�cj�pwTҘ���Wy�\��d$㟆������K��̖hZ������[��x��?�#:�uDEB����pݢ�NO�� ���D7�6�QwNj�v��r��1ZH'�9�- !�k�,�;|�,��6؋�:��������ьI���4�s2��U� �o؟�g�7z�pIz1�����6H�{ ��V���wI����$�?�2��=ZlZ~i.^m�%��aʓS����߭'OZ]�������ƀrﲘ���� ����8��y�Y'�a8îIa�ޑxn�F�~��A�F߹�(��z���F�P�0&0��� q�/�����=&.}�\�W�HQ�X����lDmHF-�χ�aRQ�F�� �!�u�Z�֦y�s_�}��F��t��۸0���1 ��A_'y�������^'\�j�ܖ���<c�Z�$��U`K/%��RRs�vM��j�J��HbI�Nq�ُ̼�u+TO��������M�P��XA���7��u����)�N ��a�CF1��?(_{�ҡ�$&��Y)���S,s�����lne�+�,��}0�2�%A�q��p������PG\��AH��؛痌0S,N<�� � Qa������k�şDt%:����O��d���V��Ѧ��Y��Ŭ�i�y����b�߱����y3]�t�1�Z��$�R�`��Яz�干,.�+���wM�C���mh[���řZ�<�h�ɞ$?~L� ��.�aM^B_��:�u2\�!NC^��¯,�-$�h�'�����T�1�-�S�-G�8I-�t�^72hlh+�����&Gܩ��z�xBAĺ�� ��Ck��mo�RW��k�j������̝����ob���[D�%��Sv��2�FY���-.����n2 � _�tN����o����� ����ڻșa7ޢ��h�'�VT��Gж��o<+�H�E�zM�K����~�j���1�7j�����b��ލE��5��-���d��vL�~{3�*��N�}�[�&p��lF�9;�8z�k�*�:Μ�����Ӽ�)��Coy* � �WH>��S�Ҫ�i�[bTG�q�Ԣ��Ëc�F¤9���x�����R� �ֵWZ���Vhm������h��0L�j1��5� O*Խ���^2�� �v�F)�"�<�`��f����K�>�v���?�hN�q�L5������3Ja�ډ�?��Ƈꃡ�^�+p��e��l��~��s��vN�����8?���U�`:��j���iPy�����x�F�怿���1��8�����k0�y.���2>l���;��\?��=�����mM�ɑ�+R���7��ۤdƪ� ���Xs����&��2��{|��Nۍ{7�N��j�N��3dE��ڃ� �(�v����y��0�g\>mO�D٫L����¸�*�`q�Sj��x�M̟j�&�q�ʾ ���\1D}�J�<���(�nB4���d��%N3����M�*g�|�������&~ͥ#��7����k�Dm��u�=?����NF�y��DpWc�'�aB�VMJ�D4�8�1Û�xn�b�j+L��J~VΊ9M�1n.�(�P=C$[� �0�q5�{����6�*:��6"��Zf}�5�3C�ӮvJ��Q�4zԂ�:SQ�1��b�!�=k��sņH*��f��)�Kk�o��H�,i�~'H�J:�N#�$��u��Q���I&�������!� ��n�LЋ�7pz��tW*�7��T=^?c�+�g��^����s�K`�l�i�?)�*�N���+yr��R:1EFU�xߺ�4���N�٠0����9r�7u�����T�>5ԃT?���SE Z��Ԕ���ir1e������Ӓ1�h V�f*�meV/��j�P�XO8_����Ih1NѲ��O��zf�ј!G�Q�a�p����k�&���9NH�`\��p"���N�*�zÎ�٭�~(�5 =I$�n���uHU���I�9���N��es�}nLd��M�@H"=�!�DW8���-\���~��S��v�k�'[��V5�x�4±0H�);��.�Z[�iDc.�d�>_��B�k ��_���j`���>���ul��*�WC�2�����:V�z w( (�J�Iw*|(�Qi���r�mo�Na�� 5�X���_���1�\Ț(�b��h�$��p[\��y��DS<5���A}~0;A�mC��}_\��?,DԷ��.�A�|�Ǣ�7xhs������|z�R�+�6ML#��8v)�q��WO1 ���S\�s֡�~��J�c�]�THl"�� ��~�9�Ә�2�s����\5�?�ב�8���OE;�~�H,)Ra����FT�!� � ?C_�XC4&|�&zݐ�E�<V�Z�u`���W�t�p2U����6i[���F����W�M�ይ�p���6��i��h?bC]�}v���#��l��~��xC��*�ʃU�C�������XW~o8�;[�GJ?s�U��!�s��_XE<����l�-��Y������?�vM��Nx��c������)�z��!��W/��/<� 1nF�)�;cO��/��M�8�~L�O8�(�k���o6�� ��3}�]xǦ��͏M��_��˔�w�ĦW��Ή��cx�<�U���A ,�^���_�ݢ�����ƶ����W���e�0X�};�������4@���9y���Ľ��2Y>$��%o��{���h������w%�v�g�]I\u�K��O�<���P��S�Pڲ7�0KY���T�F�1�3I�~qv]z�>_�~)�'���#�!S���ۣ`�t��ؑ{t6ʲ���p�/%��a'��yh"��z��y�j��3���j8K�����s-�����r��toy������kP�;@E^3w��X�,�"Qp]�ۀ�`�n�v�CB2I��>��F����*t�9��W$�bG�4G^e�܄�Lt�)�p����sAޭC��Y_�S�^#Պ��AQ�����X��^>Y��}����fq��%��Vc̮dY�-�̑����E��ܧM��r���P������{�j�+�S� &��⁵V������e�7
Overview
overview
10Static
static
3Adobe Prem...uK.exe
windows7-x64
10Adobe Prem...uK.exe
windows10-2004-x64
10dllhelper.dll
windows7-x64
3dllhelper.dll
windows10-2004-x64
3dllhelper64.dll
windows7-x64
1dllhelper64.dll
windows10-2004-x64
1AdobeIPCBroker.exe
windows7-x64
3AdobeIPCBroker.exe
windows10-2004-x64
3customhook...ok.exe
windows7-x64
3customhook...ok.exe
windows10-2004-x64
3AdobePIM.dll
windows7-x64
4AdobePIM.dll
windows10-2004-x64
4Core.dll
windows7-x64
3Core.dll
windows10-2004-x64
3resources/...IM.dll
windows7-x64
4resources/...IM.dll
windows10-2004-x64
4Static task
static1
Behavioral task
behavioral1
Sample
Adobe Premiere Pro 2022 22.0.0.169 RePack by KpoJIuK.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
Adobe Premiere Pro 2022 22.0.0.169 RePack by KpoJIuK.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral3
Sample
dllhelper.dll
Resource
win7-20241010-en
Behavioral task
behavioral4
Sample
dllhelper.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral5
Sample
dllhelper64.dll
Resource
win7-20240903-en
Behavioral task
behavioral6
Sample
dllhelper64.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral7
Sample
AdobeIPCBroker.exe
Resource
win7-20241010-en
Behavioral task
behavioral8
Sample
AdobeIPCBroker.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral9
Sample
customhook/AdobeIPCBrokerCustomHook.exe
Resource
win7-20240903-en
Behavioral task
behavioral10
Sample
customhook/AdobeIPCBrokerCustomHook.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral11
Sample
AdobePIM.dll
Resource
win7-20240903-en
Behavioral task
behavioral12
Sample
AdobePIM.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral13
Sample
Core.dll
Resource
win7-20240903-en
Behavioral task
behavioral14
Sample
Core.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral15
Sample
resources/AdobePIM.dll
Resource
win7-20240903-en
Behavioral task
behavioral16
Sample
resources/AdobePIM.dll
Resource
win10v2004-20241007-en
General
-
Target
JaffaCakes118_a65f971c0379a241367ececfcc7c393f9a5353b74b5b7bbf43b308c7597ac934
-
Size
9.9MB
-
MD5
e451bd98fc9da1405990f250a74416e0
-
SHA1
3a1ecf87ed6a363fa945cf8398bd6a15fa5e09ba
-
SHA256
a65f971c0379a241367ececfcc7c393f9a5353b74b5b7bbf43b308c7597ac934
-
SHA512
d0872bdbff2c9bbfaecfa3de1e127d5d3a98e1287616d153d8ac6c2c0243f4ed2a7de71ac6ae5bfcd525bda772fbc2f37a072e19ca88239a4d03e96cc51f4311
-
SSDEEP
196608:CSzYMNbwUQo4iANbIxmm3iSw75DZWaF7ZaT9TPW9N6U:0fUf45bNgI9k8aT9jW9L
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/Adobe Premiere Pro 2022 22.0.0.169 RePack by KpoJIuK.exe
Files
-
JaffaCakes118_a65f971c0379a241367ececfcc7c393f9a5353b74b5b7bbf43b308c7597ac934.zip
-
Adobe Premiere Pro 2022 22.0.0.169 RePack by KpoJIuK.exe.exe windows:6 windows x86 arch:x86
8f1a9288bae20d24c92d3d27d642d92e
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetProcAddress
LoadLibraryW
GetSystemTimeAsFileTime
GetModuleHandleA
CreateEventA
GetModuleFileNameW
TerminateProcess
GetCurrentProcess
CreateToolhelp32Snapshot
Thread32First
GetCurrentProcessId
GetCurrentThreadId
OpenThread
Thread32Next
CloseHandle
SuspendThread
ResumeThread
WriteProcessMemory
GetSystemInfo
VirtualAlloc
VirtualProtect
VirtualFree
GetProcessAffinityMask
SetProcessAffinityMask
GetCurrentThread
SetThreadAffinityMask
Sleep
LoadLibraryA
FreeLibrary
GetTickCount
SystemTimeToFileTime
FileTimeToSystemTime
GlobalFree
LocalAlloc
LocalFree
GetProcAddress
ExitProcess
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetModuleHandleW
LoadResource
MultiByteToWideChar
FindResourceExW
FindResourceExA
WideCharToMultiByte
GetThreadLocale
GetUserDefaultLCID
GetSystemDefaultLCID
EnumResourceNamesA
EnumResourceNamesW
EnumResourceLanguagesA
EnumResourceLanguagesW
EnumResourceTypesA
EnumResourceTypesW
CreateFileW
LoadLibraryW
GetLastError
FlushFileBuffers
WriteConsoleW
SetStdHandle
IsProcessorFeaturePresent
DecodePointer
GetCommandLineA
RaiseException
HeapFree
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetLastError
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapAlloc
LCMapStringW
GetStringTypeW
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
HeapDestroy
QueryPerformanceCounter
HeapSize
WriteFile
RtlUnwind
SetFilePointer
GetConsoleCP
GetConsoleMode
HeapReAlloc
VirtualQuery
LocalAlloc
LocalFree
GetModuleFileNameW
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress
user32
CharUpperBuffW
Exports
Exports
Sections
.text Size: - Virtual size: 41KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.CRT Size: - Virtual size: 4B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.V2h Size: - Virtual size: 3.5MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.>([ Size: 1024B - Virtual size: 852B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.Dz Size: 6.2MB - Virtual size: 6.2MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 67KB - Virtual size: 67KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
dllhelper.dll.dll windows:5 windows x86 arch:x86
140ea1a2783378133a762a7bc41e492d
Code Sign
02:ac:5c:26:6a:0b:40:9b:8f:0b:79:f2:ae:46:25:77Certificate
IssuerCN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before10-11-2006 00:00Not After10-11-2031 00:00SubjectCN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:ddCertificate
IssuerCN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before01-01-2021 00:00Not After06-01-2031 00:00SubjectCN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate
IssuerCN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before07-01-2016 12:00Not After07-01-2031 12:00SubjectCN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
03:55:db:cf:a2:75:1e:85:ba:b8:2f:2a:ea:1c:f2:e8Certificate
IssuerCN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before23-04-2020 00:00Not After16-06-2023 12:00SubjectSERIALNUMBER=1962832,CN=International Media Ltd,O=International Media Ltd,ST=Tortola,C=VG,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13025647Extended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06Certificate
IssuerCN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before18-04-2012 12:00Not After18-04-2027 12:00SubjectCN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
02:ac:5c:26:6a:0b:40:9b:8f:0b:79:f2:ae:46:25:77Certificate
IssuerCN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before10-11-2006 00:00Not After10-11-2031 00:00SubjectCN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
02:d6:da:1a:da:8f:d6:b3:69:a2:ea:e1:6a:07:31:efCertificate
IssuerCN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=USNot Before23-04-2020 00:00Not After16-06-2023 12:00SubjectSERIALNUMBER=1962832,CN=International Media Ltd,O=International Media Ltd,ST=Tortola,C=VG,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13025647Extended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5cCertificate
IssuerCN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before18-04-2012 12:00Not After18-04-2027 12:00SubjectCN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:ddCertificate
IssuerCN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before01-01-2021 00:00Not After06-01-2031 00:00SubjectCN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate
IssuerCN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before07-01-2016 12:00Not After07-01-2031 12:00SubjectCN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
b0:cc:3f:24:46:44:ec:82:4c:c8:ff:34:cb:ef:f9:20:7c:34:66:7b:41:c8:18:03:20:b8:d3:93:79:97:95:11Signer
Actual PE Digestb0:cc:3f:24:46:44:ec:82:4c:c8:ff:34:cb:ef:f9:20:7c:34:66:7b:41:c8:18:03:20:b8:d3:93:79:97:95:11Digest Algorithmsha256PE Digest Matchestrue7e:40:70:c7:0f:a0:fd:b3:ad:e9:f6:20:8d:ff:a9:47:b6:2a:88:4eSigner
Actual PE Digest7e:40:70:c7:0f:a0:fd:b3:ad:e9:f6:20:8d:ff:a9:47:b6:2a:88:4eDigest Algorithmsha1PE Digest MatchestrueHeaders
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI
Imports
kernel32
EnterCriticalSection
GetACP
CloseHandle
LocalFree
TlsAlloc
GetTickCount
OpenFileMappingW
VirtualFree
GetStartupInfoW
ExitProcess
InitializeCriticalSection
VirtualAlloc
RtlUnwind
GetCPInfo
GetCommandLineW
GetSystemInfo
GetProcAddress
LeaveCriticalSection
EnumSystemLocalesW
GetStdHandle
GetVersionExW
VerifyVersionInfoW
GetModuleHandleW
FreeLibrary
GetDiskFreeSpaceW
VerSetConditionMask
GetUserDefaultUILanguage
FindFirstFileW
TlsFree
GetModuleFileNameW
GetLastError
lstrlenW
CompareStringA
CompareStringW
CreateThread
WideCharToMultiByte
MapViewOfFile
MultiByteToWideChar
FindClose
LoadLibraryW
LoadLibraryA
ResetEvent
SetEvent
GetLocaleInfoW
GetVersion
RaiseException
SwitchToThread
GetLocalTime
WaitForSingleObject
WriteFile
DeleteCriticalSection
TlsGetValue
IsValidLocale
TlsSetValue
LoadLibraryExW
GetSystemDefaultUILanguage
EnumCalendarInfoW
LocalAlloc
GetCurrentThreadId
UnhandledExceptionFilter
VirtualQuery
CreateEventW
GetThreadLocale
Sleep
SetThreadLocale
version
GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW
user32
CallNextHookEx
CharUpperBuffW
CharNextW
CharLowerBuffW
SetWindowsHookExW
UnhookWindowsHookEx
LoadStringW
CharUpperW
GetSystemMetrics
MessageBoxW
oleaut32
SysAllocStringLen
SysFreeString
SysReAllocStringLen
netapi32
NetWkstaGetInfo
NetApiBufferFree
advapi32
RegQueryValueExW
RegCloseKey
RegOpenKeyExW
Exports
Exports
StartHook
StopHook
Sections
.text Size: 109KB - Virtual size: 108KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.itext Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 6KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.bss Size: - Virtual size: 22KB
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.didata Size: 512B - Virtual size: 456B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.edata Size: 512B - Virtual size: 153B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rdata Size: 512B - Virtual size: 69B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 10KB - Virtual size: 10KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.rsrc Size: 5KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
dllhelper64.dll.dll windows:5 windows x64 arch:x64
c8820c92458429ac52b291ca51bad0e4
Code Sign
02:ac:5c:26:6a:0b:40:9b:8f:0b:79:f2:ae:46:25:77Certificate
IssuerCN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before10-11-2006 00:00Not After10-11-2031 00:00SubjectCN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:ddCertificate
IssuerCN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before01-01-2021 00:00Not After06-01-2031 00:00SubjectCN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate
IssuerCN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before07-01-2016 12:00Not After07-01-2031 12:00SubjectCN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
03:55:db:cf:a2:75:1e:85:ba:b8:2f:2a:ea:1c:f2:e8Certificate
IssuerCN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before23-04-2020 00:00Not After16-06-2023 12:00SubjectSERIALNUMBER=1962832,CN=International Media Ltd,O=International Media Ltd,ST=Tortola,C=VG,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13025647Extended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06Certificate
IssuerCN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before18-04-2012 12:00Not After18-04-2027 12:00SubjectCN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
02:ac:5c:26:6a:0b:40:9b:8f:0b:79:f2:ae:46:25:77Certificate
IssuerCN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before10-11-2006 00:00Not After10-11-2031 00:00SubjectCN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
02:d6:da:1a:da:8f:d6:b3:69:a2:ea:e1:6a:07:31:efCertificate
IssuerCN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=USNot Before23-04-2020 00:00Not After16-06-2023 12:00SubjectSERIALNUMBER=1962832,CN=International Media Ltd,O=International Media Ltd,ST=Tortola,C=VG,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13025647Extended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5cCertificate
IssuerCN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before18-04-2012 12:00Not After18-04-2027 12:00SubjectCN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:ddCertificate
IssuerCN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before01-01-2021 00:00Not After06-01-2031 00:00SubjectCN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate
IssuerCN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before07-01-2016 12:00Not After07-01-2031 12:00SubjectCN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
24:c2:ef:fc:08:27:a1:fb:4b:f8:58:8b:3e:f5:7e:3c:b5:71:4e:26:20:7b:ed:13:a8:4a:0f:30:7b:4b:50:94Signer
Actual PE Digest24:c2:ef:fc:08:27:a1:fb:4b:f8:58:8b:3e:f5:7e:3c:b5:71:4e:26:20:7b:ed:13:a8:4a:0f:30:7b:4b:50:94Digest Algorithmsha256PE Digest Matchestrue37:3f:c6:23:c3:cf:ff:ba:35:17:70:cb:48:f8:d5:ed:57:d9:b5:83Signer
Actual PE Digest37:3f:c6:23:c3:cf:ff:ba:35:17:70:cb:48:f8:d5:ed:57:d9:b5:83Digest Algorithmsha1PE Digest MatchestrueHeaders
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
Imports
kernel32
EnterCriticalSection
RtlUnwindEx
GetACP
CloseHandle
LocalFree
TlsAlloc
GetTickCount
OpenFileMappingW
VirtualFree
GetStartupInfoW
ExitProcess
InitializeCriticalSection
VirtualAlloc
RtlUnwind
GetCPInfo
GetCommandLineW
GetSystemInfo
GetProcAddress
LeaveCriticalSection
EnumSystemLocalesW
GetStdHandle
GetVersionExW
VerifyVersionInfoW
GetModuleHandleW
FreeLibrary
GetDiskFreeSpaceW
VerSetConditionMask
GetUserDefaultUILanguage
FindFirstFileW
TlsFree
GetModuleFileNameW
GetLastError
lstrlenW
CompareStringA
CompareStringW
CreateThread
WideCharToMultiByte
MapViewOfFile
MultiByteToWideChar
FindClose
LoadLibraryW
LoadLibraryA
ResetEvent
SetEvent
GetLocaleInfoW
GetVersion
RaiseException
SwitchToThread
GetLocalTime
WaitForSingleObject
WriteFile
DeleteCriticalSection
TlsGetValue
IsValidLocale
TlsSetValue
LoadLibraryExW
GetSystemDefaultUILanguage
EnumCalendarInfoW
LocalAlloc
GetCurrentThreadId
UnhandledExceptionFilter
VirtualQuery
CreateEventW
GetThreadLocale
Sleep
SetThreadLocale
version
GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW
user32
CallNextHookEx
CharUpperBuffW
CharNextW
CharLowerBuffW
SetWindowsHookExW
UnhookWindowsHookEx
LoadStringW
CharUpperW
GetSystemMetrics
MessageBoxW
oleaut32
SysAllocStringLen
SysFreeString
SysReAllocStringLen
netapi32
NetWkstaGetInfo
NetApiBufferFree
advapi32
RegQueryValueExW
RegCloseKey
RegOpenKeyExW
Exports
Exports
StartHook
StopHook
Sections
.text Size: 164KB - Virtual size: 164KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 19KB - Virtual size: 18KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.bss Size: - Virtual size: 41KB
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.didata Size: 1024B - Virtual size: 608B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.edata Size: 512B - Virtual size: 153B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rdata Size: 512B - Virtual size: 69B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 8KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.pdata Size: 9KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 5KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
packages/AAM/IPC/IPC.pima.zip
-
AdobeIPCBroker.exe.exe windows:6 windows x86 arch:x86
b78757e60c78fbd8d0549e7a1e0d29a1
Code Sign
0a:28:51:e5:f0:ff:db:46:e2:c9:cb:66:10:e6:51:2fCertificate
IssuerCN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=USNot Before26-10-2018 00:00Not After03-11-2021 12:00SubjectSERIALNUMBER=2748129,CN=Adobe Systems Incorporated,OU=Adobe Systems,O=Adobe Systems Incorporated,L=San Jose,ST=California,C=US,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553,2.5.4.15=#131450726976617465204f7267616e697a6174696f6eExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5cCertificate
IssuerCN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before18-04-2012 12:00Not After18-04-2027 12:00SubjectCN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12Certificate
IssuerCN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=USNot Before12-01-2016 00:00Not After11-01-2031 23:59SubjectCN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
54:58:f2:aa:d7:41:d6:44:bc:84:a9:7b:a0:96:52:e6Certificate
IssuerCN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=USNot Before02-01-2017 00:00Not After01-04-2028 23:59SubjectCN=Symantec SHA256 TimeStamping Signer - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
ac:7d:c4:d6:78:b5:cd:0d:da:54:a6:bd:90:ba:4d:9e:d0:98:05:62:5d:95:08:08:69:0a:ff:f1:ac:cd:d5:43Signer
Actual PE Digestac:7d:c4:d6:78:b5:cd:0d:da:54:a6:bd:90:ba:4d:9e:d0:98:05:62:5d:95:08:08:69:0a:ff:f1:ac:cd:d5:43Digest Algorithmsha256PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
AdobeIPCBroker.pdb
Imports
ws2_32
htonl
getsockopt
ioctlsocket
connect
closesocket
listen
getsockname
bind
WSAGetLastError
WSASetLastError
WSAStartup
getservbyname
getservbyport
gethostbyname
gethostbyaddr
socket
send
select
recv
ntohs
inet_ntoa
inet_addr
htons
__WSAFDIsSet
kernel32
GetModuleFileNameW
EnterCriticalSection
LeaveCriticalSection
GetLastError
DeleteCriticalSection
ReleaseSemaphore
WaitForSingleObject
CreateSemaphoreW
FindFirstFileW
FindNextFileW
InitializeCriticalSectionEx
FindClose
RaiseException
DecodePointer
ReleaseMutex
CreateMutexA
Sleep
GetCurrentThreadId
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetVersionExA
GetModuleHandleA
GetModuleFileNameA
GetSystemDirectoryA
CreateMutexW
FreeLibrary
CreateProcessW
GetProcAddress
CloseHandle
LoadLibraryA
MultiByteToWideChar
GetStdHandle
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
InitializeCriticalSection
GetThreadPriority
HeapSize
HeapFree
WriteConsoleW
GetProcessHeap
SetEnvironmentVariableA
GetOEMCP
IsValidCodePage
FindNextFileA
SwitchToThread
FreeEnvironmentStringsW
GetCommandLineW
GetEnvironmentVariableW
GetCurrentProcessId
ReadFile
WriteFile
ConnectNamedPipe
GetOverlappedResult
OpenProcess
QueryFullProcessImageNameW
GetNamedPipeServerProcessId
GetLocalTime
GetCurrentThread
GetTickCount
GetEnvironmentStringsW
SetStdHandle
SetEnvironmentVariableW
SetCurrentDirectoryW
GetCurrentDirectoryW
CreateFileW
FlushFileBuffers
GetFileAttributesExW
GetFileSizeEx
GetFullPathNameW
LockFileEx
SetEndOfFile
SetFilePointerEx
UnlockFile
GetTempPathW
DuplicateHandle
PeekNamedPipe
CreateNamedPipeW
SetEvent
ResetEvent
CreateEventW
GetCurrentProcess
SetThreadPriority
HeapReAlloc
VirtualAlloc
VirtualFree
GetModuleHandleExW
LoadLibraryExW
WaitForMultipleObjects
GetNamedPipeInfo
LocalAlloc
LocalReAlloc
LocalFree
FormatMessageW
LCMapStringW
SetFilePointer
RtlCaptureStackBackTrace
TerminateProcess
GlobalAlloc
GlobalFree
GetSystemTimeAsFileTime
WaitForSingleObjectEx
GetModuleHandleW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
InitializeSListHead
QueryPerformanceCounter
IsDebuggerPresent
GetStartupInfoW
WideCharToMultiByte
EncodePointer
SetLastError
InitializeCriticalSectionAndSpinCount
CompareStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
OutputDebugStringW
RtlUnwind
InterlockedPushEntrySList
GetDriveTypeW
GetFileType
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
CreateThread
ExitThread
FreeLibraryAndExitThread
GetTimeZoneInformation
ExitProcess
GetCommandLineA
GetACP
GetConsoleMode
ReadConsoleW
GetConsoleCP
GetFullPathNameA
HeapAlloc
FindFirstFileExA
user32
SetWindowLongW
RegisterClassW
CreateWindowExW
SetTimer
KillTimer
TranslateMessage
DispatchMessageW
PostMessageW
PostQuitMessage
DestroyWindow
MsgWaitForMultipleObjectsEx
GetWindowLongW
GetShellWindow
EnumWindows
GetWindowThreadProcessId
DefWindowProcW
PeekMessageW
advapi32
GetUserNameW
RegCloseKey
CreateProcessWithTokenW
LookupPrivilegeValueW
GetTokenInformation
FreeSid
EqualSid
DuplicateTokenEx
AllocateAndInitializeSid
AdjustTokenPrivileges
OpenProcessToken
RegOpenKeyExW
RegQueryValueExW
ole32
CoCreateInstance
CoSetProxyBlanket
CoInitializeSecurity
CoInitializeEx
OleRun
CoUninitialize
oleaut32
SysFreeString
SysAllocString
VariantInit
VariantClear
shell32
ShellExecuteExW
SHCreateDirectoryExW
CommandLineToArgvW
Sections
.text Size: 748KB - Virtual size: 747KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 197KB - Virtual size: 196KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 17KB - Virtual size: 33KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.gfids Size: 1024B - Virtual size: 596B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.tls Size: 512B - Virtual size: 9B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 46KB - Virtual size: 46KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 44KB - Virtual size: 44KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
customhook/AdobeIPCBrokerCustomHook.exe.exe windows:6 windows x86 arch:x86
85aa1a3ec9a324deb93be1db280c6b57
Code Sign
0a:28:51:e5:f0:ff:db:46:e2:c9:cb:66:10:e6:51:2fCertificate
IssuerCN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=USNot Before26-10-2018 00:00Not After03-11-2021 12:00SubjectSERIALNUMBER=2748129,CN=Adobe Systems Incorporated,OU=Adobe Systems,O=Adobe Systems Incorporated,L=San Jose,ST=California,C=US,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553,2.5.4.15=#131450726976617465204f7267616e697a6174696f6eExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5cCertificate
IssuerCN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before18-04-2012 12:00Not After18-04-2027 12:00SubjectCN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12Certificate
IssuerCN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=USNot Before12-01-2016 00:00Not After11-01-2031 23:59SubjectCN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
54:58:f2:aa:d7:41:d6:44:bc:84:a9:7b:a0:96:52:e6Certificate
IssuerCN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=USNot Before02-01-2017 00:00Not After01-04-2028 23:59SubjectCN=Symantec SHA256 TimeStamping Signer - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
45:89:c1:a8:6a:c2:59:11:0f:f3:d0:dd:de:2c:9f:61:14:dd:37:fb:38:82:82:1c:83:5d:79:6e:28:bc:74:54Signer
Actual PE Digest45:89:c1:a8:6a:c2:59:11:0f:f3:d0:dd:de:2c:9f:61:14:dd:37:fb:38:82:82:1c:83:5d:79:6e:28:bc:74:54Digest Algorithmsha256PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
AdobeIPCBrokerCustomHook.pdb
Imports
shlwapi
PathAppendW
kernel32
RaiseException
HeapSize
TerminateProcess
GetTempPathW
OpenProcess
CreateToolhelp32Snapshot
Sleep
Process32NextW
Process32FirstW
CloseHandle
CreateFileW
ReadConsoleW
WriteConsoleW
WideCharToMultiByte
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
EncodePointer
DecodePointer
MultiByteToWideChar
SetLastError
InitializeCriticalSectionAndSpinCount
CreateEventW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
GetModuleHandleW
GetProcAddress
CompareStringW
LCMapStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
SetEvent
ResetEvent
WaitForSingleObjectEx
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
InitializeSListHead
RtlUnwind
SetEndOfFile
GetLastError
FreeLibrary
LoadLibraryExW
HeapAlloc
HeapReAlloc
HeapFree
ExitProcess
GetModuleHandleExW
GetModuleFileNameA
GetStdHandle
WriteFile
GetCommandLineA
GetCommandLineW
GetACP
GetFileType
FlushFileBuffers
GetConsoleCP
GetConsoleMode
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
ReadFile
SetFilePointerEx
GetProcessHeap
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
SetStdHandle
user32
FindWindowExW
PostMessageW
Sections
.text Size: 118KB - Virtual size: 118KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 56KB - Virtual size: 55KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.gfids Size: 512B - Virtual size: 512B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.tls Size: 512B - Virtual size: 9B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
packages/AAM/IPC/IPC.pimx
-
packages/AAM/IPC/IPC.sig.xml
-
packages/ADC/Core/Core.pima.zip
-
AdobePIM.dll.dll windows:5 windows x86 arch:x86
bad4069efbb0fea858e33d102d409210
Code Sign
05:35:93:bf:71:f7:48:1b:9f:b7:6b:cb:4e:cc:f5:78Certificate
IssuerCN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=USNot Before19-12-2020 00:00Not After20-12-2022 23:59SubjectSERIALNUMBER=2748129,CN=Adobe Inc.,OU=AAM 256,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553Extended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5cCertificate
IssuerCN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before18-04-2012 12:00Not After18-04-2027 12:00SubjectCN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:ddCertificate
IssuerCN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before01-01-2021 00:00Not After06-01-2031 00:00SubjectCN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate
IssuerCN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before07-01-2016 12:00Not After07-01-2031 12:00SubjectCN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ec:cc:74:af:3f:ff:e1:cd:b7:59:c9:19:0e:52:ca:a8:49:7b:fe:33:5c:94:8a:f7:0d:ba:cb:7d:44:1f:28:93Signer
Actual PE Digestec:cc:74:af:3f:ff:e1:cd:b7:59:c9:19:0e:52:ca:a8:49:7b:fe:33:5c:94:8a:f7:0d:ba:cb:7d:44:1f:28:93Digest Algorithmsha256PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
D:\jenkins\CI\CCCore\build\x64\main\ccd-core\build\msvs_win32\Release\x86\sym\PIM\PIM\AdobePIM.pdb
Imports
kernel32
GetCurrentProcessId
CreateSemaphoreW
AreFileApisANSI
ReadFile
TryEnterCriticalSection
HeapCreate
HeapFree
EnterCriticalSection
GetFullPathNameW
WriteFile
GetDiskFreeSpaceW
OutputDebugStringA
LockFile
LeaveCriticalSection
InitializeCriticalSection
SetFilePointer
GetFullPathNameA
SetEndOfFile
UnlockFileEx
CreateFileW
GetFileAttributesW
GetCurrentThreadId
UnmapViewOfFile
HeapValidate
HeapSize
GetTempPathA
FormatMessageW
GetDiskFreeSpaceA
GetFileAttributesA
GetFileAttributesExW
OutputDebugStringW
FlushViewOfFile
CreateFileA
LoadLibraryA
WaitForSingleObjectEx
DeleteFileA
DeleteFileW
HeapReAlloc
GetSystemInfo
LoadLibraryW
HeapAlloc
HeapCompact
HeapDestroy
UnlockFile
GetProcAddress
LockFileEx
GetFileSize
GetProcessHeap
SystemTimeToFileTime
FreeLibrary
WideCharToMultiByte
GetSystemTimeAsFileTime
GetSystemTime
FormatMessageA
CreateFileMappingW
MapViewOfFile
QueryPerformanceCounter
GetTickCount
FlushFileBuffers
ReleaseSemaphore
MultiByteToWideChar
GetTempPathW
CreateDirectoryW
GetDateFormatW
GetTimeFormatW
GetLocalTime
GetCommandLineW
GetExitCodeProcess
lstrcmpW
lstrcmpiW
CopyFileW
CreateProcessW
LocalFree
ResetEvent
CreateThread
CloseHandle
OpenSemaphoreW
Process32FirstW
GetDiskFreeSpaceExW
ReleaseMutex
SetEvent
Process32NextW
Sleep
CreateEventW
CreateToolhelp32Snapshot
SetFileAttributesW
OpenProcess
GetVersionExW
LocalAlloc
WaitForSingleObject
FindClose
RemoveDirectoryW
TerminateProcess
FindNextFileW
FindFirstFileW
DeleteCriticalSection
DecodePointer
RaiseException
GetLastError
WriteConsoleW
SetStdHandle
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindFirstFileExW
GetConsoleCP
ReadConsoleW
GetConsoleMode
GetFileType
GetStdHandle
EnumSystemLocalesW
IsValidLocale
ExitProcess
GetTimeZoneInformation
GetModuleHandleExW
ExitThread
RtlUnwind
InterlockedFlushSList
InterlockedPushEntrySList
LoadLibraryExW
FreeLibraryAndExitThread
GetStartupInfoW
InitializeSListHead
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
QueryPerformanceFrequency
GetLocaleInfoW
CompareStringW
InitializeCriticalSectionEx
EncodePointer
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
CreateMutexW
InitializeCriticalSectionAndSpinCount
GetExitCodeThread
SwitchToThread
GetStringTypeW
GetCurrentProcess
GetFileSizeEx
lstrlenW
GetACP
SetFilePointerEx
GlobalFree
ResumeThread
TerminateThread
SetThreadPriority
GetCurrentThread
SizeofResource
GetModuleFileNameW
LockResource
LoadResource
FindResourceW
MoveFileExW
GlobalAlloc
VerSetConditionMask
GetModuleHandleW
VerifyVersionInfoW
SetLastError
DuplicateHandle
ProcessIdToSessionId
FindResourceExW
lstrcpyW
GetThreadTimes
QueryFullProcessImageNameW
GetUserDefaultLangID
GetUserDefaultLCID
LCMapStringW
FileTimeToSystemTime
OpenMutexW
VirtualFree
VirtualAlloc
GetUserDefaultUILanguage
user32
wsprintfW
GetWindowThreadProcessId
GetShellWindow
EnumWindows
advapi32
CryptAcquireContextW
OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueW
GetNamedSecurityInfoW
SetNamedSecurityInfoW
LookupAccountSidW
CreateWellKnownSid
EqualSid
GetTokenInformation
DuplicateTokenEx
GetUserNameW
ConvertSidToStringSidW
ImpersonateLoggedOnUser
ConvertStringSidToSidW
RevertToSelf
CryptReleaseContext
SetSecurityDescriptorDacl
RegCloseKey
RegDeleteKeyExW
AllocateAndInitializeSid
SetEntriesInAclW
RegCreateKeyExW
RegSetValueExW
FreeSid
InitializeSecurityDescriptor
RegOpenKeyExW
RegDeleteValueW
RegQueryValueExW
CryptGetHashParam
CryptDestroyHash
CryptHashData
CryptCreateHash
shell32
SHGetKnownFolderPath
ord680
SHGetFolderLocation
SHGetFolderPathW
SHGetPathFromIDListW
ShellExecuteExW
SHCreateDirectoryExW
SHCreateItemFromParsingName
SHGetSpecialFolderPathW
CommandLineToArgvW
ord51
ole32
OleRun
CLSIDFromProgID
StringFromGUID2
CoCreateGuid
CoInitializeSecurity
CoSetProxyBlanket
CoUninitialize
CoCreateInstance
CoInitializeEx
CoInitialize
CLSIDFromString
CoTaskMemFree
oleaut32
VariantInit
SysFreeString
SysAllocString
VariantClear
GetErrorInfo
VariantCopy
SysStringLen
VariantChangeType
msi
ord145
ord74
ord147
winhttp
WinHttpSendRequest
WinHttpSetCredentials
WinHttpConnect
WinHttpQueryDataAvailable
WinHttpReceiveResponse
WinHttpQueryHeaders
WinHttpOpenRequest
WinHttpOpen
WinHttpGetProxyForUrl
WinHttpQueryAuthSchemes
WinHttpGetIEProxyConfigForCurrentUser
WinHttpCloseHandle
WinHttpSetOption
WinHttpReadData
WinHttpSetTimeouts
version
GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW
psapi
GetProcessImageFileNameW
GetModuleFileNameExW
EnumProcessModules
wtsapi32
WTSEnumerateSessionsW
WTSFreeMemory
shlwapi
PathFileExistsW
PathIsDirectoryW
PathRenameExtensionW
PathAppendW
PathRemoveBackslashW
PathStripPathW
PathAppendA
PathFindFileNameW
PathRemoveFileSpecW
PathFileExistsA
PathIsRootW
PathIsSystemFolderW
PathIsDirectoryEmptyW
PathIsDirectoryA
PathRemoveFileSpecA
PathRemoveExtensionW
PathAddExtensionW
PathIsFileSpecW
crypt32
CertGetNameStringW
wintrust
WinVerifyTrust
WTHelperGetProvSignerFromChain
WTHelperProvDataFromStateData
WTHelperGetProvCertFromChain
bcrypt
BCryptOpenAlgorithmProvider
BCryptFinishHash
BCryptDestroyHash
BCryptCloseAlgorithmProvider
BCryptCreateHash
BCryptHashData
Exports
Exports
AAMIU_Uninstall
AAMIU_getDeploymentValidationStatus
AAMIU_preInstallPropertySet
pim_createLibraryRef
pim_freeLibraryRef
pim_freeLiraryRef
pim_freeString
pim_getAppletAndPackageInfo
pim_getAppletRegistrationInfo
pim_getAppletRelationshipInfo
pim_getCurrentCCVersion
pim_getCurrentPackagesVersion
pim_getInstallStatus
pim_getInstalledPackagesInfo
pim_launchACCCUninstallerExecutableAsAdmin
pim_selfUpdateCheck
pim_selfUpdateCheckWithData
pim_selfUpdateCheckWithDataV2
pim_startWorkflow
pim_startWorkflowWithData
pim_syncFromPathToACF
pim_syncFromPathToPath
pim_syncUSFToACF
pim_uninstallAAMFromAAMCleanerTool
pim_uninstallAAMUsingAAMCleanerTool
pim_uninstallACCC64FromACCCCleanerTool
pim_uninstallACCCFromACCCCleanerTool
pim_uninstallADC64UsingADCCleanerTool
pim_uninstallADCUsingADCCleanerTool
Sections
.text Size: 1.6MB - Virtual size: 1.6MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 366KB - Virtual size: 366KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 21KB - Virtual size: 29KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 72KB - Virtual size: 71KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
Core.dll.dll windows:5 windows x86 arch:x86
04e432f5160fb7636a27371c9f8ba2fe
Code Sign
05:35:93:bf:71:f7:48:1b:9f:b7:6b:cb:4e:cc:f5:78Certificate
IssuerCN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=USNot Before19-12-2020 00:00Not After20-12-2022 23:59SubjectSERIALNUMBER=2748129,CN=Adobe Inc.,OU=AAM 256,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553Extended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5cCertificate
IssuerCN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before18-04-2012 12:00Not After18-04-2027 12:00SubjectCN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:ddCertificate
IssuerCN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before01-01-2021 00:00Not After06-01-2031 00:00SubjectCN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate
IssuerCN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before07-01-2016 12:00Not After07-01-2031 12:00SubjectCN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
27:c3:9d:9f:07:59:71:d1:b9:c5:41:17:3d:c5:40:f8:18:55:ab:a4:a0:14:17:ad:29:f9:06:ff:60:3f:a6:e3Signer
Actual PE Digest27:c3:9d:9f:07:59:71:d1:b9:c5:41:17:3d:c5:40:f8:18:55:ab:a4:a0:14:17:ad:29:f9:06:ff:60:3f:a6:e3Digest Algorithmsha256PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
D:\jenkins\CI\CCCore\build\x64\main\ccd-core\build\msvs_win32\Release\x86\sym\Core\Core\Core.pdb
Imports
kernel32
WaitNamedPipeW
ConnectNamedPipe
Sleep
DisconnectNamedPipe
CreateFileW
CreateNamedPipeW
WriteFile
ReadFile
DeleteCriticalSection
GetThreadId
DecodePointer
CreateThread
RaiseException
CloseHandle
GetLastError
GetCurrentThreadId
WaitForSingleObject
InitializeCriticalSectionEx
WriteConsoleW
SetEndOfFile
SetStdHandle
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
SetFilePointerEx
GetConsoleCP
ReadConsoleW
GetConsoleMode
GetFileType
GetStdHandle
EnumSystemLocalesW
IsValidLocale
ExitProcess
GetTimeZoneInformation
GetModuleHandleExW
ExitThread
RtlUnwind
UnregisterWaitEx
QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
LoadLibraryW
GetProcAddress
FreeLibrary
FindFirstFileW
FindNextFileW
GetModuleFileNameW
GetTempPathW
FindClose
GetFileAttributesW
SetFileAttributesW
DeleteFileW
LocalFree
MoveFileExW
lstrcmpW
FlushFileBuffers
ReleaseSemaphore
CreateMutexW
ReleaseMutex
MultiByteToWideChar
WideCharToMultiByte
SetFilePointer
HeapFree
SetLastError
GetCurrentProcess
TerminateProcess
DuplicateHandle
OpenProcess
HeapSize
CreateToolhelp32Snapshot
CreateEventW
Process32NextW
SetEvent
TerminateThread
Process32FirstW
HeapReAlloc
ResetEvent
HeapAlloc
GetCurrentProcessId
GetProcessHeap
CreateProcessW
GetModuleHandleW
lstrcpyW
GetThreadTimes
QueryFullProcessImageNameW
GetVersionExW
VerSetConditionMask
VerifyVersionInfoW
GetUserDefaultLCID
LCMapStringW
GetFileSizeEx
FileTimeToSystemTime
GetLocalTime
GetTimeFormatW
SystemTimeToFileTime
GetDateFormatW
OpenMutexW
GetUserDefaultLangID
GetUserDefaultUILanguage
TryEnterCriticalSection
WaitForSingleObjectEx
SwitchToThread
GetExitCodeThread
GetStringTypeW
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
EncodePointer
CompareStringW
GetLocaleInfoW
GetCPInfo
IsDebuggerPresent
OutputDebugStringW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
GetStartupInfoW
InitializeSListHead
CreateTimerQueue
SignalObjectAndWait
SetThreadPriority
GetThreadPriority
GetLogicalProcessorInformation
CreateTimerQueueTimer
ChangeTimerQueueTimer
DeleteTimerQueueTimer
GetNumaHighestNodeNumber
GetProcessAffinityMask
SetThreadAffinityMask
RegisterWaitForSingleObject
UnregisterWait
GetCurrentThread
FreeLibraryAndExitThread
GetModuleHandleA
LoadLibraryExW
VirtualAlloc
VirtualProtect
VirtualFree
user32
LoadCursorW
SetCursor
GetMessageW
CreateDialogParamW
PostMessageW
SendMessageW
ShowWindow
DispatchMessageW
TranslateMessage
PostThreadMessageW
advapi32
AdjustTokenPrivileges
GetTokenInformation
GetUserNameW
ConvertSidToStringSidW
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
LookupPrivilegeValueW
LookupAccountSidW
OpenProcessToken
shell32
SHCreateDirectoryExW
ShellExecuteW
SHGetSpecialFolderPathW
ord51
ole32
CoUninitialize
StringFromGUID2
CoInitialize
CoCreateGuid
CoCreateInstance
wtsapi32
WTSUnRegisterSessionNotification
WTSRegisterSessionNotification
version
GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW
shlwapi
PathIsDirectoryW
PathRemoveExtensionW
PathAddExtensionW
PathAppendW
PathFileExistsW
PathRemoveFileSpecW
PathRenameExtensionW
oleaut32
VariantClear
Exports
Exports
finalize
initialize
processMessage
Sections
.text Size: 606KB - Virtual size: 605KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 161KB - Virtual size: 160KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 9KB - Virtual size: 13KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 30KB - Virtual size: 30KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
packages/ADC/Core/Core.pimx
-
packages/ADC/Core/Core.sig.xml
-
packages/ApplicationInfo.xml.xml
-
resources/AdobePIM.dll.dll windows:5 windows x86 arch:x86
bad4069efbb0fea858e33d102d409210
Code Sign
05:35:93:bf:71:f7:48:1b:9f:b7:6b:cb:4e:cc:f5:78Certificate
IssuerCN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=USNot Before19-12-2020 00:00Not After20-12-2022 23:59SubjectSERIALNUMBER=2748129,CN=Adobe Inc.,OU=AAM 256,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553Extended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5cCertificate
IssuerCN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before18-04-2012 12:00Not After18-04-2027 12:00SubjectCN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:ddCertificate
IssuerCN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before01-01-2021 00:00Not After06-01-2031 00:00SubjectCN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate
IssuerCN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before07-01-2016 12:00Not After07-01-2031 12:00SubjectCN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ec:cc:74:af:3f:ff:e1:cd:b7:59:c9:19:0e:52:ca:a8:49:7b:fe:33:5c:94:8a:f7:0d:ba:cb:7d:44:1f:28:93Signer
Actual PE Digestec:cc:74:af:3f:ff:e1:cd:b7:59:c9:19:0e:52:ca:a8:49:7b:fe:33:5c:94:8a:f7:0d:ba:cb:7d:44:1f:28:93Digest Algorithmsha256PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
D:\jenkins\CI\CCCore\build\x64\main\ccd-core\build\msvs_win32\Release\x86\sym\PIM\PIM\AdobePIM.pdb
Imports
kernel32
GetCurrentProcessId
CreateSemaphoreW
AreFileApisANSI
ReadFile
TryEnterCriticalSection
HeapCreate
HeapFree
EnterCriticalSection
GetFullPathNameW
WriteFile
GetDiskFreeSpaceW
OutputDebugStringA
LockFile
LeaveCriticalSection
InitializeCriticalSection
SetFilePointer
GetFullPathNameA
SetEndOfFile
UnlockFileEx
CreateFileW
GetFileAttributesW
GetCurrentThreadId
UnmapViewOfFile
HeapValidate
HeapSize
GetTempPathA
FormatMessageW
GetDiskFreeSpaceA
GetFileAttributesA
GetFileAttributesExW
OutputDebugStringW
FlushViewOfFile
CreateFileA
LoadLibraryA
WaitForSingleObjectEx
DeleteFileA
DeleteFileW
HeapReAlloc
GetSystemInfo
LoadLibraryW
HeapAlloc
HeapCompact
HeapDestroy
UnlockFile
GetProcAddress
LockFileEx
GetFileSize
GetProcessHeap
SystemTimeToFileTime
FreeLibrary
WideCharToMultiByte
GetSystemTimeAsFileTime
GetSystemTime
FormatMessageA
CreateFileMappingW
MapViewOfFile
QueryPerformanceCounter
GetTickCount
FlushFileBuffers
ReleaseSemaphore
MultiByteToWideChar
GetTempPathW
CreateDirectoryW
GetDateFormatW
GetTimeFormatW
GetLocalTime
GetCommandLineW
GetExitCodeProcess
lstrcmpW
lstrcmpiW
CopyFileW
CreateProcessW
LocalFree
ResetEvent
CreateThread
CloseHandle
OpenSemaphoreW
Process32FirstW
GetDiskFreeSpaceExW
ReleaseMutex
SetEvent
Process32NextW
Sleep
CreateEventW
CreateToolhelp32Snapshot
SetFileAttributesW
OpenProcess
GetVersionExW
LocalAlloc
WaitForSingleObject
FindClose
RemoveDirectoryW
TerminateProcess
FindNextFileW
FindFirstFileW
DeleteCriticalSection
DecodePointer
RaiseException
GetLastError
WriteConsoleW
SetStdHandle
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindFirstFileExW
GetConsoleCP
ReadConsoleW
GetConsoleMode
GetFileType
GetStdHandle
EnumSystemLocalesW
IsValidLocale
ExitProcess
GetTimeZoneInformation
GetModuleHandleExW
ExitThread
RtlUnwind
InterlockedFlushSList
InterlockedPushEntrySList
LoadLibraryExW
FreeLibraryAndExitThread
GetStartupInfoW
InitializeSListHead
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
QueryPerformanceFrequency
GetLocaleInfoW
CompareStringW
InitializeCriticalSectionEx
EncodePointer
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
CreateMutexW
InitializeCriticalSectionAndSpinCount
GetExitCodeThread
SwitchToThread
GetStringTypeW
GetCurrentProcess
GetFileSizeEx
lstrlenW
GetACP
SetFilePointerEx
GlobalFree
ResumeThread
TerminateThread
SetThreadPriority
GetCurrentThread
SizeofResource
GetModuleFileNameW
LockResource
LoadResource
FindResourceW
MoveFileExW
GlobalAlloc
VerSetConditionMask
GetModuleHandleW
VerifyVersionInfoW
SetLastError
DuplicateHandle
ProcessIdToSessionId
FindResourceExW
lstrcpyW
GetThreadTimes
QueryFullProcessImageNameW
GetUserDefaultLangID
GetUserDefaultLCID
LCMapStringW
FileTimeToSystemTime
OpenMutexW
VirtualFree
VirtualAlloc
GetUserDefaultUILanguage
user32
wsprintfW
GetWindowThreadProcessId
GetShellWindow
EnumWindows
advapi32
CryptAcquireContextW
OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueW
GetNamedSecurityInfoW
SetNamedSecurityInfoW
LookupAccountSidW
CreateWellKnownSid
EqualSid
GetTokenInformation
DuplicateTokenEx
GetUserNameW
ConvertSidToStringSidW
ImpersonateLoggedOnUser
ConvertStringSidToSidW
RevertToSelf
CryptReleaseContext
SetSecurityDescriptorDacl
RegCloseKey
RegDeleteKeyExW
AllocateAndInitializeSid
SetEntriesInAclW
RegCreateKeyExW
RegSetValueExW
FreeSid
InitializeSecurityDescriptor
RegOpenKeyExW
RegDeleteValueW
RegQueryValueExW
CryptGetHashParam
CryptDestroyHash
CryptHashData
CryptCreateHash
shell32
SHGetKnownFolderPath
ord680
SHGetFolderLocation
SHGetFolderPathW
SHGetPathFromIDListW
ShellExecuteExW
SHCreateDirectoryExW
SHCreateItemFromParsingName
SHGetSpecialFolderPathW
CommandLineToArgvW
ord51
ole32
OleRun
CLSIDFromProgID
StringFromGUID2
CoCreateGuid
CoInitializeSecurity
CoSetProxyBlanket
CoUninitialize
CoCreateInstance
CoInitializeEx
CoInitialize
CLSIDFromString
CoTaskMemFree
oleaut32
VariantInit
SysFreeString
SysAllocString
VariantClear
GetErrorInfo
VariantCopy
SysStringLen
VariantChangeType
msi
ord145
ord74
ord147
winhttp
WinHttpSendRequest
WinHttpSetCredentials
WinHttpConnect
WinHttpQueryDataAvailable
WinHttpReceiveResponse
WinHttpQueryHeaders
WinHttpOpenRequest
WinHttpOpen
WinHttpGetProxyForUrl
WinHttpQueryAuthSchemes
WinHttpGetIEProxyConfigForCurrentUser
WinHttpCloseHandle
WinHttpSetOption
WinHttpReadData
WinHttpSetTimeouts
version
GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW
psapi
GetProcessImageFileNameW
GetModuleFileNameExW
EnumProcessModules
wtsapi32
WTSEnumerateSessionsW
WTSFreeMemory
shlwapi
PathFileExistsW
PathIsDirectoryW
PathRenameExtensionW
PathAppendW
PathRemoveBackslashW
PathStripPathW
PathAppendA
PathFindFileNameW
PathRemoveFileSpecW
PathFileExistsA
PathIsRootW
PathIsSystemFolderW
PathIsDirectoryEmptyW
PathIsDirectoryA
PathRemoveFileSpecA
PathRemoveExtensionW
PathAddExtensionW
PathIsFileSpecW
crypt32
CertGetNameStringW
wintrust
WinVerifyTrust
WTHelperGetProvSignerFromChain
WTHelperProvDataFromStateData
WTHelperGetProvCertFromChain
bcrypt
BCryptOpenAlgorithmProvider
BCryptFinishHash
BCryptDestroyHash
BCryptCloseAlgorithmProvider
BCryptCreateHash
BCryptHashData
Exports
Exports
AAMIU_Uninstall
AAMIU_getDeploymentValidationStatus
AAMIU_preInstallPropertySet
pim_createLibraryRef
pim_freeLibraryRef
pim_freeLiraryRef
pim_freeString
pim_getAppletAndPackageInfo
pim_getAppletRegistrationInfo
pim_getAppletRelationshipInfo
pim_getCurrentCCVersion
pim_getCurrentPackagesVersion
pim_getInstallStatus
pim_getInstalledPackagesInfo
pim_launchACCCUninstallerExecutableAsAdmin
pim_selfUpdateCheck
pim_selfUpdateCheckWithData
pim_selfUpdateCheckWithDataV2
pim_startWorkflow
pim_startWorkflowWithData
pim_syncFromPathToACF
pim_syncFromPathToPath
pim_syncUSFToACF
pim_uninstallAAMFromAAMCleanerTool
pim_uninstallAAMUsingAAMCleanerTool
pim_uninstallACCC64FromACCCCleanerTool
pim_uninstallACCCFromACCCCleanerTool
pim_uninstallADC64UsingADCCleanerTool
pim_uninstallADCUsingADCCleanerTool
Sections
.text Size: 1.6MB - Virtual size: 1.6MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 366KB - Virtual size: 366KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 21KB - Virtual size: 29KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 72KB - Virtual size: 71KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
resources/Config.xml.xml
-
resources/content/images/appIcon.png.png
-
resources/content/images/appIcon2x.png.png