installer_1[.]05_37[.]1[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

installer_1.05_37.1.zip
Size

20.7MB
MD5

e6a32ae0673c8fe77268c558e27101ff
SHA1

209fc82e50b8fcbb644caf913c8be7db2bc2ae61
SHA256

517b6a097c3c3f94a2321780bd254d6ec5f4fbf5da66ac5ab9d7328ce0acad0a
SHA512

a2cbc28bd9e944b405f2347a90ef00cc7e50c96998fd5b06f6ab15401e685fa34f530eb02b604fb7ab73b1135d6d8d43d2349b756b9e9b8ca37a4c18a0cd8eb6
SSDEEP

393216:jVhhJexsWqktj7GtrISiuQzo6hMmVjwLGMBlLBQKk7ktStmx6YDjN1fxR1:hhjDkkucQzvaigldQNMAQvPxn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/opengl32sw.dll

Files

installer_1.05_37.1.zip
.zip

Password: 2025
Read me before you start.txt
installer_1.05_37.1.rar
.rar

Password: 2025
Lang/lang-1049.dll
.dll windows:6 windows x86 arch:x86

Password: 2025

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29-04-2021 00:00

Not After

28-04-2036 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:75:e1:f7:ec:9b:d8:a6:7a:3f:61:89:c6:3e:97:bb
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

16-09-2022 00:00

Not After

17-09-2025 23:59

Subject

CN=PIRIFORM SOFTWARE LIMITED,O=PIRIFORM SOFTWARE LIMITED,L=London,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14-07-2023 00:00

Not After

13-10-2034 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-08-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

47:61:59:f6:b7:42:45:ca:c9:25:78:ae:bc:3c:f6:ba:c3:c2:15:e8:6d:ed:75:4a:cd:f7:6c:5e:97:9a:9e:e5
Signer

Actual PE Digest

47:61:59:f6:b7:42:45:ca:c9:25:78:ae:bc:3c:f6:ba:c3:c2:15:e8:6d:ed:75:4a:cd:f7:6c:5e:97:9a:9e:e5

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rdata
Size: 512B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 247KB - Virtual size: 246KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Lang/lang-1058.dll
.dll windows:6 windows x86 arch:x86

Password: 2025

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29-04-2021 00:00

Not After

28-04-2036 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:75:e1:f7:ec:9b:d8:a6:7a:3f:61:89:c6:3e:97:bb
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

16-09-2022 00:00

Not After

17-09-2025 23:59

Subject

CN=PIRIFORM SOFTWARE LIMITED,O=PIRIFORM SOFTWARE LIMITED,L=London,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14-07-2023 00:00

Not After

13-10-2034 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-08-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

79:ad:e0:64:e4:e6:2d:91:c0:f1:bf:7f:f7:1a:3d:a5:01:8f:45:2b:7e:ff:ba:4b:f0:59:d2:18:e7:a8:32:e4
Signer

Actual PE Digest

79:ad:e0:64:e4:e6:2d:91:c0:f1:bf:7f:f7:1a:3d:a5:01:8f:45:2b:7e:ff:ba:4b:f0:59:d2:18:e7:a8:32:e4

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rdata
Size: 512B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 251KB - Virtual size: 250KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
avcodec-58.dll
.dll windows:6 windows x64 arch:x64

Password: 2025

9772a9b942d20b0a0e95927aa84d512e

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29-04-2021 00:00

Not After

28-04-2036 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:e2:63:20:84:8d:2c:32:d8:cc:af:f3:a6:c1:f2:d9
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

20-01-2022 00:00

Not After

17-01-2025 23:59

Subject

CN=Open Media LLC,O=Open Media LLC,L=Nizhny Novgorod,ST=Nizhny Novgorod Oblast,C=RU

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3a:52:6a:2c:84:ce:55:e6:1d:65:fc:cc:12:d8:e9:89
Certificate

Issuer

CN=Sectigo Public Time Stamping CA R36,O=Sectigo Limited,C=GB

Not Before

15-01-2024 00:00

Not After

14-04-2035 23:59

Subject

CN=Sectigo Public Time Stamping Signer R35,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

7a:23:ae:da:53:69:96:0f:91:c8:3e:5c:f4:c7:e3:3f
Certificate

Issuer

CN=Sectigo Public Time Stamping Root R46,O=Sectigo Limited,C=GB

Not Before

22-03-2021 00:00

Not After

21-03-2036 23:59

Subject

CN=Sectigo Public Time Stamping CA R36,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

36:c2:b0:bd:7c:1b:3a:e7:a3:b3:dd:36:cb:c9:75:68
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

22-03-2021 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo Public Time Stamping Root R46,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

7a:10:81:2c:12:e6:62:58:f7:e6:4b:2f:4f:40:c1:f3:a4:d1:a5:ae:a2:10:79:a7:fa:3f:cf:84:3d:82:b0:08
Signer

Actual PE Digest

7a:10:81:2c:12:e6:62:58:f7:e6:4b:2f:4f:40:c1:f3:a4:d1:a5:ae:a2:10:79:a7:fa:3f:cf:84:3d:82:b0:08

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\.c2x64b\b\ffmpebefd5b0bd9da9\b\build-relwithdebinfo\libavcodec\avcodec-58.pdb

Imports

swresample-3

swr_init
swr_convert
swr_close
swr_free
swr_is_initialized
swr_alloc

avutil-56

av_audio_fifo_write
av_audio_fifo_read
av_audio_fifo_drain
av_audio_fifo_size
av_opt_set_int
av_opt_get_int
avpriv_slicethread_create
avpriv_slicethread_execute
avpriv_slicethread_free
av_dynarray_add
av_expr_eval
av_expr_free
av_stristr
av_vbprintf
av_strlcatf
av_get_media_type_string
av_log_get_level
av_match_list
av_get_sample_fmt_name
av_get_planar_sample_fmt
av_get_colorspace_name
av_color_range_name
av_chroma_location_name
av_opt_set_dict
av_get_cpu_flags
av_strlcat
av_crc_init
av_stereo3d_alloc
av_frame_set_qp_table
avpriv_solve_lls
avpriv_init_lls
av_strtod
av_vlog
av_fifo_alloc
av_base64_encode
av_base64_decode
av_rescale_rnd
av_gcd
av_image_fill_max_pixsteps
av_find_best_pix_fmt_of_2
av_get_pix_fmt_loss
av_get_bits_per_pixel
av_parse_color
av_strncasecmp
av_strcasecmp
av_content_light_metadata_create_side_data
av_mastering_display_metadata_create_side_data
av_stereo3d_create_side_data
av_frame_new_side_data_from_buf
av_buffer_get_ref_count
av_color_space_name
av_color_transfer_name
av_color_primaries_name
av_display_matrix_flip
av_display_rotation_set
av_display_rotation_get
av_frame_make_writable
av_opt_copy
av_fifo_generic_read
av_dict_copy
av_cpu_count
av_md5_final
av_md5_update
av_md5_init
av_md5_alloc
av_samples_fill_arrays
av_fifo_drain
av_fifo_realloc2
av_fifo_generic_write
av_fifo_space
av_fifo_size
av_fifo_freep
av_fifo_alloc_array
av_frame_clone
av_memdup
av_get_picture_type_char
av_frame_get_side_data
av_samples_set_silence
av_usleep
av_strerror
av_div_q
av_d2q
av_memcpy_backptr
av_image_check_sar
av_image_check_size2
av_image_fill_pointers
av_image_fill_linesizes
av_get_pix_fmt_name
av_pix_fmt_desc_get
av_hwframe_get_buffer
av_hwframe_ctx_init
av_hwframe_ctx_alloc
av_hwdevice_get_type_name
av_frame_apply_cropping
av_frame_new_side_data
av_audio_fifo_alloc
av_frame_is_writable
av_samples_copy
av_samples_get_buffer_size
av_sample_fmt_is_planar
av_buffer_pool_get
av_buffer_pool_uninit
av_buffer_pool_init
av_get_token
av_mul_q
av_image_get_linesize
av_fourcc_make_string
av_rescale
av_fast_mallocz
av_lzo1x_decode
av_calloc
av_pix_fmt_count_planes
av_bprint_clear
av_buffer_allocz
av_reallocp
av_frame_move_ref
av_bprint_finalize
av_bprint_init
av_strtok
av_opt_set_dict2
av_opt_free
av_dict_parse_string
av_dynarray_add_nofree
avpriv_set_systematic_pal2
av_opt_next
av_audio_fifo_free
av_opt_set_from_string
av_realloc_f
av_pix_fmt_get_chroma_sub_sample
av_dict_free
av_image_copy_to_buffer
av_image_get_buffer_size
av_image_fill_arrays
av_image_copy
av_image_alloc
av_buffer_realloc
av_buffer_is_writable
av_buffer_unref
av_buffer_ref
av_buffer_default_free
av_buffer_create
av_buffer_alloc
av_dict_set
av_dict_get
av_opt_set
av_opt_set_defaults2
av_buffer_make_writable
av_realloc
av_opt_set_defaults
av_reduce
av_bmg_get
av_frame_get_buffer
av_strlcpy
av_timecode_init_from_string
av_strdup
av_reallocp_array
av_bprint_chars
av_bprintf
av_asprintf
av_realloc_array
av_fast_malloc
avpriv_vga16_font
av_timecode_adjust_ntsc_framenum2
avpriv_cga_font
av_get_bytes_per_sample
av_frame_copy
avpriv_scalarproduct_float_c
av_rescale_q
av_get_default_channel_layout
av_downmix_info_update_side_data
av_crc
av_crc_get_table
av_get_channel_layout_channel_index
av_get_channel_layout_nb_channels
av_lfg_init_from_data
av_malloc_array
av_frame_ref
av_frame_free
av_frame_alloc
av_get_channel_layout_string
avpriv_alloc_fixed_dsp
av_frame_unref
av_nearer_q
av_free
avpriv_float_dsp_alloc
av_default_item_name
avpriv_report_missing_feature
av_mallocz_array
av_lfg_init
av_malloc
av_image_check_size
av_image_copy_plane
avpriv_emms_asm
av_freep
av_fast_realloc
av_mallocz
avpriv_request_sample
av_log
av_timecode_make_mpeg_tc_string
av_frame_copy_props
av_bprint_append_data
av_expr_parse

ole32

CoTaskMemFree

kernel32

RtlVirtualUnwind
SetUnhandledExceptionFilter
RtlLookupFunctionEntry
InitOnceBeginInitialize
TerminateProcess
InitOnceComplete
ReleaseMutex
WaitForSingleObjectEx
MultiByteToWideChar
CloseHandle
InitializeSRWLock
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
InitializeConditionVariable
WakeConditionVariable
WakeAllConditionVariable
SleepConditionVariableSRW
EnterCriticalSection
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
LeaveCriticalSection
GetCurrentThreadId
InitializeCriticalSectionEx
DeleteCriticalSection
SleepConditionVariableCS
SetThreadPriority
GetSystemTimeAsFileTime
GetStdHandle
GetConsoleMode
WriteConsoleW
UnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
SetEvent
ReleaseSemaphore
WaitForSingleObject
CreateEventW
DisableThreadLibraryCalls
CreateSemaphoreW
GetCurrentProcess
InitializeSListHead
GetCurrentThread
GetModuleHandleW
GetProcAddress
IsDebuggerPresent
RtlCaptureContext
GetStartupInfoW
GetProcessAffinityMask

vcruntime140

__current_exception_context
__current_exception
__std_type_info_destroy_list
__C_specific_handler
longjmp
memchr
memcmp
strstr
strchr
memmove
memset
memcpy
__intrinsic_setjmp

api-ms-win-crt-runtime-l1-1-0

terminate
_cexit
_crt_at_quick_exit
_crt_atexit
_errno
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initterm
_beginthreadex
_wassert
abort
exit

api-ms-win-crt-math-l1-1-0

ldexp
frexp
ceil
cosh
tanf
truncf
log10f
lrintf
pow
exp
exp2f
exp2
sinf
sin
log
cos
atanf
atan2f
cbrt
sqrt
lrint
sqrtf
powf
logf
log2f
expf
ceilf
roundf
cbrtf
floor
atan
log10
tanh
fmax
acos
tan
rint
round
log2
_dclass
hypot
llrint
_fdopen
cosf

api-ms-win-crt-stdio-l1-1-0

feof
__stdio_common_vfscanf
__acrt_iob_func
fwrite
__stdio_common_vfprintf
_fileno
fflush
_tempnam
_wfopen
_fseeki64
_ftelli64
__stdio_common_vsscanf
__stdio_common_vsprintf
fclose
fopen
fread
ftell
_sopen
_wsopen
fseek

api-ms-win-crt-string-l1-1-0

_strnicmp
_stricmp
strtok_s
strncmp
strcspn
strpbrk
strspn
isdigit
strncpy
tolower
toupper
strcmp
_strdup

api-ms-win-crt-convert-l1-1-0

atoi
strtod
strtoul
strtol

api-ms-win-crt-utility-l1-1-0

qsort
rand
bsearch

api-ms-win-crt-heap-l1-1-0

realloc
malloc
calloc
free

api-ms-win-crt-time-l1-1-0

_ftime64
_localtime64
strftime
_time64

api-ms-win-crt-filesystem-l1-1-0

_wrename
_wunlink
_fstat64

Exports

Exports

av_ac3_parse_header
av_adts_header_parse
av_bitstream_filter_close
av_bitstream_filter_filter
av_bitstream_filter_init
av_bitstream_filter_next
av_bsf_alloc
av_bsf_flush
av_bsf_free
av_bsf_get_by_name
av_bsf_get_class
av_bsf_get_null_filter
av_bsf_init
av_bsf_iterate
av_bsf_list_alloc
av_bsf_list_append
av_bsf_list_append2
av_bsf_list_finalize
av_bsf_list_free
av_bsf_list_parse_str
av_bsf_next
av_bsf_receive_packet
av_bsf_send_packet
av_codec_ffversion
av_codec_get_chroma_intra_matrix
av_codec_get_codec_descriptor
av_codec_get_codec_properties
av_codec_get_lowres
av_codec_get_max_lowres
av_codec_get_pkt_timebase
av_codec_get_seek_preroll
av_codec_is_decoder
av_codec_is_encoder
av_codec_iterate
av_codec_next
av_codec_set_chroma_intra_matrix
av_codec_set_codec_descriptor
av_codec_set_lowres
av_codec_set_pkt_timebase
av_codec_set_seek_preroll
av_copy_packet
av_copy_packet_side_data
av_cpb_properties_alloc
av_d3d11va_alloc_context
av_dct_calc
av_dct_end
av_dct_init
av_dirac_parse_sequence_header
av_dup_packet
av_dv_codec_profile
av_dv_codec_profile2
av_dv_frame_profile
av_fast_padded_malloc
av_fast_padded_mallocz
av_fft_calc
av_fft_end
av_fft_init
av_fft_permute
av_fopen_utf8
av_free_packet
av_get_audio_frame_duration
av_get_audio_frame_duration2
av_get_bits_per_sample
av_get_codec_tag_string
av_get_exact_bits_per_sample
av_get_pcm_codec
av_get_profile_name
av_grow_packet
av_hwaccel_next
av_imdct_calc
av_imdct_half
av_init_packet
av_jni_get_java_vm
av_jni_set_java_vm
av_lockmgr_register
av_mdct_calc
av_mdct_end
av_mdct_init
av_mediacodec_alloc_context
av_mediacodec_default_free
av_mediacodec_default_init
av_mediacodec_release_buffer
av_mediacodec_render_buffer_at_time
av_new_packet
av_packet_add_side_data
av_packet_alloc
av_packet_clone
av_packet_copy_props
av_packet_free
av_packet_free_side_data
av_packet_from_data
av_packet_get_side_data
av_packet_make_refcounted
av_packet_make_writable
av_packet_merge_side_data
av_packet_move_ref
av_packet_new_side_data
av_packet_pack_dictionary
av_packet_ref
av_packet_rescale_ts
av_packet_shrink_side_data
av_packet_side_data_name
av_packet_split_side_data
av_packet_unpack_dictionary
av_packet_unref
av_parser_change
av_parser_close
av_parser_init
av_parser_iterate
av_parser_next
av_parser_parse2
av_picture_copy
av_picture_crop
av_picture_pad
av_qsv_alloc_context
av_rdft_calc
av_rdft_end
av_rdft_init
av_register_bitstream_filter
av_register_codec_parser
av_register_hwaccel
av_shrink_packet
av_vorbis_parse_frame
av_vorbis_parse_frame_flags
av_vorbis_parse_free
av_vorbis_parse_init
av_vorbis_parse_reset
av_xiphlacing
avcodec_align_dimensions
avcodec_align_dimensions2
avcodec_alloc_context3
avcodec_chroma_pos_to_enum
avcodec_close
avcodec_configuration
avcodec_copy_context
avcodec_dct_alloc
avcodec_dct_get_class
avcodec_dct_init
avcodec_decode_audio4
avcodec_decode_subtitle2
avcodec_decode_video2
avcodec_default_execute
avcodec_default_execute2
avcodec_default_get_buffer2
avcodec_default_get_format
avcodec_descriptor_get
avcodec_descriptor_get_by_name
avcodec_descriptor_next
avcodec_encode_audio2
avcodec_encode_subtitle
avcodec_encode_video2
avcodec_enum_to_chroma_pos
avcodec_fill_audio_frame
avcodec_find_best_pix_fmt2
avcodec_find_best_pix_fmt_of_2
avcodec_find_best_pix_fmt_of_list
avcodec_find_decoder
avcodec_find_decoder_by_name
avcodec_find_encoder
avcodec_find_encoder_by_name
avcodec_flush_buffers
avcodec_free_context
avcodec_get_chroma_sub_sample
avcodec_get_class
avcodec_get_context_defaults3
avcodec_get_frame_class
avcodec_get_hw_config
avcodec_get_hw_frames_parameters
avcodec_get_name
avcodec_get_pix_fmt_loss
avcodec_get_subtitle_rect_class
avcodec_get_type
avcodec_is_open
avcodec_license
avcodec_open2
avcodec_parameters_alloc
avcodec_parameters_copy
avcodec_parameters_free
avcodec_parameters_from_context
avcodec_parameters_to_context
avcodec_pix_fmt_to_codec_tag
avcodec_profile_name
avcodec_receive_frame
avcodec_receive_packet
avcodec_register
avcodec_register_all
avcodec_send_frame
avcodec_send_packet
avcodec_string
avcodec_version
avpicture_alloc
avpicture_fill
avpicture_free
avpicture_get_size
avpicture_layout
avpriv_ac3_channel_layout_tab
avpriv_ac3_parse_header
avpriv_align_put_bits
avpriv_bprint_to_extradata
avpriv_codec2_mode_bit_rate
avpriv_codec2_mode_block_align
avpriv_codec2_mode_frame_size
avpriv_codec_get_cap_skip_frame_fill_param
avpriv_copy_bits
avpriv_dca_convert_bitstream
avpriv_dca_parse_core_frame_header
avpriv_dca_sample_rates
avpriv_dnxhd_get_frame_size
avpriv_dnxhd_get_hr_frame_size
avpriv_dnxhd_get_interlaced
avpriv_do_elbg
avpriv_exif_decode_ifd
avpriv_find_pix_fmt
avpriv_find_start_code
avpriv_fits_header_init
avpriv_fits_header_parse_line
avpriv_get_raw_pix_fmt_tags
avpriv_h264_has_num_reorder_frames
avpriv_init_elbg
avpriv_mjpeg_bits_ac_chrominance
avpriv_mjpeg_bits_ac_luminance
avpriv_mjpeg_bits_dc_chrominance
avpriv_mjpeg_bits_dc_luminance
avpriv_mjpeg_val_ac_chrominance
avpriv_mjpeg_val_ac_luminance
avpriv_mjpeg_val_dc
avpriv_mpa_bitrate_tab
avpriv_mpa_freq_tab
avpriv_mpeg4audio_get_config
avpriv_mpeg4audio_sample_rates
avpriv_mpegaudio_decode_header
avpriv_pix_fmt_bps_avi
avpriv_pix_fmt_bps_mov
avpriv_put_string
avpriv_split_xiph_headers
avpriv_tak_parse_streaminfo
avpriv_toupper4
avsubtitle_free

Sections

.text
Size: 17.2MB - Virtual size: 17.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8.1MB - Virtual size: 8.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 224KB - Virtual size: 11.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 394KB - Virtual size: 393KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 313B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.00cfg
Size: 512B - Virtual size: 373B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 162KB - Virtual size: 162KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
installer_1.05_37.1.exe
.exe windows:5 windows x86 arch:x86

Password: 2025

be41bf7b8cc010b614bd36bbca606973

Code Sign

1b:b5:8f:25:2a:df:23:00:49:28:c9:ae:3d:7e:ed:27
Certificate

Issuer

CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

31-05-2021 06:43

Not After

17-09-2029 06:43

Subject

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

09:c5:cc:f8:bb:66:7d:71:37:aa:c1:59:80:06:cb:31
Certificate

Issuer

CN=Certum Timestamping 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

02-11-2023 08:32

Not After

30-10-2034 08:32

Subject

CN=Certum Timestamp 2023,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

99:a3:80:0a:26:55:3b:65:ab:dc:6e:84:a6:b3:ea:39
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19-05-2021 05:32

Not After

18-05-2036 05:32

Subject

CN=Certum Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

e7:ff:69:c7:3b:35:ce:4b:91:26:d8:74:7c:68:a5:87
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19-05-2021 05:32

Not After

18-05-2036 05:32

Subject

CN=Certum Timestamping 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:2b:2b:92:bf:06:e4:a4:15:cc:96:9c:45:8a:be:34
Certificate

Issuer

CN=Certum Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

19-10-2023 12:38

Not After

18-10-2026 12:38

Subject

CN=Marek Jasiński,O=Marek Jasiński,ST=Bayern,C=DE,1.2.840.113549.1.9.1=#0c176d6172656b4066726565636f6d6d616e6465722e636f6d

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

b6:28:85:1a:c9:f2:30:9b:7a:bc:3b:32:3d:94:f3:fe:a9:8a:ba:34:ba:7a:95:74:bd:dc:c6:e3:39:02:e9:e4
Signer

Actual PE Digest

b6:28:85:1a:c9:f2:30:9b:7a:bc:3b:32:3d:94:f3:fe:a9:8a:ba:34:ba:7a:95:74:bd:dc:c6:e3:39:02:e9:e4

Digest Algorithm

sha256

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileTime
CompareFileTime
SearchPathW
GetShortPathNameW
GetFullPathNameW
MoveFileW
SetCurrentDirectoryW
GetFileAttributesW
GetLastError
CreateDirectoryW
SetFileAttributesW
Sleep
GetTickCount
GetFileSize
GetModuleFileNameW
GetCurrentProcess
CopyFileW
ExitProcess
GetWindowsDirectoryW
GetTempPathW
GetCommandLineW
SetErrorMode
lstrcpynA
CloseHandle
lstrcpynW
GetDiskFreeSpaceW
GlobalUnlock
GlobalLock
CreateThread
LoadLibraryW
CreateProcessW
lstrcmpiA
CreateFileW
GetTempFileNameW
lstrcatW
GetProcAddress
LoadLibraryA
GetModuleHandleA
OpenProcess
lstrcpyW
GetVersionExW
GetSystemDirectoryW
GetVersion
lstrcpyA
RemoveDirectoryW
lstrcmpA
lstrcmpiW
lstrcmpW
ExpandEnvironmentStringsW
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GlobalFree
GetModuleHandleW
LoadLibraryExW
FreeLibrary
WritePrivateProfileStringW
GetPrivateProfileStringW
WideCharToMultiByte
lstrlenA
MulDiv
WriteFile
ReadFile
MultiByteToWideChar
SetFilePointer
FindClose
FindNextFileW
FindFirstFileW
DeleteFileW
lstrlenW

user32

GetAsyncKeyState
IsDlgButtonChecked
ScreenToClient
GetMessagePos
CallWindowProcW
IsWindowVisible
LoadBitmapW
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
TrackPopupMenu
GetWindowRect
AppendMenuW
CreatePopupMenu
GetSystemMetrics
EndDialog
EnableMenuItem
GetSystemMenu
SetClassLongW
IsWindowEnabled
SetWindowPos
DialogBoxParamW
CheckDlgButton
CreateWindowExW
SystemParametersInfoW
RegisterClassW
SetDlgItemTextW
GetDlgItemTextW
MessageBoxIndirectW
CharNextA
CharUpperW
CharPrevW
wvsprintfW
DispatchMessageW
PeekMessageW
wsprintfA
DestroyWindow
CreateDialogParamW
SetTimer
SetWindowTextW
PostQuitMessage
SetForegroundWindow
ShowWindow
wsprintfW
SendMessageTimeoutW
LoadCursorW
SetCursor
GetWindowLongW
GetSysColor
CharNextW
GetClassInfoW
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongW
LoadImageW
GetDC
EnableWindow
InvalidateRect
SendMessageW
DefWindowProcW
BeginPaint
GetClientRect
FillRect
DrawTextW
EndPaint
FindWindowExW

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectW
SetBkMode
SetTextColor
SelectObject

shell32

SHBrowseForFolderW
SHGetPathFromIDListW
SHGetFileInfoW
ShellExecuteW
SHFileOperationW
SHGetSpecialFolderLocation

advapi32

RegEnumKeyW
RegOpenKeyExW
RegCloseKey
RegDeleteKeyW
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
RegQueryValueExW
RegEnumValueW

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

Sections

.text
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 415KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 516KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.data
.rdata
.reloc
.rsrc/DIALOG/105
.rsrc/DIALOG/106
.rsrc/DIALOG/111
.rsrc/GROUP_ICON/103
.rsrc/ICON/1
.png

Password: 2025
.rsrc/ICON/2.ico
.rsrc/MANIFEST/1
.xml
.text
CERTIFICATE
[0]
[1]
opengl32sw.dll
.dll windows:6 windows x64 arch:x64

Password: 2025

7c204a15e246f025a7513db5a566a6e9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\work\mesa\git\mesa\build\windows-x86_64\gallium\targets\libgl-gdi\opengl32.pdb

Imports

imagehlp

SymSetOptions
SymFunctionTableAccess64
SymGetModuleBase64
SymGetLineFromAddr64
SymInitialize
SymGetSymFromAddr64
StackWalk64
EnumerateLoadedModules64

shell32

SHGetFolderPathW
CommandLineToArgvW

advapi32

CryptAcquireContextW
CryptReleaseContext
CryptGenRandom
SystemFunction036

gdi32

SetPixelFormat
GetPixelFormat
StretchDIBits

user32

GetWindowRect
CallNextHookEx
ClientToScreen
ReleaseDC
GetClientRect
SetWindowsHookExA
UnhookWindowsHookEx
GetDC
WindowFromDC
LoadCursorA
AdjustWindowRectEx
DestroyWindow
RegisterClassA
DefWindowProcA
CreateWindowExA
LoadIconA

kernel32

IsValidCodePage
GetOEMCP
FindFirstFileExW
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
SetEnvironmentVariableW
WriteConsoleW
OutputDebugStringW
FindNextFileA
FindFirstFileExA
GetProcessHeap
GetTimeZoneInformation
FlushFileBuffers
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetDateFormatW
HeapQueryInformation
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
TlsSetValue
Thread32Next
Thread32First
GetCurrentThreadId
CreateToolhelp32Snapshot
TlsAlloc
CloseHandle
GetCurrentProcessId
TlsGetValue
TlsFree
SetLastError
OutputDebugStringA
LoadLibraryA
GetProcAddress
FreeLibrary
SwitchToThread
ReleaseSemaphore
WaitForSingleObject
CreateSemaphoreA
SetErrorMode
GlobalMemoryStatusEx
GetConsoleWindow
IsDebuggerPresent
Sleep
QueryPerformanceFrequency
QueryPerformanceCounter
GetSystemInfo
GetCurrentProcess
GetSystemTimeAsFileTime
GetProcessTimes
VirtualFree
VirtualAlloc
TryEnterCriticalSection
GetLastError
LoadLibraryW
LocalFree
FormatMessageA
FlushInstructionCache
VirtualProtect
VirtualQuery
GetEnvironmentVariableW
GetCurrentDirectoryW
CreateDirectoryW
CreateFileW
DeleteFileW
FindClose
FindFirstFileW
FindNextFileW
GetFileAttributesW
GetFileInformationByHandle
GetFileType
RemoveDirectoryW
SetFileTime
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
GetModuleFileNameW
MoveFileExW
CreateHardLinkW
MultiByteToWideChar
WideCharToMultiByte
SetUnhandledExceptionFilter
GetModuleHandleA
SetConsoleCtrlHandler
GetModuleHandleW
GetStdHandle
GetCommandLineW
GetNativeSystemInfo
GetConsoleScreenBufferInfo
SetConsoleTextAttribute
GetConsoleMode
SearchPathW
DuplicateHandle
TerminateProcess
GetExitCodeProcess
CreateProcessW
CreateJobObjectW
AssignProcessToJobObject
SetInformationJobObject
GetCurrentThread
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
IsProcessorFeaturePresent
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
InitializeSListHead
GetStartupInfoW
FormatMessageW
EncodePointer
DecodePointer
InitializeCriticalSectionAndSpinCount
GetTickCount
CompareStringW
LCMapStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
RtlUnwindEx
LoadLibraryExW
InterlockedPushEntrySList
InterlockedFlushSList
RtlPcToFileHeader
RaiseException
ExitProcess
GetModuleHandleExW
CreateThread
ExitThread
ResumeThread
FreeLibraryAndExitThread
SetEndOfFile
SetStdHandle
HeapValidate
HeapWalk
GetModuleFileNameA
SetFilePointerEx
ReadFile
ReadConsoleW
WriteFile
GetConsoleCP
HeapAlloc
HeapReAlloc
HeapFree
GetACP
HeapSize

Exports

Exports

DrvCopyContext
DrvCreateContext
DrvCreateLayerContext
DrvDeleteContext
DrvDescribeLayerPlane
DrvDescribePixelFormat
DrvGetLayerPaletteEntries
DrvGetProcAddress
DrvPresentBuffers
DrvRealizeLayerPalette
DrvReleaseContext
DrvSetCallbackProcs
DrvSetContext
DrvSetLayerPaletteEntries
DrvSetPixelFormat
DrvShareLists
DrvSwapBuffers
DrvSwapLayerBuffers
DrvValidateVersion
glAccum
glActiveTexture
glActiveTextureARB
glAlphaFunc
glAlphaFuncx
glAreTexturesResident
glAreTexturesResidentEXT
glArrayElement
glArrayElementEXT
glAttachObjectARB
glAttachShader
glBegin
glBeginConditionalRender
glBeginConditionalRenderNV
glBeginQuery
glBeginQueryARB
glBeginQueryIndexed
glBeginTransformFeedback
glBindAttribLocation
glBindAttribLocationARB
glBindBuffer
glBindBufferARB
glBindBufferBase
glBindBufferRange
glBindBuffersBase
glBindBuffersRange
glBindFragDataLocation
glBindFragDataLocationEXT
glBindFragDataLocationIndexed
glBindFramebuffer
glBindFramebufferEXT
glBindImageTexture
glBindImageTextures
glBindProgramARB
glBindRenderbuffer
glBindRenderbufferEXT
glBindSampler
glBindSamplers
glBindTexture
glBindTextureEXT
glBindTextures
glBindTransformFeedback
glBindVertexArray
glBindVertexBuffer
glBindVertexBuffers
glBitmap
glBlendColor
glBlendColorEXT
glBlendEquation
glBlendEquationEXT
glBlendEquationSeparate
glBlendEquationSeparateiARB
glBlendEquationiARB
glBlendFunc
glBlendFuncSeparate
glBlendFuncSeparateEXT
glBlendFuncSeparateiARB
glBlendFunciARB
glBlitFramebuffer
glBufferData
glBufferDataARB
glBufferStorage
glBufferSubData
glBufferSubDataARB
glCallList
glCallLists
glCheckFramebufferStatus
glCheckFramebufferStatusEXT
glClampColor
glClampColorARB
glClear
glClearAccum
glClearBufferData
glClearBufferSubData
glClearBufferfi
glClearBufferfv
glClearBufferiv
glClearBufferuiv
glClearColor
glClearColorIiEXT
glClearColorIuiEXT
glClearColorx
glClearDepth
glClearDepthf
glClearDepthx
glClearIndex
glClearStencil
glClearTexImage
glClearTexSubImage
glClientActiveTexture
glClientActiveTextureARB
glClientWaitSync
glClipPlane
glClipPlanef
glClipPlanex
glColor3b
glColor3bv
glColor3d
glColor3dv
glColor3f
glColor3fv
glColor3i
glColor3iv
glColor3s
glColor3sv
glColor3ub
glColor3ubv
glColor3ui
glColor3uiv
glColor3us
glColor3usv
glColor4b
glColor4bv
glColor4d
glColor4dv
glColor4f
glColor4fv
glColor4i
glColor4iv
glColor4s
glColor4sv
glColor4ub
glColor4ubv
glColor4ui
glColor4uiv
glColor4us
glColor4usv
glColor4x
glColorMask
glColorMaskIndexedEXT
glColorMaski
glColorMaterial
glColorP3ui
glColorP3uiv
glColorP4ui
glColorP4uiv
glColorPointer
glColorPointerEXT
glColorSubTable
glColorTable
glColorTableParameterfv
glColorTableParameteriv
glCompileShader
glCompileShaderARB
glCompressedTexImage1D
glCompressedTexImage1DARB
glCompressedTexImage2D
glCompressedTexImage2DARB
glCompressedTexImage3D
glCompressedTexImage3DARB
glCompressedTexSubImage1D
glCompressedTexSubImage1DARB
glCompressedTexSubImage2D
glCompressedTexSubImage2DARB
glCompressedTexSubImage3D
glCompressedTexSubImage3DARB
glConvolutionFilter1D
glConvolutionFilter2D
glConvolutionParameterf
glConvolutionParameterfv
glConvolutionParameteri
glConvolutionParameteriv
glCopyBufferSubData
glCopyColorSubTable
glCopyColorTable
glCopyConvolutionFilter1D
glCopyConvolutionFilter2D
glCopyImageSubData
glCopyPixels
glCopyTexImage1D
glCopyTexImage2D
glCopyTexSubImage1D
glCopyTexSubImage2D
glCopyTexSubImage3D
glCopyTexSubImage3DEXT
glCreateProgram
glCreateProgramObjectARB
glCreateShader
glCreateShaderObjectARB
glCullFace
glDebugMessageCallback
glDebugMessageCallbackARB
glDebugMessageControl
glDebugMessageControlARB
glDebugMessageInsert
glDebugMessageInsertARB
glDeleteBuffers
glDeleteBuffersARB
glDeleteFramebuffers
glDeleteFramebuffersEXT
glDeleteLists
glDeleteObjectARB
glDeleteProgram
glDeleteProgramsARB
glDeleteQueries
glDeleteQueriesARB
glDeleteRenderbuffers
glDeleteRenderbuffersEXT
glDeleteSamplers
glDeleteShader
glDeleteSync
glDeleteTextures
glDeleteTexturesEXT
glDeleteTransformFeedbacks
glDeleteVertexArrays
glDepthFunc
glDepthMask
glDepthRange
glDepthRangeArrayv
glDepthRangeIndexed
glDepthRangef
glDepthRangex
glDetachObjectARB
glDetachShader
glDisable
glDisableClientState
glDisableIndexedEXT
glDisableVertexAttribArray
glDisableVertexAttribArrayARB
glDisablei
glDispatchCompute
glDispatchComputeIndirect
glDrawArrays
glDrawArraysEXT
glDrawArraysIndirect
glDrawArraysInstanced
glDrawArraysInstancedARB
glDrawArraysInstancedBaseInstance
glDrawArraysInstancedEXT
glDrawBuffer
glDrawBuffers
glDrawBuffersARB
glDrawBuffersATI
glDrawElements
glDrawElementsBaseVertex
glDrawElementsIndirect
glDrawElementsInstanced
glDrawElementsInstancedARB
glDrawElementsInstancedBaseInstance
glDrawElementsInstancedBaseVertex
glDrawElementsInstancedBaseVertexBaseInstance
glDrawElementsInstancedEXT
glDrawPixels
glDrawRangeElements
glDrawRangeElementsBaseVertex
glDrawRangeElementsEXT
glDrawTransformFeedback
glDrawTransformFeedbackInstanced
glDrawTransformFeedbackStream
glDrawTransformFeedbackStreamInstanced
glEdgeFlag
glEdgeFlagPointer
glEdgeFlagPointerEXT
glEdgeFlagv
glEnable
glEnableClientState
glEnableIndexedEXT
glEnableVertexAttribArray
glEnableVertexAttribArrayARB
glEnablei
glEnd
glEndConditionalRender
glEndConditionalRenderNV
glEndList
glEndQuery
glEndQueryARB
glEndQueryIndexed
glEndTransformFeedback
glEvalCoord1d
glEvalCoord1dv
glEvalCoord1f
glEvalCoord1fv
glEvalCoord2d
glEvalCoord2dv
glEvalCoord2f
glEvalCoord2fv
glEvalMesh1
glEvalMesh2
glEvalPoint1
glEvalPoint2
glFeedbackBuffer
glFenceSync
glFinish
glFlush
glFlushMappedBufferRange
glFogCoordPointer
glFogCoordPointerEXT
glFogCoordd
glFogCoorddEXT
glFogCoorddv
glFogCoorddvEXT
glFogCoordf
glFogCoordfEXT
glFogCoordfv
glFogCoordfvEXT
glFogf
glFogfv
glFogi
glFogiv
glFogx
glFogxv
glFramebufferRenderbuffer
glFramebufferRenderbufferEXT
glFramebufferTexture
glFramebufferTexture1D
glFramebufferTexture1DEXT
glFramebufferTexture2D
glFramebufferTexture2DEXT
glFramebufferTexture3D
glFramebufferTexture3DEXT
glFramebufferTextureLayer
glFramebufferTextureLayerEXT
glFrontFace
glFrustum
glFrustumf
glFrustumx
glGenBuffers
glGenBuffersARB
glGenFramebuffers
glGenFramebuffersEXT
glGenLists
glGenProgramsARB
glGenQueries
glGenQueriesARB
glGenRenderbuffers
glGenRenderbuffersEXT
glGenSamplers
glGenTextures
glGenTexturesEXT
glGenTransformFeedbacks
glGenVertexArrays
glGenerateMipmap
glGenerateMipmapEXT
glGetActiveAtomicCounterBufferiv
glGetActiveAttrib
glGetActiveAttribARB
glGetActiveUniform
glGetActiveUniformARB
glGetActiveUniformBlockName
glGetActiveUniformBlockiv
glGetActiveUniformName
glGetActiveUniformsiv
glGetAttachedObjectsARB
glGetAttachedShaders
glGetAttribLocation
glGetAttribLocationARB
glGetBooleanIndexedvEXT
glGetBooleani_v
glGetBooleanv
glGetBufferParameteri64v
glGetBufferParameteriv
glGetBufferParameterivARB
glGetBufferPointerv
glGetBufferPointervARB
glGetBufferSubData
glGetBufferSubDataARB
glGetClipPlane
glGetClipPlanef
glGetClipPlanex
glGetColorTable
glGetColorTableParameterfv
glGetColorTableParameteriv
glGetCompressedTexImage
glGetCompressedTexImageARB
glGetConvolutionFilter
glGetConvolutionParameterfv
glGetConvolutionParameteriv
glGetDebugMessageLog
glGetDebugMessageLogARB
glGetDoublei_v
glGetDoublev
glGetError
glGetFixedv
glGetFloati_v
glGetFloatv
glGetFragDataIndex
glGetFragDataLocation
glGetFragDataLocationEXT
glGetFramebufferAttachmentParameteriv
glGetFramebufferAttachmentParameterivEXT
glGetGraphicsResetStatusARB
glGetHandleARB
glGetHistogram
glGetHistogramParameterfv
glGetHistogramParameteriv
glGetInfoLogARB
glGetInteger64i_v
glGetInteger64v
glGetIntegerIndexedvEXT
glGetIntegeri_v
glGetIntegerv
glGetLightfv
glGetLightiv
glGetLightxv
glGetMapdv
glGetMapfv
glGetMapiv
glGetMaterialfv
glGetMaterialiv
glGetMaterialxv
glGetMinmax
glGetMinmaxParameterfv
glGetMinmaxParameteriv
glGetMultisamplefv
glGetObjectLabel
glGetObjectParameterfvARB
glGetObjectParameterivARB
glGetObjectPtrLabel
glGetPixelMapfv
glGetPixelMapuiv
glGetPixelMapusv
glGetPointerv
glGetPointervEXT
glGetPolygonStipple
glGetProgramBinary
glGetProgramEnvParameterdvARB
glGetProgramEnvParameterfvARB
glGetProgramInfoLog
glGetProgramLocalParameterdvARB
glGetProgramLocalParameterfvARB
glGetProgramStringARB
glGetProgramiv
glGetProgramivARB
glGetQueryIndexediv
glGetQueryObjectiv
glGetQueryObjectivARB
glGetQueryObjectuiv
glGetQueryObjectuivARB
glGetQueryiv
glGetQueryivARB
glGetRenderbufferParameteriv
glGetRenderbufferParameterivEXT
glGetSamplerParameterIiv
glGetSamplerParameterIuiv
glGetSamplerParameterfv
glGetSamplerParameteriv
glGetSeparableFilter
glGetShaderInfoLog
glGetShaderPrecisionFormat
glGetShaderSource
glGetShaderSourceARB
glGetShaderiv
glGetString
glGetStringi
glGetSynciv
glGetTexEnvfv
glGetTexEnviv
glGetTexEnvxv
glGetTexGendv
glGetTexGenfv
glGetTexGeniv
glGetTexImage
glGetTexLevelParameterfv
glGetTexLevelParameteriv
glGetTexParameterIiv
glGetTexParameterIivEXT
glGetTexParameterIuiv
glGetTexParameterIuivEXT
glGetTexParameterfv
glGetTexParameteriv
glGetTexParameterxv
glGetTransformFeedbackVarying
glGetUniformBlockIndex
glGetUniformIndices
glGetUniformLocation
glGetUniformLocationARB
glGetUniformfv
glGetUniformfvARB
glGetUniformiv
glGetUniformivARB
glGetUniformuiv
glGetUniformuivEXT
glGetVertexAttribIiv
glGetVertexAttribIivEXT
glGetVertexAttribIuiv
glGetVertexAttribIuivEXT
glGetVertexAttribPointerv
glGetVertexAttribPointervARB
glGetVertexAttribdv
glGetVertexAttribdvARB
glGetVertexAttribfv

Sections

.text
Size: 14.1MB - Virtual size: 14.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5.0MB - Virtual size: 5.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 462KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 668KB - Virtual size: 667KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 91KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
vcruntime140.dll
.dll windows:6 windows x64 arch:x64

Password: 2025

44c3854843f7a3fccdf8ddbbea66f302

Code Sign

33:00:00:01:e2:f1:7d:92:02:0e:49:f8:7f:00:00:00:00:01:e2
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

15-12-2020 21:31

Not After

02-12-2021 21:31

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

f7:83:e8:fe:9b:12:41:fc:30:39:3a:38:a0:12:16:d8:7c:73:43:56:72:48:ca:1e:25:f6:f1:cb:95:e8:ff:06
Signer

Actual PE Digest

f7:83:e8:fe:9b:12:41:fc:30:39:3a:38:a0:12:16:d8:7c:73:43:56:72:48:ca:1e:25:f6:f1:cb:95:e8:ff:06

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

d:\a01\_work\2\s\\binaries\amd64ret\bin\amd64\\vcruntime140.amd64.pdb

Imports

api-ms-win-crt-runtime-l1-1-0

terminate
abort

api-ms-win-crt-heap-l1-1-0

calloc
malloc
free

api-ms-win-crt-string-l1-1-0

strcpy_s
strncmp
wcsncmp

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf_s

api-ms-win-crt-convert-l1-1-0

atol

kernel32

SetLastError
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlCaptureContext
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
RtlLookupFunctionEntry
RtlUnwindEx
GetModuleHandleW
RtlUnwind
EncodePointer
RaiseException
RtlPcToFileHeader
InterlockedPushEntrySList
InterlockedFlushSList
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetLastError
LoadLibraryExW
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
GetModuleFileNameW

Exports

Exports

_CreateFrameInfo
_CxxThrowException
_FindAndUnlinkFrame
_IsExceptionObjectToBeDestroyed
_SetWinRTOutOfMemoryExceptionCallback
__AdjustPointer
__BuildCatchObject
__BuildCatchObjectHelper
__C_specific_handler
__C_specific_handler_noexcept
__CxxDetectRethrow
__CxxExceptionFilter
__CxxFrameHandler
__CxxFrameHandler2
__CxxFrameHandler3
__CxxQueryExceptionSize
__CxxRegisterExceptionObject
__CxxUnregisterExceptionObject
__DestructExceptionObject
__FrameUnwindFilter
__GetPlatformExceptionInfo
__NLG_Dispatch2
__NLG_Return2
__RTCastToVoid
__RTDynamicCast
__RTtypeid
__TypeMatch
__current_exception
__current_exception_context
__intrinsic_setjmp
__intrinsic_setjmpex
__processing_throw
__report_gsfailure
__std_exception_copy
__std_exception_destroy
__std_terminate
__std_type_info_compare
__std_type_info_destroy_list
__std_type_info_hash
__std_type_info_name
__telemetry_main_invoke_trigger
__telemetry_main_return_trigger
__unDName
__unDNameEx
__uncaught_exception
__uncaught_exceptions
__vcrt_GetModuleFileNameW
__vcrt_GetModuleHandleW
__vcrt_InitializeCriticalSectionEx
__vcrt_LoadLibraryExW
_get_purecall_handler
_get_unexpected
_is_exception_typeof
_local_unwind
_purecall
_set_purecall_handler
_set_se_translator
longjmp
memchr
memcmp
memcpy
memmove
memset
set_unexpected
strchr
strrchr
strstr
unexpected
wcschr
wcsrchr
wcsstr

Sections

.text
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 416B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
wmxo
winrar-x64.exe
.exe windows:6 windows x64 arch:x64

ff7e069b78bf716250a0686cc64fce2e

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29-04-2021 00:00

Not After

28-04-2036 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:8b:08:39:9e:c7:03:62:3c:72:cd:20:77:ad:65:d9
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

08-08-2023 00:00

Not After

07-08-2026 23:59

Subject

SERIALNUMBER=HRB 109885,CN=win.rar GmbH,O=win.rar GmbH,L=Berlin,ST=Berlin,C=DE,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.1=#130e436861726c6f7474656e62757267,1.3.6.1.4.1.311.60.2.1.2=#13064265726c696e,1.3.6.1.4.1.311.60.2.1.3=#13024445

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0b:ae:66:bc:5a:ba:7f:95:87:c6:f9:e9:04:e3:33:04
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

26-09-2024 00:00

Not After

25-11-2035 23:59

Subject

CN=DigiCert Timestamp 2024,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-08-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

a7:17:8d:c1:d8:71:fc:91:64:c4:ef:5e:b0:60:c9:bc:e6:b9:5a:24:ad:37:79:4c:67:d6:ab:b1:ed:a3:ed:38
Signer

Actual PE Digest

a7:17:8d:c1:d8:71:fc:91:64:c4:ef:5e:b0:60:c9:bc:e6:b9:5a:24:ad:37:79:4c:67:d6:ab:b1:ed:a3:ed:38

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\Projects\WinRAR\SFX\setup\build\sfxrar64\Release\sfxrar.pdb

Imports

kernel32

GetLastError
FormatMessageW
LocalFree
SetLastError
CreateHardLinkW
SetFileTime
CreateFileW
CloseHandle
DeviceIoControl
RemoveDirectoryW
DeleteFileW
GetLongPathNameW
GetShortPathNameW
MoveFileW
GetStdHandle
WriteFile
ReadFile
SetFilePointer
SetEndOfFile
FlushFileBuffers
GetFileType
CreateDirectoryW
GetFileAttributesW
SetFileAttributesW
GetCurrentProcessId
FindClose
FindFirstFileW
FindNextFileW
GetVersionExW
GetFullPathNameW
FoldStringW
GetModuleFileNameW
SetCurrentDirectoryW
GetCurrentDirectoryW
GetModuleHandleW
FindResourceW
FreeLibrary
GetProcAddress
ExpandEnvironmentStringsW
SetThreadExecutionState
GetCurrentProcess
CompareStringW
AllocConsole
AttachConsole
WriteConsoleW
Sleep
FreeConsole
ExitProcess
GetSystemDirectoryW
LoadLibraryW
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
CreateThread
WaitForSingleObject
GetProcessAffinityMask
CreateSemaphoreW
CreateEventW
ReleaseSemaphore
SetThreadPriority
SetEvent
ResetEvent
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
SystemTimeToFileTime
GetSystemTime
WideCharToMultiByte
MultiByteToWideChar
GetCPInfo
IsDBCSLeadByte
GlobalAlloc
SizeofResource
LoadResource
LockResource
GlobalLock
GlobalUnlock
GlobalFree
GetDateFormatW
GetTimeFormatW
GlobalMemoryStatusEx
GetLocaleInfoW
GetNumberFormatW
GetCommandLineW
SetEnvironmentVariableW
GetLocalTime
GetTickCount
MoveFileExW
GetTempPathW
GetExitCodeProcess
GetConsoleMode
GetConsoleOutputCP
HeapSize
SetFilePointerEx
GetStringTypeW
SetStdHandle
GetProcessHeap
LCMapStringW
FlsFree
FlsSetValue
RaiseException
GetSystemInfo
VirtualProtect
VirtualQuery
LoadLibraryExA
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
WakeAllConditionVariable
SleepConditionVariableSRW
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
RtlUnwindEx
RtlPcToFileHeader
EncodePointer
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
QueryPerformanceFrequency
GetModuleHandleExW
HeapFree
HeapAlloc
HeapReAlloc
FindFirstFileExW
IsValidCodePage
GetACP
GetOEMCP
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
FlsAlloc
FlsGetValue

oleaut32

SysAllocString
SysFreeString
VariantClear

gdiplus

GdipFree
GdipAlloc
GdipCloneImage
GdipDisposeImage
GdipCreateHBITMAPFromBitmap
GdiplusStartup
GdiplusShutdown
GdipCreateBitmapFromStream

Sections

.text
Size: 243KB - Virtual size: 242KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 1024B - Virtual size: 816B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 134KB - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: 2025

Password: 2025

Password: 2025

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

05:75:e1:f7:ec:9b:d8:a6:7a:3f:61:89:c6:3e:97:bbCertificate

Extended Key Usages

Key Usages

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

47:61:59:f6:b7:42:45:ca:c9:25:78:ae:bc:3c:f6:ba:c3:c2:15:e8:6d:ed:75:4a:cd:f7:6c:5e:97:9a:9e:e5Signer

Headers

DLL Characteristics

File Characteristics

Sections

.rdata Size: 512B - Virtual size: 160B

.rsrc Size: 247KB - Virtual size: 246KB

Password: 2025

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

05:75:e1:f7:ec:9b:d8:a6:7a:3f:61:89:c6:3e:97:bbCertificate

Extended Key Usages

Key Usages

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

79:ad:e0:64:e4:e6:2d:91:c0:f1:bf:7f:f7:1a:3d:a5:01:8f:45:2b:7e:ff:ba:4b:f0:59:d2:18:e7:a8:32:e4Signer

Headers

DLL Characteristics

File Characteristics

Sections

.rdata Size: 512B - Virtual size: 160B

.rsrc Size: 251KB - Virtual size: 250KB

Password: 2025

9772a9b942d20b0a0e95927aa84d512e

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

06:e2:63:20:84:8d:2c:32:d8:cc:af:f3:a6:c1:f2:d9Certificate

Extended Key Usages

Key Usages

3a:52:6a:2c:84:ce:55:e6:1d:65:fc:cc:12:d8:e9:89Certificate

Extended Key Usages

Key Usages

7a:23:ae:da:53:69:96:0f:91:c8:3e:5c:f4:c7:e3:3fCertificate

Extended Key Usages

Key Usages

36:c2:b0:bd:7c:1b:3a:e7:a3:b3:dd:36:cb:c9:75:68Certificate

Extended Key Usages

Key Usages

7a:10:81:2c:12:e6:62:58:f7:e6:4b:2f:4f:40:c1:f3:a4:d1:a5:ae:a2:10:79:a7:fa:3f:cf:84:3d:82:b0:08Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

swresample-3

avutil-56

ole32

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

05:75:e1:f7:ec:9b:d8:a6:7a:3f:61:89:c6:3e:97:bb
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

47:61:59:f6:b7:42:45:ca:c9:25:78:ae:bc:3c:f6:ba:c3:c2:15:e8:6d:ed:75:4a:cd:f7:6c:5e:97:9a:9e:e5
Signer

.rdata
Size: 512B - Virtual size: 160B

.rsrc
Size: 247KB - Virtual size: 246KB

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

05:75:e1:f7:ec:9b:d8:a6:7a:3f:61:89:c6:3e:97:bb
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

79:ad:e0:64:e4:e6:2d:91:c0:f1:bf:7f:f7:1a:3d:a5:01:8f:45:2b:7e:ff:ba:4b:f0:59:d2:18:e7:a8:32:e4
Signer

.rdata
Size: 512B - Virtual size: 160B

.rsrc
Size: 251KB - Virtual size: 250KB

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

06:e2:63:20:84:8d:2c:32:d8:cc:af:f3:a6:c1:f2:d9
Certificate

3a:52:6a:2c:84:ce:55:e6:1d:65:fc:cc:12:d8:e9:89
Certificate

7a:23:ae:da:53:69:96:0f:91:c8:3e:5c:f4:c7:e3:3f
Certificate

36:c2:b0:bd:7c:1b:3a:e7:a3:b3:dd:36:cb:c9:75:68
Certificate

7a:10:81:2c:12:e6:62:58:f7:e6:4b:2f:4f:40:c1:f3:a4:d1:a5:ae:a2:10:79:a7:fa:3f:cf:84:3d:82:b0:08
Signer

.text
Size: 17.2MB - Virtual size: 17.2MB

.rdata
Size: 8.1MB - Virtual size: 8.1MB

.data
Size: 224KB - Virtual size: 11.4MB

.pdata
Size: 394KB - Virtual size: 393KB

.idata
Size: 18KB - Virtual size: 17KB

_RDATA
Size: 512B - Virtual size: 313B

.00cfg
Size: 512B - Virtual size: 373B

.reloc
Size: 162KB - Virtual size: 162KB

1b:b5:8f:25:2a:df:23:00:49:28:c9:ae:3d:7e:ed:27
Certificate

09:c5:cc:f8:bb:66:7d:71:37:aa:c1:59:80:06:cb:31
Certificate

99:a3:80:0a:26:55:3b:65:ab:dc:6e:84:a6:b3:ea:39
Certificate

e7:ff:69:c7:3b:35:ce:4b:91:26:d8:74:7c:68:a5:87
Certificate

61:2b:2b:92:bf:06:e4:a4:15:cc:96:9c:45:8a:be:34
Certificate

b6:28:85:1a:c9:f2:30:9b:7a:bc:3b:32:3d:94:f3:fe:a9:8a:ba:34:ba:7a:95:74:bd:dc:c6:e3:39:02:e9:e4
Signer

.text
Size: 27KB - Virtual size: 27KB

.rdata
Size: 11KB - Virtual size: 10KB

.data
Size: 512B - Virtual size: 415KB

.ndata
Size: - Virtual size: 516KB

.rsrc
Size: 6KB - Virtual size: 6KB

.reloc
Size: 4KB - Virtual size: 3KB