After10/11/2021, 00:00SubjectCN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=USExtended Key Usages
ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
33:00:00:00:97:d7:9f:85:90:6e:a3:18:a4:00:00:00:00:00:97Certificate
IssuerCN=Microsoft Windows Third Party Component CA 2012,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before11/03/2020, 17:47Not After05/03/2021, 17:47SubjectCN=Microsoft Windows Hardware Compatibility Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USExtended Key Usages
ExtKeyUsageCodeSigning
61:0b:aa:c1:00:00:00:00:00:09Certificate
IssuerCN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before18/04/2012, 23:48Not After18/04/2027, 23:58SubjectCN=Microsoft Windows Third Party Component CA 2012,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
70:9a:b9:53:02:bb:44:c7:a7:da:fa:f3:42:ca:93:34:22:ea:03:ed:7b:49:2b:e2:04:a3:19:16:1f:eb:35:0eSigner
Actual PE Digest70:9a:b9:53:02:bb:44:c7:a7:da:fa:f3:42:ca:93:34:22:ea:03:ed:7b:49:2b:e2:04:a3:19:16:1f:eb:35:0eDigest Algorithmsha256PE Digest Matchestruec4:2f:ea:a6:c9:78:8b:71:61:b7:65:f7:25:07:02:04:f7:b5:e3:ecSigner
Actual PE Digestc4:2f:ea:a6:c9:78:8b:71:61:b7:65:f7:25:07:02:04:f7:b5:e3:ecDigest Algorithmsha1PE Digest MatchestrueHeaders
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
d:\amibios\utility\amiflashdriver\flashdriverwin64\Release\amd64\amifldrv64.pdb
Imports
ntoskrnl.exe
ZwMapViewOfSection
RtlInitUnicodeString
ZwUnmapViewOfSection
ZwClose
ObReferenceObjectByHandle
ZwOpenSection
MmUnmapLockedPages
MmFreeContiguousMemory
MmBuildMdlForNonPagedPool
IoFreeMdl
MmMapIoSpace
MmMapLockedPagesSpecifyCache
IoAllocateMdl
MmAllocateContiguousMemory
IoDeleteSymbolicLink
IoDeleteDevice
IofCompleteRequest
IoCreateSymbolicLink
IoCreateDevice
KeBugCheckEx
MmGetPhysicalAddress
MmUnmapIoSpace
hal
HalTranslateBusAddress
Sections
.text Size: 7KB - Virtual size: 6KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1024B - Virtual size: 604B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 448B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 512B - Virtual size: 264B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
INIT Size: 1024B - Virtual size: 910B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
amigendrv64.sys.sys windows:10 windows x64 arch:x64
07a42e80559d960b176c0fc8fd309bfe
Code Sign
61:20:4d:b4:00:00:00:00:00:27Certificate
IssuerCN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before15/04/2011, 19:45Not After15/04/2021, 19:55SubjectCN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
0e:55:cd:b4:e7:e8:ee:b9:dd:5d:89:fc:1d:75:88:caCertificate
IssuerCN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=USNot Before30/08/2017, 00:00Not After24/09/2020, 12:00SubjectSERIALNUMBER=J912954,CN=American Megatrends\, Inc.,O=American Megatrends\, Inc.,L=Norcross,ST=Georgia,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130747656f72676961,1.3.6.1.4.1.311.60.2.1.3=#13025553Extended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66Certificate
IssuerCN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before22/10/2014, 00:00Not After22/10/2024, 00:00SubjectCN=DigiCert Timestamp Responder,O=DigiCert,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5cCertificate
IssuerCN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before18/04/2012, 12:00Not After18/04/2027, 12:00SubjectCN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1bCertificate
IssuerCN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before10/11/2006, 00:00Not After10/11/2021, 00:00SubjectCN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=USExtended Key Usages
ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
33:00:00:00:97:d7:9f:85:90:6e:a3:18:a4:00:00:00:00:00:97Certificate
IssuerCN=Microsoft Windows Third Party Component CA 2012,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before11/03/2020, 17:47Not After05/03/2021, 17:47SubjectCN=Microsoft Windows Hardware Compatibility Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USExtended Key Usages
ExtKeyUsageCodeSigning
61:0b:aa:c1:00:00:00:00:00:09Certificate
IssuerCN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before18/04/2012, 23:48Not After18/04/2027, 23:58SubjectCN=Microsoft Windows Third Party Component CA 2012,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
51:67:b3:3a:95:b4:db:0a:12:44:cb:3b:95:d4:02:45:87:d9:a5:a9:52:22:ba:bb:03:32:10:e6:b1:11:d2:fbSigner
Actual PE Digest51:67:b3:3a:95:b4:db:0a:12:44:cb:3b:95:d4:02:45:87:d9:a5:a9:52:22:ba:bb:03:32:10:e6:b1:11:d2:fbDigest Algorithmsha256PE Digest Matchestrue60:55:db:c4:53:c1:11:e5:7c:85:ec:8c:fa:d9:e6:e1:14:21:c8:d4Signer
Actual PE Digest60:55:db:c4:53:c1:11:e5:7c:85:ec:8c:fa:d9:e6:e1:14:21:c8:d4Digest Algorithmsha1PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
D:\AMIBIOS\Utility\AmiFlashDriver\AmiFlashDriverSrc\sys\x64\Release\amifldrv64.pdb
Imports
ntoskrnl.exe
MmMapLockedPagesSpecifyCache
MmUnmapLockedPages
MmAllocateContiguousMemory
MmFreeContiguousMemory
IoAllocateMdl
IoFreeMdl
MmGetPhysicalAddress
RtlInitUnicodeString
IofCompleteRequest
IoCreateDevice
IoCreateSymbolicLink
IoDeleteDevice
IoDeleteSymbolicLink
KeLowerIrql
KfRaiseIrql
MmBuildMdlForNonPagedPool
MmUnmapIoSpace
ObReferenceObjectByHandle
ZwClose
ZwOpenSection
ZwMapViewOfSection
ZwUnmapViewOfSection
ExFreePoolWithTag
MmGetSystemRoutineAddress
PsGetVersion
ExAllocatePoolWithQuotaTag
ZwQuerySystemInformation
MmMapIoSpace
RtlCompareMemory
hal
HalTranslateBusAddress
Sections
.text Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 508B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 512B - Virtual size: 480B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.gfids Size: 512B - Virtual size: 4B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
PAGE Size: 512B - Virtual size: 328B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
INIT Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 24B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
tox tweaking/niggers/SCEWIN_64.exe.exe windows:5 windows x64 arch:x64
c6ad08a1589dd9cf353748c20ce378ce
Code Sign
b9:96:37:58:ea:d2:36:c6:e1:5c:d4:8b:a5:43:3a:aeCertificate
IssuerCN=COMODO RSA Extended Validation Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GBNot Before21/09/2020, 00:00Not After21/09/2023, 23:59SubjectSERIALNUMBER=7155083,CN=AMI US HOLDINGS INC,O=AMI US HOLDINGS INC,POSTALCODE=30093,STREET=5555 Oakbrook Parkway Suite 200,L=Norcross,ST=Georgia,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553Extended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
6d:d4:72:eb:02:ae:04:06:e3:dd:84:3f:5f:e1:45:e1Certificate
IssuerCN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GBNot Before03/12/2014, 00:00Not After02/12/2029, 23:59SubjectCN=COMODO RSA Extended Validation Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GBExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
61:18:54:86:00:00:00:00:00:24Certificate
IssuerCN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before11/04/2011, 22:06Not After11/04/2021, 22:16SubjectCN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GBKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6bCertificate
IssuerCN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GBNot Before23/10/2020, 00:00Not After22/01/2032, 23:59SubjectCN=Sectigo RSA Time Stamping Signer #2,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GBExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate
IssuerCN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=USNot Before02/05/2019, 00:00Not After18/01/2038, 23:59SubjectCN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GBExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
a0:4f:56:4e:4f:9b:a7:68:c9:b1:53:d9:6b:ae:32:32:e5:c1:99:ae:20:01:3d:d6:fd:62:2d:be:df:b4:f3:c2Signer
Actual PE Digesta0:4f:56:4e:4f:9b:a7:68:c9:b1:53:d9:6b:ae:32:32:e5:c1:99:ae:20:01:3d:d6:fd:62:2d:be:df:b4:f3:c2Digest Algorithmsha256PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
kernel32
SetHandleCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
EncodePointer
DecodePointer
FlsFree
SetLastError
FlsSetValue
FlsGetValue
GetLastError
GetCurrentThreadId
FlsAlloc
HeapSetInformation
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
OutputDebugStringA
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
RtlUnwindEx
SetConsoleCtrlHandler
FreeLibrary
InitializeCriticalSectionAndSpinCount
GetEnvironmentStringsW
HeapFree
HeapAlloc
GetCPInfo
GetACP
GetOEMCP
Sleep
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
LCMapStringW
MultiByteToWideChar
GetStringTypeW
HeapReAlloc
VirtualProtect
VirtualAlloc
SetThreadStackGuarantee
GetSystemInfo
VirtualQuery
RaiseException
RtlPcToFileHeader
HeapSize
WideCharToMultiByte
FreeEnvironmentStringsW
GetModuleFileNameA
GetStdHandle
WriteFile
ExitProcess
GetModuleHandleW
GetProcAddress
SetUnhandledExceptionFilter
GetVersionExW
LoadLibraryExW
GetCommandLineA
GetProcessHeap
SetEndOfFile
GetWindowsDirectoryA
LoadLibraryA
GetSystemDirectoryA
CloseHandle
GetFullPathNameA
GetSystemFirmwareTable
SetThreadExecutionState
CreateMutexA
SetProcessAffinityMask
GetVersionExA
GetCurrentDirectoryA
GetModuleHandleA
DeleteFileA
CreateFileA
DeviceIoControl
CreateNamedPipeA
ReadFile
CreateThread
LocalFree
GetLocalTime
DebugBreak
ReadConsoleInputA
SetConsoleMode
GetConsoleMode
GetConsoleCP
FlushFileBuffers
SetFilePointer
CreateFileW
WriteConsoleW
SetStdHandle
advapi32
DeleteService
ControlService
OpenServiceA
StartServiceA
CreateServiceA
CloseServiceHandle
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegOpenKeyExA
OpenSCManagerA
shell32
ShellExecuteA
user32
SystemParametersInfoA
BlockInput
ExitWindowsEx
MessageBoxA
RegisterClassExA
DefWindowProcA
DispatchMessageA
TranslateMessage
GetMessageA
CreateWindowExA
wsprintfA
Sections
.text Size: 523KB - Virtual size: 523KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 104KB - Virtual size: 103KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 13KB - Virtual size: 53KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 16KB - Virtual size: 16KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
tox tweaking/niggers/SetACL.exe.exe windows:6 windows x64 arch:x64
d4f9425f57877ed12395f309e063b715
Code Sign
2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:afCertificate
IssuerCN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GBNot Before09/05/2013, 00:00Not After08/05/2028, 23:59SubjectCN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GBExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
f9:28:d8:58:4a:73:ea:4b:0a:69:0d:b1:15:02:87:ddCertificate
IssuerCN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GBNot Before11/12/2018, 00:00Not After11/12/2022, 23:59SubjectCN=vast limits GmbH,O=vast limits GmbH,POSTALCODE=50733,STREET=Werkstattstr. 98,L=Cologne,ST=NRW,C=DEExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:ddCertificate
IssuerCN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before01/01/2021, 00:00Not After06/01/2031, 00:00SubjectCN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate
IssuerCN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before07/01/2016, 12:00Not After07/01/2031, 12:00SubjectCN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
58:79:a5:f0:95:48:9a:59:4d:13:ba:ad:1b:d9:84:2a:dd:4e:29:7c:47:1b:d6:d8:4f:d2:2d:20:28:42:3c:8bSigner
Actual PE Digest58:79:a5:f0:95:48:9a:59:4d:13:ba:ad:1b:d9:84:2a:dd:4e:29:7c:47:1b:d6:d8:4f:d2:2d:20:28:42:3c:8bDigest Algorithmsha256PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
D:\Code\SetACL3\Source\SetACL.exe\x64\Release\SetACL.pdb
Imports
ws2_32
WSAStartup
WSACleanup
secur32
GetUserNameExW
version
VerQueryValueW
ntdll
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
activeds
ord13
kernel32
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
LocalFree
FormatMessageA
InitializeCriticalSectionAndSpinCount
WaitForSingleObject
SetLastError
TlsFree
TlsAlloc
TlsSetValue
TlsGetValue
SetEvent
CreateEventW
LoadLibraryExW
FormatMessageW
FreeLibrary
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetSystemTimeAsFileTime
FileTimeToLocalFileTime
GetCurrentThreadId
GetFileSizeEx
WriteFile
SetFilePointerEx
CreateMutexW
ReleaseMutex
ResetEvent
FindFirstFileW
FindNextFileW
FindClose
CreateFileW
MultiByteToWideChar
WideCharToMultiByte
GetStringTypeW
InitializeCriticalSectionEx
EncodePointer
DecodePointer
LCMapStringEx
QueryPerformanceCounter
GetModuleFileNameW
GetCPInfo
WaitForSingleObjectEx
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
GetCurrentProcessId
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
LCMapStringW
GetUserDefaultLCID
RtlUnwindEx
RtlPcToFileHeader
RaiseException
CreateThread
ExitThread
FreeLibraryAndExitThread
GetModuleHandleExW
GetStdHandle
ExitProcess
GetCommandLineA
GetCommandLineW
HeapAlloc
HeapFree
IsValidCodePage
GetACP
GetOEMCP
GetLocaleInfoW
IsValidLocale
EnumSystemLocalesW
CompareStringW
GetFileType
HeapReAlloc
FindFirstFileExW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
SetStdHandle
GetProcessHeap
FlushFileBuffers
GetConsoleCP
GetConsoleMode
HeapSize
ReadFile
ReadConsoleW
WriteConsoleW
GetVersionExW
GetComputerNameW
GetUserDefaultLangID
FreeResource
LockResource
LoadResource
FindResourceW
CloseHandle
GetCurrentProcess
GetProcAddress
GetLastError
GetModuleHandleW
CompareFileTime
DeleteFileW
GetFileAttributesW
CreateDirectoryW
GetLocalTime
MoveFileExW
SetEndOfFile
user32
LoadStringW
advapi32
LookupAccountNameW
CopySid
ConvertSidToStringSidW
ConvertStringSidToSidW
IsValidSid
GetAclInformation
ConvertSecurityDescriptorToStringSecurityDescriptorW
GetSecurityDescriptorControl
SetEntriesInAclW
MakeAbsoluteSD
ConvertStringSecurityDescriptorToSecurityDescriptorW
ReportEventW
DeregisterEventSource
RegisterEventSourceW
RegCloseKey
LookupAccountSidW
GetSecurityDescriptorLength
AddAccessAllowedAce
AddAce
InitializeAcl
IsValidAcl
DeleteAce
MakeSelfRelativeSD
SetSecurityDescriptorSacl
SetSecurityDescriptorDacl
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
SetNamedSecurityInfoW
SetSecurityInfo
IsValidSecurityDescriptor
GetNamedSecurityInfoW
MapGenericMask
RegCreateKeyExW
RegOpenKeyExW
RegConnectRegistryW
RegEnumKeyExW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
EqualSid
IsWellKnownSid
GetLengthSid
GetKernelObjectSecurity
GetAce
ole32
CoSetProxyBlanket
CoInitialize
CoInitializeSecurity
CoCreateInstance
CoUninitialize
CoQueryProxyBlanket
oleaut32
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayCreate
SysAllocString
VariantInit
VariantClear
SafeArrayGetLBound
SysAllocStringLen
SafeArrayGetUBound
SysFreeString
SysAllocStringByteLen
SysStringByteLen
netapi32
DsGetDcNameW
NetApiBufferFree
NetShareSetInfo
NetShareGetInfo
NetDfsGetClientInfo
mpr
WNetEnumResourceW
WNetCloseEnum
WNetOpenEnumW
Sections
.text Size: 423KB - Virtual size: 423KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 136KB - Virtual size: 136KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 7KB - Virtual size: 14KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 16KB - Virtual size: 16KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_RDATA Size: 512B - Virtual size: 244B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 5KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
tox tweaking/niggers/ToX.pow
-
tox tweaking/niggers/ToX3.nip
-
tox tweaking/niggers/Ultimate.pow
-
tox tweaking/niggers/VC_redist.x64.exe.exe windows:5 windows x86 arch:x86
1a5cdbf711fee14b077e599d13fddab2
Code Sign
33:00:00:03:a5:41:11:e8:f0:7f:be:0b:75:00:00:00:00:03:a5Certificate
IssuerCN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before19/10/2023, 19:51Not After16/10/2024, 19:51SubjectCN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USExtended Key Usages
ExtKeyUsageCodeSigning
61:0e:90:d2:00:00:00:00:00:03Certificate
IssuerCN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before08/07/2011, 20:59Not After08/07/2026, 21:09SubjectCN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
5e:18:06:fe:03:84:bc:c9:9b:18:69:dd:02:f9:1c:4d:21:5e:1c:b6:9c:c2:01:d7:6c:82:c7:2b:73:76:55:23Signer
Actual PE Digest5e:18:06:fe:03:84:bc:c9:9b:18:69:dd:02:f9:1c:4d:21:5e:1c:b6:9c:c2:01:d7:6c:82:c7:2b:73:76:55:23Digest Algorithmsha256PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP
IMAGE_FILE_NET_RUN_FROM_SWAP
PDB Paths
C:\agent\_work\8\s\build\ship\x86\burn.pdb
Imports
advapi32
RegCloseKey
RegOpenKeyExW
OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueW
InitiateSystemShutdownExW
GetUserNameW
RegQueryValueExW
RegDeleteValueW
ConvertStringSecurityDescriptorToSecurityDescriptorW
DecryptFileW
CreateWellKnownSid
InitializeAcl
SetEntriesInAclW
ChangeServiceConfigW
CloseServiceHandle
ControlService
OpenSCManagerW
OpenServiceW
QueryServiceStatus
SetNamedSecurityInfoW
CheckTokenMembership
AllocateAndInitializeSid
SetEntriesInAclA
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegSetValueExW
RegQueryInfoKeyW
RegEnumValueW
RegEnumKeyExW
RegDeleteKeyW
RegCreateKeyExW
GetTokenInformation
CryptDestroyHash
CryptHashData
CryptCreateHash
CryptGetHashParam
CryptReleaseContext
CryptAcquireContextW
QueryServiceConfigW
user32
GetMessageW
PostMessageW
IsWindow
WaitForInputIdle
PostQuitMessage
PeekMessageW
MsgWaitForMultipleObjects
PostThreadMessageW
GetMonitorInfoW
MonitorFromPoint
IsDialogMessageW
LoadCursorW
LoadBitmapW
SetWindowLongW
GetWindowLongW
GetCursorPos
MessageBoxW
CreateWindowExW
UnregisterClassW
RegisterClassW
DefWindowProcW
DispatchMessageW
TranslateMessage
oleaut32
SysFreeString
SysAllocString
VariantInit
VariantClear
gdi32
CreateCompatibleDC
DeleteObject
SelectObject
StretchBlt
GetObjectW
DeleteDC
shell32
SHGetFolderPathW
CommandLineToArgvW
ShellExecuteExW
ole32
CoUninitialize
CoInitializeEx
CoInitialize
StringFromGUID2
CoCreateInstance
CoTaskMemFree
CoInitializeSecurity
CLSIDFromProgID
kernel32
GetCommandLineA
GetCPInfo
GetOEMCP
CloseHandle
CreateFileW
GetProcAddress
LocalFree
HeapSetInformation
GetLastError
GetModuleHandleW
FormatMessageW
lstrlenA
lstrlenW
MultiByteToWideChar
WideCharToMultiByte
LCMapStringW
Sleep
GetLocalTime
GetModuleFileNameW
ExpandEnvironmentStringsW
GetTempPathW
GetTempFileNameW
CreateDirectoryW
GetFullPathNameW
CompareStringW
GetCurrentProcessId
WriteFile
SetFilePointer
LoadLibraryW
GetSystemDirectoryW
CreateFileA
HeapAlloc
HeapReAlloc
HeapFree
HeapSize
GetProcessHeap
FindClose
GetCommandLineW
GetCurrentDirectoryW
RemoveDirectoryW
SetFileAttributesW
GetFileAttributesW
DeleteFileW
FindFirstFileW
FindNextFileW
