03e7cb9e6bdcc56672d4f02c05669f5b8c64d3b90dc8a25bb3fb4e3de38f2aca[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

03e7cb9e6bdcc56672d4f02c05669f5b8c64d3b90dc8a25bb3fb4e3de38f2aca.zip
Size

7.2MB
MD5

cb30d40bd9b9ae3e5be41936dbc12f95
SHA1

629dee5a20174febe30615c580ef9cb866602be9
SHA256

03e7cb9e6bdcc56672d4f02c05669f5b8c64d3b90dc8a25bb3fb4e3de38f2aca
SHA512

e4dab3852f2912d157d8662b9b15bc1bd16e8df4b33acac2624ed50b0639bfd6d4a30ecd5ae6cef56bc74fd4edeb2884511cdc71ce55f2191679ddc04f551c3a
SSDEEP

196608:8ewTGsyWN7e5ianPqlwbH5OTeXZkJPLB14F0:8NN7IC450eJkJPdw0

Score

7^/10

agilenet

Malware Config

Signatures

Obfuscated with Agile.Net obfuscator 9 IoCs

Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.

agilenet

resource	yara_rule
static1/unpack001/clocktuner-ryzen-2-1/Bunifu.Core.dll	agile_net
static1/unpack001/clocktuner-ryzen-2-1/Bunifu.UI.WinForms.BunifuButton.dll	agile_net
static1/unpack001/clocktuner-ryzen-2-1/Bunifu.UI.WinForms.BunifuDropdown.dll	agile_net
static1/unpack001/clocktuner-ryzen-2-1/Bunifu.UI.WinForms.BunifuFormDock.dll	agile_net
static1/unpack001/clocktuner-ryzen-2-1/Bunifu.UI.WinForms.BunifuPages.dll	agile_net
static1/unpack001/clocktuner-ryzen-2-1/Bunifu.UI.WinForms.BunifuTextbox.dll	agile_net
static1/unpack001/clocktuner-ryzen-2-1/Bunifu.UI.WinForms.BunifuToolTip.dll	agile_net
static1/unpack001/clocktuner-ryzen-2-1/Bunifu.UI.WinForms.ToggleSwitch.dll	agile_net
static1/unpack001/clocktuner-ryzen-2-1/Bunifu_UI_v1.5.3.dll	agile_net

Unsigned PE 4 IoCs

Checks for missing Authenticode signature.

resource
unpack001/clocktuner-ryzen-2-1/CTR 2.1.exe
unpack001/clocktuner-ryzen-2-1/Microsoft.Win32.TaskScheduler.dll
unpack001/clocktuner-ryzen-2-1/libgmp-10.dll
unpack001/clocktuner-ryzen-2-1/libhwloc-15.dll

Files

03e7cb9e6bdcc56672d4f02c05669f5b8c64d3b90dc8a25bb3fb4e3de38f2aca.zip
.zip
clocktuner-ryzen-2-1/Bunifu.Core.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

02:ac:5c:26:6a:0b:40:9b:8f:0b:79:f2:ae:46:25:77
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2031, 00:00

Subject

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:e9:5f:ae:cd:be:04:c8:8a:3a:d1:15:e6:f7:dd:a2
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

26/02/2019, 00:00

Not After

04/03/2020, 12:00

Subject

SERIALNUMBER=CPR2014141232,CN=Bunifu Technologies\, LTD,O=Bunifu Technologies\, LTD,L=Kajiado County,C=KE,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13024b45

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2014, 00:00

Not After

22/10/2024, 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2021, 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:31:62:cf:25:5d:97:cf:cb:eb:32:12:b0:95:b2:93:41:32:2a:4f
Signer

Actual PE Digest

06:31:62:cf:25:5d:97:cf:cb:eb:32:12:b0:95:b2:93:41:32:2a:4f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\Willy\source\repos\bunifu\backup_branch\Obfuscation\1.5.4 _secured\Bunifu.Core.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
clocktuner-ryzen-2-1/Bunifu.UI.WinForms.BunifuButton.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

02:ac:5c:26:6a:0b:40:9b:8f:0b:79:f2:ae:46:25:77
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2031, 00:00

Subject

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:e9:5f:ae:cd:be:04:c8:8a:3a:d1:15:e6:f7:dd:a2
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

26/02/2019, 00:00

Not After

04/03/2020, 12:00

Subject

SERIALNUMBER=CPR2014141232,CN=Bunifu Technologies\, LTD,O=Bunifu Technologies\, LTD,L=Kajiado County,C=KE,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13024b45

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2014, 00:00

Not After

22/10/2024, 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2021, 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

d9:3d:cd:1a:f7:3c:b2:fa:cd:ac:82:92:c2:e1:cf:d7:b8:06:db:6c
Signer

Actual PE Digest

d9:3d:cd:1a:f7:3c:b2:fa:cd:ac:82:92:c2:e1:cf:d7:b8:06:db:6c

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\Willy\source\repos\bunifu\backup_branch\Obfuscation\1.5.4 _secured\Bunifu.UI.WinForms.BunifuButton.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
clocktuner-ryzen-2-1/Bunifu.UI.WinForms.BunifuDropdown.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

02:ac:5c:26:6a:0b:40:9b:8f:0b:79:f2:ae:46:25:77
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2031, 00:00

Subject

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:e9:5f:ae:cd:be:04:c8:8a:3a:d1:15:e6:f7:dd:a2
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

26/02/2019, 00:00

Not After

04/03/2020, 12:00

Subject

SERIALNUMBER=CPR2014141232,CN=Bunifu Technologies\, LTD,O=Bunifu Technologies\, LTD,L=Kajiado County,C=KE,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13024b45

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2014, 00:00

Not After

22/10/2024, 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2021, 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

77:69:c9:15:5c:15:8f:a9:df:65:de:92:8b:82:e9:1c:8c:b8:bb:fc
Signer

Actual PE Digest

77:69:c9:15:5c:15:8f:a9:df:65:de:92:8b:82:e9:1c:8c:b8:bb:fc

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\Willy\source\repos\bunifu\backup_branch\Obfuscation\1.5.4 _secured\Bunifu.UI.WinForms.BunifuDropdown.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
clocktuner-ryzen-2-1/Bunifu.UI.WinForms.BunifuFormDock.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

02:ac:5c:26:6a:0b:40:9b:8f:0b:79:f2:ae:46:25:77
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2031, 00:00

Subject

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:e9:5f:ae:cd:be:04:c8:8a:3a:d1:15:e6:f7:dd:a2
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

26/02/2019, 00:00

Not After

04/03/2020, 12:00

Subject

SERIALNUMBER=CPR2014141232,CN=Bunifu Technologies\, LTD,O=Bunifu Technologies\, LTD,L=Kajiado County,C=KE,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13024b45

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2014, 00:00

Not After

22/10/2024, 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2021, 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

da:45:26:79:f1:04:b7:89:b4:8f:34:04:58:72:8b:a1:63:ee:3f:c3
Signer

Actual PE Digest

da:45:26:79:f1:04:b7:89:b4:8f:34:04:58:72:8b:a1:63:ee:3f:c3

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\Willy\source\repos\bunifu\backup_branch\Obfuscation\1.5.4 _secured\Bunifu.UI.WinForms.BunifuFormDock.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 156KB - Virtual size: 155KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
clocktuner-ryzen-2-1/Bunifu.UI.WinForms.BunifuPages.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

02:ac:5c:26:6a:0b:40:9b:8f:0b:79:f2:ae:46:25:77
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2031, 00:00

Subject

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:e9:5f:ae:cd:be:04:c8:8a:3a:d1:15:e6:f7:dd:a2
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

26/02/2019, 00:00

Not After

04/03/2020, 12:00

Subject

SERIALNUMBER=CPR2014141232,CN=Bunifu Technologies\, LTD,O=Bunifu Technologies\, LTD,L=Kajiado County,C=KE,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13024b45

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2014, 00:00

Not After

22/10/2024, 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2021, 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:a6:70:86:5e:ce:7d:23:86:b1:a9:56:56:3a:ba:41:18:8f:18:fb
Signer

Actual PE Digest

0c:a6:70:86:5e:ce:7d:23:86:b1:a9:56:56:3a:ba:41:18:8f:18:fb

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\Willy\source\repos\bunifu\backup_branch\Obfuscation\1.5.4 _secured\Bunifu.UI.WinForms.BunifuPages.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 776B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
clocktuner-ryzen-2-1/Bunifu.UI.WinForms.BunifuTextbox.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

02:ac:5c:26:6a:0b:40:9b:8f:0b:79:f2:ae:46:25:77
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2031, 00:00

Subject

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:e9:5f:ae:cd:be:04:c8:8a:3a:d1:15:e6:f7:dd:a2
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

26/02/2019, 00:00

Not After

04/03/2020, 12:00

Subject

SERIALNUMBER=CPR2014141232,CN=Bunifu Technologies\, LTD,O=Bunifu Technologies\, LTD,L=Kajiado County,C=KE,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13024b45

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2014, 00:00

Not After

22/10/2024, 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2021, 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

54:c1:5b:a5:8c:90:59:e6:65:6f:b1:38:9c:a0:04:f5:48:dc:46:c4
Signer

Actual PE Digest

54:c1:5b:a5:8c:90:59:e6:65:6f:b1:38:9c:a0:04:f5:48:dc:46:c4

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\Willy\source\repos\bunifu\backup_branch\Obfuscation\1.5.4 _secured\Bunifu.UI.WinForms.BunifuTextbox.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 115KB - Virtual size: 115KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
clocktuner-ryzen-2-1/Bunifu.UI.WinForms.BunifuToolTip.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

02:ac:5c:26:6a:0b:40:9b:8f:0b:79:f2:ae:46:25:77
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2031, 00:00

Subject

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:e9:5f:ae:cd:be:04:c8:8a:3a:d1:15:e6:f7:dd:a2
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

26/02/2019, 00:00

Not After

04/03/2020, 12:00

Subject

SERIALNUMBER=CPR2014141232,CN=Bunifu Technologies\, LTD,O=Bunifu Technologies\, LTD,L=Kajiado County,C=KE,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13024b45

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2014, 00:00

Not After

22/10/2024, 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2021, 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

be:f2:d5:05:1d:56:28:57:f8:33:17:32:ac:76:db:72:03:88:b6:63
Signer

Actual PE Digest

be:f2:d5:05:1d:56:28:57:f8:33:17:32:ac:76:db:72:03:88:b6:63

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\Willy\source\repos\bunifu\backup_branch\Obfuscation\1.5.4 _secured\Bunifu.UI.WinForms.BunifuToolTip.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 718KB - Virtual size: 717KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
clocktuner-ryzen-2-1/Bunifu.UI.WinForms.ToggleSwitch.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

02:ac:5c:26:6a:0b:40:9b:8f:0b:79:f2:ae:46:25:77
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2031, 00:00

Subject

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:e9:5f:ae:cd:be:04:c8:8a:3a:d1:15:e6:f7:dd:a2
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

26/02/2019, 00:00

Not After

04/03/2020, 12:00

Subject

SERIALNUMBER=CPR2014141232,CN=Bunifu Technologies\, LTD,O=Bunifu Technologies\, LTD,L=Kajiado County,C=KE,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13024b45

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2014, 00:00

Not After

22/10/2024, 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2021, 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

8c:a8:fa:61:d2:87:4e:85:2e:d3:9d:73:55:d4:a3:64:39:f4:4d:ca
Signer

Actual PE Digest

8c:a8:fa:61:d2:87:4e:85:2e:d3:9d:73:55:d4:a3:64:39:f4:4d:ca

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\Willy\source\repos\bunifu\backup_branch\Obfuscation\1.5.4 _secured\Bunifu.UI.WinForms.ToggleSwitch.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
clocktuner-ryzen-2-1/Bunifu_UI_v1.5.3.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

02:ac:5c:26:6a:0b:40:9b:8f:0b:79:f2:ae:46:25:77
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2031, 00:00

Subject

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:e9:5f:ae:cd:be:04:c8:8a:3a:d1:15:e6:f7:dd:a2
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

26/02/2019, 00:00

Not After

04/03/2020, 12:00

Subject

SERIALNUMBER=CPR2014141232,CN=Bunifu Technologies\, LTD,O=Bunifu Technologies\, LTD,L=Kajiado County,C=KE,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13024b45

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2014, 00:00

Not After

22/10/2024, 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2021, 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

02:ec:33:5b:71:29:f6:d0:31:1b:d3:4b:4d:90:a0:73:a1:e8:f6:fb
Signer

Actual PE Digest

02:ec:33:5b:71:29:f6:d0:31:1b:d3:4b:4d:90:a0:73:a1:e8:f6:fb

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\coding\UI\bunifu-framework-winforms-repo\Obfuscation\1.5.4 - secured\Bunifu_UI_v1.5.3.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 379KB - Virtual size: 379KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
clocktuner-ryzen-2-1/CTR 2.1-0.bin
clocktuner-ryzen-2-1/CTR 2.1-1.bin
clocktuner-ryzen-2-1/CTR 2.1.exe
.exe windows:6 windows x86 arch:x86

9825b4c9a35eb9a5c5e347cb9ca988ee

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

mpr

WNetEnumResourceW
WNetGetUniversalNameW
WNetGetConnectionW
WNetCloseEnum
WNetOpenEnumW

comdlg32

GetSaveFileNameW
GetOpenFileNameW

comctl32

FlatSB_SetScrollInfo
InitCommonControls
ImageList_DragMove
ImageList_Destroy
_TrackMouseEvent
ImageList_DragShowNolock
ImageList_Add
FlatSB_SetScrollProp
ImageList_GetDragImage
ImageList_Create
ImageList_EndDrag
ImageList_DrawEx
ImageList_SetImageCount
FlatSB_GetScrollPos
FlatSB_SetScrollPos
InitializeFlatSB
FlatSB_GetScrollInfo
ImageList_Write
ImageList_SetBkColor
ImageList_GetBkColor
ImageList_BeginDrag
ImageList_GetIcon
ImageList_GetImageCount
ImageList_DragEnter
ImageList_GetIconSize
ImageList_SetIconSize
ImageList_Read
ImageList_DragLeave
ImageList_Draw
ImageList_Remove

shell32

SHBrowseForFolderW
SHGetMalloc
SHGetFileInfoW
SHChangeNotify
Shell_NotifyIconW
ShellExecuteW
SHGetPathFromIDListW
ShellExecuteExW

user32

CopyImage
CreateWindowExW
GetMenuItemInfoW
SetMenuItemInfoW
DefFrameProcW
GetDCEx
GetMessageW
PeekMessageW
MonitorFromWindow
GetDlgCtrlID
ScrollWindowEx
SetTimer
WindowFromPoint
BeginPaint
RegisterClipboardFormatW
FrameRect
MapVirtualKeyW
OffsetRect
IsWindowUnicode
RegisterWindowMessageW
FillRect
GetMenuStringW
DispatchMessageW
SendMessageA
DefMDIChildProcW
EnumWindows
GetClassInfoW
GetSystemMenu
WaitForInputIdle
ShowOwnedPopups
GetScrollRange
GetScrollPos
SetScrollPos
GetActiveWindow
SetActiveWindow
DrawEdge
InflateRect
GetKeyboardLayoutList
OemToCharBuffA
LoadBitmapW
DrawFocusRect
EnumChildWindows
GetScrollBarInfo
SendNotifyMessageW
ReleaseCapture
UnhookWindowsHookEx
LoadCursorW
GetCapture
SetCapture
CreatePopupMenu
ScrollWindow
ShowCaret
GetMenuItemID
GetLastActivePopup
CharLowerBuffW
GetSystemMetrics
SetWindowLongW
PostMessageW
DrawMenuBar
SetParent
IsZoomed
CharUpperBuffW
GetClientRect
IsChild
ClientToScreen
SetWindowPlacement
IsIconic
CallNextHookEx
GetMonitorInfoW
ShowWindow
CheckMenuItem
CharUpperW
DefWindowProcW
GetForegroundWindow
SetForegroundWindow
GetWindowTextW
EnableWindow
DestroyWindow
IsDialogMessageW
EndMenu
RegisterClassW
CharNextW
GetWindowThreadProcessId
RedrawWindow
GetDC
GetFocus
SetFocus
EndPaint
ExitWindowsEx
ReleaseDC
MsgWaitForMultipleObjectsEx
LoadKeyboardLayoutW
GetClassLongW
ActivateKeyboardLayout
GetParent
CharToOemBuffA
DrawTextW
SetScrollRange
InsertMenuItemW
PeekMessageA
GetPropW
SetClassLongW
MessageBoxW
MessageBeep
SetPropW
SetRectEmpty
UpdateWindow
RemovePropW
GetSubMenu
MsgWaitForMultipleObjects
DestroyMenu
DestroyIcon
SetWindowsHookExW
IsWindowVisible
DispatchMessageA
UnregisterClassW
GetTopWindow
SendMessageW
AdjustWindowRectEx
DrawIcon
IsWindow
EnumThreadWindows
InvalidateRect
GetKeyboardState
DrawFrameControl
ScreenToClient
SendMessageTimeoutW
BringWindowToTop
SetCursor
CreateIcon
CreateMenu
LoadStringW
CharLowerW
SetWindowPos
SetWindowRgn
GetMenuItemCount
RemoveMenu
AppendMenuW
GetSysColorBrush
GetKeyboardLayoutNameW
GetWindowDC
TranslateMessage
DrawTextExW
MapWindowPoints
EnumDisplayMonitors
CallWindowProcW
DestroyCursor
ReplyMessage
GetScrollInfo
SetWindowTextW
GetMessageExtraInfo
EnableScrollBar
GetSysColor
TrackPopupMenu
DrawIconEx
PostQuitMessage
GetClassNameW
ShowScrollBar
EnableMenuItem
GetIconInfo
GetMessagePos
LoadImageW
SetScrollInfo
GetKeyNameTextW
GetDesktopWindow
GetCursorPos
SetCursorPos
HideCaret
GetMenu
GetMenuState
SetMenu
SetRect
GetKeyState
FindWindowExW
MonitorFromPoint
SystemParametersInfoW
LoadIconW
GetCursor
GetWindow
GetWindowLongW
GetWindowRect
InsertMenuW
KillTimer
WaitMessage
IsWindowEnabled
IsDialogMessageA
TranslateMDISysAccel
GetWindowPlacement
FindWindowW
DeleteMenu
GetKeyboardLayout

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

oleaut32

SafeArrayPutElement
LoadTypeLib
GetErrorInfo
VariantInit
VariantClear
SysFreeString
SysReAllocStringLen
SafeArrayCreate
SafeArrayGetElement
GetActiveObject
SysAllocStringLen
SafeArrayPtrOfIndex
SafeArrayGetUBound
SafeArrayGetLBound
VariantCopy
RegisterTypeLib
VariantChangeType
VariantCopyInd

advapi32

RegSetValueExW
RegEnumKeyExW
AdjustTokenPrivileges
OpenThreadToken
GetUserNameW
RegDeleteKeyW
LookupPrivilegeValueW
OpenProcessToken
RegOpenKeyExW
RegQueryInfoKeyW
AllocateAndInitializeSid
FreeSid
EqualSid
RegDeleteValueW
RegFlushKey
RegQueryValueExW
RegEnumValueW
GetTokenInformation
InitializeSecurityDescriptor
RegCloseKey
RegCreateKeyExW
SetSecurityDescriptorDacl

netapi32

NetWkstaGetInfo
NetApiBufferFree

msvcrt

memcpy

winhttp

WinHttpGetIEProxyConfigForCurrentUser
WinHttpSetTimeouts
WinHttpSetStatusCallback
WinHttpConnect
WinHttpReceiveResponse
WinHttpQueryAuthSchemes
WinHttpGetProxyForUrl
WinHttpReadData
WinHttpCloseHandle
WinHttpQueryHeaders
WinHttpOpenRequest
WinHttpAddRequestHeaders
WinHttpOpen
WinHttpWriteData
WinHttpSetCredentials
WinHttpQueryDataAvailable
WinHttpSetOption
WinHttpSendRequest
WinHttpQueryOption

kernel32

SetFileAttributesW
SetFileTime
GetACP
GetExitCodeProcess
IsBadWritePtr
CloseHandle
LocalFree
GetCurrentProcessId
SizeofResource
VirtualProtect
TerminateThread
QueryPerformanceFrequency
IsDebuggerPresent
FindNextFileW
GetFullPathNameW
VirtualFree
HeapAlloc
ExitProcess
WriteProfileStringW
GetCPInfoExW
RtlUnwind
GetCPInfo
GetStdHandle
GetTimeZoneInformation
FileTimeToLocalFileTime
GetModuleHandleW
FreeLibrary
HeapDestroy
CompareFileTime
ReadFile
CreateProcessW
TransactNamedPipe
GetLastError
GetModuleFileNameW
SetLastError
FindResourceW
OpenMutexW
CreateThread
CompareStringW
CopyFileW
CreateMutexW
LoadLibraryA
ResetEvent
MulDiv
FreeResource
GetDriveTypeW
GetVersion
RaiseException
MoveFileW
GlobalAddAtomW
GetSystemTimeAsFileTime
FormatMessageW
OpenProcess
SwitchToThread
GetExitCodeThread
OutputDebugStringW
GetCurrentThread
GetLogicalDrives
LocalFileTimeToFileTime
SetNamedPipeHandleState
LoadLibraryExW
TerminateProcess
LockResource
FileTimeToSystemTime
GetShortPathNameW
GetCurrentThreadId
UnhandledExceptionFilter
MoveFileExW
GlobalFindAtomW
VirtualQuery
GlobalFree
VirtualQueryEx
Sleep
EnterCriticalSection
SetFilePointer
ReleaseMutex
FlushFileBuffers
LoadResource
SuspendThread
GetTickCount
WritePrivateProfileStringW
GetFileSize
GlobalDeleteAtom
GetStartupInfoW
GetFileAttributesW
GetCurrentDirectoryW
SetCurrentDirectoryW
InitializeCriticalSection
GetThreadPriority
GetCurrentProcess
SetThreadPriority
VirtualAlloc
GetSystemInfo
GetCommandLineW
LeaveCriticalSection
GetProcAddress
ResumeThread
GetVersionExW
VerifyVersionInfoW
HeapCreate
GetWindowsDirectoryW
DeviceIoControl
LCMapStringW
GetDiskFreeSpaceW
VerSetConditionMask
FindFirstFileW
GetUserDefaultUILanguage
lstrlenW
QueryPerformanceCounter
SetEndOfFile
lstrcmpW
HeapFree
WideCharToMultiByte
FindClose
MultiByteToWideChar
LoadLibraryW
SetEvent
CreateFileW
GetLocaleInfoW
GetSystemDirectoryW
DeleteFileW
GetEnvironmentVariableW
GetLocalTime
WaitForSingleObject
WriteFile
CreateNamedPipeW
ExitThread
DeleteCriticalSection
GetDateFormatW
TlsGetValue
SetErrorMode
GetComputerNameW
IsValidLocale
TlsSetValue
CreateDirectoryW
GetOverlappedResult
GetSystemDefaultUILanguage
EnumCalendarInfoW
GetProfileStringW
LocalAlloc
GetUserDefaultLangID
RemoveDirectoryW
IsDBCSLeadByte
CreateEventW
GetPrivateProfileStringW
WaitForMultipleObjectsEx
GetThreadLocale
SetThreadLocale

ole32

StgCreateDocfileOnILockBytes
CoCreateInstance
CLSIDFromString
CoUninitialize
IsEqualGUID
OleInitialize
CoFreeUnusedLibraries
CreateILockBytesOnHGlobal
CLSIDFromProgID
OleUninitialize
CoDisconnectObject
CoInitialize
CoTaskMemFree
CoTaskMemAlloc
StringFromCLSID

gdi32

Arc
Pie
SetBkMode
SelectPalette
CreateCompatibleBitmap
ExcludeClipRect
RectVisible
SetWindowOrgEx
MaskBlt
AngleArc
Chord
SetTextColor
StretchBlt
SetDIBits
SetViewportOrgEx
CreateRectRgn
RealizePalette
SetDIBColorTable
GetDIBColorTable
RoundRect
RestoreDC
SetRectRgn
GetTextMetricsW
RemoveFontResourceW
GetWindowOrgEx
CreatePalette
CreateBrushIndirect
PatBlt
LineDDA
PolyBezierTo
GetStockObject
CreateSolidBrush
Polygon
Rectangle
MoveToEx
DeleteDC
SaveDC
BitBlt
Ellipse
FrameRgn
GetDeviceCaps
GetBitmapBits
GetTextExtentPoint32W
GetClipBox
Polyline
IntersectClipRect
GetSystemPaletteEntries
CreateBitmap
AddFontResourceW
CreateDIBitmap
GetStretchBltMode
CreateDIBSection
CreatePenIndirect
SetStretchBltMode
GetDIBits
CreateFontIndirectW
PolyBezier
LineTo
GetRgnBox
EnumFontsW
CreateHalftonePalette
DeleteObject
SelectObject
ExtFloodFill
UnrealizeObject
SetBkColor
CreateCompatibleDC
GetObjectW
GetBrushOrgEx
GetCurrentPositionEx
SetROP2
GetTextExtentPointW
ExtTextOutW
SetBrushOrgEx
GetPixel
ArcTo
GdiFlush
SetPixel
EnumFontFamiliesExW
GetPaletteEntries

Exports

Exports

TMethodImplementationIntercept
__dbk_fcall_wrapper
dbkFCallWrapperAddr

Sections

.text
Size: 2.8MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 30KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 151B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: - Virtual size: 76B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 93B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 171KB - Virtual size: 171KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
clocktuner-ryzen-2-1/CTR 2.1.exe.config
clocktuner-ryzen-2-1/Microsoft.Win32.TaskScheduler.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\dahall\Documents\GitHubRepos\TaskScheduler\TaskService\obj\Release\net452\Microsoft.Win32.TaskScheduler.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 323KB - Virtual size: 323KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
clocktuner-ryzen-2-1/libgmp-10.dll
.dll windows:4 windows x64 arch:x64

0367c23aafa70f57dd31e90949ad6d88

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
LeaveCriticalSection
QueryPerformanceCounter
RtlAddFunctionTable
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery

msvcrt

__iob_func
_amsg_exit
_initterm
_lock
_unlock
abort
calloc
ferror
fgetc
fprintf
fputc
fread
free
fscanf
fwrite
getc
islower
isspace
isxdigit
localeconv
malloc
memcpy
memmove
memset
printf
putc
putchar
puts
raise
realloc
signal
sprintf
sscanf
strchr
strlen
strncmp
strstr
strtol
ungetc
vfprintf
vsprintf

Exports

Exports

__gmp_0
__gmp_allocate_func
__gmp_asprintf
__gmp_asprintf_final
__gmp_asprintf_funs
__gmp_asprintf_memory
__gmp_asprintf_reps
__gmp_assert_fail
__gmp_assert_header
__gmp_binvert_limb_table
__gmp_bits_per_limb
__gmp_default_allocate
__gmp_default_fp_limb_precision
__gmp_default_free
__gmp_default_reallocate
__gmp_digit_value_tab
__gmp_divide_by_zero
__gmp_doprnt
__gmp_doprnt_integer
__gmp_doprnt_mpf2
__gmp_doscan
__gmp_errno
__gmp_exception
__gmp_extract_double
__gmp_fac2cnt_table
__gmp_fib_table
__gmp_fprintf
__gmp_fprintf_funs
__gmp_free_func
__gmp_fscanf
__gmp_fscanf_funs
__gmp_get_memory_functions
__gmp_init_primesieve
__gmp_invalid_operation
__gmp_jacobi_table
__gmp_junk
__gmp_limbroots_table
__gmp_mt_recalc_buffer
__gmp_nextprime
__gmp_odd2fac_table
__gmp_oddfac_table
__gmp_primesieve
__gmp_printf
__gmp_randclear
__gmp_randclear_mt
__gmp_randget_mt
__gmp_randinit
__gmp_randinit_default
__gmp_randinit_lc_2exp
__gmp_randinit_lc_2exp_size
__gmp_randinit_mt
__gmp_randinit_mt_noseed
__gmp_randinit_set
__gmp_randiset_mt
__gmp_rands
__gmp_rands_initialized
__gmp_randseed
__gmp_randseed_ui
__gmp_reallocate_func
__gmp_replacement_vsnprintf
__gmp_scanf
__gmp_set_memory_functions
__gmp_snprintf
__gmp_snprintf_funs
__gmp_sprintf
__gmp_sprintf_funs
__gmp_sqrt_of_negative
__gmp_sscanf
__gmp_sscanf_funs
__gmp_tmp_reentrant_alloc
__gmp_tmp_reentrant_free
__gmp_urandomb_ui
__gmp_urandomm_ui
__gmp_vasprintf
__gmp_version
__gmp_vfprintf
__gmp_vfscanf
__gmp_vprintf
__gmp_vscanf
__gmp_vsnprintf
__gmp_vsprintf
__gmp_vsscanf
__gmpf_abs
__gmpf_add
__gmpf_add_ui
__gmpf_ceil
__gmpf_clear
__gmpf_clears
__gmpf_cmp
__gmpf_cmp_d
__gmpf_cmp_si
__gmpf_cmp_ui
__gmpf_cmp_z
__gmpf_div
__gmpf_div_2exp
__gmpf_div_ui
__gmpf_dump
__gmpf_eq
__gmpf_fits_sint_p
__gmpf_fits_slong_p
__gmpf_fits_sshort_p
__gmpf_fits_uint_p
__gmpf_fits_ulong_p
__gmpf_fits_ushort_p
__gmpf_floor
__gmpf_get_d
__gmpf_get_d_2exp
__gmpf_get_default_prec
__gmpf_get_prec
__gmpf_get_si
__gmpf_get_str
__gmpf_get_ui
__gmpf_init
__gmpf_init2
__gmpf_init_set
__gmpf_init_set_d
__gmpf_init_set_si
__gmpf_init_set_str
__gmpf_init_set_ui
__gmpf_inits
__gmpf_inp_str
__gmpf_integer_p
__gmpf_mul
__gmpf_mul_2exp
__gmpf_mul_ui
__gmpf_neg
__gmpf_out_str
__gmpf_pow_ui
__gmpf_random2
__gmpf_reldiff
__gmpf_set
__gmpf_set_d
__gmpf_set_default_prec
__gmpf_set_prec
__gmpf_set_prec_raw
__gmpf_set_q
__gmpf_set_si
__gmpf_set_str
__gmpf_set_ui
__gmpf_set_z
__gmpf_size
__gmpf_sqrt
__gmpf_sqrt_ui
__gmpf_sub
__gmpf_sub_ui
__gmpf_swap
__gmpf_trunc
__gmpf_ui_div
__gmpf_ui_sub
__gmpf_urandomb
__gmpn_add
__gmpn_add_1
__gmpn_add_err1_n
__gmpn_add_err2_n
__gmpn_add_err3_n
__gmpn_add_n
__gmpn_add_n_atom
__gmpn_add_n_bobcat
__gmpn_add_n_core2
__gmpn_add_n_coreisbr
__gmpn_add_n_init
__gmpn_add_n_pentium4
__gmpn_add_n_sub_n
__gmpn_add_n_x86_64
__gmpn_add_nc_atom
__gmpn_add_nc_bobcat
__gmpn_add_nc_core2
__gmpn_add_nc_coreisbr
__gmpn_add_nc_pentium4
__gmpn_add_nc_x86_64
__gmpn_addlsh1_n
__gmpn_addlsh1_n_atom
__gmpn_addlsh1_n_bd1
__gmpn_addlsh1_n_core2
__gmpn_addlsh1_n_coreisbr
__gmpn_addlsh1_n_init
__gmpn_addlsh1_n_pentium4
__gmpn_addlsh1_n_x86_64
__gmpn_addlsh1_nc_atom
__gmpn_addlsh1_nc_bd1
__gmpn_addlsh1_nc_coreisbr
__gmpn_addlsh2_n
__gmpn_addlsh2_n_atom
__gmpn_addlsh2_n_core2
__gmpn_addlsh2_n_coreisbr
__gmpn_addlsh2_n_init
__gmpn_addlsh2_n_pentium4
__gmpn_addlsh2_n_x86_64
__gmpn_addlsh2_nc_coreisbr
__gmpn_addlsh_n
__gmpn_addmul_1
__gmpn_addmul_1_atom
__gmpn_addmul_1_bd1
__gmpn_addmul_1_bobcat
__gmpn_addmul_1_core2
__gmpn_addmul_1_coreihwl
__gmpn_addmul_1_coreinhm
__gmpn_addmul_1_coreisbr
__gmpn_addmul_1_init
__gmpn_addmul_1_x86_64
__gmpn_addmul_1c_core2
__gmpn_addmul_2
__gmpn_addmul_2_atom
__gmpn_addmul_2_coreihwl
__gmpn_addmul_2_coreisbr
__gmpn_addmul_2_init
__gmpn_addmul_2_x86_64
__gmpn_and_n
__gmpn_andn_n
__gmpn_bases
__gmpn_bc_mulmod_bnm1
__gmpn_bc_set_str
__gmpn_bdiv_dbm1c
__gmpn_bdiv_dbm1c_init
__gmpn_bdiv_dbm1c_x86_64
__gmpn_bdiv_q
__gmpn_bdiv_q_1
__gmpn_bdiv_q_itch
__gmpn_bdiv_qr
__gmpn_bdiv_qr_itch
__gmpn_binvert
__gmpn_binvert_itch
__gmpn_broot
__gmpn_broot_invm1
__gmpn_brootinv
__gmpn_bsqrt
__gmpn_bsqrtinv
__gmpn_cmp
__gmpn_cnd_add_n
__gmpn_cnd_add_n_init
__gmpn_cnd_add_n_x86_64
__gmpn_cnd_sub_n
__gmpn_cnd_sub_n_init
__gmpn_cnd_sub_n_x86_64
__gmpn_cnd_swap
__gmpn_com
__gmpn_com_atom
__gmpn_com_bd1
__gmpn_com_init
__gmpn_com_x86_64
__gmpn_copyd
__gmpn_copyd_atom
__gmpn_copyd_bd1
__gmpn_copyd_bobcat
__gmpn_copyd_core2
__gmpn_copyd_init
__gmpn_copyd_nano
__gmpn_copyd_x86_64
__gmpn_copyi
__gmpn_copyi_atom
__gmpn_copyi_bd1
__gmpn_copyi_bobcat
__gmpn_copyi_core2
__gmpn_copyi_init
__gmpn_copyi_nano
__gmpn_copyi_x86_64
__gmpn_cpuid
__gmpn_cpuvec
__gmpn_cpuvec_init
__gmpn_cpuvec_initialized
__gmpn_dc_set_str
__gmpn_dcpi1_bdiv_q
__gmpn_dcpi1_bdiv_q_n
__gmpn_dcpi1_bdiv_q_n_itch
__gmpn_dcpi1_bdiv_qr
__gmpn_dcpi1_bdiv_qr_n
__gmpn_dcpi1_bdiv_qr_n_itch
__gmpn_dcpi1_div_q
__gmpn_dcpi1_div_qr
__gmpn_dcpi1_div_qr_n
__gmpn_dcpi1_divappr_q
__gmpn_dcpi1_divappr_q_n
__gmpn_div_q
__gmpn_div_qr_1
__gmpn_div_qr_1n_pi1
__gmpn_div_qr_2
__gmpn_div_qr_2n_pi1
__gmpn_div_qr_2u_pi1
__gmpn_divexact
__gmpn_divexact_1
__gmpn_divexact_1_atom
__gmpn_divexact_1_init
__gmpn_divexact_1_nano
__gmpn_divexact_1_x86_64
__gmpn_divexact_by3
__gmpn_divexact_by3c
__gmpn_divisible_p
__gmpn_divmod_1
__gmpn_divrem
__gmpn_divrem_1
__gmpn_divrem_1_core2
__gmpn_divrem_1_coreisbr
__gmpn_divrem_1_init
__gmpn_divrem_1_x86_64
__gmpn_divrem_2
__gmpn_dump
__gmpn_fft_best_k
__gmpn_fft_next_size
__gmpn_fib2_ui
__gmpn_gcd
__gmpn_gcd_1
__gmpn_gcd_1_bd1
__gmpn_gcd_1_core2
__gmpn_gcd_1_init
__gmpn_gcd_1_k10
__gmpn_gcd_1_nano
__gmpn_gcd_1_x86_64
__gmpn_gcd_subdiv_step
__gmpn_gcdext
__gmpn_gcdext_1
__gmpn_gcdext_hook
__gmpn_gcdext_lehmer_n
__gmpn_get_d
__gmpn_get_str
__gmpn_hamdist
__gmpn_hgcd
__gmpn_hgcd2
__gmpn_hgcd2_jacobi
__gmpn_hgcd_appr
__gmpn_hgcd_appr_itch
__gmpn_hgcd_itch
__gmpn_hgcd_jacobi
__gmpn_hgcd_matrix_adjust
__gmpn_hgcd_matrix_init
__gmpn_hgcd_matrix_mul
__gmpn_hgcd_matrix_mul_1
__gmpn_hgcd_matrix_update_q
__gmpn_hgcd_mul_matrix1_vector
__gmpn_hgcd_reduce
__gmpn_hgcd_reduce_itch
__gmpn_hgcd_step
__gmpn_invert
__gmpn_invert_limb
__gmpn_invert_limb_table
__gmpn_invertappr
__gmpn_ior_n
__gmpn_iorn_n
__gmpn_jacobi_2
__gmpn_jacobi_base
__gmpn_jacobi_n
__gmpn_lshift
__gmpn_lshift_atom
__gmpn_lshift_core2
__gmpn_lshift_coreisbr
__gmpn_lshift_init
__gmpn_lshift_k10
__gmpn_lshift_pentium4
__gmpn_lshift_x86_64
__gmpn_lshiftc
__gmpn_lshiftc_atom
__gmpn_lshiftc_core2
__gmpn_lshiftc_coreisbr
__gmpn_lshiftc_init
__gmpn_lshiftc_k10
__gmpn_lshiftc_pentium4
__gmpn_lshiftc_x86_64
__gmpn_matrix22_mul
__gmpn_matrix22_mul1_inverse_vector
__gmpn_matrix22_mul_itch
__gmpn_matrix22_mul_strassen
__gmpn_mod_1
__gmpn_mod_1_1p
__gmpn_mod_1_1p_cps
__gmpn_mod_1_1p_cps_init
__gmpn_mod_1_1p_cps_x86_64
__gmpn_mod_1_1p_init
__gmpn_mod_1_1p_x86_64
__gmpn_mod_1_fat
__gmpn_mod_1_init
__gmpn_mod_1s_2p
__gmpn_mod_1s_2p_cps
__gmpn_mod_1s_2p_cps_init
__gmpn_mod_1s_2p_cps_x86_64
__gmpn_mod_1s_2p_init
__gmpn_mod_1s_2p_x86_64
__gmpn_mod_1s_3p
__gmpn_mod_1s_3p_cps
__gmpn_mod_1s_4p
__gmpn_mod_1s_4p_cps
__gmpn_mod_1s_4p_cps_init
__gmpn_mod_1s_4p_cps_x86_64
__gmpn_mod_1s_4p_init
__gmpn_mod_1s_4p_x86_64
__gmpn_mod_34lsub1
__gmpn_mod_34lsub1_init
__gmpn_mod_34lsub1_pentium4
__gmpn_mod_34lsub1_x86_64
__gmpn_modexact_1_odd_x86_64
__gmpn_modexact_1c_odd
__gmpn_modexact_1c_odd_init
__gmpn_modexact_1c_odd_x86_64
__gmpn_mu_bdiv_q
__gmpn_mu_bdiv_q_itch
__gmpn_mu_bdiv_qr
__gmpn_mu_bdiv_qr_itch
__gmpn_mu_div_q
__gmpn_mu_div_q_itch
__gmpn_mu_div_qr
__gmpn_mu_div_qr_choose_in
__gmpn_mu_div_qr_itch
__gmpn_mu_divappr_q
__gmpn_mu_divappr_q_choose_in
__gmpn_mu_divappr_q_itch
__gmpn_mul
__gmpn_mul_1
__gmpn_mul_1_atom
__gmpn_mul_1_bd1
__gmpn_mul_1_bobcat
__gmpn_mul_1_coreihwl
__gmpn_mul_1_coreisbr
__gmpn_mul_1_init
__gmpn_mul_1_x86_64
__gmpn_mul_1c_atom
__gmpn_mul_1c_bd1
__gmpn_mul_1c_bobcat
__gmpn_mul_1c_x86_64
__gmpn_mul_2
__gmpn_mul_basecase
__gmpn_mul_basecase_bd1
__gmpn_mul_basecase_bobcat
__gmpn_mul_basecase_core2
__gmpn_mul_basecase_coreibwl
__gmpn_mul_basecase_coreihwl
__gmpn_mul_basecase_coreisbr
__gmpn_mul_basecase_fat
__gmpn_mul_basecase_init
__gmpn_mul_basecase_k8
__gmpn_mul_fft
__gmpn_mul_n
__gmpn_mullo_basecase
__gmpn_mullo_basecase_core2
__gmpn_mullo_basecase_coreihwl
__gmpn_mullo_basecase_coreisbr
__gmpn_mullo_basecase_fat
__gmpn_mullo_basecase_init
__gmpn_mullo_basecase_k8
__gmpn_mullo_n
__gmpn_mulmid
__gmpn_mulmid_basecase
__gmpn_mulmid_n
__gmpn_mulmod_bnm1
__gmpn_mulmod_bnm1_next_size
__gmpn_nand_n
__gmpn_neg
__gmpn_ni_invertappr
__gmpn_nior_n
__gmpn_nussbaumer_mul
__gmpn_perfect_power_p
__gmpn_perfect_square_p
__gmpn_pi1_bdiv_q_1
__gmpn_popcount
__gmpn_pow_1
__gmpn_powlo
__gmpn_powm
__gmpn_preinv_divrem_1
__gmpn_preinv_divrem_1_core2
__gmpn_preinv_divrem_1_coreisbr
__gmpn_preinv_divrem_1_init
__gmpn_preinv_divrem_1_x86_64
__gmpn_preinv_mod_1
__gmpn_preinv_mod_1_init
__gmpn_preinv_mu_div_qr
__gmpn_preinv_mu_div_qr_itch
__gmpn_preinv_mu_divappr_q
__gmpn_random
__gmpn_random2
__gmpn_redc_1
__gmpn_redc_1_atom
__gmpn_redc_1_bobcat
__gmpn_redc_1_core2
__gmpn_redc_1_coreihwl
__gmpn_redc_1_coreinhm
__gmpn_redc_1_coreisbr
__gmpn_redc_1_fat
__gmpn_redc_1_init
__gmpn_redc_1_k8
__gmpn_redc_2
__gmpn_redc_2_fat
__gmpn_redc_2_init
__gmpn_redc_n
__gmpn_remove
__gmpn_rootrem
__gmpn_rsblsh1_n
__gmpn_rsblsh2_n
__gmpn_rsblsh_n
__gmpn_rsh1add_n
__gmpn_rsh1add_nc
__gmpn_rsh1sub_n
__gmpn_rsh1sub_nc
__gmpn_rshift
__gmpn_rshift_atom
__gmpn_rshift_core2
__gmpn_rshift_coreisbr
__gmpn_rshift_init
__gmpn_rshift_k10
__gmpn_rshift_pentium4
__gmpn_rshift_x86_64
__gmpn_sbpi1_bdiv_q
__gmpn_sbpi1_bdiv_qr
__gmpn_sbpi1_div_q

Sections

.text
Size: 414KB - Virtual size: 413KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 608B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 672B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/4
Size: 1024B - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/19
Size: 234KB - Virtual size: 234KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/31
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/45
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/57
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/70
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/81
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/92
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
clocktuner-ryzen-2-1/libhwloc-15.dll
.dll windows:4 windows x64 arch:x64

dfbe98cf5b61a9f17e084aa27e254c1f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetFileAttributesA
GetLastError
GetModuleFileNameA
GetModuleFileNameW
GetProcAddress
GetProcessAffinityMask
GetSystemInfo
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
QueryPerformanceCounter
RtlAddFunctionTable
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
SetProcessAffinityMask
SetThreadAffinityMask
SetUnhandledExceptionFilter
Sleep
SwitchToThread
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualProtect
VirtualQuery

msvcrt

__dllonexit
__iob_func
_amsg_exit
_close
_errno
_exit
_findclose
_findfirst64
_findnext64
_fstat64
_fullpath
_initterm
_lock
_onexit
_open
_read
_snwprintf
_stat64
_strdup
_stricmp
_strnicmp
_unlock
_vsnprintf
abort
atof
atoi
calloc
exit
fclose
ferror
fgets
fopen
fprintf
fputc
fread
free
fseek
fwprintf
fwrite
getenv
islower
isspace
isupper
malloc
memcmp
memcpy
memmove
memset
qsort
raise
realloc
signal
sprintf
sscanf
strchr
strcmp
strcpy
strcspn
strerror
strlen
strncmp
strncpy
strrchr
strspn
strstr
strtol
strtoul
tolower
vfprintf
wcscpy

user32

MessageBoxW

Exports

Exports

hwloc__add_info
hwloc__add_info_nodup
hwloc__attach_memory_object
hwloc__free_infos
hwloc__insert_object_by_cpuset
hwloc__move_infos
hwloc__object_cpusets_compare_first
hwloc__reorder_children
hwloc__topology_disadopt
hwloc__topology_dup
hwloc__xml_export_diff
hwloc__xml_export_topology
hwloc__xml_import_diff
hwloc__xml_verbose
hwloc_add_uname_info
hwloc_alloc
hwloc_alloc_heap
hwloc_alloc_membind
hwloc_alloc_root_sets
hwloc_alloc_setup_object
hwloc_backend_alloc
hwloc_backend_enable
hwloc_backends_disable_all
hwloc_backends_find_callbacks
hwloc_backends_init
hwloc_backends_is_thissystem
hwloc_bitmap_allbut
hwloc_bitmap_alloc
hwloc_bitmap_alloc_full
hwloc_bitmap_and
hwloc_bitmap_andnot
hwloc_bitmap_asprintf
hwloc_bitmap_clr
hwloc_bitmap_clr_range
hwloc_bitmap_compare
hwloc_bitmap_compare_first
hwloc_bitmap_compare_inclusion
hwloc_bitmap_copy
hwloc_bitmap_dup
hwloc_bitmap_fill
hwloc_bitmap_first
hwloc_bitmap_first_unset
hwloc_bitmap_free
hwloc_bitmap_from_ith_ulong
hwloc_bitmap_from_ulong
hwloc_bitmap_intersects
hwloc_bitmap_isequal
hwloc_bitmap_isfull
hwloc_bitmap_isincluded
hwloc_bitmap_isset
hwloc_bitmap_iszero
hwloc_bitmap_last
hwloc_bitmap_last_unset
hwloc_bitmap_list_asprintf
hwloc_bitmap_list_snprintf
hwloc_bitmap_list_sscanf
hwloc_bitmap_next
hwloc_bitmap_next_unset
hwloc_bitmap_not
hwloc_bitmap_only
hwloc_bitmap_or
hwloc_bitmap_set
hwloc_bitmap_set_ith_ulong
hwloc_bitmap_set_range
hwloc_bitmap_singlify
hwloc_bitmap_snprintf
hwloc_bitmap_sscanf
hwloc_bitmap_taskset_asprintf
hwloc_bitmap_taskset_snprintf
hwloc_bitmap_taskset_sscanf
hwloc_bitmap_tma_dup
hwloc_bitmap_to_ith_ulong
hwloc_bitmap_to_ulong
hwloc_bitmap_weight
hwloc_bitmap_xor
hwloc_bitmap_zero
hwloc_compare_types
hwloc_components_fini
hwloc_components_init
hwloc_decode_from_base64
hwloc_disc_component_force_enable
hwloc_disc_components_enable_others
hwloc_distances_add
hwloc_distances_get
hwloc_distances_get_by_depth
hwloc_distances_release
hwloc_distances_remove
hwloc_distances_remove_by_depth
hwloc_encode_to_base64
hwloc_export_obj_userdata
hwloc_export_obj_userdata_base64
hwloc_fallback_nbprocessors
hwloc_find_insert_io_parent_by_complete_cpuset
hwloc_free
hwloc_free_heap
hwloc_free_object_and_children
hwloc_free_object_siblings_and_children
hwloc_free_unlinked_object
hwloc_free_xmlbuffer
hwloc_get_api_version
hwloc_get_area_membind
hwloc_get_area_memlocation
hwloc_get_closest_objs
hwloc_get_cpubind
hwloc_get_depth_type
hwloc_get_largest_objs_inside_cpuset
hwloc_get_last_cpu_location
hwloc_get_membind
hwloc_get_memory_parents_depth
hwloc_get_nbobjs_by_depth
hwloc_get_obj_by_depth
hwloc_get_proc_cpubind
hwloc_get_proc_last_cpu_location
hwloc_get_proc_membind
hwloc_get_thread_cpubind
hwloc_get_type_depth
hwloc_hide_errors
hwloc_insert_object_by_cpuset
hwloc_insert_object_by_parent
hwloc_internal_distances_add
hwloc_internal_distances_add_by_index
hwloc_internal_distances_destroy
hwloc_internal_distances_dup
hwloc_internal_distances_init
hwloc_internal_distances_invalidate_cached_objs
hwloc_internal_distances_prepare
hwloc_internal_distances_refresh
hwloc_namecoloncmp
hwloc_noos_component
hwloc_obj_add_children_sets
hwloc_obj_add_info
hwloc_obj_add_other_obj_sets
hwloc_obj_attr_snprintf
hwloc_obj_type_is_cache
hwloc_obj_type_is_dcache
hwloc_obj_type_is_icache
hwloc_obj_type_is_io
hwloc_obj_type_is_memory
hwloc_obj_type_is_normal
hwloc_obj_type_snprintf
hwloc_obj_type_string
hwloc_pci_belowroot_apply_locality
hwloc_pci_class_string
hwloc_pci_discovery_exit
hwloc_pci_discovery_init
hwloc_pci_discovery_prepare
hwloc_pcidisc_check_bridge_type
hwloc_pcidisc_find_busid_parent
hwloc_pcidisc_find_by_busid
hwloc_pcidisc_find_cap
hwloc_pcidisc_find_linkspeed
hwloc_pcidisc_setup_bridge_attr
hwloc_pcidisc_tree_attach
hwloc_pcidisc_tree_insert_by_busid
hwloc_progname
hwloc_report_os_error
hwloc_set_area_membind
hwloc_set_binding_hooks
hwloc_set_cpubind
hwloc_set_membind
hwloc_set_native_binding_hooks
hwloc_set_proc_cpubind
hwloc_set_proc_membind
hwloc_set_thread_cpubind
hwloc_set_windows_hooks
hwloc_setup_pu_level
hwloc_shmem_topology_adopt
hwloc_shmem_topology_get_length
hwloc_shmem_topology_write
hwloc_snprintf
hwloc_synthetic_component
hwloc_topology_abi_check
hwloc_topology_alloc_group_object
hwloc_topology_check
hwloc_topology_clear
hwloc_topology_destroy
hwloc_topology_diff_apply
hwloc_topology_diff_build
hwloc_topology_diff_destroy
hwloc_topology_diff_export_xml
hwloc_topology_diff_export_xmlbuffer
hwloc_topology_diff_load_xml
hwloc_topology_diff_load_xmlbuffer
hwloc_topology_dup
hwloc_topology_export_synthetic
hwloc_topology_export_xml
hwloc_topology_export_xmlbuffer
hwloc_topology_get_allowed_cpuset
hwloc_topology_get_allowed_nodeset
hwloc_topology_get_complete_cpuset
hwloc_topology_get_complete_nodeset
hwloc_topology_get_depth
hwloc_topology_get_flags
hwloc_topology_get_support
hwloc_topology_get_topology_cpuset
hwloc_topology_get_topology_nodeset
hwloc_topology_get_type_filter
hwloc_topology_get_userdata
hwloc_topology_init
hwloc_topology_insert_group_object
hwloc_topology_insert_misc_object
hwloc_topology_is_thissystem
hwloc_topology_load
hwloc_topology_reconnect
hwloc_topology_restrict
hwloc_topology_set_all_types_filter
hwloc_topology_set_cache_types_filter
hwloc_topology_set_flags
hwloc_topology_set_icache_types_filter
hwloc_topology_set_io_types_filter
hwloc_topology_set_pid
hwloc_topology_set_synthetic
hwloc_topology_set_type_filter
hwloc_topology_set_userdata
hwloc_topology_set_userdata_export_callback
hwloc_topology_set_userdata_import_callback
hwloc_topology_set_xml
hwloc_topology_set_xmlbuffer
hwloc_topology_setup_defaults
hwloc_type_sscanf
hwloc_type_sscanf_as_depth
hwloc_windows_component
hwloc_x86_component
hwloc_xml_callbacks_register
hwloc_xml_callbacks_reset
hwloc_xml_component
hwloc_xml_nolibxml_component

Sections

.text
Size: 153KB - Virtual size: 153KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 212B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/4
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/19
Size: 919KB - Virtual size: 918KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/31
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/45
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/57
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/70
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/81
Size: 284KB - Virtual size: 284KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/92
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dae02f32a21e03ce65412f6e56942daa

Code Sign

02:ac:5c:26:6a:0b:40:9b:8f:0b:79:f2:ae:46:25:77Certificate

Key Usages

0a:e9:5f:ae:cd:be:04:c8:8a:3a:d1:15:e6:f7:dd:a2Certificate

Extended Key Usages

Key Usages

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66Certificate

Extended Key Usages

Key Usages

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5cCertificate

Extended Key Usages

Key Usages

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1bCertificate

Extended Key Usages

Key Usages

06:31:62:cf:25:5d:97:cf:cb:eb:32:12:b0:95:b2:93:41:32:2a:4fSigner

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 2.5MB - Virtual size: 2.5MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Code Sign

02:ac:5c:26:6a:0b:40:9b:8f:0b:79:f2:ae:46:25:77Certificate

Key Usages

0a:e9:5f:ae:cd:be:04:c8:8a:3a:d1:15:e6:f7:dd:a2Certificate

Extended Key Usages

Key Usages

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66Certificate

Extended Key Usages

Key Usages

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5cCertificate

Extended Key Usages

Key Usages

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1bCertificate

Extended Key Usages

Key Usages

d9:3d:cd:1a:f7:3c:b2:fa:cd:ac:82:92:c2:e1:cf:d7:b8:06:db:6cSigner

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 108KB - Virtual size: 107KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Code Sign

02:ac:5c:26:6a:0b:40:9b:8f:0b:79:f2:ae:46:25:77Certificate

Key Usages

0a:e9:5f:ae:cd:be:04:c8:8a:3a:d1:15:e6:f7:dd:a2Certificate

Extended Key Usages

Key Usages

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66Certificate

Extended Key Usages

Key Usages

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5cCertificate

Extended Key Usages

Key Usages

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1bCertificate

Extended Key Usages

Key Usages

77:69:c9:15:5c:15:8f:a9:df:65:de:92:8b:82:e9:1c:8c:b8:bb:fcSigner

Headers

DLL Characteristics

File Characteristics

PDB Paths

02:ac:5c:26:6a:0b:40:9b:8f:0b:79:f2:ae:46:25:77
Certificate

0a:e9:5f:ae:cd:be:04:c8:8a:3a:d1:15:e6:f7:dd:a2
Certificate

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

06:31:62:cf:25:5d:97:cf:cb:eb:32:12:b0:95:b2:93:41:32:2a:4f
Signer

.text
Size: 2.5MB - Virtual size: 2.5MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

02:ac:5c:26:6a:0b:40:9b:8f:0b:79:f2:ae:46:25:77
Certificate

0a:e9:5f:ae:cd:be:04:c8:8a:3a:d1:15:e6:f7:dd:a2
Certificate

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

d9:3d:cd:1a:f7:3c:b2:fa:cd:ac:82:92:c2:e1:cf:d7:b8:06:db:6c
Signer

.text
Size: 108KB - Virtual size: 107KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

02:ac:5c:26:6a:0b:40:9b:8f:0b:79:f2:ae:46:25:77
Certificate

0a:e9:5f:ae:cd:be:04:c8:8a:3a:d1:15:e6:f7:dd:a2
Certificate

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

77:69:c9:15:5c:15:8f:a9:df:65:de:92:8b:82:e9:1c:8c:b8:bb:fc
Signer

.text
Size: 40KB - Virtual size: 40KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

02:ac:5c:26:6a:0b:40:9b:8f:0b:79:f2:ae:46:25:77
Certificate

0a:e9:5f:ae:cd:be:04:c8:8a:3a:d1:15:e6:f7:dd:a2
Certificate

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

da:45:26:79:f1:04:b7:89:b4:8f:34:04:58:72:8b:a1:63:ee:3f:c3
Signer

.text
Size: 156KB - Virtual size: 155KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

02:ac:5c:26:6a:0b:40:9b:8f:0b:79:f2:ae:46:25:77
Certificate

0a:e9:5f:ae:cd:be:04:c8:8a:3a:d1:15:e6:f7:dd:a2
Certificate

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

0c:a6:70:86:5e:ce:7d:23:86:b1:a9:56:56:3a:ba:41:18:8f:18:fb
Signer

.text
Size: 102KB - Virtual size: 101KB

.rsrc
Size: 1024B - Virtual size: 776B

.reloc
Size: 512B - Virtual size: 12B

02:ac:5c:26:6a:0b:40:9b:8f:0b:79:f2:ae:46:25:77
Certificate

0a:e9:5f:ae:cd:be:04:c8:8a:3a:d1:15:e6:f7:dd:a2
Certificate

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate