lummastealer[.]7z

Sharing

Copy URL

Twitter E-mail

General

Target

lummastealer.7z
Size

20.9MB
MD5

df9957243afdd11725b5f7e454b179aa
SHA1

bd856ebe241d3f0514b16d0a7fa1c9ab0cd47f53
SHA256

826e787cd4449d9814fa273d34c701390baa7deff4d472c9e6487170e8567d1e
SHA512

1e755334095fc60a1f3f5185a102e55cef32e8a096097e5ed0a991d97137f159d782ac2b8e541351a8e79686f2dc23a7ba6de8b1389174059f6f4f1a86000885
SSDEEP

393216:2Yvlm/SBCPubqLpP/iFAC+DyGNu9jIjGjlFb43369OBR2u8es7mdNYq4MXqfamrs:k6B2uuLpiVJkSjbH4euZs7mbqwf

Score

4^/10

pdf link

Malware Config

Signatures

HTTP links in PDF interactive object 2 IoCs

Detects HTTP links in interactive objects within PDF files.

pdf link

resource	yara_rule
static1/unpack001/lummastealer/Data/Media/NEWS.pdf	pdf_with_link_action
static1/unpack001/lummastealer/Old-Setup/Data/Media/NEWS.pdf	pdf_with_link_action

One or more HTTP URLs in PDF identified
Detects presence of HTTP links in PDF files.
pdf link

Unsigned PE 4 IoCs

Checks for missing Authenticode signature.

resource
unpack001/lummastealer/Data/msys-asn1-8.dll
unpack001/lummastealer/Data/wab32.dll
unpack001/lummastealer/Old-Setup/Data/msys-asn1-8.dll
unpack001/lummastealer/Old-Setup/Data/wab32.dll

One or more email addresses in PDF identified
Detects presence of email addresses in PDF files.
pdf

Files

lummastealer.7z
.7z
lummastealer/Data/AudioRenderer.dll
.dll windows:5 windows x64 arch:x64

a4c776c8c8aef2452297de4da7a8b846

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

6c:59:ef:a9:e1:00:e1:0e:e3:06:ba:8f:e0:29:25:59
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

07-06-2012 00:00

Not After

06-06-2022 23:59

Subject

CN=Symantec Class 3 Extended Validation Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

35:a8:4f:a5:03:f8:9b:49:83:96:bb:48:91:68:a5:80
Certificate

Issuer

CN=Symantec Class 3 Extended Validation Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

14-01-2014 00:00

Not After

07-01-2016 23:59

Subject

SERIALNUMBER=2748129,CN=Adobe Systems Incorporated,OU=Photoshop\, Bridge - SHA256,O=Adobe Systems Incorporated,L=San Jose,ST=California,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

23:ae:c0:7c:0a:5d:b2:9d:6c:ee:d9:27:81:40:e8:e7:00:e1:d1:49
Signer

Actual PE Digest

23:ae:c0:7c:0a:5d:b2:9d:6c:ee:d9:27:81:40:e8:e7:00:e1:d1:49

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\DynamicLinkMediaServer8\releases\2014.03\dynamiclinkmediaserver\Targets\Win\Release\64\AudioRenderer.pdb

Imports

dvacore

??6?$basic_ostream@EU?$char_traits@E@std@@@std@@QEAAAEAV01@I@Z
?str@?$basic_ostringstream@EU?$char_traits@E@std@@V?$STLAllocator@E@SmallBlockAllocator@utility@dvacore@@@std@@QEBA?AV?$basic_string@EU?$char_traits@E@std@@V?$STLAllocator@E@SmallBlockAllocator@utility@dvacore@@@2@XZ
??_DoUTF8StringStream@dvacore@@QEAAXXZ
??0iUTF8StringStream@dvacore@@QEAA@AEBV?$basic_string@EU?$char_traits@E@std@@V?$STLAllocator@E@SmallBlockAllocator@utility@dvacore@@@std@@@Z
??5?$basic_istream@EU?$char_traits@E@std@@@std@@QEAAAEAV01@AEAI@Z
??_DiUTF8StringStream@dvacore@@QEAAXXZ
??0RecursiveMutex@threads@dvacore@@QEAA@XZ
??1RecursiveMutex@threads@dvacore@@QEAA@XZ
?Unlock@RecursiveMutex@threads@dvacore@@QEBAXXZ
??0oUTF8StringStream@dvacore@@QEAA@XZ
?GetEntry@DebugDatabase@debug@dvacore@@QEBA?AV?$basic_string@EU?$char_traits@E@std@@V?$STLAllocator@E@SmallBlockAllocator@utility@dvacore@@@std@@AEBV45@0@Z
?Instance@DebugDatabase@debug@dvacore@@SAAEAV123@XZ
?AsciiToUTF16@utility@dvacore@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$STLAllocator@G@SmallBlockAllocator@utility@dvacore@@@std@@PEBD_K@Z
??Y?$basic_string@GU?$char_traits@G@std@@V?$STLAllocator@G@SmallBlockAllocator@utility@dvacore@@@std@@QEAAAEAV01@AEBV01@@Z
??4?$basic_string@GU?$char_traits@G@std@@V?$STLAllocator@G@SmallBlockAllocator@utility@dvacore@@@std@@QEAAAEAV01@$$QEAV01@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$STLAllocator@G@SmallBlockAllocator@utility@dvacore@@@std@@QEAA@AEBV01@@Z
?Trace@debug@dvacore@@YAXPEBE@Z
?GetCurrentThreadID@threads@dvacore@@YAKXZ
?TraceEnabled@debug@dvacore@@YA_NPEBEJ_N@Z
?TraceChangeCount@debug@dvacore@@YAHXZ
?PassThrough@Gate@threads@dvacore@@QEBA_NH@Z
?Open@Gate@threads@dvacore@@QEAAXXZ
?Close@Gate@threads@dvacore@@QEAAXXZ
??0Gate@threads@dvacore@@QEAA@_N@Z
??1Gate@threads@dvacore@@QEAA@XZ
??0Guid@utility@dvacore@@QEAA@KGGEEEEEEEE@Z
??1?$basic_string@GU?$char_traits@G@std@@V?$STLAllocator@G@SmallBlockAllocator@utility@dvacore@@@std@@QEAA@XZ
??1?$basic_string@EU?$char_traits@E@std@@V?$STLAllocator@E@SmallBlockAllocator@utility@dvacore@@@std@@QEAA@XZ
?UTF8to16@utility@dvacore@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$STLAllocator@G@SmallBlockAllocator@utility@dvacore@@@std@@AEBV?$basic_string@EU?$char_traits@E@std@@V?$STLAllocator@E@SmallBlockAllocator@utility@dvacore@@@4@PEAW4UnicodeErrorCode@12@PEA_K@Z
?Dispose@SmallBlockAllocator@utility@dvacore@@YAXPEAX_K@Z
?Allocate@SmallBlockAllocator@utility@dvacore@@YAPEAX_K@Z
??1ReplacementValue@config@dvacore@@QEAA@XZ
??0?$basic_string@EU?$char_traits@E@std@@V?$STLAllocator@E@SmallBlockAllocator@utility@dvacore@@@std@@QEAA@PEBE@Z
?ThrowError@config@dvacore@@YAXW4ErrorLevel@12@PEBDKJ_NAEBVReplacementValue@12@333@Z
??0ReplacementValue@config@dvacore@@QEAA@XZ
?IsDebuggerAttached@debug@dvacore@@YA_NXZ
?BreakAfterContractDialog@debug@dvacore@@YA_NPEBD00J@Z
?sNullString@ImmutableString@utility@dvacore@@0QBEB
??1ImmutableString@utility@dvacore@@QEAA@XZ
??0ImmutableString@utility@dvacore@@QEAA@AEBV012@@Z
?CreateDynamic@ImmutableString@utility@dvacore@@SA?AV123@PEBD@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$STLAllocator@G@SmallBlockAllocator@utility@dvacore@@@std@@QEAA@XZ
?Lock@RecursiveMutex@threads@dvacore@@QEBAXPEBD@Z

dvamediatypes

??ZTickTime@dvamediatypes@@QEAAAEAV01@AEBV01@@Z
?kTime_Invalid@dvamediatypes@@3VTickTime@1@B
??KTickTime@dvamediatypes@@QEBANAEBV01@@Z
?kFrameRate_Zero@dvamediatypes@@3VFrameRate@1@B
??GTickTime@dvamediatypes@@QEBA?AV01@XZ
?kFrameRate_Audio48000@dvamediatypes@@3VFrameRate@1@B
?AlignToFrame@TickTime@dvamediatypes@@QEAAXAEBVFrameRate@2@@Z
?kTime_Min@dvamediatypes@@3VTickTime@1@B
?ToFrame64@TickTime@dvamediatypes@@QEBA_JAEBVFrameRate@2@@Z
?kTime_Max@dvamediatypes@@3VTickTime@1@B
??XTickTime@dvamediatypes@@QEAAAEAV01@N@Z
?kTime_Zero@dvamediatypes@@3VTickTime@1@B
?AddFrames@TickTime@dvamediatypes@@QEAAX_JAEBVFrameRate@2@@Z
?ToFrame32@TickTime@dvamediatypes@@QEBAJAEBVFrameRate@2@@Z
??DTickTime@dvamediatypes@@QEBA?AV01@N@Z
??GTickTime@dvamediatypes@@QEBA?AV01@AEBV01@@Z
??HTickTime@dvamediatypes@@QEBA?AV01@AEBV01@@Z
?CreateLegacy51ChannelLayout@dvamediatypes@@YA?AV?$vector@UAudioChannelDescription@dvamediatypes@@V?$allocator@UAudioChannelDescription@dvamediatypes@@@std@@@std@@XZ
?CreateStereoChannelLayout@dvamediatypes@@YA?AV?$vector@UAudioChannelDescription@dvamediatypes@@V?$allocator@UAudioChannelDescription@dvamediatypes@@@std@@@std@@XZ
?CreateMonoChannelLayout@dvamediatypes@@YA?AV?$vector@UAudioChannelDescription@dvamediatypes@@V?$allocator@UAudioChannelDescription@dvamediatypes@@@std@@@std@@XZ
?CreateMultichannelLayout@dvamediatypes@@YA?AV?$vector@UAudioChannelDescription@dvamediatypes@@V?$allocator@UAudioChannelDescription@dvamediatypes@@@std@@@std@@H@Z
??YTickTime@dvamediatypes@@QEAAAEAV01@AEBV01@@Z

kernel32

TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
Sleep
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
HeapFree
HeapReAlloc
HeapAlloc
HeapCreate
DecodePointer
DisableThreadLibraryCalls
EncodePointer
GetSystemTimeAsFileTime

oleaut32

SysFreeString

aslfoundation

??1Impl@ASL@@UEAA@XZ
?MixInData@MixHash@ASL@@CAXAEAVHashValue@2@PEBE_K@Z
??0Exception@ASL@@QEAA@XZ
??1Exception@ASL@@UEAA@XZ
?Allocate@Allocator@ASL@@SAPEAX_K@Z
?Dispose@Allocator@ASL@@SAXPEAX_K@Z
?what@Exception@ASL@@UEBAPEBDXZ
??1MemoryRecycler@ASL@@QEAA@XZ
?RecycleBuffer@MemoryRecycler@ASL@@QEAAXAEAVMemoryBuffer@2@@Z
?Instance@MemoryRecycler@ASL@@SA?AV?$ObjectPtr@VMemoryRecycler@ASL@@VAtomicValue@2@@2@XZ
?AllocateBuffer@MemoryRecycler@ASL@@QEAA?AVMemoryBuffer@2@_K@Z
?Resume@ThreadedWorkQueue@ASL@@QEAAXXZ
?Pause@ThreadedWorkQueue@ASL@@QEAAXXZ
??0ThreadedWorkQueue@ASL@@QEAA@XZ
??1ConstString@ASL@@QEAA@XZ
?Initialize@ThreadedWorkQueue@ASL@@QEAA_NW4Type@ThreadPriorities@2@HVConstString@2@1@Z
?MakeStdString@ASL@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AEBV?$basic_string@GU?$char_traits@G@std@@V?$STLAllocator@G@SmallBlockAllocator@utility@dvacore@@@3@@Z
?QueueRequest@ThreadedWorkQueue@ASL@@QEAA_NV?$InterfaceRef@UIThreadedQueueRequest@ASL@@U12@@2@@Z
?Stop@ThreadedWorkQueue@ASL@@QEAAXXZ
??0ConstString@ASL@@QEAA@AEBV?$basic_string@GU?$char_traits@G@std@@V?$STLAllocator@G@SmallBlockAllocator@utility@dvacore@@@std@@@Z

aslmessaging

?RegisterUniqueStation@StationRegistry@ASL@@YA?AVImmutableString@utility@dvacore@@XZ
?DisposeStation@StationRegistry@ASL@@YAXAEBVImmutableString@utility@dvacore@@@Z

mediafoundation

?kPi@MF@@3MB
?kSqrt2Over264@MF@@3NB

msvcp100

?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?width@ios_base@std@@QEAA_J_J@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?uncaught_exception@std@@YA_NXZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?good@ios_base@std@@QEBA_NXZ
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
?_Swap_all@_Container_base0@std@@QEAAXAEAU12@@Z
?exceptions@ios_base@std@@QEAAXH@Z
?fail@ios_base@std@@QEBA_NXZ
?max@?$numeric_limits@I@std@@SAIXZ
?_Xout_of_range@std@@YAXPEBD@Z
?_Xlength_error@std@@YAXPEBD@Z
??0id@locale@std@@QEAA@_K@Z
?_Orphan_all@_Container_base0@std@@QEAAXXZ
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADXZ
?flags@ios_base@std@@QEBAHXZ
?width@ios_base@std@@QEBA_JXZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXH@Z
?pbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXH@Z
?_BADOFF@std@@3_JB
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@K@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z

msvcr100

_purecall
_snprintf
__clean_type_info_names_internal
__crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QEAAXXZ
_CxxThrowException
??0exception@std@@QEAA@AEBV01@@Z
__CxxFrameHandler3
__CppXcptFilter
_amsg_exit
_encoded_null
free
_initterm_e
_initterm
_malloc_crt
?terminate@@YAXXZ
_onexit
_lock
__dllonexit
_unlock
__C_specific_handler
sqrt
__RTDynamicCast
_time64
memcpy
??_V@YAXPEAX@Z
floor
memmove
memset
sqrtf
sinf
cosf
atan2f
sin
cos
??1exception@std@@UEAA@XZ
?what@exception@std@@UEBAPEBDXZ
??0exception@std@@QEAA@AEBQEBD@Z
??2@YAPEAX_K@Z
??3@YAXPEAX@Z

Exports

Exports

??0AudioBuffer@AR@@QEAA@AEBV01@@Z
??0AudioBuffer@AR@@QEAA@H_N@Z
??0AudioBufferChannel@AR@@QEAA@AEBV01@@Z
??0AudioBufferChannel@AR@@QEAA@XZ
??0AudioBufferShell@AR@@QEAA@XZ
??0AudioDelayBuffer@AR@@QEAA@AEBV01@@Z
??0AudioDelayBuffer@AR@@QEAA@H_N@Z
??0AudioFilterControl@AR@@QEAA@V?$InterfaceRef@UIAudioFilter@AR@@U12@@ASL@@I@Z
??0AudioSubBuffer@AR@@QEAA@XZ
??0AudioWaveformRequest@AR@@QEAA@XZ
??1AudioBuffer@AR@@UEAA@XZ
??1AudioBufferChannel@AR@@UEAA@XZ
??1AudioBufferShell@AR@@UEAA@XZ
??1AudioDelayBuffer@AR@@UEAA@XZ
??1AudioSubBuffer@AR@@UEAA@XZ
??4AudioBuffer@AR@@QEAAXAEBV01@@Z
??4AudioBuffer@AR@@QEAAXPEAPEBD@Z
??4AudioBuffer@AR@@QEAAXPEAPEBF@Z
??4AudioBuffer@AR@@QEAAXPEBD@Z
??4AudioBuffer@AR@@QEAAXPEBF@Z
??8AudioWaveformRequest@AR@@QEAA_NAEBV01@@Z
??AAudioBuffer@AR@@QEBAPEAMI@Z
??XAudioBuffer@AR@@QEAAXM@Z
??YAudioBuffer@AR@@QEAAXAEBV01@@Z
??_FAudioBuffer@AR@@QEAAXXZ
??_FAudioDelayBuffer@AR@@QEAAXXZ
?ACM16ChannelTo51@AudioChannelMix@AR@@YAXAEBVAudioBuffer@2@AEAV32@@Z
?ACM16ChannelToMono@AudioChannelMix@AR@@YAXAEBVAudioBuffer@2@AEAV32@@Z
?ACM16ChannelToStereo@AudioChannelMix@AR@@YAXAEBVAudioBuffer@2@AEAV32@@Z
?ACM51FrontLFEToMono@AudioChannelMix@AR@@YAXAEBVAudioBuffer@2@AEAV32@@Z
?ACM51FrontLFEToStereo@AudioChannelMix@AR@@YAXAEBVAudioBuffer@2@AEAV32@@Z
?ACM51FrontRearLFEToMono@AudioChannelMix@AR@@YAXAEBVAudioBuffer@2@AEAV32@@Z
?ACM51FrontRearLFEToStereo@AudioChannelMix@AR@@YAXAEBVAudioBuffer@2@AEAV32@@Z
?ACM51FrontRearToMono@AudioChannelMix@AR@@YAXAEBVAudioBuffer@2@AEAV32@@Z
?ACM51FrontRearToStereo@AudioChannelMix@AR@@YAXAEBVAudioBuffer@2@AEAV32@@Z
?ACM51FrontToMono@AudioChannelMix@AR@@YAXAEBVAudioBuffer@2@AEAV32@@Z
?ACM51FrontToStereo@AudioChannelMix@AR@@YAXAEBVAudioBuffer@2@AEAV32@@Z
?ACMMonoToStereoDefault@AudioChannelMix@AR@@YAXAEBVAudioBuffer@2@AEAV32@@Z
?ACMSame@AudioChannelMix@AR@@YAXAEBVAudioBuffer@2@AEAV32@@Z
?ACMStereoToMonoDefault@AudioChannelMix@AR@@YAXAEBVAudioBuffer@2@AEAV32@@Z
?Assign@AudioBufferChannel@AR@@QEAAXAEAVAudioBuffer@2@I@Z
?Assign@AudioBufferShell@AR@@QEAAXPEAPEAMI@Z
?Assign@AudioSubBuffer@AR@@QEAAXAEAVAudioBuffer@2@I@Z
?AudioMatrixToString@AR@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$STLAllocator@G@SmallBlockAllocator@utility@dvacore@@@std@@AEBV?$map@_KV?$set@_KU?$less@_K@std@@@SmallBlockAllocator@utility@dvacore@@U?$less@_K@std@@@SmallBlockAllocator@utility@dvacore@@@Z
?CancelAllPendingPrefetchRequests@AR@@YAXXZ
?CancelAllPendingPrefetchRequests@AudioPrefetch@AR@@YAXXZ
?Cast@AudioBuffer@AR@@QEBAXPEAD@Z
?Cast@AudioBuffer@AR@@QEBAXPEAF@Z
?Cast@AudioBuffer@AR@@QEBAXPEAPEAD@Z
?Cast@AudioBuffer@AR@@QEBAXPEAPEAF@Z
?Clear@AudioWaveformQueue@AR@@YAXXZ
?Complete@AudioWaveformRequest@AR@@UEAAXH@Z
?ConvertInt32ToFloat32InPlace@AR@@YAXPEAJ_K@Z
?CopyCertainChannelsFrom@AudioBuffer@AR@@QEAAXAEBV12@IAEBV?$Flags@K@utility@dvacore@@@Z
?CopyChannel@AudioBuffer@AR@@QEAAXAEBV12@II@Z
?CopyChannel@AudioBuffer@AR@@QEAAXII@Z
?CopyFrom@AudioBuffer@AR@@QEAAXAEBV12@@Z
?CopyFrom@AudioBuffer@AR@@QEAAXAEBV12@I@Z
?CopyFrom@AudioBuffer@AR@@QEAAXAEBV12@II@Z
?CopyFromScale@AudioBuffer@AR@@QEAAXAEBV12@M@Z
?CreateAudioChannelMatrixRenderer@AudioRendererFactory@AR@@YAHV?$InterfaceRef@UIAudioRenderContext@AR@@U12@@ASL@@AEBVFrameRate@dvamediatypes@@AEBV?$map@_KV?$set@_KU?$less@_K@std@@@SmallBlockAllocator@utility@dvacore@@U?$less@_K@std@@@SmallBlockAllocator@utility@dvacore@@PEAV?$InterfaceRef@UIAudioProcessor@AR@@U12@@4@@Z
?CreateAudioClipRenderer@AudioRendererFactory@AR@@YAHV?$InterfaceRef@UIAudioRenderContext@AR@@U12@@ASL@@AEBVFrameRate@dvamediatypes@@AEBV?$map@V?$InterfaceRef@UIAudioGenerator@AR@@U12@@ASL@@V?$map@_K_KU?$less@_K@std@@V?$STLAllocator@U?$pair@$$CB_K_K@std@@@SmallBlockAllocator@utility@dvacore@@@std@@U?$less@V?$InterfaceRef@UIAudioGenerator@AR@@U12@@ASL@@@4@V?$STLAllocator@U?$pair@$$CBV?$InterfaceRef@UIAudioGenerator@AR@@U12@@ASL@@V?$map@_K_KU?$less@_K@std@@V?$STLAllocator@U?$pair@$$CB_K_K@std@@@SmallBlockAllocator@utility@dvacore@@@std@@@std@@@SmallBlockAllocator@utility@dvacore@@@std@@AEBV?$vector@UAudioChannelDescription@dvamediatypes@@V?$allocator@UAudioChannelDescription@dvamediatypes@@@std@@@8@AEBVTickTime@6@MNPEAV?$InterfaceRef@UIAudioGenerator@AR@@U12@@4@@Z
?CreateAudioClipTrackRenderer@AudioRendererFactory@AR@@YAHV?$InterfaceRef@UIAudioRenderContext@AR@@U12@@ASL@@AEBVFrameRate@dvamediatypes@@AEBV?$vector@V?$InterfaceRef@UIAudioTrackRenderableItem@AR@@U12@@ASL@@V?$STLAllocator@V?$InterfaceRef@UIAudioTrackRenderableItem@AR@@U12@@ASL@@@SmallBlockAllocator@utility@dvacore@@@std@@V?$InterfaceRef@UASLUnknown@ASL@@U12@@4@V?$ObjectPtr@VAtomicValue@ASL@@V12@@4@AEBV?$vector@V?$InterfaceRef@UIAudioProcessor@AR@@U12@@ASL@@V?$STLAllocator@V?$InterfaceRef@UIAudioProcessor@AR@@U12@@ASL@@@SmallBlockAllocator@utility@dvacore@@@8@V?$InterfaceRef@UIAudioPanProcessor@AR@@U12@@4@AEBV?$vector@UAudioChannelDescription@dvamediatypes@@V?$allocator@UAudioChannelDescription@dvamediatypes@@@std@@@8@PEAV?$InterfaceRef@UIAudioGenerator@AR@@U12@@4@@Z
?CreateAudioClipTrackRenderer@AudioRendererFactory@AR@@YAHV?$InterfaceRef@UIAudioRenderContext@AR@@U12@@ASL@@AEBVFrameRate@dvamediatypes@@AEBV?$vector@V?$InterfaceRef@UIAudioTrackRenderableItem@AR@@U12@@ASL@@V?$STLAllocator@V?$InterfaceRef@UIAudioTrackRenderableItem@AR@@U12@@ASL@@@SmallBlockAllocator@utility@dvacore@@@std@@V?$InterfaceRef@UASLUnknown@ASL@@U12@@4@V?$ObjectPtr@VAtomicValue@ASL@@V12@@4@AEBV?$vector@V?$InterfaceRef@UIAudioProcessor@AR@@U12@@ASL@@V?$STLAllocator@V?$InterfaceRef@UIAudioProcessor@AR@@U12@@ASL@@@SmallBlockAllocator@utility@dvacore@@@8@V?$InterfaceRef@UIAudioPanProcessor@AR@@U12@@4@W4AudioChannelType@MF@@AEBV?$vector@UAudioChannelDescription@dvamediatypes@@V?$allocator@UAudioChannelDescription@dvamediatypes@@@std@@@8@PEAV?$InterfaceRef@UIAudioGenerator@AR@@U12@@4@@Z
?CreateAudioContentMulticamRenderer@AudioRendererFactory@AR@@YAHV?$InterfaceRef@UIAudioRenderContext@AR@@U12@@ASL@@AEBVFrameRate@dvamediatypes@@1AEBV?$vector@V?$InterfaceRef@UIAudioGenerator@AR@@U12@@ASL@@V?$STLAllocator@V?$InterfaceRef@UIAudioGenerator@AR@@U12@@ASL@@@SmallBlockAllocator@utility@dvacore@@@std@@V?$ObjectPtr@VAtomicValue@ASL@@V12@@4@_NAEBVTickTime@6@5PEAV?$InterfaceRef@UIAudioGenerator@AR@@U12@@4@@Z
?CreateAudioContentRenderer@AudioRendererFactory@AR@@YAHV?$InterfaceRef@UIAudioRenderContext@AR@@U12@@ASL@@AEBVFrameRate@dvamediatypes@@1V?$InterfaceRef@UIAudioGenerator@AR@@U12@@4@_NAEBVTickTime@6@4V?$InterfaceRef@UASLUnknown@ASL@@U12@@4@PEAV74@@Z
?CreateAudioFaderRenderer@AudioRendererFactory@AR@@YAHV?$InterfaceRef@UIAudioRenderContext@AR@@U12@@ASL@@AEBVFrameRate@dvamediatypes@@AEBV?$vector@V?$InterfaceRef@UIRenderableAudioComponentParam@AR@@U12@@ASL@@V?$STLAllocator@V?$InterfaceRef@UIRenderableAudioComponentParam@AR@@U12@@ASL@@@SmallBlockAllocator@utility@dvacore@@@std@@PEAV?$InterfaceRef@UIAudioProcessor@AR@@U12@@4@@Z
?CreateAudioFilterRenderer@AudioRendererFactory@AR@@YAHV?$InterfaceRef@UIAudioRenderContext@AR@@U12@@ASL@@AEBVFrameRate@dvamediatypes@@V?$InterfaceRef@UIAudioFilter@AR@@U12@@4@2_NAEBV?$vector@V?$InterfaceRef@UIRenderableAudioComponentParam@AR@@U12@@ASL@@V?$STLAllocator@V?$InterfaceRef@UIRenderableAudioComponentParam@AR@@U12@@ASL@@@SmallBlockAllocator@utility@dvacore@@@std@@AEBV?$vector@UAudioChannelDescription@dvamediatypes@@V?$allocator@UAudioChannelDescription@dvamediatypes@@@std@@@9@PEAV?$InterfaceRef@UIAudioProcessor@AR@@U12@@4@@Z
?CreateAudioMeterRenderer@AudioRendererFactory@AR@@YAHV?$InterfaceRef@UIAudioRenderContext@AR@@U12@@ASL@@AEBVFrameRate@dvamediatypes@@V?$InterfaceRef@UIAudioMeterSetter@AR@@U12@@4@PEAV?$InterfaceRef@UIAudioProcessor@AR@@U12@@4@@Z
?CreateAudioMixTrackRenderer@AudioRendererFactory@AR@@YAHV?$InterfaceRef@UIAudioRenderContext@AR@@U12@@ASL@@AEBVFrameRate@dvamediatypes@@V?$InterfaceRef@UIAudioGenerator@AR@@U12@@4@V?$InterfaceRef@UASLUnknown@ASL@@U12@@4@V?$ObjectPtr@VAtomicValue@ASL@@V12@@4@AEBV?$vector@V?$InterfaceRef@UIAudioProcessor@AR@@U12@@ASL@@V?$STLAllocator@V?$InterfaceRef@UIAudioProcessor@AR@@U12@@ASL@@@SmallBlockAllocator@utility@dvacore@@@std@@V?$InterfaceRef@UIAudioPanProcessor@AR@@U12@@4@AEBV?$vector@UAudioChannelDescription@dvamediatypes@@V?$allocator@UAudioChannelDescription@dvamediatypes@@@std@@@std@@PEAV74@@Z
?CreateAudioPanProcessorRenderer@AudioRendererFactory@AR@@YAHV?$InterfaceRef@UIAudioRenderContext@AR@@U12@@ASL@@AEBVFrameRate@dvamediatypes@@W4PanProcessorType@2@_NAEBV?$vector@V?$InterfaceRef@UIRenderableAudioComponentParam@AR@@U12@@ASL@@V?$STLAllocator@V?$InterfaceRef@UIRenderableAudioComponentParam@AR@@U12@@ASL@@@SmallBlockAllocator@utility@dvacore@@@std@@PEAV?$InterfaceRef@UIAudioPanProcessor@AR@@U12@@4@@Z
?CreateAudioRenderContext@AudioRendererFactory@AR@@YAHI_N0AEBVTickTime@dvamediatypes@@11I1PEAUPrefetcher@2@AEBVImmutableString@utility@dvacore@@0000W4RenderQuality@4@PEAV?$InterfaceRef@UIAudioRenderContext@AR@@U12@@ASL@@@Z
?CreateAudioResampler@AudioResamplerFactory@AR@@YA?AV?$InterfaceRef@UIAudioResampler@AR@@U12@@ASL@@W4RenderQuality@dvamediatypes@@@Z
?CreateAudioSendRenderer@AudioRendererFactory@AR@@YAHV?$InterfaceRef@UIAudioRenderContext@AR@@U12@@ASL@@AEBVFrameRate@dvamediatypes@@V?$InterfaceRef@UASLUnknown@ASL@@U12@@4@AEBV?$vector@V?$InterfaceRef@UIRenderableAudioComponentParam@AR@@U12@@ASL@@V?$STLAllocator@V?$InterfaceRef@UIRenderableAudioComponentParam@AR@@U12@@ASL@@@SmallBlockAllocator@utility@dvacore@@@std@@V?$InterfaceRef@UIAudioPanProcessor@AR@@U12@@4@PEAV?$InterfaceRef@UIAudioProcessor@AR@@U12@@4@@Z
?CreateAudioSourceRenderer@AudioRendererFactory@AR@@YAHV?$InterfaceRef@UIAudioRenderContext@AR@@U12@@ASL@@AEBVFrameRate@dvamediatypes@@V?$InterfaceRef@UIBufferedAudioSource@AR@@U12@@4@W4AudioChannelType@MF@@HNV?$InterfaceRef@UASLUnknown@ASL@@U12@@4@PEAV?$InterfaceRef@UIAudioGenerator@AR@@U12@@4@@Z
?CreateAudioStreamRenderer@AudioRendererFactory@AR@@YAHV?$InterfaceRef@UIAudioRenderContext@AR@@U12@@ASL@@AEBVFrameRate@dvamediatypes@@V?$InterfaceRef@UIAudioSource@AR@@U12@@4@HNV?$InterfaceRef@UASLUnknown@ASL@@U12@@4@PEAV?$InterfaceRef@UIAudioGenerator@AR@@U12@@4@@Z
?CreateAudioTimeScaler@AudioTimeScalerFactory@AR@@UEAA?AV?$InterfaceRef@UIAudioTimeScaler@AR@@U12@@ASL@@W4RenderQuality@dvamediatypes@@@Z
?CreateAudioTrackGroupRenderer@AudioRendererFactory@AR@@YAHV?$InterfaceRef@UIAudioRenderContext@AR@@U12@@ASL@@AEBVFrameRate@dvamediatypes@@AEBV?$vector@V?$InterfaceRef@UIAudioGenerator@AR@@U12@@ASL@@V?$STLAllocator@V?$InterfaceRef@UIAudioGenerator@AR@@U12@@ASL@@@SmallBlockAllocator@utility@dvacore@@@std@@AEBV?$deque@V?$vector@UDelayDependency@AR@@V?$STLAllocator@UDelayDependency@AR@@@SmallBlockAllocator@utility@dvacore@@@std@@V?$STLAllocator@V?$vector@UDelayDependency@AR@@V?$STLAllocator@UDelayDependency@AR@@@SmallBlockAllocator@utility@dvacore@@@std@@@SmallBlockAllocator@utility@dvacore@@@8@AEBV?$vector@VTickTime@dvamediatypes@@V?$allocator@VTickTime@dvamediatypes@@@std@@@8@AEBV?$vector@UAudioChannelDescription@dvamediatypes@@V?$allocator@UAudioChannelDescription@dvamediatypes@@@std@@@8@V?$InterfaceRef@UASLUnknown@ASL@@U12@@4@PEAV?$InterfaceRef@UIAudioGenerator@AR@@U12@@4@@Z
?CreateAudioTrackGroupRendererViaCloning@AudioRendererFactory@AR@@YAHV?$InterfaceRef@UIAudioRenderContext@AR@@U12@@ASL@@AEBVFrameRate@dvamediatypes@@V?$InterfaceRef@UASLUnknown@ASL@@U12@@4@PEAV?$InterfaceRef@UIAudioGenerator@AR@@U12@@4@@Z
?CreateAudioTrackInletRenderer@AudioRendererFactory@AR@@YAHV?$InterfaceRef@UIAudioRenderContext@AR@@U12@@ASL@@AEBVFrameRate@dvamediatypes@@AEBV?$vector@V?$InterfaceRef@UASLUnknown@ASL@@U12@@ASL@@V?$STLAllocator@V?$InterfaceRef@UASLUnknown@ASL@@U12@@ASL@@@SmallBlockAllocator@utility@dvacore@@@std@@AEBV?$vector@UAudioChannelDescription@dvamediatypes@@V?$allocator@UAudioChannelDescription@dvamediatypes@@@std@@@8@PEAV?$InterfaceRef@UIAudioGenerator@AR@@U12@@4@@Z
?CreateAudioTransitionRenderer@AudioRendererFactory@AR@@YAHV?$InterfaceRef@UIAudioRenderContext@AR@@U12@@ASL@@AEBVFrameRate@dvamediatypes@@V?$InterfaceRef@UIAudioTransition@AR@@U12@@4@V?$InterfaceRef@UIAudioGenerator@AR@@U12@@4@3AEBVTickTime@6@444PEAV84@@Z
?CreateAudioWaveformBuffer@AudioWaveformQueue@AR@@YA?AV?$InterfaceRef@UIAudioWaveformBuffer@AR@@U12@@ASL@@XZ
?CreateAudioWaveformRequest@AudioWaveformRequest@AR@@SA?AV?$InterfaceRef@VAudioWaveformRequest@AR@@UIThreadedQueueRequest@ASL@@@ASL@@V?$InterfaceRef@UIAudioWaveformGenerator@AR@@U12@@4@AEBVTickTime@dvamediatypes@@1_KV?$InterfaceRef@UIAudioWaveformBuffer@AR@@U12@@4@V?$InterfaceRef@UIAudioWaveformWaitableGateHolder@AR@@U12@@4@@Z
?CreateDefaultMultiChannelAudioPanProcessorRenderer@AudioRendererFactory@AR@@YAHV?$InterfaceRef@UIAudioRenderContext@AR@@U12@@ASL@@AEBVFrameRate@dvamediatypes@@AEBV?$map@_KV?$set@_KU?$less@_K@std@@@SmallBlockAllocator@utility@dvacore@@U?$less@_K@std@@@SmallBlockAllocator@utility@dvacore@@_NAEBV?$vector@V?$InterfaceRef@UIRenderableAudioComponentParam@AR@@U12@@ASL@@V?$STLAllocator@V?$InterfaceRef@UIRenderableAudioComponentParam@AR@@U12@@ASL@@@SmallBlockAllocator@utility@dvacore@@@std@@AEBV?$vector@UAudioChannelDescription@dvamediatypes@@V?$allocator@UAudioChannelDescription@dvamediatypes@@@std@@@std@@5PEAV?$InterfaceRef@UIAudioPanProcessor@AR@@U12@@4@@Z
?CreateDirectAudioPanProcessorRenderer@AudioRendererFactory@AR@@YAHV?$InterfaceRef@UIAudioRenderContext@AR@@U12@@ASL@@AEBVFrameRate@dvamediatypes@@W4PanProcessorType@2@HAEBV?$map@_KV?$set@_KU?$less@_K@std@@@SmallBlockAllocator@utility@dvacore@@U?$less@_K@std@@@SmallBlockAllocator@utility@dvacore@@_NAEBV?$vector@V?$InterfaceRef@UIRenderableAudioComponentParam@AR@@U12@@ASL@@V?$STLAllocator@V?$InterfaceRef@UIRenderableAudioComponentParam@AR@@U12@@ASL@@@SmallBlockAllocator@utility@dvacore@@@std@@PEAV?$InterfaceRef@UIAudioPanProcessor@AR@@U12@@4@@Z
?CreateNoneAudioPanProcessorRenderer@AudioRendererFactory@AR@@YAHV?$InterfaceRef@UIAudioRenderContext@AR@@U12@@ASL@@AEBV?$vector@UAudioChannelDescription@dvamediatypes@@V?$allocator@UAudioChannelDescription@dvamediatypes@@@std@@@std@@PEAV?$InterfaceRef@UIAudioPanProcessor@AR@@U12@@4@@Z
?CreateRealtimeAudioClipTrackItemRenderer@AudioRendererFactory@AR@@YAHV?$InterfaceRef@UIAudioRenderContext@AR@@U12@@ASL@@AEBVFrameRate@dvamediatypes@@V?$InterfaceRef@UIAudioGenerator@AR@@U12@@4@AEBV?$vector@V?$InterfaceRef@UIAudioProcessor@AR@@U12@@ASL@@V?$STLAllocator@V?$InterfaceRef@UIAudioProcessor@AR@@U12@@ASL@@@SmallBlockAllocator@utility@dvacore@@@std@@V?$InterfaceRef@UIAudioPanProcessor@AR@@U12@@4@N1V?$InterfaceRef@UITimeTransform@MF@@U12@@4@AEBVTickTime@6@PEAV74@@Z
?CreateSilentAudioTrackRenderableItem@AR@@YA?AV?$InterfaceRef@UIAudioTrackRenderableItem@AR@@U12@@ASL@@AEBVTickTime@dvamediatypes@@0AEBVFrameRate@5@@Z
?CreateSilentRenderer@AudioRendererFactory@AR@@YAHAEBV?$vector@UAudioChannelDescription@dvamediatypes@@V?$allocator@UAudioChannelDescription@dvamediatypes@@@std@@@std@@PEAV?$InterfaceRef@UIAudioGenerator@AR@@U12@@ASL@@@Z
?CreateSpecializedResampler@AudioResamplerFactory@AR@@YA?AV?$InterfaceRef@UIAudioResamplerSpecialized@AR@@U12@@ASL@@AEBVFrameRate@dvamediatypes@@0I@Z
?CreateTimeAlteredAudioClipTrackItemRenderer@AudioRendererFactory@AR@@YAHV?$InterfaceRef@UIAudioRenderContext@AR@@U12@@ASL@@AEBVFrameRate@dvamediatypes@@V?$InterfaceRef@UIAudioGenerator@AR@@U12@@4@AEBV?$vector@V?$InterfaceRef@UIAudioProcessor@AR@@U12@@ASL@@V?$STLAllocator@V?$InterfaceRef@UIAudioProcessor@AR@@U12@@ASL@@@SmallBlockAllocator@utility@dvacore@@@std@@V?$InterfaceRef@UIAudioPanProcessor@AR@@U12@@4@N_N5V?$InterfaceRef@UITimeTransform@MF@@U12@@4@AEBVTickTime@6@7N77PEAV74@@Z
?CreateWaitableGateHolder@AudioWaveformWaitableGateHolder@AR@@SA?AV?$InterfaceRef@UIAudioWaveformWaitableGateHolder@AR@@U12@@ASL@@XZ
?EnumerateInputChannels@AR@@YA?AV?$Flags@K@utility@dvacore@@AEBV?$map@_KV?$set@_KU?$less@_K@std@@@SmallBlockAllocator@utility@dvacore@@U?$less@_K@std@@@SmallBlockAllocator@34@@Z
?EnumerateOutputChannels@AR@@YA?AV?$Flags@K@utility@dvacore@@AEBV?$map@_KV?$set@_KU?$less@_K@std@@@SmallBlockAllocator@utility@dvacore@@U?$less@_K@std@@@SmallBlockAllocator@34@@Z
?GetAlignment@AudioBuffer@AR@@QEBAHXZ
?GetAllocatedSize@AudioBuffer@AR@@QEBAIXZ
?GetAudioTimeScalerFactory@AR@@YA?AV?$InterfaceRef@UIAudioTimeScalerFactory@AR@@U12@@ASL@@XZ
?GetBufferSize@AudioBuffer@AR@@QEBAIXZ
?GetDelay@AudioDelayBuffer@AR@@QEAAIXZ
?GetFloatBuffers@AudioBuffer@AR@@QEAAPEAPEAMXZ
?GetMaxNestableSequenceInstances@AR@@YAIXZ
?GetMixFunction@AudioChannelMix@AR@@YAP6AXAEBVAudioBuffer@2@AEAV32@@ZAEBV?$vector@UAudioChannelDescription@dvamediatypes@@V?$allocator@UAudioChannelDescription@dvamediatypes@@@std@@@std@@2@Z
?GetMixFunction@AudioChannelMix@AR@@YAP6AXAEBVAudioBuffer@2@AEAV32@@ZW4AudioChannelType@MF@@2@Z
?GetMixFunctionByChannels@AudioChannelMix@AR@@YAP6AXAEBVAudioBuffer@2@AEAV32@@ZIH@Z
?GetNumChannels@AudioBuffer@AR@@QEBAIXZ
?GetQueue@AudioWaveformQueue@AR@@YA?AV?$InterfaceRef@VThreadedWorkQueue@ASL@@UASLUnknown@2@@ASL@@XZ
?Init@AudioBuffer@AR@@QEAAXII@Z
?Init@AudioBufferShell@AR@@QEAAXI@Z
?Init@AudioDelayBuffer@AR@@QEAAXIII@Z
?Init@AudioSubBuffer@AR@@QEAAXI@Z
?Initialize@AR@@YAXXZ
?IsAborted@AudioWaveformQueue@AR@@YA_NXZ
?IsChannelZero@AudioBuffer@AR@@UEBA_NI@Z
?IsSIMDAligned@AudioBuffer@AR@@QEBA_NXZ
?IsSilentAudioTrackRenderableItem@AR@@YA_NAEBV?$InterfaceRef@UIAudioTrackRenderableItem@AR@@U12@@ASL@@@Z
?IsSpecializedResamplerAvailable@AudioResamplerFactory@AR@@YA_NAEBVFrameRate@dvamediatypes@@0@Z
?IsZero@AudioBuffer@AR@@UEBA_NXZ
?Mix@AudioBuffer@AR@@QEAAXAEBV12@@Z
?NoLongerZero@AudioBuffer@AR@@UEAAXXZ
?Pause@AudioWaveformQueue@AR@@YAX_N@Z
?PrefetchAudio@AudioPrefetch@AR@@YAXV?$InterfaceRef@UIAsyncAudioSource@AR@@U12@@ASL@@AEBVTickTime@dvamediatypes@@I_NV?$InterfaceRef@UIAudioPrefetchNotify@AR@@U12@@4@@Z
?Process@AudioWaveformRequest@AR@@UEAAXXZ
?Read@AudioDelayBuffer@AR@@QEAAXAEBVAudioBuffer@2@@Z
?Reset@AudioPrefetch@AR@@YAX_N@Z
?Reverse@AudioBuffer@AR@@QEAAXXZ
?Set51MixdownType@AudioChannelMix@AR@@YAXI@Z
?SetAudioTimeScalerFactory@AR@@YAXV?$InterfaceRef@UIAudioTimeScalerFactory@AR@@U12@@ASL@@@Z
?SetChannelNoLongerZero@AudioBuffer@AR@@UEAAXI@Z
?SetChannelZero@AudioBuffer@AR@@UEAAXI@Z
?SetChannelsNoLongerZero@AudioBuffer@AR@@UEAAXAEBV?$Flags@K@utility@dvacore@@@Z
?SetChannelsZero@AudioBuffer@AR@@UEAAXAEBV?$Flags@K@utility@dvacore@@@Z
?SetDelay@AudioDelayBuffer@AR@@QEAAXI@Z
?SetUseSize@AudioBuffer@AR@@QEAAXI@Z
?ShiftOffset@AudioSubBuffer@AR@@QEAAXI@Z
?Shutdown@AR@@YAXXZ
?Shutdown@AudioWaveformQueue@AR@@YAXXZ
?Write@AudioDelayBuffer@AR@@QEAAXAEAVAudioBuffer@2@@Z
?Zero@AudioBuffer@AR@@QEAAXXZ
?ZeroChannel@AudioBuffer@AR@@QEAAXI_K@Z

