SpyShelterSetup[.]exe

SpyShelterSetup.exe

.exe windows:4 windows x86 arch:x86

9dda1a1d1f8a1d13ae0297b47046b26e

Code Sign

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

Issuer

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Not Before

28-07-2020 00:00

Not After

28-07-2030 00:00

Subject

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

5b:dd:95:4a:de:3f:c7:2a:53:11:2b:d7
Certificate

Issuer

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Not Before

20-10-2022 16:26

Not After

20-10-2025 16:26

Subject

SERIALNUMBER=0800764913,CN=SpyShelter (Netmeetings LLC),O=SpyShelter (Netmeetings LLC),STREET=3006 BEE CAVES RD STE D202,L=AUSTIN,ST=TEXAS,C=US,1.3.6.1.4.1.311.60.2.1.2=#13055445584153,1.3.6.1.4.1.311.60.2.1.3=#13025553,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

01:b2:8b:d4:cf:ee:ee:0d:be:d0:b3:0d:9b:f8:43:6a
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Not Before

06-04-2022 07:45

Not After

08-05-2033 07:45

Subject

CN=Globalsign TSA for CodeSign1 - R6,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

20-06-2018 00:00

Not After

10-12-2034 00:00

Subject

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

45:e6:bb:03:83:33:c3:85:65:48:e6:ff:45:51
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

10-12-2014 00:00

Not After

10-12-2034 00:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

5a:cb:81:a7:6c:f1:fd:46:01:74:57:dc:f9:1f:9a:cd:26:b9:3f:4f:7d:d8:1d:87:58:ff:88:1a:f8:48:43:2f
Signer

Actual PE Digest

5a:cb:81:a7:6c:f1:fd:46:01:74:57:dc:f9:1f:9a:cd:26:b9:3f:4f:7d:d8:1d:87:58:ff:88:1a:f8:48:43:2f

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_NO_SEH

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LINE_NUMS_STRIPPED

IMAGE_FILE_LOCAL_SYMS_STRIPPED

IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegEnumValueW

RegEnumKeyW

RegQueryValueExW

RegSetValueExW

RegCloseKey

RegDeleteValueW

RegDeleteKeyW

AdjustTokenPrivileges

LookupPrivilegeValueW

OpenProcessToken

RegOpenKeyExW

RegCreateKeyExW

shell32

SHGetPathFromIDListW

SHBrowseForFolderW

SHGetFileInfoW

SHFileOperationW

ShellExecuteExW

ole32

CoCreateInstance

OleUninitialize

OleInitialize

IIDFromString

CoTaskMemFree

comctl32

ImageList_Destroy

ord17

ImageList_AddMasked

ImageList_Create

user32

MessageBoxIndirectW

GetDlgItemTextW

SetDlgItemTextW

CreatePopupMenu

AppendMenuW

TrackPopupMenu

OpenClipboard

EmptyClipboard

SetClipboardData

CloseClipboard

IsWindowVisible

CallWindowProcW

GetMessagePos

CheckDlgButton

LoadCursorW

SetCursor

GetSysColor

SetWindowPos

GetWindowLongW

IsWindowEnabled

SetClassLongW

GetSystemMenu

EnableMenuItem

GetWindowRect

ScreenToClient

EndDialog

RegisterClassW

SystemParametersInfoW

CharPrevW

GetClassInfoW

DialogBoxParamW

CharNextW

ExitWindowsEx

DestroyWindow

CreateDialogParamW

SetTimer

SetWindowTextW

PostQuitMessage

SetForegroundWindow

ShowWindow

wsprintfW

SendMessageTimeoutW

FindWindowExW

IsWindow

GetDlgItem

SetWindowLongW

LoadImageW

GetDC

ReleaseDC

EnableWindow

InvalidateRect

SendMessageW

DefWindowProcW

BeginPaint

GetClientRect

FillRect

DrawTextW

EndPaint

CharNextA

wsprintfA

DispatchMessageW

CreateWindowExW

PeekMessageW

GetSystemMetrics

gdi32

GetDeviceCaps

SetBkColor

SelectObject

DeleteObject

CreateBrushIndirect

CreateFontIndirectW

SetBkMode

SetTextColor

kernel32

RemoveDirectoryW

lstrcmpiA

GetTempFileNameW

CreateProcessW

CreateDirectoryW

GetLastError

CreateThread

GlobalLock

GlobalUnlock

GetDiskFreeSpaceW

WideCharToMultiByte

lstrcpynW

lstrlenW

SetErrorMode

GetVersionExW

GetCommandLineW

GetTempPathW

GetWindowsDirectoryW

SetEnvironmentVariableW

WriteFile

ExitProcess

GetCurrentProcess

GetModuleFileNameW

GetFileSize

CreateFileW

GetTickCount

Sleep

SetFileAttributesW

GetFileAttributesW

SetCurrentDirectoryW

MoveFileW

GetFullPathNameW

GetShortPathNameW

SearchPathW

CompareFileTime

SetFileTime

CloseHandle

lstrcmpiW

lstrcmpW

ExpandEnvironmentStringsW

GlobalFree

GlobalAlloc

GetModuleHandleW

LoadLibraryExW

FreeLibrary

WritePrivateProfileStringW

GetPrivateProfileStringW

lstrlenA

MultiByteToWideChar

ReadFile

SetFilePointer

FindClose

FindNextFileW

FindFirstFileW

DeleteFileW

MulDiv

lstrcpyA

MoveFileExW

lstrcatW

GetSystemDirectoryW

GetProcAddress

GetModuleHandleA

GetExitCodeProcess

WaitForSingleObject

CopyFileW

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 168KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 182KB - Virtual size: 181KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

$PLUGINSDIR/INetC.dll

.dll windows:4 windows x86 arch:x86

163fdad7b5f915e3a0ca7ad1d08b4ff8

Code Sign

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

Issuer

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Not Before

28-07-2020 00:00

Not After

28-07-2030 00:00

Subject

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

5b:dd:95:4a:de:3f:c7:2a:53:11:2b:d7
Certificate

Issuer

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Not Before

20-10-2022 16:26

Not After

20-10-2025 16:26

Subject

SERIALNUMBER=0800764913,CN=SpyShelter (Netmeetings LLC),O=SpyShelter (Netmeetings LLC),STREET=3006 BEE CAVES RD STE D202,L=AUSTIN,ST=TEXAS,C=US,1.3.6.1.4.1.311.60.2.1.2=#13055445584153,1.3.6.1.4.1.311.60.2.1.3=#13025553,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

01:b2:8b:d4:cf:ee:ee:0d:be:d0:b3:0d:9b:f8:43:6a
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Not Before

06-04-2022 07:45

Not After

08-05-2033 07:45

Subject

CN=Globalsign TSA for CodeSign1 - R6,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

20-06-2018 00:00

Not After

10-12-2034 00:00

Subject

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

45:e6:bb:03:83:33:c3:85:65:48:e6:ff:45:51
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

10-12-2014 00:00

Not After

10-12-2034 00:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

05:ec:dc:3c:49:ac:5e:ac:ec:1d:d7:b2:33:37:20:cb:4c:2e:34:f9:68:2a:4d:aa:f9:d0:86:a6:fc:e1:a9:af
Signer

Actual PE Digest

05:ec:dc:3c:49:ac:5e:ac:ec:1d:d7:b2:33:37:20:cb:4c:2e:34:f9:68:2a:4d:aa:f9:d0:86:a6:fc:e1:a9:af

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

Imports

kernel32

lstrcpyW

CreateThread

LocalAlloc

lstrcpynW

SleepEx

MulDiv

GetModuleHandleW

GetTickCount

ReadFile

CreateFileA

CreateFileW

GetFileSize

lstrcmpiW

lstrcatW

LoadLibraryA

lstrcmpW

lstrlenA

MultiByteToWideChar

WriteFile

lstrlenW

CloseHandle

GetLastError

DeleteFileW

GetProcAddress

WideCharToMultiByte

LocalFree

TerminateThread

GlobalAlloc

GlobalFree

SetFilePointer

WaitForSingleObject

user32

wsprintfA

FindWindowExW

GetWindowLongW

IsWindow

CreateDialogParamW

ShowWindow

GetParent

DispatchMessageW

LoadIconW

KillTimer

PostMessageW

IsDialogMessageW

SetWindowPos

SetWindowTextW

GetMessageW

SendDlgItemMessageW

TranslateMessage

EnableWindow

RedrawWindow

UpdateWindow

GetWindowRect

SendMessageW

SetTimer

SetWindowLongW

wsprintfW

SetDlgItemTextW

GetDlgItem

IsWindowVisible

MessageBoxW

GetClientRect

DestroyWindow

SystemParametersInfoW

GetWindowTextW

comctl32

ord17

wininet

HttpSendRequestExW

InternetErrorDlg

InternetWriteFile

HttpSendRequestW

InternetSetFilePointer

HttpAddRequestHeadersA

FtpCreateDirectoryW

InternetCrackUrlW

FtpOpenFileW

InternetSetOptionW

InternetOpenW

InternetGetLastResponseInfoW

HttpEndRequestW

InternetReadFile

HttpAddRequestHeadersW

HttpQueryInfoW

InternetCloseHandle

InternetConnectW

InternetQueryOptionW

HttpOpenRequestW

Exports

get

head

post

put

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

$PLUGINSDIR/System.dll

.dll windows:4 windows x86 arch:x86

509a34b3a68a773e0afb4259e68f9f82

Code Sign

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

Issuer

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Not Before

28-07-2020 00:00

Not After

28-07-2030 00:00

Subject

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

5b:dd:95:4a:de:3f:c7:2a:53:11:2b:d7
Certificate

Issuer

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Not Before

20-10-2022 16:26

Not After

20-10-2025 16:26

Subject

SERIALNUMBER=0800764913,CN=SpyShelter (Netmeetings LLC),O=SpyShelter (Netmeetings LLC),STREET=3006 BEE CAVES RD STE D202,L=AUSTIN,ST=TEXAS,C=US,1.3.6.1.4.1.311.60.2.1.2=#13055445584153,1.3.6.1.4.1.311.60.2.1.3=#13025553,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

01:b2:8b:d4:cf:ee:ee:0d:be:d0:b3:0d:9b:f8:43:6a
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Not Before

06-04-2022 07:45

Not After

08-05-2033 07:45

Subject

CN=Globalsign TSA for CodeSign1 - R6,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

20-06-2018 00:00

Not After

10-12-2034 00:00

Subject

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

45:e6:bb:03:83:33:c3:85:65:48:e6:ff:45:51
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

10-12-2014 00:00

Not After

10-12-2034 00:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

3d:82:d0:f9:aa:c4:5d:d5:23:d1:ba:1c:73:a3:83:44:63:4c:3e:e1:e2:e7:8e:a0:0b:8d:08:50:e4:d8:04:9e
Signer

Actual PE Digest

3d:82:d0:f9:aa:c4:5d:d5:23:d1:ba:1c:73:a3:83:44:63:4c:3e:e1:e2:e7:8e:a0:0b:8d:08:50:e4:d8:04:9e

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_NO_SEH

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LINE_NUMS_STRIPPED

IMAGE_FILE_LOCAL_SYMS_STRIPPED

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc

GlobalFree

GlobalSize

lstrcpynW

lstrcpyW

GetProcAddress

WideCharToMultiByte

VirtualFree

FreeLibrary

lstrlenW

LoadLibraryW

GetModuleHandleW

MultiByteToWideChar

VirtualAlloc

VirtualProtect

GetLastError

user32

wsprintfW

ole32

StringFromGUID2

CLSIDFromString

Exports

Alloc

Call

Copy

Free

Get

Int64Op

Store

StrAlloc

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 867B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 120B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 662B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

$PLUGINSDIR/header_120.bmp

$PLUGINSDIR/header_144.bmp

$PLUGINSDIR/header_168.bmp

$PLUGINSDIR/header_192.bmp

$PLUGINSDIR/header_96.bmp

$PLUGINSDIR/modern-header.bmp

$PLUGINSDIR/modern-wizard.bmp

$PLUGINSDIR/nsDialogs.dll

.dll windows:4 windows x86 arch:x86

3b477381217c97b22146297f93df2a92

Code Sign

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

Issuer

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Not Before

28-07-2020 00:00

Not After

28-07-2030 00:00

Subject

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

5b:dd:95:4a:de:3f:c7:2a:53:11:2b:d7
Certificate

Issuer

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Not Before

20-10-2022 16:26

Not After

20-10-2025 16:26

Subject

SERIALNUMBER=0800764913,CN=SpyShelter (Netmeetings LLC),O=SpyShelter (Netmeetings LLC),STREET=3006 BEE CAVES RD STE D202,L=AUSTIN,ST=TEXAS,C=US,1.3.6.1.4.1.311.60.2.1.2=#13055445584153,1.3.6.1.4.1.311.60.2.1.3=#13025553,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

01:b2:8b:d4:cf:ee:ee:0d:be:d0:b3:0d:9b:f8:43:6a
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Not Before

06-04-2022 07:45

Not After

08-05-2033 07:45

Subject

CN=Globalsign TSA for CodeSign1 - R6,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

20-06-2018 00:00

Not After

10-12-2034 00:00

Subject

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

45:e6:bb:03:83:33:c3:85:65:48:e6:ff:45:51
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

10-12-2014 00:00

Not After

10-12-2034 00:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

22:cc:86:28:4d:ba:77:64:d4:9c:9e:fb:31:06:f0:ba:66:06:3f:3e:89:bd:86:2e:b8:d3:dd:cb:05:03:9b:3d
Signer

Actual PE Digest

22:cc:86:28:4d:ba:77:64:d4:9c:9e:fb:31:06:f0:ba:66:06:3f:3e:89:bd:86:2e:b8:d3:dd:cb:05:03:9b:3d

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_NO_SEH

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LINE_NUMS_STRIPPED

IMAGE_FILE_LOCAL_SYMS_STRIPPED

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

Imports

kernel32

lstrcpyW

GetFileAttributesW

lstrcmpiW

MulDiv

lstrlenW

HeapFree

GetProcessHeap

GetCurrentDirectoryW

HeapReAlloc

GlobalFree

lstrcpynW

GlobalAlloc

HeapAlloc

SetCurrentDirectoryW

user32

GetPropW

DestroyWindow

CallWindowProcW

SetCursor

LoadCursorW

RemovePropW

CharPrevW

GetWindowLongW

DrawTextW

GetWindowTextW

SetWindowLongW

GetDlgItem

GetSysColor

SetWindowPos

CreateDialogParamW

MapWindowPoints

GetWindowRect

SetPropW

CreateWindowExW

IsWindow

SetTimer

KillTimer

DispatchMessageW

TranslateMessage

GetMessageW

IsDialogMessageW

ShowWindow

wsprintfW

MapDialogRect

GetClientRect

CharNextW

SendMessageW

DrawFocusRect

gdi32

SetTextColor

shell32

SHBrowseForFolderW

SHGetPathFromIDListW

comdlg32

GetSaveFileNameW

GetOpenFileNameW

CommDlgExtendedError

ole32

CoTaskMemFree

Exports

Create

CreateControl

CreateItem

CreateTimer

GetUserData

KillTimer

OnBack

OnChange

OnClick

OnNotify

SelectFileDialog

SelectFolderDialog

SetRTL

SetUserData

Show

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 638B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

$PLUGINSDIR/nsExec.dll

.dll windows:4 windows x86 arch:x86

68b7023f8923dd087549802f8fa631c3

Code Sign

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

Issuer

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Not Before

28-07-2020 00:00

Not After

28-07-2030 00:00

Subject

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

5b:dd:95:4a:de:3f:c7:2a:53:11:2b:d7
Certificate

Issuer

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Not Before

20-10-2022 16:26

Not After

20-10-2025 16:26

Subject

SERIALNUMBER=0800764913,CN=SpyShelter (Netmeetings LLC),O=SpyShelter (Netmeetings LLC),STREET=3006 BEE CAVES RD STE D202,L=AUSTIN,ST=TEXAS,C=US,1.3.6.1.4.1.311.60.2.1.2=#13055445584153,1.3.6.1.4.1.311.60.2.1.3=#13025553,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

01:b2:8b:d4:cf:ee:ee:0d:be:d0:b3:0d:9b:f8:43:6a
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Not Before

06-04-2022 07:45

Not After

08-05-2033 07:45

Subject

CN=Globalsign TSA for CodeSign1 - R6,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

20-06-2018 00:00

Not After

10-12-2034 00:00

Subject

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

45:e6:bb:03:83:33:c3:85:65:48:e6:ff:45:51
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

10-12-2014 00:00

Not After

10-12-2034 00:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

db:a9:09:d1:d0:bc:f0:85:96:ac:b3:ee:12:9c:f9:bb:48:7e:1c:a4:fe:fe:00:70:95:e6:f6:60:34:de:96:4d
Signer

Actual PE Digest

db:a9:09:d1:d0:bc:f0:85:96:ac:b3:ee:12:9c:f9:bb:48:7e:1c:a4:fe:fe:00:70:95:e6:f6:60:34:de:96:4d

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_NO_SEH

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LINE_NUMS_STRIPPED

IMAGE_FILE_LOCAL_SYMS_STRIPPED

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

Imports

advapi32

SetSecurityDescriptorDacl

InitializeSecurityDescriptor

IsTextUnicode

user32

CharNextExA

CharNextW

CharPrevW

FindWindowExW

wsprintfW

SendMessageW

kernel32

GetCommandLineW

lstrcpynW

ExitProcess

GetCurrentProcess

GetModuleHandleA

GetProcAddress

Sleep

TerminateProcess

GlobalReAlloc

MultiByteToWideChar

IsDBCSLeadByteEx

ReadFile

PeekNamedPipe

GetExitCodeProcess

WaitForSingleObject

GetTickCount

lstrcpyW

CreateProcessW

GetStartupInfoW

CreatePipe

GetVersion

DeleteFileW

lstrcmpiW

lstrlenW

lstrcatW

CloseHandle

UnmapViewOfFile

MapViewOfFile

CreateFileMappingW

CreateFileW

CopyFileW

GetTempFileNameW

GlobalFree

GlobalAlloc

GetModuleFileNameW

Exports

Exec

ExecToLog

ExecToStack

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 420B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

$PLUGINSDIR/side_120.bmp

$PLUGINSDIR/side_144.bmp

$PLUGINSDIR/side_168.bmp

$PLUGINSDIR/side_192.bmp

$PLUGINSDIR/side_96.bmp

$PLUGINSDIR/sps.dll

.dll windows:6 windows x86 arch:x86

a675043673c42e96009d9444332b57be

Code Sign

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

Issuer

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Not Before

28-07-2020 00:00

Not After

28-07-2030 00:00

Subject

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

5b:dd:95:4a:de:3f:c7:2a:53:11:2b:d7
Certificate

Issuer

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Not Before

20-10-2022 16:26

Not After

20-10-2025 16:26

Subject

SERIALNUMBER=0800764913,CN=SpyShelter (Netmeetings LLC),O=SpyShelter (Netmeetings LLC),STREET=3006 BEE CAVES RD STE D202,L=AUSTIN,ST=TEXAS,C=US,1.3.6.1.4.1.311.60.2.1.2=#13055445584153,1.3.6.1.4.1.311.60.2.1.3=#13025553,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

01:b2:8b:d4:cf:ee:ee:0d:be:d0:b3:0d:9b:f8:43:6a
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Not Before

06-04-2022 07:45

Not After

08-05-2033 07:45

Subject

CN=Globalsign TSA for CodeSign1 - R6,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

20-06-2018 00:00

Not After

10-12-2034 00:00

Subject

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

45:e6:bb:03:83:33:c3:85:65:48:e6:ff:45:51
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

10-12-2014 00:00

Not After

10-12-2034 00:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

c6:f8:ae:45:8b:93:7d:ee:ca:ac:01:3c:f6:b1:39:97:ef:6c:90:34:5e:41:23:43:3a:b5:d6:97:bb:db:96:21
Signer

Actual PE Digest

c6:f8:ae:45:8b:93:7d:ee:ca:ac:01:3c:f6:b1:39:97:ef:6c:90:34:5e:41:23:43:3a:b5:d6:97:bb:db:96:21

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

PDB Paths

D:\SpyShelter\installer-nsis\sps\Release\sps.pdb

Imports

kernel32

CreateToolhelp32Snapshot

Process32NextW

Process32FirstW

CloseHandle

GetFileSize

GetCurrentProcessId

OpenProcess

MapViewOfFile

WriteConsoleW

SetFilePointerEx

UnmapViewOfFile

CreateFileW

WaitForSingleObject

TerminateProcess

lstrcpyW

WideCharToMultiByte

GlobalFree

MultiByteToWideChar

CreateFileMappingW

lstrcpynW

UnhandledExceptionFilter

SetUnhandledExceptionFilter

GetCurrentProcess

IsProcessorFeaturePresent

QueryPerformanceCounter

GetCurrentThreadId

GetSystemTimeAsFileTime

InitializeSListHead

IsDebuggerPresent

GetStartupInfoW

GetModuleHandleW

InterlockedFlushSList

RtlUnwind

GetLastError

SetLastError

EnterCriticalSection

LeaveCriticalSection

DeleteCriticalSection

InitializeCriticalSectionAndSpinCount

TlsAlloc

TlsGetValue

TlsSetValue

TlsFree

FreeLibrary

GetProcAddress

LoadLibraryExW

EncodePointer

RaiseException

ExitProcess

GetModuleHandleExW

GetModuleFileNameW

HeapFree

HeapAlloc

FindClose

FindFirstFileExW

FindNextFileW

IsValidCodePage

GetACP

GetOEMCP

GetCPInfo

GetCommandLineA

GetCommandLineW

GetEnvironmentStringsW

FreeEnvironmentStringsW

LCMapStringW

GetProcessHeap

GetStdHandle

GetFileType

GetStringTypeW

HeapSize

HeapReAlloc

SetStdHandle

FlushFileBuffers

WriteFile

GetConsoleOutputCP

GetConsoleMode

DecodePointer

user32

EnumWindows

SendMessageTimeoutW

GetWindowThreadProcessId

advapi32

RegCloseKey

CryptAcquireContextW

CryptCreateHash

CryptHashData

RegSetValueExW

CryptDestroyHash

RegOpenKeyExW

CryptGetHashParam

RegQueryValueExW

CryptReleaseContext

Exports

AppendPath

GetHash

KillProc

StopProc

Sections

.text
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

SpyShelter.exe

.exe windows:6 windows x64 arch:x64

074a81f6caad7ca2d02a03c61b57c609

Code Sign

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

Issuer

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Not Before

28-07-2020 00:00

Not After

28-07-2030 00:00

Subject

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

5b:dd:95:4a:de:3f:c7:2a:53:11:2b:d7
Certificate

Issuer

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Not Before

20-10-2022 16:26

Not After

20-10-2025 16:26

Subject

SERIALNUMBER=0800764913,CN=SpyShelter (Netmeetings LLC),O=SpyShelter (Netmeetings LLC),STREET=3006 BEE CAVES RD STE D202,L=AUSTIN,ST=TEXAS,C=US,1.3.6.1.4.1.311.60.2.1.2=#13055445584153,1.3.6.1.4.1.311.60.2.1.3=#13025553,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

01:b2:8b:d4:cf:ee:ee:0d:be:d0:b3:0d:9b:f8:43:6a
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Not Before

06-04-2022 07:45

Not After

08-05-2033 07:45

Subject

CN=Globalsign TSA for CodeSign1 - R6,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

20-06-2018 00:00

Not After

10-12-2034 00:00

Subject

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

45:e6:bb:03:83:33:c3:85:65:48:e6:ff:45:51
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

10-12-2014 00:00

Not After

10-12-2034 00:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

aa:1a:60:d2:06:81:21:4b:c0:6c:7f:1f:7c:d3:fc:6e:a6:7f:c9:59:b1:97:28:bb:73:3d:ca:1c:36:d2:93:04
Signer

Actual PE Digest

aa:1a:60:d2:06:81:21:4b:c0:6c:7f:1f:7c:d3:fc:6e:a6:7f:c9:59:b1:97:28:bb:73:3d:ca:1c:36:d2:93:04

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

dwmapi

DwmExtendFrameIntoClientArea

gdiplus

GdipDeleteFontFamily

GdipSetTextRenderingHint

GdiplusStartup

GdiplusShutdown

GdipAlloc

GdipFree

GdipCloneBrush

GdipDeleteBrush

GdipCreateSolidFill

GdipCreatePen1

GdipDeletePen

GdipSetStringFormatTrimming

GdipSetStringFormatLineAlign

GdipSetStringFormatAlign

GdipSetStringFormatFlags

GdipDeleteStringFormat

GdipCreateStringFormat

GdipDrawString

GdipDeleteFont

GdipCreateFont

GdipGetGenericFontFamilySansSerif

GdipDrawEllipse

GdipCreateFontFamilyFromName

GdipFillEllipse

GdipSetSmoothingMode

GdipDeleteGraphics

GdipCreateHICONFromBitmap

GdipCreateBitmapFromScan0

GdipGetImageGraphicsContext

GdipDisposeImage

GdipCloneImage

flutter_desktop_sleep_plugin

FlutterDesktopSleepPluginCApiRegisterWithRegistrar

tray_manager_plugin

TrayManagerPluginRegisterWithRegistrar

url_launcher_windows_plugin

UrlLauncherWindowsRegisterWithRegistrar

windows_single_instance_plugin

WindowsSingleInstancePluginRegisterWithRegistrar

flutter_windows

FlutterDesktopPluginRegistrarGetMessenger

FlutterDesktopPluginRegistrarGetView

FlutterDesktopPluginRegistrarSetDestructionHandler

FlutterDesktopViewControllerHandleTopLevelWindowProc

FlutterDesktopRegistrarGetTextureRegistrar

FlutterDesktopViewControllerDestroy

FlutterDesktopViewControllerCreate

FlutterDesktopEngineGetMessenger

FlutterDesktopEngineGetPluginRegistrar

FlutterDesktopEngineReloadSystemFonts

FlutterDesktopViewControllerGetView

FlutterDesktopMessengerUnlock

FlutterDesktopEngineDestroy

FlutterDesktopEngineCreate

FlutterDesktopTextureRegistrarMarkExternalTextureFrameAvailable

FlutterDesktopTextureRegistrarUnregisterExternalTexture

FlutterDesktopTextureRegistrarRegisterExternalTexture

FlutterDesktopMessengerAddRef

FlutterDesktopMessengerLock

FlutterDesktopMessengerIsAvailable

FlutterDesktopGetDpiForMonitor

FlutterDesktopViewGetHWND

FlutterDesktopMessengerSend

FlutterDesktopMessengerSendWithReply

FlutterDesktopMessengerSendResponse

FlutterDesktopMessengerSetCallback

FlutterDesktopMessengerRelease

comctl32

ord410

ord413

kernel32

QueryPerformanceCounter

GetStartupInfoW

IsDebuggerPresent

IsProcessorFeaturePresent

TerminateProcess

GetCurrentProcess

SetUnhandledExceptionFilter

UnhandledExceptionFilter

RtlVirtualUnwind

RtlLookupFunctionEntry

RtlCaptureContext

SleepConditionVariableSRW

WakeAllConditionVariable

AcquireSRWLockExclusive

GetSystemTimeAsFileTime

GetCurrentThreadId

GetProcessHeap

HeapFree

LoadLibraryA

FreeLibrary

GetProcAddress

GetModuleHandleW

GetModuleHandleA

WideCharToMultiByte

LocalFree

GetCommandLineW

GetCurrentProcessId

ReleaseSRWLockExclusive

InitializeSListHead

user32

SendMessageW

IsWindowVisible

LoadCursorW

SetParent

SetWindowLongPtrW

GetWindowLongPtrW

GetClientRect

SetFocus

SetWindowPos

MoveWindow

DestroyWindow

UnregisterClassW

IsIconic

ShowWindow

GetFocus

SetForegroundWindow

DestroyIcon

IsZoomed

ReleaseCapture

GetSystemMetrics

SetPropW

SetWindowTextW

GetCursorPos

ScreenToClient

SetWindowsHookExW

MonitorFromPoint

MonitorFromWindow

GetActiveWindow

GetWindowPlacement

LoadIconW

UnhookWindowsHookEx

GetMessageW

TranslateMessage

DispatchMessageW

GetMonitorInfoW

EnumDisplayMonitors

SetTimer

KillTimer

CreateWindowExW

DefWindowProcW

PostQuitMessage

RegisterClassW

shell32

CommandLineToArgvW

ole32

CoInitializeEx

CoCreateInstance

CoUninitialize

msvcp140

?flags@ios_base@std@@QEBAHXZ

?good@ios_base@std@@QEBA_NXZ

?_Xbad_function_call@std@@YAXXZ

?_Raise_handler@std@@3P6AXAEBVexception@stdext@@@ZEA

?_Xlength_error@std@@YAXPEBD@Z

?_Xout_of_range@std@@YAXPEBD@Z

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@J@Z

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z

?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A

?width@ios_base@std@@QEBA_JXZ

?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A

?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ

?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z

?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ

?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z

?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADXZ

?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ

?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ

?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z

?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z

?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z

?width@ios_base@std@@QEAA_J_J@Z

vcruntime140_1

__CxxFrameHandler4

vcruntime140

memcpy

memmove

memset

__std_terminate

memcmp

__std_type_info_compare

__current_exception

__current_exception_context

__C_specific_handler

__std_exception_copy

__std_exception_destroy

_CxxThrowException

memchr

api-ms-win-crt-runtime-l1-1-0

_get_wide_winmain_command_line

_initterm

_initialize_onexit_table

_seh_filter_exe

_set_app_type

_register_onexit_function

_crt_atexit

terminate

_invoke_watson

_invalid_parameter_noinfo_noreturn

_initterm_e

exit

_exit

_configure_wide_argv

_c_exit

_register_thread_local_exe_atexit_callback

_cexit

_initialize_wide_environment

api-ms-win-crt-stdio-l1-1-0

_set_fmode

__p__commode

api-ms-win-crt-math-l1-1-0

ceil

__setusermatherr

api-ms-win-crt-heap-l1-1-0

free

_callnewh

_set_new_mode

malloc

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

Exports

bitsdojo_window_api

Sections

.text
Size: 91KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.pdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 168KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 652B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

SpyShelter.inf

SpyShelter.sys

.sys windows:10 windows x64 arch:x64

b658f34936bc4010b072fca14f882347

Code Sign

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

Issuer

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Not Before

28-07-2020 00:00

Not After

28-07-2030 00:00

Subject

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

5b:dd:95:4a:de:3f:c7:2a:53:11:2b:d7
Certificate

Issuer

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Not Before

20-10-2022 16:26

Not After

20-10-2025 16:26

Subject

SERIALNUMBER=0800764913,CN=SpyShelter (Netmeetings LLC),O=SpyShelter (Netmeetings LLC),STREET=3006 BEE CAVES RD STE D202,L=AUSTIN,ST=TEXAS,C=US,1.3.6.1.4.1.311.60.2.1.2=#13055445584153,1.3.6.1.4.1.311.60.2.1.3=#13025553,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

01:b2:8b:d4:cf:ee:ee:0d:be:d0:b3:0d:9b:f8:43:6a
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Not Before

06-04-2022 07:45

Not After

08-05-2033 07:45

Subject

CN=Globalsign TSA for CodeSign1 - R6,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

20-06-2018 00:00

Not After

10-12-2034 00:00

Subject

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

45:e6:bb:03:83:33:c3:85:65:48:e6:ff:45:51
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

10-12-2014 00:00

Not After

10-12-2034 00:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

33:00:00:00:61:c8:8b:12:9c:2a:7f:1d:87:00:00:00:00:00:61
Certificate

Issuer

CN=Microsoft Windows Third Party Component CA 2014,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06-04-2023 19:16

Not After

03-04-2024 19:16

Subject

CN=Microsoft Windows Hardware Compatibility Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

33:00:00:00:0d:69:0d:5d:78:93:d0:76:df:00:00:00:00:00:0d
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

15-10-2014 20:31

Not After

15-10-2029 20:41

Subject

CN=Microsoft Windows Third Party Component CA 2014,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

53:cb:18:d7:44:86:bc:0a:a8:7a:39:88:cf:f5:f4:1f:fd:be:4b:90:5f:c1:16:bc:18:b7:43:b3:01:f0:99:1c
Signer

Actual PE Digest

53:cb:18:d7:44:86:bc:0a:a8:7a:39:88:cf:f5:f4:1f:fd:be:4b:90:5f:c1:16:bc:18:b7:43:b3:01:f0:99:1c

Digest Algorithm

sha256

PE Digest Matches

true

53:cb:18:d7:44:86:bc:0a:a8:7a:39:88:cf:f5:f4:1f:fd:be:4b:90:5f:c1:16:bc:18:b7:43:b3:01:f0:99:1c
Signer

Actual PE Digest

53:cb:18:d7:44:86:bc:0a:a8:7a:39:88:cf:f5:f4:1f:fd:be:4b:90:5f:c1:16:bc:18:b7:43:b3:01:f0:99:1c

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_FORCE_INTEGRITY

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\SpyShelter\backend\bin\drv\SpyShelter.pdb

Imports

ntoskrnl.exe

ObfDereferenceObject

RtlPrefixUnicodeString

PsGetProcessId

IoVolumeDeviceToDosName

IoThreadToProcess

ObQueryNameString

IoFileObjectType

RtlSetDaclSecurityDescriptor

KeInitializeEvent

_vsnprintf

KeEnterCriticalRegion

KeLeaveCriticalRegion

ExAcquireFastMutexUnsafe

ExReleaseFastMutexUnsafe

RtlInitializeGenericTableAvl

RtlInsertElementGenericTableAvl

RtlDeleteElementGenericTableAvl

RtlLookupElementGenericTableAvl

RtlGetElementGenericTableAvl

RtlIsGenericTableEmptyAvl

RtlUnicodeStringToInteger

MmGetSystemRoutineAddress

RtlCompareUnicodeString

RtlGetVersion

IofCompleteRequest

IoCreateDevice

IoCreateSymbolicLink

IoDeleteDevice

IoDeleteSymbolicLink

PsSetCreateProcessNotifyRoutineEx

ZwTerminateProcess

ZwOpenProcess

RtlUpcaseUnicodeChar

RtlFreeUnicodeString

IoGetTopLevelIrp

RtlDuplicateUnicodeString

ObReferenceObjectByHandle

PsReferencePrimaryToken

PsDereferencePrimaryToken

PsLookupProcessByProcessId

ObOpenObjectByPointer

ZwQueryInformationToken

ZwQueryInformationProcess

PsProcessType

SeTokenObjectType

ZwDeleteValueKey

ZwEnumerateValueKey

ZwSetValueKey

RtlUpcaseUnicodeString

RtlCopyUnicodeString

ExInitializeResourceLite

ExAcquireResourceExclusiveLite

ExReleaseResourceLite

ExDeleteResourceLite

ZwQueryValueKey

RtlDowncaseUnicodeString

wcschr

ExGetPreviousMode

CmRegisterCallback

CmUnRegisterCallback

FsRtlIsNameInExpression

_vsnwprintf

ZwCreateKey

KeSetEvent

KeDelayExecutionThread

KeWaitForSingleObject

PsCreateSystemThread

PsTerminateSystemThread

ZwQueryInformationThread

KeInitializeSpinLock

RtlAppendUnicodeToString

RtlAppendUnicodeStringToString

RtlEqualUnicodeString

_wcsnicmp

wcsrchr

ZwReadFile

ZwQueryInformationFile

ZwCreateFile

ZwClose

PsGetVersion

RtlInitUnicodeString

PsGetCurrentProcessId

ExFreePoolWithTag

ExAllocatePoolWithTag

KeGetCurrentIrql

ExReleaseFastMutex

ExAcquireFastMutex

KeBugCheckEx

KeReleaseSpinLock

RtlConvertSidToUnicodeString

KeAcquireSpinLockRaiseToDpc

_stricmp

_wcsicmp

KeQueryTimeIncrement

ZwOpenSymbolicLinkObject

ZwQuerySymbolicLinkObject

RtlEqualSid

SeQueryInformationToken

ZwOpenDirectoryObject

ZwQuerySystemInformation

PsGetProcessImageFileName

PsGetProcessInheritedFromUniqueProcessId

PsGetCurrentProcessSessionId

fltmgr.sys

FltFreeSecurityDescriptor

FltBuildDefaultSecurityDescriptor

FltSendMessage

FltCloseClientPort

FltCloseCommunicationPort

FltCreateCommunicationPort

FltObjectDereference

FltGetVolumeFromFileObject

FltReleaseContext

FltGetVolumeContext

FltSetVolumeContext

FltAllocateContext

FltClose

FltCreateFile

FltIsDirectory

FltGetDestinationFileNameInformation

FltParseFileNameInformation

FltReleaseFileNameInformation

FltGetFileNameInformationUnsafe

FltGetFileNameInformation

FltStartFiltering

FltUnregisterFilter

FltRegisterFilter

Sections

.text
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

INIT
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 360B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

data/app.so

.elf linux x64

data/flutter_assets/AssetManifest.bin

data/flutter_assets/AssetManifest.json

data/flutter_assets/FontManifest.json

data/flutter_assets/NOTICES.Z

.gz

NOTICES.Z

data/flutter_assets/assets/fonts/NotoSansMono-Bold.ttf

data/flutter_assets/assets/fonts/NotoSansMono-Light.ttf

data/flutter_assets/assets/fonts/NotoSansMono-Medium.ttf

data/flutter_assets/assets/fonts/NotoSansMono-Regular.ttf

data/flutter_assets/assets/fonts/Roboto-Bold.ttf

data/flutter_assets/assets/fonts/Roboto-Light.ttf

data/flutter_assets/assets/fonts/Roboto-Medium.ttf

data/flutter_assets/assets/fonts/Roboto-Regular.ttf

data/flutter_assets/assets/images/dialogs/activation/radar_animation_day.json

data/flutter_assets/assets/images/dialogs/activation/radar_animation_night.json

data/flutter_assets/assets/images/license/FREE.svg

data/flutter_assets/assets/images/license/PRO.svg

data/flutter_assets/assets/images/license/TRIAL.svg

data/flutter_assets/assets/images/license/ULTIMATE.svg

data/flutter_assets/assets/images/main/app_icon.svg

data/flutter_assets/assets/images/main/bell-off.svg

data/flutter_assets/assets/images/main/bell.svg

data/flutter_assets/assets/images/main/calculator_icon.png

.png

data/flutter_assets/assets/images/main/checked_icon.svg

data/flutter_assets/assets/images/main/chevron_down.svg

data/flutter_assets/assets/images/main/chevron_left.svg

data/flutter_assets/assets/images/main/chevron_right.svg

data/flutter_assets/assets/images/main/chevron_up.svg

data/flutter_assets/assets/images/main/clock.svg

data/flutter_assets/assets/images/main/clock_small.svg

data/flutter_assets/assets/images/main/close_icon.svg

data/flutter_assets/assets/images/main/collapse_icon.svg

data/flutter_assets/assets/images/main/copy_icon.svg

data/flutter_assets/assets/images/main/default_app_icon.png

.png

data/flutter_assets/assets/images/main/driver_icon.svg

data/flutter_assets/assets/images/main/dropdown_arrow_icon.svg

data/flutter_assets/assets/images/main/dropdown_bold_arrow_icon.svg

data/flutter_assets/assets/images/main/expand_icon.svg

data/flutter_assets/assets/images/main/fi_flag.svg

data/flutter_assets/assets/images/main/fi_user.svg

data/flutter_assets/assets/images/main/folder_icon.png

.png

data/flutter_assets/assets/images/main/folder_icon.svg

data/flutter_assets/assets/images/main/info.svg

data/flutter_assets/assets/images/main/maximize_icon.svg

data/flutter_assets/assets/images/main/medium_close_icon.svg

data/flutter_assets/assets/images/main/minimize_icon.svg

data/flutter_assets/assets/images/main/plus.svg

data/flutter_assets/assets/images/main/quarantine.svg

data/flutter_assets/assets/images/main/radio_button_point.svg

data/flutter_assets/assets/images/main/search_icon.svg

data/flutter_assets/assets/images/main/settings.svg

data/flutter_assets/assets/images/main/small_close_icon.svg

data/flutter_assets/assets/images/main/sps_app_icon_with_shadow.png

.png

data/flutter_assets/assets/images/main/sps_app_icon_with_shadow_big.png

.png

data/flutter_assets/assets/images/main/spy_shelter_title.svg

data/flutter_assets/assets/images/main/switcher_check_icon.svg

data/flutter_assets/assets/images/main/terminate_icon.svg

data/flutter_assets/assets/images/main/update.svg

data/flutter_assets/assets/images/main_menu/about.svg

data/flutter_assets/assets/images/main_menu/activate.svg

data/flutter_assets/assets/images/main_menu/forum.svg

data/flutter_assets/assets/images/main_menu/help.svg

data/flutter_assets/assets/images/main_menu/purchase.svg

data/flutter_assets/assets/images/main_menu/site.svg

data/flutter_assets/assets/images/settings/clock.svg

data/flutter_assets/assets/images/settings/command_line.svg

data/flutter_assets/assets/images/settings/launch_alert.svg

data/flutter_assets/assets/images/settings/moon.svg

data/flutter_assets/assets/images/settings/power.svg

data/flutter_assets/assets/images/settings/refresh.svg

data/flutter_assets/assets/images/taskbar/attention_overlay_icon.ico

data/flutter_assets/assets/images/tray/app_icon.ico

data/flutter_assets/assets/images/tray/app_icon_with_attention.ico

data/flutter_assets/assets/images/views/activity_page/terminal_icon.svg

data/flutter_assets/assets/images/views/events_page/fi_eye-off.svg

data/flutter_assets/assets/images/views/events_page/fi_eye.svg

data/flutter_assets/assets/images/views/page_buttons/activity_normal_icon.svg

data/flutter_assets/assets/images/views/page_buttons/activity_selected_icon.svg

data/flutter_assets/assets/images/views/page_buttons/alerts_normal_icon.svg

data/flutter_assets/assets/images/views/page_buttons/alerts_selected_icon.svg

data/flutter_assets/assets/images/views/page_buttons/default_normal_icon.svg

data/flutter_assets/assets/images/views/page_buttons/default_selected_icon.svg

data/flutter_assets/assets/images/views/page_buttons/frame.svg

data/flutter_assets/assets/images/views/page_buttons/protection_off_normal_icon.svg

data/flutter_assets/assets/images/views/page_buttons/protection_off_selected_icon.svg

data/flutter_assets/assets/images/views/page_buttons/protection_on_normal_icon.svg

data/flutter_assets/assets/images/views/page_buttons/protection_on_selected_icon.svg

data/flutter_assets/assets/images/views/page_buttons/rules_normal_icon.svg

data/flutter_assets/assets/images/views/page_buttons/rules_selected_icon.svg

data/flutter_assets/assets/images/views/protection_page/fi_bell-off.svg

data/flutter_assets/assets/images/views/protection_page/fi_camera.svg

data/flutter_assets/assets/images/views/protection_page/fi_exe.svg

data/flutter_assets/assets/images/views/protection_page/fi_file.svg

data/flutter_assets/assets/images/views/protection_page/fi_keyboard.svg

data/flutter_assets/assets/images/views/protection_page/fi_lock.svg

data/flutter_assets/assets/images/views/protection_page/fi_private_file.svg

data/flutter_assets/assets/images/views/protection_page/fi_registry.svg

data/flutter_assets/assets/images/views/protection_page/fi_registry_key.svg

data/flutter_assets/assets/images/views/protection_page/fi_shield.svg

data/flutter_assets/assets/images/views/protection_page/fi_sys_insights.svg

data/flutter_assets/assets/images/views/protection_page/fi_sys_integrity.svg

data/flutter_assets/assets/images/views/protection_page/free_mode.svg

data/flutter_assets/assets/images/views/protection_page/mode_all_off.svg

data/flutter_assets/assets/images/views/protection_page/mode_custom.svg

data/flutter_assets/assets/images/views/protection_page/mode_do_not_disturb.svg

data/flutter_assets/assets/images/views/protection_page/mode_easy.svg

data/flutter_assets/assets/images/views/protection_page/mode_eye.svg

data/flutter_assets/assets/images/views/protection_page/mode_suspicious.svg

data/flutter_assets/assets/images/views/protection_page/popup_illustration.svg

data/flutter_assets/assets/images/views/protection_page/popup_illustration_2.svg

data/flutter_assets/assets/images/views/rules_page/dot.svg

data/flutter_assets/assets/images/views/rules_page/driver.svg

data/flutter_assets/assets/images/views/rules_page/driver_deny.svg

data/flutter_assets/assets/images/views/rules_page/file.svg

data/flutter_assets/assets/images/views/rules_page/file_deny.svg

data/flutter_assets/assets/images/views/rules_page/file_private.svg

data/flutter_assets/assets/images/views/rules_page/file_private_deny.svg

data/flutter_assets/assets/images/views/rules_page/injection.svg

data/flutter_assets/assets/images/views/rules_page/injection_deny.svg

data/flutter_assets/assets/images/views/rules_page/launch.svg

data/flutter_assets/assets/images/views/rules_page/more.svg

data/flutter_assets/assets/images/views/rules_page/quarantine.svg

data/flutter_assets/assets/images/views/rules_page/registry.svg

data/flutter_assets/assets/images/views/rules_page/registry_deny.svg

data/flutter_assets/assets/images/views/rules_page/rules.svg

data/flutter_assets/assets/images/views/rules_page/thumbs_up.svg

data/flutter_assets/fonts/MaterialIcons-Regular.otf

data/flutter_assets/packages/fluttertoast/assets/toastify.css

data/flutter_assets/packages/fluttertoast/assets/toastify.js

.js

data/flutter_assets/shaders/ink_sparkle.frag

data/icudtl.dat

eula.txt

flutter_desktop_sleep_plugin.dll

.dll windows:6 windows x64 arch:x64

6daad4bdfc15111bc0449638069e82e9

Code Sign

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

Issuer

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Not Before

28-07-2020 00:00

Not After

28-07-2030 00:00

Subject

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

5b:dd:95:4a:de:3f:c7:2a:53:11:2b:d7
Certificate

Issuer

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Not Before

20-10-2022 16:26

Not After

20-10-2025 16:26

Subject

SERIALNUMBER=0800764913,CN=SpyShelter (Netmeetings LLC),O=SpyShelter (Netmeetings LLC),STREET=3006 BEE CAVES RD STE D202,L=AUSTIN,ST=TEXAS,C=US,1.3.6.1.4.1.311.60.2.1.2=#13055445584153,1.3.6.1.4.1.311.60.2.1.3=#13025553,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

01:b2:8b:d4:cf:ee:ee:0d:be:d0:b3:0d:9b:f8:43:6a
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Not Before

06-04-2022 07:45

Not After

08-05-2033 07:45

Subject

CN=Globalsign TSA for CodeSign1 - R6,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

20-06-2018 00:00

Not After

10-12-2034 00:00

Subject

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

45:e6:bb:03:83:33:c3:85:65:48:e6:ff:45:51
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

10-12-2014 00:00

Not After

10-12-2034 00:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

73:87:65:e6:a7:89:a7:e4:0b:02:32:3f:80:5d:47:3d:b3:5b:85:4f:77:76:a3:f6:42:09:2e:ff:99:02:56:d8
Signer

Actual PE Digest

73:87:65:e6:a7:89:a7:e4:0b:02:32:3f:80:5d:47:3d:b3:5b:85:4f:77:76:a3:f6:42:09:2e:ff:99:02:56:d8

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

Imports

flutter_windows

FlutterDesktopPluginRegistrarGetView

FlutterDesktopTextureRegistrarMarkExternalTextureFrameAvailable

FlutterDesktopTextureRegistrarUnregisterExternalTexture

FlutterDesktopTextureRegistrarRegisterExternalTexture

FlutterDesktopMessengerUnlock

FlutterDesktopMessengerLock

FlutterDesktopMessengerIsAvailable

FlutterDesktopMessengerRelease

FlutterDesktopMessengerAddRef

FlutterDesktopMessengerSetCallback

FlutterDesktopMessengerSendResponse

FlutterDesktopMessengerSendWithReply

FlutterDesktopMessengerSend

FlutterDesktopRegistrarGetTextureRegistrar

FlutterDesktopPluginRegistrarGetMessenger

FlutterDesktopPluginRegistrarSetDestructionHandler

kernel32

InitializeSListHead

DisableThreadLibraryCalls

GetSystemTimeAsFileTime

GetCurrentThreadId

GetCurrentProcessId

QueryPerformanceCounter

TerminateProcess

GetCurrentProcess

IsProcessorFeaturePresent

SetUnhandledExceptionFilter

UnhandledExceptionFilter

IsDebuggerPresent

RtlVirtualUnwind

RtlLookupFunctionEntry

RtlCaptureContext

VerSetConditionMask

VerifyVersionInfoW

AcquireSRWLockExclusive

SleepConditionVariableSRW

WakeAllConditionVariable

ReleaseSRWLockExclusive

user32

GetWindowLongPtrW

SetWindowLongPtrW

DestroyWindow

GetActiveWindow

msvcp140

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z

?_Xlength_error@std@@YAXPEBD@Z

?_Raise_handler@std@@3P6AXAEBVexception@stdext@@@ZEA

?good@ios_base@std@@QEBA_NXZ

?flags@ios_base@std@@QEBAHXZ

?width@ios_base@std@@QEBA_JXZ

?width@ios_base@std@@QEAA_J_J@Z

??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ

??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ

?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z

?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z

?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ

?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ

?pbase@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ

?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ

?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ

?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXH@Z

?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD00@Z

?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ

?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD0@Z

?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD00@Z

?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ

??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ

?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z

?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ

?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ

?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADXZ

?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z

??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ

??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z

??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ

?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z

?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z

?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ

?_Xbad_function_call@std@@YAXXZ

?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z

?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ

?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z

?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z

?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z

?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ

?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ

?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ

?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ

?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A

vcruntime140

memcpy

memmove

memset

__std_type_info_compare

__C_specific_handler

__std_exception_copy

__std_exception_destroy

_CxxThrowException

__std_type_info_destroy_list

__std_terminate

memcmp

vcruntime140_1

__CxxFrameHandler4

api-ms-win-crt-runtime-l1-1-0

_register_onexit_function

_execute_onexit_table

_initialize_onexit_table

_cexit

_initterm

_initterm_e

_initialize_narrow_environment

_configure_narrow_argv

_crt_atexit

_invalid_parameter_noinfo_noreturn

_seh_filter_dll

_invoke_watson

api-ms-win-crt-heap-l1-1-0

malloc

free

_callnewh

Exports

FlutterDesktopSleepPluginCApiRegisterWithRegistrar

Sections

.text
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 412B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

flutter_windows.dll

.dll windows:5 windows x64 arch:x64

bb2dcca7fc72028a48c5540107f3e1ab

Code Sign

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

Issuer

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Not Before

28-07-2020 00:00

Not After

28-07-2030 00:00

Subject

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

5b:dd:95:4a:de:3f:c7:2a:53:11:2b:d7
Certificate

Issuer

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Not Before

20-10-2022 16:26

Not After

20-10-2025 16:26

Subject

SERIALNUMBER=0800764913,CN=SpyShelter (Netmeetings LLC),O=SpyShelter (Netmeetings LLC),STREET=3006 BEE CAVES RD STE D202,L=AUSTIN,ST=TEXAS,C=US,1.3.6.1.4.1.311.60.2.1.2=#13055445584153,1.3.6.1.4.1.311.60.2.1.3=#13025553,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

01:b2:8b:d4:cf:ee:ee:0d:be:d0:b3:0d:9b:f8:43:6a
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Not Before

06-04-2022 07:45

Not After

08-05-2033 07:45

Subject

CN=Globalsign TSA for CodeSign1 - R6,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

20-06-2018 00:00

Not After

10-12-2034 00:00

Subject

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

45:e6:bb:03:83:33:c3:85:65:48:e6:ff:45:51
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

10-12-2014 00:00

Not After

10-12-2034 00:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

85:b3:c8:c1:f2:f6:12:2d:57:a2:f3:3c:b2:24:03:5c:ce:37:7d:4f:8a:0a:89:46:c9:2f:38:5d:db:db:53:d6
Signer

Actual PE Digest

85:b3:c8:c1:f2:f6:12:2d:57:a2:f3:3c:b2:24:03:5c:ce:37:7d:4f:8a:0a:89:46:c9:2f:38:5d:db:db:53:d6

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

C:\b\s\w\ir\cache\builder\src\out\host_release\flutter_windows.dll.pdb

Imports

advapi32

RegOpenKeyExW

RegCloseKey

RegGetValueW

RegNotifyChangeKeyValue

RegQueryInfoKeyW

RegEnumKeyExW

SystemFunction036

RegDeleteValueW

RegSetValueExW

RegCreateKeyExW

RegDeleteKeyW

iphlpapi

GetAdaptersAddresses

ole32

CoCreateInstance

CoTaskMemFree

CoTaskMemAlloc

CoTaskMemRealloc

oleaut32

SysFreeString

SysStringLen

SafeArrayCreateVector

SafeArrayPutElement

VariantCopy

LoadTypeLi

SafeArrayGetDim

VarUI4FromStr

SafeArrayGetLBound

SafeArrayGetUBound

VariantClear

LoadRegTypeLi

VarBstrCmp

SafeArrayDestroy

SafeArrayAccessData

SafeArrayUnaccessData

SysAllocString

VariantInit

SysAllocStringLen

SafeArrayGetVartype

psapi

GetProcessMemoryInfo

EnumProcessModules

shlwapi

PathIsRelativeW

rpcrt4

UuidCreateSequential

UuidToStringW

RpcStringFreeW

winmm

timeEndPeriod

timeBeginPeriod

ws2_32

connect

getaddrinfo

recv

send

shutdown

closesocket

socket

setsockopt

WSAIoctl

WSARecv

WSASend

ioctlsocket

WSARecvFrom

gethostname

htons

ntohs

WSAAddressToStringW

WSAStartup

getsockname

getpeername

getnameinfo

InetPtonW

InetNtopW

bind

listen

WSASocketW

freeaddrinfo

getsockopt

WSAGetLastError

WSASendTo

WSASetLastError

imm32

ImmGetCompositionStringW

ImmReleaseContext

ImmSetCompositionWindow

ImmSetCompositionStringW

ImmNotifyIME

ImmGetContext

ImmSetCandidateWindow

user32

KillTimer

PostMessageW

GetSysColor

SetClipboardData

UnregisterClassA

GetClipboardData

IsClipboardFormatAvailable

OpenClipboard

CloseClipboard

MessageBeep

GetKeyState

CloseTouchInputHandle

GetTouchInputInfo

DestroyCaret

ReleaseCapture

CreateCaret

SetCapture

GetMessageExtraInfo

DefWindowProcW

RegisterTouchWindow

SetWindowLongPtrW

SendMessageW

MapVirtualKeyW

PeekMessageW

RegisterClassW

GetFocus

TrackMouseEvent

ScreenToClient

GetCursorPos

SetCursor

IsWindowVisible

DestroyWindow

SetTimer

SetUserObjectInformationA

CreateWindowExW

LoadCursorW

SystemParametersInfoW

ClientToScreen

MonitorFromPoint

MonitorFromWindow

UnregisterClassW

CreateIconIndirect

ReleaseDC

GetDC

IsWindow

GetClassInfoW

GetClientRect

WindowFromDC

GetWindowThreadProcessId

IsIconic

InvalidateRect

CreateWindowExA

SetCaretPos

PostQuitMessage

EnumThreadWindows

GetParent

CharNextW

GetWindowLongPtrW

NotifyWinEvent

EmptyClipboard

gdi32

DescribePixelFormat

SetPixelFormat

ChoosePixelFormat

SwapBuffers

GetPixelFormat

SetDIBitsToDevice

GetDeviceCaps

DeleteDC

SetPixel

GetPixel

SelectObject

CreateCompatibleBitmap

GetObjectW

CreateCompatibleDC

CreateDIBSection

DeleteObject

opengl32

wglGetCurrentContext

wglGetProcAddress

bcrypt

BCryptGenRandom

ntdll

RtlUnwindEx

RtlUnwind

VerSetConditionMask

oleacc

LresultFromObject

uiautomationcore

UiaRaiseAutomationEvent

UiaRaiseAutomationPropertyChangedEvent

UiaGetReservedNotSupportedValue

UiaGetReservedMixedAttributeValue

UiaHostProviderFromHwnd

propsys

VariantCompare

dxgi

CreateDXGIFactory1

CreateDXGIFactory

d3d9

D3DPERF_SetMarker

D3DPERF_GetStatus

Direct3DCreate9

D3DPERF_EndEvent

D3DPERF_BeginEvent

kernel32

InitializeCriticalSectionEx

RtlPcToFileHeader

GetStringTypeW

InitOnceComplete

InitOnceBeginInitialize

GetExitCodeThread

SwitchToThread

GetFileInformationByHandleEx

FindFirstFileExW

GetStartupInfoW

IsProcessorFeaturePresent

UnhandledExceptionFilter

RtlVirtualUnwind

RtlLookupFunctionEntry

RtlCaptureContext

InitializeSListHead

GetEnvironmentVariableW

SetEnvironmentVariableW

EncodePointer

LCMapStringEx

FlsAlloc

FlsGetValue

FlsSetValue

FlsFree

GetModuleHandleExW

LoadLibraryExA

GetModuleHandleExA

GetModuleHandleA

LocaleNameToLCID

lstrcmpiW

SizeofResource

LoadResource

FindResourceW

SleepConditionVariableSRW

VirtualQuery

TlsFree

CreatePipe

SetEvent

LoadLibraryExW

QueryPerformanceFrequency

WakeAllConditionVariable

WakeConditionVariable

SleepConditionVariableCS

TryAcquireSRWLockExclusive

SetFileTime

DeviceIoControl

MoveFileW

CopyFileExW

CreateSymbolicLinkW

VirtualFree

VirtualProtect

SetFilePointerEx

VirtualAlloc

SetFileAttributesW

MoveFileExW

GetConsoleScreenBufferInfo

GetExitCodeProcess

CreateNamedPipeW

TerminateProcess

OpenProcess

WaitForMultipleObjects

CreateProcessW

FreeEnvironmentStringsW

GetEnvironmentStringsW

GetUserDefaultLocaleName

SetUnhandledExceptionFilter

SetCurrentDirectoryW

GetCurrentDirectoryW

GetQueuedCompletionStatus

ReadDirectoryChangesW

PostQueuedCompletionStatus

GetFileType

OpenThread

CancelIoEx

CreateIoCompletionPort

SetStdHandle

SetConsoleMode

GetConsoleMode

GetStdHandle

SetConsoleCP

CompareStringEx

GetCPInfo

InterlockedPushEntrySList

InterlockedFlushSList

CreateThread

ExitThread

FreeLibraryAndExitThread

GetDriveTypeW

PeekNamedPipe

ReadConsoleW

TzSpecificLocalTimeToSystemTime

GetDateFormatW

GetTimeFormatW

CompareStringW

LCMapStringW

GetLocaleInfoW

IsValidLocale

GetUserDefaultLCID

EnumSystemLocalesW

IsValidCodePage

GetACP

GetOEMCP

GetCommandLineA

InitializeConditionVariable

GetTempFileNameA

SetConsoleOutputCP

GetConsoleOutputCP

SetConsoleCtrlHandler

GetFinalPathNameByHandleA

LeaveCriticalSection

EnterCriticalSection

InitializeCriticalSection

GetProcessHeap

WaitForSingleObjectEx

WriteFile

UnlockFileEx

SystemTimeToFileTime

Sleep

QueryPerformanceCounter

LockFileEx

HeapSize

HeapReAlloc

HeapFree

HeapAlloc

GetTempPathA

GetSystemInfo

InitializeCriticalSectionAndSpinCount

GetLastError

FormatMessageW

DecodePointer

DeleteCriticalSection

LoadLibraryA

GetProcAddress

CreateEventW

RegisterWaitForSingleObject

ResetEvent

UnregisterWait

CloseHandle

OutputDebugStringW

LocalFree

GetCurrentProcess

GetModuleHandleW

GetCurrentThread

SetThreadPriority

GlobalAlloc

GlobalFree

GlobalLock

GlobalUnlock

GetLocaleInfoEx

GetCurrentThreadId

GetCurrentProcessId

CreateToolhelp32Snapshot

Thread32Next

Thread32First

FormatMessageA

GetThreadPreferredUILanguages

CreateSemaphoreW

WaitForSingleObject

ReleaseSemaphore

RaiseException

GetCommandLineW

WideCharToMultiByte

GetTempPathW

CreateDirectoryW

CreateFileW

DuplicateHandle

GetFileInformationByHandle

GetFileAttributesW

RemoveDirectoryW

DeleteFileW

SetFilePointer

SetEndOfFile

FlushViewOfFile

FlushFileBuffers

FindFirstFileW

FindNextFileW

FindClose

GetFinalPathNameByHandleW

GetFileSize

CreateFileMappingW

MapViewOfFile

UnmapViewOfFile

CreateWaitableTimerW

VerifyVersionInfoW

SetWaitableTimer

LoadLibraryW

FreeLibrary

GetModuleFileNameW

FileTimeToSystemTime

SystemTimeToTzSpecificLocalTime

GetTimeZoneInformation

GetSystemTimeAsFileTime

CreateFileA

IsDebuggerPresent

GetNativeSystemInfo

MultiByteToWideChar

OutputDebugStringA

GetFileSizeEx

ReadFile

ExitProcess

InitOnceExecuteOnce

InitializeSRWLock

AcquireSRWLockShared

AcquireSRWLockExclusive

ReleaseSRWLockShared

ReleaseSRWLockExclusive

TlsGetValue

TlsAlloc

SetLastError

TlsSetValue

AreFileApisANSI

GetFileAttributesExW

GetFullPathNameW

WriteConsoleW

crypt32

CertEnumCertificatesInStore

CertFreeCertificateContext

CertCloseStore

CertOpenStore

Exports

FlutterDesktopEngineCreate

FlutterDesktopEngineDestroy

FlutterDesktopEngineGetMessenger

FlutterDesktopEngineGetPluginRegistrar

FlutterDesktopEngineGetTextureRegistrar

FlutterDesktopEngineProcessExternalWindowMessage

FlutterDesktopEngineProcessMessages

FlutterDesktopEngineReloadSystemFonts

FlutterDesktopEngineRun

FlutterDesktopEngineSetNextFrameCallback

FlutterDesktopGetDpiForHWND

FlutterDesktopGetDpiForMonitor

FlutterDesktopMessengerAddRef

FlutterDesktopMessengerIsAvailable

FlutterDesktopMessengerLock

FlutterDesktopMessengerRelease

FlutterDesktopMessengerSend

FlutterDesktopMessengerSendResponse

FlutterDesktopMessengerSendWithReply

FlutterDesktopMessengerSetCallback

FlutterDesktopMessengerUnlock

FlutterDesktopPluginRegistrarGetMessenger

FlutterDesktopPluginRegistrarGetView

FlutterDesktopPluginRegistrarRegisterTopLevelWindowProcDelegate

FlutterDesktopPluginRegistrarSetDestructionHandler

FlutterDesktopPluginRegistrarUnregisterTopLevelWindowProcDelegate

FlutterDesktopRegistrarGetTextureRegistrar

FlutterDesktopResyncOutputStreams

FlutterDesktopTextureRegistrarMarkExternalTextureFrameAvailable

FlutterDesktopTextureRegistrarRegisterExternalTexture

FlutterDesktopTextureRegistrarUnregisterExternalTexture

FlutterDesktopViewControllerCreate

FlutterDesktopViewControllerDestroy

FlutterDesktopViewControllerForceRedraw

FlutterDesktopViewControllerGetEngine

FlutterDesktopViewControllerGetView

FlutterDesktopViewControllerHandleTopLevelWindowProc

FlutterDesktopViewGetGraphicsAdapter

FlutterDesktopViewGetHWND

Sections

.text
Size: 13.6MB - Virtual size: 13.6MB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 2.8MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 397KB - Virtual size: 476KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.pdata
Size: 451KB - Virtual size: 451KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 135KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

license.txt

msvcp140.dll

.dll windows:6 windows x64 arch:x64

7be75bce9bc33e1e12ce35a06ab9327d

Code Sign

33:00:00:00:e7:1a:a6:e3:0b:5e:b4:0a:54:00:00:00:00:00:e7
Certificate

Issuer

CN=Microsoft Windows Third Party Component CA 2013,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

02-02-2023 22:33

Not After

31-01-2024 22:33

Subject

CN=Microsoft Windows Software Compatibility Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

33:00:00:00:14:9d:fb:c3:1f:1f:63:c3:10:00:00:00:00:00:14
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

01-05-2013 20:44

Not After

01-05-2028 20:54

Subject

CN=Microsoft Windows Third Party Component CA 2013,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

33:00:00:03:3e:63:3a:86:bf:41:73:d7:e0:00:00:00:00:03:3e
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16-02-2023 20:10

Not After

31-01-2024 20:10

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

5d:ba:22:eb:89:15:a9:8a:ef:df:26:29:72:03:ea:ff:de:93:59:71:6f:e0:e4:65:b0:2e:dc:e4:ba:b5:45:73
Signer

Actual PE Digest

5d:ba:22:eb:89:15:a9:8a:ef:df:26:29:72:03:ea:ff:de:93:59:71:6f:e0:e4:65:b0:2e:dc:e4:ba:b5:45:73

Digest Algorithm

sha256

PE Digest Matches

true

5d:ba:22:eb:89:15:a9:8a:ef:df:26:29:72:03:ea:ff:de:93:59:71:6f:e0:e4:65:b0:2e:dc:e4:ba:b5:45:73
Signer

Actual PE Digest

5d:ba:22:eb:89:15:a9:8a:ef:df:26:29:72:03:ea:ff:de:93:59:71:6f:e0:e4:65:b0:2e:dc:e4:ba:b5:45:73

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

D:\a\_work\1\s\binaries\amd64ret\bin\amd64\\msvcp140.amd64.pdb

Imports

vcruntime140

__current_exception_context

__C_specific_handler

memcmp

__uncaught_exceptions

__uncaught_exception

memchr

memmove

__std_terminate

_purecall

memset

memcpy

_CxxThrowException

__AdjustPointer

__current_exception

__std_exception_destroy

__std_type_info_destroy_list

__std_exception_copy

vcruntime140_1

__CxxFrameHandler4

api-ms-win-crt-heap-l1-1-0

malloc

_callnewh

calloc

free

realloc

api-ms-win-crt-runtime-l1-1-0

abort

_configure_narrow_argv

_initterm

_cexit

_initialize_narrow_environment

_invalid_parameter_noinfo_noreturn

_endthreadex

_beginthreadex

terminate

_set_new_handler

_seh_filter_dll

_initterm_e

_initialize_onexit_table

_execute_onexit_table

_crt_atexit

_register_onexit_function

_errno

api-ms-win-crt-string-l1-1-0

isdigit

isspace

isxdigit

iswxdigit

__strncnt

wcsnlen

iswspace

isupper

wcscpy_s

iswalnum

iswdigit

isalnum

islower

_wcsdup

tolower

strcspn

api-ms-win-crt-locale-l1-1-0

setlocale

__pctype_func

___lc_locale_name_func

_lock_locales

___lc_codepage_func

___mb_cur_max_func

___lc_collate_cp_func

_unlock_locales

localeconv

api-ms-win-crt-stdio-l1-1-0

fputs

fgetwc

fseek

_fsopen

_wfsopen

fputwc

ungetwc

__stdio_common_vsprintf_s

__acrt_iob_func

_get_stream_buffer_pointers

fclose

fflush

fgetc

fgetpos

fputc

fread

fsetpos

_fseeki64

fwrite

setvbuf

ungetc

api-ms-win-crt-filesystem-l1-1-0

_wremove

_wchdir

_unlock_file

_wrmdir

_wrename

_lock_file

api-ms-win-crt-time-l1-1-0

_W_Getmonths

_W_Getdays

_Gettnames

_Getmonths

_W_Gettnames

_Wcsftime

_Getdays

_Strftime

api-ms-win-crt-environment-l1-1-0

_wgetcwd

api-ms-win-crt-math-l1-1-0

ldexp

powf

log

frexp

pow

copysign

logf

copysignf

api-ms-win-crt-convert-l1-1-0

btowc

strtod

strtof

api-ms-win-crt-utility-l1-1-0

rand_s

kernel32

LeaveCriticalSection

RaiseException

CompareStringEx

MultiByteToWideChar

GetCPInfo

InitializeSListHead

WideCharToMultiByte

LCMapStringEx

GetLocaleInfoEx

ReleaseSRWLockExclusive

AcquireSRWLockExclusive

CreateDirectoryW

CreateFileW

FindClose

FindFirstFileExW

FindNextFileW

GetDiskFreeSpaceExW

GetFileAttributesExW

GetCurrentProcessId

TerminateProcess

GetCurrentProcess

SetUnhandledExceptionFilter

UnhandledExceptionFilter

IsDebuggerPresent

RtlVirtualUnwind

RtlLookupFunctionEntry

RtlCaptureContext

GetFileInformationByHandleEx

GetProcAddress

GetModuleHandleW

CloseThreadpoolWait

SetThreadpoolWait

CreateThreadpoolWait

CloseThreadpoolTimer

WaitForThreadpoolTimerCallbacks

SetThreadpoolTimer

CreateThreadpoolTimer

GetTickCount64

GetSystemTimeAsFileTime

GetCurrentProcessorNumber

FlushProcessWriteBuffers

CreateSemaphoreExW

CreateEventExW

GetTempPathW

InitOnceExecuteOnce

GetStringTypeW

DeleteCriticalSection

InitializeCriticalSectionEx

RtlPcToFileHeader

EnterCriticalSection

QueryPerformanceFrequency

QueryPerformanceCounter

GetModuleHandleExW

CloseThreadpoolWork

SubmitThreadpoolWork

CreateThreadpoolWork

FreeLibraryWhenCallbackReturns

IsProcessorFeaturePresent

RtlCaptureStackBackTrace

TryAcquireSRWLockExclusive

InitializeSRWLock

GetNativeSystemInfo

GetExitCodeThread

GetCurrentThreadId

SwitchToThread

Sleep

WaitForSingleObjectEx

SleepConditionVariableSRW

WakeAllConditionVariable

WakeConditionVariable

InitializeConditionVariable

FormatMessageA

LocalFree

DecodePointer

EncodePointer

CreateSymbolicLinkW

CreateHardLinkW

CopyFileW

GetLastError

CloseHandle

AreFileApisANSI

SetFileTime

SetFileInformationByHandle

SetFileAttributesW

GetFileInformationByHandle

Exports

??$_Getvals@_W@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IEAAX_WAEBV_Locinfo@1@@Z

??$_Getvals@_W@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IEAAX_WAEBV_Locinfo@1@@Z

??$_Getvals@_W@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IEAAX_WAEBV_Locinfo@1@@Z

??0?$_Yarn@D@std@@QEAA@AEBV01@@Z

??0?$_Yarn@D@std@@QEAA@PEBD@Z

??0?$_Yarn@D@std@@QEAA@XZ

??0?$_Yarn@G@std@@QEAA@AEBV01@@Z

??0?$_Yarn@G@std@@QEAA@PEBG@Z

??0?$_Yarn@G@std@@QEAA@XZ

??0?$_Yarn@_W@std@@QEAA@AEBV01@@Z

??0?$_Yarn@_W@std@@QEAA@PEB_W@Z

??0?$_Yarn@_W@std@@QEAA@XZ

??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ

??0?$basic_ios@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z

??0?$basic_ios@GU?$char_traits@G@std@@@std@@IEAA@XZ

??0?$basic_ios@GU?$char_traits@G@std@@@std@@QEAA@PEAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z

??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IEAA@XZ

??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z

??0?$basic_iostream@DU?$char_traits@D@std@@@std@@IEAA@$$QEAV01@@Z

??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z

??0?$basic_iostream@GU?$char_traits@G@std@@@std@@IEAA@$$QEAV01@@Z

??0?$basic_iostream@GU?$char_traits@G@std@@@std@@QEAA@PEAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z

??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@IEAA@$$QEAV01@@Z

??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z

??0?$basic_istream@DU?$char_traits@D@std@@@std@@IEAA@$$QEAV01@@Z

??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N1@Z

??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z

??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@W4_Uninitialized@1@@Z

??0?$basic_istream@GU?$char_traits@G@std@@@std@@IEAA@$$QEAV01@@Z

??0?$basic_istream@GU?$char_traits@G@std@@@std@@QEAA@PEAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N1@Z

??0?$basic_istream@GU?$char_traits@G@std@@@std@@QEAA@PEAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N@Z

??0?$basic_istream@GU?$char_traits@G@std@@@std@@QEAA@W4_Uninitialized@1@@Z

??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@IEAA@$$QEAV01@@Z

??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N1@Z

??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z

??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAA@W4_Uninitialized@1@@Z

??0?$basic_ostream@DU?$char_traits@D@std@@@std@@IEAA@$$QEAV01@@Z

??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z

??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@W4_Uninitialized@1@_N@Z

??0?$basic_ostream@GU?$char_traits@G@std@@@std@@IEAA@$$QEAV01@@Z

??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAA@PEAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N@Z

??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAA@W4_Uninitialized@1@_N@Z

??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@IEAA@$$QEAV01@@Z

??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z

??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAA@W4_Uninitialized@1@_N@Z

??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@AEBV01@@Z

??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@W4_Uninitialized@1@@Z

??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ

??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAA@AEBV01@@Z

??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAA@W4_Uninitialized@1@@Z

??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAA@XZ

??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAA@AEBV01@@Z

??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAA@W4_Uninitialized@1@@Z

??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAA@XZ

??0?$codecvt@DDU_Mbstatet@@@std@@QEAA@AEBV_Locinfo@1@_K@Z

??0?$codecvt@DDU_Mbstatet@@@std@@QEAA@_K@Z

??0?$codecvt@GDU_Mbstatet@@@std@@QEAA@AEBV_Locinfo@1@_K@Z

??0?$codecvt@GDU_Mbstatet@@@std@@QEAA@_K@Z

??0?$codecvt@_SDU_Mbstatet@@@std@@QEAA@AEBV_Locinfo@1@KW4_Codecvt_mode@1@_K@Z

??0?$codecvt@_SDU_Mbstatet@@@std@@QEAA@AEBV_Locinfo@1@_K@Z

??0?$codecvt@_SDU_Mbstatet@@@std@@QEAA@_K@Z

??0?$codecvt@_UDU_Mbstatet@@@std@@QEAA@AEBV_Locinfo@1@KW4_Codecvt_mode@1@_K@Z

??0?$codecvt@_UDU_Mbstatet@@@std@@QEAA@AEBV_Locinfo@1@_K@Z

??0?$codecvt@_UDU_Mbstatet@@@std@@QEAA@_K@Z

??0?$codecvt@_WDU_Mbstatet@@@std@@QEAA@AEBV_Locinfo@1@_K@Z

??0?$codecvt@_WDU_Mbstatet@@@std@@QEAA@_K@Z

??0?$ctype@D@std@@QEAA@AEBV_Locinfo@1@_K@Z

??0?$ctype@D@std@@QEAA@PEBF_N_K@Z

??0?$ctype@G@std@@QEAA@AEBV_Locinfo@1@_K@Z

??0?$ctype@G@std@@QEAA@_K@Z

??0?$ctype@_W@std@@QEAA@AEBV_Locinfo@1@_K@Z

??0?$ctype@_W@std@@QEAA@_K@Z

??0?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z

??0?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAA@_K@Z

??0?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z

??0?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAA@_K@Z

??0?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z

??0?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAA@_K@Z

??0?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z

??0?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAA@_K@Z

??0?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z

??0?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAA@_K@Z

??0?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z

??0?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAA@_K@Z

??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IEAA@PEBD_K@Z

??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z

??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAA@_K@Z

??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IEAA@PEBD_K@Z

??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z

??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAA@_K@Z

??0?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IEAA@PEBD_K@Z

??0?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z

??0?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAA@_K@Z

??0?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z

??0?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAA@_K@Z

??0?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IEAA@PEBD_K@Z

??0?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z

??0?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAA@_K@Z

??0?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IEAA@PEBD_K@Z

??0?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z

??0?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAA@_K@Z

??0Init@ios_base@std@@QEAA@XZ

??0_Facet_base@std@@QEAA@AEBV01@@Z

??0_Facet_base@std@@QEAA@XZ

??0_Init_locks@std@@QEAA@XZ

??0_Locimp@locale@std@@AEAA@AEBV012@@Z

??0_Locimp@locale@std@@AEAA@_N@Z

??0_Locinfo@std@@QEAA@HPEBD@Z

??0_Locinfo@std@@QEAA@PEBD@Z

??0_Lockit@std@@QEAA@H@Z

??0_Lockit@std@@QEAA@XZ

??0_Timevec@std@@QEAA@AEBV01@@Z

??0_Timevec@std@@QEAA@PEAX@Z

??0_UShinit@std@@QEAA@XZ

??0_Winit@std@@QEAA@XZ

??0codecvt_base@std@@QEAA@_K@Z

??0ctype_base@std@@QEAA@_K@Z

??0facet@locale@std@@IEAA@_K@Z

??0id@locale@std@@QEAA@_K@Z

??0ios_base@std@@IEAA@XZ

??0task_continuation_context@Concurrency@@AEAA@XZ

??0time_base@std@@QEAA@_K@Z

??1?$_Yarn@D@std@@QEAA@XZ

??1?$_Yarn@G@std@@QEAA@XZ

??1?$_Yarn@_W@std@@QEAA@XZ

??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ

??1?$basic_ios@GU?$char_traits@G@std@@@std@@UEAA@XZ

??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UEAA@XZ

??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ

??1?$basic_iostream@GU?$char_traits@G@std@@@std@@UEAA@XZ

??1?$basic_iostream@_WU?$char_traits@_W@std@@@std@@UEAA@XZ

??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ

??1?$basic_istream@GU?$char_traits@G@std@@@std@@UEAA@XZ

??1?$basic_istream@_WU?$char_traits@_W@std@@@std@@UEAA@XZ

??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ

??1?$basic_ostream@GU?$char_traits@G@std@@@std@@UEAA@XZ

??1?$basic_ostream@_WU?$char_traits@_W@std@@@std@@UEAA@XZ

??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ

??1?$basic_streambuf@GU?$char_traits@G@std@@@std@@UEAA@XZ

??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAA@XZ

??1?$codecvt@DDU_Mbstatet@@@std@@MEAA@XZ

??1?$codecvt@GDU_Mbstatet@@@std@@MEAA@XZ

??1?$codecvt@_SDU_Mbstatet@@@std@@MEAA@XZ

??1?$codecvt@_UDU_Mbstatet@@@std@@MEAA@XZ

??1?$codecvt@_WDU_Mbstatet@@@std@@MEAA@XZ

??1?$ctype@D@std@@MEAA@XZ

??1?$ctype@G@std@@MEAA@XZ

??1?$ctype@_W@std@@MEAA@XZ

??1?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MEAA@XZ

??1?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MEAA@XZ

??1?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MEAA@XZ

??1?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MEAA@XZ

??1?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MEAA@XZ

??1?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MEAA@XZ

??1?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MEAA@XZ

??1?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MEAA@XZ

??1?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MEAA@XZ

??1?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MEAA@XZ

??1?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MEAA@XZ

??1?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MEAA@XZ

??1Init@ios_base@std@@QEAA@XZ

??1_Facet_base@std@@UEAA@XZ

??1_Init_locks@std@@QEAA@XZ

??1_Locimp@locale@std@@MEAA@XZ

??1_Locinfo@std@@QEAA@XZ

??1_Lockit@std@@QEAA@XZ

??1_Timevec@std@@QEAA@XZ

??1_UShinit@std@@QEAA@XZ

??1_Winit@std@@QEAA@XZ

??1codecvt_base@std@@UEAA@XZ

??1ctype_base@std@@UEAA@XZ

??1facet@locale@std@@MEAA@XZ

??1ios_base@std@@UEAA@XZ

??1time_base@std@@UEAA@XZ

??4?$_Iosb@H@std@@QEAAAEAV01@$$QEAV01@@Z

??4?$_Iosb@H@std@@QEAAAEAV01@AEBV01@@Z

??4?$_Yarn@D@std@@QEAAAEAV01@AEBV01@@Z

??4?$_Yarn@D@std@@QEAAAEAV01@PEBD@Z

??4?$_Yarn@G@std@@QEAAAEAV01@AEBV01@@Z

??4?$_Yarn@G@std@@QEAAAEAV01@PEBG@Z

??4?$_Yarn@_W@std@@QEAAAEAV01@AEBV01@@Z

??4?$_Yarn@_W@std@@QEAAAEAV01@PEB_W@Z

??4?$basic_iostream@DU?$char_traits@D@std@@@std@@IEAAAEAV01@$$QEAV01@@Z

??4?$basic_iostream@GU?$char_traits@G@std@@@std@@IEAAAEAV01@$$QEAV01@@Z

??4?$basic_iostream@_WU?$char_traits@_W@std@@@std@@IEAAAEAV01@$$QEAV01@@Z

??4?$basic_istream@DU?$char_traits@D@std@@@std@@IEAAAEAV01@$$QEAV01@@Z

??4?$basic_istream@GU?$char_traits@G@std@@@std@@IEAAAEAV01@$$QEAV01@@Z

??4?$basic_istream@_WU?$char_traits@_W@std@@@std@@IEAAAEAV01@$$QEAV01@@Z

??4?$basic_ostream@DU?$char_traits@D@std@@@std@@IEAAAEAV01@$$QEAV01@@Z

??4?$basic_ostream@GU?$char_traits@G@std@@@std@@IEAAAEAV01@$$QEAV01@@Z

??4?$basic_ostream@_WU?$char_traits@_W@std@@@std@@IEAAAEAV01@$$QEAV01@@Z

??4?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAAEAV01@AEBV01@@Z

??4?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAAAEAV01@AEBV01@@Z

??4?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAAEAV01@AEBV01@@Z

??4Init@ios_base@std@@QEAAAEAV012@AEBV012@@Z

??4_Crt_new_delete@std@@QEAAAEAU01@$$QEAU01@@Z

??4_Crt_new_delete@std@@QEAAAEAU01@AEBU01@@Z

??4_Facet_base@std@@QEAAAEAV01@AEBV01@@Z

??4_Init_locks@std@@QEAAAEAV01@AEBV01@@Z

??4_Timevec@std@@QEAAAEAV01@AEBV01@@Z

??4_UShinit@std@@QEAAAEAV01@AEBV01@@Z

??4_Winit@std@@QEAAAEAV01@AEBV01@@Z

??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAF@Z

??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAG@Z

??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAH@Z

??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAI@Z

??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAJ@Z

??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAK@Z

??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAM@Z

??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAN@Z

??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAO@Z

??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAPEAX@Z

??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEA_J@Z

??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEA_K@Z

??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEA_N@Z

??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z

??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV?$basic_ios@DU?$char_traits@D@std@@@1@AEAV21@@Z@Z

??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z

??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z

??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEAF@Z

??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEAG@Z

??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEAH@Z

??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEAI@Z

??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEAJ@Z

??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEAK@Z

??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEAM@Z

??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEAN@Z

??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEAO@Z

??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEAPEAX@Z

??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEA_J@Z

??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEA_K@Z

??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEA_N@Z

??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z

??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@P6AAEAV?$basic_ios@GU?$char_traits@G@std@@@1@AEAV21@@Z@Z

??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z

??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@PEAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z

??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAF@Z

??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAG@Z

??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAH@Z

??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAI@Z

??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAJ@Z

??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAK@Z

??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAM@Z

??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAN@Z

??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAO@Z

??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAPEAX@Z

??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEA_J@Z

??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEA_K@Z

??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEA_N@Z

??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z

??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAV?$basic_ios@_WU?$char_traits@_W@std@@@1@AEAV21@@Z@Z

??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z

??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@F@Z

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@G@Z

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@I@Z

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@J@Z

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@K@Z

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@M@Z

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@N@Z

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@O@Z

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV?$basic_ios@DU?$char_traits@D@std@@@1@AEAV21@@Z@Z

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@PEBX@Z

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_J@Z

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_K@Z

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_N@Z

??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@F@Z

??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@G@Z

??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@H@Z

??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@I@Z

??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@J@Z

??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@K@Z

??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@M@Z

??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@N@Z

??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@O@Z

??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z

??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@P6AAEAV?$basic_ios@GU?$char_traits@G@std@@@1@AEAV21@@Z@Z

??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z

??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@PEAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z

??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@PEBX@Z

??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@_J@Z

??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@_K@Z

??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@_N@Z

??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@F@Z

??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@G@Z

??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@H@Z

??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@I@Z

??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@J@Z

??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@K@Z

??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@M@Z

??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@N@Z

??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@O@Z

??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z

??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAV?$basic_ios@_WU?$char_traits@_W@std@@@1@AEAV21@@Z@Z

??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z

??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z

??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@PEBX@Z

??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@_J@Z

??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@_K@Z

??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@_N@Z

??7ios_base@std@@QEBA_NXZ

??Bid@locale@std@@QEAA_KXZ

??Bios_base@std@@QEBA_NXZ

??_7?$basic_ios@DU?$char_traits@D@std@@@std@@6B@

??_7?$basic_ios@GU?$char_traits@G@std@@@std@@6B@

??_7?$basic_ios@_WU?$char_traits@_W@std@@@std@@6B@

??_7?$basic_iostream@DU?$char_traits@D@std@@@std@@6B@

??_7?$basic_iostream@GU?$char_traits@G@std@@@std@@6B@

??_7?$basic_iostream@_WU?$char_traits@_W@std@@@std@@6B@

??_7?$basic_istream@DU?$char_traits@D@std@@@std@@6B@

??_7?$basic_istream@GU?$char_traits@G@std@@@std@@6B@

??_7?$basic_istream@_WU?$char_traits@_W@std@@@std@@6B@

??_7?$basic_ostream@DU?$char_traits@D@std@@@std@@6B@

??_7?$basic_ostream@GU?$char_traits@G@std@@@std@@6B@

??_7?$basic_ostream@_WU?$char_traits@_W@std@@@std@@6B@

??_7?$basic_streambuf@DU?$char_traits@D@std@@@std@@6B@

??_7?$basic_streambuf@GU?$char_traits@G@std@@@std@@6B@

??_7?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@6B@

??_7?$codecvt@DDU_Mbstatet@@@std@@6B@

??_7?$codecvt@GDU_Mbstatet@@@std@@6B@

??_7?$codecvt@_SDU_Mbstatet@@@std@@6B@

??_7?$codecvt@_UDU_Mbstatet@@@std@@6B@

??_7?$codecvt@_WDU_Mbstatet@@@std@@6B@

??_7?$ctype@D@std@@6B@

??_7?$ctype@G@std@@6B@

??_7?$ctype@_W@std@@6B@

??_7?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@

??_7?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@

??_7?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@

??_7?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@

??_7?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@

??_7?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@

??_7?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@

??_7?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@

??_7?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@

??_7?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@

??_7?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@

??_7?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@

??_7_Facet_base@std@@6B@

??_7_Locimp@locale@std@@6B@

??_7codecvt_base@std@@6B@

??_7ctype_base@std@@6B@

??_7facet@locale@std@@6B@

??_7ios_base@std@@6B@

??_7time_base@std@@6B@

??_8?$basic_iostream@DU?$char_traits@D@std@@@std@@7B?$basic_istream@DU?$char_traits@D@std@@@1@@

??_8?$basic_iostream@DU?$char_traits@D@std@@@std@@7B?$basic_ostream@DU?$char_traits@D@std@@@1@@

??_8?$basic_iostream@GU?$char_traits@G@std@@@std@@7B?$basic_istream@GU?$char_traits@G@std@@@1@@

??_8?$basic_iostream@GU?$char_traits@G@std@@@std@@7B?$basic_ostream@GU?$char_traits@G@std@@@1@@

??_8?$basic_iostream@_WU?$char_traits@_W@std@@@std@@7B?$basic_istream@_WU?$char_traits@_W@std@@@1@@

??_8?$basic_iostream@_WU?$char_traits@_W@std@@@std@@7B?$basic_ostream@_WU?$char_traits@_W@std@@@1@@

??_8?$basic_istream@DU?$char_traits@D@std@@@std@@7B@

??_8?$basic_istream@GU?$char_traits@G@std@@@std@@7B@

??_8?$basic_istream@_WU?$char_traits@_W@std@@@std@@7B@

??_8?$basic_ostream@DU?$char_traits@D@std@@@std@@7B@

??_8?$basic_ostream@GU?$char_traits@G@std@@@std@@7B@

??_8?$basic_ostream@_WU?$char_traits@_W@std@@@std@@7B@

??_D?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAAXXZ

??_D?$basic_iostream@GU?$char_traits@G@std@@@std@@QEAAXXZ

??_D?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QEAAXXZ

??_D?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAXXZ

??_D?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAXXZ

??_D?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAXXZ

??_D?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ

??_D?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAXXZ

??_D?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAXXZ

??_F?$codecvt@DDU_Mbstatet@@@std@@QEAAXXZ

??_F?$codecvt@GDU_Mbstatet@@@std@@QEAAXXZ

??_F?$codecvt@_SDU_Mbstatet@@@std@@QEAAXXZ

??_F?$codecvt@_UDU_Mbstatet@@@std@@QEAAXXZ

??_F?$codecvt@_WDU_Mbstatet@@@std@@QEAAXXZ

??_F?$ctype@D@std@@QEAAXXZ

??_F?$ctype@G@std@@QEAAXXZ

??_F?$ctype@_W@std@@QEAAXXZ

??_F?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAAXXZ

??_F?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAAXXZ

??_F?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAAXXZ

??_F?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAAXXZ

??_F?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAAXXZ

??_F?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAAXXZ

??_F?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAAXXZ

??_F?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAAXXZ

??_F?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAAXXZ

??_F?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAAXXZ

??_F?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAAXXZ

??_F?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAAXXZ

??_F_Locinfo@std@@QEAAXXZ

??_F_Timevec@std@@QEAAXXZ

??_Fcodecvt_base@std@@QEAAXXZ

??_Fctype_base@std@@QEAAXXZ

??_Ffacet@locale@std@@QEAAXXZ

??_Fid@locale@std@@QEAAXXZ

??_Ftime_base@std@@QEAAXXZ

?CaptureCallstack@platform@details@Concurrency@@YA_KPEAPEAX_K1@Z

?GetCurrentThreadId@platform@details@Concurrency@@YAJXZ

?GetNextAsyncId@platform@details@Concurrency@@YAIXZ

?ReportUnhandledError@_ExceptionHolder@details@Concurrency@@AEAAXXZ

?_Addcats@_Locinfo@std@@QEAAAEAV12@HPEBD@Z

?_Addfac@_Locimp@locale@std@@AEAAXPEAVfacet@23@_K@Z

?_Addstd@ios_base@std@@SAXPEAV12@@Z

?_Assign@_ContextCallback@details@Concurrency@@AEAAXPEAX@Z

?_Atexit@@YAXP6AXXZ@Z

?_BADOFF@std@@3_JB

?_C_str@?$_Yarn@D@std@@QEBAPEBDXZ

?_C_str@?$_Yarn@G@std@@QEBAPEBGXZ

?_C_str@?$_Yarn@_W@std@@QEBAPEB_WXZ

?_CallInContext@_ContextCallback@details@Concurrency@@QEBAXV?$function@$$A6AXXZ@std@@_N@Z

?_Callfns@ios_base@std@@AEAAXW4event@12@@Z

?_Capture@_ContextCallback@details@Concurrency@@AEAAXXZ

?_Clocptr@_Locimp@locale@std@@0PEAV123@EA

?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ

?_Donarrow@?$ctype@G@std@@IEBADGD@Z

?_Donarrow@?$ctype@_W@std@@IEBAD_WD@Z

?_Dowiden@?$ctype@G@std@@IEBAGD@Z

?_Dowiden@?$ctype@_W@std@@IEBA_WD@Z

?_Empty@?$_Yarn@D@std@@QEBA_NXZ

?_Empty@?$_Yarn@G@std@@QEBA_NXZ

?_Empty@?$_Yarn@_W@std@@QEBA_NXZ

?_Execute_once@std@@YAHAEAUonce_flag@1@P6AHPEAX1PEAPEAX@Z1@Z

?_Ffmt@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@AEBAPEADPEADDH@Z

?_Ffmt@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@AEBAPEADPEADDH@Z

?_Ffmt@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@AEBAPEADPEADDH@Z

?_Findarr@ios_base@std@@AEAAAEAU_Iosarray@12@H@Z

?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z

?_Fiopen@std@@YAPEAU_iobuf@@PEBGHH@Z

?_Fiopen@std@@YAPEAU_iobuf@@PEB_WHH@Z

?_Fput@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@AEBA?AV?$ostreambuf_iterator@DU?$char_traits@D@std@@@2@V32@AEAVios_base@2@DPEBD_K@Z

?_Fput@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@AEBA?AV?$ostreambuf_iterator@GU?$char_traits@G@std@@@2@V32@AEAVios_base@2@GPEBD_K@Z

?_Fput@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@AEBA?AV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@2@V32@AEAVios_base@2@_WPEBD_K@Z

?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z

?_Getcat@?$codecvt@GDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z

?_Getcat@?$codecvt@_SDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z

?_Getcat@?$codecvt@_UDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z

?_Getcat@?$codecvt@_WDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z

?_Getcat@?$ctype@D@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z

?_Getcat@?$ctype@G@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z

?_Getcat@?$ctype@_W@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z

?_Getcat@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z

?_Getcat@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z

?_Getcat@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z

?_Getcat@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z

?_Getcat@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z

?_Getcat@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z

?_Getcat@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z

?_Getcat@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z

?_Getcat@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z

?_Getcat@?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z

?_Getcat@?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z

?_Getcat@?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z

?_Getcat@facet@locale@std@@SA_KPEAPEBV123@PEBV23@@Z

?_Getcoll@_Locinfo@std@@QEBA?AU_Collvec@@XZ

?_Getctype@_Locinfo@std@@QEBA?AU_Ctypevec@@XZ

?_Getcvt@_Locinfo@std@@QEBA?AU_Cvtvec@@XZ

?_Getdateorder@_Locinfo@std@@QEBAHXZ

?_Getdays@_Locinfo@std@@QEBAPEBDXZ

?_Getfalse@_Locinfo@std@@QEBAPEBDXZ

?_Getffld@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@AEBAHPEADAEAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@1AEAVios_base@2@PEAH@Z

?_Getffld@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@AEBAHPEADAEAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@1AEAVios_base@2@PEAH@Z

?_Getffld@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@AEBAHPEADAEAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@1AEAVios_base@2@PEAH@Z

?_Getffldx@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@AEBAHPEADAEAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@1AEAVios_base@2@PEAH@Z

?_Getffldx@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@AEBAHPEADAEAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@1AEAVios_base@2@PEAH@Z

?_Getffldx@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@AEBAHPEADAEAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@1AEAVios_base@2@PEAH@Z

?_Getfmt@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IEBA?AV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@V32@0AEAVios_base@2@AEAHPEAUtm@@PEBD@Z

?_Getfmt@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IEBA?AV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@V32@0AEAVios_base@2@AEAHPEAUtm@@PEBD@Z

?_Getfmt@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IEBA?AV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@V32@0AEAVios_base@2@AEAHPEAUtm@@PEBD@Z

?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ

?_Getifld@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@AEBAHPEADAEAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@1HAEBVlocale@2@@Z

?_Getifld@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@AEBAHPEADAEAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@1HAEBVlocale@2@@Z

?_Getifld@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@AEBAHPEADAEAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@1HAEBVlocale@2@@Z

?_Getint@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@AEBAHAEAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@0HHAEAHAEBV?$ctype@D@2@@Z

?_Getint@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@AEBAHAEAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@0HHAEAHAEBV?$ctype@G@2@@Z

?_Getint@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@AEBAHAEAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@0HHAEAHAEBV?$ctype@_W@2@@Z

?_Getlconv@_Locinfo@std@@QEBAPEBUlconv@@XZ

?_Getmonths@_Locinfo@std@@QEBAPEBDXZ

?_Getname@_Locinfo@std@@QEBAPEBDXZ

?_Getptr@_Timevec@std@@QEBAPEAXXZ

?_Gettnames@_Locinfo@std@@QEBA?AV_Timevec@2@XZ

?_Gettrue@_Locinfo@std@@QEBAPEBDXZ

?_Gnavail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBA_JXZ

?_Gnavail@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEBA_JXZ

?_Gnavail@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEBA_JXZ

?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ

?_Gndec@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAAPEAGXZ

?_Gndec@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAPEA_WXZ

?_Gninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ

?_Gninc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAAPEAGXZ

?_Gninc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAPEA_WXZ

?_Gnpreinc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ

?_Gnpreinc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAAPEAGXZ

?_Gnpreinc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAPEA_WXZ

?_Id_cnt@id@locale@std@@0HA

?_Ifmt@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@AEBAPEADPEADPEBDH@Z

?_Ifmt@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@AEBAPEADPEADPEBDH@Z

?_Ifmt@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@AEBAPEADPEADPEBDH@Z

?_Incref@facet@locale@std@@UEAAXXZ

?_Index@ios_base@std@@0HA

Sections

.text
Size: 337KB - Virtual size: 337KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 181KB - Virtual size: 180KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.pdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

sps/sps.exe

.exe windows:6 windows x64 arch:x64

4f2f006e2ecf7172ad368f8289dc96c1

Code Sign

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

Issuer

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Not Before

28-07-2020 00:00

Not After

28-07-2030 00:00

Subject

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

5b:dd:95:4a:de:3f:c7:2a:53:11:2b:d7
Certificate

Issuer

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Not Before

20-10-2022 16:26

Not After

20-10-2025 16:26

Subject

SERIALNUMBER=0800764913,CN=SpyShelter (Netmeetings LLC),O=SpyShelter (Netmeetings LLC),STREET=3006 BEE CAVES RD STE D202,L=AUSTIN,ST=TEXAS,C=US,1.3.6.1.4.1.311.60.2.1.2=#13055445584153,1.3.6.1.4.1.311.60.2.1.3=#13025553,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

01:b2:8b:d4:cf:ee:ee:0d:be:d0:b3:0d:9b:f8:43:6a
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Not Before

06-04-2022 07:45

Not After

08-05-2033 07:45

Subject

CN=Globalsign TSA for CodeSign1 - R6,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

20-06-2018 00:00

Not After

10-12-2034 00:00

Subject

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

45:e6:bb:03:83:33:c3:85:65:48:e6:ff:45:51
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

10-12-2014 00:00

Not After

10-12-2034 00:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

e5:33:38:d8:b9:2d:1f:09:09:e3:75:38:e7:93:2a:74:01:59:85:75:45:1a:c5:e3:b5:8a:fc:87:7d:01:af:6d
Signer

Actual PE Digest

e5:33:38:d8:b9:2d:1f:09:09:e3:75:38:e7:93:2a:74:01:59:85:75:45:1a:c5:e3:b5:8a:fc:87:7d:01:af:6d

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

WriteFile

WriteConsoleW

WerSetFlags

WerGetFlags

WaitForMultipleObjects

WaitForSingleObject

VirtualQuery

VirtualFree

VirtualAlloc

TlsAlloc

SwitchToThread

SuspendThread

SetWaitableTimer

SetUnhandledExceptionFilter

SetProcessPriorityBoost

SetEvent

SetErrorMode

SetConsoleCtrlHandler

ResumeThread

RaiseFailFastException

PostQueuedCompletionStatus

LoadLibraryW

LoadLibraryExW

SetThreadContext

GetThreadContext

GetSystemInfo

GetSystemDirectoryA

GetStdHandle

GetQueuedCompletionStatusEx

GetProcessAffinityMask

GetProcAddress

GetErrorMode

GetEnvironmentStringsW

GetCurrentThreadId

GetConsoleMode

FreeEnvironmentStringsW

ExitProcess

DuplicateHandle

CreateWaitableTimerExW

CreateThread

CreateIoCompletionPort

CreateFileA

CreateEventA

CloseHandle

AddVectoredExceptionHandler

Sections

.text
Size: 1001KB - Virtual size: 1000KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 90KB - Virtual size: 440KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.pdata
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.xdata
Size: 512B - Virtual size: 168B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

/4
Size: 512B - Virtual size: 297B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

/19
Size: 198KB - Virtual size: 198KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

/32
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

/46
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

/65
Size: 521KB - Virtual size: 521KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

/78
Size: 214KB - Virtual size: 214KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

/90
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.reloc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

.symtab
Size: 166KB - Virtual size: 166KB

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

sps_helper.exe

.exe windows:6 windows x64 arch:x64

90a7af39dd2b731ea8fd5c743b497e55

Code Sign

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

Issuer

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Not Before

28-07-2020 00:00

Not After

28-07-2030 00:00

Subject

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

5b:dd:95:4a:de:3f:c7:2a:53:11:2b:d7
Certificate

Issuer

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Not Before

20-10-2022 16:26

Not After

20-10-2025 16:26

Subject

SERIALNUMBER=0800764913,CN=SpyShelter (Netmeetings LLC),O=SpyShelter (Netmeetings LLC),STREET=3006 BEE CAVES RD STE D202,L=AUSTIN,ST=TEXAS,C=US,1.3.6.1.4.1.311.60.2.1.2=#13055445584153,1.3.6.1.4.1.311.60.2.1.3=#13025553,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

01:b2:8b:d4:cf:ee:ee:0d:be:d0:b3:0d:9b:f8:43:6a
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Not Before

06-04-2022 07:45

Not After

08-05-2033 07:45

Subject

CN=Globalsign TSA for CodeSign1 - R6,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

20-06-2018 00:00

Not After

10-12-2034 00:00

Subject

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

45:e6:bb:03:83:33:c3:85:65:48:e6:ff:45:51
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

10-12-2014 00:00

Not After

10-12-2034 00:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

b0:a0:f3:99:7b:10:5b:d4:3d:a7:1d:d0:30:aa:20:a6:42:f3:58:b5:71:45:33:b7:90:45:59:eb:a1:09:72:d7
Signer

Actual PE Digest

b0:a0:f3:99:7b:10:5b:d4:3d:a7:1d:d0:30:aa:20:a6:42:f3:58:b5:71:45:33:b7:90:45:59:eb:a1:09:72:d7

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\actions-runner\_work\backend\backend\bin\release\sps_helper.pdb

Imports

ws2_32

recv

send

WSASetLastError

WSAGetLastError

getpeername

ioctlsocket

WSARecv

WSASend

select

accept

bind

closesocket

connect

getsockname

getsockopt

listen

setsockopt

socket

WSAIoctl

WSAGetOverlappedResult

inet_addr

WSAStartup

htonl

htons

ntdll

RtlCaptureContext

RtlLookupFunctionEntry

RtlVirtualUnwind

RtlUnwindEx

RtlPcToFileHeader

RtlUnwind

kernel32

GetCurrentProcessId

WideCharToMultiByte

GetSystemTimeAsFileTime

SetConsoleCtrlHandler

GetThreadId

GetTimeFormatW

GetDateFormatW

FlsFree

FlsSetValue

FlsGetValue

FlsAlloc

GetConsoleOutputCP

FlushFileBuffers

HeapAlloc

HeapFree

GetFileSizeEx

GetCommandLineW

GetCommandLineA

WriteFile

GetStdHandle

GetModuleFileNameW

ExitProcess

ReadConsoleW

GetConsoleMode

ReadFile

SetFilePointerEx

GetFileType

SetStdHandle

MultiByteToWideChar

GetACP

GetLongPathNameW

CloseHandle

CompareStringW

LCMapStringW

GetLocaleInfoW

IsValidLocale

GetUserDefaultLCID

EnumSystemLocalesW

GetModuleHandleExW

FreeLibraryAndExitThread

ResumeThread

WriteConsoleW

HeapSize

ExitThread

CreateThread

LoadLibraryExW

TlsFree

TlsSetValue

GetProcessHeap

TlsGetValue

TlsAlloc

RaiseException

InitializeSListHead

GetStartupInfoW

IsDebuggerPresent

IsProcessorFeaturePresent

TerminateProcess

GetCurrentProcess

SetUnhandledExceptionFilter

UnhandledExceptionFilter

GetCPInfo

LCMapStringEx

DecodePointer

EncodePointer

SetEnvironmentVariableW

FreeEnvironmentStringsW

GetEnvironmentStringsW

GetOEMCP

IsValidCodePage

SetEndOfFile

HeapReAlloc

ReleaseSemaphore

EnterCriticalSection

LeaveCriticalSection

InitializeCriticalSectionAndSpinCount

TryEnterCriticalSection

DeleteCriticalSection

SetEvent

ResetEvent

WaitForSingleObject

CreateEventA

GetCurrentThreadId

GetTickCount

UnmapViewOfFile

Sleep

DeleteFileW

GetTempFileNameW

GetTempPathW

GetSystemDirectoryA

FreeLibrary

GetProcAddress

LoadLibraryA

LocalAlloc

LocalFree

FormatMessageA

QueryPerformanceCounter

QueryPerformanceFrequency

CreateIoCompletionPort

GetQueuedCompletionStatus

PostQueuedCompletionStatus

CreateSemaphoreA

GetLastError

GetHandleInformation

SetLastError

GetQueuedCompletionStatusEx

InitializeSRWLock

ReleaseSRWLockExclusive

ReleaseSRWLockShared

AcquireSRWLockExclusive

AcquireSRWLockShared

InitializeCriticalSection

InitOnceExecuteOnce

GetTickCount64

GetModuleHandleW

SetFileCompletionNotificationModes

GetLocaleInfoEx

GetStringTypeW

TryAcquireSRWLockExclusive

WaitForSingleObjectEx

GetExitCodeThread

CreateFileW

FindClose

FindFirstFileW

FindFirstFileExW

FindNextFileW

GetFileAttributesExW

AreFileApisANSI

GetFileInformationByHandleEx

WakeConditionVariable

WakeAllConditionVariable

SleepConditionVariableSRW

InitializeCriticalSectionEx

GetTimeZoneInformation

user32

CreateWindowExW

IsWindowVisible

DestroyWindow

PostMessageW

DispatchMessageW

GetLastActivePopup

GetMessageW

GetWindowTextLengthW

GetWindowThreadProcessId

GetWindowLongW

PostThreadMessageW

SetLayeredWindowAttributes

SetWindowDisplayAffinity

RegisterClassExW

RegisterClassW

EnumWindows

GetTitleBarInfo

TranslateMessage

GetAncestor

GetWindowTextW

ShowWindow

DefWindowProcW

GetSystemMetrics

SetWindowPos

SetWindowLongPtrW

GetWindowLongPtrW

gdi32

CreateSolidBrush

advapi32

RegCloseKey

RegCreateKeyExW

RegQueryValueExW

oleaut32

VariantClear

dwmapi

DwmGetWindowAttribute

bcrypt

BCryptGenRandom

Sections

.text
Size: 342KB - Virtual size: 341KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.pdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 167KB - Virtual size: 166KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

sps_service.exe

.exe windows:6 windows x64 arch:x64

c2fc3a81274e0ee03a49246e5b25f60f

Code Sign

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

Issuer

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Not Before

28-07-2020 00:00

Not After

28-07-2030 00:00

Subject

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

5b:dd:95:4a:de:3f:c7:2a:53:11:2b:d7
Certificate

Issuer

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Not Before

20-10-2022 16:26

Not After

20-10-2025 16:26

Subject

SERIALNUMBER=0800764913,CN=SpyShelter (Netmeetings LLC),O=SpyShelter (Netmeetings LLC),STREET=3006 BEE CAVES RD STE D202,L=AUSTIN,ST=TEXAS,C=US,1.3.6.1.4.1.311.60.2.1.2=#13055445584153,1.3.6.1.4.1.311.60.2.1.3=#13025553,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

01:b2:8b:d4:cf:ee:ee:0d:be:d0:b3:0d:9b:f8:43:6a
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Not Before

06-04-2022 07:45

Not After

08-05-2033 07:45

Subject

CN=Globalsign TSA for CodeSign1 - R6,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

20-06-2018 00:00

Not After

10-12-2034 00:00

Subject

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

45:e6:bb:03:83:33:c3:85:65:48:e6:ff:45:51
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

10-12-2014 00:00

Not After

10-12-2034 00:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

57:fc:6f:ff:6d:38:25:33:74:08:e9:fa:21:cc:c0:e7:c1:b1:a5:ad:f9:97:ee:58:a8:2a:68:e2:9e:d1:ea:0b
Signer

Actual PE Digest

57:fc:6f:ff:6d:38:25:33:74:08:e9:fa:21:cc:c0:e7:c1:b1:a5:ad:f9:97:ee:58:a8:2a:68:e2:9e:d1:ea:0b

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\actions-runner\_work\backend\backend\bin\release\sps_service.pdb

Imports

iphlpapi

GetExtendedTcpTable

GetAdaptersInfo

wintrust

WTHelperGetProvCertFromChain

WTHelperProvDataFromStateData

WTHelperGetProvSignerFromChain

WinVerifyTrust

crypt32

CertAddCertificateContextToStore

CryptDecodeObjectEx

PFXImportCertStore

CryptStringToBinaryA

CertFreeCertificateContext

CertEnumCertificatesInStore

CertCloseStore

CertGetCertificateChain

CertGetNameStringW

CertGetNameStringA

CertGetEnhancedKeyUsage

CertAddStoreToCollection

CertFindCertificateInStore

CertOpenStore

CryptFindOIDInfo

CryptDecodeObject

CertFindExtension

CryptQueryObject

CertCreateCertificateChainEngine

CertFreeCertificateChainEngine

CertFreeCertificateChain

CertNameToStrW

kernel32

DeleteTimerQueueTimer

VirtualLock

VirtualUnlock

GlobalMemoryStatus

CreateToolhelp32Snapshot

Heap32ListFirst

Heap32ListNext

Heap32First

Heap32Next

Process32FirstW

Process32NextW

Thread32First

Thread32Next

Module32FirstW

Module32NextW

InitializeCriticalSectionEx

SleepEx

QueryPerformanceFrequency

GetSystemDirectoryA

MoveFileExA

GetEnvironmentVariableA

VerSetConditionMask

VerifyVersionInfoA

GetFileSizeEx

TlsSetValue

TlsAlloc

TlsGetValue

IsProcessorFeaturePresent

GetTimeFormatEx

GetLocaleInfoW

GetDateFormatEx

CreateProcessW

GlobalAlloc

LocalAlloc

IsValidCodePage

GetTimeZoneInformation

EnumSystemLocalesW

GetUserDefaultLCID

IsValidLocale

LCMapStringW

CompareStringW

GetTimeFormatW

GetDateFormatW

FlsFree

FlsSetValue

FlsGetValue

FlsAlloc

GetCommandLineW

GetCommandLineA

GetStdHandle

SetConsoleCtrlHandler

ExitProcess

SetFilePointerEx

SetStdHandle

GetConsoleOutputCP

GetFullPathNameW

GetConsoleMode

SystemTimeToTzSpecificLocalTime

PeekNamedPipe

GetDriveTypeW

GetFileType

GetModuleHandleExW

FreeLibraryAndExitThread

ResumeThread

ExitThread

TlsFree

RtlUnwindEx

RaiseException

RtlPcToFileHeader

InitializeSListHead

GetStartupInfoW

IsDebuggerPresent

GetCurrentProcess

SetUnhandledExceptionFilter

UnhandledExceptionFilter

GetCPInfo

CompareStringEx

LCMapStringEx

DecodePointer

EncodePointer

GetFileInformationByHandleEx

SetFileInformationByHandle

GetFileInformationByHandle

ReleaseMutex

FindFirstFileExW

FindFirstFileW

FindClose

CreateDirectoryW

GetCurrentDirectoryW

GetLocaleInfoEx

SleepConditionVariableSRW

WakeAllConditionVariable

WakeConditionVariable

GetStringTypeW

TryAcquireSRWLockExclusive

GetExitCodeThread

GetComputerNameW

GlobalFree

GetModuleHandleA

GetModuleFileNameW

TerminateThread

CreateThread

TerminateProcess

K32GetModuleFileNameExW

GetACP

GetComputerNameExW

OpenProcess

GetLongPathNameW

EnumResourceNamesW

FindResourceW

LockResource

LoadResource

LoadLibraryExW

GetCurrentThreadId

DeleteCriticalSection

TryEnterCriticalSection

LeaveCriticalSection

EnterCriticalSection

InitializeCriticalSection

AreFileApisANSI

WriteFile

GetDiskFreeSpaceW

OutputDebugStringA

LockFile

SetFilePointer

GetFullPathNameA

SetEndOfFile

UnlockFileEx

GetTempPathW

CreateMutexW

WaitForSingleObject

GetFileAttributesW

UnmapViewOfFile

HeapValidate

HeapSize

MultiByteToWideChar

Sleep

GetTempPathA

FormatMessageW

GetDiskFreeSpaceA

GetFileAttributesA

GetFileAttributesExW

OutputDebugStringW

FlushViewOfFile

CreateFileA

LoadLibraryA

WaitForSingleObjectEx

DeleteFileA

DeleteFileW

HeapReAlloc

GetSystemInfo

HeapAlloc

HeapCompact

HeapDestroy

UnlockFile

LockFileEx

GetFileSize

GetProcessHeap

SystemTimeToFileTime

FreeLibrary

WideCharToMultiByte

GetSystemTimeAsFileTime

GetSystemTime

FormatMessageA

CreateFileMappingW

MapViewOfFile

QueryPerformanceCounter

GetTickCount

FlushFileBuffers

lstrlenW

FileTimeToSystemTime

LoadLibraryW

GetProcAddress

FileTimeToLocalFileTime

GetModuleHandleW

GetSystemTimePreciseAsFileTime

LocalFree

GetCurrentProcessId

WaitForMultipleObjects

CreateEventW

SetEvent

DeviceIoControl

SetLastError

GetLastError

CloseHandle

CreateFileW

SetFileCompletionNotificationModes

GetTickCount64

InitOnceExecuteOnce

AcquireSRWLockShared

AcquireSRWLockExclusive

ReleaseSRWLockShared

ReleaseSRWLockExclusive

InitializeSRWLock

GetQueuedCompletionStatusEx

GetHandleInformation

CreateSemaphoreA

ReleaseSemaphore

PostQueuedCompletionStatus

GetQueuedCompletionStatus

CreateIoCompletionPort

GetTempFileNameW

CreateEventA

ResetEvent

InitializeCriticalSectionAndSpinCount

ReadFile

SearchPathW

GetOEMCP

GetEnvironmentStringsW

FreeEnvironmentStringsW

SetEnvironmentVariableW

WriteConsoleW

CreateTimerQueueTimer

HeapCreate

FindNextFileW

HeapFree

ReadConsoleW

RtlUnwind

user32

wsprintfW

GetDC

ReleaseDC

DestroyIcon

CreateIconFromResourceEx

DrawIconEx

GetMessagePos

GetMessageTime

GetInputState

GetCursorPos

GetCaretPos

IsIconic

IsWindowVisible

gdi32

DeleteDC

DeleteObject

CreateCompatibleDC

CreateDIBSection

SelectObject

advapi32

ChangeServiceConfigW

CloseServiceHandle

ControlService

CreateServiceW

DeleteService

OpenSCManagerW

OpenServiceW

StartServiceW

QueryServiceConfig2W

NotifyServiceStatusChangeW

RegCloseKey

RegOpenKeyExW

RegQueryValueExW

RegDeleteKeyW

RegEnumKeyExW

QueryServiceStatusEx

EnumDependentServicesW

EnumServicesStatusExW

QueryServiceConfigW

RegCreateKeyExA

RegCreateKeyExW

RegDeleteValueW

RegOpenKeyExA

RegQueryValueExA

RegSetValueExA

RegSetValueExW

CreateProcessAsUserW

RegisterServiceCtrlHandlerExW

SetServiceStatus

StartServiceCtrlDispatcherW

GetUserNameW

OpenSCManagerA

OpenServiceA

GetEffectiveRightsFromAclW

GetInheritanceSourceW

LsaLookupSids

LsaFreeMemory

LsaOpenPolicy

LsaClose

CryptDestroyHash

CryptHashData

CryptCreateHash

CryptGenRandom

CryptGetHashParam

CryptReleaseContext

CryptAcquireContextA

QueryServiceStatus

shell32

ShellExecuteExW

SHGetFolderPathW

CommandLineToArgvW

ole32

CoCreateInstance

CoSetProxyBlanket

CoInitialize

CoInitializeSecurity

CoUninitialize

CoInitializeEx

oleaut32

SafeArrayGetElement

SafeArrayGetLBound

SafeArrayGetUBound

SafeArrayDestroy

VariantClear

VariantInit

SysFreeString

SysAllocString

ws2_32

WSASetLastError

WSAIoctl

getsockopt

getpeername

connect

bind

WSAGetLastError

send

WSACleanup

accept

listen

ioctlsocket

__WSAFDIsSet

select

getaddrinfo

freeaddrinfo

closesocket

ntohs

inet_ntoa

htons

WSAGetOverlappedResult

WSASend

WSARecv

socket

getsockname

WSAStartup

htonl

setsockopt

inet_addr

recv

fltlib

FilterSendMessage

FilterGetMessage

FilterConnectCommunicationPort

ntdll

RtlExpandEnvironmentStrings_U

RtlCaptureContext

RtlLookupFunctionEntry

RtlVirtualUnwind

NtReleaseSemaphore

RtlGetDaclSecurityDescriptor

NtCreateSemaphore

RtlGetVersion

RtlLeaveCriticalSection

RtlStringFromGUID

RtlFindMessage

RtlEnterCriticalSection

LdrAccessResource

LdrFindResource_U

NtQueryObject

NtClearEvent

RtlTimeToTimeFields

NtDuplicateObject

NtTerminateThread

NtCreateKeyedEvent

NtWaitForKeyedEvent

NtReleaseKeyedEvent

NtCreateTimer

NtAlertThread

NtSetTimer

RtlCreateHeap

RtlSetHeapInformation

NtCreateSection

RtlGUIDFromString

NtQuerySection

NtReadVirtualMemory

NtClose

NtQueryInformationProcess

NtCreateFile

NtReadFile

RtlUpcaseUnicodeChar

RtlNtStatusToDosErrorNoTeb

NtQueryFullAttributesFile

NtQueryValueKey

NtOpenFile

NtMapViewOfSection

NtQuerySecurityObject

NtOpenSection

NtQueryDirectoryFile

RtlCreateSecurityDescriptor

NtUnmapViewOfSection

NtQueryInformationThread

NtQueryInformationFile

NtFsControlFile

RtlDetermineDosPathNameType_U

NtQueryAttributesFile

RtlQueryEnvironmentVariable_U

NtSetSecurityObject

RtlSubAuthorityCountSid

NtQueryInformationJobObject

NtSetInformationThread

NtCreateNamedPipeFile

NtOpenProcess

RtlFreeUnicodeString

NtQuerySymbolicLinkObject

RtlConvertSidToUnicodeString

RtlDosPathNameToNtPathName_U_WithStatus

NtOpenKey

RtlSetDaclSecurityDescriptor

RtlSubAuthoritySid

NtQueryVirtualMemory

NtEnumerateKey

NtOpenSymbolicLinkObject

NtOpenThread

NtOpenProcessToken

RtlInterlockedPopEntrySList

RtlUnicodeToUTF8N

RtlFreeHeap

RtlCreateUserThread

RtlMultiByteToUnicodeSize

RtlMultiByteToUnicodeN

RtlUTF8ToUnicodeN

RtlReAllocateHeap

RtlAllocateHeap

NtTestAlert

NtWaitForSingleObject

NtSetEvent

NtCreateEvent

RtlInterlockedPushEntrySList

NtQueryInformationToken

RtlLengthSid

RtlSecondsSince1980ToTime

RtlTimeToSecondsSince1980

NtIsProcessInJob

NtQuerySystemInformationEx

NtQuerySystemInformation

RtlInterlockedFlushSList

RtlFirstEntrySList

RtlInitializeSListHead

ZwClose

RtlRaiseStatus

NtAdjustPrivilegesToken

RtlEqualSid

RtlSetCurrentDirectory_U

comctl32

ord345

wininet

InternetOpenW

InternetCrackUrlW

HttpOpenRequestW

InternetReadFile

InternetConnectW

InternetCloseHandle

HttpSendRequestW

InternetQueryOptionW

wtsapi32

WTSFreeMemoryExW

WTSQueryUserToken

WTSEnumerateSessionsExW

userenv

UnloadUserProfile

DestroyEnvironmentBlock

CreateEnvironmentBlock

LoadUserProfileW

winhttp

WinHttpGetProxyForUrl

WinHttpGetIEProxyConfigForCurrentUser

WinHttpCloseHandle

WinHttpOpen

bcrypt

BCryptGenRandom

Exports

PhDereferenceProcessRecord

PhFindProcessRecord

PhGetClientIdName

PhGetClientIdNameEx

PhGetProcessIsSuspended

PhGetProcessKnownType

PhGetProcessKnownTypeEx

PhGetProcessPriorityClassString

PhGetServiceChange

PhGetStatisticsTime

PhGetStatisticsTimeString

PhIsProcessSuspended

PhLoadSymbolProviderOptions

PhReferenceProcessItem

PhReferenceProcessItemForParent

PhReferenceProcessItemForRecord

PhReferenceProcessRecord

PhReferenceProcessRecordForStatistics

PhReferenceProcessRecordSafe

PhReferenceServiceItem

PhSearchOnlineString

PhShellExecuteUserString

PhaGetProcessKnownCommandLine

Sections

.text
Size: 2.9MB - Virtual size: 2.9MB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 807KB - Virtual size: 807KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 50KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.pdata
Size: 126KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 169KB - Virtual size: 169KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

spyshelter.cat

tray_manager_plugin.dll

.dll windows:6 windows x64 arch:x64

5b220d77abc1ae8c0fb294534d263d9c

Code Sign

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

Issuer

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Not Before

28-07-2020 00:00

Not After

28-07-2030 00:00

Subject

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

5b:dd:95:4a:de:3f:c7:2a:53:11:2b:d7
Certificate

Issuer

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Not Before

20-10-2022 16:26

Not After

20-10-2025 16:26

Subject

SERIALNUMBER=0800764913,CN=SpyShelter (Netmeetings LLC),O=SpyShelter (Netmeetings LLC),STREET=3006 BEE CAVES RD STE D202,L=AUSTIN,ST=TEXAS,C=US,1.3.6.1.4.1.311.60.2.1.2=#13055445584153,1.3.6.1.4.1.311.60.2.1.3=#13025553,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

01:b2:8b:d4:cf:ee:ee:0d:be:d0:b3:0d:9b:f8:43:6a
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Not Before

06-04-2022 07:45

Not After

08-05-2033 07:45

Subject

CN=Globalsign TSA for CodeSign1 - R6,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

20-06-2018 00:00

Not After

10-12-2034 00:00

Subject

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

45:e6:bb:03:83:33:c3:85:65:48:e6:ff:45:51
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

10-12-2014 00:00

Not After

10-12-2034 00:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

a9:0d:ac:22:92:63:8c:79:f0:51:d2:e2:b2:76:02:e3:ed:22:fa:b1:61:53:20:72:07:af:51:a1:dc:19:c8:46
Signer

Actual PE Digest

a9:0d:ac:22:92:63:8c:79:f0:51:d2:e2:b2:76:02:e3:ed:22:fa:b1:61:53:20:72:07:af:51:a1:dc:19:c8:46

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

Imports

flutter_windows

FlutterDesktopViewGetHWND

FlutterDesktopRegistrarGetTextureRegistrar

FlutterDesktopPluginRegistrarGetMessenger

FlutterDesktopTextureRegistrarMarkExternalTextureFrameAvailable

FlutterDesktopTextureRegistrarUnregisterExternalTexture

FlutterDesktopTextureRegistrarRegisterExternalTexture

FlutterDesktopMessengerUnlock

FlutterDesktopMessengerLock

FlutterDesktopMessengerIsAvailable

FlutterDesktopMessengerRelease

FlutterDesktopMessengerAddRef

FlutterDesktopMessengerSetCallback

FlutterDesktopMessengerSendResponse

FlutterDesktopMessengerSendWithReply

FlutterDesktopMessengerSend

FlutterDesktopPluginRegistrarUnregisterTopLevelWindowProcDelegate

FlutterDesktopPluginRegistrarRegisterTopLevelWindowProcDelegate

FlutterDesktopPluginRegistrarGetView

FlutterDesktopPluginRegistrarSetDestructionHandler

user32

GetAncestor

LoadImageW

DestroyIcon

DefWindowProcW

SetForegroundWindow

TrackPopupMenu

RemoveMenu

AppendMenuW

GetMenuItemCount

CreatePopupMenu

GetCursorPos

GetSystemMetrics

shell32

Shell_NotifyIconW

Shell_NotifyIconGetRect

msvcp140

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z

?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A

?id@?$codecvt@_WDU_Mbstatet@@@std@@2V0locale@2@A

?_Raise_handler@std@@3P6AXAEBVexception@stdext@@@ZEA

?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ

?_Incref@facet@locale@std@@UEAAXXZ

?_Xbad_function_call@std@@YAXXZ

?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ

?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z

?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ

?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z

?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADXZ

?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ

?_Xlength_error@std@@YAXPEBD@Z

?_Xout_of_range@std@@YAXPEBD@Z

??4?$_Yarn@D@std@@QEAAAEAV01@PEBD@Z

??Bid@locale@std@@QEAA_KXZ

?_New_Locimp@_Locimp@locale@std@@CAPEAV123@AEBV123@@Z

?_Locimp_Addfac@_Locimp@locale@std@@CAXPEAV123@PEAVfacet@23@_K@Z

?_Init@locale@std@@CAPEAV_Locimp@12@_N@Z

?in@?$codecvt@_WDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEA_W3AEAPEA_W@Z

??0?$codecvt@_WDU_Mbstatet@@@std@@QEAA@_K@Z

??1?$codecvt@_WDU_Mbstatet@@@std@@MEAA@XZ

?good@ios_base@std@@QEBA_NXZ

?flags@ios_base@std@@QEBAHXZ

?width@ios_base@std@@QEBA_JXZ

?width@ios_base@std@@QEAA_J_J@Z

?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z

?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z

?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z

?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ

vcruntime140

__std_terminate

memcmp

memcpy

memmove

__std_type_info_compare

memset

__C_specific_handler

__std_exception_copy

__std_exception_destroy

__std_type_info_destroy_list

_CxxThrowException

vcruntime140_1

__CxxFrameHandler4

api-ms-win-crt-runtime-l1-1-0

_initialize_narrow_environment

_initialize_onexit_table

_register_onexit_function

_seh_filter_dll

_crt_atexit

_cexit

_initterm

_initterm_e

_invoke_watson

_invalid_parameter_noinfo_noreturn

_configure_narrow_argv

_execute_onexit_table

api-ms-win-crt-heap-l1-1-0

free

_callnewh

malloc

kernel32

InitializeSListHead

DisableThreadLibraryCalls

GetSystemTimeAsFileTime

GetCurrentThreadId

GetCurrentProcessId

QueryPerformanceCounter

TerminateProcess

GetCurrentProcess

IsProcessorFeaturePresent

ReleaseSRWLockExclusive

SetUnhandledExceptionFilter

UnhandledExceptionFilter

IsDebuggerPresent

RtlVirtualUnwind

RtlLookupFunctionEntry

RtlCaptureContext

SleepConditionVariableSRW

WakeAllConditionVariable

AcquireSRWLockExclusive

Exports

TrayManagerPluginRegisterWithRegistrar

Sections

.text
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

url_launcher_windows_plugin.dll

.dll windows:6 windows x64 arch:x64

bf712d325b547c6a8f1a680c01292d18

Code Sign

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

Issuer

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Not Before

28-07-2020 00:00

Not After

28-07-2030 00:00

Subject

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

5b:dd:95:4a:de:3f:c7:2a:53:11:2b:d7
Certificate

Issuer

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Not Before

20-10-2022 16:26

Not After

20-10-2025 16:26

Subject

SERIALNUMBER=0800764913,CN=SpyShelter (Netmeetings LLC),O=SpyShelter (Netmeetings LLC),STREET=3006 BEE CAVES RD STE D202,L=AUSTIN,ST=TEXAS,C=US,1.3.6.1.4.1.311.60.2.1.2=#13055445584153,1.3.6.1.4.1.311.60.2.1.3=#13025553,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

01:b2:8b:d4:cf:ee:ee:0d:be:d0:b3:0d:9b:f8:43:6a
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Not Before

06-04-2022 07:45

Not After

08-05-2033 07:45

Subject

CN=Globalsign TSA for CodeSign1 - R6,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

20-06-2018 00:00

Not After

10-12-2034 00:00

Subject

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

45:e6:bb:03:83:33:c3:85:65:48:e6:ff:45:51
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

10-12-2014 00:00

Not After

10-12-2034 00:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

b0:d3:ab:e0:e0:ca:e1:0f:dd:9c:90:21:92:cc:2f:7e:ae:15:00:a3:eb:ce:e6:62:76:c0:98:10:dc:ff:03:19
Signer

Actual PE Digest

b0:d3:ab:e0:e0:ca:e1:0f:dd:9c:90:21:92:cc:2f:7e:ae:15:00:a3:eb:ce:e6:62:76:c0:98:10:dc:ff:03:19

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

Imports

flutter_windows

FlutterDesktopPluginRegistrarGetView

FlutterDesktopTextureRegistrarMarkExternalTextureFrameAvailable

FlutterDesktopTextureRegistrarUnregisterExternalTexture

FlutterDesktopTextureRegistrarRegisterExternalTexture

FlutterDesktopMessengerUnlock

FlutterDesktopMessengerLock

FlutterDesktopMessengerIsAvailable

FlutterDesktopMessengerRelease

FlutterDesktopMessengerAddRef

FlutterDesktopMessengerSetCallback

FlutterDesktopMessengerSendResponse

FlutterDesktopMessengerSendWithReply

FlutterDesktopMessengerSend

FlutterDesktopRegistrarGetTextureRegistrar

FlutterDesktopPluginRegistrarGetMessenger

FlutterDesktopPluginRegistrarSetDestructionHandler

kernel32

DisableThreadLibraryCalls

GetSystemTimeAsFileTime

GetCurrentThreadId

GetCurrentProcessId

QueryPerformanceCounter

IsProcessorFeaturePresent

TerminateProcess

GetCurrentProcess

InitializeSListHead

UnhandledExceptionFilter

RtlVirtualUnwind

RtlLookupFunctionEntry

RtlCaptureContext

MultiByteToWideChar

AcquireSRWLockExclusive

SleepConditionVariableSRW

WakeAllConditionVariable

IsDebuggerPresent

SetUnhandledExceptionFilter

ReleaseSRWLockExclusive

shell32

ShellExecuteW

advapi32

RegOpenKeyExW

RegCloseKey

RegQueryValueExW

msvcp140

?_Xout_of_range@std@@YAXPEBD@Z

?uncaught_exception@std@@YA_NXZ