C:\Users\TonySoprano\Pictures\Launchers\testmylow\launcher2files\obj\Release\Out\Installer_sharp.pdb
Overview
overview
10Static
static
10Panel.zip
windows7-x64
8Panel.zip
windows10-2004-x64
1Panel.exe
windows7-x64
8Panel.exe
windows10-2004-x64
8WindowsManager.dll
windows7-x64
1WindowsManager.dll
windows10-2004-x64
1assets/Tap...er.dll
windows7-x64
1assets/Tap...er.dll
windows10-2004-x64
1assets/WSe...in.dll
windows10-2004-x64
7assets/Wpc...el.dll
windows10-2004-x64
1assets/WsUpgrade.dll
windows10-2004-x64
7library/AR...et.dll
windows7-x64
1library/AR...et.dll
windows10-2004-x64
1library/Autofac.dll
windows7-x64
1library/Autofac.dll
windows10-2004-x64
1library/Ga...rm.dll
windows7-x64
1library/Ga...rm.dll
windows10-2004-x64
1library/Ga...ht.dll
windows7-x64
1library/Ga...ht.dll
windows10-2004-x64
1settings.ini
windows7-x64
1settings.ini
windows10-2004-x64
1Behavioral task
behavioral1
Sample
Panel.zip
Resource
win7-20240903-en
windows7-x64
12 signatures
150 seconds
Behavioral task
behavioral2
Sample
Panel.zip
Resource
win10v2004-20241007-en
windows10-2004-x64
2 signatures
150 seconds
Behavioral task
behavioral3
Sample
Panel.exe
Resource
win7-20240903-en
windows7-x64
10 signatures
150 seconds
Behavioral task
behavioral4
Sample
Panel.exe
Resource
win10v2004-20241007-en
windows10-2004-x64
10 signatures
150 seconds
Behavioral task
behavioral5
Sample
WindowsManager.dll
Resource
win7-20240903-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral6
Sample
WindowsManager.dll
Resource
win10v2004-20241007-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral7
Sample
assets/TapInstaller.dll
Resource
win7-20241010-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral8
Sample
assets/TapInstaller.dll
Resource
win10v2004-20241007-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral9
Sample
assets/WSearchMigPlugin.dll
Resource
win10v2004-20241007-en
windows10-2004-x64
2 signatures
150 seconds
Behavioral task
behavioral10
Sample
assets/WpcMigration.Uplevel.dll
Resource
win10v2004-20241007-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral11
Sample
assets/WsUpgrade.dll
Resource
win10v2004-20241007-en
windows10-2004-x64
2 signatures
150 seconds
Behavioral task
behavioral12
Sample
library/ARSoft.Tools.Net.dll
Resource
win7-20241010-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral13
Sample
library/ARSoft.Tools.Net.dll
Resource
win10v2004-20241007-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral14
Sample
library/Autofac.dll
Resource
win7-20240729-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral15
Sample
library/Autofac.dll
Resource
win10v2004-20241007-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral16
Sample
library/GalaSoft.MvvmLight.Platform.dll
Resource
win7-20240903-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral17
Sample
library/GalaSoft.MvvmLight.Platform.dll
Resource
win10v2004-20241007-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral18
Sample
library/GalaSoft.MvvmLight.dll
Resource
win7-20241023-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral19
Sample
library/GalaSoft.MvvmLight.dll
Resource
win10v2004-20241007-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral20
Sample
settings.ini
Resource
win7-20240903-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral21
Sample
settings.ini
Resource
win10v2004-20241007-en
windows10-2004-x64
1 signatures
150 seconds
General
-
Target
Panel.zip
-
Size
962KB
-
MD5
410febcceab220a2389bcfb8e525d2bc
-
SHA1
8d84ee01573155d35267cf32f043a4b1790219fa
-
SHA256
52451b93d5e879140e221207a60b84bf368f86c3f66db41ea9d8650c21329c05
-
SHA512
b61c97df1a951240a959400f565941616b717014562030959e2588876e3322c8c5ea67b93c5f0b8ffba77e9a401595443180d24e778d89f7dc5474c1eefa2df2
-
SSDEEP
24576:04fk6kt+MwuhEdKJ1eqKtwIhKDPn90PLycV:/8D+7uSdKWFtfS0PLycV
Malware Config
Extracted
Family
lumma
C2
https://servicedny.site/api
https://authorisev.site/api
https://faulteyotk.site/api
https://dilemmadu.site/api
https://contemteny.site/api
https://goalyfeastz.site/api
https://opposezmny.site/api
https://seallysl.site/api
https://forbidstow.site/api
Signatures
-
Lumma family
-
Unsigned PE 3 IoCs
Checks for missing Authenticode signature.
resource unpack001/Panel.exe unpack001/assets/WpcMigration.Uplevel.dll unpack001/assets/WsUpgrade.dll
Files
-
Panel.zip.zip
-
Panel.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
mscoree
_CorExeMain
Sections
.text Size: 71.0MB - Virtual size: 71.0MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 133KB - Virtual size: 133KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
WindowsManager.dll
-
assets/TapInstaller.dll.dll windows:4 windows x86 arch:x86
dae02f32a21e03ce65412f6e56942daa
Code Sign
01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6aCertificate
IssuerCN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BENot Before19-09-2018 00:00Not After28-01-2028 12:00SubjectCN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSignKey Usages
KeyUsageCertSign
KeyUsageCRLSign
48:1b:6a:07:a9:42:4c:1e:aa:fe:f3:cd:f1:0fCertificate
IssuerCN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSignNot Before15-06-2016 00:00Not After15-06-2024 00:00SubjectCN=GlobalSign Extended Validation CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BEExtended Key Usages
ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
23:f4:b4:91:12:3a:c4:cd:bd:68:04:2dCertificate
IssuerCN=GlobalSign Extended Validation CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BENot Before29-10-2020 09:57Not After30-10-2023 09:57SubjectSERIALNUMBER=CHE-354.686.492,CN=Proton Technologies AG,O=Proton Technologies AG,STREET=Route de la Galaise 32,L=Plan-les-Ouates,ST=Geneva,C=CH,1.2.840.113549.1.9.1=#0c0f61646d696e4070726f746f6e2e6d65,1.3.6.1.4.1.311.60.2.1.2=#130647656e657661,1.3.6.1.4.1.311.60.2.1.3=#13024348,2.5.4.15=#131450726976617465204f7267616e697a6174696f6eExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
01:b2:8b:d4:cf:ee:ee:0d:be:d0:b3:0d:9b:f8:43:6aCertificate
IssuerCN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BENot Before06-04-2022 07:45Not After08-05-2033 07:45SubjectCN=Globalsign TSA for CodeSign1 - R6,O=GlobalSign nv-sa,C=BEExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74Certificate
IssuerCN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSignNot Before20-06-2018 00:00Not After10-12-2034 00:00SubjectCN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BEKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
45:e6:bb:03:83:33:c3:85:65:48:e6:ff:45:51Certificate
IssuerCN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSignNot Before10-12-2014 00:00Not After10-12-2034 00:00SubjectCN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSignKey Usages
KeyUsageCertSign
KeyUsageCRLSign
a9:f6:fa:0f:84:66:3f:c3:46:a8:aa:20:53:ad:a6:cf:96:f8:74:2e:97:2d:f5:07:3c:4b:9f:c1:e0:f0:63:7bSigner
Actual PE Digesta9:f6:fa:0f:84:66:3f:c3:46:a8:aa:20:53:ad:a6:cf:96:f8:74:2e:97:2d:f5:07:3c:4b:9f:c1:e0:f0:63:7bDigest Algorithmsha256PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
C:\Gitlab-Runner\builds\uWGXS1dc\0\ProtonVPN\Windows\win-app\src\ProtonVPN.TapInstaller\obj\x86\Release\TapInstaller.pdb
Imports
mscoree
_CorDllMain
Sections
.text Size: 13KB - Virtual size: 13KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 880B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
assets/WSearchMigPlugin.dll.dll regsvr32 windows:10 windows x64 arch:x64
21438ba29a45a5e6f86523b4d07c6854
Code Sign
33:00:00:04:5f:f3:c9:6c:1a:7f:f7:da:1d:00:00:00:00:04:5fCertificate
IssuerCN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before16-11-2023 19:20Not After14-11-2024 19:20SubjectCN=Microsoft Windows,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USExtended Key Usages
ExtKeyUsageCodeSigning
61:07:76:56:00:00:00:00:00:08Certificate
IssuerCN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before19-10-2011 18:41Not After19-10-2026 18:51SubjectCN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
33:58:a2:0e:21:5b:64:12:e1:80:3f:99:db:b4:25:d5:eb:33:b1:2c:e7:e3:32:24:40:5b:06:f6:05:3e:48:58Signer
Actual PE Digest33:58:a2:0e:21:5b:64:12:e1:80:3f:99:db:b4:25:d5:eb:33:b1:2c:e7:e3:32:24:40:5b:06:f6:05:3e:48:58Digest Algorithmsha256PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP
IMAGE_FILE_NET_RUN_FROM_SWAP
IMAGE_FILE_DLL
PDB Paths
WSearchMigPlugin.pdb
Imports
msvcrt
_CxxThrowException
?what@exception@@UEBAPEBDXZ
??0exception@@QEAA@AEBQEBDH@Z
?terminate@@YAXXZ
??0exception@@QEAA@AEBQEBD@Z
_lock
_callnewh
_wcsicmp
_wcsnicmp
memmove_s
malloc
memmove
_XcptFilter
_unlock
_amsg_exit
_onexit
??1type_info@@UEAA@XZ
_errno
realloc
wcsncpy_s
wcscat_s
free
wcscpy_s
_purecall
__C_specific_handler
_vsnprintf_s
??0exception@@QEAA@AEBV0@@Z
??0exception@@QEAA@XZ
??1exception@@UEAA@XZ
memcpy_s
_vsnwprintf
??_V@YAXPEAX@Z
memcmp
__CxxFrameHandler3
memcpy
__dllonexit
??3@YAXPEAX@Z
_initterm
memset
kernel32
HeapDestroy
HeapReAlloc
HeapSize
GetSystemDefaultLCID
GetSystemPreferredUILanguages
VerSetConditionMask
VerifyVersionInfoW
LocalFree
RtlCaptureContext
Sleep
GetTickCount64
GetModuleFileNameA
CreateSemaphoreExW
HeapFree
RtlLookupFunctionEntry
ReleaseSemaphore
GetModuleHandleExW
WaitForSingleObject
GetCurrentThreadId
ReleaseMutex
LockResource
GetLastError
OutputDebugStringW
WaitForSingleObjectEx
OpenSemaphoreW
CloseHandle
HeapAlloc
RtlVirtualUnwind
GetProcAddress
CreateMutexExW
GetCurrentProcessId
GetProcessHeap
GetModuleHandleW
DebugBreak
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitOnceBeginInitialize
InitOnceComplete
FreeLibrary
GetCurrentProcess
GetThreadLocale
SetThreadLocale
DeleteCriticalSection
RaiseException
TerminateProcess
QueryPerformanceCounter
CreateEventW
GetSystemTimeAsFileTime
GetModuleFileNameW
LoadLibraryExW
GetTickCount
OutputDebugStringA
SizeofResource
LoadResource
LocaleNameToLCID
SetLastError
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
lstrcmpiW
FindResourceExW
FormatMessageW
oleaut32
SysStringLen
RegisterTypeLi
SysAllocStringByteLen
VarUI4FromStr
GetErrorInfo
LoadTypeLi
SysAllocString
UnRegisterTypeLi
SysFreeString
LoadRegTypeLi
advapi32
RegSetValueExW
RegCreateKeyExW
RegOpenKeyExW
RegQueryInfoKeyW
RegCloseKey
RegQueryValueExW
EnumDependentServicesW
OpenServiceW
EventRegister
EventWriteTransfer
EventUnregister
ControlService
RegEnumKeyExW
QueryServiceStatus
CloseServiceHandle
OpenSCManagerW
QueryServiceConfigW
StartServiceW
RegGetValueW
RegDeleteValueW
user32
CharNextW
ole32
StringFromGUID2
CoTaskMemFree
CoCreateInstance
StringFromCLSID
shell32
SHGetFileInfoW
shlwapi
SHSetValueW
SHDeleteValueW
Exports
Exports
DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer
Sections
.text Size: 65KB - Virtual size: 65KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 46KB - Virtual size: 46KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 5KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
assets/WpcMigration.Uplevel.dll.dll windows:10 windows x64 arch:x64
bfbca9b8d50e954bd17d06c0d4c4155a
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
WpcMigration.Uplevel.pdb
Imports
msvcp_win
?id@?$collate@G@std@@2V0locale@2@A
??0_Locinfo@std@@QEAA@PEBD@Z
??1_Lockit@std@@QEAA@XZ
??1_Locinfo@std@@QEAA@XZ
?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ
?is@?$ctype@G@std@@QEBA_NFG@Z
?_Getcat@?$ctype@G@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Incref@facet@locale@std@@UEAAXXZ
_Wcscoll
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
??0facet@locale@std@@IEAA@_K@Z
?_Xout_of_range@std@@YAXPEBD@Z
?_Xbad_function_call@std@@YAXXZ
??Bid@locale@std@@QEAA_KXZ
?_Getcoll@_Locinfo@std@@QEBA?AU_Collvec@@XZ
?_Xregex_error@std@@YAXW4error_type@regex_constants@1@@Z
?tolower@?$ctype@G@std@@QEBAGG@Z
?id@?$ctype@G@std@@2V0locale@2@A
?_Xbad_alloc@std@@YAXXZ
?tolower@?$ctype@G@std@@QEBAPEBGPEAGPEBG@Z
??1facet@locale@std@@MEAA@XZ
?_Init@locale@std@@CAPEAV_Locimp@12@_N@Z
_Wcsxfrm
??0_Lockit@std@@QEAA@H@Z
?_Xlength_error@std@@YAXPEBD@Z
api-ms-win-crt-runtime-l1-1-0
_initterm_e
_initterm
api-ms-win-crt-private-l1-1-0
_o__i64tow_s
_o__initialize_narrow_environment
_o__initialize_onexit_table
_o__invalid_parameter_noinfo
_o__invalid_parameter_noinfo_noreturn
_o__itoa_s
_o__purecall
_o__register_onexit_function
_o__seh_filter_dll
_o__ui64tow_s
memmove
_o__wcstoui64
_o_free
_o_malloc
_o_realloc
_o_towlower
__C_specific_handler
_CxxThrowException
_o__execute_onexit_table
_o__errno
_o__crt_atexit
_o__configure_narrow_argv
_o__cexit
_o__callnewh
strchr
wcschr
__std_type_info_compare
_o___stdio_common_vswprintf
_o___stdio_common_vsnwprintf_s
_o___stdio_common_vsnprintf_s
_o___std_type_info_name
_o___std_type_info_destroy_list
_o___std_exception_destroy
_o___std_exception_copy
__std_terminate
__CxxFrameHandler4
memcpy
api-ms-win-crt-string-l1-1-0
memset
api-ms-win-eventing-classicprovider-l1-1-0
GetTraceEnableLevel
TraceMessage
GetTraceEnableFlags
RegisterTraceGuidsW
UnregisterTraceGuids
GetTraceLoggerHandle
api-ms-win-core-errorhandling-l1-1-0
GetLastError
SetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter
api-ms-win-core-heap-l2-1-0
LocalFree
api-ms-win-core-rtlsupport-l1-1-0
RtlLookupFunctionEntry
RtlVirtualUnwind
RtlCaptureContext
api-ms-win-core-debug-l1-1-0
OutputDebugStringW
IsDebuggerPresent
DebugBreak
api-ms-win-core-processthreads-l1-1-0
TlsGetValue
GetCurrentThreadId
GetCurrentProcessId
TerminateProcess
GetCurrentProcess
TlsAlloc
TlsFree
TlsSetValue
QueueUserAPC
OpenThread
api-ms-win-core-processthreads-l1-1-1
IsProcessorFeaturePresent
api-ms-win-core-profile-l1-1-0
QueryPerformanceCounter
api-ms-win-core-sysinfo-l1-1-0
GetSystemTimeAsFileTime
GetTickCount
api-ms-win-core-interlocked-l1-1-0
InitializeSListHead
api-ms-win-core-libraryloader-l1-2-0
GetModuleHandleW
GetModuleHandleExW
GetProcAddress
GetModuleFileNameA
samcli
NetUserSetInfo
api-ms-win-core-registry-l1-1-0
RegEnumValueW
RegGetValueW
RegDeleteTreeW
RegDeleteValueW
RegCloseKey
RegOpenKeyExW
RegCreateKeyExW
RegSetValueExW
RegQueryValueExW
RegEnumKeyExW
api-ms-win-core-com-l1-1-0
CoCreateInstance
CoTaskMemFree
CLSIDFromString
StringFromCLSID
advapi32
SaferSetLevelInformation
SaferiChangeRegistryScope
SaferSetPolicyInformation
SaferCreateLevel
SaferCloseLevel
kernel32
PackageFamilyNameFromFullName
ole32
OleRun
api-ms-win-core-localization-l1-2-0
FormatMessageW
api-ms-win-core-heap-l1-1-0
GetProcessHeap
HeapAlloc
HeapFree
api-ms-win-core-handle-l1-1-0
CloseHandle
api-ms-win-core-synch-l1-1-0
CreateMutexExW
ReleaseSemaphore
ReleaseMutex
WaitForSingleObjectEx
WaitForSingleObject
OpenSemaphoreW
EnterCriticalSection
CreateSemaphoreExW
InitializeCriticalSection
DeleteCriticalSection
ReleaseSRWLockExclusive
LeaveCriticalSection
AcquireSRWLockExclusive
ReleaseSRWLockShared
InitializeSRWLock
AcquireSRWLockShared
api-ms-win-core-synch-l1-2-0
Sleep
WakeAllConditionVariable
SleepConditionVariableSRW
api-ms-win-core-threadpool-l1-2-0
CloseThreadpool
api-ms-win-core-timezone-l1-1-0
FileTimeToSystemTime
SystemTimeToFileTime
api-ms-win-core-file-l1-1-0
GetFileSizeEx
SetFilePointerEx
ReadFile
CreateFileW
GetFileAttributesW
api-ms-win-security-base-l1-1-0
CopySid
CreateWellKnownSid
api-ms-win-security-sddl-l1-1-0
ConvertStringSidToSidW
api-ms-win-eventing-provider-l1-1-0
EventUnregister
EventRegister
EventSetInformation
api-ms-win-core-delayload-l1-1-1
ResolveDelayLoadedAPI
api-ms-win-core-delayload-l1-1-0
DelayLoadFailureHook
ntdll
EtwTraceMessage
shlwapi
PathCombineW
user32
PostThreadMessageW
api-ms-win-security-lsalookup-l1-1-0
LookupAccountSidLocalW
Exports
Exports
DllCanUnloadNow
DllGetClassObject
Sections
.text Size: 132KB - Virtual size: 132KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 54KB - Virtual size: 53KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 32KB - Virtual size: 34KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 8KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.didat Size: 512B - Virtual size: 24B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
assets/WsUpgrade.dll.dll regsvr32 windows:10 windows x64 arch:x64
30ae43715c9ec65454cd7a4ef5927068
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP
IMAGE_FILE_NET_RUN_FROM_SWAP
IMAGE_FILE_DLL
PDB Paths
WsUpgrade.pdb
Imports
oleaut32
SysFreeString
LoadRegTypeLi
VarUI4FromStr
SysStringLen
RegisterTypeLi
UnRegisterTypeLi
SysAllocString
LoadTypeLi
api-ms-win-core-libraryloader-l1-2-0
FindResourceExW
SizeofResource
LoadResource
LockResource
LoadLibraryExA
GetProcAddress
FreeLibrary
LoadLibraryExW
GetModuleFileNameW
GetModuleHandleW
GetModuleHandleExW
api-ms-win-core-com-l1-1-0
CoTaskMemRealloc
CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance
StringFromGUID2
StringFromCLSID
api-ms-win-core-string-l2-1-0
CharNextW
api-ms-win-core-errorhandling-l1-1-0
GetLastError
SetLastError
RaiseException
SetUnhandledExceptionFilter
UnhandledExceptionFilter
api-ms-win-core-registry-l1-1-0
RegSetValueExW
RegEnumKeyExW
RegQueryInfoKeyW
RegGetKeySecurity
RegSetKeySecurity
RegDeleteValueW
RegCreateKeyExW
RegCloseKey
RegOpenKeyExW
RegEnumValueW
RegSetValueExA
RegQueryValueExW
RegQueryValueExA
api-ms-win-core-string-obsolete-l1-1-0
lstrcmpiW
api-ms-win-core-string-l1-1-0
MultiByteToWideChar
WideCharToMultiByte
GetStringTypeW
api-ms-win-core-localization-l1-2-0
SetThreadLocale
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
LCMapStringW
GetThreadLocale
api-ms-win-core-synch-l1-1-0
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
EnterCriticalSection
InitializeCriticalSectionEx
LeaveCriticalSection
InitializeCriticalSection
ntdll
RtlCreateUnicodeString
RtlFreeUnicodeString
RtlFreeHeap
RtlNtStatusToDosError
RtlAllocateHeap
RtlCompareUnicodeString
NtQueryKey
api-ms-win-core-heap-l1-1-0
HeapSize
HeapAlloc
HeapReAlloc
HeapDestroy
GetProcessHeap
HeapFree
ws2_32
WahEnableNonIFSHandleSupport
api-ms-win-core-rtlsupport-l1-1-0
RtlUnwindEx
RtlPcToFileHeader
RtlLookupFunctionEntry
RtlCaptureContext
RtlCompareMemory
RtlVirtualUnwind
api-ms-win-core-processenvironment-l1-1-0
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
ExpandEnvironmentStringsA
SetStdHandle
GetCommandLineW
GetStdHandle
api-ms-win-core-versionansi-l1-1-1
GetFileVersionInfoSizeA
GetFileVersionInfoA
api-ms-win-core-version-l1-1-0
VerQueryValueW
api-ms-win-core-libraryloader-l1-2-1
LoadLibraryW
api-ms-win-core-registry-l2-1-0
RegDeleteKeyW
api-ms-win-core-debug-l1-1-0
IsDebuggerPresent
api-ms-win-core-processthreads-l1-1-0
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetCurrentProcessId
ExitProcess
GetCurrentThreadId
TerminateProcess
GetCurrentProcess
api-ms-win-core-processthreads-l1-1-1
IsProcessorFeaturePresent
api-ms-win-core-sysinfo-l1-1-0
GetSystemTimeAsFileTime
api-ms-win-core-file-l1-1-0
GetFileSizeEx
FlushFileBuffers
FindFirstFileExW
CreateFileW
WriteFile
FindNextFileW
SetFilePointerEx
GetFileType
FindClose
api-ms-win-core-console-l1-1-0
GetConsoleMode
GetConsoleOutputCP
WriteConsoleW
api-ms-win-core-handle-l1-1-0
CloseHandle
api-ms-win-core-profile-l1-1-0
QueryPerformanceCounter
api-ms-win-core-interlocked-l1-1-0
InitializeSListHead
InterlockedFlushSList
api-ms-win-core-fibers-l1-1-0
FlsAlloc
FlsFree
FlsGetValue
FlsSetValue
shell32
SHGetFileInfoW
Exports
Exports
DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer
Sections
.text Size: 125KB - Virtual size: 125KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 61KB - Virtual size: 60KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 6KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
library/ARSoft.Tools.Net.dll.dll windows:4 windows x86 arch:x86
dae02f32a21e03ce65412f6e56942daa
Code Sign
01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6aCertificate
IssuerCN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BENot Before19-09-2018 00:00Not After28-01-2028 12:00SubjectCN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSignKey Usages
KeyUsageCertSign
KeyUsageCRLSign
48:1b:6a:07:a9:42:4c:1e:aa:fe:f3:cd:f1:0fCertificate
IssuerCN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSignNot Before15-06-2016 00:00Not After15-06-2024 00:00SubjectCN=GlobalSign Extended Validation CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BEExtended Key Usages
ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
23:f4:b4:91:12:3a:c4:cd:bd:68:04:2dCertificate
IssuerCN=GlobalSign Extended Validation CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BENot Before29-10-2020 09:57Not After30-10-2023 09:57SubjectSERIALNUMBER=CHE-354.686.492,CN=Proton Technologies AG,O=Proton Technologies AG,STREET=Route de la Galaise 32,L=Plan-les-Ouates,ST=Geneva,C=CH,1.2.840.113549.1.9.1=#0c0f61646d696e4070726f746f6e2e6d65,1.3.6.1.4.1.311.60.2.1.2=#130647656e657661,1.3.6.1.4.1.311.60.2.1.3=#13024348,2.5.4.15=#131450726976617465204f7267616e697a6174696f6eExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
01:b2:8b:d4:cf:ee:ee:0d:be:d0:b3:0d:9b:f8:43:6aCertificate
IssuerCN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BENot Before06-04-2022 07:45Not After08-05-2033 07:45SubjectCN=Globalsign TSA for CodeSign1 - R6,O=GlobalSign nv-sa,C=BEExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74Certificate
IssuerCN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSignNot Before20-06-2018 00:00Not After10-12-2034 00:00SubjectCN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BEKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
45:e6:bb:03:83:33:c3:85:65:48:e6:ff:45:51Certificate
IssuerCN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSignNot Before10-12-2014 00:00Not After10-12-2034 00:00SubjectCN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSignKey Usages
KeyUsageCertSign
KeyUsageCRLSign
5d:e3:92:11:53:fe:8b:85:8f:a3:26:20:da:0d:88:84:dd:77:64:5e:70:6b:02:2e:ad:f9:b3:8e:d3:75:c0:03Signer
Actual PE Digest5d:e3:92:11:53:fe:8b:85:8f:a3:26:20:da:0d:88:84:dd:77:64:5e:70:6b:02:2e:ad:f9:b3:8e:d3:75:c0:03Digest Algorithmsha256PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
Imports
mscoree
_CorDllMain
Sections
.text Size: 290KB - Virtual size: 289KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
library/Autofac.dll.dll windows:4 windows x86 arch:x86
dae02f32a21e03ce65412f6e56942daa
Code Sign
01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6aCertificate
IssuerCN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BENot Before19-09-2018 00:00Not After28-01-2028 12:00SubjectCN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSignKey Usages
KeyUsageCertSign
KeyUsageCRLSign
48:1b:6a:07:a9:42:4c:1e:aa:fe:f3:cd:f1:0fCertificate
IssuerCN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSignNot Before15-06-2016 00:00Not After15-06-2024 00:00SubjectCN=GlobalSign Extended Validation CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BEExtended Key Usages
ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
23:f4:b4:91:12:3a:c4:cd:bd:68:04:2dCertificate
IssuerCN=GlobalSign Extended Validation CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BENot Before29-10-2020 09:57Not After30-10-2023 09:57SubjectSERIALNUMBER=CHE-354.686.492,CN=Proton Technologies AG,O=Proton Technologies AG,STREET=Route de la Galaise 32,L=Plan-les-Ouates,ST=Geneva,C=CH,1.2.840.113549.1.9.1=#0c0f61646d696e4070726f746f6e2e6d65,1.3.6.1.4.1.311.60.2.1.2=#130647656e657661,1.3.6.1.4.1.311.60.2.1.3=#13024348,2.5.4.15=#131450726976617465204f7267616e697a6174696f6eExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
01:b2:8b:d4:cf:ee:ee:0d:be:d0:b3:0d:9b:f8:43:6aCertificate
IssuerCN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BENot Before06-04-2022 07:45Not After08-05-2033 07:45SubjectCN=Globalsign TSA for CodeSign1 - R6,O=GlobalSign nv-sa,C=BEExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74Certificate
IssuerCN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSignNot Before20-06-2018 00:00Not After10-12-2034 00:00SubjectCN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BEKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
45:e6:bb:03:83:33:c3:85:65:48:e6:ff:45:51Certificate
IssuerCN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSignNot Before10-12-2014 00:00Not After10-12-2034 00:00SubjectCN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSignKey Usages
KeyUsageCertSign
KeyUsageCRLSign
bf:8c:79:6e:cc:31:be:c1:0c:0b:42:15:e8:2b:c6:82:b5:e0:54:24:37:64:54:33:88:ae:09:73:2b:ba:45:c5Signer
Actual PE Digestbf:8c:79:6e:cc:31:be:c1:0c:0b:42:15:e8:2b:c6:82:b5:e0:54:24:37:64:54:33:88:ae:09:73:2b:ba:45:c5Digest Algorithmsha256PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
C:\projects\autofac\src\Autofac\obj\Release\net45\Autofac.pdb
Imports
mscoree
_CorDllMain
Sections
.text Size: 224KB - Virtual size: 223KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
library/GalaSoft.MvvmLight.Platform.dll.dll windows:4 windows x86 arch:x86
dae02f32a21e03ce65412f6e56942daa
Code Sign
01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6aCertificate
IssuerCN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BENot Before19-09-2018 00:00Not After28-01-2028 12:00SubjectCN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSignKey Usages
KeyUsageCertSign
KeyUsageCRLSign
48:1b:6a:07:a9:42:4c:1e:aa:fe:f3:cd:f1:0fCertificate
IssuerCN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSignNot Before15-06-2016 00:00Not After15-06-2024 00:00SubjectCN=GlobalSign Extended Validation CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BEExtended Key Usages
ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
23:f4:b4:91:12:3a:c4:cd:bd:68:04:2dCertificate
IssuerCN=GlobalSign Extended Validation CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BENot Before29-10-2020 09:57Not After30-10-2023 09:57SubjectSERIALNUMBER=CHE-354.686.492,CN=Proton Technologies AG,O=Proton Technologies AG,STREET=Route de la Galaise 32,L=Plan-les-Ouates,ST=Geneva,C=CH,1.2.840.113549.1.9.1=#0c0f61646d696e4070726f746f6e2e6d65,1.3.6.1.4.1.311.60.2.1.2=#130647656e657661,1.3.6.1.4.1.311.60.2.1.3=#13024348,2.5.4.15=#131450726976617465204f7267616e697a6174696f6eExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
01:b2:8b:d4:cf:ee:ee:0d:be:d0:b3:0d:9b:f8:43:6aCertificate
IssuerCN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BENot Before06-04-2022 07:45Not After08-05-2033 07:45SubjectCN=Globalsign TSA for CodeSign1 - R6,O=GlobalSign nv-sa,C=BEExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74Certificate
IssuerCN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSignNot Before20-06-2018 00:00Not After10-12-2034 00:00SubjectCN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BEKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
45:e6:bb:03:83:33:c3:85:65:48:e6:ff:45:51Certificate
IssuerCN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSignNot Before10-12-2014 00:00Not After10-12-2034 00:00SubjectCN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSignKey Usages
KeyUsageCertSign
KeyUsageCRLSign
49:ed:c7:af:11:6a:ef:46:45:d6:df:8d:15:39:b0:88:cc:53:e2:b9:c5:27:be:4d:b2:ae:86:f9:5d:cf:3d:8bSigner
Actual PE Digest49:ed:c7:af:11:6a:ef:46:45:d6:df:8d:15:39:b0:88:cc:53:e2:b9:c5:27:be:4d:b2:ae:86:f9:5d:cf:3d:8bDigest Algorithmsha256PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
C:\Users\lbugn\Documents\MVVMLight\GalaSoft.MvvmLight\GalaSoft.MvvmLight.Platform (NET45Std)\obj\Release\GalaSoft.MvvmLight.Platform.pdb
Imports
mscoree
_CorDllMain
Sections
.text Size: 10KB - Virtual size: 10KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
library/GalaSoft.MvvmLight.dll.dll windows:4 windows x86 arch:x86
dae02f32a21e03ce65412f6e56942daa
Code Sign
01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6aCertificate
IssuerCN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BENot Before19-09-2018 00:00Not After28-01-2028 12:00SubjectCN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSignKey Usages
KeyUsageCertSign
KeyUsageCRLSign
48:1b:6a:07:a9:42:4c:1e:aa:fe:f3:cd:f1:0fCertificate
IssuerCN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSignNot Before15-06-2016 00:00Not After15-06-2024 00:00SubjectCN=GlobalSign Extended Validation CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BEExtended Key Usages
ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
23:f4:b4:91:12:3a:c4:cd:bd:68:04:2dCertificate
IssuerCN=GlobalSign Extended Validation CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BENot Before29-10-2020 09:57Not After30-10-2023 09:57SubjectSERIALNUMBER=CHE-354.686.492,CN=Proton Technologies AG,O=Proton Technologies AG,STREET=Route de la Galaise 32,L=Plan-les-Ouates,ST=Geneva,C=CH,1.2.840.113549.1.9.1=#0c0f61646d696e4070726f746f6e2e6d65,1.3.6.1.4.1.311.60.2.1.2=#130647656e657661,1.3.6.1.4.1.311.60.2.1.3=#13024348,2.5.4.15=#131450726976617465204f7267616e697a6174696f6eExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
01:b2:8b:d4:cf:ee:ee:0d:be:d0:b3:0d:9b:f8:43:6aCertificate
IssuerCN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BENot Before06-04-2022 07:45Not After08-05-2033 07:45SubjectCN=Globalsign TSA for CodeSign1 - R6,O=GlobalSign nv-sa,C=BEExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74Certificate
IssuerCN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSignNot Before20-06-2018 00:00Not After10-12-2034 00:00SubjectCN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BEKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
45:e6:bb:03:83:33:c3:85:65:48:e6:ff:45:51Certificate
IssuerCN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSignNot Before10-12-2014 00:00Not After10-12-2034 00:00SubjectCN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSignKey Usages
KeyUsageCertSign
KeyUsageCRLSign
a6:a4:8e:05:59:32:3d:1d:4f:63:a2:c5:17:4e:ed:af:17:af:cc:23:35:1a:98:4a:a7:cd:1e:40:2f:20:e0:c5Signer
Actual PE Digesta6:a4:8e:05:59:32:3d:1d:4f:63:a2:c5:17:4e:ed:af:17:af:cc:23:35:1a:98:4a:a7:cd:1e:40:2f:20:e0:c5Digest Algorithmsha256PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
C:\Users\lbugn\Documents\MVVMLight\GalaSoft.MvvmLight\GalaSoft.MvvmLight.STD10\obj\Release\netstandard1.0\GalaSoft.MvvmLight.pdb
Imports
mscoree
_CorDllMain
Sections
.text Size: 38KB - Virtual size: 37KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
settings.ini