Sections

.text
Size: 535KB - Virtual size: 534KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 196KB - Virtual size: 196KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
lummastealer/Data/Media/1.jpg
.jpg
lummastealer/Data/Media/2.jpg
.jpg
lummastealer/Data/Media/3.jpg
.jpg
lummastealer/Data/Media/Intro2Matrix.pdf
.pdf
- http://libRblas.so
- http://liblapack.so
- http://r-project.org
- http://stat.math.ethz.ch
- http://www.netlib.org/lapack/lawns/lawn147.ps
- mailto:[email protected]
- mailto:[email protected]
lummastealer/Data/Media/NEWS.pdf
.pdf
- http://050e.g.in
- http://051andsample.int
- http://051getsanewoptioninclude.site
- http://051nolongersegfaultswhendotsisnotalistandusesmatch.fun
- http://210Non-ASCIIcharactersarenowproperlydisplayedonWindowsinwindowscreatedusingGraphAppviae.g.win
- http://210Wheninternaldispatchforrep.int
- http://210file.show
- http://210seq.int
- http://Makefile.win
- http://Makevars.win
- http://NEWS.md
- http://config.site
- http://e.g.day
- http://e.g.in
- http://file.info
- http://fromsomedo.call
- http://grid.group
- http://www.omegahat.net
- https://CRAN.R-project.org/package=igraph
- https://CRAN.R-project.org/package=knitr
- https://blog.r-project.org/2022/04/08/enhancements-to-html-documentation/
- https://blog.r-project.org/2022/04/08/enhancements-to-html-documentation/:thisneedsafairlyrecentversionofHTMLTidytobeavailable.C-LEVELFACILITIES:
- https://blog.r-project.org/2023/03/07/path-length-limit-on-windows
- https://blog.r-project.org/2023/03/07/path-length-limit-on-windowsformoreinformation.
- https://bugs.R-project.org/show_bug.cgi?id=10525
- https://bugs.R-project.org/show_bug.cgi?id=14938
- https://bugs.R-project.org/show_bug.cgi?id=15072
- https://bugs.R-project.org/show_bug.cgi?id=15285
- https://bugs.R-project.org/show_bug.cgi?id=15600
- https://bugs.R-project.org/show_bug.cgi?id=15628
- https://bugs.R-project.org/show_bug.cgi?id=15854
- https://bugs.R-project.org/show_bug.cgi?id=15886
- https://bugs.R-project.org/show_bug.cgi?id=15891
- https://bugs.R-project.org/show_bug.cgi?id=16056
- https://bugs.R-project.org/show_bug.cgi?id=16100
- https://bugs.R-project.org/show_bug.cgi?id=16158
- https://bugs.R-project.org/show_bug.cgi?id=16184
- https://bugs.R-project.org/show_bug.cgi?id=16520
- https://bugs.R-project.org/show_bug.cgi?id=16534
- https://bugs.R-project.org/show_bug.cgi?id=16584
- https://bugs.R-project.org/show_bug.cgi?id=16662
- https://bugs.R-project.org/show_bug.cgi?id=16694
- https://bugs.R-project.org/show_bug.cgi?id=16702
- https://bugs.R-project.org/show_bug.cgi?id=16710
- https://bugs.R-project.org/show_bug.cgi?id=16716
- https://bugs.R-project.org/show_bug.cgi?id=16764
- https://bugs.R-project.org/show_bug.cgi?id=17124
- https://bugs.R-project.org/show_bug.cgi?id=17165
- https://bugs.R-project.org/show_bug.cgi?id=17179
- https://bugs.R-project.org/show_bug.cgi?id=17180
- https://bugs.R-project.org/show_bug.cgi?id=17214
- https://bugs.R-project.org/show_bug.cgi?id=17271
- https://bugs.R-project.org/show_bug.cgi?id=17277
- https://bugs.R-project.org/show_bug.cgi?id=17330
- https://bugs.R-project.org/show_bug.cgi?id=17421
- https://bugs.R-project.org/show_bug.cgi?id=17501
- https://bugs.R-project.org/show_bug.cgi?id=17527
- https://bugs.R-project.org/show_bug.cgi?id=17532
- https://bugs.R-project.org/show_bug.cgi?id=17555
- https://bugs.R-project.org/show_bug.cgi?id=17562
- https://bugs.R-project.org/show_bug.cgi?id=17573
- https://bugs.R-project.org/show_bug.cgi?id=17580
- https://bugs.R-project.org/show_bug.cgi?id=17589
- https://bugs.R-project.org/show_bug.cgi?id=17595
- https://bugs.R-project.org/show_bug.cgi?id=17596
- https://bugs.R-project.org/show_bug.cgi?id=17598
- https://bugs.R-project.org/show_bug.cgi?id=17607
- https://bugs.R-project.org/show_bug.cgi?id=17616
- https://bugs.R-project.org/show_bug.cgi?id=17619
- https://bugs.R-project.org/show_bug.cgi?id=17620
- https://bugs.R-project.org/show_bug.cgi?id=17624
- https://bugs.R-project.org/show_bug.cgi?id=17632
- https://bugs.R-project.org/show_bug.cgi?id=17633
- https://bugs.R-project.org/show_bug.cgi?id=17638
- https://bugs.R-project.org/show_bug.cgi?id=17645
- https://bugs.R-project.org/show_bug.cgi?id=17648
- https://bugs.R-project.org/show_bug.cgi?id=17652
- https://bugs.R-project.org/show_bug.cgi?id=17653
- https://bugs.R-project.org/show_bug.cgi?id=17659
- https://bugs.R-project.org/show_bug.cgi?id=17668
- https://bugs.R-project.org/show_bug.cgi?id=17669
- https://bugs.R-project.org/show_bug.cgi?id=17671
- https://bugs.R-project.org/show_bug.cgi?id=17674
- https://bugs.R-project.org/show_bug.cgi?id=17679
- https://bugs.R-project.org/show_bug.cgi?id=17688
- https://bugs.R-project.org/show_bug.cgi?id=17693
- https://bugs.R-project.org/show_bug.cgi?id=17705
- https://bugs.R-project.org/show_bug.cgi?id=17719
- https://bugs.R-project.org/show_bug.cgi?id=17721
- https://bugs.R-project.org/show_bug.cgi?id=17730
- https://bugs.R-project.org/show_bug.cgi?id=17735
- https://bugs.R-project.org/show_bug.cgi?id=17746
- https://bugs.R-project.org/show_bug.cgi?id=17756
- https://bugs.R-project.org/show_bug.cgi?id=17769
- https://bugs.R-project.org/show_bug.cgi?id=17770
- https://bugs.R-project.org/show_bug.cgi?id=17777
- https://bugs.R-project.org/show_bug.cgi?id=17779
- https://bugs.R-project.org/show_bug.cgi?id=17781
- https://bugs.R-project.org/show_bug.cgi?id=17784
- https://bugs.R-project.org/show_bug.cgi?id=17794
- https://bugs.R-project.org/show_bug.cgi?id=17809
- https://bugs.R-project.org/show_bug.cgi?id=17815
- https://bugs.R-project.org/show_bug.cgi?id=17828
- https://bugs.R-project.org/show_bug.cgi?id=17833
- https://bugs.R-project.org/show_bug.cgi?id=17836
- https://bugs.R-project.org/show_bug.cgi?id=17840
- https://bugs.R-project.org/show_bug.cgi?id=17842
- https://bugs.R-project.org/show_bug.cgi?id=17850
- https://bugs.R-project.org/show_bug.cgi?id=17859
- https://bugs.R-project.org/show_bug.cgi?id=17863
- https://bugs.R-project.org/show_bug.cgi?id=17865
- https://bugs.R-project.org/show_bug.cgi?id=17868
- https://bugs.R-project.org/show_bug.cgi?id=17869
- https://bugs.R-project.org/show_bug.cgi?id=17873
- https://bugs.R-project.org/show_bug.cgi?id=17879
- https://bugs.R-project.org/show_bug.cgi?id=17891
- https://bugs.R-project.org/show_bug.cgi?id=17892
- https://bugs.R-project.org/show_bug.cgi?id=17897
- https://bugs.R-project.org/show_bug.cgi?id=17899
- https://bugs.R-project.org/show_bug.cgi?id=17900
- https://bugs.R-project.org/show_bug.cgi?id=17904
- https://bugs.R-project.org/show_bug.cgi?id=17905
- https://bugs.R-project.org/show_bug.cgi?id=17907
- https://bugs.R-project.org/show_bug.cgi?id=17909
- https://bugs.R-project.org/show_bug.cgi?id=17914
- https://bugs.R-project.org/show_bug.cgi?id=17917
- https://bugs.R-project.org/show_bug.cgi?id=17935
- https://bugs.R-project.org/show_bug.cgi?id=17936
- https://bugs.R-project.org/show_bug.cgi?id=17950
- https://bugs.R-project.org/show_bug.cgi?id=17959
- https://bugs.R-project.org/show_bug.cgi?id=17964
- https://bugs.R-project.org/show_bug.cgi?id=17970
- https://bugs.R-project.org/show_bug.cgi?id=17976
- https://bugs.R-project.org/show_bug.cgi?id=17977
- https://bugs.R-project.org/show_bug.cgi?id=17993
- https://bugs.R-project.org/show_bug.cgi?id=17998
- https://bugs.R-project.org/show_bug.cgi?id=18001
- https://bugs.R-project.org/show_bug.cgi?id=18002
- https://bugs.R-project.org/show_bug.cgi?id=18004
- https://bugs.R-project.org/show_bug.cgi?id=18007
- https://bugs.R-project.org/show_bug.cgi?id=18008
- https://bugs.R-project.org/show_bug.cgi?id=18016
- https://bugs.R-project.org/show_bug.cgi?id=18019
- https://bugs.R-project.org/show_bug.cgi?id=18029
- https://bugs.R-project.org/show_bug.cgi?id=18031
- https://bugs.R-project.org/show_bug.cgi?id=18032
- https://bugs.R-project.org/show_bug.cgi?id=18034
- https://bugs.R-project.org/show_bug.cgi?id=18041
- https://bugs.R-project.org/show_bug.cgi?id=18048
- https://bugs.R-project.org/show_bug.cgi?id=18053
- https://bugs.R-project.org/show_bug.cgi?id=18055
- https://bugs.R-project.org/show_bug.cgi?id=18063
- https://bugs.R-project.org/show_bug.cgi?id=18066
- https://bugs.R-project.org/show_bug.cgi?id=18072
- https://bugs.R-project.org/show_bug.cgi?id=18073
- https://bugs.R-project.org/show_bug.cgi?id=18078
- https://bugs.R-project.org/show_bug.cgi?id=18079
- https://bugs.R-project.org/show_bug.cgi?id=18092
- https://bugs.R-project.org/show_bug.cgi?id=18095
- https://bugs.R-project.org/show_bug.cgi?id=18098
- https://bugs.R-project.org/show_bug.cgi?id=18099
- https://bugs.R-project.org/show_bug.cgi?id=18100
- https://bugs.R-project.org/show_bug.cgi?id=18103
- https://bugs.R-project.org/show_bug.cgi?id=18104
- https://bugs.R-project.org/show_bug.cgi?id=18109
- https://bugs.R-project.org/show_bug.cgi?id=18123
- https://bugs.R-project.org/show_bug.cgi?id=18132
- https://bugs.R-project.org/show_bug.cgi?id=18135
- https://bugs.R-project.org/show_bug.cgi?id=18141
- https://bugs.R-project.org/show_bug.cgi?id=18149
- https://bugs.R-project.org/show_bug.cgi?id=18151
- https://bugs.R-project.org/show_bug.cgi?id=18152
- https://bugs.R-project.org/show_bug.cgi?id=18154
- https://bugs.R-project.org/show_bug.cgi?id=18156
- https://bugs.R-project.org/show_bug.cgi?id=18164
- https://bugs.R-project.org/show_bug.cgi?id=18168
- https://bugs.R-project.org/show_bug.cgi?id=18171
- https://bugs.R-project.org/show_bug.cgi?id=18179
- https://bugs.R-project.org/show_bug.cgi?id=18183
- https://bugs.R-project.org/show_bug.cgi?id=18188
- https://bugs.R-project.org/show_bug.cgi?id=18190
- https://bugs.R-project.org/show_bug.cgi?id=18194
- https://bugs.R-project.org/show_bug.cgi?id=18219
- https://bugs.R-project.org/show_bug.cgi?id=18224
- https://bugs.R-project.org/show_bug.cgi?id=18227
- https://bugs.R-project.org/show_bug.cgi?id=18228
- https://bugs.R-project.org/show_bug.cgi?id=18231
- https://bugs.R-project.org/show_bug.cgi?id=18232
- https://bugs.R-project.org/show_bug.cgi?id=18236
- https://bugs.R-project.org/show_bug.cgi?id=18241
- https://bugs.R-project.org/show_bug.cgi?id=18242
- https://bugs.R-project.org/show_bug.cgi?id=18243
- https://bugs.R-project.org/show_bug.cgi?id=18244
- https://bugs.R-project.org/show_bug.cgi?id=18247
- https://bugs.R-project.org/show_bug.cgi?id=18257
- https://bugs.R-project.org/show_bug.cgi?id=18267
- https://bugs.R-project.org/show_bug.cgi?id=18271
- https://bugs.R-project.org/show_bug.cgi?id=18272
- https://bugs.R-project.org/show_bug.cgi?id=18281
- https://bugs.R-project.org/show_bug.cgi?id=18284
- https://bugs.R-project.org/show_bug.cgi?id=18286
- https://bugs.R-project.org/show_bug.cgi?id=18291
- https://bugs.R-project.org/show_bug.cgi?id=18294
- https://bugs.R-project.org/show_bug.cgi?id=18296
- https://bugs.R-project.org/show_bug.cgi?id=18299
- https://bugs.R-project.org/show_bug.cgi?id=18302
- https://bugs.R-project.org/show_bug.cgi?id=18305
- https://bugs.R-project.org/show_bug.cgi?id=18308
- https://bugs.R-project.org/show_bug.cgi?id=18309
- https://bugs.R-project.org/show_bug.cgi?id=18318
- https://bugs.R-project.org/show_bug.cgi?id=18324
- https://bugs.R-project.org/show_bug.cgi?id=18326
- https://bugs.R-project.org/show_bug.cgi?id=18328
- https://bugs.R-project.org/show_bug.cgi?id=18331
- https://bugs.R-project.org/show_bug.cgi?id=18332
- https://bugs.R-project.org/show_bug.cgi?id=18334
- https://bugs.R-project.org/show_bug.cgi?id=18335
- https://bugs.R-project.org/show_bug.cgi?id=18336
- https://bugs.R-project.org/show_bug.cgi?id=18344
- https://bugs.R-project.org/show_bug.cgi?id=18357
- https://bugs.R-project.org/show_bug.cgi?id=18360
- https://bugs.R-project.org/show_bug.cgi?id=18362
- https://bugs.R-project.org/show_bug.cgi?id=18367
- https://bugs.R-project.org/show_bug.cgi?id=18368
- https://bugs.R-project.org/show_bug.cgi?id=18370
- https://bugs.R-project.org/show_bug.cgi?id=18372
- https://bugs.R-project.org/show_bug.cgi?id=18379
- https://bugs.R-project.org/show_bug.cgi?id=18382
- https://bugs.R-project.org/show_bug.cgi?id=18384
- https://bugs.R-project.org/show_bug.cgi?id=18385
- https://bugs.R-project.org/show_bug.cgi?id=18389
- https://bugs.R-project.org/show_bug.cgi?id=18390
- https://bugs.R-project.org/show_bug.cgi?id=18398
- https://bugs.R-project.org/show_bug.cgi?id=18401
- https://bugs.R-project.org/show_bug.cgi?id=18405
- https://bugs.R-project.org/show_bug.cgi?id=18414
- https://bugs.R-project.org/show_bug.cgi?id=18419
- https://bugs.R-project.org/show_bug.cgi?id=18420
- https://bugs.R-project.org/show_bug.cgi?id=18421
- https://bugs.R-project.org/show_bug.cgi?id=18422
- https://bugs.R-project.org/show_bug.cgi?id=18425
- https://bugs.R-project.org/show_bug.cgi?id=18426
- https://bugs.R-project.org/show_bug.cgi?id=18430
- https://bugs.R-project.org/show_bug.cgi?id=18435
- https://bugs.R-project.org/show_bug.cgi?id=18439
- https://bugs.R-project.org/show_bug.cgi?id=18440
- https://bugs.R-project.org/show_bug.cgi?id=18442
- https://bugs.R-project.org/show_bug.cgi?id=18447
- https://bugs.R-project.org/show_bug.cgi?id=18448
- https://bugs.R-project.org/show_bug.cgi?id=18455
- https://bugs.R-project.org/show_bug.cgi?id=18456
- https://bugs.R-project.org/show_bug.cgi?id=18476
- https://bugs.R-project.org/show_bug.cgi?id=18482
- https://bugs.R-project.org/show_bug.cgi?id=18483
- https://bugs.R-project.org/show_bug.cgi?id=18484
- https://bugs.R-project.org/show_bug.cgi?id=18485
- https://bugs.R-project.org/show_bug.cgi?id=18490
- https://bugs.R-project.org/show_bug.cgi?id=18492
- https://bugs.R-project.org/show_bug.cgi?id=18500
- https://bugs.R-project.org/show_bug.cgi?id=18503
- https://bugs.R-project.org/show_bug.cgi?id=18512
- https://bugs.R-project.org/show_bug.cgi?id=18515
- https://bugs.R-project.org/show_bug.cgi?id=18523
- https://bugs.R-project.org/show_bug.cgi?id=18530
- https://bugs.R-project.org/show_bug.cgi?id=18534
- https://bugs.R-project.org/show_bug.cgi?id=18541
- https://katex.org/
- https://prismjs.com
- https://www.mathjax.org/
- Show all
lummastealer/Data/Media/R-admin.pdf
.pdf
- http://-fPIEinconfig.site
- http://.Library.site
- http://.TheR.app
- http://014edbysettingPKG_CONFIGinconfig.site
- http://014leconfig.site
- http://014lesinthesourceandthebuilddirectories.Thereisalsoageneralautoconfmechanismforconfig.site
- http://015agsaredesirableinconfig.site
- http://050R.app
- http://050e.g.in
- http://050e.g.inconfig.site
- http://050orthe.tar.bz
- http://050thelatterarethedefaultforcommand-lineRbutnotR.app
- http://050withsomeexceptionswherethepackageisknowntohaveanarchitecture-independentconfigure.win
- http://051.C.3.9BuildingR.appBuildingtheR.app
- http://051.Thereisalsoprovisionforasite-wideMakevars.site
- http://051andtheabilitytousethebuildwithR.app
- http://051make-fMakefile.win
- http://051makewillmakestandalonelibrarieslibRmath.aandlibRmath.so
- http://051sharedlibrarieslibblis.solibblisp.solibbliso.so
- http://134pkg.so
- http://67C.3.9BuildingR.app
- http://CC23andC23FLAGScanbesetinconfig.site
- http://Linuxatypicalreductioninoverallsizewasfrom92MBto66MB.OnmacOSdebuggingsymbolsarenotbydefaultincludedin.dyliband.so
- http://Makefile.win
- http://Makevars.win
- http://Renviron.in
- http://Rprofile.site
- http://TCL_CONFIGspecifylocationoftclConfig.sh
- http://binaries.html-tidy.org/
- http://binaries.html-tidy.org/.OnemacOSquirkisthatthedefaultpathhas/usr/local/binafter/usr/bin,contrarytocommonpracticeonUnix-alikes.Thismeansthatifyouinstalltoolsfromthesourcestheywillbydefaultbeinstalledunder/usr/localandnotsupersedethesystemversions.Parallelinstallationofpackageswillmakeuseoftheutilitytimeoutifavailable.Adual-architecturebuildcanbedownloadedfromhttps://www.stats.ox.ac.uk/pub/bdr/timeout:makeitexecutable
- http://e.g.by
- http://e.guseinconfig.site
- http://en.cppreference.com/w/cpp/compiler_supportindicateswhichversionsofcom-moncompilerssupport
- http://en.wikipedia.org/wiki/ISO_3166
- http://en.wikipedia.org/wiki/ISO_639-1
- http://inconfig.site
- http://itisreadbetweentheconfig.site
- http://libRblas.so
- http://liblto_plugin.so
- http://libmkl_rt.so
- http://libopenblasp.so
- http://libsatlas.so
- http://libtatlas.so
- http://mingw-w64.org
- http://mingw-w64.org/
- http://rforge.net
- http://setforexampleinconfig.site
- http://targetinMakefile.win
- http://tclConfig.sh
- http://therewillalmostalwaysbea.Rout.fail
- http://tkConfig.sh
- http://typicallycalledlibR.so
- http://www.libexpat.org
- http://x.yforRversionsx.y.zandcontaining.zip
- https://CRAN.R-project.org/bin/windows/Rtools/rtools43/rtools.html
- https://CRAN.R-project.org/bin/windows/base/howto-R-devel.html
- https://CRAN.R-project.org/bin/windows/base/rw-FAQ.html
- https://CRAN.R-project.org/doc/FAQ/R-FAQ.html
- https://CRAN.R-project.org/doc/FAQ/R-FAQ.htmlwhichalw-ayshastheversionforthelatestreleaseofR
- https://CRAN.R-project.org/mirrors.html
- https://CRAN.R-project.org/mirrors.html.1.1GettingandunpackingthesourcesThesimplestwayistodownloadthemostrecentR-x.y.z.tar.gz
- https://CRAN.R-project.org/package=JavaGD
- https://CRAN.R-project.org/package=MASS
- https://CRAN.R-project.org/package=flexiblas
- https://CRAN.R-project.org/package=mgcv
- https://CRAN.R-project.org/package=quantreg
- https://CRAN.R-project.org/package=rJava
- https://CRAN.R-project.org/package=rgl
- https://CRAN.R-project.org/package=rjags
- https://CRAN.R-project.org/package=tinytex
- https://CRAN.R-project.org/package=tkrplot
- https://CRAN.R-project.org/src/contrib/dir',wherediris`x.y.z/Recommended'forr-develorx.y-patched/Recommendedforr-patched,respectively,todirectorysrc/library/Recommendedinthesourcesyouhaveunpacked.Afterdownloadingmanuallyyouneedtoexecutetools/link-recommendedfromthetoplevelofthesourcestomaketherequisitelinksinsrc/library/Recommended.AsuitableincantationfromthetopleveloftheRsourcesusingwgetmightbe
- https://CRAN.R-project.org/src/contrib/dir./tools/link-recommended2forsomeSubversionclients`http:'mayappeartowork,butrequirescontinualredirection.
- https://adoptium.net
- https://calibre-ebook.com/download
- https://clang.llvm.org
- https://clang.llvm.org/cxx_status.html
- https://clang.llvm.org/cxx_status.html,andfollowg++:-std=c++20issupportedfromClang10,-std=c++2bfromClang13.AppleClangsupports-std=c++2bfrom13.1.6.
- https://clang.llvm.org/docs/ThinLTO.html
- https://clang.llvm.org/docs/ThinLTO.html.
- https://cran.r-project.org/bin/macosx/RMacOSX-FAQ.html
- https://cran.r-project.org/bin/macosx/RMacOSX-FAQ.html#Which-BLAS-is-used-and-how-can-it-be-changed_003f
- https://cran.r-project.org/bin/macosx/RMacOSX-FAQ.html#Which-BLAS-is-used-and-how-can-it-be-changed_003f13AnessentiallyequivalentTEXinstallationcanbeobtainedbytheUnixTeXLiveinstallationscripts.14E.g.viatlmgrinstallhelveticinconsolatatexinfo.15AddingallthepackagesneededtocheckCRANincreasedthistoabout600MB.16JustthatcomponentcanbeselectedfromtheinstallerforR:atthe`InstallationType'screenselect`Customise'andthenjustthe`Tcl/Tk8.6.11'component.
- https://cran.r-project.org/bin/macosx/RMacOSX-FAQ.htmlandcanbeviewedfromR.app's`Help'menu.Youcanruncommand-lineRandRscriptfromaTerminal3sothesecanbetypedascommandsasonanyotherUnix-alike:seethenextchapterofthismanual.Therearesomesmalldi
- https://cran.r-project.org/bin/windows/base/howto-R-devel.html
- https://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/math/R/
- https://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/math/R/.
- https://developer.apple.com/documentation/accelerate
- https://developer.apple.com/documentation/accelerate.
- https://developer.apple.com/documentation/xcode/notarizing_macos_software_before_distribution
- https://developer.apple.com/documentation/xcode/notarizing_macos_software_before_distribution.
- https://developer.apple.com/library/archive/documentation/MacOSX/Conceptual/BPInternational/
- https://developer.apple.com/library/archive/documentation/MacOSX/Conceptual/BPInternational/forhowuserscansettheirlocales.AswithWindows,enduserswillgenerallyonlyseelistsoflanguages/territories.UsersofRinaterminalmayneedtosetthelocaletosomethinglike`en_GB.UTF-8'ifitdefaultsto`C'
- https://developer.apple.com/library/archive/releasenotes/MacOSX/WhatsNewInOSX/Articles/MacOSX10_9.html
- https://developer.r-project.org/Translations30.html
- https://developer.r-project.org/Translations30.htmlforhowtoprepareandin-stalltranslationcatalogues.4thelanguagewritteninEngland:somepeoplelivingintheUSAappropriatethisnamefortheirlanguage.5withAmericanisms.
- https://developer.r-project.org/noweb-2.11b.tgz
- https://developer.r-project.org/noweb-2.11b.tgz.
- https://en.cppreference.com/w/cpp/compiler_support
- https://en.wikipedia.org/wiki/Core_fonts_for_the_Web
- https://en.wikipedia.org/wiki/Core_fonts_for_the_Web.15ttf-liberationinDebian/Ubuntu.
- https://en.wikipedia.org/wiki/ISO_3166
- https://en.wikipedia.org/wiki/ISO_639-1
- https://en.wikipedia.org/wiki/Liberation_fonts
- https://gcc.gnu.org/gcc-10/porting_to.html
- https://gcc.gnu.org/gcc-10/porting_to.html.gfortran12errorsinmorecasesofthis.B.7Compileandload
- https://github.com/flame/blis
- https://github.com/laurikari/tre/
- https://github.com/laurikari/tre/,butatthetimeofwritingtheresultingbuilddidnotcompleteitschecks,nordidRbuiltagainsttheversionsuppliedbyFedora.
- https://github.com/libarchive/libarchive/
- https://github.com/libarchive/libarchive/,usedastarbyFreeBSDandmacOS10.6andlater
- https://github.com/llvm/llvm-project/releases/
- https://heirloom.sourceforge.net/tools.html
- https://icu.unicode.org
- https://icu.unicode.org/
- https://jdk.java.net/
- https://jdk.java.net/.Werecommendyouinstallaversionwithlong-termsupport,e.g.11or17or
- https://libcxx.llvm.org
- https://libcxx.llvm.org/
- https://lwn.net/Articles/192624/
- https://lwn.net/Articles/192624/.Tuningcompilationtoaspeci
- https://mac.R-project.org
- https://mac.R-project.org/
- https://mac.R-project.org/.Ifyourunintoproblemswith`quarantine'fortarballsdownloadedinabrowser,considerusingcurl-OLtodownload
- https://mac.r-project.org/bin/
- https://mac.r-project.org/bin/.Butsometimesitisdesirable/necessarytouseApple'sdynamicallylinkedlibrary,inwhichcaseappropriateheaderscouldbeextractedfromthesources5availableviahttps://opensource.apple.com{thishasbeenusedforiodbc.ThoseusingCommandLineTools/Xcode12orlater
- https://mac.r-project.org/bin/.ThereisanRscripttheretohelpwithinstallingalltheneededcomponents.
- https://mac.r-project.org/bin/.TobuildRitselffromthesourceswiththeC/C++compilersintheCommandLineTools
- https://mac.r-project.org/bin//
- https://mac.r-project.org/bin//,aversionofwhichisinthebindirectoryofabinaryinstallationofR,usually/Library/Frameworks/R.framework/Resources/bin/qpdf
- https://mac.r-project.org/bin//.TheAcceleratelibrary10canbeusedviathecon
- https://mac.r-project.org/bin//forthefullrangeofbitmappedgraphicsdevices.
- https://mac.r-project.org/bin/darwin20/x86_64/pcre2-10.42-darwin.20-x86_64.tar.xzsudotar-xvzfpcre2-10.42-darwin.20-x86_64.tar.gz-C/curl-OLhttps://mac.r-project.org/bin/darwin20/x86_64/xz-5.4.2-darwin.20-x86_64.tar.xzsudotar-xvzfxz-5.4.2-darwin.20-x86_64.tar.xz-C/
- https://mac.r-project.org/openmp/
- https://mac.r-project.org/openmp/.Notethatthatapproachissomewhatfragileasitneedsalibomp.dyliblibrarymatchingtheversionofthecompilerused|andforexampleatthetimeofwritingnonewaso
- https://mac.r-project.org/tools/
- https://mac.r-project.org/tools/,forexamplebycurl-OLhttps://mac.r-project.org/tools/subversion-1.14.0-darwin15.6.tar.gztarxfsubversion-1.14.0-darwin15.6.tar.gzsudocpsubversion-1.14.0-darwin15.6/svn$LOCAL/bin
- https://mac.r-project.org/tools/FC=/opt/gfortran/bin/gfortran
- https://mac.r-project.org/tools/gfortran-12.2-universal.pkg
- https://mac.r-project.org/tools/gfortran-12.2-universal.pkg.Thisinstallsinto/opt/gfortran.The/opt/gfortran/SDKsymlinkshouldpointtothedesiredpathtotheSDK
- https://math-atlas.sourceforge.net
- https://math-atlas.sourceforge.net/
- https://math-atlas.sourceforge.net/atlas_install/
- https://math-atlas.sourceforge.net/atlas_install/23https://math-atlas.sourceforge.net/faq.html#tnum24
- https://math-atlas.sourceforge.net/faq.html#tnum
- https://miktex.org
- https://miktex.org/
- https://mxe.cc
- https://mxe.cc/
- https://netlib.org/blas/faq.html
- https://netlib.org/lapack/
- https://openradar.appspot.com/FB8914243
- https://openradar.appspot.com/FB8914243butabinitiobuildswork.ThishasbeenfarrarersincemacOS13.IfyouareusingthemacOS13SDK7,youmayneedtoaddsomethinglike-mmacosx-version-min=12.0to`CFLAGS'.Linkerwarningslikeld:warning:couldnotcreatecompactunwindfor_sort_:7ls-l`xcrun-show-sdk-path`inaterminalwillshowyouwhichSDKisselected.
- https://opensource.apple.com
- https://pagure.io/liberation-fonts
- https://pagure.io/liberation-fonts,15whichcovertheLatin,GreekandCyrillicalphabetsplusafairrangeofsigns.ThesesharemetricswithArial,TimesNewRomanandCourierNew,andcontainfontsrathersimilartothe
- https://sourceforge.net/p/predef/wiki/Home/
- https://sourceforge.net/p/predef/wiki/Home/canbehelpful.TheRsourceshaveused
- https://sourceforge.net/projects/mcmc-jags/files/JAGS/4.x/Mac%20OS%20X/
- https://sourceforge.net/projects/mcmc-jags/files/JAGS/4.x/Mac%20OS%20X/.Tcl/TkextensionBWidgetusedtobedistributedwithRbutnolongeris;TktablehasbeendistributedwithmostversionsofR
- https://stat.ethz.ch/R/daily/
- https://stat.ethz.ch/R/daily/.DownloadR-patched.tar.gzorR-devel.tar.gz
- https://subversion.apache.org
- https://subversion.apache.org/
- https://support.apple.com/en-us/HT211861
- https://support.apple.com/en-us/HT211861{whichmayneedadministratorprivileges.2Atthetimeofwriting,version2.8.5orlater.
- https://svn.R-project.org/R/
- https://svn.R-project.org/R/,theRSubversionrepository.IfyouhaveaSubversionclient
- https://svn.r-project.org/R-dev-web/trunk/QA/Simon/R4/
- https://svn.r-project.org/R-dev-web/trunk/QA/Simon/R4/:startwiththeREADME
- https://svn.r-project.org/R-packages/trunk/Mac-GUI/INSTALL
- https://svn.r-project.org/R-packages/trunk/Mac-GUI/INSTALL.R.appdoesnotneedtobeinstalledinanyspeci
- https://svn.r-project.org/R-packages/trunk/Mac-GUIandbuiltbyloadingtheR.xcodeprojproject
- https://svn.r-project.org/R/branches/R-x-y-branch/'inthefour-weekperiodpriortotherelease.1e.g.GNUtarversion1.15orlater,orthatfromthe`libarchive'
- https://svn.r-project.org/R/trunk/
- https://svn.r-project.org/R/trunk/andthecurrent`r-patched'from`https://svn.r-project.org/R/branches/R-x-y-branch/'
- https://svn.r-project.org/R/trunk/pathtocheckout`r-devel'intodirectorypath
- https://svnweb.freebsd.org/ports/head/math/
- https://svnweb.freebsd.org/ports/head/math/.RecentversionsofFreeBSDuseClangandthelibc++C++headersandruntime,butthe`port'iscon
- https://wiki.debian.org/DebianScience/LinearAlgebraLibraries
- https://wiki.debian.org/DebianScience/LinearAlgebraLibraries.Fedora33andlatero
- https://win-builder.r-project.org/
- https://win-builder.r-project.org/.ForalmostallpackagesRCMDINSTALLwillattempttoinstallboth32-and64-bitbuildsofapackageifrunfroma32/64-bitinstallofR
- https://www.activestate.com/products/tcl/
- https://www.activestate.com/products/tcl/.Forthelatter,con
- https://www.azul.com/downloads/zulu-community/
- https://www.azul.com/downloads/zulu-community/?os=macos&architecture=arm-64-bit&package=jdk
- https://www.azul.com/downloads/zulu-community/?os=macos&architecture=arm-64-bit&package=jdkandfromOpenJDKathttps://jdk.java.net/,forwhichJAVA_HOMEmayneedtobesetbothwhencon
- https://www.cs.tufts.edu/~nr/noweb/
- https://www.cs.tufts.edu/~nr/noweb/4.Thepackagesourcesareonlyre-createdeveninmaintainermodeifsrc/library/compiler/noweb/compiler.nwhasbeenupdated.3atthetimeofrevisionofthisparainlate2021,autoconf-2.71andautomake-1.16.5.4Thelinkstherehaveproveddi
- https://www.ctan.org/tex-archive/fonts/inconsolata/
- https://www.ctan.org/tex-archive/fonts/inconsolata/.
- https://www.ctan.org/tex-archive/fonts/ps-type1/lm/
- https://www.ctan.org/tex-archive/fonts/ps-type1/lm/andmirrors.ThisusesfontsrathersimilartoComputerModern,butisnotsogoodon-screenastimes.ThedefaultcanbeoverriddenbysettingtheenvironmentvariableR_RD4PDF.
- https://www.ghostscript.com
- https://www.ghostscript.com/
- https://www.gnu.org/prep/standards/html_node/DESTDIR.html
- https://www.gnu.org/prep/standards/html_node/DESTDIR.html.Youcanoptionallyinstalltherun-timeteststhatarepartofmakecheck-allbymakeinstall-testswhichpopulatesatestsdirectoryintheinstallation.2.5UninstallationYoucanuninstallRbymakeuninstalloptionallyspecifyingprefixetcinthesamewayasspeci
- https://www.gnu.org/software/freefont/
- https://www.gnu.org/software/libiconv/
- https://www.intel.com/content/www/us/en/developer/tools/oneapi/onemkl-link-line-advisor.html#gs.vpt6qp
- https://www.intel.com/content/www/us/en/developer/tools/oneapi/onemkl-link-line-advisor.html#gs.vpt6qp.TherearealsoversionsofMKLformacOS26andWindows,butwhenthesehavebeentriedtheydidnotworkwiththedefaultcompilersusedforRonthoseplatforms.TheMKLinterfacehaschangedseveraltimesbuthasbeenstableinrecentyears:thefollowingexampleshavebeenusedwithversions10.3to2023.0.0,forGCCcompilerson`x86_64'CPUs.TouseasequentialversionofMKLweusedMKL_LIB_PATH=/path/to/intel_mkl/mkl/lib/intel64exportLD_LIBRARY_PATH=$MKL_LIB_PATHMKL=
- https://www.mpi-magdeburg.mpg.de/projects/flexiblas
- https://www.msys2.org
- https://www.msys2.org/
- https://www.openblas.net
- https://www.openblas.net/
- https://www.stats.ox.ac.uk/pub/RWin/
- https://www.stats.ox.ac.uk/pub/RWin/:thismustbeanURLschemethatdownload.packagessupports
- https://www.stats.ox.ac.uk/pub/bdr/timeout
- https://www.tcl.tk/
- https://www.tcl.tk/.TospecifythelocationsoftheTcl/Tk
- https://www.tug.org/mactex/
- https://www.tug.org/mactex/morepackages.html
- https://www.tug.org/mactex/morepackages.htmltowhichyouwillneedtoaddsomepackagestobuildR,e.g.forthe2022versionweneededtoadd14helvetic,inconsolataandtexinfowhichbroughtthistoabout310MB.15`TeXLiveUtility'
- https://www.tug.org/texlive/
- https://www.tug.org/texlive/.
- https://www.xquartz.org
- https://www.xquartz.org/
- https://www.xquartz.org/.R'sconfigurescriptcanbetoldtolookforX11inXQuartz'smainlocationof/opt/X11,e.g.by--x-includes=/opt/X11/include--x-libraries=/opt/X11/libBewaryofpre-releaseversionsofXQuartz,whichmaybeo
- https://www.xquartz.org/releases/
- https://www.xquartz.org/releases/.2TheseincludethetcltkpackageandtheX11graphicsdevice:attemptingtousethesewithoutXQuartzwillremindyou.Thisisalsoneededforsomebuildsofthecairographics-baseddevices