MoveFileExW
GetCurrentProcess
GetCurrentThreadId
InitializeCriticalSection
DeleteCriticalSection
ReleaseMutex
GetEnvironmentStringsW
TlsGetValue
TlsSetValue
TlsFree
CreateProcessW
GetVersionExW
VerSetConditionMask
FreeLibrary
EnterCriticalSection
LeaveCriticalSection
GetSystemTime
GetNativeSystemInfo
GetModuleHandleExW
GetWindowsDirectoryW
GetSystemWow64DirectoryW
GetComputerNameW
VerifyVersionInfoW
GetVolumePathNameW
GetDateFormatW
GetSystemDefaultLangID
GetUserDefaultLangID
GetStringTypeW
ReadFile
SetFilePointerEx
DuplicateHandle
InterlockedExchange
InterlockedCompareExchange
CreateEventW
ProcessIdToSessionId
OpenProcess
GetProcessId
WaitForSingleObject
ConnectNamedPipe
SetNamedPipeHandleState
CreateNamedPipeW
CreateThread
GetExitCodeThread
SetEvent
WaitForMultipleObjects
InterlockedIncrement
InterlockedDecrement
ResetEvent
SetEndOfFile
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
CompareStringA
GetExitCodeProcess
SetThreadExecutionState
CopyFileExW
MapViewOfFile
UnmapViewOfFile
CreateMutexW
CreateFileMappingW
GetThreadLocale
IsValidCodePage
FreeEnvironmentStringsW
TlsAlloc
SetStdHandle
GetConsoleCP
GetConsoleMode
FlushFileBuffers
DecodePointer
WriteConsoleW
GetModuleHandleA
GlobalAlloc
GlobalFree
GetFileSizeEx
CopyFileW
VirtualAlloc
VirtualFree
SystemTimeToTzSpecificLocalTime
GetTimeZoneInformation
SystemTimeToFileTime
GetSystemInfo
VirtualProtect
VirtualQuery
SetCurrentDirectoryW
FindFirstFileExW
GetFileType
GetACP
ExitProcess
GetStdHandle
LoadLibraryExW
InitializeCriticalSectionAndSpinCount
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
RaiseException
RtlUnwind
SetLastError
LoadLibraryExA
rpcrt4
UuidCreate
Sections
.text Size: 294KB - Virtual size: 293KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 123KB - Virtual size: 122KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 2KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.wixburn Size: 512B - Virtual size: 56B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.tls Size: 512B - Virtual size: 9B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.gfids Size: 512B - Virtual size: 224B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 15KB - Virtual size: 14KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 15KB - Virtual size: 15KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
tox tweaking/niggers/amifldrv64.sys.sys windows:6 windows x64 arch:x64
4fbdc03e4487f98fb59360ea5b3e640d
Code Sign
61:20:4d:b4:00:00:00:00:00:27Certificate
IssuerCN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before15/04/2011, 19:45Not After15/04/2021, 19:55SubjectCN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
0e:55:cd:b4:e7:e8:ee:b9:dd:5d:89:fc:1d:75:88:caCertificate
IssuerCN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=USNot Before30/08/2017, 00:00Not After24/09/2020, 12:00SubjectSERIALNUMBER=J912954,CN=American Megatrends\, Inc.,O=American Megatrends\, Inc.,L=Norcross,ST=Georgia,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130747656f72676961,1.3.6.1.4.1.311.60.2.1.3=#13025553Extended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66Certificate
IssuerCN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before22/10/2014, 00:00Not After22/10/2024, 00:00SubjectCN=DigiCert Timestamp Responder,O=DigiCert,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5cCertificate
IssuerCN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before18/04/2012, 12:00Not After18/04/2027, 12:00SubjectCN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1bCertificate
IssuerCN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before10/11/2006, 00:00Not After10/11/2021, 00:00SubjectCN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=USExtended Key Usages
ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
33:00:00:00:97:d7:9f:85:90:6e:a3:18:a4:00:00:00:00:00:97Certificate
IssuerCN=Microsoft Windows Third Party Component CA 2012,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before11/03/2020, 17:47Not After05/03/2021, 17:47SubjectCN=Microsoft Windows Hardware Compatibility Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USExtended Key Usages
ExtKeyUsageCodeSigning
61:0b:aa:c1:00:00:00:00:00:09Certificate
IssuerCN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before18/04/2012, 23:48Not After18/04/2027, 23:58SubjectCN=Microsoft Windows Third Party Component CA 2012,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
70:9a:b9:53:02:bb:44:c7:a7:da:fa:f3:42:ca:93:34:22:ea:03:ed:7b:49:2b:e2:04:a3:19:16:1f:eb:35:0eSigner
Actual PE Digest70:9a:b9:53:02:bb:44:c7:a7:da:fa:f3:42:ca:93:34:22:ea:03:ed:7b:49:2b:e2:04:a3:19:16:1f:eb:35:0eDigest Algorithmsha256PE Digest Matchestruec4:2f:ea:a6:c9:78:8b:71:61:b7:65:f7:25:07:02:04:f7:b5:e3:ecSigner
Actual PE Digestc4:2f:ea:a6:c9:78:8b:71:61:b7:65:f7:25:07:02:04:f7:b5:e3:ecDigest Algorithmsha1PE Digest MatchestrueHeaders
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
d:\amibios\utility\amiflashdriver\flashdriverwin64\Release\amd64\amifldrv64.pdb
Imports
ntoskrnl.exe
ZwMapViewOfSection
RtlInitUnicodeString
ZwUnmapViewOfSection
ZwClose
ObReferenceObjectByHandle
ZwOpenSection
MmUnmapLockedPages
MmFreeContiguousMemory
MmBuildMdlForNonPagedPool
IoFreeMdl
MmMapIoSpace
MmMapLockedPagesSpecifyCache
IoAllocateMdl
MmAllocateContiguousMemory
IoDeleteSymbolicLink
IoDeleteDevice
IofCompleteRequest
IoCreateSymbolicLink
IoCreateDevice
KeBugCheckEx
MmGetPhysicalAddress
MmUnmapIoSpace
hal
HalTranslateBusAddress
Sections
.text Size: 7KB - Virtual size: 6KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1024B - Virtual size: 604B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 448B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 512B - Virtual size: 264B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
INIT Size: 1024B - Virtual size: 910B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
tox tweaking/niggers/amigendrv64.sys.sys windows:10 windows x64 arch:x64
07a42e80559d960b176c0fc8fd309bfe
Code Sign
61:20:4d:b4:00:00:00:00:00:27Certificate
IssuerCN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before15/04/2011, 19:45Not After15/04/2021, 19:55SubjectCN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
0e:55:cd:b4:e7:e8:ee:b9:dd:5d:89:fc:1d:75:88:caCertificate
IssuerCN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=USNot Before30/08/2017, 00:00Not After24/09/2020, 12:00SubjectSERIALNUMBER=J912954,CN=American Megatrends\, Inc.,O=American Megatrends\, Inc.,L=Norcross,ST=Georgia,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130747656f72676961,1.3.6.1.4.1.311.60.2.1.3=#13025553Extended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66Certificate
IssuerCN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before22/10/2014, 00:00Not After22/10/2024, 00:00SubjectCN=DigiCert Timestamp Responder,O=DigiCert,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5cCertificate
IssuerCN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before18/04/2012, 12:00Not After18/04/2027, 12:00SubjectCN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1bCertificate
IssuerCN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before10/11/2006, 00:00Not After10/11/2021, 00:00SubjectCN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=USExtended Key Usages
ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
33:00:00:00:97:d7:9f:85:90:6e:a3:18:a4:00:00:00:00:00:97Certificate
IssuerCN=Microsoft Windows Third Party Component CA 2012,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before11/03/2020, 17:47Not After05/03/2021, 17:47SubjectCN=Microsoft Windows Hardware Compatibility Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USExtended Key Usages
ExtKeyUsageCodeSigning
61:0b:aa:c1:00:00:00:00:00:09Certificate
IssuerCN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before18/04/2012, 23:48Not After18/04/2027, 23:58SubjectCN=Microsoft Windows Third Party Component CA 2012,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
51:67:b3:3a:95:b4:db:0a:12:44:cb:3b:95:d4:02:45:87:d9:a5:a9:52:22:ba:bb:03:32:10:e6:b1:11:d2:fbSigner
Actual PE Digest51:67:b3:3a:95:b4:db:0a:12:44:cb:3b:95:d4:02:45:87:d9:a5:a9:52:22:ba:bb:03:32:10:e6:b1:11:d2:fbDigest Algorithmsha256PE Digest Matchestrue60:55:db:c4:53:c1:11:e5:7c:85:ec:8c:fa:d9:e6:e1:14:21:c8:d4Signer
Actual PE Digest60:55:db:c4:53:c1:11:e5:7c:85:ec:8c:fa:d9:e6:e1:14:21:c8:d4Digest Algorithmsha1PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
D:\AMIBIOS\Utility\AmiFlashDriver\AmiFlashDriverSrc\sys\x64\Release\amifldrv64.pdb
Imports
ntoskrnl.exe
MmMapLockedPagesSpecifyCache
MmUnmapLockedPages
MmAllocateContiguousMemory
MmFreeContiguousMemory
IoAllocateMdl
IoFreeMdl
MmGetPhysicalAddress
RtlInitUnicodeString
IofCompleteRequest
IoCreateDevice
IoCreateSymbolicLink
IoDeleteDevice
IoDeleteSymbolicLink
KeLowerIrql
KfRaiseIrql
MmBuildMdlForNonPagedPool
MmUnmapIoSpace
ObReferenceObjectByHandle
ZwClose
ZwOpenSection
ZwMapViewOfSection
ZwUnmapViewOfSection
ExFreePoolWithTag
MmGetSystemRoutineAddress
PsGetVersion
ExAllocatePoolWithQuotaTag
ZwQuerySystemInformation
MmMapIoSpace
RtlCompareMemory
hal
HalTranslateBusAddress
Sections
.text Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 508B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 512B - Virtual size: 480B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.gfids Size: 512B - Virtual size: 4B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
PAGE Size: 512B - Virtual size: 328B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
INIT Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 24B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
tox tweaking/niggers/bfsvc.exe.exe windows:10 windows x64 arch:x64
4f5a2ab974ab5b0fcfe38aac2a4c390c
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
bfsvc.pdb
Imports
msvcrt
wcsstr
_wcsicmp
wcsnlen
__iob_func
_wcslwr
memcpy
?terminate@@YAXXZ
_commode
_fmode
_wcmdln
__C_specific_handler
_initterm
__setusermatherr
_cexit
_exit
wcsncmp
exit
swprintf_s
fwprintf
_vsnwprintf_s
fflush
wcschr
wcsrchr
_wcsnicmp
_vsnwprintf
__set_app_type
__wgetmainargs
_snwscanf_s
_amsg_exit
_XcptFilter
memset
rpcrt4
UuidCreate
imagehlp
CheckSumMappedFile
ntdll
NtEnumerateBootEntries
NtQueryDirectoryObject
NtOpenDirectoryObject
NtTranslateFilePath
NtQueryBootOptions
NtQueryBootEntryOrder
NtQueryValueKey
NtQuerySymbolicLinkObject
NtOpenKey
NtOpenSymbolicLinkObject
RtlImpersonateSelf
NtOpenThreadTokenEx
NtOpenProcessTokenEx
NtAdjustPrivilegesToken
RtlFreeHeap
RtlAllocateHeap
NtSetInformationFile
LdrAccessResource
LdrFindResource_U
NtOpenFile
NtQueryInformationThread
NtQueryInformationFile
RtlImageNtHeader
NtDeviceIoControlFile
NtSetInformationThread
NtReadFile
NtOpenProcess
NtQueryInformationProcess
RtlNtStatusToDosError
NtClose
RtlInitUnicodeString
NtWriteFile
NtQuerySystemInformation
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
api-ms-win-core-registry-l1-1-0
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
api-ms-win-shcore-obsolete-l1-1-0
CommandLineToArgvW
api-ms-win-core-errorhandling-l1-1-0
UnhandledExceptionFilter
GetLastError
SetLastError
SetUnhandledExceptionFilter
api-ms-win-core-heap-l2-1-0
LocalFree
api-ms-win-core-synch-l1-2-0
Sleep
api-ms-win-core-processthreads-l1-1-0
GetCurrentThread
TerminateProcess
GetCurrentProcessId
OpenProcessToken
GetStartupInfoW
GetCurrentProcess
OpenThreadToken
GetCurrentThreadId
api-ms-win-core-libraryloader-l1-2-0
FreeLibrary
GetProcAddress
LoadLibraryExW
GetModuleHandleW
api-ms-win-core-profile-l1-1-0
QueryPerformanceCounter
api-ms-win-core-sysinfo-l1-1-0
GetTickCount
GetSystemTimeAsFileTime
api-ms-win-core-file-l1-1-0
GetFullPathNameW
GetLongPathNameW
FlushFileBuffers
DeleteFileW
GetVolumeInformationW
FindFirstFileW
GetFileSizeEx
CreateDirectoryW
FindNextFileW
WriteFile
SetFileInformationByHandle
GetFileAttributesW
SetFileAttributesW
FindClose
GetVolumePathNameW
GetFileInformationByHandle
CreateFileW
api-ms-win-core-heap-l1-1-0
HeapFree
GetProcessHeap
HeapAlloc
api-ms-win-core-privateprofile-l1-1-0
GetPrivateProfileSectionW
api-ms-win-core-file-l1-2-0
GetVolumeNameForVolumeMountPointW
api-ms-win-core-handle-l1-1-0
CloseHandle
api-ms-win-core-file-l2-1-0
MoveFileExW
CopyFileExW
GetFileInformationByHandleEx
api-ms-win-core-shlwapi-legacy-l1-1-0
PathRemoveBackslashW
api-ms-win-core-io-l1-1-0
DeviceIoControl
api-ms-win-core-memory-l1-1-0
CreateFileMappingW
UnmapViewOfFile
MapViewOfFile
api-ms-win-security-base-l1-1-0
GetSecurityDescriptorSacl
GetTokenInformation
AdjustTokenPrivileges
GetSecurityDescriptorOwner
GetSecurityDescriptorControl
GetSecurityDescriptorGroup
GetSecurityDescriptorDacl
api-ms-win-security-sddl-l1-1-0
ConvertStringSecurityDescriptorToSecurityDescriptorW
ConvertSidToStringSidW
api-ms-win-security-provider-l1-1-0
SetNamedSecurityInfoW
api-ms-win-security-lsalookup-l2-1-0
LookupPrivilegeValueW
Sections
.text Size: 52KB - Virtual size: 50KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 36KB - Virtual size: 32KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 4KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 4KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 4KB - Virtual size: 76B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
tox tweaking/niggers/cru.zip.zip
-
CRU/CRU.exe.exe windows:4 windows x86 arch:x86
cafc89e1b0a9b2c5b10389d6d19936ce
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Imports
setupapi
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA
advapi32
RegCloseKey
RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA
RegEnumKeyExA
RegFlushKey
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
kernel32
CloseHandle
CompareStringA
CreateEventA
CreateFileA
CreateThread
DeleteCriticalSection
DeleteFileA
EnterCriticalSection
EnumCalendarInfoA
ExitProcess
FindClose
FindFirstFileA
FindResourceA
FormatMessageA
FreeLibrary
FreeResource
GetACP
GetCPInfo
GetCommandLineA
GetCurrentProcessId
GetCurrentThreadId
GetDateFormatA
GetDiskFreeSpaceA
GetEnvironmentStrings
GetFileAttributesA
GetFileType
GetFullPathNameA
GetLastError
GetLocalTime
GetLocaleInfoA
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetProcAddress
GetProcessHeap
GetStartupInfoA
GetStdHandle
GetStringTypeA
GetStringTypeW
GetSystemDefaultLangID
GetThreadLocale
GetTickCount
GetUserDefaultLCID
GetVersion
GetVersionExA
GlobalAddAtomA
GlobalDeleteAtom
GlobalFindAtomA
HeapAlloc
HeapFree
InitializeCriticalSection
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsValidLocale
LCMapStringA
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
LoadResource
LockResource
MulDiv
MultiByteToWideChar
RaiseException
ReadFile
ResetEvent
RtlUnwind
SetConsoleCtrlHandler
SetEndOfFile
SetErrorMode
SetEvent
SetFilePointer
SetHandleCount
SetLastError
SetThreadLocale
SizeofResource
Sleep
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualQuery
WaitForSingleObject
WideCharToMultiByte
WriteFile
lstrcpyA
lstrcpynA
lstrlenA
version
GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA
comctl32
ImageList_Add
ImageList_BeginDrag
ImageList_Destroy
ImageList_DragEnter
ImageList_DragLeave
ImageList_DragMove
ImageList_DragShowNolock
ImageList_Draw
ImageList_DrawEx
ImageList_EndDrag
ImageList_GetBkColor
ImageList_GetDragImage
ImageList_GetIconSize
ImageList_GetImageCount
ImageList_Read
ImageList_Remove
ImageList_Replace
ImageList_SetBkColor
ImageList_SetIconSize
ImageList_Write
_TrackMouseEvent
ImageList_Create
comdlg32
GetOpenFileNameA
GetSaveFileNameA
gdi32
BitBlt
CreateBitmap
CreateBrushIndirect
CreateCompatibleBitmap
CreateCompatibleDC
CreateDIBSection
CreateDIBitmap
CreateFontIndirectA
CreateHalftonePalette
CreatePalette
CreatePenIndirect
CreateSolidBrush
DeleteDC
DeleteObject
Ellipse
ExcludeClipRect
ExtTextOutA
GetBitmapBits
GetBrushOrgEx
GetClipBox
GetCurrentPositionEx
GetDCOrgEx
GetDIBColorTable
GetDIBits
GetDeviceCaps
GetObjectA
GetPaletteEntries
GetPixel
GetRgnBox
GetStockObject
GetSystemPaletteEntries
GetTextExtentPoint32A
GetTextMetricsA
GetWindowOrgEx
IntersectClipRect
LineTo
MaskBlt
MoveToEx
PatBlt
RealizePalette
RectVisible
Rectangle
RestoreDC
RoundRect
SaveDC
SelectClipRgn
SelectObject
SelectPalette
SetBkColor
SetBkMode
SetBrushOrgEx
SetDIBColorTable
SetPixel
SetROP2
SetStretchBltMode
SetTextColor
SetViewportOrgEx
SetWindowOrgEx
StretchBlt
UnrealizeObject
user32
ActivateKeyboardLayout
AdjustWindowRectEx
BeginPaint
CallNextHookEx
CallWindowProcA
CharLowerA
CharNextA
CharToOemA
CheckDlgButton
CheckMenuItem
ClientToScreen
CreateIcon
CreateMenu
CreatePopupMenu
CreateWindowExA
DefFrameProcA
DefMDIChildProcA
DefWindowProcA
DeleteMenu
DestroyCursor
DestroyIcon
DestroyMenu
DestroyWindow
DispatchMessageA
DispatchMessageW
DrawEdge
DrawFocusRect
DrawFrameControl
DrawIcon
DrawIconEx
DrawMenuBar
DrawTextA
EnableMenuItem
EnableScrollBar
EnableWindow
EndPaint
EnumChildWindows
EnumThreadWindows
EnumWindows
EqualRect
FillRect
FindWindowA
FrameRect
GetActiveWindow
GetCapture
GetClassInfoA
GetClassLongA
GetClientRect
GetCursor
GetCursorPos
GetDC
GetDCEx
GetDesktopWindow
GetFocus
GetForegroundWindow
GetIconInfo
GetKeyNameTextA
GetKeyState
GetKeyboardLayout
GetKeyboardLayoutList
GetKeyboardLayoutNameA
GetKeyboardState
GetKeyboardType
GetLastActivePopup
GetMenu
GetMenuItemCount
GetMenuItemID
GetMenuItemInfoA
GetMenuState
GetMenuStringA
GetMessagePos
GetParent
GetPropA
GetScrollInfo
GetScrollPos
GetScrollRange
GetSubMenu
GetSysColor
GetSysColorBrush
GetSystemMenu
GetTopWindow
GetWindow
GetWindowDC
GetWindowLongA
GetWindowLongW
GetWindowPlacement
GetWindowRect
GetWindowTextA
GetWindowThreadProcessId
InflateRect
InsertMenuA
InsertMenuItemA
IntersectRect
InvalidateRect
IsChild
IsDialogMessageA
IsDialogMessageW
IsDlgButtonChecked
IsIconic
IsRectEmpty
IsWindow
IsWindowEnabled
IsWindowUnicode
IsWindowVisible
IsZoomed
KillTimer
LoadBitmapA
LoadCursorA
LoadIconA
LoadKeyboardLayoutA
LoadStringA
MapVirtualKeyA
MapWindowPoints
MessageBoxA
OemToCharA
OffsetRect
PeekMessageA
PeekMessageW
PostMessageA
PostQuitMessage
PtInRect
RedrawWindow
RegisterClassA
RegisterClipboardFormatA
RegisterWindowMessageA
ReleaseCapture
ReleaseDC
RemoveMenu
RemovePropA
ScreenToClient
ScrollWindow
SendMessageA
SendMessageW
SetActiveWindow
SetCapture
SetClassLongA
SetCursor
SetFocus
SetForegroundWindow
SetMenu
SetMenuItemInfoA
SetParent
SetPropA
SetRect
SetScrollInfo
SetScrollPos
SetScrollRange
SetTimer
SetWindowLongA
SetWindowLongW
SetWindowPlacement
SetWindowPos
SetWindowTextA
SetWindowsHookExA
ShowOwnedPopups
ShowScrollBar
ShowWindow
SystemParametersInfoA
TrackPopupMenu
TranslateMDISysAccel
TranslateMessage
UnhookWindowsHookEx
UnregisterClassA
UpdateWindow
WaitMessage
WindowFromPoint
wsprintfA
GetSystemMetrics
oleaut32
SafeArrayCreate
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayPtrOfIndex
SysAllocStringLen
SysFreeString
SysReAllocStringLen
VariantChangeType
VariantClear
VariantCopy
VariantInit
Exports
Exports
@$xp$28Vistaaltfixunit@TVistaAltFix
@Vistaaltfixunit@Finalization$qqrv
@Vistaaltfixunit@Register$qqrv
@Vistaaltfixunit@TVistaAltFix@
@Vistaaltfixunit@TVistaAltFix@$bctr$qqrp18Classes@TComponent
@Vistaaltfixunit@TVistaAltFix@$bdtr$qqrv
@Vistaaltfixunit@TVistaAltFix@VistaWithTheme$qqrv
@Vistaaltfixunit@initialization$qqrv
_AddCEADataForm
_AddDIDDataForm
_AudioFormatForm
_AudioFormatListForm
_ColorimetryForm
_CommonForm
_DIDDetailedResolutionListForm
_DetailedResolutionForm
_DisplayForm
_ExtensionBlockForm
_FreeSyncRangeForm
_HDMI2SupportForm
_HDMIResolutionForm
_HDMISupportForm
_HDRStaticMetadataForm
_PropertiesForm
_SpeakerSetupForm
_StandardResolutionForm
_TVResolutionForm
_TVResolutionListForm
_TiledDisplayTopologyForm
_VideoCapabilityForm
__GetExceptDLLinfo
___CPPdebugHook
Sections
.text Size: 784KB - Virtual size: 788KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 164KB - Virtual size: 196KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.idata Size: 9KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.edata Size: 1KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 290KB - Virtual size: 290KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: - Virtual size: 48KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
CRU/Info.txt
-
CRU/reset-all.exe.exe windows:5 windows x86 arch:x86
32f33abb2edf5d9be4310f0050d459d0
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
user32
MessageBoxW
advapi32
RegSetValueExW
RegQueryValueExW
RegDeleteValueW
RegDeleteTreeW
RegEnumValueW
RegOpenKeyExW
RegEnumKeyExW
RegCloseKey
kernel32
TlsFree
FlushFileBuffers
GetLastError
HeapFree
HeapAlloc
GetCommandLineW
HeapSetInformation
GetStartupInfoW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapCreate
GetProcAddress
GetModuleHandleW
ExitProcess
DecodePointer
WriteFile
GetStdHandle
GetModuleFileNameW
EncodePointer
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsAlloc
TlsGetValue
TlsSetValue
SetLastError
GetCurrentThreadId
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
LoadLibraryW
WideCharToMultiByte
LCMapStringW
MultiByteToWideChar
GetStringTypeW
Sleep
SetFilePointer
GetConsoleCP
GetConsoleMode
RtlUnwind
HeapSize
IsProcessorFeaturePresent
HeapReAlloc
SetStdHandle
WriteConsoleW
CreateFileW
CloseHandle
Sections
.text Size: 32KB - Virtual size: 31KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 10KB - Virtual size: 10KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 11KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1024B - Virtual size: 944B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
CRU/restart.exe.exe windows:5 windows x86 arch:x86
cf4f510acda53bad738cb1d4e01b1c70
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
HeapSize
IsProcessorFeaturePresent
HeapReAlloc
RtlUnwind
CompareStringW
GetConsoleMode
GetConsoleCP
SetFilePointer
LoadLibraryW
SetStdHandle
GetStringTypeW
WideCharToMultiByte
WriteConsoleW
CreateFileW
IsWow64Process
GetModuleFileNameW
Sleep
CreateProcessW
CloseHandle
CreateToolhelp32Snapshot
Process32NextW
Process32FirstW
GetStartupInfoW
TerminateProcess
OpenProcess
GetCurrentProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetFileType
SetHandleCount
GetLastError
HeapFree
HeapAlloc
SetEnvironmentVariableW
GetCurrentDirectoryW
SetCurrentDirectoryW
GetCommandLineW
HeapSetInformation
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
DecodePointer
TlsFree
GetModuleHandleW
SetLastError
GetCurrentThreadId
GetProcAddress
HeapCreate
ExitProcess
WriteFile
GetStdHandle
MultiByteToWideChar
FreeEnvironmentStringsW
GetEnvironmentStringsW
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
LCMapStringW
FlushFileBuffers
user32
SetWindowPlacement
GetWindowRect
EnumWindows
GetWindowPlacement
SetWindowPos
ShowWindow
IsWindowVisible
SetForegroundWindow
DialogBoxParamW
OpenInputDesktop
FindWindowW
GetClientRect
CloseDesktop
EndDialog
FindWindowExW
MessageBoxW
UnregisterHotKey
RegisterHotKey
GetWindowThreadProcessId
GetShellWindow
PostMessageW
advapi32
RegCloseKey
RegEnumKeyExW
RegOpenKeyExW
RegEnumValueW
RegRenameKey
RegDeleteTreeW
RegDeleteValueW
RegQueryValueExW
RegCreateKeyExW
AdjustTokenPrivileges
DuplicateTokenEx
LookupPrivilegeValueW
CreateProcessWithTokenW
OpenProcessToken
RegSetValueExW
setupapi
SetupDiSetClassInstallParamsW
SetupDiGetClassDevsW
SetupDiEnumDeviceInfo
SetupDiDestroyDeviceInfoList
SetupDiCallClassInstaller
Sections
.text Size: 39KB - Virtual size: 38KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 12KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 479KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 5KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
CRU/restart64.exe.exe windows:5 windows x64 arch:x64
2a69fe822ced9bf301916c1307e497a9
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
kernel32
HeapSize
HeapReAlloc
CompareStringW
GetConsoleMode
GetConsoleCP
SetFilePointer
LoadLibraryW
SetStdHandle
GetStringTypeW
WideCharToMultiByte
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
WriteConsoleW
CreateFileW
IsWow64Process
GetModuleFileNameW
Sleep
CreateProcessW
CloseHandle
CreateToolhelp32Snapshot
Process32NextW
Process32FirstW
GetStartupInfoW
TerminateProcess
OpenProcess
GetCurrentProcess
QueryPerformanceCounter
GetFileType
SetHandleCount
LCMapStringW
EnterCriticalSection
GetLastError
HeapFree
HeapAlloc
SetEnvironmentVariableW
GetCurrentDirectoryW
SetCurrentDirectoryW
GetCommandLineW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
EncodePointer
FlsGetValue
FlsSetValue
FlsFree
SetLastError
GetCurrentThreadId
FlsAlloc
DecodePointer
HeapSetInformation
GetVersion
HeapCreate
GetProcAddress
GetModuleHandleW
ExitProcess
WriteFile
GetStdHandle
MultiByteToWideChar
FreeEnvironmentStringsW
GetEnvironmentStringsW
RtlUnwindEx
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
FlushFileBuffers
user32
SetWindowPlacement
GetWindowRect
EnumWindows
GetWindowPlacement
SetWindowPos
ShowWindow
IsWindowVisible
SetForegroundWindow
DialogBoxParamW
OpenInputDesktop
FindWindowW
GetClientRect
CloseDesktop
EndDialog
FindWindowExW
MessageBoxW
UnregisterHotKey
RegisterHotKey
GetWindowThreadProcessId
GetShellWindow
PostMessageW
advapi32
RegCloseKey
RegEnumKeyExW
RegOpenKeyExW
RegEnumValueW
RegRenameKey
RegDeleteTreeW
RegDeleteValueW
RegQueryValueExW
RegCreateKeyExW
AdjustTokenPrivileges
DuplicateTokenEx
LookupPrivilegeValueW
CreateProcessWithTokenW
OpenProcessToken
RegSetValueExW
setupapi
SetupDiSetClassInstallParamsW
SetupDiGetClassDevsW
SetupDiEnumDeviceInfo
SetupDiDestroyDeviceInfoList
SetupDiCallClassInstaller
Sections
.text Size: 44KB - Virtual size: 43KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 16KB - Virtual size: 15KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 5KB - Virtual size: 521KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
tox tweaking/niggers/devcon.exe.exe windows:6 windows x64 arch:x64
ce4a5cfcfb0452b87e013f07f4d59f9c
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
devcon.pdb
Imports
advapi32
OpenProcessToken
RegQueryValueExW
LookupPrivilegeValueW
AdjustTokenPrivileges
InitiateSystemShutdownExW
RegCloseKey
CloseServiceHandle
OpenSCManagerW
OpenServiceW
RegDeleteValueW
RegSetValueExW
kernel32
GetCurrentProcess
FormatMessageW
lstrlenW
GetLastError
CloseHandle
LocalFree
GetDateFormatW
FreeLibrary
LoadLibraryW
FileTimeToSystemTime
GetProcAddress
GetFullPathNameW
FindFirstFileW
GetFileAttributesW
FindClose
FindNextFileW
GetWindowsDirectoryW
Sleep
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetModuleHandleW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
msvcrt
wcschr
_wcsicmp
towlower
_wcsnicmp
fputs
__iob_func
wcsrchr
fputws
?terminate@@YAXXZ
memset
__set_app_type
_fmode
_commode
__setusermatherr
_amsg_exit
_initterm
exit
_cexit
_exit
_XcptFilter
__C_specific_handler
__wgetmainargs
wprintf
??2@YAPEAX_K@Z
towupper
??3@YAXPEAX@Z
iswalpha
ntdll
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
ole32
CLSIDFromString
setupapi
SetupScanFileQueueW
SetupDiGetClassDevsExW
SetupDiGetDeviceRegistryPropertyW
SetupDiSetClassInstallParamsW
SetupDiClassNameFromGuidExW
CM_Reenumerate_DevNode_Ex
SetupCopyOEMInfW
SetupDiSetDeviceRegistryPropertyW
SetupDiGetINFClassW
CM_Disconnect_Machine
SetupDiBuildClassInfoListExW
SetupDiCreateDeviceInfoW
SetupDiCreateDeviceInfoList
CM_Connect_MachineW
CM_Locate_DevNode_ExW
CM_Get_DevNode_Status_Ex
SetupDiBuildDriverInfoList
SetupDiGetDeviceInstallParamsW
SetupDiOpenDevRegKey
SetupDiSetSelectedDriverW
SetupGetStringFieldW
CM_Get_Res_Des_Data_Size_Ex
SetupDiEnumDriverInfoW
CM_Free_Log_Conf_Handle
CM_Get_Device_ID_ExW
CM_Get_Next_Res_Des_Ex
SetupCloseFileQueue
SetupDiGetDriverInstallParamsW
CM_Get_Res_Des_Data_Ex
SetupDiOpenClassRegKeyExW
SetupCloseInfFile
SetupOpenFileQueue
SetupDiCallClassInstaller
SetupDiDestroyDriverInfoList
SetupOpenInfFileW
CM_Free_Res_Des_Handle
CM_Get_First_Log_Conf_Ex
SetupDiSetDeviceInstallParamsW
SetupFindFirstLineW
SetupDiGetDriverInfoDetailW
SetupDiGetClassDescriptionExW
SetupDiClassGuidsFromNameExW
SetupDiOpenDeviceInfoW
SetupDiGetDeviceInfoListDetailW
SetupDiCreateDeviceInfoListExW
SetupDiEnumDeviceInfo
SetupDiDestroyDeviceInfoList
user32
CharNextW
CharPrevW
LoadStringW
Sections
.text Size: 31KB - Virtual size: 31KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 2KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 1024B - Virtual size: 852B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 44KB - Virtual size: 43KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 368B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
tox tweaking/niggers/file.zip.zip
-
Export.bat
-
Import.bat
-
SCEWIN_64.exe.exe windows:5 windows x64 arch:x64
c6ad08a1589dd9cf353748c20ce378ce
Code Sign
b9:96:37:58:ea:d2:36:c6:e1:5c:d4:8b:a5:43:3a:aeCertificate
IssuerCN=COMODO RSA Extended Validation Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GBNot Before21/09/2020, 00:00Not After21/09/2023, 23:59SubjectSERIALNUMBER=7155083,CN=AMI US HOLDINGS INC,O=AMI US HOLDINGS INC,POSTALCODE=30093,STREET=5555 Oakbrook Parkway Suite 200,L=Norcross,ST=Georgia,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553Extended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
6d:d4:72:eb:02:ae:04:06:e3:dd:84:3f:5f:e1:45:e1Certificate
IssuerCN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GBNot Before03/12/2014, 00:00Not After02/12/2029, 23:59SubjectCN=COMODO RSA Extended Validation Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GBExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
61:18:54:86:00:00:00:00:00:24Certificate
IssuerCN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before11/04/2011, 22:06Not After11/04/2021, 22:16SubjectCN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GBKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6bCertificate
IssuerCN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GBNot Before23/10/2020, 00:00Not After22/01/2032, 23:59SubjectCN=Sectigo RSA Time Stamping Signer #2,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GBExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate
IssuerCN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=USNot Before02/05/2019, 00:00Not After18/01/2038, 23:59SubjectCN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GBExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
a0:4f:56:4e:4f:9b:a7:68:c9:b1:53:d9:6b:ae:32:32:e5:c1:99:ae:20:01:3d:d6:fd:62:2d:be:df:b4:f3:c2Signer
Actual PE Digesta0:4f:56:4e:4f:9b:a7:68:c9:b1:53:d9:6b:ae:32:32:e5:c1:99:ae:20:01:3d:d6:fd:62:2d:be:df:b4:f3:c2Digest Algorithmsha256PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
kernel32
SetHandleCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
EncodePointer
DecodePointer
FlsFree
SetLastError
FlsSetValue
FlsGetValue
GetLastError
GetCurrentThreadId
FlsAlloc
HeapSetInformation
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
OutputDebugStringA
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
RtlUnwindEx
SetConsoleCtrlHandler
FreeLibrary
InitializeCriticalSectionAndSpinCount
GetEnvironmentStringsW
HeapFree
HeapAlloc
GetCPInfo
GetACP
GetOEMCP
Sleep
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
LCMapStringW
MultiByteToWideChar
GetStringTypeW
HeapReAlloc
VirtualProtect
VirtualAlloc
SetThreadStackGuarantee
GetSystemInfo
VirtualQuery
RaiseException
RtlPcToFileHeader
HeapSize
WideCharToMultiByte
FreeEnvironmentStringsW
GetModuleFileNameA
GetStdHandle
WriteFile
ExitProcess
GetModuleHandleW
GetProcAddress
SetUnhandledExceptionFilter
GetVersionExW
LoadLibraryExW
GetCommandLineA
GetProcessHeap
SetEndOfFile
GetWindowsDirectoryA
LoadLibraryA
GetSystemDirectoryA
CloseHandle
GetFullPathNameA
GetSystemFirmwareTable
SetThreadExecutionState
CreateMutexA
SetProcessAffinityMask
GetVersionExA
GetCurrentDirectoryA
GetModuleHandleA
DeleteFileA
CreateFileA
DeviceIoControl
CreateNamedPipeA
ReadFile
CreateThread
LocalFree
GetLocalTime
DebugBreak
ReadConsoleInputA
SetConsoleMode
GetConsoleMode
GetConsoleCP
FlushFileBuffers
SetFilePointer
CreateFileW
WriteConsoleW
SetStdHandle
advapi32
DeleteService
ControlService
OpenServiceA
StartServiceA
CreateServiceA
CloseServiceHandle
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegOpenKeyExA
OpenSCManagerA
shell32
ShellExecuteA
user32
SystemParametersInfoA
BlockInput
ExitWindowsEx
MessageBoxA
RegisterClassExA
DefWindowProcA
DispatchMessageA
TranslateMessage
GetMessageA
CreateWindowExA
wsprintfA
Sections
.text Size: 523KB - Virtual size: 523KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 104KB - Virtual size: 103KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 13KB - Virtual size: 53KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 16KB - Virtual size: 16KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
amifldrv64.sys.sys windows:6 windows x64 arch:x64
4fbdc03e4487f98fb59360ea5b3e640d
Code Sign
61:20:4d:b4:00:00:00:00:00:27Certificate
IssuerCN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before15/04/2011, 19:45Not After15/04/2021, 19:55SubjectCN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
0e:55:cd:b4:e7:e8:ee:b9:dd:5d:89:fc:1d:75:88:caCertificate
IssuerCN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=USNot Before30/08/2017, 00:00Not After24/09/2020, 12:00SubjectSERIALNUMBER=J912954,CN=American Megatrends\, Inc.,O=American Megatrends\, Inc.,L=Norcross,ST=Georgia,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130747656f72676961,1.3.6.1.4.1.311.60.2.1.3=#13025553Extended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66Certificate
IssuerCN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before22/10/2014, 00:00Not After22/10/2024, 00:00SubjectCN=DigiCert Timestamp Responder,O=DigiCert,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5cCertificate
IssuerCN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before18/04/2012, 12:00Not After18/04/2027, 12:00SubjectCN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1bCertificate
IssuerCN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before10/11/2006, 00:00Not After10/11/2021, 00:00SubjectCN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=USExtended Key Usages
ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
33:00:00:00:97:d7:9f:85:90:6e:a3:18:a4:00:00:00:00:00:97Certificate
IssuerCN=Microsoft Windows Third Party Component CA 2012,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before11/03/2020, 17:47Not After05/03/2021, 17:47SubjectCN=Microsoft Windows Hardware Compatibility Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USExtended Key Usages
ExtKeyUsageCodeSigning
61:0b:aa:c1:00:00:00:00:00:09Certificate
IssuerCN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before18/04/2012, 23:48Not After18/04/2027, 23:58SubjectCN=Microsoft Windows Third Party Component CA 2012,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
70:9a:b9:53:02:bb:44:c7:a7:da:fa:f3:42:ca:93:34:22:ea:03:ed:7b:49:2b:e2:04:a3:19:16:1f:eb:35:0eSigner
Actual PE Digest70:9a:b9:53:02:bb:44:c7:a7:da:fa:f3:42:ca:93:34:22:ea:03:ed:7b:49:2b:e2:04:a3:19:16:1f:eb:35:0eDigest Algorithmsha256PE Digest Matchestruec4:2f:ea:a6:c9:78:8b:71:61:b7:65:f7:25:07:02:04:f7:b5:e3:ecSigner
Actual PE Digestc4:2f:ea:a6:c9:78:8b:71:61:b7:65:f7:25:07:02:04:f7:b5:e3:ecDigest Algorithmsha1PE Digest MatchestrueHeaders
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
d:\amibios\utility\amiflashdriver\flashdriverwin64\Release\amd64\amifldrv64.pdb
Imports
ntoskrnl.exe
ZwMapViewOfSection
RtlInitUnicodeString
ZwUnmapViewOfSection
ZwClose
ObReferenceObjectByHandle
ZwOpenSection
MmUnmapLockedPages
MmFreeContiguousMemory
MmBuildMdlForNonPagedPool
IoFreeMdl
MmMapIoSpace
MmMapLockedPagesSpecifyCache
IoAllocateMdl
MmAllocateContiguousMemory
IoDeleteSymbolicLink
IoDeleteDevice
IofCompleteRequest
IoCreateSymbolicLink
IoCreateDevice
KeBugCheckEx
MmGetPhysicalAddress
MmUnmapIoSpace
hal
HalTranslateBusAddress
Sections
.text Size: 7KB - Virtual size: 6KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1024B - Virtual size: 604B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 448B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 512B - Virtual size: 264B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
INIT Size: 1024B - Virtual size: 910B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
amigendrv64.sys.sys windows:10 windows x64 arch:x64
07a42e80559d960b176c0fc8fd309bfe
Code Sign
61:20:4d:b4:00:00:00:00:00:27Certificate
IssuerCN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before15/04/2011, 19:45Not After15/04/2021, 19:55SubjectCN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
0e:55:cd:b4:e7:e8:ee:b9:dd:5d:89:fc:1d:75:88:caCertificate
IssuerCN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=USNot Before30/08/2017, 00:00Not After24/09/2020, 12:00SubjectSERIALNUMBER=J912954,CN=American Megatrends\, Inc.,O=American Megatrends\, Inc.,L=Norcross,ST=Georgia,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130747656f72676961,1.3.6.1.4.1.311.60.2.1.3=#13025553Extended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66Certificate
IssuerCN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before22/10/2014, 00:00Not After22/10/2024, 00:00SubjectCN=DigiCert Timestamp Responder,O=DigiCert,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5cCertificate
IssuerCN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before18/04/2012, 12:00Not After18/04/2027, 12:00SubjectCN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1bCertificate
IssuerCN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before10/11/2006, 00:00Not After10/11/2021, 00:00SubjectCN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=USExtended Key Usages
ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
33:00:00:00:97:d7:9f:85:90:6e:a3:18:a4:00:00:00:00:00:97Certificate
IssuerCN=Microsoft Windows Third Party Component CA 2012,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before11/03/2020, 17:47Not After05/03/2021, 17:47SubjectCN=Microsoft Windows Hardware Compatibility Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USExtended Key Usages
ExtKeyUsageCodeSigning
61:0b:aa:c1:00:00:00:00:00:09Certificate
IssuerCN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before18/04/2012, 23:48Not After18/04/2027, 23:58SubjectCN=Microsoft Windows Third Party Component CA 2012,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
51:67:b3:3a:95:b4:db:0a:12:44:cb:3b:95:d4:02:45:87:d9:a5:a9:52:22:ba:bb:03:32:10:e6:b1:11:d2:fbSigner
Actual PE Digest51:67:b3:3a:95:b4:db:0a:12:44:cb:3b:95:d4:02:45:87:d9:a5:a9:52:22:ba:bb:03:32:10:e6:b1:11:d2:fbDigest Algorithmsha256PE Digest Matchestrue60:55:db:c4:53:c1:11:e5:7c:85:ec:8c:fa:d9:e6:e1:14:21:c8:d4Signer
Actual PE Digest60:55:db:c4:53:c1:11:e5:7c:85:ec:8c:fa:d9:e6:e1:14:21:c8:d4Digest Algorithmsha1PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
D:\AMIBIOS\Utility\AmiFlashDriver\AmiFlashDriverSrc\sys\x64\Release\amifldrv64.pdb
Imports
ntoskrnl.exe
MmMapLockedPagesSpecifyCache
MmUnmapLockedPages
MmAllocateContiguousMemory
MmFreeContiguousMemory
IoAllocateMdl
IoFreeMdl
MmGetPhysicalAddress
RtlInitUnicodeString
IofCompleteRequest
IoCreateDevice
IoCreateSymbolicLink
IoDeleteDevice
IoDeleteSymbolicLink
KeLowerIrql
KfRaiseIrql
MmBuildMdlForNonPagedPool
MmUnmapIoSpace
ObReferenceObjectByHandle
ZwClose
ZwOpenSection
ZwMapViewOfSection
ZwUnmapViewOfSection
ExFreePoolWithTag
MmGetSystemRoutineAddress
PsGetVersion
ExAllocatePoolWithQuotaTag
ZwQuerySystemInformation
MmMapIoSpace
RtlCompareMemory
hal
HalTranslateBusAddress
Sections
.text Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 508B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 512B - Virtual size: 480B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.gfids Size: 512B - Virtual size: 4B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
PAGE Size: 512B - Virtual size: 328B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
INIT Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 24B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
tox tweaking/niggers/oldversion.txt
-
tox tweaking/niggers/openshell.exe.exe windows:6 windows x86 arch:x86
e7430d879d98b61bb54478ef2eeb197c
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
C:\projects\open-shell-menu\build\bin\Release\Setup.pdb
Imports
kernel32
SizeofResource
GetCurrentProcess
WriteFile
SetEnvironmentVariableW
WaitForSingleObject
CreateFileW
GetVersion
LockResource
DeleteFileW
CloseHandle
LoadResource
FindResourceW
GetProcAddress
CreateProcessW
GetModuleHandleW
GetExitCodeProcess
WriteConsoleW
GetConsoleMode
GetConsoleOutputCP
FlushFileBuffers
SetFilePointerEx
GetCPInfo
OutputDebugStringW
MultiByteToWideChar
GetLastError
WideCharToMultiByte
HeapFree
InitializeCriticalSectionEx
HeapSize
HeapReAlloc
HeapAlloc
DecodePointer
DeleteCriticalSection
GetProcessHeap
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
CreateEventW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
RaiseException
RtlUnwind
SetLastError
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
GetStdHandle
GetModuleFileNameW
ExitProcess
GetModuleHandleExW
GetFileType
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetStdHandle
GetStringTypeW
LCMapStringW
user32
LoadStringW
MessageBoxW
shell32
DoEnvironmentSubstW
CommandLineToArgvW
Sections
.text Size: 75KB - Virtual size: 74KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 29KB - Virtual size: 29KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 2KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 7.8MB - Virtual size: 7.8MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
tox tweaking/niggers/openshell.reg
-
tox tweaking/niggers/procexp.exe.exe windows:6 windows x86 arch:x86
553433ab8c22c54672a94bfb04f1fc03
Code Sign
33:00:00:01:df:6b:f0:2e:92:a7:4a:b4:d0:00:00:00:00:01:dfCertificate
IssuerCN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before15/12/2020, 21:31Not After02/12/2021, 21:31SubjectCN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USExtended Key Usages
ExtKeyUsageCodeSigning
61:0e:90:d2:00:00:00:00:00:03Certificate
IssuerCN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before08/07/2011, 20:59Not After08/07/2026, 21:09SubjectCN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
83:6f:6d:0a:21:ee:4a:4d:f1:16:c6:ed:bf:45:77:ad:16:5b:8f:74:64:47:de:5e:c9:06:c3:31:fb:8d:d8:1cSigner
Actual PE Digest83:6f:6d:0a:21:ee:4a:4d:f1:16:c6:ed:bf:45:77:ad:16:5b:8f:74:64:47:de:5e:c9:06:c3:31:fb:8d:d8:1cDigest Algorithmsha256PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
C:\agent\1\s\exe\Win32\Release\procexp.pdb
Imports
shlwapi
SHAutoComplete
ColorHLSToRGB
ColorRGBToHLS
StrStrIW
ord176
StrCmpIW
UrlUnescapeW
iphlpapi
GetExtendedTcpTable
GetExtendedUdpTable
ws2_32
WSAStartup
getservbyport
ntohs
htonl
ntohl
htons
gethostbyaddr
mpr
WNetGetConnectionW
comctl32
ImageList_ReplaceIcon
ImageList_Add
InitCommonControlsEx
ImageList_Destroy
ImageList_DrawEx
ord17
PropertySheetW
ImageList_Create
CreateStatusWindowW
ord413
ImageList_GetIcon
ord410
CreatePropertySheetPageW
version
GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW
credui
CredUIPromptForCredentialsW
setupapi
SetupDiGetClassDevsW
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailW
SetupDiDestroyDeviceInfoList
crypt32
CertDuplicateCertificateContext
CertGetNameStringW
aclui
ord1
powrprof
SetSuspendState
IsPwrSuspendAllowed
IsPwrHibernateAllowed
wtsapi32
WTSEnumerateSessionsW
WTSQuerySessionInformationW
WTSFreeMemory
WTSDisconnectSession
WTSLogoffSession
WTSSendMessageW
uxtheme
EnableThemeDialogTexture
ntdll
NtOpenThread
NtQuerySystemInformation
NtSetInformationProcess
NtQueryObject
NtCreateKey
NtOpenKey
RtlCreateQueryDebugBuffer
RtlQueryProcessDebugInformation
NtQuerySymbolicLinkObject
NtQuerySemaphore
NtQueryEvent
NtResumeProcess
NtQueryInformationProcess
NtQueryInformationThread
NtSuspendProcess
RtlDestroyQueryDebugBuffer
NtSuspendThread
NtLoadDriver
NtResumeThread
NtOpenSymbolicLinkObject
NtQueryMutant
NtQuerySection
RtlUnwind
gdi32
RectInRegion
SelectClipRgn
SelectObject
SetBkColor
SetBkMode
SetTextColor
GetStockObject
Polyline
SetMapMode
StartDocW
EndDoc
StartPage
EndPage
CreateFontIndirectW
GetTextExtentPoint32W
SetTextAlign
ExtTextOutW
GetTextExtentExPointW
LineTo
Rectangle
RestoreDC
SaveDC
SetROP2
MoveToEx
CreateBitmap
GetDeviceCaps
GetBkMode
GetBkColor
DeleteDC
CreateSolidBrush
CreateRectRgnIndirect
CreateRectRgn
CreatePen
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
DeleteObject
GetObjectW
CreateDIBSection
GetTextMetricsW
comdlg32
GetSaveFileNameW
ChooseFontW
GetOpenFileNameW
PrintDlgW
CommDlgExtendedError
ChooseColorW
FindTextW
kernel32
GetLastError
SetErrorMode
InitializeCriticalSection
Sleep
GetCurrentProcess
ExitThread
TlsAlloc
TlsSetValue
CreateProcessW
OpenProcess
GetVersion
GetSystemWindowsDirectoryW
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
IsWow64Process
GetSystemWow64DirectoryW
GetModuleFileNameW
GetModuleHandleW
GetProcAddress
LocalFree
FormatMessageA
lstrlenW
FileTimeToSystemTime
GetDateFormatW
GetTimeFormatW
GetLocaleInfoW
GetNumberFormatW
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
FindFirstFileW
GetFileAttributesW
GetPrivateProfileStringW
FreeLibrary
LoadLibraryExW
ReadFile
SetUnhandledExceptionFilter
FindClose
FindNextFileW
LeaveCriticalSection
EnterCriticalSection
SetEvent
WaitForSingleObject
CreateEventW
WaitForMultipleObjects
GetCurrentThread
HeapDestroy
HeapAlloc
HeapReAlloc
HeapFree
HeapSize
GetProcessHeap
CreateThread
GetExitCodeThread
FindResourceExW
LoadResource
LockResource
SizeofResource
FindResourceW
SetLastError
GetVersionExW
GetFileSizeEx
LoadLibraryW
GetTickCount
MulDiv
GlobalAddAtomW
FormatMessageW
GetCommandLineW
GetFileType
LocalAlloc
TerminateThread
GlobalAlloc
GlobalReAlloc
GlobalUnlock
GlobalLock
WriteFile
Module32NextW
DeleteCriticalSection
GetSystemTime
GetSystemTimeAsFileTime
SystemTimeToFileTime
IsBadStringPtrW
OpenEventW
GetEnvironmentVariableW
ReadProcessMemory
lstrcmpiW
SearchPathW
DeleteFileW
SetFilePointer
GetCurrentProcessId
IsProcessorFeaturePresent
GetSystemDirectoryW
VirtualQueryEx
ResumeThread
GetThreadContext
Thread32First
Thread32Next
QueryPerformanceCounter
QueryPerformanceFrequency
ResetEvent
IsBadReadPtr
TerminateProcess
SetPriorityClass
ProcessIdToSessionId
GetProcessId
GlobalMemoryStatusEx
GetLogicalProcessorInformation
GlobalFree
SetProcessWorkingSetSize
PulseEvent
GetComputerNameW
WTSGetActiveConsoleSessionId
GetCurrentDirectoryW
GetDriveTypeW
OutputDebugStringW
DuplicateHandle
DeviceIoControl
VirtualAlloc
VirtualFree
IsProcessInJob
CreateJobObjectW
QueryInformationJobObject
GetThreadGroupAffinity
SetThreadGroupAffinity
GlobalMemoryStatus
GetProcessAffinityMask
SetProcessAffinityMask
GetProcessWorkingSetSize
GetActiveProcessorGroupCount
GetActiveProcessorCount
WideCharToMultiByte
K32GetModuleFileNameExW
K32QueryWorkingSet
K32GetMappedFileNameW
DecodePointer
RaiseException
InitializeCriticalSectionEx
GetNativeSystemInfo
ExpandEnvironmentStringsA
LoadLibraryExA
GetStartupInfoW
GetStringTypeW
GetCurrentThreadId
TryEnterCriticalSection
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
InitializeSRWLock
InitializeSListHead
TlsFree
FreeLibraryAndExitThread
GetModuleHandleExW
ExitProcess
GetConsoleCP
CompareStringW
LCMapStringW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
SetFilePointerEx
FlushFileBuffers
GetConsoleOutputCP
GetConsoleMode
SetConsoleMode
ReadConsoleInputW
GetLongPathNameW
GetFullPathNameW
GetFileTime
GetFileSize
FileTimeToLocalFileTime
CreateFileW
ExpandEnvironmentStringsW
ReadConsoleW
SetEnvironmentVariableW
GetTimeZoneInformation
FindFirstFileExW
IsValidCodePage
GetACP
GetStdHandle
TlsGetValue
EncodePointer
LCMapStringEx
GetCPInfo
IsDebuggerPresent
InitializeCriticalSectionAndSpinCount
WaitForSingleObjectEx
GetOEMCP
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetStdHandle
SetEndOfFile
WriteConsoleW
CloseHandle
Module32FirstW
UnhandledExceptionFilter
MultiByteToWideChar
user32
RedrawWindow
WindowFromPoint
CheckMenuRadioItem
DrawIconEx
IsDialogMessageW
LockWorkStation
IsHungAppWindow
PeekMessageW
SendMessageTimeoutW
CheckRadioButton
GetDlgCtrlID
MsgWaitForMultipleObjects
GetDesktopWindow
GetWindow
GetGuiResources
LoadBitmapW
CopyImage
EndMenu
SetMenuInfo
GetMenuInfo
TrackPopupMenu
RemoveMenu
CreateMenu
DrawMenuBar
LoadMenuW
TranslateAcceleratorW
LoadAcceleratorsW
IsWindowEnabled
GetDlgItemTextW
CreateDialogParamW
SetLayeredWindowAttributes
IsWindow
PostQuitMessage
ExitWindowsEx
DispatchMessageW
TranslateMessage
GetMessageW
DrawEdge
RegisterWindowMessageW
EndTask
GetWindowDC
SetMenuItemInfoW
IsIconic
ShowWindowAsync
KillTimer
GetMonitorInfoW
MonitorFromPoint
EnumWindows
SetClassLongW
ClientToScreen
GetWindowTextW
InvalidateRgn
TrackPopupMenuEx
ModifyMenuW
AppendMenuW
GetMenuItemCount
GetMenuItemID
EnableMenuItem
CreatePopupMenu
EnableWindow
IsDlgButtonChecked
CheckDlgButton
GetWindowPlacement
LoadIconW
SetWindowPlacement
DefMDIChildProcW
DefFrameProcW
DefDlgProcW
CreateIconIndirect
FrameRect
IsWindowVisible
DestroyWindow
GetClassNameW
EnumChildWindows
PtInRect
UnionRect
CopyRect
ScreenToClient
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
IsZoomed
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
DrawFrameControl
ChildWindowFromPoint
DialogBoxParamW
MoveWindow
SetWindowTextW
GetDlgItem
EndDialog
DialogBoxIndirectParamW
GetScrollInfo
SetScrollInfo
GetClassLongW
SetWindowLongW
GetWindowLongW
OffsetRect
IntersectRect
InflateRect
FillRect
GetSysColorBrush
GetSysColor
MapWindowPoints
GetCursorPos
GetWindowRect
SendMessageW
WaitForInputIdle
ShowWindow
SetFocus
ReleaseCapture
GetSystemMetrics
GetMenu
CheckMenuItem
GetSubMenu
GetClientRect
GetPropW
SetPropW
ScrollWindowEx
ValidateRect
InvalidateRect
GetUpdateRgn
GetUpdateRect
EndPaint
BeginPaint
UpdateWindow
DrawTextW
SetTimer
SetCapture
GetCapture
GetKeyState
GetFocus
InsertMenuW
DeleteMenu
SetForegroundWindow
MessageBoxW
SetCursor
FindWindowW
FindWindowExW
GetWindowThreadProcessId
LoadCursorW
DestroyIcon
LoadImageW
EnumDisplaySettingsW
GetDC
ReleaseDC
SetWindowPos
CreateWindowExW
RegisterClassExW
CallWindowProcW
DefWindowProcW
GetParent
SetDlgItemTextW
PostMessageW
LoadStringW
advapi32
AdjustTokenPrivileges
AllocateAndInitializeSid
DuplicateTokenEx
EqualSid
FreeSid
GetTokenInformation
CopySid
GetLengthSid
QueryServiceConfigW
ImpersonateLoggedOnUser
AddAccessAllowedAce
AddAce
CreateRestrictedToken
GetAce
GetSidIdentifierAuthority
GetSidSubAuthority
GetSidSubAuthorityCount
RevertToSelf
LookupAccountSidW
InitializeAcl
IsValidSid
SetTokenInformation
GetSecurityInfo
SetSecurityInfo
LsaFreeMemory
OpenProcessToken
LsaOpenPolicy
LsaEnumerateAccountRights
ConvertSidToStringSidW
FlushTraceW
RegConnectRegistryW
CreateProcessAsUserW
GetKernelObjectSecurity
SetKernelObjectSecurity
LookupPrivilegeNameW
EnumServicesStatusExW
RegQueryValueExA
RegOpenKeyExA
ProcessTrace
LookupAccountNameW
LookupPrivilegeValueW
RegCreateKeyExW
RegDeleteKeyW
RegEnumKeyW
OpenTraceW
ControlTraceW
StartTraceW
SetServiceObjectSecurity
QueryServiceObjectSecurity
MapGenericMask
RegCreateKeyW
LsaClose
RegCloseKey
StartServiceW
QueryServiceStatus
RegEnumValueW
RegLoadKeyW
RegOpenKeyW
ControlService
QueryServiceConfig2W
OpenServiceW
OpenSCManagerW
GetServiceDisplayNameW
CloseServiceHandle
RegDeleteValueW
CryptDestroyHash
CryptHashData
CryptCreateHash
CryptGetHashParam
CryptReleaseContext
CryptAcquireContextW
RegQueryValueW
RegUnLoadKeyW
RegSetValueExW
RegQueryValueExW
RegQueryInfoKeyW
RegOpenKeyExW
CloseTrace
shell32
SHGetSpecialFolderLocation
SHGetMalloc
ShellExecuteW
SHBrowseForFolderW
Shell_NotifyIconW
SHGetPathFromIDListW
ShellExecuteExW
SHGetFolderPathW
SHGetFileInfoW
ole32
CoInitializeEx
CoCreateInstance
CoUninitialize
CoTaskMemFree
CoGetInterfaceAndReleaseStream
CoSetProxyBlanket
CoInitialize
CoMarshalInterThreadInterfaceInStream
oleaut32
SafeArrayGetElement
SysAllocStringLen
VariantCopy
SafeArrayUnaccessData
SafeArrayAccessData
SysAllocString
SysFreeString
SysStringLen
SysAllocStringByteLen
VariantInit
VariantClear
VariantChangeType
SafeArrayDestroy
SafeArrayGetUBound
SafeArrayGetLBound
winhttp
WinHttpSetOption
WinHttpQueryDataAvailable
WinHttpWriteData
WinHttpReadData
WinHttpConnect
WinHttpCloseHandle
WinHttpOpen
WinHttpSendRequest
WinHttpOpenRequest
WinHttpGetProxyForUrl
WinHttpQueryHeaders
WinHttpReceiveResponse
Sections
.text Size: 802KB - Virtual size: 801KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 201KB - Virtual size: 200KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 34KB - Virtual size: 171KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1.6MB - Virtual size: 1.6MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 49KB - Virtual size: 48KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
tox tweaking/niggers/servers.txt
-
tox tweaking/niggers/str.exe.exe windows:6 windows x64 arch:x64
51b4d6245ba673d7bc7bbd32358b03fc
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
D:\a\TimerResolution\TimerResolution\SetTimerResolution\x64\Release\SetTimerResolution.pdb
Imports
ntdll
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
NtQueryTimerResolution
NtSetTimerResolution
kernel32
GetModuleHandleW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
CreateToolhelp32Snapshot
Sleep
Process32NextW
Process32FirstW
CloseHandle
FreeConsole
LoadLibraryW
GetProcAddress
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
msvcp140
?_Xbad_function_call@std@@YAXXZ
?id@?$ctype@D@std@@2V0locale@2@A
?_Xlength_error@std@@YAXPEBD@Z
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z
?in_avail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JXZ
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAH@Z
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?pbase@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?_Xout_of_range@std@@YAXPEBD@Z
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@N@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?getloc@ios_base@std@@QEBA?AVlocale@2@XZ
?_Getcat@?$ctype@D@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Xbad_alloc@std@@YAXXZ
??Bid@locale@std@@QEAA_KXZ
?uncaught_exception@std@@YA_NXZ
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
??0_Lockit@std@@QEAA@H@Z
??1_Lockit@std@@QEAA@XZ
?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
vcruntime140_1
__CxxFrameHandler4
vcruntime140
memset
memmove
memcpy
_CxxThrowException
memcmp
memchr
__std_exception_destroy
__std_exception_copy
__C_specific_handler
__current_exception_context
__current_exception
_purecall
__std_terminate
api-ms-win-crt-heap-l1-1-0
_set_new_mode
free
_callnewh
malloc
api-ms-win-crt-string-l1-1-0
isspace
api-ms-win-crt-runtime-l1-1-0
_configure_narrow_argv
_initialize_onexit_table
_register_onexit_function
_crt_atexit
_c_exit
_cexit
_invalid_parameter_noinfo_noreturn
_initialize_narrow_environment
_register_thread_local_exe_atexit_callback
_get_initial_narrow_environment
__p___argv
terminate
_initterm
_seh_filter_exe
__p___argc
_initterm_e
_exit
exit
_set_app_type
api-ms-win-crt-math-l1-1-0
__setusermatherr
ceilf
api-ms-win-crt-stdio-l1-1-0
__p__commode
_set_fmode
api-ms-win-crt-locale-l1-1-0
_configthreadlocale
Sections
.text Size: 97KB - Virtual size: 97KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 28KB - Virtual size: 28KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 2KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 5KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 512B - Virtual size: 480B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1024B - Virtual size: 636B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
tox tweaking/niggers/version.txt
-
tox tweaking/readme.txt