- Show all
lummastealer/Data/Media/R-data.pdf
.pdf
- http://014leasastreamofbytesexactlyasitisrepresentedinmemory.read
- http://050.ssdor.sas
- http://c.id
- http://ex.data
- http://file.show
- http://foo.bar
- http://t.sex
- http://thevariableisconvertedtoafactor.ArgumentscolClassesandas.isprovidegreatercontrol.Specifyingas.is
- http://www.gnumeric.org
- http://www.r-project.org/doc/Rnews/Rnews_2001-1.pdfT.M.TherneauandP.M.Grambsch
- https://CRAN.R-project.org/package=DBI
- https://CRAN.R-project.org/package=Hmisc
- https://CRAN.R-project.org/package=MASS
- https://CRAN.R-project.org/package=Momocs
- https://CRAN.R-project.org/package=RJDBC
- https://CRAN.R-project.org/package=RMongo
- https://CRAN.R-project.org/package=RMySQL
- https://CRAN.R-project.org/package=RNetCDF
- https://CRAN.R-project.org/package=RODBC
- https://CRAN.R-project.org/package=ROracle
- https://CRAN.R-project.org/package=RPostgreSQL
- https://CRAN.R-project.org/package=RSQLite
- https://CRAN.R-project.org/package=StatDataML
- https://CRAN.R-project.org/package=WriteXLS
- https://CRAN.R-project.org/package=XLConnect
- https://CRAN.R-project.org/package=XML
- https://CRAN.R-project.org/package=biOps
- https://CRAN.R-project.org/package=bmp
- https://CRAN.R-project.org/package=dataframes2xls
- https://CRAN.R-project.org/package=foreign
- https://CRAN.R-project.org/package=gdata
- https://CRAN.R-project.org/package=h5
- https://CRAN.R-project.org/package=haven
- https://CRAN.R-project.org/package=jpeg
- https://CRAN.R-project.org/package=mongolite
- https://CRAN.R-project.org/package=ncdf4
- https://CRAN.R-project.org/package=pixmap
- https://CRAN.R-project.org/package=plyr
- https://CRAN.R-project.org/package=png
- https://CRAN.R-project.org/package=rJava
- https://CRAN.R-project.org/package=readstata13
- https://CRAN.R-project.org/package=readxl
- https://CRAN.R-project.org/package=reshape
- https://CRAN.R-project.org/package=reshape2
- https://CRAN.R-project.org/package=rgdal
- https://CRAN.R-project.org/package=rtiff
- https://CRAN.R-project.org/package=survival
- https://CRAN.R-project.org/package=tiff
- https://CRAN.R-project.org/package=xlsx
- https://CRAN.R-project.org/package=xml2
- https://CRAN.R-project.org/package=yaml
- https://developer.r-project.org/db/
- https://docs.microsoft.com/en-us/sql/odbc/microsoft-open-database-connectivity-odbc
- https://en.wikipedia.org/wiki/Akonadi
- https://en.wikipedia.org/wiki/Byte_order_mark
- https://en.wikipedia.org/wiki/Mondrian_
- https://en.wikipedia.org/wiki/Mondrian_(software)
- https://en.wikipedia.org/wiki/MongoDB
- https://en.wikipedia.org/wiki/UTF-16/UCS-2
- https://en.wikipedia.org/wiki/UTF-16/UCS-2,andtheuseofsurrogatepairsisveryrare.
- https://github.com/postgres-plr/plr
- https://mariadb.org
- https://mariadb.org/
- https://momjian.us/main/writings/pgsql/aw_pgsql_book/
- https://momjian.us/main/writings/pgsql/aw_pgsql_book/.B.D.Ripley
- https://octave.org
- https://octave.org/
- https://www.actualtech.com/product_access.php
- https://www.clicketyclick.dk/databases/xbase/format/
- https://www.clicketyclick.dk/databases/xbase/format/index.html
- https://www.hdfgroup.org/HDF5/
- https://www.ibm.com/products/db2
- https://www.ibm.com/products/informix
- https://www.iodbc.org/
- https://www.iodbc.org/:thisispre-installedinmacOS
- https://www.loc.gov/preservation/digital/formats/fdd/fdd000325.shtml
- https://www.loc.gov/preservation/digital/formats/fdd/fdd000325.shtmlandhttps://www.clicketyclick.dk/databases/xbase/format/index.html
- https://www.microsoft.com/en-us/download/default.aspx
- https://www.microsoft.com/en-us/download/default.aspx,andsearchfor`O
- https://www.microsoft.com/sql-server/
- https://www.mysql.com
- https://www.openoffice.org
- https://www.oracle.com
- https://www.r-project.org/doc/Rnews/Rnews_2001-1.pdf
- https://www.rfc-editor.org/rfc/rfc4180
- https://www.sqlite.org/index.html
- https://www.unidata.ucar.edu/software/netcdf/
- https://www.unixodbc.org
- https://www.unixodbc.org/
- Show all
lummastealer/Data/Media/R-exts.pdf
.pdf
- http://------------------18748449.0995sm.so16962744.4230no-vmlinux126363.3092libgfortran.so
- http://------------------7058642.3276no-vmlinux5696334.1585libc-2.16.so3692222.1407R15840.9499stats.so6240.3742libm-2.16.so
- http://...na
- http://014eldiswhatisreportedbythemaintainerfunctionandusedbybug.report
- http://014le.Ifthereisacorresponding22.Rout.save
- http://014leconfigure.ac
- http://014leexB.def.ThenMakevars.win
- http://014lepkg-Ex.Rout.save
- http://014lerecordedinthetarballwillbewhateverfile.info
- http://014les.Rout.save
- http://014lesMakevars.win
- http://014lesmayberenamedbackto.win
- http://014lesorinasite-wideMakevars.site
- http://050.tab
- http://050Notethathelp.search
- http://050R-Forge.r-project.org
- http://050a-Ex.Rout.save
- http://050andasuitableMakefile.win
- http://050anemptyconfigure.win
- http://050containingconfigure.ac
- http://050curl-configisforlibcurlnotcurl.nc
- http://050extension.so
- http://050glm.fit
- http://050includingthosewithconfigure.win
- http://050orSampler.app
- http://050storm.fm
- http://050suchas.so
- http://050www.rforge.net
- http://051.Soweseetheerrormessagecomesfromanexplicitcheckinglm.fit
- http://051.is
- http://051AC_OUTPUTinconfigure.ac
- http://051Supposeanunthinkingpackagewritercreatedmethodssuchasscale.foo
- http://051Tracingglm.fit
- http://051lineendings.IfthereisaMakefileorMakefile.inorMakevarsorMakevars.in
- http://051orValidator.nu
- http://051package.Theconfigure.ac
- http://051print.foo
- http://051storm.bf
- http://051storm.fm
- http://051willusetheformer.71Peopleusedev.new
- http://1callstostorm.bf
- http://71usedev.new
- http://CMake.app/Contents/bin/cmake.Onewaytoworkaroundthisisforthepackage'sconfigurescripttoincludeiftest-z
- http://CMake.app/Contents/bin/cmake;fiiftest-f
- http://CMake.app/Contents/bin/cmakeandthatshouldbelookedforifcmakeisnotfoundonthepath.
- http://Collate.windows
- http://Debugging119asmacOSdoesnotstoredebuggingsymbolsinthe.so
- http://Makefile.in
- http://Makevars.site
- http://Makevars.win
- http://README.md
- http://Whatifscale.bar
- http://abinarypackageforWindowsisusuallysuppliedasa.zip
- http://alsooneofthemostcommonusesofaconfigurescriptistomakeMakevarsfromMakevars.in
- http://andwhatcallingitwithoutoptionsdoesisplatform-dependent.Strippinga.so
- http://andwriteaconfigure.win
- http://bashisused.Whenconfigure.win
- http://binaries.html-tidy.org/
- http://binaries.html-tidy.org/.AllthesetestsarerunwithcollationsettotheClocale,andfortheexamplesandtestswithenvironmentvariableLANGUAGE=en:thisistominimizedi
- http://butthisusednottobethecasewhenversionedinstallswereallowed.Itsmainuseisinconfigure.win
- http://cleanup.win
- http://configure.ucrtandcleanup.ucrtaresupportedandtakeprecedenceoverconfigure.winandcleanup.win
- http://e.g.de
- http://e.g.to
- http://foo.so
- http://ftp.astron.com/pub/file/
- http://glm.fit
- http://includingthealphabeticallistofobjectsintheHTMLhelpsystem.help.search
- http://libc.so
- http://libpackB.so
- http://llvm-symbolizerAnalternativeistopipetheoutputthroughasan_symbolize.py
- http://lpt5.foo.bar
- http://page20.TheanaloguesonWindowsareconfigure.winandcleanup.win
- http://particularlythoseintendedforpublicdistribution.win-builder.r-project.org
- http://pkg-Ex.Rout.save
- http://shlib.mk
- http://slibdirectoryisnotintheld.so
- http://soitisoftennecessarytotryinturnpkg-config--libsandpkg-config--static--libs.32adecadeagoAutoconfusedconfigure.in
- http://some.domain.net
- http://splines.so
- http://stats.so
- http://storm.bf
- http://survexp.us
- http://survey.design
- http://thatisnotportablebutusingdev.new
- http://typicallyX.so
- http://whereever.net
- http://whichcanbeusedforhelp.search
- http://winshlib.mk
- http://www.openmp.org/resources/openmp-compilers-tools/givessomeideaofwhatcompilerssupportwhatversions.Rarely,usingOpenMPwithclangonLinuxgeneratescallsinlibatomic,resultinginloadingmessageslikeundefinedsymbol:__atomic_compare_exchangeundefinedsymbol:__atomic_loadTheworkaroundistolinkwith-latomic
- http://www.rfc-editor.org/rfc/rfc4180.24Peoplewhohavetroublewithcaseareadvisedtouse.rdaasacommonerroristorefertoabc.RDataasabc.Rdata!
- http://youcanachievethisbyincludingthefollowingfragmentearlyinconfigure.ac
- https://CRAN.R-project.org/banner.shtml#submitting
- https://CRAN.R-project.org/banner.shtml#submitting.1.1PackagestructureThesourcesofanRpackageconsistofasubdirectorycontainingthe
- https://CRAN.R-project.org/package=BH
- https://CRAN.R-project.org/package=Cairo
- https://CRAN.R-project.org/package=KernSmooth
- https://CRAN.R-project.org/package=Matrix
- https://CRAN.R-project.org/package=RODBC
- https://CRAN.R-project.org/package=RSiena
- https://CRAN.R-project.org/package=RcppArmadillo
- https://CRAN.R-project.org/package=RcppEigen
- https://CRAN.R-project.org/package=Rserve
- https://CRAN.R-project.org/package=Simile
- https://CRAN.R-project.org/package=amap
- https://CRAN.R-project.org/package=bdsmatrix
- https://CRAN.R-project.org/package=chron
- https://CRAN.R-project.org/package=cluster
- https://CRAN.R-project.org/package=codetools
- https://CRAN.R-project.org/package=coxme
- https://CRAN.R-project.org/package=fastICA
- https://CRAN.R-project.org/package=formatR
- https://CRAN.R-project.org/package=fortunes
- https://CRAN.R-project.org/package=gdata
- https://CRAN.R-project.org/package=gtools
- https://CRAN.R-project.org/package=igraph
- https://CRAN.R-project.org/package=knitr
- https://CRAN.R-project.org/package=lattice
- https://CRAN.R-project.org/package=latticeExtra
- https://CRAN.R-project.org/package=lossDev
- https://CRAN.R-project.org/package=nlme
- https://CRAN.R-project.org/package=profr
- https://CRAN.R-project.org/package=proftools
- https://CRAN.R-project.org/package=rJava
- https://CRAN.R-project.org/package=rgeos
- https://CRAN.R-project.org/package=rgl
- https://CRAN.R-project.org/package=rjags
- https://CRAN.R-project.org/package=rmarkdown
- https://CRAN.R-project.org/package=sf
- https://CRAN.R-project.org/package=sm
- https://CRAN.R-project.org/package=spatstat
- https://CRAN.R-project.org/package=testthat
- https://CRAN.R-project.org/package=tiff
- https://CRAN.R-project.org/package=xts
- https://CRAN.R-project.org/package=zoo
- https://ESS.R-project.org/
- https://ESS.R-project.org/:itisoftenisinstalledwithEmacsbutmayneedtobeloaded,oreveninstalled,separately
- https://R-Forge.r-project.org
- https://autotools.info/
- https://autotools.info/.27ThescriptshouldonlyassumeaPOSIX-compliant/bin/sh{seehttps://pubs.opengroup.org/onlinepubs/9699919799/utilities/V3_chap02.html.Inparticularbashextensionsmustnotbeused,andnotallRplatformshaveabashcommand,letaloneoneat/bin/bash.AllknownshellsusedwithRsupporttheuseofbackticks,butnotallsupport`$
- https://blog.llvm.org/2011/05/what-every-c-programmer-should-know.html
- https://blog.regehr.org/archives/213
- https://blog.regehr.org/archives/213andhttps://blog.llvm.org/2011/05/what-every-c-programmer-should-know.html
- https://clang-analyzer.llvm.org/
- https://clang-analyzer.llvm.org/.4.3.6Otheranalyseswith`gcc'GCC10introducedanew
- https://clang.llvm.org/cxx_status.html
- https://clang.llvm.org/docs/AddressSanitizer.html
- https://clang.llvm.org/docs/MemorySanitizer.html
- https://clang.llvm.org/docs/MemorySanitizer.html,https://github.com/google/sanitizers
- https://clang.llvm.org/docs/UndefinedBehaviorSanitizer.html#supported-platforms
- https://clang.llvm.org/docs/UndefinedBehaviorSanitizer.html#supported-platforms:CRANusesitforC/C++withbothGCCandclangon`x86_64'Linux:thetwotoolchainsoftenhighlightdi
- https://clang.llvm.org/docs/UndefinedBehaviorSanitizer.html#ubsan-checks
- https://clang.llvm.org/docs/UndefinedBehaviorSanitizer.html#ubsan-checks.Thecurrentsetis
- https://clang.llvm.org/docs/UsersManual.html#controlling-code-generation
- https://clang.llvm.org/docs/UsersManual.html#controlling-code-generation,https://clang.llvm.org/docs/AddressSanitizer.htmlandhttps://github.com/google/sanitizers.MorethoroughchecksofC++codearedoneiftheC++libraryhasbeen`annotated':atthetimeofwritingthisappliedtostd::vectorinlibc++forusewithclangandgivesriseto`container-overflow'7reports.Itrequirescodetohavebeencompiledandlinkedwith-fsanitize=addressandcompilingwith-fno-omit-frame-pointerwillgivemorelegiblereports.Ithasaruntimepenaltyof2{3x,extendedcompilationtimesandusessubstantiallymorememory,often1{2GB,atruntime.On64-bitplatformsitreserves
- https://cmake.org/cmake/help/latest/manual/cmake-env-variables.7.html#manual:cmake-env-variables
- https://cmake.org/cmake/help/latest/manual/cmake-env-variables.7.html#manual:cmake-env-variables(7)
- https://cplusplus.com/reference/
- https://cplusplus.com/reference/orhttps://en.cppreference.com/w/andcomparewhatisde
- https://cran.r-project.org
- https://cran.r-project.org/bin/macosx/RMacOSX-FAQ.html#I-cannot-attach-debugger-to-R
- https://cran.r-project.org/package=pkgnameandnotaversionstarting`https://cran.r-project.org/web/packages/pkgname'.1.2Con
- https://deb.debian.org/debian/pool/main/d/devscripts/
- https://developer.r-project.org/Rds.html
- https://developer.r-project.org/parseRd.pdf
- https://developers.redhat.com/blog/2020/03/26/static-analysis-in-gcc-10
- https://developers.redhat.com/blog/2020/03/26/static-analysis-in-gcc-104.3.7Using`Dr.Memory'`Dr.Memory'fromhttps://drmemory.org/isamemorycheckerfor
- https://drmemory.org/
- https://en.cppreference.com/w/
- https://en.cppreference.com/w/c/23
- https://en.cppreference.com/w/c/23.
- https://en.cppreference.com/w/cpp/compiler_support
- https://en.cppreference.com/w/cpp/compiler_support,https://gcc.gnu.org/projects/cxx-status.htmlandhttps://clang.llvm.org/cxx_status.htmltoseeifthefeaturesyouwanttousearewidelyimplemented.AttemptstospecifyanunknownC++standardaresilentlyignored:recentversionsofRthrowanerrorforC++98andforknownstandardsforwhichnocompiler+
- https://en.cppreference.com/w/cpp/compiler_supportgivessomeinform-ationonwhichcompilersareknowntosupportrecentC++features.C++standardshavedeprecatedandlaterremovedfeatures.BeawarethatsomecurrentcompilersstillacceptremovedfeaturesinC++17mode,suchasstd::unary_function
- https://en.cppreference.com/w/cpp/experimental/feature_test
- https://en.wikipedia.org/wiki/Almquist_shell
- https://en.wikipedia.org/wiki/Almquist_shell,a`lightweightshellwithfewbuiltins
- https://en.wikipedia.org/wiki/Application_binary_interface
- https://en.wikipedia.org/wiki/Application_binary_interface.12Forexample,`_GLIBCXX_USE_CXX11_ABI'ing++5.1andlater:https://gcc.gnu.org/onlinedocs/libstdc++/manual/using_dual_abi.html.
- https://en.wikipedia.org/wiki/Endianness
- https://en.wikipedia.org/wiki/Endianness.
- https://en.wikipedia.org/wiki/FOSS
- https://en.wikipedia.org/wiki/IETF_language_tag
- https://en.wikipedia.org/wiki/ISO_639-1
- https://en.wikipedia.org/wiki/ISO_639-3
- https://en.wikipedia.org/wiki/Java_class_file
- https://en.wikipedia.org/wiki/Java_class_filemapsclass-
- https://en.wikipedia.org/wiki/OpenMP
- https://fortranwiki.org/fortran/show/Modernizing+Old+Fortran
- https://fortranwiki.org/fortran/show/Modernizing+Old+Fortranmayhelpexplainsomeofthewarningsfromgfortran-Wall-pedantic.79Theseareoptionalbecausethecorrespondingtypesare,butmustbeprovidedifthetypesare.
- https://gcc.gnu.org/gcc-10/porting_to.html
- https://gcc.gnu.org/gcc-10/porting_to.html.
- https://gcc.gnu.org/gcc-10/porting_to.html.108Seehttps://prereleases.llvm.org/11.0.0/rc2/tools/clang/docs/ReleaseNotes.html#modified-compiler-flags.
- https://gcc.gnu.org/gcc-13/porting_to.html
- https://gcc.gnu.org/gcc-13/porting_to.html.
- https://gcc.gnu.org/onlinedocs/
- https://gcc.gnu.org/onlinedocs/:lookfor`ProgramInstrumentationOptions'
- https://gcc.gnu.org/onlinedocs/gcc-10.1.0/gcc/Static-Analyzer-Options.html
- https://gcc.gnu.org/onlinedocs/gcc/C-Extensions.html
- https://gcc.gnu.org/onlinedocs/gcc/C-Extensions.htmlandhttps://gcc.gnu.org/onlinedocs/gcc/C_002b_002b-Extensions.html.OtherGNUextensionswhichhavebittenpackagewritersaretheuseofnon-portablecharacterssuchas`$'inidenti
- https://gcc.gnu.org/onlinedocs/gcc/C_002b_002b-Extensions.html
- https://gcc.gnu.org/onlinedocs/gcc/Instrumentation-Options.html
- https://gcc.gnu.org/onlinedocs/gfortran/Extensions-implemented-in-GNU-Fortran.html
- https://gcc.gnu.org/onlinedocs/gfortran/Extensions-implemented-in-GNU-Fortran.html.Onethatfrequentlycatchespackagewritersisthatitallowsout-of-orderdeclarations:instandard-conformantFortranvariablesmustbedeclared
- https://gcc.gnu.org/onlinedocs/libstdc++/manual/using_dual_abi.html
- https://gcc.gnu.org/projects/cxx-status.html
- https://ghostscript.readthedocs.io/en/latest/VectorDevices.html
- https://ghostscript.readthedocs.io/en/latest/VectorDevices.htmlformoresuchandconsideralltheoptionsforimagedownsampling
- https://github.com/R-macos/recipes/tree/master/stubs/pkgconfig-darwin
- https://github.com/R-macos/recipes/tree/master/stubs/pkgconfig-darwinandareinstalledontheCRANpackagebuilders.30Itisnotwisetochecktheversionofpkg-configasitissometimesalinktopkgconf,aseparateprojectwithadi
- https://github.com/google/sanitizers
- https://github.com/google/sanitizers/wiki#threadsanitizer
- https://github.com/google/sanitizers/wiki/AddressSanitizerAndDebugger
- https://github.com/google/sanitizers/wiki/AddressSanitizerAndDebugger.
- https://github.com/google/sanitizers/wiki/AddressSanitizerFlags
- https://github.com/google/sanitizers/wiki/AddressSanitizerFlags.Withgccadditionalcontrolisavailableviathe--param
- https://github.com/google/sanitizers/wiki/AddressSanitizerLeakSanitizer
- https://github.com/google/sanitizers/wiki/AddressSanitizerLeakSanitizer.Thisisavailableonrecentversionsofgccandclang,andwhereavailableiscompiledinaspartofASan.OnewaytoinvokethisfromanASan-enabledbuildisbytheenvironmentvariableASAN_OPTIONS='detect_leaks=1'However,thiswasmadethedefaultasfromclang3.5andgcc5.1.0.WhenLSanisenabled,leaksgivetheprocessafailureerrorstatus
- https://github.com/google/sanitizers/wiki/AddressSanitizerUseAfterScope
- https://github.com/google/sanitizers/wiki/AddressSanitizerUseAfterScope.OneofthechecksdonebyASanisthatmalloc/freeandinC++new/deleteandnew[]/delete[]areusedconsistently
- https://github.com/llvm/llvm-project/blob/main/compiler-rt/lib/asan/scripts/asan_symbolize.py
- https://github.com/llvm/llvm-project/releases
- https://github.com/llvm/llvm-project/releasesforawiderangeofplatforms
- https://github.com/mstorsjo/llvm-mingw
- https://github.com/mstorsjo/llvm-mingw:thisuseslibc++.1.6.5BinarydistributionIfyouwanttodistributeabinaryversionofapackageonWindowsormacOS,therearefurtherchecksyouneedtodotocheckitisportable:itisalltooeasytodependonexternalsoftwareonyourownmachinethatotheruserswillnothave.ForWindows,checkwhatotherDLLsyourpackage'sDLLdependson
- https://help.apple.com/instruments/mac/current/
- https://homepage.stat.uiowa.edu/~luke/R/references/weakfinex.html
- https://homepage.stat.uiowa.edu/~luke/R/references/weakfinex.html,butthatisusedtoadd
- https://hpc-tutorials.llnl.gov/openmp/
- https://hpc-tutorials.llnl.gov/posix/
- https://hpc-tutorials.llnl.gov/posix/.POSIXthreadsarenotnormallyusedonWindows,whichhasitsownnativeconceptsofthreads.However,therearetwoprojectsimplementingpthreadsontopofWindows,pthreads-w32andwinpthreads
- https://isocpp.org/std/standing-documents/sd-6-sg10-feature-test-recommendations
- https://isocpp.org/std/standing-documents/sd-6-sg10-feature-test-recommendations:therewerealsoadditionaldeprecations.47Values201103L,201402L,201703Land202002LaremostcommonlyusedforC++11,C++14,C++17andC++20respectively,butsomecompilersset1L.ForC++23allthatcancurrentlybeassumedisavaluegreaterthanthatforC++20:forexampleg++12uses202100Landclang++
- https://isocpp.org/std/standing-documents/sd-6-sg10-feature-test-recommendationsorhttps://en.cppreference.com/w/cpp/experimental/feature_test.ItseemsareasonableassumptionthatanycompilerpromisingsomeC++14conformancewillprovidethese|e.g.g++4.9.xdidbut4.8.5didnot.
- https://journal.r-project.org/archive/2011-2/RJournal_2011-2_Plummer.pdf
- https://journal.r-project.org/archive/2011-2/RJournal_2011-2_Plummer.pdfbyMartynPlummer.1.6.4.1CommonsymbolsMostOSes
- https://lldb.llvm.org/
- https://lldb.llvm.org/,usedonmacOS
- https://llvm.org/devmtg/2014-04/PDFs/LightningTalks/EuroLLVM%202014%20--%20container%20overflow.pdf
- https://llvm.org/devmtg/2014-04/PDFs/LightningTalks/EuroLLVM%202014%20--%20container%20overflow.pdf.8partoftheLLVMprojectanddistributedinllvmRPMsand.debsonLinux.ItisnotcurrentlyshippedbyApple.9asUbuntuhasbeensaidtodo.10installedonsomeLinuxsystemsasasan_symbolize,andobtainablefromhttps://github.com/llvm/llvm-project/blob/main/compiler-rt/lib/asan/scripts/asan_symbolize.py:itmakesuseofllvm-symbolizerifavailable.
- https://mac.r-project.org/macbuilder/submit.html
- https://mac.r-project.org/macbuilder/submit.html.
- https://mac.r-project.org/openmp/
- https://man.freebsd.org/cgi/man.cgi
- https://man.freebsd.org/cgi/man.cgiallowyoutoselectmanyOSes
- https://mathscinet.ams.org/msc/msc2010.html
- https://mathscinet.ams.org/msc/msc2010.html;theformerreferstothe2000version
- https://netlib.org/slatec/src/
- https://netlib.org/slatec/src/forIEC60559arithmetic
- https://openjdk.org:443/jeps/322
- https://openjdk.org:443/jeps/322detailsthecurrentscheme.Notethatitisnecessarytoallowforpre-releaseslike`11-ea+22'.
- https://oprofile.sourceforge.io/news/
- https://pandoc.org/installing.html
- https://pandoc.org/installing.html.Youdoneedtoensurethatthepackageischeckedinasuitablelocaleifitcontainsnon-ASCIIcharacters.SuchpackagesarelikelytofailsomeofthechecksinaClocale,andRCMDcheckwillwarnifitspotstheproblem.YoushouldbeabletocheckanypackageinaUTF-8locale
- https://perf.wiki.kernel.org/index.php/Tutorial
- https://posit.co
- https://posit.co/
- https://prereleases.llvm.org/11.0.0/rc2/tools/clang/docs/ReleaseNotes.html#modified-compiler-flags
- https://projects.eclipse.org/projects/science.statet
- https://pubs.opengroup.org/onlinepubs/009695399/basedefs/pthread.h.html
- https://pubs.opengroup.org/onlinepubs/9699919799/utilities/V3_chap02.html
- https://pubs.opengroup.org/onlinepubs/9699919799/utilities/echo.html
- https://pubs.opengroup.org/onlinepubs/9699919799/utilities/make.html
- https://pubs.opengroup.org/onlinepubs/9699919799/utilities/make.html;anythingnotdocumentedthereshouldberegardedasanextensiontobeavoided.Furtheradvicecanbefoundathttps://www.gnu.org/software/autoconf/manual/autoconf.html#Portable-Make.
- https://qpdf.sourceforge.io
- https://qpdf.sourceforge.io/
- https://sourceforge.net/projects/checkbaskisms/files
- https://sourceforge.net/projects/tcllib/files/BWidget/
- https://sourceforge.net/projects/tcllib/files/BWidget/andinaterminalrunsomethingliketarxfbwidget-1.9.14.tar.gzsudomvbwidget-1.9.14/usr/local/lib25ForalltheCRANpackagestested,eithergzorbzip2providedaverysubstantialreductionininstalledsize.26`BWidget'stillisonWindowsbut`Tktable'wasnotinR4.0.0.
- https://sourceforge.net/projects/tinn-r/
- https://sourceforge.net/projects/tktable/files/tktable/2.10/Tktable2.10.tar.gz/download
- https://sourceforge.net/projects/tktable/files/tktable/2.10/Tktable2.10.tar.gz/download,butneededpatchingforcurrentTk
- https://sourceware.org/binutils/docs-2.20/ld/WIN32.html#WIN32
- https://sourceware.org/binutils/docs-2.20/ld/WIN32.html#WIN32.The
- https://stackoverflow.com/questions/32739018/a-replacement-for-stdbind2nd
- https://stackoverflow.com/questions/32739018/a-replacement-for-stdbind2nd105itisallowedbutignoredinsystemheaders.
- https://svn.r-project.org/R-dev-web/trunk/CRAN/QA/Simon/R-build/fixpathR
- https://svn.r-project.org/R-dev-web/trunk/CRAN/QA/Simon/R-build/fixpathR:`@executable_path'couldbeusedratherthanabsolutepaths.
- https://svn.r-project.org/R/trunk/doc/manual/refman.top
- https://svn.r-project.org/R/trunk/doc/manual/refman.top.OthertoolscanreducethesizeofPDFscontainingbitmapimagesatexcessivelyhighresolution.Theseareoftenbestre-generated
- https://valgrind.org/
- https://valgrind.org/,pronouncedtorhymewith`tinned'
- https://validator.nu
- https://validator.nu/
- https://validator.w3.org
- https://win-builder.R-project.org
- https://win-builder.R-project.org/
- https://win-builder.r-project.org
- https://win-builder.r-project.org/
- https://www.R-project.org/Licenses/
- https://www.R-project.org/Licenses/andcontainedinsubdi-rectoryshare/licensesoftheRsourceorhomedirectory.
- https://www.R-project.org/Licenses/andincludedintheRdistribution
- https://www.acm.org/publications/class-2012
- https://www.acm.org/publications/class-2012;theformerreferstothe1998version
- https://www.aeaweb.org/econlit/jelCodes.php
- https://www.aeaweb.org/econlit/jelCodes.php,or`Classification/MSC'or`Classification/MSC-2010'
- https://www.autstat.com/
- https://www.autstat.com/,whichworkswithRpackagestosupporttransferofdatatoandfromRandremoteexecutionofRcommands,aswellasembeddingofanRgraphicswindow.Recentversionshaveusagerestrictions.8.2.2CallingR.dlldirectlyTheRDLLismainlywritteninCandhas_cdeclentrypoints.CallingitdirectlywillbetrickyexceptfromCcode
- https://www.debian.org/doc/debian-policy/ch-controlfields.html
- https://www.debian.org/doc/debian-policy/ch-controlfields.html:RdoesnotrequireencodinginUTF-8anddoesnotsupportcommentsstartingwith`#'
- https://www.dependencywalker.com
- https://www.dependencywalker.com/
- https://www.gnu.org/prep/standards/standards.html#Documentation
- https://www.gnu.org/prep/standards/standards.html#Documentation.Thepackagesubdirectoryshouldbegiventhesamenameasthepackage.Becausesome
- https://www.gnu.org/software/autoconf-archive/
- https://www.gnu.org/software/autoconf-archive/.Itisnotsafetoassumethisisinstalledonusers'machines,sotheextensionshouldbeshippedwiththepackage
- https://www.gnu.org/software/autoconf-archive/ax_blas.html
- https://www.gnu.org/software/autoconf-archive/ax_blas.html.Ifyouincludemacrosfromthatarchiveyouneedtoarrangeforthemtobeincludedinthepackagesourcesforusebyautoreconf.
- https://www.gnu.org/software/autoconf/manual/autoconf.html#Portable-Make
- https://www.gnu.org/software/autoconf/manual/autoconf.html#Portable-Shell
- https://www.gnu.org/software/autoconf/manual/autoconf.html#Portable-Shellforthisandothers.SomecheckscanbedonebythecheckbashismsPerlscriptathttps://sourceforge.net/projects/checkbaskisms/files,alsoavailableinmostLinuxdistributionsinapackagenamedeither`devscripts'or`devscripts-checkbashisms':alaterversioncanbeextractedfromDebiansourcessuchasthemostrecenttar.xzinhttps://deb.debian.org/debian/pool/main/d/devscripts/andhasbeenneededforrecentversionsofPerl.
- https://www.greenend.org.uk/rjk/tech/inline.html
- https://www.greenend.org.uk/rjk/tech/inline.html,sothisusageisforstaticfunctionsasintheexample.AlltheRcon
- https://www.intel.com/content/www/us/en/docs/fortran-compiler/developer-guide-reference/2023-0/
- https://www.intel.com/content/www/us/en/docs/fortran-compiler/developer-guide-reference/2023-0/bind-c.html
- https://www.opencsw.org/
- https://www.opencsw.org/.Thesourcerepositoryishttp://ftp.astron.com/pub/file/.
- https://www.openmp.org/
- https://www.openmp.org/,https://en.wikipedia.org/wiki/OpenMP,https://hpc-tutorials.llnl.gov/openmp/37Therearesomewhatfragileworkarounds:seehttps://mac.r-project.org/openmp/.38DefaultbuildsofLLVMclang3.8.0andlaterhavesupportforOpenMP,butthelibomprun-timelibrarymaynotbeinstalled.
- https://www.openmp.org/resources/openmp-compilers-tools/
- https://www.r-project.org
- https://www.r-project.org/doc/Rnews/Rnews_2001-3.pdf
- https://www.rfc-editor.org/rfc/rfc4180
- https://www.rfc-editor.org/rfc/rfc5646
- https://www.rfc-editor.org/rfc/rfc5646,seealsohttps://en.wikipedia.org/wiki/IETF_language_tag
- https://www.rforge.net
- https://www.rforge.net/Rserve/
- https://www.stats.ox.ac.uk/pub/Rtools/goodies/gettext-tools.zip
- https://www.stats.ox.ac.uk/pub/Rtools/goodies/gettext-tools.zip.1.8.1C-levelmessagesTheprocessofenablingtranslationsis
- https://www.stats.ox.ac.uk/pub/bdr/Tktable/
- https://www.stats.ox.ac.uk/pub/bdr/Tktable/.ForasysteminstallationofTkyoumayneedtoinstallTktableas`root'asone.g.Fedoraallthelocationsonauto_pathareownedby`root'.1.1.8SpecifyingURLsURLsinmanyplacesinthepackagedocumentationwillbeconvertedtoclickablehyperlinksinatleastsomeoftheirrenderings.Socareisneededthattheirformsarecorrectandportable.ThefullURLshouldbegiven,includingthescheme
- Show all
lummastealer/Data/Media/R-lang.pdf
.pdf
- http://-as.call
- http://-as.name
- http://-do.call
- http://-match.call
- http://.Theycanbecoercedtoandfromcharacterstringsusingas.characterandas.name
- http://014lesfile.existsTestforexistencefile.info
- http://014lesfile.show
- http://015ybelow.sys.call
- http://051match.call
- http://051sys.call
- http://23match.call
- http://37match.fun
- http://3as.name
- http://40do.call
- http://40file.info
- http://40file.show
- http://50Aas.call
- http://6Iis.na
- http://Otherusesincludevariationsoverconstructionslikedo.call
- http://andmayinfactbeconvertedtoandfromlistsusingas.listandas.call
- http://correspondingtosubexpressions.Objectsofmodenamecanbeconstructedfromcharacterstringsusingas.name
- http://eitherusingtheas.name
- http://is.na
- http://match.callandmatch.fun
- http://namelycallanddo.call
- http://orsetelementstoNAusingis.na
- http://repandseq.int
- http://testingforNAisdoneusingis.na
- http://thenRwillsearchforamethodnamedfoo.bar
- Show all
lummastealer/Data/Media/Sweave.pdf
.pdf
- http://epub.wu.ac.at/id/eprint/1788.RamseyN
- http://foo.bar
- https://CRAN.R-project.org/package=R2HTML
- https://CRAN.R-project.org/package=odfWeave
- https://CRAN.R-project.org/package=officer
- https://CRAN.R-project.org/view=ReproducibleResearch
- https://ESS.R-project.org
- https://ESS.R-project.org/
- https://epub.wu.ac.at/id/eprint/1788
- https://www.cs.tufts.edu/~nr/noweb/
- https://www.cs.tufts.edu/~nr/noweb/.4butifyoucopy,dobecarefulnottoinfringeR-core'scopyright:thecopyrightnoticesintheRsourcesmustalsobecopied.12
- https://www.ctan.org
- Show all
lummastealer/Data/Media/approximate.pdf
.pdf
- http://conf.int
lummastealer/Data/Media/compete.pdf
.pdf
lummastealer/Data/Media/concordance.pdf
.pdf
lummastealer/Data/Media/moveline.pdf
.pdf
lummastealer/Data/Media/population.pdf
.pdf
lummastealer/Data/Media/sparseModels.pdf
.pdf
lummastealer/Data/Media/timedep.pdf
.pdf
lummastealer/Data/Microsoft.VisualStudio.CMake.CMakeSettings.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

33:00:00:03:4e:b5:3c:7a:c1:84:6f:eb:2b:00:00:00:00:03:4e
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16-03-2023 18:43

Not After

14-03-2024 18:43

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

c8:69:84:e6:d2:5a:11:d9:13:94:32:2b:8e:dd:9d:99:7e:12:26:99:b9:c4:b6:ec:f0:63:59:5f:87:9e:ff:f2
Signer

Actual PE Digest

c8:69:84:e6:d2:5a:11:d9:13:94:32:2b:8e:dd:9d:99:7e:12:26:99:b9:c4:b6:ec:f0:63:59:5f:87:9e:ff:f2

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\dbs\sh\ddvsm\1001_131954\cmd\25\out\Intermediate\vc\ms.vs.cmake.cmakesettings_x86retail_653B1D9B\Release\netstandard2.0\Microsoft.VisualStudio.CMake.CMakeSettings.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 246KB - Virtual size: 246KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
lummastealer/Data/Microsoft.VisualStudio.LanguageServices.TypeScript.resources.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

33:00:00:03:4e:b5:3c:7a:c1:84:6f:eb:2b:00:00:00:00:03:4e
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16-03-2023 18:43

Not After

14-03-2024 18:43

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

4f:61:1d:77:15:e7:1e:51:7e:ea:d0:a0:6f:83:7c:49:70:88:bf:f1:aa:27:e2:e7:d4:65:40:34:bf:3c:55:54
Signer

Actual PE Digest

4f:61:1d:77:15:e7:1e:51:7e:ea:d0:a0:6f:83:7c:49:70:88:bf:f1:aa:27:e2:e7:d4:65:40:34:bf:3c:55:54

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 260KB - Virtual size: 259KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
lummastealer/Data/Microsoft.VisualStudio.Office365.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

33:00:00:02:cd:f3:64:bf:f8:d4:4c:5d:51:00:00:00:00:02:cd
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

12-05-2022 20:46

Not After

11-05-2023 20:46

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

97:32:33:12:86:16:07:03:9e:1f:27:f0:ea:4b:c1:2d:dc:3d:57:8e:41:ed:6e:65:da:94:ba:1b:2c:56:65:e9
Signer

Actual PE Digest

97:32:33:12:86:16:07:03:9e:1f:27:f0:ea:4b:c1:2d:dc:3d:57:8e:41:ed:6e:65:da:94:ba:1b:2c:56:65:e9

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\a\_work\1\s\obj\Release\Microsoft.VisualStudio.Office365\Microsoft.VisualStudio.Office365.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 447KB - Virtual size: 446KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
lummastealer/Data/Microsoft.VisualStudio.Progression.Common.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

33:00:00:03:4d:4e:91:a6:1a:28:b0:78:8f:00:00:00:00:03:4d
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16-03-2023 18:43

Not After

14-03-2024 18:43

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:08:16:4f:db:b6:ed:e6:24:db:0c:d5:5c:ef:85:99:5e:44:84:a4:ea:ac:3b:97:13:3b:9c:82:71:cb:06:b1
Signer

Actual PE Digest

90:08:16:4f:db:b6:ed:e6:24:db:0c:d5:5c:ef:85:99:5e:44:84:a4:ea:ac:3b:97:13:3b:9c:82:71:cb:06:b1

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\dbs\sh\ddvsm\0706_100817\cmd\1i\out\Intermediate\progression\common.csproj_4123FD97\objr\x86\Microsoft.VisualStudio.Progression.Common.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 220KB - Virtual size: 220KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
lummastealer/Data/Microsoft.Xbox.Tools.CPUProfilers.Shared.dll
.dll windows:4 windows x64 arch:x64

Code Sign

33:00:00:03:4d:4e:91:a6:1a:28:b0:78:8f:00:00:00:00:03:4d
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16-03-2023 18:43

Not After

14-03-2024 18:43

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:03:9c:5d:99:cd:ee:d3:0d:e1:df:00:00:00:00:03:9c
Certificate

Issuer

CN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07-06-2022 17:46

Not After

01-06-2023 17:46

Subject

CN=Windows Developer Tools Component,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:07:76:56:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19-10-2011 18:41

Not After

19-10-2026 18:51

Subject

CN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

3a:e6:a4:8f:37:e4:19:59:ed:32:f9:af:e7:c2:18:42:ea:9d:6d:03:13:7a:df:a2:b8:24:74:8d:4e:cd:60:eb
Signer

Actual PE Digest

3a:e6:a4:8f:37:e4:19:59:ed:32:f9:af:e7:c2:18:42:ea:9d:6d:03:13:7a:df:a2:b8:24:74:8d:4e:cd:60:eb

Digest Algorithm

sha256

PE Digest Matches

true

3a:e6:a4:8f:37:e4:19:59:ed:32:f9:af:e7:c2:18:42:ea:9d:6d:03:13:7a:df:a2:b8:24:74:8d:4e:cd:60:eb
Signer

Actual PE Digest

3a:e6:a4:8f:37:e4:19:59:ed:32:f9:af:e7:c2:18:42:ea:9d:6d:03:13:7a:df:a2:b8:24:74:8d:4e:cd:60:eb

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\a\_work\1\i\obj\microsoft.xbox.tools.profilers.shared.csproj_c28d249752\Release\x64\Microsoft.Xbox.Tools.CPUProfilers.Shared.pdb

Sections

.text
Size: 165KB - Virtual size: 165KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
lummastealer/Data/NuGet.PackageManagement.VisualStudio.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

33:00:00:03:4e:b5:3c:7a:c1:84:6f:eb:2b:00:00:00:00:03:4e
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16-03-2023 18:43

Not After

14-03-2024 18:43

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

36:a9:9c:36:46:98:b2:5f:56:40:43:c3:41:32:8c:9d:cd:de:2c:3c:38:5e:7d:2e:79:c8:37:5e:17:72:e0:69
Signer

Actual PE Digest

36:a9:9c:36:46:98:b2:5f:56:40:43:c3:41:32:8c:9d:cd:de:2c:3c:38:5e:7d:2e:79:c8:37:5e:17:72:e0:69

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\a\_work\1\s\artifacts\NuGet.PackageManagement.VisualStudio\obj\release\net472\NuGet.PackageManagement.VisualStudio.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 742KB - Virtual size: 742KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
lummastealer/Data/TfFontMgr.dll
.dll windows:6 windows x64 arch:x64

92291341a6dfc4d16e0047468fbf2683

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

6c:59:ef:a9:e1:00:e1:0e:e3:06:ba:8f:e0:29:25:59
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

07-06-2012 00:00

Not After

06-06-2022 23:59

Subject

CN=Symantec Class 3 Extended Validation Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

35:a8:4f:a5:03:f8:9b:49:83:96:bb:48:91:68:a5:80
Certificate

Issuer

CN=Symantec Class 3 Extended Validation Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

14-01-2014 00:00

Not After

07-01-2016 23:59

Subject

SERIALNUMBER=2748129,CN=Adobe Systems Incorporated,OU=Photoshop\, Bridge - SHA256,O=Adobe Systems Incorporated,L=San Jose,ST=California,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1a:54:ab:07:20:f3:37:c0:45:6d:f3:5c:70:b4:cf:76:df:29:3f:eb
Signer

Actual PE Digest

1a:54:ab:07:20:f3:37:c0:45:6d:f3:5c:70:b4:cf:76:df:29:3f:eb

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

F:\dev2\main\shared\agf\psinitial\formats\prcsdk\build\3d\common\a3d\dev\ttf\bin\x64\Release\TfFontMgr.pdb

Imports

kernel32

WideCharToMultiByte
DeleteCriticalSection
InitializeCriticalSectionEx
GetLastError
MultiByteToWideChar
OutputDebugStringW
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
IsDebuggerPresent
EncodePointer
GetCPInfo
lstrcpyW
lstrcpyA
GetModuleFileNameW
LoadLibraryExW
GetProcAddress
FindNextFileW
FindFirstFileW
FindClose
DecodePointer

user32

GetDC
wsprintfW

tfkgeom

ord1583
ord1555

msvcp120

?_Xbad_alloc@std@@YAXXZ
?_Xout_of_range@std@@YAXPEBD@Z
?_Syserror_map@std@@YAPEBDH@Z
?_Winerror_map@std@@YAPEBDH@Z
?_Orphan_all@_Container_base0@std@@QEAAXXZ
?_Xlength_error@std@@YAXPEBD@Z

msvcr120

wcsstr
memset
_purecall
memmove
wcscat_s
wcsncpy
??0exception@std@@QEAA@XZ
??0exception@std@@QEAA@AEBV01@@Z
??1exception@std@@UEAA@XZ
_waccess
__C_specific_handler
wcsrchr
wcscpy_s
??0exception@std@@QEAA@AEBQEBDH@Z
?what@exception@std@@UEBAPEBDXZ
__iob_func
fprintf
sqrt
rand
srand
_time64
ceil
log10
log10f
?terminate@@YAXXZ
_lock
_vswprintf
_calloc_crt
__dllonexit
_onexit
__crt_debugger_hook
__crtUnhandledException
__crtTerminateProcess
__crtCaptureCurrentContext
__crtCapturePreviousContext
__CppXcptFilter
_amsg_exit
_malloc_crt
_initterm
_initterm_e
?_type_info_dtor_internal_method@type_info@@QEAAXXZ
__clean_type_info_names_internal
qsort
feof
fclose
atof
wcschr
_wtoi
_wfopen
fgetws
memcpy
free
__CxxFrameHandler3
_CxxThrowException
??_V@YAXPEAX@Z
??3@YAXPEAX@Z
??2@YAPEAX_K@Z
towlower
towupper
iswspace
_unlock
malloc
_wcsicmp

gdi32

DeleteObject
SelectObject
GetTextMetricsW
GetOutlineTextMetricsW
CreateFontIndirectW
AddFontResourceExW

Exports

Exports

??0TfFontBox@@QEAA@XZ
??0TfFontKey@@QEAA@AEBV0@@Z
??0TfFontKey@@QEAA@HHH@Z
??0TfFontKey@@QEAA@XZ
??4TfFontBox@@QEAAAEAV0@AEBV0@@Z
??4TfFontKey@@QEAAAEAV0@AEBV0@@Z
?AddAttributes@TfFontKey@@QEAAXW4EFontAttributes@@@Z
?FontFamilyIndex@TfFontKey@@QEBAHXZ
?FontFilePath@TfFontKey@@QEBAAEBVTfString@@XZ
?FontLibAddFont@@YAXAEBVTfString@@_N1@Z
?FontLibCreateFontMgr@@YAXAEBVTfFontMgrInitializationData@@@Z
?FontLibCreateTextByBmp@@YA_NAEBVTfFontKey@@AEBVTfString@@@Z
?FontLibCreateTextByVector@@YAMAEBVTfFontKey@@AEBVTfString@@PEA_N@Z
?FontLibDeleteFontMgr@@YAXXZ
?FontLibDrawTextByBmp@@YAMAEBVTfFontKey@@AEBVTfString@@@Z
?FontLibDrawTextByVector@@YAMAEBVTfFontKey@@AEBVTfString@@PEAUct_Mesh@@PEAVTfFontBox@@@Z
?FontLibDrawTextByVectorContour@@YAMAEBVTfFontKey@@AEBVTfString@@@Z
?FontLibEstimateLength@@YAM_NAEBVTfString@@1W4EFontType@@AEAM3333AEA_NAEAW4EPRCCharSet@@4@Z
?FontLibExistFontName@@YA_NAEBVTfString@@@Z
?FontLibFindFontKey@@YA_NAEBVTfString@@GAEAVTfFontKey@@_N222@Z
?FontLibFindFontKey@@YA_NAEBVTfString@@GDAEAVTfFontKey@@W4EPRCCharSet@@@Z
?FontLibFindFontKey@@YA_NHGAEAVTfFontKey@@_N111@Z
?FontLibFontMgrExist@@YA_NPEAH@Z
?FontLibGetDefaultFontName@@YAAEBVTfString@@XZ
?FontLibGetFontName@@YAXHAEAVTfString@@@Z
?FontLibGetFontNameForRTF@@YAXAEAVTfString@@@Z
?FontLibGetFontNameWithPrefix@@YAXAEAVTfString@@PEA_N@Z
?FontLibGetResolution@@YAHXZ
?FontLibGetSymbolFontKey@@YAXAEAVTfFontKey@@@Z
?FontLibGetSymbolFontName@@YAXAEAVTfString@@@Z
?FontLibGetTextBox@@YAXAEBVTfFontKey@@AEBVTfString@@AEAM2_N@Z
?FontLibGetTypeFontFromName@@YA?AW4EFontType@@AEAVTfString@@@Z
?FontLibInitFctSystem@@YA_NP6A?AW4EFontStatus@@AEAV?$TfSArray@VTfString@@@@@Z@Z
?FontLibIsCoolType@@YA_NXZ
?FontLibLoadAllFont@@YAXAEBV?$TfSArray@VTfString@@@@H@Z
?FontLibLoadCatiaFont@@YAXAEBV?$TfSArray@VTfString@@@@@Z
?FontLibLoadUGFont@@YAXAEBV?$TfSArray@VTfString@@@@@Z
?FontLibRemoveAllFonts@@YAXXZ
?FontLibRetrieveFontFamilies@@YAXHAEAV?$TfSArray@VTfString@@@@@Z
?FontLibSetDefaultFontName@@YAXAEBVTfString@@@Z
?FontLibSetResolution@@YAXH@Z
?FontLibSetSymbolFontName@@YAXAEBVTfString@@@Z
?FontSizeIndex@TfFontKey@@QEBAHXZ
?FontStyleIndex@TfFontKey@@QEBAHXZ
?GetAttributes@TfFontKey@@QEBADXZ
?GetBitmapFont@TfFontKey@@QEBA?AV?$C_ptr@VTfFont@@@@XZ
?GetCharSet@TfFontKey@@QEBA?AW4EPRCCharSet@@XZ
?GetFontAdvance@TfFontKey@@QEBAMAEBVTfString@@_N@Z
?GetFontAscent@TfFontKey@@QEBAM_N@Z
?GetFontContours@TfFontKey@@QEBA_NAEB_WAEAV?$TfSArray@VTfContour@@@@_N@Z
?GetFontDescent@TfFontKey@@QEBAM_N@Z
?GetFontFamilyInfo@TfFontKey@@QEBA_NHAEAVTfString@@@Z
?GetFontFamilyName@TfFontKey@@QEBAAEBVTfString@@XZ
?GetFontScale@TfFontKey@@QEBAMXZ
?GetFontScalePixel@TfFontKey@@QEBAMXZ
?GetFontSize@TfFontKey@@QEBAGXZ
?GetInternalFontInfo@TfFontKey@@QEBAMW4EFontInfo@@@Z
?GetTextBox@TfFontKey@@QEBAXAEBVTfString@@AEAM1_N@Z
?GetTextBox@TfFontKey@@QEBAXAEBVTfString@@AEAVTfFontBox@@_N@Z
?GetType@TfFontKey@@QEBA?AW4EFontType@@XZ
?GetVectorFont@TfFontKey@@QEBA?AV?$C_ptr@VTfFont@@@@XZ
?HasSymbol@TfFontKey@@QEBA_NXZ
?HasValidFamily@TfFontKey@@QEBA_NXZ
?HasValidStyle@TfFontKey@@QEBA_NXZ
?IsBold@TfFontKey@@QEBA_NXZ
?IsFixedWidth@TfFontKey@@QEBA_NXZ
?IsInternal@TfFontKey@@QEBA_NXZ
?IsItalic@TfFontKey@@QEBA_NXZ
?IsNull@TfFontKey@@QEAA_NXZ
?IsOverlined@TfFontKey@@QEBA_NXZ
?IsSoftware@TfFontKey@@QEBA_NXZ
?IsStretch@TfFontKey@@QEBA_NXZ
?IsStrikeOut@TfFontKey@@QEBA_NXZ
?IsTTFSymbols@TfFontKey@@QEBA_NXZ
?IsUnderlined@TfFontKey@@QEBA_NXZ
?IsValid@TfFontKey@@QEBA_NXZ
?IsWired@TfFontKey@@QEBA_NXZ
?LoadInternal@TfFontKey@@QEAA_NXZ
?ReSet@TfFontKey@@QEAAXXZ
?Set@TfFontKey@@QEAAXHHH@Z
?SetAttributes@TfFontKey@@QEAAXD@Z
?SetCharSet@TfFontKey@@QEAAXW4EPRCCharSet@@@Z
?SetFamily@TfFontKey@@QEAAXH@Z
?SetFontScale@TfFontKey@@QEBAXM@Z
?SetInternalBold@TfFontKey@@QEAAX_N@Z
?SetInternalItalic@TfFontKey@@QEAAX_N@Z
?SetOverlined@TfFontKey@@QEAAX_N@Z
?SetSize@TfFontKey@@QEAAXH@Z
?SetStrikeOut@TfFontKey@@QEAAX_N@Z
?SetStyle@TfFontKey@@QEAAXH@Z
?SetStyleSoftware@TfFontKey@@QEAAXAEA_N0_N@Z
?SetUnderlined@TfFontKey@@QEAAX_N@Z

Sections

.text
Size: 144KB - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 6.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 416B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
lummastealer/Data/UIAutomationTypes.dll
.dll windows:4 windows x64 arch:x64

Code Sign

33:00:00:03:04:c1:03:19:7e:c6:05:e4:04:00:00:00:00:03:04
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04-08-2022 20:23

Not After

03-08-2023 20:23

Subject

CN=.NET,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

52:9c:ae:93:43:bf:ad:b8:0f:1a:84:0f:06:be:ff:c7:7b:aa:9d:32:95:1a:34:45:f3:5a:a2:f4:f0:ce:9b:45
Signer

Actual PE Digest

52:9c:ae:93:43:bf:ad:b8:0f:1a:84:0f:06:be:ff:c7:7b:aa:9d:32:95:1a:34:45:f3:5a:a2:f4:f0:ce:9b:45

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

UIAutomationTypes.ni.pdb
/_/artifacts/obj/UIAutomationTypes/x64/Release/net7.0/UIAutomationTypes.pdb

Sections

.text
Size: 272KB - Virtual size: 271KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 524B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
lummastealer/Data/msys-asn1-8.dll
.dll windows:4 windows x64 arch:x64

d87fe0ed53faa8fd6da5da3965be4d94

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

PDB Paths

Imports

msys-com_err-1

init_error_table
initialize_error_table_r

msys-roken-18

rk_hex_decode
rk_hex_encode
rk_strpoolcollect
rk_strpoolprintf

msys-2.0

__cxa_atexit
_impure_ptr
abort
asprintf
calloc
cygwin_internal
dll_dllcrt0
free
malloc
memchr
memcmp
memcpy
memmove
memset
msys_detach_dll
posix_memalign
printf
qsort
realloc
snprintf
sscanf
strcasecmp
strdup
strlen
strtok_r
strtol

kernel32

GetModuleHandleA

Exports

Exports

APOptions2int
DigestTypes2int
DistributionPointReasonFlags2int
FastOptions2int
KDCFastFlags2int
KDCOptions2int
KeyUsage2int
SAMFlags2int
TicketFlags2int
__gcc_deregister_frame
__gcc_register_frame
_asn1_bmember_isset_bit
_asn1_bmember_put_bit
_asn1_copy
_asn1_copy_top
_asn1_decode
_asn1_decode_top
_asn1_encode
_asn1_free
_asn1_free_top
_asn1_length
_asn1_sizeofType
_der_gmtime
_der_timegm
_heim_der_set_sort
_heim_fix_dce
_heim_len_int
_heim_len_int64
_heim_len_unsigned
_heim_len_unsigned64
_heim_time2generalizedtime
add_AuthorizationData
add_CRLDistributionPoints
add_DigestAlgorithmIdentifiers
add_ETYPE_INFO
add_ETYPE_INFO2
add_Extensions
add_GeneralNames
add_METHOD_DATA
add_Principals
asn1_APOptions_units
asn1_DigestTypes_units
asn1_DistributionPointReasonFlags_units
asn1_FastOptions_units
asn1_KDCFastFlags_units
asn1_KDCOptions_units
asn1_KeyUsage_units
asn1_SAMFlags_units
asn1_TicketFlags_units
asn1_fuzzer_done
asn1_fuzzer_method
asn1_fuzzer_next
asn1_fuzzer_reset
asn1_oid_id_Userid
asn1_oid_id_aes_128_cbc
asn1_oid_id_aes_192_cbc
asn1_oid_id_aes_256_cbc
asn1_oid_id_apple_system_id
asn1_oid_id_at_commonName
asn1_oid_id_at_countryName
asn1_oid_id_at_description
asn1_oid_id_at_generationQualifier
asn1_oid_id_at_givenName
asn1_oid_id_at_initials
asn1_oid_id_at_localityName
asn1_oid_id_at_name
asn1_oid_id_at_organizationName
asn1_oid_id_at_organizationalUnitName
asn1_oid_id_at_pseudonym
asn1_oid_id_at_serialNumber
asn1_oid_id_at_stateOrProvinceName
asn1_oid_id_at_streetAddress
asn1_oid_id_at_surname
asn1_oid_id_at_title
asn1_oid_id_dhpublicnumber
asn1_oid_id_domainComponent
asn1_oid_id_dsa
asn1_oid_id_dsa_with_sha1
asn1_oid_id_ecDH
asn1_oid_id_ecMQV
asn1_oid_id_ecPublicKey
asn1_oid_id_ec_group_secp160r1
asn1_oid_id_ec_group_secp160r2
asn1_oid_id_ec_group_secp224r1
asn1_oid_id_ec_group_secp256r1
asn1_oid_id_ec_group_secp384r1
asn1_oid_id_ec_group_secp521r1
asn1_oid_id_ecdsa_with_SHA1
asn1_oid_id_ecdsa_with_SHA224
asn1_oid_id_ecdsa_with_SHA256
asn1_oid_id_ecdsa_with_SHA384
asn1_oid_id_ecdsa_with_SHA512
asn1_oid_id_heim_rsa_pkcs1_x509
asn1_oid_id_ms_cert_enroll_domaincontroller
asn1_oid_id_ms_client_authentication
asn1_oid_id_netscape
asn1_oid_id_netscape_cert_comment
asn1_oid_id_nistAlgorithm
asn1_oid_id_nist_aes_algs
asn1_oid_id_nist_sha_algs
asn1_oid_id_pbeWithSHAAnd128BitRC2_CBC
asn1_oid_id_pbeWithSHAAnd128BitRC4
asn1_oid_id_pbeWithSHAAnd2_KeyTripleDES_CBC
asn1_oid_id_pbeWithSHAAnd3_KeyTripleDES_CBC
asn1_oid_id_pbeWithSHAAnd40BitRC4
asn1_oid_id_pbewithSHAAnd40BitRC2_CBC
asn1_oid_id_pkauthdata
asn1_oid_id_pkcs12_bagtypes
asn1_oid_id_pkcs12_certBag
asn1_oid_id_pkcs12_crlBag
asn1_oid_id_pkcs12_keyBag
asn1_oid_id_pkcs12_pkcs8ShroudedKeyBag
asn1_oid_id_pkcs12_safeContentsBag
asn1_oid_id_pkcs12_secretBag
asn1_oid_id_pkcs1_md2WithRSAEncryption
asn1_oid_id_pkcs1_md5WithRSAEncryption
asn1_oid_id_pkcs1_rsaEncryption
asn1_oid_id_pkcs1_sha1WithRSAEncryption
asn1_oid_id_pkcs1_sha256WithRSAEncryption
asn1_oid_id_pkcs1_sha384WithRSAEncryption
asn1_oid_id_pkcs1_sha512WithRSAEncryption
asn1_oid_id_pkcs2_md2
asn1_oid_id_pkcs2_md4
asn1_oid_id_pkcs2_md5
asn1_oid_id_pkcs3_des_ede3_cbc
asn1_oid_id_pkcs3_rc2_cbc
asn1_oid_id_pkcs3_rc4
asn1_oid_id_pkcs7
asn1_oid_id_pkcs7_data
asn1_oid_id_pkcs7_digestedData
asn1_oid_id_pkcs7_encryptedData
asn1_oid_id_pkcs7_envelopedData
asn1_oid_id_pkcs7_signedAndEnvelopedData
asn1_oid_id_pkcs7_signedData
asn1_oid_id_pkcs9_contentType
asn1_oid_id_pkcs9_countersignature
asn1_oid_id_pkcs9_emailAddress
asn1_oid_id_pkcs9_messageDigest
asn1_oid_id_pkcs9_signingTime
asn1_oid_id_pkcs_1
asn1_oid_id_pkcs_12
asn1_oid_id_pkcs_12PbeIds
asn1_oid_id_pkcs_2
asn1_oid_id_pkcs_3
asn1_oid_id_pkcs_9
asn1_oid_id_pkcs_9_at_certTypes
asn1_oid_id_pkcs_9_at_certTypes_x509
asn1_oid_id_pkcs_9_at_friendlyName
asn1_oid_id_pkcs_9_at_localKeyId
asn1_oid_id_pkdhkeydata
asn1_oid_id_pkekuoid
asn1_oid_id_pkinit
asn1_oid_id_pkinit_kdf
asn1_oid_id_pkinit_kdf_ah_sha1
asn1_oid_id_pkinit_kdf_ah_sha256
asn1_oid_id_pkinit_kdf_ah_sha512
asn1_oid_id_pkinit_ms_eku
asn1_oid_id_pkinit_ms_san
asn1_oid_id_pkinit_san
asn1_oid_id_pkix
asn1_oid_id_pkix_kp
asn1_oid_id_pkix_kp_OCSPSigning
asn1_oid_id_pkix_kp_clientAuth
asn1_oid_id_pkix_kp_emailProtection
asn1_oid_id_pkix_kp_serverAuth
asn1_oid_id_pkix_kp_timeStamping
asn1_oid_id_pkix_on
asn1_oid_id_pkix_on_dnsSRV
asn1_oid_id_pkix_on_xmppAddr
asn1_oid_id_pkix_pe
asn1_oid_id_pkix_pe_authorityInfoAccess
asn1_oid_id_pkix_pe_proxyCertInfo
asn1_oid_id_pkix_ppl
asn1_oid_id_pkix_ppl_anyLanguage
asn1_oid_id_pkix_ppl_independent
asn1_oid_id_pkix_ppl_inheritAll
asn1_oid_id_pkkdcekuoid
asn1_oid_id_pkrkeydata
asn1_oid_id_rsa_digestAlgorithm
asn1_oid_id_rsa_digest_md2
asn1_oid_id_rsa_digest_md4
asn1_oid_id_rsa_digest_md5
asn1_oid_id_rsadsi_des_ede3_cbc
asn1_oid_id_rsadsi_encalg
asn1_oid_id_rsadsi_rc2_cbc
asn1_oid_id_secsig_sha_1
asn1_oid_id_secsig_sha_1WithRSAEncryption
asn1_oid_id_sha224
asn1_oid_id_sha256
asn1_oid_id_sha384
asn1_oid_id_sha512
asn1_oid_id_uspkicommon_card_id
asn1_oid_id_uspkicommon_piv_interim
asn1_oid_id_x509_ce
asn1_oid_id_x509_ce_authorityKeyIdentifier
asn1_oid_id_x509_ce_basicConstraints
asn1_oid_id_x509_ce_cRLDistributionPoints
asn1_oid_id_x509_ce_cRLNumber
asn1_oid_id_x509_ce_cRLReason
asn1_oid_id_x509_ce_certificateIssuer
asn1_oid_id_x509_ce_certificatePolicies
asn1_oid_id_x509_ce_deltaCRLIndicator
asn1_oid_id_x509_ce_extKeyUsage
asn1_oid_id_x509_ce_freshestCRL
asn1_oid_id_x509_ce_holdInstructionCode
asn1_oid_id_x509_ce_inhibitAnyPolicy
asn1_oid_id_x509_ce_invalidityDate
asn1_oid_id_x509_ce_issuerAltName
asn1_oid_id_x509_ce_issuingDistributionPoint
asn1_oid_id_x509_ce_keyUsage
asn1_oid_id_x509_ce_nameConstraints
asn1_oid_id_x509_ce_policyConstraints
asn1_oid_id_x509_ce_policyMappings
asn1_oid_id_x509_ce_privateKeyUsagePeriod
asn1_oid_id_x509_ce_subjectAltName
asn1_oid_id_x509_ce_subjectDirectoryAttributes
asn1_oid_id_x509_ce_subjectKeyIdentifier
asn1_oid_id_x520_at
asn1_oid_id_x9_57
asn1_template_prim
copy_AD_AND_OR
copy_AD_IF_RELEVANT
copy_AD_INITIAL_VERIFIED_CAS
copy_AD_KDCIssued
copy_AD_LoginAlias
copy_AD_MANDATORY_FOR_KDC
copy_APOptions
copy_AP_REP
copy_AP_REQ
copy_AS_REP
copy_AS_REQ
copy_AUTHDATA_TYPE
copy_AccessDescription
copy_AlgorithmIdentifier
copy_Attribute
copy_AttributeType
copy_AttributeTypeAndValue
copy_AttributeValue
copy_AuthPack
copy_AuthPack_Win2k
copy_Authenticator
copy_AuthorityInfoAccessSyntax
copy_AuthorityKeyIdentifier
copy_AuthorizationData
copy_AuthorizationDataElement
copy_BaseDistance
copy_BasicConstraints
copy_CKSUMTYPE
copy_CMSAttributes
copy_CMSCBCParameter
copy_CMSEncryptedData
copy_CMSIdentifier
copy_CMSRC2CBCParameter
copy_CMSVersion
copy_CRLCertificateList
copy_CRLDistributionPoints
copy_CRLReason
copy_Certificate
copy_CertificateList
copy_CertificateRevocationLists
copy_CertificateSerialNumber
copy_CertificateSet
copy_Certificates
copy_ChangePasswdDataMS
copy_Checksum
copy_ContentEncryptionAlgorithmIdentifier
copy_ContentInfo
copy_ContentType
copy_DHNonce
copy_DHParameter
copy_DHPublicKey
copy_DHRepInfo
copy_DSAParams
copy_DSAPublicKey
copy_DSASigValue
copy_DigestAlgorithmIdentifier
copy_DigestAlgorithmIdentifiers
copy_DigestError
copy_DigestInfo
copy_DigestInit
copy_DigestInitReply
copy_DigestREP
copy_DigestREQ
copy_DigestRepInner
copy_DigestReqInner
copy_DigestRequest
copy_DigestResponse
copy_DigestTypes
copy_DirectoryString
copy_DistributionPoint
copy_DistributionPointName
copy_DistributionPointReasonFlags
copy_DomainParameters
copy_ECDSA_Sig_Value
copy_ECParameters
copy_ECPoint
copy_ENCTYPE
copy_ETYPE_INFO
copy_ETYPE_INFO2
copy_ETYPE_INFO2_ENTRY
copy_ETYPE_INFO_ENTRY
copy_EncAPRepPart
copy_EncASRepPart
copy_EncKDCRepPart
copy_EncKrbCredPart
copy_EncKrbPrivPart
copy_EncTGSRepPart
copy_EncTicketPart
copy_EncapsulatedContentInfo
copy_EncryptedContent
copy_EncryptedContentInfo
copy_EncryptedData
copy_EncryptedKey
copy_EncryptionKey
copy_EnvelopedData
copy_EtypeList
copy_ExtKeyUsage
copy_Extension
copy_Extensions
copy_ExternalPrincipalIdentifier
copy_ExternalPrincipalIdentifiers
copy_FastOptions
copy_GeneralName
copy_GeneralNames
copy_GeneralSubtree
copy_GeneralSubtrees
copy_HostAddress
copy_HostAddresses
copy_IssuerAndSerialNumber
copy_KDCDHKeyInfo
copy_KDCDHKeyInfo_Win2k
copy_KDCFastCookie
copy_KDCFastFlags
copy_KDCFastState
copy_KDCOptions
copy_KDC_PROXY_MESSAGE
copy_KDC_REP
copy_KDC_REQ
copy_KDC_REQ_BODY
copy_KDFAlgorithmId
copy_KERB_ARMOR_SERVICE_REPLY
copy_KERB_CRED
copy_KERB_TGS_REP_IN
copy_KERB_TGS_REP_OUT
copy_KERB_TGS_REQ_IN
copy_KERB_TGS_REQ_OUT
copy_KERB_TIMES
copy_KRB5PrincipalName
copy_KRB5SignedPath
copy_KRB5SignedPathData
copy_KRB_CRED
copy_KRB_ERROR
copy_KRB_PRIV
copy_KRB_SAFE
copy_KRB_SAFE_BODY
copy_KX509_ERROR_CODE
copy_KerberosString
copy_KerberosTime
copy_KeyEncryptionAlgorithmIdentifier
copy_KeyIdentifier
copy_KeyTransRecipientInfo
copy_KeyUsage
copy_KrbCredInfo
copy_KrbFastArmor
copy_KrbFastArmoredRep
copy_KrbFastArmoredReq
copy_KrbFastFinished
copy_KrbFastReq
copy_KrbFastResponse
copy_Kx509Request
copy_Kx509Response
copy_LR_TYPE
copy_LastReq
copy_MESSAGE_TYPE
copy_METHOD_DATA
copy_MS_UPN_SAN
copy_MessageDigest
copy_NAME_TYPE
copy_NTLMInit
copy_NTLMInitReply
copy_NTLMReply
copy_NTLMRequest
copy_NTLMRequest2
copy_NTLMResponse
copy_Name
copy_NameConstraints
copy_OriginatorInfo
copy_OtherName
copy_PADATA_TYPE
copy_PA_DATA
copy_PA_ENC_SAM_RESPONSE_ENC
copy_PA_ENC_TS_ENC
copy_PA_FX_FAST_REPLY
copy_PA_FX_FAST_REQUEST
copy_PA_PAC_REQUEST
copy_PA_PK_AS_REP
copy_PA_PK_AS_REP_BTMM
copy_PA_PK_AS_REP_Win2k
copy_PA_PK_AS_REQ
copy_PA_PK_AS_REQ_Win2k
copy_PA_S4U2Self
copy_PA_SAM_CHALLENGE_2
copy_PA_SAM_CHALLENGE_2_BODY
copy_PA_SAM_REDIRECT
copy_PA_SAM_RESPONSE_2
copy_PA_SAM_TYPE
copy_PA_SERVER_REFERRAL_DATA
copy_PA_ServerReferralData
copy_PA_SvrReferralData
copy_PKAuthenticator
copy_PKAuthenticator_Win2k
copy_PKCS12_Attribute
copy_PKCS12_Attributes
copy_PKCS12_AuthenticatedSafe
copy_PKCS12_CertBag
copy_PKCS12_MacData
copy_PKCS12_OctetString
copy_PKCS12_PBEParams
copy_PKCS12_PFX
copy_PKCS12_SafeBag
copy_PKCS12_SafeContents
copy_PKCS8Attributes
copy_PKCS8EncryptedData
copy_PKCS8EncryptedPrivateKeyInfo
copy_PKCS8PrivateKey
copy_PKCS8PrivateKeyAlgorithmIdentifier
copy_PKCS8PrivateKeyInfo
copy_PKCS9_BMPString
copy_PKCS9_friendlyName
copy_PKIXXmppAddr
copy_PROV_SRV_LOCATION
copy_PkinitSP80056AOtherInfo
copy_PkinitSuppPubInfo
copy_Principal
copy_PrincipalName
copy_Principals
copy_ProxyCertInfo
copy_ProxyPolicy
copy_RDNSequence
copy_RSAPrivateKey
copy_RSAPublicKey
copy_Realm
copy_RecipientIdentifier
copy_RecipientInfo
copy_RecipientInfos
copy_RelativeDistinguishedName
copy_ReplyKeyPack
copy_ReplyKeyPack_Win2k
copy_SAMFlags
copy_SignatureAlgorithmIdentifier
copy_SignatureValue
copy_SignedData
copy_SignerIdentifier
copy_SignerInfo
copy_SignerInfos
copy_SubjectKeyIdentifier
copy_SubjectPublicKeyInfo
copy_TBSCRLCertList
copy_TBSCertificate
copy_TD_DH_PARAMETERS
copy_TD_INVALID_CERTIFICATES
copy_TD_TRUSTED_CERTIFIERS
copy_TGS_REP
copy_TGS_REQ
copy_TYPED_DATA
copy_Ticket
copy_TicketFlags
copy_Time
copy_TransitedEncoding
copy_TrustedCA
copy_TrustedCA_Win2k
copy_TypedData
copy_UniqueIdentifier
copy_UnprotectedAttributes
copy_ValidationParms
copy_Validity
copy_Version
copy_heim_any
copy_heim_any_set
copy_krb5int32
copy_krb5uint32
decode_AD_AND_OR
decode_AD_IF_RELEVANT
decode_AD_INITIAL_VERIFIED_CAS
decode_AD_KDCIssued
decode_AD_LoginAlias
decode_AD_MANDATORY_FOR_KDC
decode_APOptions
decode_AP_REP
decode_AP_REQ
decode_AS_REP
decode_AS_REQ
decode_AUTHDATA_TYPE
decode_AccessDescription
decode_AlgorithmIdentifier
decode_Attribute
decode_AttributeType
decode_AttributeTypeAndValue
decode_AttributeValue
decode_AuthPack

Sections

.text
Size: 436KB - Virtual size: 436KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.buildid
Size: 512B - Virtual size: 53B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 464B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 824B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
lummastealer/Data/wab32.dll
.dll windows:10 windows x64 arch:x64

2f5ac1d2b93fb3d9fb49c3c7a9a45a60

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

wab32.pdb

Imports

msvcrt

wcschr
_wfullpath
_purecall
_vsnprintf
swscanf_s
free
malloc
_callnewh
_XcptFilter
_amsg_exit
_wrename
rand
__C_specific_handler
_lock
memcmp
memcpy
memmove
_unlock
__dllonexit
_onexit
memset
_vsnwprintf
_initterm
wcstok_s
srand
strcmp

cryptdlg

CertViewPropertiesA

msoert2

ord44
HrCopyStream
OpenFileStreamShareW
HrStreamToByte
OpenFileStreamW

shlwapi

PathRenameExtensionW
SHRegEnumUSKeyW
SHRegCloseUSKey
SHRegEnumUSValueW
SHRegQueryInfoUSKeyW
ord214
SHRegQueryUSValueW
ord487
StrChrW
SHRegCreateUSKeyW
StrCSpnW
ord199
PathAppendW
SHRegGetUSValueW
SHRegSetUSValueW
ord153
PathGetDriveNumberW
PathIsNetworkPathW
PathCanonicalizeW
PathRemoveBackslashW
PathRemoveFileSpecW
StrStrIW
PathAddBackslashW
PathFindExtensionW
ord12
StrCmpW
StrCmpIW
ord219
PathFindFileNameW
StrCmpNIW
SHRegWriteUSValueW
PathFileExistsW
StrToIntA
SHStrDupW
UrlIsW
UrlGetPartW
ord158
PathAddExtensionW
StrCmpNIA
StrStrW
SHRegGetValueW
PathRemoveBlanksW
PathCreateFromUrlW
PathIsDirectoryW
UrlCanonicalizeW
ord154
ord16
PathCombineW
ord213
SHRegOpenUSKeyW

shell32

ord51
SHParseDisplayName
SHGetKnownFolderPath
SHGetMalloc
DragQueryFileW
ord18
ord155
ShellExecuteW
ord262
SHGetFolderPathW
ShellExecuteExW
SHGetKnownFolderIDList
ord940
SHChangeNotify

uxtheme

EnableThemeDialogTexture

advapi32

CryptAcquireContextW
CryptCreateHash
CryptHashData
CryptGetHashParam
CryptDestroyHash
RegOpenKeyExW
RegEnumValueW
RegCloseKey
TraceEvent
RegGetValueW
RegCreateKeyExW
RegDeleteValueW
RegSetValueExW
GetTraceLoggerHandle
GetTraceEnableLevel
GetTraceEnableFlags
RegisterTraceGuidsW
UnregisterTraceGuids
RegQueryValueExW
EventUnregister
EventRegister
EventSetInformation
EventWriteTransfer
GetUserNameW
RegQueryValueW
RegSetValueW
RegEnumKeyExW
CryptReleaseContext

gdi32

CreateFontIndirectW
DeleteObject
GetDeviceCaps
GetTextExtentPoint32W
CreateCompatibleDC
SetBkColor
ExtTextOutW
DeleteDC
CreateBrushIndirect
CreateDIBSection
RectVisible
PatBlt
GetObjectW
SetMapMode
SetAbortProc
StartDocW
EndDoc
GetTextExtentPointW
AbortDoc
EndPage
StartPage
SetBkMode
GetStockObject
TextOutW
Rectangle
MoveToEx
SelectObject
LineTo

imagehlp

TouchFileTimes

kernel32

SystemTimeToFileTime
LCMapStringW
GetModuleHandleW
ReleaseMutex
GetUserDefaultLCID
CreateMutexW
MoveFileW
GlobalFree
GlobalUnlock
GlobalLock
lstrcmpiA
GetShortPathNameW
WaitForSingleObject
SetEvent
CreateThread
CreateEventW
FindNextChangeNotification
WaitForMultipleObjects
FindCloseChangeNotification
FindFirstChangeNotificationW
SetEndOfFile
CopyFileW
GetCurrentThreadId
SetFilePointer
GetTempFileNameW
GetTempPathW
MoveFileExW
FindNextFileW
lstrcmpW
HeapDestroy
HeapCreate
TlsSetValue
GetLocaleInfoW
GetProfileIntW
HeapReAlloc
FindResourceW
LoadResource
LockResource
SizeofResource
FreeResource
MulDiv
GetSystemTime
GetModuleFileNameW
SetFileAttributesW
Sleep
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
WakeAllConditionVariable
SleepConditionVariableSRW
QueryPerformanceCounter
GetCurrentProcessId
GetTickCount
GetUserDefaultUILanguage
GetModuleHandleA
GetModuleHandleExW
FreeLibraryAndExitThread
IsDBCSLeadByte
GetFileAttributesExW
OutputDebugStringW
CreateActCtxW
ReleaseActCtx
ActivateActCtx
DeactivateActCtx
LoadLibraryExW
DeleteTimerQueueTimer
CreateTimerQueueTimer
GetLongPathNameW
GetCurrentDirectoryW
UnregisterWaitEx
GetOverlappedResult
ReadDirectoryChangesW
RegisterWaitForSingleObject
DelayLoadFailureHook
ResolveDelayLoadedAPI
CompareStringA
RtlCaptureContext
ExpandEnvironmentStringsW
RtlMoveMemory
lstrcmpiW
LocalAlloc
LocalFree
GetLastError
LoadLibraryW
FreeLibrary
FileTimeToSystemTime
GetDateFormatW
GetTimeFormatW
GetProcessHeap
HeapFree
WideCharToMultiByte
SetLastError
lstrcmpA
CreateFileW
WriteFile
CloseHandle
GetSystemTimeAsFileTime
GetFileSize
ReadFile
GetFileAttributesW
CompareStringW
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
DeleteFileW
CompareFileTime
FindFirstFileW
FindClose
GetVersion
GetProcAddress
FormatMessageW
TlsAlloc
TlsGetValue
TlsFree
MultiByteToWideChar

msimg32

AlphaBlend

ole32

CoWaitForMultipleHandles
CoInitialize
CoInitializeEx
PropVariantCopy
PropVariantClear
ReleaseStgMedium
CoGetMalloc
StringFromCLSID
CoTaskMemFree
CreateBindCtx
OleRun
CoCreateInstance
CLSIDFromString
CoUninitialize

oleaut32

SysAllocString
VarDateFromUdate
SysFreeString
SysAllocStringLen
SystemTimeToVariantTime
VariantChangeType
SysStringLen
GetErrorInfo
VariantClear
VarUdateFromDate

rpcrt4

UuidFromStringW
UuidCreate
UuidToStringW
RpcStringFreeW

user32

CharLowerA
DrawTextW
IsRectEmpty
CreateWindowExW
CreateDialogParamW
DialogBoxParamW
FindWindowW
LoadStringW
GetDesktopWindow
CharNextW
SendMessageW
GetMenuItemCount
DefWindowProcW
MessageBoxW
CheckRadioButton
EnableWindow
GetDlgItem
UpdateWindow
SetFocus
IsWindowEnabled
LoadCursorW
GetSysColorBrush
RegisterClassExW
UnregisterClassW
CharUpperA
SetWindowLongPtrW
GetWindowLongPtrW
GetWindowTextW
SetWindowTextW
GetMessageW
IsDialogMessageW
TranslateMessage
DispatchMessageW
GetParent
SendDlgItemMessageW
DestroyWindow
EndDialog
GetClientRect
IsWindow
RegisterClassW
SetCursor
RegisterWindowMessageW
SystemParametersInfoW
CharUpperW
PostMessageW
SetDlgItemTextW
SetTimer
ShowWindow
KillTimer
GetWindowRect
SetWindowPos
GetSystemMetrics
GetDC
ReleaseDC
CharPrevW
GetWindowLongW
SetWindowLongW
IsDlgButtonChecked
GetClassInfoW
DestroyAcceleratorTable
IsChild
GetFocus
GetKeyState
GetSysColor
InsertMenuItemW
LoadStringA
CreatePopupMenu
LoadIconW
SetMenuInfo
InsertMenuW
DestroyMenu
CharLowerW
PeekMessageW
EnableMenuItem
GetSystemMenu
GetDlgCtrlID
MapWindowPoints
MoveWindow
IsWindowVisible
CallWindowProcW
GetDlgItemTextW
LoadMenuW
GetSubMenu
TrackPopupMenu
CheckDlgButton
GetWindowTextLengthW
LoadImageW
BeginDeferWindowPos
ScreenToClient
EndDeferWindowPos
SetForegroundWindow
GetWindowPlacement
RemoveMenu
ModifyMenuW
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
AllowSetForegroundWindow
GetMenuItemInfoW
OffsetRect
InvalidateRect
FillRect
RedrawWindow
SetCapture
GetCapture
ReleaseCapture
GetCursorPos
PtInRect
BeginPaint
EndPaint
CharNextA

wininet

InternetCanonicalizeUrlW

ntdll

wcsncmp
wcstoul
strchr
strstr
WinSqmIncrementDWORD
_wcsicmp
wcsstr

sspicli

GetUserNameExW

iertutil

ord81
ord76
ord79
ord90
ord85
ord78
ord74

Exports

Exports

DllCanUnloadNow
DllGetClassObject
ShellUICommand_OnEditW
ShellUICommand_OnExportW
ShellUICommand_OnImportW
ShellUICommand_OnNewContactW
ShellUICommand_OnNewEmailW
ShellUICommand_OnNewGroupW
WABCreateIProp
WABOpen
WABOpenEx

Sections

.text
Size: 599KB - Virtual size: 599KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 78KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 384B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 142KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
lummastealer/ElbyCDIO.dll
.dll windows:5 windows x86 arch:x86

cb5f14e025f6fc6949c0a460bca769be

Code Sign

05:9b:1b:57:9e:8e:21:32:e2:39:07:bd:a7:77:75:5c
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-08-2013 12:00

Not After

15-01-2038 12:00

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29-04-2021 00:00

Not After

28-04-2036 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:5e:85:b1:a5:f3:a6:7d:bc:67:db:3e:95:3b:3b:24
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

12-01-2022 00:00

Not After

23-01-2025 23:59

Subject

SERIALNUMBER=91330106699809363L,CN=浙江无端科技股份有限公司,O=浙江无端科技股份有限公司,L=杭州市,ST=浙江省,C=CN,1.3.6.1.4.1.311.60.2.1.1=#0c09e69dade5b79ee5b882,1.3.6.1.4.1.311.60.2.1.2=#0c09e6b599e6b19fe79c81,1.3.6.1.4.1.311.60.2.1.3=#1302434e,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

29-03-2022 00:00

Not After

14-03-2033 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

99:98:bb:7d:4b:31:79:f8:17:d8:90:68:b4:d7:82:1e:b1:06:e1:19:cb:1f:00:ff:41:81:0f:eb:2c:68:49:e4
Signer

Actual PE Digest

99:98:bb:7d:4b:31:79:f8:17:d8:90:68:b4:d7:82:1e:b1:06:e1:19:cb:1f:00:ff:41:81:0f:eb:2c:68:49:e4

Digest Algorithm

sha256

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetVersionExA

Exports

Exports

CloakCDR_SendCommand
ElbyCDIO_ClearAllUsedTitles
ElbyCDIO_ClearAllValidTitles
ElbyCDIO_ClearUsedTitle
ElbyCDIO_ClearUsedTitles
ElbyCDIO_ClearValidTitle
ElbyCDIO_ClearValidTitles
ElbyCDIO_CloseScanTargets
ElbyCDIO_CloseTarget
ElbyCDIO_CreateDevice
ElbyCDIO_CreateFile
ElbyCDIO_DeInitScsi
ElbyCDIO_DisableAutoInsertNotification
ElbyCDIO_DisablePowerSaving
ElbyCDIO_DoScsiIO
ElbyCDIO_Eject
ElbyCDIO_EnableAutoInsertNotification
ElbyCDIO_EnablePowerSaving
ElbyCDIO_EnableUsedTitles
ElbyCDIO_EnableValidTitles
ElbyCDIO_EnumTargets
ElbyCDIO_ExCloseTray
ElbyCDIO_ExDoScsiIO
ElbyCDIO_ExEject
ElbyCDIO_ExToggleTray
ElbyCDIO_Free
ElbyCDIO_GetDllVersion
ElbyCDIO_GetDriveLetter
ElbyCDIO_GetDriveName
ElbyCDIO_GetDriverVersion
ElbyCDIO_GetFileVersion
ElbyCDIO_GetMaxTransferSize
ElbyCDIO_GetOSVersion
ElbyCDIO_GetPerformance
ElbyCDIO_GetScsiAddress
ElbyCDIO_GetUsedTitle
ElbyCDIO_GetValidTitle
ElbyCDIO_InitScsi
ElbyCDIO_InitScsiAspi
ElbyCDIO_InitScsiEx
ElbyCDIO_LockBuffer
ElbyCDIO_LockTarget
ElbyCDIO_Malloc
ElbyCDIO_OpenTarget1
ElbyCDIO_OpenTarget2
ElbyCDIO_OpenTarget3
ElbyCDIO_OpenTargetLetter
ElbyCDIO_Perform
ElbyCDIO_PreventAllowMediumRemoval
ElbyCDIO_ReadItem
ElbyCDIO_RegCreateKeyEx
ElbyCDIO_RegDeleteKey
ElbyCDIO_RegOpenKeyEx
ElbyCDIO_SameBus
ElbyCDIO_ScanAndOpenTargets
ElbyCDIO_SendPrivateCommand
ElbyCDIO_SetUsedTitle
ElbyCDIO_SetValidTitle
ElbyCDIO_UnLockTarget
ElbyCDIO_UnlockBuffer
ElbyCDIO_UsesLockedIO
ElbyCDIO_UsesNoTimedIO
ElbyCDIO_UsesWinASPI32
ElbyCDIO_WriteItem
IoAddSafeHead
IoAddSafeTail
IoCreateList
IoCreateSafeList
IoDeInitSafeList
IoDeleteList
IoDeleteSafeList
IoEnqueue
IoGetSafeHead
IoGetSafeTail
IoInitSafeList
IoIsSafeEmpty
IoObtainSafeList
IoReleaseSafeList
IoRemHead
IoRemSafeHead
IoRemSafeTail
IoRemTail
RegKill_SendCommand

Sections

.text
Size: - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.SHARED
Size: 4KB - Virtual size: 682B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Kt9
Size: - Virtual size: 5.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.Ap}
Size: 4KB - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.cG7
Size: 9.9MB - Virtual size: 9.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
lummastealer/ElbyVCD.dll
.dll windows:4 windows x86 arch:x86

ee96c0a1a551a58603cf4b2e5e1d56bd

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

04:00:00:00:00:01:2f:4e:e1:35:5c
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

13-04-2011 10:00

Not After

13-04-2019 10:00

Subject

CN=GlobalSign CodeSigning CA - G2,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

11:21:9e:c2:90:16:d7:3f:2c:c8:8e:b9:cc:8b:4f:8e:78:fb
Certificate

Issuer

CN=GlobalSign CodeSigning CA - G2,O=GlobalSign nv-sa,C=BE

Not Before

27-11-2012 14:35

Not After

27-11-2015 16:09

Subject

CN=Elaborate Bytes AG,O=Elaborate Bytes AG,L=Cham,ST=Zug,C=CH

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

61:0b:7f:6b:00:00:00:00:00:19
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23-05-2006 17:00

Not After

23-05-2016 17:10

Subject

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

4a:1e:21:3b:0b:ce:bc:cb:cc:68:18:20:7f:79:a9:2c:6b:03:15:1e
Signer

Actual PE Digest

4a:1e:21:3b:0b:ce:bc:cb:cc:68:18:20:7f:79:a9:2c:6b:03:15:1e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

elbycdio

ElbyCDIO_CreateDevice
ElbyCDIO_OpenTarget3
ElbyCDIO_GetScsiAddress
ElbyCDIO_InitScsi
ElbyCDIO_GetOSVersion
ElbyCDIO_ExEject
ElbyCDIO_ExToggleTray
ElbyCDIO_OpenTargetLetter
ElbyCDIO_ExCloseTray
ElbyCDIO_CloseTarget
ElbyCDIO_SendPrivateCommand

cfgmgr32

CM_Locate_DevNodeA
CM_Reenumerate_DevNode

kernel32

FindClose
FindFirstFileA
FindFirstFileW
CreateFileW
CreateFileA
GetDiskFreeSpaceA
GetFullPathNameA
GetPrivateProfileStringA
GetLastError
GetFileSize
ReadFile
SetFilePointer
SetCurrentDirectoryA
SetCurrentDirectoryW
GetCurrentDirectoryA
GetCurrentThreadId
GetCurrentProcessId
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
HeapSize
GetFullPathNameW
MultiByteToWideChar
lstrlenW
lstrlenA
WideCharToMultiByte
lstrcmpiA
CloseHandle
DeviceIoControl
GetDriveTypeA
HeapFree
HeapAlloc
HeapReAlloc
RaiseException
RtlUnwind
GetCommandLineA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
GetProcAddress
GetModuleHandleA
SetUnhandledExceptionFilter
ExitProcess
TerminateProcess
GetCurrentProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
UnhandledExceptionFilter
WriteFile
InterlockedExchange
VirtualQuery
VirtualProtect
GetSystemInfo
GetStringTypeA
GetStringTypeW
GetCPInfo
GetLocaleInfoA
GetACP
GetOEMCP
SetStdHandle
FlushFileBuffers
IsBadReadPtr
IsBadCodePtr
LoadLibraryA
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
LCMapStringA
LCMapStringW
SetEndOfFile

user32

wsprintfW
FindWindowA
SendMessageA
wsprintfA

advapi32

RegQueryValueExW
RegDeleteValueA
RegSetValueExA
RegSetValueExW
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA

Exports

Exports

CloseVCCD
OpenVCCD
OpenVCCDLetter
PurgeHistory
VCCDCloseDevice
VCCDCloseTray
VCCDEjectTray
VCCDGetDrives
VCCDGetStatus
VCCDInit
VCCDIsInstalled
VCCDIsInstalledEx
VCCDMultiOpenDevice
VCCDMultiOpenDeviceEx
VCCDNop
VCCDOpenDevice
VCCDOpenDeviceW
VCCDOpenLastMountedFile
VCCDOpenLastMountedFiles
VCCDRestoreDrives
VCCDSetDrives
VCCDToggleTray

Sections

.text
Size: 92KB - Virtual size: 90KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
lummastealer/Old-Setup/Data/AudioRenderer.dll
.dll windows:5 windows x64 arch:x64

a4c776c8c8aef2452297de4da7a8b846

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

6c:59:ef:a9:e1:00:e1:0e:e3:06:ba:8f:e0:29:25:59
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

07-06-2012 00:00

Not After

06-06-2022 23:59

Subject

CN=Symantec Class 3 Extended Validation Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

35:a8:4f:a5:03:f8:9b:49:83:96:bb:48:91:68:a5:80
Certificate

Issuer

CN=Symantec Class 3 Extended Validation Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

14-01-2014 00:00

Not After

07-01-2016 23:59

Subject

SERIALNUMBER=2748129,CN=Adobe Systems Incorporated,OU=Photoshop\, Bridge - SHA256,O=Adobe Systems Incorporated,L=San Jose,ST=California,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

23:ae:c0:7c:0a:5d:b2:9d:6c:ee:d9:27:81:40:e8:e7:00:e1:d1:49
Signer

Actual PE Digest

23:ae:c0:7c:0a:5d:b2:9d:6c:ee:d9:27:81:40:e8:e7:00:e1:d1:49

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\DynamicLinkMediaServer8\releases\2014.03\dynamiclinkmediaserver\Targets\Win\Release\64\AudioRenderer.pdb

Imports

dvacore

??6?$basic_ostream@EU?$char_traits@E@std@@@std@@QEAAAEAV01@I@Z
?str@?$basic_ostringstream@EU?$char_traits@E@std@@V?$STLAllocator@E@SmallBlockAllocator@utility@dvacore@@@std@@QEBA?AV?$basic_string@EU?$char_traits@E@std@@V?$STLAllocator@E@SmallBlockAllocator@utility@dvacore@@@2@XZ
??_DoUTF8StringStream@dvacore@@QEAAXXZ
??0iUTF8StringStream@dvacore@@QEAA@AEBV?$basic_string@EU?$char_traits@E@std@@V?$STLAllocator@E@SmallBlockAllocator@utility@dvacore@@@std@@@Z
??5?$basic_istream@EU?$char_traits@E@std@@@std@@QEAAAEAV01@AEAI@Z
??_DiUTF8StringStream@dvacore@@QEAAXXZ
??0RecursiveMutex@threads@dvacore@@QEAA@XZ
??1RecursiveMutex@threads@dvacore@@QEAA@XZ
?Unlock@RecursiveMutex@threads@dvacore@@QEBAXXZ
??0oUTF8StringStream@dvacore@@QEAA@XZ
?GetEntry@DebugDatabase@debug@dvacore@@QEBA?AV?$basic_string@EU?$char_traits@E@std@@V?$STLAllocator@E@SmallBlockAllocator@utility@dvacore@@@std@@AEBV45@0@Z
?Instance@DebugDatabase@debug@dvacore@@SAAEAV123@XZ
?AsciiToUTF16@utility@dvacore@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$STLAllocator@G@SmallBlockAllocator@utility@dvacore@@@std@@PEBD_K@Z
??Y?$basic_string@GU?$char_traits@G@std@@V?$STLAllocator@G@SmallBlockAllocator@utility@dvacore@@@std@@QEAAAEAV01@AEBV01@@Z
??4?$basic_string@GU?$char_traits@G@std@@V?$STLAllocator@G@SmallBlockAllocator@utility@dvacore@@@std@@QEAAAEAV01@$$QEAV01@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$STLAllocator@G@SmallBlockAllocator@utility@dvacore@@@std@@QEAA@AEBV01@@Z
?Trace@debug@dvacore@@YAXPEBE@Z
?GetCurrentThreadID@threads@dvacore@@YAKXZ
?TraceEnabled@debug@dvacore@@YA_NPEBEJ_N@Z
?TraceChangeCount@debug@dvacore@@YAHXZ
?PassThrough@Gate@threads@dvacore@@QEBA_NH@Z
?Open@Gate@threads@dvacore@@QEAAXXZ
?Close@Gate@threads@dvacore@@QEAAXXZ
??0Gate@threads@dvacore@@QEAA@_N@Z
??1Gate@threads@dvacore@@QEAA@XZ
??0Guid@utility@dvacore@@QEAA@KGGEEEEEEEE@Z
??1?$basic_string@GU?$char_traits@G@std@@V?$STLAllocator@G@SmallBlockAllocator@utility@dvacore@@@std@@QEAA@XZ
??1?$basic_string@EU?$char_traits@E@std@@V?$STLAllocator@E@SmallBlockAllocator@utility@dvacore@@@std@@QEAA@XZ
?UTF8to16@utility@dvacore@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$STLAllocator@G@SmallBlockAllocator@utility@dvacore@@@std@@AEBV?$basic_string@EU?$char_traits@E@std@@V?$STLAllocator@E@SmallBlockAllocator@utility@dvacore@@@4@PEAW4UnicodeErrorCode@12@PEA_K@Z
?Dispose@SmallBlockAllocator@utility@dvacore@@YAXPEAX_K@Z
?Allocate@SmallBlockAllocator@utility@dvacore@@YAPEAX_K@Z
??1ReplacementValue@config@dvacore@@QEAA@XZ
??0?$basic_string@EU?$char_traits@E@std@@V?$STLAllocator@E@SmallBlockAllocator@utility@dvacore@@@std@@QEAA@PEBE@Z
?ThrowError@config@dvacore@@YAXW4ErrorLevel@12@PEBDKJ_NAEBVReplacementValue@12@333@Z
??0ReplacementValue@config@dvacore@@QEAA@XZ
?IsDebuggerAttached@debug@dvacore@@YA_NXZ
?BreakAfterContractDialog@debug@dvacore@@YA_NPEBD00J@Z
?sNullString@ImmutableString@utility@dvacore@@0QBEB
??1ImmutableString@utility@dvacore@@QEAA@XZ
??0ImmutableString@utility@dvacore@@QEAA@AEBV012@@Z
?CreateDynamic@ImmutableString@utility@dvacore@@SA?AV123@PEBD@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$STLAllocator@G@SmallBlockAllocator@utility@dvacore@@@std@@QEAA@XZ
?Lock@RecursiveMutex@threads@dvacore@@QEBAXPEBD@Z

dvamediatypes

??ZTickTime@dvamediatypes@@QEAAAEAV01@AEBV01@@Z
?kTime_Invalid@dvamediatypes@@3VTickTime@1@B
??KTickTime@dvamediatypes@@QEBANAEBV01@@Z
?kFrameRate_Zero@dvamediatypes@@3VFrameRate@1@B
??GTickTime@dvamediatypes@@QEBA?AV01@XZ
?kFrameRate_Audio48000@dvamediatypes@@3VFrameRate@1@B
?AlignToFrame@TickTime@dvamediatypes@@QEAAXAEBVFrameRate@2@@Z
?kTime_Min@dvamediatypes@@3VTickTime@1@B
?ToFrame64@TickTime@dvamediatypes@@QEBA_JAEBVFrameRate@2@@Z
?kTime_Max@dvamediatypes@@3VTickTime@1@B
??XTickTime@dvamediatypes@@QEAAAEAV01@N@Z
?kTime_Zero@dvamediatypes@@3VTickTime@1@B
?AddFrames@TickTime@dvamediatypes@@QEAAX_JAEBVFrameRate@2@@Z
?ToFrame32@TickTime@dvamediatypes@@QEBAJAEBVFrameRate@2@@Z
??DTickTime@dvamediatypes@@QEBA?AV01@N@Z
??GTickTime@dvamediatypes@@QEBA?AV01@AEBV01@@Z
??HTickTime@dvamediatypes@@QEBA?AV01@AEBV01@@Z
?CreateLegacy51ChannelLayout@dvamediatypes@@YA?AV?$vector@UAudioChannelDescription@dvamediatypes@@V?$allocator@UAudioChannelDescription@dvamediatypes@@@std@@@std@@XZ
?CreateStereoChannelLayout@dvamediatypes@@YA?AV?$vector@UAudioChannelDescription@dvamediatypes@@V?$allocator@UAudioChannelDescription@dvamediatypes@@@std@@@std@@XZ
?CreateMonoChannelLayout@dvamediatypes@@YA?AV?$vector@UAudioChannelDescription@dvamediatypes@@V?$allocator@UAudioChannelDescription@dvamediatypes@@@std@@@std@@XZ
?CreateMultichannelLayout@dvamediatypes@@YA?AV?$vector@UAudioChannelDescription@dvamediatypes@@V?$allocator@UAudioChannelDescription@dvamediatypes@@@std@@@std@@H@Z
??YTickTime@dvamediatypes@@QEAAAEAV01@AEBV01@@Z

kernel32

TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
Sleep
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
HeapFree
HeapReAlloc
HeapAlloc
HeapCreate
DecodePointer
DisableThreadLibraryCalls
EncodePointer
GetSystemTimeAsFileTime

oleaut32

SysFreeString

aslfoundation

??1Impl@ASL@@UEAA@XZ
?MixInData@MixHash@ASL@@CAXAEAVHashValue@2@PEBE_K@Z
??0Exception@ASL@@QEAA@XZ
??1Exception@ASL@@UEAA@XZ
?Allocate@Allocator@ASL@@SAPEAX_K@Z
?Dispose@Allocator@ASL@@SAXPEAX_K@Z
?what@Exception@ASL@@UEBAPEBDXZ
??1MemoryRecycler@ASL@@QEAA@XZ
?RecycleBuffer@MemoryRecycler@ASL@@QEAAXAEAVMemoryBuffer@2@@Z
?Instance@MemoryRecycler@ASL@@SA?AV?$ObjectPtr@VMemoryRecycler@ASL@@VAtomicValue@2@@2@XZ
?AllocateBuffer@MemoryRecycler@ASL@@QEAA?AVMemoryBuffer@2@_K@Z
?Resume@ThreadedWorkQueue@ASL@@QEAAXXZ
?Pause@ThreadedWorkQueue@ASL@@QEAAXXZ
??0ThreadedWorkQueue@ASL@@QEAA@XZ
??1ConstString@ASL@@QEAA@XZ
?Initialize@ThreadedWorkQueue@ASL@@QEAA_NW4Type@ThreadPriorities@2@HVConstString@2@1@Z
?MakeStdString@ASL@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AEBV?$basic_string@GU?$char_traits@G@std@@V?$STLAllocator@G@SmallBlockAllocator@utility@dvacore@@@3@@Z
?QueueRequest@ThreadedWorkQueue@ASL@@QEAA_NV?$InterfaceRef@UIThreadedQueueRequest@ASL@@U12@@2@@Z
?Stop@ThreadedWorkQueue@ASL@@QEAAXXZ
??0ConstString@ASL@@QEAA@AEBV?$basic_string@GU?$char_traits@G@std@@V?$STLAllocator@G@SmallBlockAllocator@utility@dvacore@@@std@@@Z

aslmessaging

?RegisterUniqueStation@StationRegistry@ASL@@YA?AVImmutableString@utility@dvacore@@XZ
?DisposeStation@StationRegistry@ASL@@YAXAEBVImmutableString@utility@dvacore@@@Z

mediafoundation

?kPi@MF@@3MB
?kSqrt2Over264@MF@@3NB

msvcp100

?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?width@ios_base@std@@QEAA_J_J@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?uncaught_exception@std@@YA_NXZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?good@ios_base@std@@QEBA_NXZ
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
?_Swap_all@_Container_base0@std@@QEAAXAEAU12@@Z
?exceptions@ios_base@std@@QEAAXH@Z
?fail@ios_base@std@@QEBA_NXZ
?max@?$numeric_limits@I@std@@SAIXZ
?_Xout_of_range@std@@YAXPEBD@Z
?_Xlength_error@std@@YAXPEBD@Z
??0id@locale@std@@QEAA@_K@Z
?_Orphan_all@_Container_base0@std@@QEAAXXZ
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADXZ
?flags@ios_base@std@@QEBAHXZ
?width@ios_base@std@@QEBA_JXZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXH@Z
?pbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXH@Z
?_BADOFF@std@@3_JB
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@K@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z

msvcr100

_purecall
_snprintf
__clean_type_info_names_internal
__crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QEAAXXZ
_CxxThrowException
??0exception@std@@QEAA@AEBV01@@Z
__CxxFrameHandler3
__CppXcptFilter
_amsg_exit
_encoded_null
free
_initterm_e
_initterm
_malloc_crt
?terminate@@YAXXZ
_onexit
_lock
__dllonexit
_unlock
__C_specific_handler
sqrt
__RTDynamicCast
_time64
memcpy
??_V@YAXPEAX@Z
floor
memmove
memset
sqrtf
sinf
cosf
atan2f
sin
cos
??1exception@std@@UEAA@XZ
?what@exception@std@@UEBAPEBDXZ
??0exception@std@@QEAA@AEBQEBD@Z
??2@YAPEAX_K@Z
??3@YAXPEAX@Z

Exports

Exports

??0AudioBuffer@AR@@QEAA@AEBV01@@Z
??0AudioBuffer@AR@@QEAA@H_N@Z
??0AudioBufferChannel@AR@@QEAA@AEBV01@@Z
??0AudioBufferChannel@AR@@QEAA@XZ
??0AudioBufferShell@AR@@QEAA@XZ
??0AudioDelayBuffer@AR@@QEAA@AEBV01@@Z
??0AudioDelayBuffer@AR@@QEAA@H_N@Z
??0AudioFilterControl@AR@@QEAA@V?$InterfaceRef@UIAudioFilter@AR@@U12@@ASL@@I@Z
??0AudioSubBuffer@AR@@QEAA@XZ
??0AudioWaveformRequest@AR@@QEAA@XZ
??1AudioBuffer@AR@@UEAA@XZ
??1AudioBufferChannel@AR@@UEAA@XZ
??1AudioBufferShell@AR@@UEAA@XZ
??1AudioDelayBuffer@AR@@UEAA@XZ
??1AudioSubBuffer@AR@@UEAA@XZ
??4AudioBuffer@AR@@QEAAXAEBV01@@Z
??4AudioBuffer@AR@@QEAAXPEAPEBD@Z
??4AudioBuffer@AR@@QEAAXPEAPEBF@Z
??4AudioBuffer@AR@@QEAAXPEBD@Z
??4AudioBuffer@AR@@QEAAXPEBF@Z
??8AudioWaveformRequest@AR@@QEAA_NAEBV01@@Z
??AAudioBuffer@AR@@QEBAPEAMI@Z
??XAudioBuffer@AR@@QEAAXM@Z
??YAudioBuffer@AR@@QEAAXAEBV01@@Z
??_FAudioBuffer@AR@@QEAAXXZ
??_FAudioDelayBuffer@AR@@QEAAXXZ
?ACM16ChannelTo51@AudioChannelMix@AR@@YAXAEBVAudioBuffer@2@AEAV32@@Z
?ACM16ChannelToMono@AudioChannelMix@AR@@YAXAEBVAudioBuffer@2@AEAV32@@Z
?ACM16ChannelToStereo@AudioChannelMix@AR@@YAXAEBVAudioBuffer@2@AEAV32@@Z
?ACM51FrontLFEToMono@AudioChannelMix@AR@@YAXAEBVAudioBuffer@2@AEAV32@@Z
?ACM51FrontLFEToStereo@AudioChannelMix@AR@@YAXAEBVAudioBuffer@2@AEAV32@@Z
?ACM51FrontRearLFEToMono@AudioChannelMix@AR@@YAXAEBVAudioBuffer@2@AEAV32@@Z
?ACM51FrontRearLFEToStereo@AudioChannelMix@AR@@YAXAEBVAudioBuffer@2@AEAV32@@Z
?ACM51FrontRearToMono@AudioChannelMix@AR@@YAXAEBVAudioBuffer@2@AEAV32@@Z
?ACM51FrontRearToStereo@AudioChannelMix@AR@@YAXAEBVAudioBuffer@2@AEAV32@@Z
?ACM51FrontToMono@AudioChannelMix@AR@@YAXAEBVAudioBuffer@2@AEAV32@@Z
?ACM51FrontToStereo@AudioChannelMix@AR@@YAXAEBVAudioBuffer@2@AEAV32@@Z
?ACMMonoToStereoDefault@AudioChannelMix@AR@@YAXAEBVAudioBuffer@2@AEAV32@@Z
?ACMSame@AudioChannelMix@AR@@YAXAEBVAudioBuffer@2@AEAV32@@Z
?ACMStereoToMonoDefault@AudioChannelMix@AR@@YAXAEBVAudioBuffer@2@AEAV32@@Z
?Assign@AudioBufferChannel@AR@@QEAAXAEAVAudioBuffer@2@I@Z
?Assign@AudioBufferShell@AR@@QEAAXPEAPEAMI@Z
?Assign@AudioSubBuffer@AR@@QEAAXAEAVAudioBuffer@2@I@Z
?AudioMatrixToString@AR@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$STLAllocator@G@SmallBlockAllocator@utility@dvacore@@@std@@AEBV?$map@_KV?$set@_KU?$less@_K@std@@@SmallBlockAllocator@utility@dvacore@@U?$less@_K@std@@@SmallBlockAllocator@utility@dvacore@@@Z
?CancelAllPendingPrefetchRequests@AR@@YAXXZ
?CancelAllPendingPrefetchRequests@AudioPrefetch@AR@@YAXXZ
?Cast@AudioBuffer@AR@@QEBAXPEAD@Z
?Cast@AudioBuffer@AR@@QEBAXPEAF@Z
?Cast@AudioBuffer@AR@@QEBAXPEAPEAD@Z
?Cast@AudioBuffer@AR@@QEBAXPEAPEAF@Z
?Clear@AudioWaveformQueue@AR@@YAXXZ
?Complete@AudioWaveformRequest@AR@@UEAAXH@Z
?ConvertInt32ToFloat32InPlace@AR@@YAXPEAJ_K@Z
?CopyCertainChannelsFrom@AudioBuffer@AR@@QEAAXAEBV12@IAEBV?$Flags@K@utility@dvacore@@@Z
?CopyChannel@AudioBuffer@AR@@QEAAXAEBV12@II@Z
?CopyChannel@AudioBuffer@AR@@QEAAXII@Z
?CopyFrom@AudioBuffer@AR@@QEAAXAEBV12@@Z
?CopyFrom@AudioBuffer@AR@@QEAAXAEBV12@I@Z
?CopyFrom@AudioBuffer@AR@@QEAAXAEBV12@II@Z
?CopyFromScale@AudioBuffer@AR@@QEAAXAEBV12@M@Z
?CreateAudioChannelMatrixRenderer@AudioRendererFactory@AR@@YAHV?$InterfaceRef@UIAudioRenderContext@AR@@U12@@ASL@@AEBVFrameRate@dvamediatypes@@AEBV?$map@_KV?$set@_KU?$less@_K@std@@@SmallBlockAllocator@utility@dvacore@@U?$less@_K@std@@@SmallBlockAllocator@utility@dvacore@@PEAV?$InterfaceRef@UIAudioProcessor@AR@@U12@@4@@Z
?CreateAudioClipRenderer@AudioRendererFactory@AR@@YAHV?$InterfaceRef@UIAudioRenderContext@AR@@U12@@ASL@@AEBVFrameRate@dvamediatypes@@AEBV?$map@V?$InterfaceRef@UIAudioGenerator@AR@@U12@@ASL@@V?$map@_K_KU?$less@_K@std@@V?$STLAllocator@U?$pair@$$CB_K_K@std@@@SmallBlockAllocator@utility@dvacore@@@std@@U?$less@V?$InterfaceRef@UIAudioGenerator@AR@@U12@@ASL@@@4@V?$STLAllocator@U?$pair@$$CBV?$InterfaceRef@UIAudioGenerator@AR@@U12@@ASL@@V?$map@_K_KU?$less@_K@std@@V?$STLAllocator@U?$pair@$$CB_K_K@std@@@SmallBlockAllocator@utility@dvacore@@@std@@@std@@@SmallBlockAllocator@utility@dvacore@@@std@@AEBV?$vector@UAudioChannelDescription@dvamediatypes@@V?$allocator@UAudioChannelDescription@dvamediatypes@@@std@@@8@AEBVTickTime@6@MNPEAV?$InterfaceRef@UIAudioGenerator@AR@@U12@@4@@Z
?CreateAudioClipTrackRenderer@AudioRendererFactory@AR@@YAHV?$InterfaceRef@UIAudioRenderContext@AR@@U12@@ASL@@AEBVFrameRate@dvamediatypes@@AEBV?$vector@V?$InterfaceRef@UIAudioTrackRenderableItem@AR@@U12@@ASL@@V?$STLAllocator@V?$InterfaceRef@UIAudioTrackRenderableItem@AR@@U12@@ASL@@@SmallBlockAllocator@utility@dvacore@@@std@@V?$InterfaceRef@UASLUnknown@ASL@@U12@@4@V?$ObjectPtr@VAtomicValue@ASL@@V12@@4@AEBV?$vector@V?$InterfaceRef@UIAudioProcessor@AR@@U12@@ASL@@V?$STLAllocator@V?$InterfaceRef@UIAudioProcessor@AR@@U12@@ASL@@@SmallBlockAllocator@utility@dvacore@@@8@V?$InterfaceRef@UIAudioPanProcessor@AR@@U12@@4@AEBV?$vector@UAudioChannelDescription@dvamediatypes@@V?$allocator@UAudioChannelDescription@dvamediatypes@@@std@@@8@PEAV?$InterfaceRef@UIAudioGenerator@AR@@U12@@4@@Z
?CreateAudioClipTrackRenderer@AudioRendererFactory@AR@@YAHV?$InterfaceRef@UIAudioRenderContext@AR@@U12@@ASL@@AEBVFrameRate@dvamediatypes@@AEBV?$vector@V?$InterfaceRef@UIAudioTrackRenderableItem@AR@@U12@@ASL@@V?$STLAllocator@V?$InterfaceRef@UIAudioTrackRenderableItem@AR@@U12@@ASL@@@SmallBlockAllocator@utility@dvacore@@@std@@V?$InterfaceRef@UASLUnknown@ASL@@U12@@4@V?$ObjectPtr@VAtomicValue@ASL@@V12@@4@AEBV?$vector@V?$InterfaceRef@UIAudioProcessor@AR@@U12@@ASL@@V?$STLAllocator@V?$InterfaceRef@UIAudioProcessor@AR@@U12@@ASL@@@SmallBlockAllocator@utility@dvacore@@@8@V?$InterfaceRef@UIAudioPanProcessor@AR@@U12@@4@W4AudioChannelType@MF@@AEBV?$vector@UAudioChannelDescription@dvamediatypes@@V?$allocator@UAudioChannelDescription@dvamediatypes@@@std@@@8@PEAV?$InterfaceRef@UIAudioGenerator@AR@@U12@@4@@Z
?CreateAudioContentMulticamRenderer@AudioRendererFactory@AR@@YAHV?$InterfaceRef@UIAudioRenderContext@AR@@U12@@ASL@@AEBVFrameRate@dvamediatypes@@1AEBV?$vector@V?$InterfaceRef@UIAudioGenerator@AR@@U12@@ASL@@V?$STLAllocator@V?$InterfaceRef@UIAudioGenerator@AR@@U12@@ASL@@@SmallBlockAllocator@utility@dvacore@@@std@@V?$ObjectPtr@VAtomicValue@ASL@@V12@@4@_NAEBVTickTime@6@5PEAV?$InterfaceRef@UIAudioGenerator@AR@@U12@@4@@Z
?CreateAudioContentRenderer@AudioRendererFactory@AR@@YAHV?$InterfaceRef@UIAudioRenderContext@AR@@U12@@ASL@@AEBVFrameRate@dvamediatypes@@1V?$InterfaceRef@UIAudioGenerator@AR@@U12@@4@_NAEBVTickTime@6@4V?$InterfaceRef@UASLUnknown@ASL@@U12@@4@PEAV74@@Z
?CreateAudioFaderRenderer@AudioRendererFactory@AR@@YAHV?$InterfaceRef@UIAudioRenderContext@AR@@U12@@ASL@@AEBVFrameRate@dvamediatypes@@AEBV?$vector@V?$InterfaceRef@UIRenderableAudioComponentParam@AR@@U12@@ASL@@V?$STLAllocator@V?$InterfaceRef@UIRenderableAudioComponentParam@AR@@U12@@ASL@@@SmallBlockAllocator@utility@dvacore@@@std@@PEAV?$InterfaceRef@UIAudioProcessor@AR@@U12@@4@@Z
?CreateAudioFilterRenderer@AudioRendererFactory@AR@@YAHV?$InterfaceRef@UIAudioRenderContext@AR@@U12@@ASL@@AEBVFrameRate@dvamediatypes@@V?$InterfaceRef@UIAudioFilter@AR@@U12@@4@2_NAEBV?$vector@V?$InterfaceRef@UIRenderableAudioComponentParam@AR@@U12@@ASL@@V?$STLAllocator@V?$InterfaceRef@UIRenderableAudioComponentParam@AR@@U12@@ASL@@@SmallBlockAllocator@utility@dvacore@@@std@@AEBV?$vector@UAudioChannelDescription@dvamediatypes@@V?$allocator@UAudioChannelDescription@dvamediatypes@@@std@@@9@PEAV?$InterfaceRef@UIAudioProcessor@AR@@U12@@4@@Z
?CreateAudioMeterRenderer@AudioRendererFactory@AR@@YAHV?$InterfaceRef@UIAudioRenderContext@AR@@U12@@ASL@@AEBVFrameRate@dvamediatypes@@V?$InterfaceRef@UIAudioMeterSetter@AR@@U12@@4@PEAV?$InterfaceRef@UIAudioProcessor@AR@@U12@@4@@Z
?CreateAudioMixTrackRenderer@AudioRendererFactory@AR@@YAHV?$InterfaceRef@UIAudioRenderContext@AR@@U12@@ASL@@AEBVFrameRate@dvamediatypes@@V?$InterfaceRef@UIAudioGenerator@AR@@U12@@4@V?$InterfaceRef@UASLUnknown@ASL@@U12@@4@V?$ObjectPtr@VAtomicValue@ASL@@V12@@4@AEBV?$vector@V?$InterfaceRef@UIAudioProcessor@AR@@U12@@ASL@@V?$STLAllocator@V?$InterfaceRef@UIAudioProcessor@AR@@U12@@ASL@@@SmallBlockAllocator@utility@dvacore@@@std@@V?$InterfaceRef@UIAudioPanProcessor@AR@@U12@@4@AEBV?$vector@UAudioChannelDescription@dvamediatypes@@V?$allocator@UAudioChannelDescription@dvamediatypes@@@std@@@std@@PEAV74@@Z
?CreateAudioPanProcessorRenderer@AudioRendererFactory@AR@@YAHV?$InterfaceRef@UIAudioRenderContext@AR@@U12@@ASL@@AEBVFrameRate@dvamediatypes@@W4PanProcessorType@2@_NAEBV?$vector@V?$InterfaceRef@UIRenderableAudioComponentParam@AR@@U12@@ASL@@V?$STLAllocator@V?$InterfaceRef@UIRenderableAudioComponentParam@AR@@U12@@ASL@@@SmallBlockAllocator@utility@dvacore@@@std@@PEAV?$InterfaceRef@UIAudioPanProcessor@AR@@U12@@4@@Z
?CreateAudioRenderContext@AudioRendererFactory@AR@@YAHI_N0AEBVTickTime@dvamediatypes@@11I1PEAUPrefetcher@2@AEBVImmutableString@utility@dvacore@@0000W4RenderQuality@4@PEAV?$InterfaceRef@UIAudioRenderContext@AR@@U12@@ASL@@@Z
?CreateAudioResampler@AudioResamplerFactory@AR@@YA?AV?$InterfaceRef@UIAudioResampler@AR@@U12@@ASL@@W4RenderQuality@dvamediatypes@@@Z
?CreateAudioSendRenderer@AudioRendererFactory@AR@@YAHV?$InterfaceRef@UIAudioRenderContext@AR@@U12@@ASL@@AEBVFrameRate@dvamediatypes@@V?$InterfaceRef@UASLUnknown@ASL@@U12@@4@AEBV?$vector@V?$InterfaceRef@UIRenderableAudioComponentParam@AR@@U12@@ASL@@V?$STLAllocator@V?$InterfaceRef@UIRenderableAudioComponentParam@AR@@U12@@ASL@@@SmallBlockAllocator@utility@dvacore@@@std@@V?$InterfaceRef@UIAudioPanProcessor@AR@@U12@@4@PEAV?$InterfaceRef@UIAudioProcessor@AR@@U12@@4@@Z
?CreateAudioSourceRenderer@AudioRendererFactory@AR@@YAHV?$InterfaceRef@UIAudioRenderContext@AR@@U12@@ASL@@AEBVFrameRate@dvamediatypes@@V?$InterfaceRef@UIBufferedAudioSource@AR@@U12@@4@W4AudioChannelType@MF@@HNV?$InterfaceRef@UASLUnknown@ASL@@U12@@4@PEAV?$InterfaceRef@UIAudioGenerator@AR@@U12@@4@@Z
?CreateAudioStreamRenderer@AudioRendererFactory@AR@@YAHV?$InterfaceRef@UIAudioRenderContext@AR@@U12@@ASL@@AEBVFrameRate@dvamediatypes@@V?$InterfaceRef@UIAudioSource@AR@@U12@@4@HNV?$InterfaceRef@UASLUnknown@ASL@@U12@@4@PEAV?$InterfaceRef@UIAudioGenerator@AR@@U12@@4@@Z
?CreateAudioTimeScaler@AudioTimeScalerFactory@AR@@UEAA?AV?$InterfaceRef@UIAudioTimeScaler@AR@@U12@@ASL@@W4RenderQuality@dvamediatypes@@@Z
?CreateAudioTrackGroupRenderer@AudioRendererFactory@AR@@YAHV?$InterfaceRef@UIAudioRenderContext@AR@@U12@@ASL@@AEBVFrameRate@dvamediatypes@@AEBV?$vector@V?$InterfaceRef@UIAudioGenerator@AR@@U12@@ASL@@V?$STLAllocator@V?$InterfaceRef@UIAudioGenerator@AR@@U12@@ASL@@@SmallBlockAllocator@utility@dvacore@@@std@@AEBV?$deque@V?$vector@UDelayDependency@AR@@V?$STLAllocator@UDelayDependency@AR@@@SmallBlockAllocator@utility@dvacore@@@std@@V?$STLAllocator@V?$vector@UDelayDependency@AR@@V?$STLAllocator@UDelayDependency@AR@@@SmallBlockAllocator@utility@dvacore@@@std@@@SmallBlockAllocator@utility@dvacore@@@8@AEBV?$vector@VTickTime@dvamediatypes@@V?$allocator@VTickTime@dvamediatypes@@@std@@@8@AEBV?$vector@UAudioChannelDescription@dvamediatypes@@V?$allocator@UAudioChannelDescription@dvamediatypes@@@std@@@8@V?$InterfaceRef@UASLUnknown@ASL@@U12@@4@PEAV?$InterfaceRef@UIAudioGenerator@AR@@U12@@4@@Z
?CreateAudioTrackGroupRendererViaCloning@AudioRendererFactory@AR@@YAHV?$InterfaceRef@UIAudioRenderContext@AR@@U12@@ASL@@AEBVFrameRate@dvamediatypes@@V?$InterfaceRef@UASLUnknown@ASL@@U12@@4@PEAV?$InterfaceRef@UIAudioGenerator@AR@@U12@@4@@Z
?CreateAudioTrackInletRenderer@AudioRendererFactory@AR@@YAHV?$InterfaceRef@UIAudioRenderContext@AR@@U12@@ASL@@AEBVFrameRate@dvamediatypes@@AEBV?$vector@V?$InterfaceRef@UASLUnknown@ASL@@U12@@ASL@@V?$STLAllocator@V?$InterfaceRef@UASLUnknown@ASL@@U12@@ASL@@@SmallBlockAllocator@utility@dvacore@@@std@@AEBV?$vector@UAudioChannelDescription@dvamediatypes@@V?$allocator@UAudioChannelDescription@dvamediatypes@@@std@@@8@PEAV?$InterfaceRef@UIAudioGenerator@AR@@U12@@4@@Z
?CreateAudioTransitionRenderer@AudioRendererFactory@AR@@YAHV?$InterfaceRef@UIAudioRenderContext@AR@@U12@@ASL@@AEBVFrameRate@dvamediatypes@@V?$InterfaceRef@UIAudioTransition@AR@@U12@@4@V?$InterfaceRef@UIAudioGenerator@AR@@U12@@4@3AEBVTickTime@6@444PEAV84@@Z
?CreateAudioWaveformBuffer@AudioWaveformQueue@AR@@YA?AV?$InterfaceRef@UIAudioWaveformBuffer@AR@@U12@@ASL@@XZ
?CreateAudioWaveformRequest@AudioWaveformRequest@AR@@SA?AV?$InterfaceRef@VAudioWaveformRequest@AR@@UIThreadedQueueRequest@ASL@@@ASL@@V?$InterfaceRef@UIAudioWaveformGenerator@AR@@U12@@4@AEBVTickTime@dvamediatypes@@1_KV?$InterfaceRef@UIAudioWaveformBuffer@AR@@U12@@4@V?$InterfaceRef@UIAudioWaveformWaitableGateHolder@AR@@U12@@4@@Z
?CreateDefaultMultiChannelAudioPanProcessorRenderer@AudioRendererFactory@AR@@YAHV?$InterfaceRef@UIAudioRenderContext@AR@@U12@@ASL@@AEBVFrameRate@dvamediatypes@@AEBV?$map@_KV?$set@_KU?$less@_K@std@@@SmallBlockAllocator@utility@dvacore@@U?$less@_K@std@@@SmallBlockAllocator@utility@dvacore@@_NAEBV?$vector@V?$InterfaceRef@UIRenderableAudioComponentParam@AR@@U12@@ASL@@V?$STLAllocator@V?$InterfaceRef@UIRenderableAudioComponentParam@AR@@U12@@ASL@@@SmallBlockAllocator@utility@dvacore@@@std@@AEBV?$vector@UAudioChannelDescription@dvamediatypes@@V?$allocator@UAudioChannelDescription@dvamediatypes@@@std@@@std@@5PEAV?$InterfaceRef@UIAudioPanProcessor@AR@@U12@@4@@Z
?CreateDirectAudioPanProcessorRenderer@AudioRendererFactory@AR@@YAHV?$InterfaceRef@UIAudioRenderContext@AR@@U12@@ASL@@AEBVFrameRate@dvamediatypes@@W4PanProcessorType@2@HAEBV?$map@_KV?$set@_KU?$less@_K@std@@@SmallBlockAllocator@utility@dvacore@@U?$less@_K@std@@@SmallBlockAllocator@utility@dvacore@@_NAEBV?$vector@V?$InterfaceRef@UIRenderableAudioComponentParam@AR@@U12@@ASL@@V?$STLAllocator@V?$InterfaceRef@UIRenderableAudioComponentParam@AR@@U12@@ASL@@@SmallBlockAllocator@utility@dvacore@@@std@@PEAV?$InterfaceRef@UIAudioPanProcessor@AR@@U12@@4@@Z
?CreateNoneAudioPanProcessorRenderer@AudioRendererFactory@AR@@YAHV?$InterfaceRef@UIAudioRenderContext@AR@@U12@@ASL@@AEBV?$vector@UAudioChannelDescription@dvamediatypes@@V?$allocator@UAudioChannelDescription@dvamediatypes@@@std@@@std@@PEAV?$InterfaceRef@UIAudioPanProcessor@AR@@U12@@4@@Z
?CreateRealtimeAudioClipTrackItemRenderer@AudioRendererFactory@AR@@YAHV?$InterfaceRef@UIAudioRenderContext@AR@@U12@@ASL@@AEBVFrameRate@dvamediatypes@@V?$InterfaceRef@UIAudioGenerator@AR@@U12@@4@AEBV?$vector@V?$InterfaceRef@UIAudioProcessor@AR@@U12@@ASL@@V?$STLAllocator@V?$InterfaceRef@UIAudioProcessor@AR@@U12@@ASL@@@SmallBlockAllocator@utility@dvacore@@@std@@V?$InterfaceRef@UIAudioPanProcessor@AR@@U12@@4@N1V?$InterfaceRef@UITimeTransform@MF@@U12@@4@AEBVTickTime@6@PEAV74@@Z
?CreateSilentAudioTrackRenderableItem@AR@@YA?AV?$InterfaceRef@UIAudioTrackRenderableItem@AR@@U12@@ASL@@AEBVTickTime@dvamediatypes@@0AEBVFrameRate@5@@Z
?CreateSilentRenderer@AudioRendererFactory@AR@@YAHAEBV?$vector@UAudioChannelDescription@dvamediatypes@@V?$allocator@UAudioChannelDescription@dvamediatypes@@@std@@@std@@PEAV?$InterfaceRef@UIAudioGenerator@AR@@U12@@ASL@@@Z
?CreateSpecializedResampler@AudioResamplerFactory@AR@@YA?AV?$InterfaceRef@UIAudioResamplerSpecialized@AR@@U12@@ASL@@AEBVFrameRate@dvamediatypes@@0I@Z
?CreateTimeAlteredAudioClipTrackItemRenderer@AudioRendererFactory@AR@@YAHV?$InterfaceRef@UIAudioRenderContext@AR@@U12@@ASL@@AEBVFrameRate@dvamediatypes@@V?$InterfaceRef@UIAudioGenerator@AR@@U12@@4@AEBV?$vector@V?$InterfaceRef@UIAudioProcessor@AR@@U12@@ASL@@V?$STLAllocator@V?$InterfaceRef@UIAudioProcessor@AR@@U12@@ASL@@@SmallBlockAllocator@utility@dvacore@@@std@@V?$InterfaceRef@UIAudioPanProcessor@AR@@U12@@4@N_N5V?$InterfaceRef@UITimeTransform@MF@@U12@@4@AEBVTickTime@6@7N77PEAV74@@Z
?CreateWaitableGateHolder@AudioWaveformWaitableGateHolder@AR@@SA?AV?$InterfaceRef@UIAudioWaveformWaitableGateHolder@AR@@U12@@ASL@@XZ
?EnumerateInputChannels@AR@@YA?AV?$Flags@K@utility@dvacore@@AEBV?$map@_KV?$set@_KU?$less@_K@std@@@SmallBlockAllocator@utility@dvacore@@U?$less@_K@std@@@SmallBlockAllocator@34@@Z
?EnumerateOutputChannels@AR@@YA?AV?$Flags@K@utility@dvacore@@AEBV?$map@_KV?$set@_KU?$less@_K@std@@@SmallBlockAllocator@utility@dvacore@@U?$less@_K@std@@@SmallBlockAllocator@34@@Z
?GetAlignment@AudioBuffer@AR@@QEBAHXZ
?GetAllocatedSize@AudioBuffer@AR@@QEBAIXZ
?GetAudioTimeScalerFactory@AR@@YA?AV?$InterfaceRef@UIAudioTimeScalerFactory@AR@@U12@@ASL@@XZ
?GetBufferSize@AudioBuffer@AR@@QEBAIXZ
?GetDelay@AudioDelayBuffer@AR@@QEAAIXZ
?GetFloatBuffers@AudioBuffer@AR@@QEAAPEAPEAMXZ
?GetMaxNestableSequenceInstances@AR@@YAIXZ
?GetMixFunction@AudioChannelMix@AR@@YAP6AXAEBVAudioBuffer@2@AEAV32@@ZAEBV?$vector@UAudioChannelDescription@dvamediatypes@@V?$allocator@UAudioChannelDescription@dvamediatypes@@@std@@@std@@2@Z
?GetMixFunction@AudioChannelMix@AR@@YAP6AXAEBVAudioBuffer@2@AEAV32@@ZW4AudioChannelType@MF@@2@Z
?GetMixFunctionByChannels@AudioChannelMix@AR@@YAP6AXAEBVAudioBuffer@2@AEAV32@@ZIH@Z
?GetNumChannels@AudioBuffer@AR@@QEBAIXZ
?GetQueue@AudioWaveformQueue@AR@@YA?AV?$InterfaceRef@VThreadedWorkQueue@ASL@@UASLUnknown@2@@ASL@@XZ
?Init@AudioBuffer@AR@@QEAAXII@Z
?Init@AudioBufferShell@AR@@QEAAXI@Z
?Init@AudioDelayBuffer@AR@@QEAAXIII@Z
?Init@AudioSubBuffer@AR@@QEAAXI@Z
?Initialize@AR@@YAXXZ
?IsAborted@AudioWaveformQueue@AR@@YA_NXZ
?IsChannelZero@AudioBuffer@AR@@UEBA_NI@Z
?IsSIMDAligned@AudioBuffer@AR@@QEBA_NXZ
?IsSilentAudioTrackRenderableItem@AR@@YA_NAEBV?$InterfaceRef@UIAudioTrackRenderableItem@AR@@U12@@ASL@@@Z
?IsSpecializedResamplerAvailable@AudioResamplerFactory@AR@@YA_NAEBVFrameRate@dvamediatypes@@0@Z
?IsZero@AudioBuffer@AR@@UEBA_NXZ
?Mix@AudioBuffer@AR@@QEAAXAEBV12@@Z
?NoLongerZero@AudioBuffer@AR@@UEAAXXZ
?Pause@AudioWaveformQueue@AR@@YAX_N@Z
?PrefetchAudio@AudioPrefetch@AR@@YAXV?$InterfaceRef@UIAsyncAudioSource@AR@@U12@@ASL@@AEBVTickTime@dvamediatypes@@I_NV?$InterfaceRef@UIAudioPrefetchNotify@AR@@U12@@4@@Z
?Process@AudioWaveformRequest@AR@@UEAAXXZ
?Read@AudioDelayBuffer@AR@@QEAAXAEBVAudioBuffer@2@@Z
?Reset@AudioPrefetch@AR@@YAX_N@Z
?Reverse@AudioBuffer@AR@@QEAAXXZ
?Set51MixdownType@AudioChannelMix@AR@@YAXI@Z
?SetAudioTimeScalerFactory@AR@@YAXV?$InterfaceRef@UIAudioTimeScalerFactory@AR@@U12@@ASL@@@Z
?SetChannelNoLongerZero@AudioBuffer@AR@@UEAAXI@Z
?SetChannelZero@AudioBuffer@AR@@UEAAXI@Z
?SetChannelsNoLongerZero@AudioBuffer@AR@@UEAAXAEBV?$Flags@K@utility@dvacore@@@Z
?SetChannelsZero@AudioBuffer@AR@@UEAAXAEBV?$Flags@K@utility@dvacore@@@Z
?SetDelay@AudioDelayBuffer@AR@@QEAAXI@Z
?SetUseSize@AudioBuffer@AR@@QEAAXI@Z
?ShiftOffset@AudioSubBuffer@AR@@QEAAXI@Z
?Shutdown@AR@@YAXXZ
?Shutdown@AudioWaveformQueue@AR@@YAXXZ
?Write@AudioDelayBuffer@AR@@QEAAXAEAVAudioBuffer@2@@Z
?Zero@AudioBuffer@AR@@QEAAXXZ
?ZeroChannel@AudioBuffer@AR@@QEAAXI_K@Z

Sections

.text
Size: 535KB - Virtual size: 534KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 196KB - Virtual size: 196KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
lummastealer/Old-Setup/Data/Media/1.jpg
.jpg
lummastealer/Old-Setup/Data/Media/2.jpg
.jpg
lummastealer/Old-Setup/Data/Media/3.jpg
.jpg
lummastealer/Old-Setup/Data/Media/Intro2Matrix.pdf
.pdf
lummastealer/Old-Setup/Data/Media/NEWS.pdf
.pdf
lummastealer/Old-Setup/Data/Media/R-admin.pdf
.pdf
lummastealer/Old-Setup/Data/Media/R-data.pdf
.pdf
lummastealer/Old-Setup/Data/Media/R-exts.pdf
.pdf
lummastealer/Old-Setup/Data/Media/R-lang.pdf
.pdf
lummastealer/Old-Setup/Data/Media/Sweave.pdf
.pdf
lummastealer/Old-Setup/Data/Media/approximate.pdf
.pdf
lummastealer/Old-Setup/Data/Media/compete.pdf
.pdf
lummastealer/Old-Setup/Data/Media/concordance.pdf
.pdf
lummastealer/Old-Setup/Data/Media/moveline.pdf
.pdf
lummastealer/Old-Setup/Data/Media/population.pdf
.pdf
lummastealer/Old-Setup/Data/Media/sparseModels.pdf
.pdf
lummastealer/Old-Setup/Data/Media/timedep.pdf
.pdf
lummastealer/Old-Setup/Data/Microsoft.VisualStudio.CMake.CMakeSettings.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

33:00:00:03:4e:b5:3c:7a:c1:84:6f:eb:2b:00:00:00:00:03:4e
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16-03-2023 18:43

Not After

14-03-2024 18:43

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

c8:69:84:e6:d2:5a:11:d9:13:94:32:2b:8e:dd:9d:99:7e:12:26:99:b9:c4:b6:ec:f0:63:59:5f:87:9e:ff:f2
Signer

Actual PE Digest

c8:69:84:e6:d2:5a:11:d9:13:94:32:2b:8e:dd:9d:99:7e:12:26:99:b9:c4:b6:ec:f0:63:59:5f:87:9e:ff:f2

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\dbs\sh\ddvsm\1001_131954\cmd\25\out\Intermediate\vc\ms.vs.cmake.cmakesettings_x86retail_653B1D9B\Release\netstandard2.0\Microsoft.VisualStudio.CMake.CMakeSettings.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 246KB - Virtual size: 246KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
lummastealer/Old-Setup/Data/Microsoft.VisualStudio.LanguageServices.TypeScript.resources.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

33:00:00:03:4e:b5:3c:7a:c1:84:6f:eb:2b:00:00:00:00:03:4e
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16-03-2023 18:43

Not After

14-03-2024 18:43

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

4f:61:1d:77:15:e7:1e:51:7e:ea:d0:a0:6f:83:7c:49:70:88:bf:f1:aa:27:e2:e7:d4:65:40:34:bf:3c:55:54
Signer

Actual PE Digest

4f:61:1d:77:15:e7:1e:51:7e:ea:d0:a0:6f:83:7c:49:70:88:bf:f1:aa:27:e2:e7:d4:65:40:34:bf:3c:55:54

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 260KB - Virtual size: 259KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
lummastealer/Old-Setup/Data/Microsoft.VisualStudio.Office365.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

33:00:00:02:cd:f3:64:bf:f8:d4:4c:5d:51:00:00:00:00:02:cd
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

12-05-2022 20:46

Not After

11-05-2023 20:46

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

97:32:33:12:86:16:07:03:9e:1f:27:f0:ea:4b:c1:2d:dc:3d:57:8e:41:ed:6e:65:da:94:ba:1b:2c:56:65:e9
Signer

Actual PE Digest

97:32:33:12:86:16:07:03:9e:1f:27:f0:ea:4b:c1:2d:dc:3d:57:8e:41:ed:6e:65:da:94:ba:1b:2c:56:65:e9

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\a\_work\1\s\obj\Release\Microsoft.VisualStudio.Office365\Microsoft.VisualStudio.Office365.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 447KB - Virtual size: 446KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
lummastealer/Old-Setup/Data/Microsoft.VisualStudio.Progression.Common.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

33:00:00:03:4d:4e:91:a6:1a:28:b0:78:8f:00:00:00:00:03:4d
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16-03-2023 18:43

Not After

14-03-2024 18:43

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:08:16:4f:db:b6:ed:e6:24:db:0c:d5:5c:ef:85:99:5e:44:84:a4:ea:ac:3b:97:13:3b:9c:82:71:cb:06:b1
Signer

Actual PE Digest

90:08:16:4f:db:b6:ed:e6:24:db:0c:d5:5c:ef:85:99:5e:44:84:a4:ea:ac:3b:97:13:3b:9c:82:71:cb:06:b1

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\dbs\sh\ddvsm\0706_100817\cmd\1i\out\Intermediate\progression\common.csproj_4123FD97\objr\x86\Microsoft.VisualStudio.Progression.Common.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 220KB - Virtual size: 220KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
lummastealer/Old-Setup/Data/Microsoft.Xbox.Tools.CPUProfilers.Shared.dll
.dll windows:4 windows x64 arch:x64

Code Sign

33:00:00:03:4d:4e:91:a6:1a:28:b0:78:8f:00:00:00:00:03:4d
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16-03-2023 18:43

Not After

14-03-2024 18:43

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:03:9c:5d:99:cd:ee:d3:0d:e1:df:00:00:00:00:03:9c
Certificate

Issuer

CN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07-06-2022 17:46

Not After

01-06-2023 17:46

Subject

CN=Windows Developer Tools Component,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:07:76:56:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19-10-2011 18:41

Not After

19-10-2026 18:51

Subject

CN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

3a:e6:a4:8f:37:e4:19:59:ed:32:f9:af:e7:c2:18:42:ea:9d:6d:03:13:7a:df:a2:b8:24:74:8d:4e:cd:60:eb
Signer

Actual PE Digest

3a:e6:a4:8f:37:e4:19:59:ed:32:f9:af:e7:c2:18:42:ea:9d:6d:03:13:7a:df:a2:b8:24:74:8d:4e:cd:60:eb

Digest Algorithm

sha256

PE Digest Matches

true

3a:e6:a4:8f:37:e4:19:59:ed:32:f9:af:e7:c2:18:42:ea:9d:6d:03:13:7a:df:a2:b8:24:74:8d:4e:cd:60:eb
Signer

Actual PE Digest

3a:e6:a4:8f:37:e4:19:59:ed:32:f9:af:e7:c2:18:42:ea:9d:6d:03:13:7a:df:a2:b8:24:74:8d:4e:cd:60:eb

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\a\_work\1\i\obj\microsoft.xbox.tools.profilers.shared.csproj_c28d249752\Release\x64\Microsoft.Xbox.Tools.CPUProfilers.Shared.pdb

Sections

.text
Size: 165KB - Virtual size: 165KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
lummastealer/Old-Setup/Data/NuGet.PackageManagement.VisualStudio.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

33:00:00:03:4e:b5:3c:7a:c1:84:6f:eb:2b:00:00:00:00:03:4e
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16-03-2023 18:43

Not After

14-03-2024 18:43

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

36:a9:9c:36:46:98:b2:5f:56:40:43:c3:41:32:8c:9d:cd:de:2c:3c:38:5e:7d:2e:79:c8:37:5e:17:72:e0:69
Signer

Actual PE Digest

36:a9:9c:36:46:98:b2:5f:56:40:43:c3:41:32:8c:9d:cd:de:2c:3c:38:5e:7d:2e:79:c8:37:5e:17:72:e0:69

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\a\_work\1\s\artifacts\NuGet.PackageManagement.VisualStudio\obj\release\net472\NuGet.PackageManagement.VisualStudio.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 742KB - Virtual size: 742KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
lummastealer/Old-Setup/Data/TfFontMgr.dll
.dll windows:6 windows x64 arch:x64

92291341a6dfc4d16e0047468fbf2683

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

6c:59:ef:a9:e1:00:e1:0e:e3:06:ba:8f:e0:29:25:59
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

07-06-2012 00:00

Not After

06-06-2022 23:59

Subject

CN=Symantec Class 3 Extended Validation Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

35:a8:4f:a5:03:f8:9b:49:83:96:bb:48:91:68:a5:80
Certificate

Issuer

CN=Symantec Class 3 Extended Validation Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

14-01-2014 00:00

Not After

07-01-2016 23:59

Subject

SERIALNUMBER=2748129,CN=Adobe Systems Incorporated,OU=Photoshop\, Bridge - SHA256,O=Adobe Systems Incorporated,L=San Jose,ST=California,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1a:54:ab:07:20:f3:37:c0:45:6d:f3:5c:70:b4:cf:76:df:29:3f:eb
Signer

Actual PE Digest

1a:54:ab:07:20:f3:37:c0:45:6d:f3:5c:70:b4:cf:76:df:29:3f:eb

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

F:\dev2\main\shared\agf\psinitial\formats\prcsdk\build\3d\common\a3d\dev\ttf\bin\x64\Release\TfFontMgr.pdb

Imports

kernel32

WideCharToMultiByte
DeleteCriticalSection
InitializeCriticalSectionEx
GetLastError
MultiByteToWideChar
OutputDebugStringW
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
IsDebuggerPresent
EncodePointer
GetCPInfo
lstrcpyW
lstrcpyA
GetModuleFileNameW
LoadLibraryExW
GetProcAddress
FindNextFileW
FindFirstFileW
FindClose
DecodePointer

user32

GetDC
wsprintfW

tfkgeom

ord1583
ord1555

msvcp120

?_Xbad_alloc@std@@YAXXZ
?_Xout_of_range@std@@YAXPEBD@Z
?_Syserror_map@std@@YAPEBDH@Z
?_Winerror_map@std@@YAPEBDH@Z
?_Orphan_all@_Container_base0@std@@QEAAXXZ
?_Xlength_error@std@@YAXPEBD@Z

msvcr120

wcsstr
memset
_purecall
memmove
wcscat_s
wcsncpy
??0exception@std@@QEAA@XZ
??0exception@std@@QEAA@AEBV01@@Z
??1exception@std@@UEAA@XZ
_waccess
__C_specific_handler
wcsrchr
wcscpy_s
??0exception@std@@QEAA@AEBQEBDH@Z
?what@exception@std@@UEBAPEBDXZ
__iob_func
fprintf
sqrt
rand
srand
_time64
ceil
log10
log10f
?terminate@@YAXXZ
_lock
_vswprintf
_calloc_crt
__dllonexit
_onexit
__crt_debugger_hook
__crtUnhandledException
__crtTerminateProcess
__crtCaptureCurrentContext
__crtCapturePreviousContext
__CppXcptFilter
_amsg_exit
_malloc_crt
_initterm
_initterm_e
?_type_info_dtor_internal_method@type_info@@QEAAXXZ
__clean_type_info_names_internal
qsort
feof
fclose
atof
wcschr
_wtoi
_wfopen
fgetws
memcpy
free
__CxxFrameHandler3
_CxxThrowException
??_V@YAXPEAX@Z
??3@YAXPEAX@Z
??2@YAPEAX_K@Z
towlower
towupper
iswspace
_unlock
malloc
_wcsicmp

gdi32

DeleteObject
SelectObject
GetTextMetricsW
GetOutlineTextMetricsW
CreateFontIndirectW
AddFontResourceExW

Exports

Exports

??0TfFontBox@@QEAA@XZ
??0TfFontKey@@QEAA@AEBV0@@Z
??0TfFontKey@@QEAA@HHH@Z
??0TfFontKey@@QEAA@XZ
??4TfFontBox@@QEAAAEAV0@AEBV0@@Z
??4TfFontKey@@QEAAAEAV0@AEBV0@@Z
?AddAttributes@TfFontKey@@QEAAXW4EFontAttributes@@@Z
?FontFamilyIndex@TfFontKey@@QEBAHXZ
?FontFilePath@TfFontKey@@QEBAAEBVTfString@@XZ
?FontLibAddFont@@YAXAEBVTfString@@_N1@Z
?FontLibCreateFontMgr@@YAXAEBVTfFontMgrInitializationData@@@Z
?FontLibCreateTextByBmp@@YA_NAEBVTfFontKey@@AEBVTfString@@@Z
?FontLibCreateTextByVector@@YAMAEBVTfFontKey@@AEBVTfString@@PEA_N@Z
?FontLibDeleteFontMgr@@YAXXZ
?FontLibDrawTextByBmp@@YAMAEBVTfFontKey@@AEBVTfString@@@Z
?FontLibDrawTextByVector@@YAMAEBVTfFontKey@@AEBVTfString@@PEAUct_Mesh@@PEAVTfFontBox@@@Z
?FontLibDrawTextByVectorContour@@YAMAEBVTfFontKey@@AEBVTfString@@@Z
?FontLibEstimateLength@@YAM_NAEBVTfString@@1W4EFontType@@AEAM3333AEA_NAEAW4EPRCCharSet@@4@Z
?FontLibExistFontName@@YA_NAEBVTfString@@@Z
?FontLibFindFontKey@@YA_NAEBVTfString@@GAEAVTfFontKey@@_N222@Z
?FontLibFindFontKey@@YA_NAEBVTfString@@GDAEAVTfFontKey@@W4EPRCCharSet@@@Z
?FontLibFindFontKey@@YA_NHGAEAVTfFontKey@@_N111@Z
?FontLibFontMgrExist@@YA_NPEAH@Z
?FontLibGetDefaultFontName@@YAAEBVTfString@@XZ
?FontLibGetFontName@@YAXHAEAVTfString@@@Z
?FontLibGetFontNameForRTF@@YAXAEAVTfString@@@Z
?FontLibGetFontNameWithPrefix@@YAXAEAVTfString@@PEA_N@Z
?FontLibGetResolution@@YAHXZ
?FontLibGetSymbolFontKey@@YAXAEAVTfFontKey@@@Z
?FontLibGetSymbolFontName@@YAXAEAVTfString@@@Z
?FontLibGetTextBox@@YAXAEBVTfFontKey@@AEBVTfString@@AEAM2_N@Z
?FontLibGetTypeFontFromName@@YA?AW4EFontType@@AEAVTfString@@@Z
?FontLibInitFctSystem@@YA_NP6A?AW4EFontStatus@@AEAV?$TfSArray@VTfString@@@@@Z@Z
?FontLibIsCoolType@@YA_NXZ
?FontLibLoadAllFont@@YAXAEBV?$TfSArray@VTfString@@@@H@Z
?FontLibLoadCatiaFont@@YAXAEBV?$TfSArray@VTfString@@@@@Z
?FontLibLoadUGFont@@YAXAEBV?$TfSArray@VTfString@@@@@Z
?FontLibRemoveAllFonts@@YAXXZ
?FontLibRetrieveFontFamilies@@YAXHAEAV?$TfSArray@VTfString@@@@@Z
?FontLibSetDefaultFontName@@YAXAEBVTfString@@@Z
?FontLibSetResolution@@YAXH@Z
?FontLibSetSymbolFontName@@YAXAEBVTfString@@@Z
?FontSizeIndex@TfFontKey@@QEBAHXZ
?FontStyleIndex@TfFontKey@@QEBAHXZ
?GetAttributes@TfFontKey@@QEBADXZ
?GetBitmapFont@TfFontKey@@QEBA?AV?$C_ptr@VTfFont@@@@XZ
?GetCharSet@TfFontKey@@QEBA?AW4EPRCCharSet@@XZ
?GetFontAdvance@TfFontKey@@QEBAMAEBVTfString@@_N@Z
?GetFontAscent@TfFontKey@@QEBAM_N@Z
?GetFontContours@TfFontKey@@QEBA_NAEB_WAEAV?$TfSArray@VTfContour@@@@_N@Z
?GetFontDescent@TfFontKey@@QEBAM_N@Z
?GetFontFamilyInfo@TfFontKey@@QEBA_NHAEAVTfString@@@Z
?GetFontFamilyName@TfFontKey@@QEBAAEBVTfString@@XZ
?GetFontScale@TfFontKey@@QEBAMXZ
?GetFontScalePixel@TfFontKey@@QEBAMXZ
?GetFontSize@TfFontKey@@QEBAGXZ
?GetInternalFontInfo@TfFontKey@@QEBAMW4EFontInfo@@@Z
?GetTextBox@TfFontKey@@QEBAXAEBVTfString@@AEAM1_N@Z
?GetTextBox@TfFontKey@@QEBAXAEBVTfString@@AEAVTfFontBox@@_N@Z
?GetType@TfFontKey@@QEBA?AW4EFontType@@XZ
?GetVectorFont@TfFontKey@@QEBA?AV?$C_ptr@VTfFont@@@@XZ
?HasSymbol@TfFontKey@@QEBA_NXZ
?HasValidFamily@TfFontKey@@QEBA_NXZ
?HasValidStyle@TfFontKey@@QEBA_NXZ
?IsBold@TfFontKey@@QEBA_NXZ
?IsFixedWidth@TfFontKey@@QEBA_NXZ
?IsInternal@TfFontKey@@QEBA_NXZ
?IsItalic@TfFontKey@@QEBA_NXZ
?IsNull@TfFontKey@@QEAA_NXZ
?IsOverlined@TfFontKey@@QEBA_NXZ
?IsSoftware@TfFontKey@@QEBA_NXZ
?IsStretch@TfFontKey@@QEBA_NXZ
?IsStrikeOut@TfFontKey@@QEBA_NXZ
?IsTTFSymbols@TfFontKey@@QEBA_NXZ
?IsUnderlined@TfFontKey@@QEBA_NXZ
?IsValid@TfFontKey@@QEBA_NXZ
?IsWired@TfFontKey@@QEBA_NXZ
?LoadInternal@TfFontKey@@QEAA_NXZ
?ReSet@TfFontKey@@QEAAXXZ
?Set@TfFontKey@@QEAAXHHH@Z
?SetAttributes@TfFontKey@@QEAAXD@Z
?SetCharSet@TfFontKey@@QEAAXW4EPRCCharSet@@@Z
?SetFamily@TfFontKey@@QEAAXH@Z
?SetFontScale@TfFontKey@@QEBAXM@Z
?SetInternalBold@TfFontKey@@QEAAX_N@Z
?SetInternalItalic@TfFontKey@@QEAAX_N@Z
?SetOverlined@TfFontKey@@QEAAX_N@Z
?SetSize@TfFontKey@@QEAAXH@Z
?SetStrikeOut@TfFontKey@@QEAAX_N@Z
?SetStyle@TfFontKey@@QEAAXH@Z
?SetStyleSoftware@TfFontKey@@QEAAXAEA_N0_N@Z
?SetUnderlined@TfFontKey@@QEAAX_N@Z

Sections

.text
Size: 144KB - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 6.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 416B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
lummastealer/Old-Setup/Data/UIAutomationTypes.dll
.dll windows:4 windows x64 arch:x64

Code Sign

33:00:00:03:04:c1:03:19:7e:c6:05:e4:04:00:00:00:00:03:04
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04-08-2022 20:23

Not After

03-08-2023 20:23

Subject

CN=.NET,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

52:9c:ae:93:43:bf:ad:b8:0f:1a:84:0f:06:be:ff:c7:7b:aa:9d:32:95:1a:34:45:f3:5a:a2:f4:f0:ce:9b:45
Signer

Actual PE Digest

52:9c:ae:93:43:bf:ad:b8:0f:1a:84:0f:06:be:ff:c7:7b:aa:9d:32:95:1a:34:45:f3:5a:a2:f4:f0:ce:9b:45

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

UIAutomationTypes.ni.pdb
/_/artifacts/obj/UIAutomationTypes/x64/Release/net7.0/UIAutomationTypes.pdb

Sections

.text
Size: 272KB - Virtual size: 271KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 524B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
lummastealer/Old-Setup/Data/msys-asn1-8.dll
.dll windows:4 windows x64 arch:x64

d87fe0ed53faa8fd6da5da3965be4d94

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

PDB Paths

Imports

msys-com_err-1

init_error_table
initialize_error_table_r

msys-roken-18

rk_hex_decode
rk_hex_encode
rk_strpoolcollect
rk_strpoolprintf

msys-2.0

__cxa_atexit
_impure_ptr
abort
asprintf
calloc
cygwin_internal
dll_dllcrt0
free
malloc
memchr
memcmp
memcpy
memmove
memset
msys_detach_dll
posix_memalign
printf
qsort
realloc
snprintf
sscanf
strcasecmp
strdup
strlen
strtok_r
strtol

kernel32

GetModuleHandleA

Exports

Exports

APOptions2int
DigestTypes2int
DistributionPointReasonFlags2int
FastOptions2int
KDCFastFlags2int
KDCOptions2int
KeyUsage2int
SAMFlags2int
TicketFlags2int
__gcc_deregister_frame
__gcc_register_frame
_asn1_bmember_isset_bit
_asn1_bmember_put_bit
_asn1_copy
_asn1_copy_top
_asn1_decode
_asn1_decode_top
_asn1_encode
_asn1_free
_asn1_free_top
_asn1_length
_asn1_sizeofType
_der_gmtime
_der_timegm
_heim_der_set_sort
_heim_fix_dce
_heim_len_int
_heim_len_int64
_heim_len_unsigned
_heim_len_unsigned64
_heim_time2generalizedtime
add_AuthorizationData
add_CRLDistributionPoints
add_DigestAlgorithmIdentifiers
add_ETYPE_INFO
add_ETYPE_INFO2
add_Extensions
add_GeneralNames
add_METHOD_DATA
add_Principals
asn1_APOptions_units
asn1_DigestTypes_units
asn1_DistributionPointReasonFlags_units
asn1_FastOptions_units
asn1_KDCFastFlags_units
asn1_KDCOptions_units
asn1_KeyUsage_units
asn1_SAMFlags_units
asn1_TicketFlags_units
asn1_fuzzer_done
asn1_fuzzer_method
asn1_fuzzer_next
asn1_fuzzer_reset
asn1_oid_id_Userid
asn1_oid_id_aes_128_cbc
asn1_oid_id_aes_192_cbc
asn1_oid_id_aes_256_cbc
asn1_oid_id_apple_system_id
asn1_oid_id_at_commonName
asn1_oid_id_at_countryName
asn1_oid_id_at_description
asn1_oid_id_at_generationQualifier
asn1_oid_id_at_givenName
asn1_oid_id_at_initials
asn1_oid_id_at_localityName
asn1_oid_id_at_name
asn1_oid_id_at_organizationName
asn1_oid_id_at_organizationalUnitName
asn1_oid_id_at_pseudonym
asn1_oid_id_at_serialNumber
asn1_oid_id_at_stateOrProvinceName
asn1_oid_id_at_streetAddress
asn1_oid_id_at_surname
asn1_oid_id_at_title
asn1_oid_id_dhpublicnumber
asn1_oid_id_domainComponent
asn1_oid_id_dsa
asn1_oid_id_dsa_with_sha1
asn1_oid_id_ecDH
asn1_oid_id_ecMQV
asn1_oid_id_ecPublicKey
asn1_oid_id_ec_group_secp160r1
asn1_oid_id_ec_group_secp160r2
asn1_oid_id_ec_group_secp224r1
asn1_oid_id_ec_group_secp256r1
asn1_oid_id_ec_group_secp384r1
asn1_oid_id_ec_group_secp521r1
asn1_oid_id_ecdsa_with_SHA1
asn1_oid_id_ecdsa_with_SHA224
asn1_oid_id_ecdsa_with_SHA256
asn1_oid_id_ecdsa_with_SHA384
asn1_oid_id_ecdsa_with_SHA512
asn1_oid_id_heim_rsa_pkcs1_x509
asn1_oid_id_ms_cert_enroll_domaincontroller
asn1_oid_id_ms_client_authentication
asn1_oid_id_netscape
asn1_oid_id_netscape_cert_comment
asn1_oid_id_nistAlgorithm
asn1_oid_id_nist_aes_algs
asn1_oid_id_nist_sha_algs
asn1_oid_id_pbeWithSHAAnd128BitRC2_CBC
asn1_oid_id_pbeWithSHAAnd128BitRC4
asn1_oid_id_pbeWithSHAAnd2_KeyTripleDES_CBC
asn1_oid_id_pbeWithSHAAnd3_KeyTripleDES_CBC
asn1_oid_id_pbeWithSHAAnd40BitRC4
asn1_oid_id_pbewithSHAAnd40BitRC2_CBC
asn1_oid_id_pkauthdata
asn1_oid_id_pkcs12_bagtypes
asn1_oid_id_pkcs12_certBag
asn1_oid_id_pkcs12_crlBag
asn1_oid_id_pkcs12_keyBag
asn1_oid_id_pkcs12_pkcs8ShroudedKeyBag
asn1_oid_id_pkcs12_safeContentsBag
asn1_oid_id_pkcs12_secretBag
asn1_oid_id_pkcs1_md2WithRSAEncryption
asn1_oid_id_pkcs1_md5WithRSAEncryption
asn1_oid_id_pkcs1_rsaEncryption
asn1_oid_id_pkcs1_sha1WithRSAEncryption
asn1_oid_id_pkcs1_sha256WithRSAEncryption
asn1_oid_id_pkcs1_sha384WithRSAEncryption
asn1_oid_id_pkcs1_sha512WithRSAEncryption
asn1_oid_id_pkcs2_md2
asn1_oid_id_pkcs2_md4
asn1_oid_id_pkcs2_md5
asn1_oid_id_pkcs3_des_ede3_cbc
asn1_oid_id_pkcs3_rc2_cbc
asn1_oid_id_pkcs3_rc4
asn1_oid_id_pkcs7
asn1_oid_id_pkcs7_data
asn1_oid_id_pkcs7_digestedData
asn1_oid_id_pkcs7_encryptedData
asn1_oid_id_pkcs7_envelopedData
asn1_oid_id_pkcs7_signedAndEnvelopedData
asn1_oid_id_pkcs7_signedData
asn1_oid_id_pkcs9_contentType
asn1_oid_id_pkcs9_countersignature
asn1_oid_id_pkcs9_emailAddress
asn1_oid_id_pkcs9_messageDigest
asn1_oid_id_pkcs9_signingTime
asn1_oid_id_pkcs_1
asn1_oid_id_pkcs_12
asn1_oid_id_pkcs_12PbeIds
asn1_oid_id_pkcs_2
asn1_oid_id_pkcs_3
asn1_oid_id_pkcs_9
asn1_oid_id_pkcs_9_at_certTypes
asn1_oid_id_pkcs_9_at_certTypes_x509
asn1_oid_id_pkcs_9_at_friendlyName
asn1_oid_id_pkcs_9_at_localKeyId
asn1_oid_id_pkdhkeydata
asn1_oid_id_pkekuoid
asn1_oid_id_pkinit
asn1_oid_id_pkinit_kdf
asn1_oid_id_pkinit_kdf_ah_sha1
asn1_oid_id_pkinit_kdf_ah_sha256
asn1_oid_id_pkinit_kdf_ah_sha512
asn1_oid_id_pkinit_ms_eku
asn1_oid_id_pkinit_ms_san
asn1_oid_id_pkinit_san
asn1_oid_id_pkix
asn1_oid_id_pkix_kp
asn1_oid_id_pkix_kp_OCSPSigning
asn1_oid_id_pkix_kp_clientAuth
asn1_oid_id_pkix_kp_emailProtection
asn1_oid_id_pkix_kp_serverAuth
asn1_oid_id_pkix_kp_timeStamping
asn1_oid_id_pkix_on
asn1_oid_id_pkix_on_dnsSRV
asn1_oid_id_pkix_on_xmppAddr
asn1_oid_id_pkix_pe
asn1_oid_id_pkix_pe_authorityInfoAccess
asn1_oid_id_pkix_pe_proxyCertInfo
asn1_oid_id_pkix_ppl
asn1_oid_id_pkix_ppl_anyLanguage
asn1_oid_id_pkix_ppl_independent
asn1_oid_id_pkix_ppl_inheritAll
asn1_oid_id_pkkdcekuoid
asn1_oid_id_pkrkeydata
asn1_oid_id_rsa_digestAlgorithm
asn1_oid_id_rsa_digest_md2
asn1_oid_id_rsa_digest_md4
asn1_oid_id_rsa_digest_md5
asn1_oid_id_rsadsi_des_ede3_cbc
asn1_oid_id_rsadsi_encalg
asn1_oid_id_rsadsi_rc2_cbc
asn1_oid_id_secsig_sha_1
asn1_oid_id_secsig_sha_1WithRSAEncryption
asn1_oid_id_sha224
asn1_oid_id_sha256
asn1_oid_id_sha384
asn1_oid_id_sha512
asn1_oid_id_uspkicommon_card_id
asn1_oid_id_uspkicommon_piv_interim
asn1_oid_id_x509_ce
asn1_oid_id_x509_ce_authorityKeyIdentifier
asn1_oid_id_x509_ce_basicConstraints
asn1_oid_id_x509_ce_cRLDistributionPoints
asn1_oid_id_x509_ce_cRLNumber
asn1_oid_id_x509_ce_cRLReason
asn1_oid_id_x509_ce_certificateIssuer
asn1_oid_id_x509_ce_certificatePolicies
asn1_oid_id_x509_ce_deltaCRLIndicator
asn1_oid_id_x509_ce_extKeyUsage
asn1_oid_id_x509_ce_freshestCRL
asn1_oid_id_x509_ce_holdInstructionCode
asn1_oid_id_x509_ce_inhibitAnyPolicy
asn1_oid_id_x509_ce_invalidityDate
asn1_oid_id_x509_ce_issuerAltName
asn1_oid_id_x509_ce_issuingDistributionPoint
asn1_oid_id_x509_ce_keyUsage
asn1_oid_id_x509_ce_nameConstraints
asn1_oid_id_x509_ce_policyConstraints
asn1_oid_id_x509_ce_policyMappings
asn1_oid_id_x509_ce_privateKeyUsagePeriod
asn1_oid_id_x509_ce_subjectAltName
asn1_oid_id_x509_ce_subjectDirectoryAttributes
asn1_oid_id_x509_ce_subjectKeyIdentifier
asn1_oid_id_x520_at
asn1_oid_id_x9_57
asn1_template_prim
copy_AD_AND_OR
copy_AD_IF_RELEVANT
copy_AD_INITIAL_VERIFIED_CAS
copy_AD_KDCIssued
copy_AD_LoginAlias
copy_AD_MANDATORY_FOR_KDC
copy_APOptions
copy_AP_REP
copy_AP_REQ
copy_AS_REP
copy_AS_REQ
copy_AUTHDATA_TYPE
copy_AccessDescription
copy_AlgorithmIdentifier
copy_Attribute
copy_AttributeType
copy_AttributeTypeAndValue
copy_AttributeValue
copy_AuthPack
copy_AuthPack_Win2k
copy_Authenticator
copy_AuthorityInfoAccessSyntax
copy_AuthorityKeyIdentifier
copy_AuthorizationData
copy_AuthorizationDataElement
copy_BaseDistance
copy_BasicConstraints
copy_CKSUMTYPE
copy_CMSAttributes
copy_CMSCBCParameter
copy_CMSEncryptedData
copy_CMSIdentifier
copy_CMSRC2CBCParameter
copy_CMSVersion
copy_CRLCertificateList
copy_CRLDistributionPoints
copy_CRLReason
copy_Certificate
copy_CertificateList
copy_CertificateRevocationLists
copy_CertificateSerialNumber
copy_CertificateSet
copy_Certificates
copy_ChangePasswdDataMS
copy_Checksum
copy_ContentEncryptionAlgorithmIdentifier
copy_ContentInfo
copy_ContentType
copy_DHNonce
copy_DHParameter
copy_DHPublicKey
copy_DHRepInfo
copy_DSAParams
copy_DSAPublicKey
copy_DSASigValue
copy_DigestAlgorithmIdentifier
copy_DigestAlgorithmIdentifiers
copy_DigestError
copy_DigestInfo
copy_DigestInit
copy_DigestInitReply
copy_DigestREP
copy_DigestREQ
copy_DigestRepInner
copy_DigestReqInner
copy_DigestRequest
copy_DigestResponse
copy_DigestTypes
copy_DirectoryString
copy_DistributionPoint
copy_DistributionPointName
copy_DistributionPointReasonFlags
copy_DomainParameters
copy_ECDSA_Sig_Value
copy_ECParameters
copy_ECPoint
copy_ENCTYPE
copy_ETYPE_INFO
copy_ETYPE_INFO2
copy_ETYPE_INFO2_ENTRY
copy_ETYPE_INFO_ENTRY
copy_EncAPRepPart
copy_EncASRepPart
copy_EncKDCRepPart
copy_EncKrbCredPart
copy_EncKrbPrivPart
copy_EncTGSRepPart
copy_EncTicketPart
copy_EncapsulatedContentInfo
copy_EncryptedContent
copy_EncryptedContentInfo
copy_EncryptedData
copy_EncryptedKey
copy_EncryptionKey
copy_EnvelopedData
copy_EtypeList
copy_ExtKeyUsage
copy_Extension
copy_Extensions
copy_ExternalPrincipalIdentifier
copy_ExternalPrincipalIdentifiers
copy_FastOptions
copy_GeneralName
copy_GeneralNames
copy_GeneralSubtree
copy_GeneralSubtrees
copy_HostAddress
copy_HostAddresses
copy_IssuerAndSerialNumber
copy_KDCDHKeyInfo
copy_KDCDHKeyInfo_Win2k
copy_KDCFastCookie
copy_KDCFastFlags
copy_KDCFastState
copy_KDCOptions
copy_KDC_PROXY_MESSAGE
copy_KDC_REP
copy_KDC_REQ
copy_KDC_REQ_BODY
copy_KDFAlgorithmId
copy_KERB_ARMOR_SERVICE_REPLY
copy_KERB_CRED
copy_KERB_TGS_REP_IN
copy_KERB_TGS_REP_OUT
copy_KERB_TGS_REQ_IN
copy_KERB_TGS_REQ_OUT
copy_KERB_TIMES
copy_KRB5PrincipalName
copy_KRB5SignedPath
copy_KRB5SignedPathData
copy_KRB_CRED
copy_KRB_ERROR
copy_KRB_PRIV
copy_KRB_SAFE
copy_KRB_SAFE_BODY
copy_KX509_ERROR_CODE
copy_KerberosString
copy_KerberosTime
copy_KeyEncryptionAlgorithmIdentifier
copy_KeyIdentifier
copy_KeyTransRecipientInfo
copy_KeyUsage
copy_KrbCredInfo
copy_KrbFastArmor
copy_KrbFastArmoredRep
copy_KrbFastArmoredReq
copy_KrbFastFinished
copy_KrbFastReq
copy_KrbFastResponse
copy_Kx509Request
copy_Kx509Response
copy_LR_TYPE
copy_LastReq
copy_MESSAGE_TYPE
copy_METHOD_DATA
copy_MS_UPN_SAN
copy_MessageDigest
copy_NAME_TYPE
copy_NTLMInit
copy_NTLMInitReply
copy_NTLMReply
copy_NTLMRequest
copy_NTLMRequest2
copy_NTLMResponse
copy_Name
copy_NameConstraints
copy_OriginatorInfo
copy_OtherName
copy_PADATA_TYPE
copy_PA_DATA
copy_PA_ENC_SAM_RESPONSE_ENC
copy_PA_ENC_TS_ENC
copy_PA_FX_FAST_REPLY
copy_PA_FX_FAST_REQUEST
copy_PA_PAC_REQUEST
copy_PA_PK_AS_REP
copy_PA_PK_AS_REP_BTMM
copy_PA_PK_AS_REP_Win2k
copy_PA_PK_AS_REQ
copy_PA_PK_AS_REQ_Win2k
copy_PA_S4U2Self
copy_PA_SAM_CHALLENGE_2
copy_PA_SAM_CHALLENGE_2_BODY
copy_PA_SAM_REDIRECT
copy_PA_SAM_RESPONSE_2
copy_PA_SAM_TYPE
copy_PA_SERVER_REFERRAL_DATA
copy_PA_ServerReferralData
copy_PA_SvrReferralData
copy_PKAuthenticator
copy_PKAuthenticator_Win2k
copy_PKCS12_Attribute
copy_PKCS12_Attributes
copy_PKCS12_AuthenticatedSafe
copy_PKCS12_CertBag
copy_PKCS12_MacData
copy_PKCS12_OctetString
copy_PKCS12_PBEParams
copy_PKCS12_PFX
copy_PKCS12_SafeBag
copy_PKCS12_SafeContents
copy_PKCS8Attributes
copy_PKCS8EncryptedData
copy_PKCS8EncryptedPrivateKeyInfo
copy_PKCS8PrivateKey
copy_PKCS8PrivateKeyAlgorithmIdentifier
copy_PKCS8PrivateKeyInfo
copy_PKCS9_BMPString
copy_PKCS9_friendlyName
copy_PKIXXmppAddr
copy_PROV_SRV_LOCATION
copy_PkinitSP80056AOtherInfo
copy_PkinitSuppPubInfo
copy_Principal
copy_PrincipalName
copy_Principals
copy_ProxyCertInfo
copy_ProxyPolicy
copy_RDNSequence
copy_RSAPrivateKey
copy_RSAPublicKey
copy_Realm
copy_RecipientIdentifier
copy_RecipientInfo
copy_RecipientInfos
copy_RelativeDistinguishedName
copy_ReplyKeyPack
copy_ReplyKeyPack_Win2k
copy_SAMFlags
copy_SignatureAlgorithmIdentifier
copy_SignatureValue
copy_SignedData
copy_SignerIdentifier
copy_SignerInfo
copy_SignerInfos
copy_SubjectKeyIdentifier
copy_SubjectPublicKeyInfo
copy_TBSCRLCertList
copy_TBSCertificate
copy_TD_DH_PARAMETERS
copy_TD_INVALID_CERTIFICATES
copy_TD_TRUSTED_CERTIFIERS
copy_TGS_REP
copy_TGS_REQ
copy_TYPED_DATA
copy_Ticket
copy_TicketFlags
copy_Time
copy_TransitedEncoding
copy_TrustedCA
copy_TrustedCA_Win2k
copy_TypedData
copy_UniqueIdentifier
copy_UnprotectedAttributes
copy_ValidationParms
copy_Validity
copy_Version
copy_heim_any
copy_heim_any_set
copy_krb5int32
copy_krb5uint32
decode_AD_AND_OR
decode_AD_IF_RELEVANT
decode_AD_INITIAL_VERIFIED_CAS
decode_AD_KDCIssued
decode_AD_LoginAlias
decode_AD_MANDATORY_FOR_KDC
decode_APOptions
decode_AP_REP
decode_AP_REQ
decode_AS_REP
decode_AS_REQ
decode_AUTHDATA_TYPE
decode_AccessDescription
decode_AlgorithmIdentifier
decode_Attribute
decode_AttributeType
decode_AttributeTypeAndValue
decode_AttributeValue
decode_AuthPack

Sections

.text
Size: 436KB - Virtual size: 436KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.buildid
Size: 512B - Virtual size: 53B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 464B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 824B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
lummastealer/Old-Setup/Data/wab32.dll
.dll windows:10 windows x64 arch:x64

2f5ac1d2b93fb3d9fb49c3c7a9a45a60

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

wab32.pdb

Imports

msvcrt

wcschr
_wfullpath
_purecall
_vsnprintf
swscanf_s
free
malloc
_callnewh
_XcptFilter
_amsg_exit
_wrename
rand
__C_specific_handler
_lock
memcmp
memcpy
memmove
_unlock
__dllonexit
_onexit
memset
_vsnwprintf
_initterm
wcstok_s
srand
strcmp

cryptdlg

CertViewPropertiesA

msoert2

ord44
HrCopyStream
OpenFileStreamShareW
HrStreamToByte
OpenFileStreamW

shlwapi

PathRenameExtensionW
SHRegEnumUSKeyW
SHRegCloseUSKey
SHRegEnumUSValueW
SHRegQueryInfoUSKeyW
ord214
SHRegQueryUSValueW
ord487
StrChrW
SHRegCreateUSKeyW
StrCSpnW
ord199
PathAppendW
SHRegGetUSValueW
SHRegSetUSValueW
ord153
PathGetDriveNumberW
PathIsNetworkPathW
PathCanonicalizeW
PathRemoveBackslashW
PathRemoveFileSpecW
StrStrIW
PathAddBackslashW
PathFindExtensionW
ord12
StrCmpW
StrCmpIW
ord219
PathFindFileNameW
StrCmpNIW
SHRegWriteUSValueW
PathFileExistsW
StrToIntA
SHStrDupW
UrlIsW
UrlGetPartW
ord158
PathAddExtensionW
StrCmpNIA
StrStrW
SHRegGetValueW
PathRemoveBlanksW
PathCreateFromUrlW
PathIsDirectoryW
UrlCanonicalizeW
ord154
ord16
PathCombineW
ord213
SHRegOpenUSKeyW

shell32

ord51
SHParseDisplayName
SHGetKnownFolderPath
SHGetMalloc
DragQueryFileW
ord18
ord155
ShellExecuteW
ord262
SHGetFolderPathW
ShellExecuteExW
SHGetKnownFolderIDList
ord940
SHChangeNotify

uxtheme

EnableThemeDialogTexture

advapi32

CryptAcquireContextW
CryptCreateHash
CryptHashData
CryptGetHashParam
CryptDestroyHash
RegOpenKeyExW
RegEnumValueW
RegCloseKey
TraceEvent
RegGetValueW
RegCreateKeyExW
RegDeleteValueW
RegSetValueExW
GetTraceLoggerHandle
GetTraceEnableLevel
GetTraceEnableFlags
RegisterTraceGuidsW
UnregisterTraceGuids
RegQueryValueExW
EventUnregister
EventRegister
EventSetInformation
EventWriteTransfer
GetUserNameW
RegQueryValueW
RegSetValueW
RegEnumKeyExW
CryptReleaseContext

gdi32

CreateFontIndirectW
DeleteObject
GetDeviceCaps
GetTextExtentPoint32W
CreateCompatibleDC
SetBkColor
ExtTextOutW
DeleteDC
CreateBrushIndirect
CreateDIBSection
RectVisible
PatBlt
GetObjectW
SetMapMode
SetAbortProc
StartDocW
EndDoc
GetTextExtentPointW
AbortDoc
EndPage
StartPage
SetBkMode
GetStockObject
TextOutW
Rectangle
MoveToEx
SelectObject
LineTo

imagehlp

TouchFileTimes

kernel32

SystemTimeToFileTime
LCMapStringW
GetModuleHandleW
ReleaseMutex
GetUserDefaultLCID
CreateMutexW
MoveFileW
GlobalFree
GlobalUnlock
GlobalLock
lstrcmpiA
GetShortPathNameW
WaitForSingleObject
SetEvent
CreateThread
CreateEventW
FindNextChangeNotification
WaitForMultipleObjects
FindCloseChangeNotification
FindFirstChangeNotificationW
SetEndOfFile
CopyFileW
GetCurrentThreadId
SetFilePointer
GetTempFileNameW
GetTempPathW
MoveFileExW
FindNextFileW
lstrcmpW
HeapDestroy
HeapCreate
TlsSetValue
GetLocaleInfoW
GetProfileIntW
HeapReAlloc
FindResourceW
LoadResource
LockResource
SizeofResource
FreeResource
MulDiv
GetSystemTime
GetModuleFileNameW
SetFileAttributesW
Sleep
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
WakeAllConditionVariable
SleepConditionVariableSRW
QueryPerformanceCounter
GetCurrentProcessId
GetTickCount
GetUserDefaultUILanguage
GetModuleHandleA
GetModuleHandleExW
FreeLibraryAndExitThread
IsDBCSLeadByte
GetFileAttributesExW
OutputDebugStringW
CreateActCtxW
ReleaseActCtx
ActivateActCtx
DeactivateActCtx
LoadLibraryExW
DeleteTimerQueueTimer
CreateTimerQueueTimer
GetLongPathNameW
GetCurrentDirectoryW
UnregisterWaitEx
GetOverlappedResult
ReadDirectoryChangesW
RegisterWaitForSingleObject
DelayLoadFailureHook
ResolveDelayLoadedAPI
CompareStringA
RtlCaptureContext
ExpandEnvironmentStringsW
RtlMoveMemory
lstrcmpiW
LocalAlloc
LocalFree
GetLastError
LoadLibraryW
FreeLibrary
FileTimeToSystemTime
GetDateFormatW
GetTimeFormatW
GetProcessHeap
HeapFree
WideCharToMultiByte
SetLastError
lstrcmpA
CreateFileW
WriteFile
CloseHandle
GetSystemTimeAsFileTime
GetFileSize
ReadFile
GetFileAttributesW
CompareStringW
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
DeleteFileW
CompareFileTime
FindFirstFileW
FindClose
GetVersion
GetProcAddress
FormatMessageW
TlsAlloc
TlsGetValue
TlsFree
MultiByteToWideChar

msimg32

AlphaBlend

ole32

CoWaitForMultipleHandles
CoInitialize
CoInitializeEx
PropVariantCopy
PropVariantClear
ReleaseStgMedium
CoGetMalloc
StringFromCLSID
CoTaskMemFree
CreateBindCtx
OleRun
CoCreateInstance
CLSIDFromString
CoUninitialize

oleaut32

SysAllocString
VarDateFromUdate
SysFreeString
SysAllocStringLen
SystemTimeToVariantTime
VariantChangeType
SysStringLen
GetErrorInfo
VariantClear
VarUdateFromDate

rpcrt4

UuidFromStringW
UuidCreate
UuidToStringW
RpcStringFreeW

user32

CharLowerA
DrawTextW
IsRectEmpty
CreateWindowExW
CreateDialogParamW
DialogBoxParamW
FindWindowW
LoadStringW
GetDesktopWindow
CharNextW
SendMessageW
GetMenuItemCount
DefWindowProcW
MessageBoxW
CheckRadioButton
EnableWindow
GetDlgItem
UpdateWindow
SetFocus
IsWindowEnabled
LoadCursorW
GetSysColorBrush
RegisterClassExW
UnregisterClassW
CharUpperA
SetWindowLongPtrW
GetWindowLongPtrW
GetWindowTextW
SetWindowTextW
GetMessageW
IsDialogMessageW
TranslateMessage
DispatchMessageW
GetParent
SendDlgItemMessageW
DestroyWindow
EndDialog
GetClientRect
IsWindow
RegisterClassW
SetCursor
RegisterWindowMessageW
SystemParametersInfoW
CharUpperW
PostMessageW
SetDlgItemTextW
SetTimer
ShowWindow
KillTimer
GetWindowRect
SetWindowPos
GetSystemMetrics
GetDC
ReleaseDC
CharPrevW
GetWindowLongW
SetWindowLongW
IsDlgButtonChecked
GetClassInfoW
DestroyAcceleratorTable
IsChild
GetFocus
GetKeyState
GetSysColor
InsertMenuItemW
LoadStringA
CreatePopupMenu
LoadIconW
SetMenuInfo
InsertMenuW
DestroyMenu
CharLowerW
PeekMessageW
EnableMenuItem
GetSystemMenu
GetDlgCtrlID
MapWindowPoints
MoveWindow
IsWindowVisible
CallWindowProcW
GetDlgItemTextW
LoadMenuW
GetSubMenu
TrackPopupMenu
CheckDlgButton
GetWindowTextLengthW
LoadImageW
BeginDeferWindowPos
ScreenToClient
EndDeferWindowPos
SetForegroundWindow
GetWindowPlacement
RemoveMenu
ModifyMenuW
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
AllowSetForegroundWindow
GetMenuItemInfoW
OffsetRect
InvalidateRect
FillRect
RedrawWindow
SetCapture
GetCapture
ReleaseCapture
GetCursorPos
PtInRect
BeginPaint
EndPaint
CharNextA

wininet

InternetCanonicalizeUrlW

ntdll

wcsncmp
wcstoul
strchr
strstr
WinSqmIncrementDWORD
_wcsicmp
wcsstr

sspicli

GetUserNameExW

iertutil

ord81
ord76
ord79
ord90
ord85
ord78
ord74

Exports

Exports

DllCanUnloadNow
DllGetClassObject
ShellUICommand_OnEditW
ShellUICommand_OnExportW
ShellUICommand_OnImportW
ShellUICommand_OnNewContactW
ShellUICommand_OnNewEmailW
ShellUICommand_OnNewGroupW
WABCreateIProp
WABOpen
WABOpenEx

Sections

.text
Size: 599KB - Virtual size: 599KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 78KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 384B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 142KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
lummastealer/Old-Setup/ElbyCDIO.dll
.dll windows:5 windows x86 arch:x86

cb5f14e025f6fc6949c0a460bca769be

Code Sign

05:9b:1b:57:9e:8e:21:32:e2:39:07:bd:a7:77:75:5c
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-08-2013 12:00

Not After

15-01-2038 12:00

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29-04-2021 00:00

Not After

28-04-2036 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:5e:85:b1:a5:f3:a6:7d:bc:67:db:3e:95:3b:3b:24
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

12-01-2022 00:00

Not After

23-01-2025 23:59

Subject

SERIALNUMBER=91330106699809363L,CN=浙江无端科技股份有限公司,O=浙江无端科技股份有限公司,L=杭州市,ST=浙江省,C=CN,1.3.6.1.4.1.311.60.2.1.1=#0c09e69dade5b79ee5b882,1.3.6.1.4.1.311.60.2.1.2=#0c09e6b599e6b19fe79c81,1.3.6.1.4.1.311.60.2.1.3=#1302434e,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

29-03-2022 00:00

Not After

14-03-2033 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

99:98:bb:7d:4b:31:79:f8:17:d8:90:68:b4:d7:82:1e:b1:06:e1:19:cb:1f:00:ff:41:81:0f:eb:2c:68:49:e4
Signer

Actual PE Digest

99:98:bb:7d:4b:31:79:f8:17:d8:90:68:b4:d7:82:1e:b1:06:e1:19:cb:1f:00:ff:41:81:0f:eb:2c:68:49:e4

Digest Algorithm

sha256

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetVersionExA

Exports

Exports

CloakCDR_SendCommand
ElbyCDIO_ClearAllUsedTitles
ElbyCDIO_ClearAllValidTitles
ElbyCDIO_ClearUsedTitle
ElbyCDIO_ClearUsedTitles
ElbyCDIO_ClearValidTitle
ElbyCDIO_ClearValidTitles
ElbyCDIO_CloseScanTargets
ElbyCDIO_CloseTarget
ElbyCDIO_CreateDevice
ElbyCDIO_CreateFile
ElbyCDIO_DeInitScsi
ElbyCDIO_DisableAutoInsertNotification
ElbyCDIO_DisablePowerSaving
ElbyCDIO_DoScsiIO
ElbyCDIO_Eject
ElbyCDIO_EnableAutoInsertNotification
ElbyCDIO_EnablePowerSaving
ElbyCDIO_EnableUsedTitles
ElbyCDIO_EnableValidTitles
ElbyCDIO_EnumTargets
ElbyCDIO_ExCloseTray
ElbyCDIO_ExDoScsiIO
ElbyCDIO_ExEject
ElbyCDIO_ExToggleTray
ElbyCDIO_Free
ElbyCDIO_GetDllVersion
ElbyCDIO_GetDriveLetter
ElbyCDIO_GetDriveName
ElbyCDIO_GetDriverVersion
ElbyCDIO_GetFileVersion
ElbyCDIO_GetMaxTransferSize
ElbyCDIO_GetOSVersion
ElbyCDIO_GetPerformance
ElbyCDIO_GetScsiAddress
ElbyCDIO_GetUsedTitle
ElbyCDIO_GetValidTitle
ElbyCDIO_InitScsi
ElbyCDIO_InitScsiAspi
ElbyCDIO_InitScsiEx
ElbyCDIO_LockBuffer
ElbyCDIO_LockTarget
ElbyCDIO_Malloc
ElbyCDIO_OpenTarget1
ElbyCDIO_OpenTarget2
ElbyCDIO_OpenTarget3
ElbyCDIO_OpenTargetLetter
ElbyCDIO_Perform
ElbyCDIO_PreventAllowMediumRemoval
ElbyCDIO_ReadItem
ElbyCDIO_RegCreateKeyEx
ElbyCDIO_RegDeleteKey
ElbyCDIO_RegOpenKeyEx
ElbyCDIO_SameBus
ElbyCDIO_ScanAndOpenTargets
ElbyCDIO_SendPrivateCommand
ElbyCDIO_SetUsedTitle
ElbyCDIO_SetValidTitle
ElbyCDIO_UnLockTarget
ElbyCDIO_UnlockBuffer
ElbyCDIO_UsesLockedIO
ElbyCDIO_UsesNoTimedIO
ElbyCDIO_UsesWinASPI32
ElbyCDIO_WriteItem
IoAddSafeHead
IoAddSafeTail
IoCreateList
IoCreateSafeList
IoDeInitSafeList
IoDeleteList
IoDeleteSafeList
IoEnqueue
IoGetSafeHead
IoGetSafeTail
IoInitSafeList
IoIsSafeEmpty
IoObtainSafeList
IoReleaseSafeList
IoRemHead
IoRemSafeHead
IoRemSafeTail
IoRemTail
RegKill_SendCommand

Sections

.text
Size: - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.SHARED
Size: 4KB - Virtual size: 682B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Kt9
Size: - Virtual size: 5.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.Ap}
Size: 4KB - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.cG7
Size: 9.9MB - Virtual size: 9.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
lummastealer/Old-Setup/ElbyVCD.dll
.dll windows:4 windows x86 arch:x86

ee96c0a1a551a58603cf4b2e5e1d56bd

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

04:00:00:00:00:01:2f:4e:e1:35:5c
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

13-04-2011 10:00

Not After

13-04-2019 10:00

Subject

CN=GlobalSign CodeSigning CA - G2,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

11:21:9e:c2:90:16:d7:3f:2c:c8:8e:b9:cc:8b:4f:8e:78:fb
Certificate

Issuer

CN=GlobalSign CodeSigning CA - G2,O=GlobalSign nv-sa,C=BE

Not Before

27-11-2012 14:35

Not After

27-11-2015 16:09

Subject

CN=Elaborate Bytes AG,O=Elaborate Bytes AG,L=Cham,ST=Zug,C=CH

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

61:0b:7f:6b:00:00:00:00:00:19
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23-05-2006 17:00

Not After

23-05-2016 17:10

Subject

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

4a:1e:21:3b:0b:ce:bc:cb:cc:68:18:20:7f:79:a9:2c:6b:03:15:1e
Signer

Actual PE Digest

4a:1e:21:3b:0b:ce:bc:cb:cc:68:18:20:7f:79:a9:2c:6b:03:15:1e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

elbycdio

ElbyCDIO_CreateDevice
ElbyCDIO_OpenTarget3
ElbyCDIO_GetScsiAddress
ElbyCDIO_InitScsi
ElbyCDIO_GetOSVersion
ElbyCDIO_ExEject
ElbyCDIO_ExToggleTray
ElbyCDIO_OpenTargetLetter
ElbyCDIO_ExCloseTray
ElbyCDIO_CloseTarget
ElbyCDIO_SendPrivateCommand

cfgmgr32

CM_Locate_DevNodeA
CM_Reenumerate_DevNode

kernel32

FindClose
FindFirstFileA
FindFirstFileW
CreateFileW
CreateFileA
GetDiskFreeSpaceA
GetFullPathNameA
GetPrivateProfileStringA
GetLastError
GetFileSize
ReadFile
SetFilePointer
SetCurrentDirectoryA
SetCurrentDirectoryW
GetCurrentDirectoryA
GetCurrentThreadId
GetCurrentProcessId
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
HeapSize
GetFullPathNameW
MultiByteToWideChar
lstrlenW
lstrlenA
WideCharToMultiByte
lstrcmpiA
CloseHandle
DeviceIoControl
GetDriveTypeA
HeapFree
HeapAlloc
HeapReAlloc
RaiseException
RtlUnwind
GetCommandLineA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
GetProcAddress
GetModuleHandleA
SetUnhandledExceptionFilter
ExitProcess
TerminateProcess
GetCurrentProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
UnhandledExceptionFilter
WriteFile
InterlockedExchange
VirtualQuery
VirtualProtect
GetSystemInfo
GetStringTypeA
GetStringTypeW
GetCPInfo
GetLocaleInfoA
GetACP
GetOEMCP
SetStdHandle
FlushFileBuffers
IsBadReadPtr
IsBadCodePtr
LoadLibraryA
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
LCMapStringA
LCMapStringW
SetEndOfFile

user32

wsprintfW
FindWindowA
SendMessageA
wsprintfA

advapi32

RegQueryValueExW
RegDeleteValueA
RegSetValueExA
RegSetValueExW
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA

Exports

Exports

CloseVCCD
OpenVCCD
OpenVCCDLetter
PurgeHistory
VCCDCloseDevice
VCCDCloseTray
VCCDEjectTray
VCCDGetDrives
VCCDGetStatus
VCCDInit
VCCDIsInstalled
VCCDIsInstalledEx
VCCDMultiOpenDevice
VCCDMultiOpenDeviceEx
VCCDNop
VCCDOpenDevice
VCCDOpenDeviceW
VCCDOpenLastMountedFile
VCCDOpenLastMountedFiles
VCCDRestoreDrives
VCCDSetDrives
VCCDToggleTray

Sections

.text
Size: 92KB - Virtual size: 90KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
lummastealer/Old-Setup/Setup.exe
.exe windows:4 windows x86 arch:x86

439cea087ae2b8ad67a7f8437f6bbbbe

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

04:00:00:00:00:01:2f:4e:e1:35:5c
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

13-04-2011 10:00

Not After

13-04-2019 10:00

Subject

CN=GlobalSign CodeSigning CA - G2,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

11:21:9e:c2:90:16:d7:3f:2c:c8:8e:b9:cc:8b:4f:8e:78:fb
Certificate

Issuer

CN=GlobalSign CodeSigning CA - G2,O=GlobalSign nv-sa,C=BE

Not Before

27-11-2012 14:35

Not After

27-11-2015 16:09

Subject

CN=Elaborate Bytes AG,O=Elaborate Bytes AG,L=Cham,ST=Zug,C=CH

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

61:0b:7f:6b:00:00:00:00:00:19
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23-05-2006 17:00

Not After

23-05-2016 17:10

Subject

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

6f:3b:e9:54:d7:3b:f1:25:86:3a:3b:c9:55:50:52:12:11:1a:43:eb
Signer

Actual PE Digest

6f:3b:e9:54:d7:3b:f1:25:86:3a:3b:c9:55:50:52:12:11:1a:43:eb

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

elbyvcd

VCCDInit
VCCDRestoreDrives
VCCDGetDrives
VCCDOpenLastMountedFile
VCCDGetStatus
VCCDCloseDevice
VCCDOpenDeviceW
OpenVCCDLetter
VCCDOpenDevice
CloseVCCD

elbycdio

ElbyCDIO_GetOSVersion
ElbyCDIO_InitScsi

kernel32

lstrcpyA
GetExitCodeProcess
WaitForSingleObject
CloseHandle
CreateProcessW
CreateProcessA
MultiByteToWideChar
lstrlenW
GetDriveTypeA
GetLastError
CreateEventA
GetModuleFileNameW
GetModuleFileNameA
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
HeapSize
SetEndOfFile
InterlockedExchange
RtlUnwind
GetOEMCP
GetACP
CreateFileA
SetFilePointer
FlushFileBuffers
SetStdHandle
GetStringTypeW
GetStringTypeA
VirtualQuery
GetSystemInfo
VirtualProtect
GetCPInfo
GetLocaleInfoA
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
lstrcatA
LoadLibraryA
WriteFile
TerminateProcess
ExitProcess
FreeLibrary
GetModuleHandleA
GetProcAddress
GetCurrentProcess
lstrcmpA
lstrlenA
lstrcmpiA
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
ReadFile
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
LCMapStringW
HeapFree
HeapAlloc
GetStartupInfoA
GetCommandLineA
GetVersionExA
LCMapStringA
GetSystemTimeAsFileTime

user32

TrackPopupMenu
PostMessageA
LoadImageA
wsprintfA
SetForegroundWindow
wsprintfW
MessageBoxA
GetMessageA
TranslateMessage
DispatchMessageA
LoadCursorA
RegisterWindowMessageA
RegisterClassExA
DestroyWindow
PostQuitMessage
GetMenu
GetSubMenu
DefWindowProcA
GetCursorPos
DestroyMenu
SetTimer
KillTimer
CreateWindowExA
SetMenuDefaultItem
CreatePopupMenu
AppendMenuW
AppendMenuA
MessageBoxW

gdi32

GetStockObject

comdlg32

GetOpenFileNameW
GetOpenFileNameA

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegEnumKeyA
RegDeleteKeyA
RegCreateKeyExA
RegQueryValueExW
RegDeleteValueA

shell32

ShellExecuteA
Shell_NotifyIconA

ole32

CreateClassMoniker
CoUninitialize
CoInitialize
GetRunningObjectTable

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
lummastealer/Old-Setup/dxukuss
lummastealer/Old-Setup/mold
lummastealer/Old-Setup/x64/DateTime_days-dates.phpt
lummastealer/Old-Setup/x64/array_multisort_variation1.phpt
.js
lummastealer/Old-Setup/x64/bug73927.phpt
lummastealer/Old-Setup/x64/crc32_x86.h
lummastealer/Old-Setup/x64/gh10695_6.phpt
.js
lummastealer/Old-Setup/x64/hz_encoding.phpt
lummastealer/Old-Setup/x64/r2_base_008p.phpt
lummastealer/Old-Setup/x86/bless_tests.php
.sh linux
lummastealer/Old-Setup/x86/check_parameters.php
.sh .ps1 linux polyglot
lummastealer/Old-Setup/x86/find_tested.php
.sh .ps1 linux polyglot
lummastealer/Old-Setup/x86/makedist
.sh linux
lummastealer/Old-Setup/x86/phpize.in
.sh linux
lummastealer/Setup.exe
.exe windows:4 windows x86 arch:x86

439cea087ae2b8ad67a7f8437f6bbbbe

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

04:00:00:00:00:01:2f:4e:e1:35:5c
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

13-04-2011 10:00

Not After

13-04-2019 10:00

Subject

CN=GlobalSign CodeSigning CA - G2,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

11:21:9e:c2:90:16:d7:3f:2c:c8:8e:b9:cc:8b:4f:8e:78:fb
Certificate

Issuer

CN=GlobalSign CodeSigning CA - G2,O=GlobalSign nv-sa,C=BE

Not Before

27-11-2012 14:35

Not After

27-11-2015 16:09

Subject

CN=Elaborate Bytes AG,O=Elaborate Bytes AG,L=Cham,ST=Zug,C=CH

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

61:0b:7f:6b:00:00:00:00:00:19
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23-05-2006 17:00

Not After

23-05-2016 17:10

Subject

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

6f:3b:e9:54:d7:3b:f1:25:86:3a:3b:c9:55:50:52:12:11:1a:43:eb
Signer

Actual PE Digest

6f:3b:e9:54:d7:3b:f1:25:86:3a:3b:c9:55:50:52:12:11:1a:43:eb

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

elbyvcd

VCCDInit
VCCDRestoreDrives
VCCDGetDrives
VCCDOpenLastMountedFile
VCCDGetStatus
VCCDCloseDevice
VCCDOpenDeviceW
OpenVCCDLetter
VCCDOpenDevice
CloseVCCD

elbycdio

ElbyCDIO_GetOSVersion
ElbyCDIO_InitScsi

kernel32

lstrcpyA
GetExitCodeProcess
WaitForSingleObject
CloseHandle
CreateProcessW
CreateProcessA
MultiByteToWideChar
lstrlenW
GetDriveTypeA
GetLastError
CreateEventA
GetModuleFileNameW
GetModuleFileNameA
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
HeapSize
SetEndOfFile
InterlockedExchange
RtlUnwind
GetOEMCP
GetACP
CreateFileA
SetFilePointer
FlushFileBuffers
SetStdHandle
GetStringTypeW
GetStringTypeA
VirtualQuery
GetSystemInfo
VirtualProtect
GetCPInfo
GetLocaleInfoA
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
lstrcatA
LoadLibraryA
WriteFile
TerminateProcess
ExitProcess
FreeLibrary
GetModuleHandleA
GetProcAddress
GetCurrentProcess
lstrcmpA
lstrlenA
lstrcmpiA
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
ReadFile
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
LCMapStringW
HeapFree
HeapAlloc
GetStartupInfoA
GetCommandLineA
GetVersionExA
LCMapStringA
GetSystemTimeAsFileTime

user32

TrackPopupMenu
PostMessageA
LoadImageA
wsprintfA
SetForegroundWindow
wsprintfW
MessageBoxA
GetMessageA
TranslateMessage
DispatchMessageA
LoadCursorA
RegisterWindowMessageA
RegisterClassExA
DestroyWindow
PostQuitMessage
GetMenu
GetSubMenu
DefWindowProcA
GetCursorPos
DestroyMenu
SetTimer
KillTimer
CreateWindowExA
SetMenuDefaultItem
CreatePopupMenu
AppendMenuW
AppendMenuA
MessageBoxW

gdi32

GetStockObject

comdlg32

GetOpenFileNameW
GetOpenFileNameA

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegEnumKeyA
RegDeleteKeyA
RegCreateKeyExA
RegQueryValueExW
RegDeleteValueA

shell32

ShellExecuteA
Shell_NotifyIconA

ole32

CreateClassMoniker
CoUninitialize
CoInitialize
GetRunningObjectTable

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
lummastealer/dxukuss
lummastealer/mold
lummastealer/x64-bit/DateTime_days-dates.phpt
lummastealer/x64-bit/array_multisort_variation1.phpt
.js
lummastealer/x64-bit/bug73927.phpt
lummastealer/x64-bit/crc32_x86.h
lummastealer/x64-bit/gh10695_6.phpt
.js
lummastealer/x64-bit/hz_encoding.phpt
lummastealer/x64-bit/r2_base_008p.phpt
lummastealer/x86-bit/bless_tests.php
.sh linux
lummastealer/x86-bit/check_parameters.php
.sh .ps1 linux polyglot
lummastealer/x86-bit/find_tested.php
.sh .ps1 linux polyglot
lummastealer/x86-bit/makedist
.sh linux
lummastealer/x86-bit/phpize.in
.sh linux

Sharing

General

Malware Config

Signatures

Files

a4c776c8c8aef2452297de4da7a8b846

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate

Extended Key Usages

Key Usages

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate

Extended Key Usages

Key Usages

6c:59:ef:a9:e1:00:e1:0e:e3:06:ba:8f:e0:29:25:59Certificate

Extended Key Usages

Key Usages

35:a8:4f:a5:03:f8:9b:49:83:96:bb:48:91:68:a5:80Certificate

Extended Key Usages

Key Usages

23:ae:c0:7c:0a:5d:b2:9d:6c:ee:d9:27:81:40:e8:e7:00:e1:d1:49Signer

Headers

File Characteristics

PDB Paths

Imports

dvacore

dvamediatypes

kernel32

oleaut32

aslfoundation

aslmessaging

mediafoundation

msvcp100

msvcr100

Exports

Exports

Sections

.text Size: 535KB - Virtual size: 534KB

.rdata Size: 196KB - Virtual size: 196KB

.data Size: 6KB - Virtual size: 22KB

.pdata Size: 45KB - Virtual size: 45KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 6KB - Virtual size: 6KB

dae02f32a21e03ce65412f6e56942daa

Code Sign

33:00:00:03:4e:b5:3c:7a:c1:84:6f:eb:2b:00:00:00:00:03:4eCertificate

Extended Key Usages

61:0e:90:d2:00:00:00:00:00:03Certificate

Key Usages

c8:69:84:e6:d2:5a:11:d9:13:94:32:2b:8e:dd:9d:99:7e:12:26:99:b9:c4:b6:ec:f0:63:59:5f:87:9e:ff:f2Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 246KB - Virtual size: 246KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Code Sign

33:00:00:03:4e:b5:3c:7a:c1:84:6f:eb:2b:00:00:00:00:03:4eCertificate

Extended Key Usages

61:0e:90:d2:00:00:00:00:00:03Certificate

Key Usages

4f:61:1d:77:15:e7:1e:51:7e:ea:d0:a0:6f:83:7c:49:70:88:bf:f1:aa:27:e2:e7:d4:65:40:34:bf:3c:55:54Signer

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 260KB - Virtual size: 259KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Code Sign

33:00:00:02:cd:f3:64:bf:f8:d4:4c:5d:51:00:00:00:00:02:cdCertificate

Extended Key Usages

61:0e:90:d2:00:00:00:00:00:03Certificate

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

6c:59:ef:a9:e1:00:e1:0e:e3:06:ba:8f:e0:29:25:59
Certificate

35:a8:4f:a5:03:f8:9b:49:83:96:bb:48:91:68:a5:80
Certificate

23:ae:c0:7c:0a:5d:b2:9d:6c:ee:d9:27:81:40:e8:e7:00:e1:d1:49
Signer

.text
Size: 535KB - Virtual size: 534KB

.rdata
Size: 196KB - Virtual size: 196KB

.data
Size: 6KB - Virtual size: 22KB

.pdata
Size: 45KB - Virtual size: 45KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 6KB - Virtual size: 6KB

33:00:00:03:4e:b5:3c:7a:c1:84:6f:eb:2b:00:00:00:00:03:4e
Certificate

61:0e:90:d2:00:00:00:00:00:03
Certificate

c8:69:84:e6:d2:5a:11:d9:13:94:32:2b:8e:dd:9d:99:7e:12:26:99:b9:c4:b6:ec:f0:63:59:5f:87:9e:ff:f2
Signer

.text
Size: 246KB - Virtual size: 246KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

33:00:00:03:4e:b5:3c:7a:c1:84:6f:eb:2b:00:00:00:00:03:4e
Certificate

61:0e:90:d2:00:00:00:00:00:03
Certificate

4f:61:1d:77:15:e7:1e:51:7e:ea:d0:a0:6f:83:7c:49:70:88:bf:f1:aa:27:e2:e7:d4:65:40:34:bf:3c:55:54
Signer

.text
Size: 260KB - Virtual size: 259KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

33:00:00:02:cd:f3:64:bf:f8:d4:4c:5d:51:00:00:00:00:02:cd
Certificate

61:0e:90:d2:00:00:00:00:00:03
Certificate

97:32:33:12:86:16:07:03:9e:1f:27:f0:ea:4b:c1:2d:dc:3d:57:8e:41:ed:6e:65:da:94:ba:1b:2c:56:65:e9
Signer

.text
Size: 447KB - Virtual size: 446KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

33:00:00:03:4d:4e:91:a6:1a:28:b0:78:8f:00:00:00:00:03:4d
Certificate

61:0e:90:d2:00:00:00:00:00:03
Certificate

90:08:16:4f:db:b6:ed:e6:24:db:0c:d5:5c:ef:85:99:5e:44:84:a4:ea:ac:3b:97:13:3b:9c:82:71:cb:06:b1
Signer

.text
Size: 220KB - Virtual size: 220KB

.rsrc
Size: 15KB - Virtual size: 15KB

.reloc
Size: 512B - Virtual size: 12B

33:00:00:03:4d:4e:91:a6:1a:28:b0:78:8f:00:00:00:00:03:4d
Certificate

61:0e:90:d2:00:00:00:00:00:03
Certificate

33:00:00:03:9c:5d:99:cd:ee:d3:0d:e1:df:00:00:00:00:03:9c
Certificate

61:07:76:56:00:00:00:00:00:08
Certificate

3a:e6:a4:8f:37:e4:19:59:ed:32:f9:af:e7:c2:18:42:ea:9d:6d:03:13:7a:df:a2:b8:24:74:8d:4e:cd:60:eb
Signer

3a:e6:a4:8f:37:e4:19:59:ed:32:f9:af:e7:c2:18:42:ea:9d:6d:03:13:7a:df:a2:b8:24:74:8d:4e:cd:60:eb
Signer

.text
Size: 165KB - Virtual size: 165KB

.rsrc
Size: 1KB - Virtual size: 1KB

33:00:00:03:4e:b5:3c:7a:c1:84:6f:eb:2b:00:00:00:00:03:4e
Certificate

61:0e:90:d2:00:00:00:00:00:03
Certificate

36:a9:9c:36:46:98:b2:5f:56:40:43:c3:41:32:8c:9d:cd:de:2c:3c:38:5e:7d:2e:79:c8:37:5e:17:72:e0:69
Signer

.text
Size: 742KB - Virtual size: 742KB

.rsrc
Size: 46KB - Virtual size: 46KB

.reloc
Size: 512B - Virtual size: 12B

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate