4202f7fb5710bdb128f6619b2f441cca74c2637267cb1a37b955d7563522ac1b

Sharing

Copy URL

Twitter E-mail

General

Target

4202f7fb5710bdb128f6619b2f441cca74c2637267cb1a37b955d7563522ac1b
Size

6.0MB
MD5

dbcf2eee040be2f2c3db3bda7ed99cac
SHA1

e49e4eefc8facaf8ddfde019234b1182039cc74d
SHA256

4202f7fb5710bdb128f6619b2f441cca74c2637267cb1a37b955d7563522ac1b
SHA512

4d5422ddb561f61cae0a9b8ff85bfc0735a3d7a87eaaf4d55759937495e6c4cdc49b84b2e3bfdffddbab28f9e1da8b67eb50d978acc8deef6dc5484ff3f0ad2b
SSDEEP

98304:+Tzfolyi0EtiLUphlSJIOefBKON9yzxnsPbwPSeGZTqqN2uvDhM37h9JhrfWSiMS:+Tzfyy8gjIPUOrKtsPbKSedqN2AGLhra

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/libde265.dll

Files

4202f7fb5710bdb128f6619b2f441cca74c2637267cb1a37b955d7563522ac1b
.zip
Adag_Quotation_2025-1-14.exe
.exe windows:6 windows x64 arch:x64

002f06ea85792e134a0205bfca9d9a63

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29-04-2021 00:00

Not After

28-04-2036 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:d1:3b:35:b6:8d:d6:d2:92:db:a4:bd:79:cc:8b:82
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

22-02-2022 00:00

Not After

22-02-2024 23:59

Subject

CN=Corel Corporation,O=Corel Corporation,L=Ottawa,ST=Ontario,C=CA

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12-01-2016 00:00

Not After

11-01-2031 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23-12-2017 00:00

Not After

22-03-2029 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

b8:d5:0a:92:5f:ee:b0:8e:d9:54:47:54:16:c8:4a:ef:12:ac:55:0c:40:35:04:e7:35:38:de:a5:53:87:a9:37
Signer

Actual PE Digest

b8:d5:0a:92:5f:ee:b0:8e:d9:54:47:54:16:c8:4a:ef:12:ac:55:0c:40:35:04:e7:35:38:de:a5:53:87:a9:37

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

heif

heif_image_handle_get_list_of_depth_image_IDs
heif_image_handle_has_depth_image
heif_decoding_options_free
heif_decode_image
heif_decoding_options_alloc
heif_image_handle_get_depth_image_handle
heif_image_release
heif_image_handle_get_luma_bits_per_pixel
heif_image_handle_has_alpha_channel
heif_image_handle_release
heif_context_get_image_handle
heif_context_get_list_of_top_level_image_IDs
heif_context_get_number_of_top_level_images
heif_context_read_from_file
heif_context_free
heif_context_alloc
heif_check_filetype
heif_image_get_plane_readonly
heif_image_get_height
heif_image_get_width
heif_image_get_chroma_format

msvcp140

?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
??0_Lockit@std@@QEAA@H@Z
??1_Lockit@std@@QEAA@XZ
?_Xlength_error@std@@YAXPEBD@Z
?_Xout_of_range@std@@YAXPEBD@Z
?uncaught_exception@std@@YA_NXZ
??Bid@locale@std@@QEAA_KXZ
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?always_noconv@codecvt_base@std@@QEBA_NXZ
?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?good@ios_base@std@@QEBA_NXZ
?flags@ios_base@std@@QEBAHXZ
?width@ios_base@std@@QEBA_JXZ
?width@ios_base@std@@QEAA_J_J@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?pbase@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXH@Z
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD00@Z
?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?_Gninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?_Gnavail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBA_JXZ
?pbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXH@Z
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD0@Z
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD00@Z
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?_Pnavail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBA_JXZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAPEAD0PEAH001@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADXZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_K@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEAD_J@Z
?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z

vcruntime140

strchr
strrchr
__C_specific_handler
__current_exception
__current_exception_context
memset
memmove
_purecall
__std_terminate
__std_exception_copy
__std_exception_destroy
_CxxThrowException
memcpy
memchr

vcruntime140_1

__CxxFrameHandler4

api-ms-win-crt-heap-l1-1-0

malloc
_set_new_mode
free
_callnewh

api-ms-win-crt-stdio-l1-1-0

ungetc
setvbuf
_fseeki64
fsetpos
_set_fmode
fread
fputc
fgetpos
fgetc
fflush
_get_stream_buffer_pointers
__acrt_iob_func
__p__commode
__stdio_common_vfprintf
fwrite
fopen
fclose

api-ms-win-crt-runtime-l1-1-0

_invalid_parameter_noinfo_noreturn
_initialize_onexit_table
_register_thread_local_exe_atexit_callback
_c_exit
_cexit
__p___argv
__p___argc
_exit
exit
_initterm_e
_initterm
_crt_atexit
_get_initial_narrow_environment
terminate
_seh_filter_exe
_set_app_type
_register_onexit_function
_configure_narrow_argv
_initialize_narrow_environment

api-ms-win-crt-convert-l1-1-0

atoi

api-ms-win-crt-filesystem-l1-1-0

_lock_file
_unlock_file

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

kernel32

QueryPerformanceCounter
GetModuleHandleW
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
RtlCaptureContext
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry

Sections

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 224B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
heif.dll
.dll windows:6 windows x64 arch:x64

bed7e6254853568f7d580ca4b8cf5f89

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29-04-2021 00:00

Not After

28-04-2036 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:d1:3b:35:b6:8d:d6:d2:92:db:a4:bd:79:cc:8b:82
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

22-02-2022 00:00

Not After

22-02-2024 23:59

Subject

CN=Corel Corporation,O=Corel Corporation,L=Ottawa,ST=Ontario,C=CA

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12-01-2016 00:00

Not After

11-01-2031 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23-12-2017 00:00

Not After

22-03-2029 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

f3:9e:76:5d:46:e6:61:ec:84:ef:cf:1c:6c:e0:23:2e:e5:13:70:d1:46:32:b1:76:e5:24:cc:fe:b6:ce:d7:3a
Signer

Actual PE Digest

f3:9e:76:5d:46:e6:61:ec:84:ef:cf:1c:6c:e0:23:2e:e5:13:70:d1:46:32:b1:76:e5:24:cc:fe:b6:ce:d7:3a

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

libde265

de265_get_image_width
de265_free
de265_init
de265_release_next_picture
de265_get_next_picture
de265_decode
de265_flush_data
de265_push_NAL
de265_free_decoder
de265_start_worker_threads
de265_new_decoder
de265_get_image_plane
de265_get_bits_per_pixel
de265_get_chroma_format
de265_get_image_height
de265_get_version

kernel32

DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
InitializeSListHead
MultiByteToWideChar
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
DeleteCriticalSection
CloseHandle
InitializeConditionVariable
WakeConditionVariable
SleepConditionVariableCS
WaitForSingleObjectEx
SetThreadPriority
InitOnceBeginInitialize
InitOnceComplete
WakeAllConditionVariable

msvcp140

?_Xlength_error@std@@YAXPEBD@Z
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEAD_J@Z
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@_JH@Z
?tellg@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA?AV?$fpos@U_Mbstatet@@@2@XZ
?uncaught_exception@std@@YA_NXZ
?good@ios_base@std@@QEBA_NXZ
?flags@ios_base@std@@QEBAHXZ
?setf@ios_base@std@@QEAAHH@Z
?setf@ios_base@std@@QEAAHHH@Z
?width@ios_base@std@@QEBA_JXZ
?width@ios_base@std@@QEAA_J_J@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?pbase@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXH@Z
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD00@Z
?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD0@Z
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD00@Z
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADXZ
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAADD@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@G@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@I@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_K@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
??0_Lockit@std@@QEAA@H@Z
??1_Lockit@std@@QEAA@XZ
??Bid@locale@std@@QEAA_KXZ
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?always_noconv@codecvt_base@std@@QEBA_NXZ
?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?_Gninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?_Gnavail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBA_JXZ
?pbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXH@Z
?_Pnavail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBA_JXZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAPEAD0PEAH001@Z
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEBD_J@Z
?_Fiopen@std@@YAPEAU_iobuf@@PEB_WHH@Z
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ

vcruntime140

_purecall
__std_exception_copy
__std_exception_destroy
_CxxThrowException
memcpy
memmove
memset
__std_terminate
memcmp
__RTDynamicCast
longjmp
__C_specific_handler
__std_type_info_destroy_list
__intrinsic_setjmp

vcruntime140_1

__CxxFrameHandler4

api-ms-win-crt-runtime-l1-1-0

_crt_atexit
_register_onexit_function
_cexit
_initialize_onexit_table
_initialize_narrow_environment
_errno
strerror
_configure_narrow_argv
_seh_filter_dll
_initterm
_initterm_e
_invalid_parameter_noinfo_noreturn
_beginthreadex
_execute_onexit_table

api-ms-win-crt-heap-l1-1-0

realloc
malloc
free
calloc
_callnewh

api-ms-win-crt-convert-l1-1-0

atoi

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vfprintf
__acrt_iob_func
_write
__stdio_common_vsprintf
ungetc
setvbuf
fwrite
_fseeki64
fsetpos
fread
fputc
fgetpos
_get_stream_buffer_pointers
fgetc
fflush
fclose

api-ms-win-crt-filesystem-l1-1-0

_unlock_file
_lock_file

api-ms-win-crt-math-l1-1-0

pow
lroundf

api-ms-win-crt-utility-l1-1-0

qsort

Exports

Exports

heif_brand_to_fourcc
heif_check_filetype
heif_context_add_XMP_metadata
heif_context_add_exif_metadata
heif_context_add_generic_metadata
heif_context_alloc
heif_context_assign_thumbnail
heif_context_debug_dump_boxes_to_file
heif_context_encode_image
heif_context_encode_thumbnail
heif_context_free
heif_context_get_encoder
heif_context_get_encoder_descriptors
heif_context_get_encoder_for_format
heif_context_get_image_handle
heif_context_get_list_of_top_level_image_IDs
heif_context_get_number_of_top_level_images
heif_context_get_primary_image_ID
heif_context_get_primary_image_handle
heif_context_is_top_level_image_ID
heif_context_read_from_file
heif_context_read_from_memory
heif_context_read_from_memory_without_copy
heif_context_read_from_reader
heif_context_set_maximum_image_size_limit
heif_context_set_primary_image
heif_context_write
heif_context_write_to_file
heif_decode_image
heif_decoding_options_alloc
heif_decoding_options_free
heif_depth_representation_info_free
heif_encoder_descriptor_get_compression_format
heif_encoder_descriptor_get_id_name
heif_encoder_descriptor_get_name
heif_encoder_descriptor_supportes_lossless_compression
heif_encoder_descriptor_supportes_lossy_compression
heif_encoder_descriptor_supports_lossless_compression
heif_encoder_descriptor_supports_lossy_compression
heif_encoder_get_name
heif_encoder_get_parameter
heif_encoder_get_parameter_boolean
heif_encoder_get_parameter_integer
heif_encoder_get_parameter_string
heif_encoder_has_default
heif_encoder_list_parameters
heif_encoder_parameter_get_name
heif_encoder_parameter_get_type
heif_encoder_parameter_get_valid_integer_range
heif_encoder_parameter_get_valid_integer_values
heif_encoder_parameter_get_valid_string_values
heif_encoder_parameter_integer_valid_range
heif_encoder_parameter_integer_valid_values
heif_encoder_parameter_string_valid_values
heif_encoder_release
heif_encoder_set_logging_level
heif_encoder_set_lossless
heif_encoder_set_lossy_quality
heif_encoder_set_parameter
heif_encoder_set_parameter_boolean
heif_encoder_set_parameter_integer
heif_encoder_set_parameter_string
heif_encoding_options_alloc
heif_encoding_options_free
heif_fourcc_to_brand
heif_free_list_of_compatible_brands
heif_get_file_mime_type
heif_get_version
heif_get_version_number
heif_get_version_number_maintenance
heif_get_version_number_major
heif_get_version_number_minor
heif_has_compatible_brand
heif_have_decoder_for_format
heif_have_encoder_for_format
heif_image_add_plane
heif_image_create
heif_image_crop
heif_image_get_bits_per_pixel
heif_image_get_bits_per_pixel_range
heif_image_get_chroma_format
heif_image_get_color_profile_type
heif_image_get_colorspace
heif_image_get_height
heif_image_get_nclx_color_profile
heif_image_get_plane
heif_image_get_plane_readonly
heif_image_get_primary_height
heif_image_get_primary_width
heif_image_get_raw_color_profile
heif_image_get_raw_color_profile_size
heif_image_get_width
heif_image_handle_free_auxiliary_types
heif_image_handle_get_auxiliary_image_handle
heif_image_handle_get_auxiliary_type
heif_image_handle_get_chroma_bits_per_pixel
heif_image_handle_get_color_profile_type
heif_image_handle_get_depth_image_handle
heif_image_handle_get_depth_image_representation_info
heif_image_handle_get_height
heif_image_handle_get_ispe_height
heif_image_handle_get_ispe_width
heif_image_handle_get_list_of_auxiliary_image_IDs
heif_image_handle_get_list_of_depth_image_IDs
heif_image_handle_get_list_of_metadata_block_IDs
heif_image_handle_get_list_of_thumbnail_IDs
heif_image_handle_get_luma_bits_per_pixel
heif_image_handle_get_metadata
heif_image_handle_get_metadata_content_type
heif_image_handle_get_metadata_size
heif_image_handle_get_metadata_type
heif_image_handle_get_nclx_color_profile
heif_image_handle_get_number_of_auxiliary_images
heif_image_handle_get_number_of_depth_images
heif_image_handle_get_number_of_metadata_blocks
heif_image_handle_get_number_of_thumbnails
heif_image_handle_get_raw_color_profile
heif_image_handle_get_raw_color_profile_size
heif_image_handle_get_thumbnail
heif_image_handle_get_width
heif_image_handle_has_alpha_channel
heif_image_handle_has_depth_image
heif_image_handle_is_premultiplied_alpha
heif_image_handle_is_primary_image
heif_image_handle_release
heif_image_has_channel
heif_image_is_premultiplied_alpha
heif_image_release
heif_image_scale_image
heif_image_set_nclx_color_profile
heif_image_set_premultiplied_alpha
heif_image_set_raw_color_profile
heif_list_compatible_brands
heif_main_brand
heif_nclx_color_profile_alloc
heif_nclx_color_profile_free
heif_read_main_brand
heif_register_decoder
heif_register_decoder_plugin
heif_register_encoder_plugin

Sections

.text
Size: 715KB - Virtual size: 714KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 527KB - Virtual size: 526KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 289KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
libde265.dll
.dll windows:6 windows x64 arch:x64

669653fdcb401ed09099f2c40b8a7b5e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

advapi32

RegCloseKey
RegQueryValueExW
OpenProcessToken
GetTokenInformation
LookupPrivilegeValueW
AdjustTokenPrivileges
RegEnumKeyExW
RegEnumValueW
RegOpenKeyExW
DuplicateTokenEx
OpenThreadToken
RevertToSelf
ImpersonateLoggedOnUser
CheckTokenMembership

bcrypt

BCryptOpenAlgorithmProvider
BCryptImportKeyPair
BCryptImportKey
BCryptHashData
BCryptGetProperty
BCryptFinishHash
BCryptExportKey
BCryptDecrypt
BCryptEncrypt
BCryptDestroyKey
BCryptDestroyHash
BCryptCreateHash
BCryptCloseAlgorithmProvider
BCryptGenRandom
BCryptSetProperty

crypt32

CryptFindOIDInfo
CryptImportPublicKeyInfoEx2
CryptFormatObject
CryptDecodeObject
CertOpenStore
CertNameToStrW
CertFreeCertificateContext
CryptProtectMemory
CertGetNameStringW
CertGetCertificateContextProperty
CertGetCertificateChain
CertFreeCertificateChain
CertEnumCertificatesInStore
CertDuplicateCertificateContext
CertControlStore
CertCloseStore
CryptUnprotectMemory

kernel32

IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
RtlUnwindEx
InterlockedFlushSList
RaiseException
EncodePointer
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
RtlPcToFileHeader
GetTickCount64
QueryPerformanceCounter
SetLastError
FormatMessageW
GetLastError
LocalFree
CreateProcessA
CloseHandle
ExitProcess
FreeConsole
GetCPInfoExW
GetConsoleScreenBufferInfo
GetConsoleMode
GetConsoleOutputCP
GetFileType
GetStdHandle
MultiByteToWideChar
ReadFile
ReadConsoleW
SetConsoleTextAttribute
WideCharToMultiByte
WriteFile
WriteConsoleW
K32EnumProcessModulesEx
IsWow64Process
GetExitCodeProcess
CreateProcessW
GetCurrentProcess
OpenProcess
K32EnumProcesses
K32GetModuleInformation
K32GetModuleBaseNameW
K32GetModuleFileNameExW
GetProcessId
DuplicateHandle
GetConsoleCP
CreatePipe
CloseThreadpoolIo
GetCurrentProcessId
RaiseFailFastException
TzSpecificLocalTimeToSystemTime
SystemTimeToFileTime
FileTimeToSystemTime
GetSystemTime
GetCalendarInfoEx
FindStringOrdinal
CompareStringOrdinal
CompareStringEx
FindNLSStringEx
GetLocaleInfoEx
ResolveLocaleName
GetUserPreferredUILanguages
GetCurrentThread
WaitForSingleObject
Sleep
InitializeCriticalSection
InitializeConditionVariable
DeleteCriticalSection
EnterCriticalSection
SleepConditionVariableCS
LeaveCriticalSection
WakeConditionVariable
CreateThreadpoolTimer
SetThreadpoolTimer
WaitForMultipleObjectsEx
GetCurrentThreadId
CreateThreadpoolWait
SetThreadpoolWait
WaitForThreadpoolWaitCallbacks
CloseThreadpoolWait
CreateThreadpoolWork
CloseThreadpoolWork
SubmitThreadpoolWork
QueryPerformanceFrequency
GetFullPathNameW
GetLongPathNameW
GetCPInfo
LocalAlloc
GetProcAddress
LocaleNameToLCID
LCMapStringEx
EnumTimeFormatsEx
EnumCalendarInfoExEx
CancelIoEx
CancelSynchronousIo
CreateIoCompletionPort
CopyFileExW
CreateDirectoryW
CreateFileW
CreateThreadpoolIo
StartThreadpoolIo
CancelThreadpoolIo
DeleteFileW
DeviceIoControl
ExpandEnvironmentStringsW
FindClose
FindFirstFileExW
FlushFileBuffers
FreeLibrary
GetCurrentDirectoryW
GetFileAttributesExW
GetFileInformationByHandleEx
GetModuleFileNameW
GetOverlappedResult
GetSystemDirectoryW
LoadLibraryExW
OpenThread
QueryUnbiasedInterruptTime
SetFileAttributesW
SetFileInformationByHandle
SetFilePointerEx
SetThreadErrorMode
CreateThread
ResumeThread
GetThreadPriority
SetThreadPriority
GetDynamicTimeZoneInformation
GetTimeZoneInformation
GetCurrentProcessorNumberEx
SetEvent
ResetEvent
CreateEventExW
GetEnvironmentVariableW
FlushProcessWriteBuffers
WaitForSingleObjectEx
RtlVirtualUnwind
RtlCaptureContext
RtlRestoreContext
AddVectoredExceptionHandler
FlsAlloc
FlsGetValue
FlsSetValue
CreateEventW
TerminateProcess
SwitchToThread
SuspendThread
GetThreadContext
SetThreadContext
FlushInstructionCache
VirtualAlloc
VirtualProtect
VirtualFree
QueryInformationJobObject
GetModuleHandleW
GetModuleHandleExW
GetProcessAffinityMask
InitializeContext
GetEnabledXStateFeatures
SetXStateFeaturesMask
InitializeCriticalSectionEx
VirtualQuery
GetSystemTimeAsFileTime
DebugBreak
SleepEx
GlobalMemoryStatusEx
GetSystemInfo
GetLogicalProcessorInformation
GetLogicalProcessorInformationEx
GetLargePageMinimum
VirtualUnlock
VirtualAllocExNuma
IsProcessInJob
GetNumaHighestNodeNumber
GetProcessGroupAffinity
K32GetProcessMemoryInfo
RtlLookupFunctionEntry
InitializeSListHead

ncrypt

NCryptOpenKey
NCryptDeleteKey
NCryptFreeObject
NCryptOpenStorageProvider
NCryptGetProperty
NCryptSetProperty
NCryptImportKey

ole32

CoInitializeEx
CoUninitialize
CoTaskMemAlloc
CoGetApartmentType
CoCreateGuid
CoWaitForMultipleHandles
CoTaskMemFree

user32

LoadStringW

api-ms-win-crt-heap-l1-1-0

malloc
_callnewh
calloc
free

api-ms-win-crt-math-l1-1-0

nanf
fmod
fmodf
ceil
cos
floor
log
pow
sin
sqrt
tan
modf
nan

api-ms-win-crt-string-l1-1-0

strncpy_s
strcpy_s
wcsncmp
strcmp
_stricmp

api-ms-win-crt-convert-l1-1-0

strtoull

api-ms-win-crt-runtime-l1-1-0

_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_configure_narrow_argv
_crt_atexit
_seh_filter_dll
_cexit
_execute_onexit_table
terminate
_initterm_e
abort
_initterm

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsscanf
__stdio_common_vfprintf
__acrt_iob_func
__stdio_common_vsprintf_s

Exports

Exports

02UEecCn9iKaWYFSgCu8RR8qRDNRAH
04IeGXVq
06sYdYQW
09axPSRLhfq
0B0UwlTXol
0BST0YZi1tCUrhsqwgCWhRk7sK
0CMAEnqmOzRsyIhbBps2
0DMxgFQx5LH1tik
0F4USouP82fwVL8ZC1jQA3qVOULYqZfV
0FqzLq7ZNVC1dY
0HAtP0Y
0LzyGlOwv32rPsu4HqbX1CKYFLKMu
0QugloO18pwkNfo
0SVqpeDjPVp
0VF7SL7OVbza1OeseyLdUj3Du
0WyD3H9XhzmJ
0X2HWfpt3Sr3RuZy8oAU9TSlSxPmQ
0XDCfHpdPjXlUEqfWvLUxsqd
0Y3XXk7YvnDFmKLI54V0N
0Z6KmzZW103sBDMcgd
0ZgV1u9HrFzgwTN67xFE1fMjuMZ4X1ce
0cLQjcpk
0cSbHf2mij7iiWoB4vpFD
0gNF5U1crLt4tvXb74pc5L3fi
0ksfDkm
0l8JhxbphucZYT0ij768L4XXF4o
0mo2LoKx9l4ncqoBibOoZ7YwNsG
0p5u0ndBOFm1kDKMrCPUGSI0cn
0uXjCqKvq462Tf
0v5XtwxbTLtjoPZXdSqqUStz
0vzmj1SN1Wl11i
0wDAb2vg
132lZgIyLfZtJwOmQvMi
13cqhS1ey
160q58FEKBTzSy
184MOpQQP7Ve
19Q4j2LhvvRSYooiV47IioKQq
1A2haa81p3rGD5
1CL4qy5RQ
1FpL0Sqndv
1Fqz2AqtzzbdfLTtWWAWVasom
1GaIrj9JpGKE
1I9Yt6kvpSiMiZi5dC
1KnAmtAphMY6dJ5pqFsYgZgGL8
1O02bCFSUokt9u
1PgEu7rK3CU
1SriNDEfbLhu4tiiZ1
1Uy7WszlJhhV2hTOm3IMrTuIk
1ZUZ85RA6DOdcNYLlW
1k1hHVOlb9NbTZyC9DJfWmQjtsM
1k9mjOfm8TT
1l0wVp8Q9msQ3dgZLjwJI4l
1m7TqDVqCsZBSgYFhZyvdNaP0SQKMmbC
1nUgQqQbAVYgJ1P79QcFyXkPT6EG7irV
1qagXmX0pcVvEfRxI33Cijw
1r1oW0DJiNPWiRQnNi
1ra4EfI
1rlLGFLnIKPZosHA7uT3gWL9rE
1ruTGYeldyMrgYcS6APC3
1t0NNjlxF4WKJibhAP6xSydL4JCu04X2
1tm2oh3G9latCm3KT4wW93Km2nk28q
1uHafvFgB5jD7hvb3RzkfhiPHfx
1wNqtwQjtR3NOfivS5
1xoGrLPyaOUjENzlkK
20sv620LvowSFqeIecnG10IY
21gYlMalEyoskMCPep2cKHz
22YfiSo3YEd0Mv2ejPvhJzh
22cSUqY7Aiz0I4F5pkFc9xkI0e
23CcPLUVjXBPqaw1M0R
24NT7mdKTbS1
25fVoVBNS1ixIh6pBzux
26dLyk0d4Ul1gY
27cirAlAzFb9LAF6BHm
27fxaHge
29mLTHEVfMmaKOl1zyu
2Caos6r9NfL7O8Rm1jOjlA
2Cd1C8Yq
2EnMSwizSRcH0orpmgcb0htDtbeN
2HiUXjoPMCLy0Oycg93FfWX1
2IaPclQmKcfUnh4w2vUWRl5oBR
2J5aIFecuUxiJ0677i9SChPh8QVJ1
2M3seMyH0iXxSTY3b
2RGophZqLPa
2UM5h2SzOcwJq0GieUFR0WTLU2RMX
2YKRXX94YW8SN1QeolHh6lr
2dIkD9sreTJ0XOaRWiubW72nR4
2gIDyjBeVkyOXug
2gi7inxZlSt6tqoPb
2jzC8zNZyzqWJAkoC
2mObIoX8Qk9sdm
2pWQcMNvB2hmgSApqzfMehgTIfx
2rCa5UNwcMlZaFd80uEX0PB58qNU
2tgx6iwDDzNhgBZs5ZJ6P0MOC
2u1l3hmmVWb91dxCFZUGHA4P0S7Rtq
2x3uehfyDwD9CD0oBGwW2W
2yevRLDd45Q
2zK6ZER38
30xdpsP6cDVPlciuwcdE
31vEMUHtNLVC
32v9XRniz
34U1Cjx
35LBLRMwThy9NYaDeq1
36jE3eCLZKgQ26IS5Bm83Snghvjc
38GGBOWLk4A6NNO
3963dTx1QNR
39D0IjqL
3A8w2YuldSjtxq7
3BYmCWPxr2FM0drO84Di
3DNqiOuSuQ6nOYbzMewq7
3FItzF6
3FwB70M8JUlSO
3G6fH5OtGfVZVhfH4g0na8ma9
3J3VAME5UsVCG
3LfkoMh7gs7FCTA
3PyXFdkzqlKHx3mgZr4PtCw1CbX13IP
3QjTTDUu324lYFIwxc
3RxKeYHkmXfAwfAabiKSTU3QHyIPuLG
3VlAPPp1T8XNX
3arIPNweuHlCJ56Tq
3bQ9p4pKmA77ZimwLCeWDsqSZcW
3nlM8Ljn36H6I75i3cRHIVhZHXvuk
3nwT0gBOu0fdlXeWwQ
3rkP1fFog5sHrAz3TtWw7rl4no
3tIzcTA3g1y
3tMdT96
40pMESTFV5PccAKHUChzz
414G2sQCGMGtbjgEuNoedNEvQGUl7Hrk
46KDekpq2tQd0Vu1n5q
489bnhBi3fa66rFYNTol3MaeP
48cvTYWCkPkPqnLl6AkmIJOJWk4
48zbTHxQ
4CUhHjcPbxh
4OBW1iptu01Ij8svgqO7m
4PLh9CMj4rFtIo1c0GnjqAKbhQwjpmAJ
4TDbUcJZji6Vr7yI
4UbEkYcDeo7Wy0ca8m0GxSD4
4WUn3GuoK8VTuVMPQOdedRXdQ8
4a0OsWL0p8cyEu2J
4b6zxnmpqVkKUURA597Mnv
4erqnPFPi1jxP8sOT76zsNqVt
4f7ySxjPbqKXJGPt7Kqw
4hLLrRn
4oNoyQFfwPUWN47L
4ooNrMqcHJs3sY
4pAuCxH8UgBr1wqNISeR
4pkclfGhcK3i0VjJXICZiBMUg
4t54ShwhP
4w2TbItg8pqLl3UXW9eDr0gQjr2QlS
4xnCKKUruyLlOIScEHX
4yd44TYECcmemehbzNi
52I0k8Jnm
52ty3QLWgqlfsaz2WnerOyXE
5AgXskoo4TxPEfmM57TKy4za
5Av31MajlcvL43vgXDn
5EMdMU4wIzByZfKSjTgFDM1
5F6w0HvScoOrlREuiY7qA5rhiT
5Licjh9O
5MN8sE4oiqnXK
5MinPd85qEjsQ7ayTovUiq6yOgM1l8TB
5NeyVgw75eKi7Hb6e
5OvHsjq
5SHnubQQFJtfQGH67yBQlA6ZkS
5Tv2rAEWMZqaq5ExZL84ie3S
5V8PRE6uBEK1RZ6bxUFhB
5Y30LYsVlvhPup0NCEV
5gfv6iXYmcio1KRbCtblnrtai4zq
5jNJXoliricaf7F2k8mjcFS
5naiu6USMyUASioJVsP
5nawWqI
5qG6UhYfV
5sQnk7TY3pT75QRFf5ZHTmReM6aKESQ
5vVJSj3cz
60EQ3dIPJ1zylpxatN
60yELwZhpZhWrRObKMbFO4
62a6FuScy
62bMpx5Z2ctYXPaWZ14mVZCHNV6a0M
64p177IeabA35WUvVLevJ2CT0jiC
65lXKQDnBRJyuM4ZbbRDcuR4NM0LQ
66pTLjnjlaG6ntYNgnM3On
66zrLeUoAZbj8w
67UoekIsAkHrlCrAsG1CFTGox
67VzCbLaq6D
6A1moWPbZKkUQU0OhsiO3YyCqv0M
6Aw6JCSMA1AE4Einpa
6DgV15xoZ8yQxPc3E4
6FH4GoN0QcYQC5Hh7NH8pwv1Fq6qBn
6FxMVOHJSzmIKU
6INaN7BmzQaKEd8IOj8dnUq0msoRt
6IeAEXQMel
6JM1IlihATg3fFFNm4WCWwOee9qJ
6RV5UgHRd3J
6UgCdKJpjAvum
6VF0ZMKEkPAXW5O6T6ubFsAsnuEI1G
6WAbzXYb8pF
6XXZBe88N1j6baL8P
6Xv7YrcL97I4Aj6d0cjgRKe2S
6dGGfif9vyem5mLpjLOnrNdsksmYS
6dPeyGAQyAVX
6ewU0tm
6f9Xr9g3BLvaE3DeWp7X2GrLv584u
6ffN2Plp9s
6iwTfndS
6kPnMirKG0LnkzrsQr1Ewk1PNIo
6kdtHVlh9xbA6pcoot7Dx
6mO1plAzJslP1LPrYedEjp51h2B5qF3
6mxir9j5wrl8788Z
6oSALdzIfRaLKOZQVeaeuxgWRPN9L1
6plkyTZ0fWv6T
6qyDRsGcst6U7P5U
6s9QmFGJ99OQuoB0TtVP
6uk2YZ5RZTiUiGnRbebR
6yeu5CjZY9gtCD
6zAsEIwBlqdt8x71V
71LiGXeWxhixn2uq0n1YP
72yAG1YW
730YS3zwGg5i
73T8J2KE6bAGCACusVUvLJ0zVcke2
75KYI6MfrkoXrEANUhGWp0Ky
76Ijv64iV19vGAPUcRRXAoc2ky
79AJkSkFjUqcg5GupibgyQFeG6LPMXJ
79LJtsbxpnnYlEM5mFYz
7CMqYPT0ObPzrbv
7Fm63Pagq4cAg8y92Gis
7GiPS2PR3u26k
7HsjXpenJj1iyhqRBA
7Irft1BsKtPikjeGTknt08
7Ki9IVxUP7uzUMvZSV
7MNO7pY5YwvwKYx1thV
7MV0V7S71jyfECgDcyCLNkMd8bhWsTN
7R8WfkIsyW1NT5OL
7Z2xOM9n4eszmyUB
7aOYxfkHpvP
7bArmKeib
7bnH75FcsLRWIpj
7c9wV39tCF7aPpEf
7eH9pLPaBaVsfP4TEot
7fJFnoGDJNcVHL2kUFk3Yj
7feBc8Af
7gEZ4VQauOx0ybvPpaHKnncMDhonaL0R
7gzHW2rCnva3vsZP
7jVJQpSE5LU3kqOex7XYgGWWvB
7kXhLPZjDLFFYsxYl6
7lMvkmUGBwR2ELNflZa5CQCqGXV
7lnmDvhh60BeMUuDIU1IX1B0Fc
7nCDSVuj
7nnZit1Exzx7bfn
7pxXmujqyfXJfb
7vHu6iyBDyEF635qkwiTndvzIE
7xxdLOqA0lsG5FgRI
80PVOgEZn6Ml6
86eBdjhxNaPJ3i2DAt0P6GyvVrD
88or7tOObvqERcXrjr5tiAhVY
8AnXUgtd
8BR7PV0S503NtrRKREF5vmSstAA
8HIOje3RIw8d1uSxAXmZ2xsBh7Q
8K5tsZmfkwWfy
8NymQGmRrccs7qycfYEdtlszOohA3
8Pa5HYwPtr7X5lt1WANTsByss4q
8SofMpSQZecKRdgpVrP03e
8UL9xg7ZmHCoEk1BjRruSgZK
8VH9PCyHPm9PEOBFpbaY64djPhbL
8WE51FYwQa2QieVRjyoAlDdSHWCLHU
8ZEtTGIXcgRVwetH3tEDbxBTkD7b
8ZR48uWOZEduXyh
8fnbvSpQVq
8mQ1lUnKn
8uPUOFgVegjtac8U5w60lvBNvhpxv
8wYCUrX0D3uDhdvGcn2eINfsa
8zB0zqXwmkuZAKteWeQe6TPQVX4ULNA
92B9XgjlhBvI
99wyhyxDwaCwJdyXq6CZI
9I0wOAxnng79ygKqat4A27wLwucJAhRp
9RrhZxvdaIv
9VCY18vuBbg9ld9itZ7LrK69v
9drsMhZt8FT9Uu41s2KP
9jsIfChgAYM79zmGlpsq
9kV1MqURy8LLFRI2n
9pc8DouLhUSPd55arnRsVmQzxjkZYMl
9uT4E9Wlu1SRCI97DZz6fgGaVUp
9xScJiUeunh2MLE0x
??0ImageSink_YUV@@QEAA@XZ
??0ImageSource@@QEAA@XZ
??0ImageSource_YUV@@QEAA@XZ
??0PacketSink_File@@QEAA@XZ
??1ImageSink@@UEAA@XZ
??1ImageSink_YUV@@UEAA@XZ
??1ImageSource@@UEAA@XZ
??1ImageSource_YUV@@UEAA@XZ
??1PacketSink@@UEAA@XZ
??1PacketSink_File@@UEAA@XZ
?MSE@@YANPEBEH0HHH@Z
?PSNR@@YANN@Z
?SAD@@YAIPEBEH0HHH@Z
?SSD@@YAIPEBEH0HHH@Z
?add_option@config_parameters@@QEAAXPEAVoption_base@@@Z
?compute_distortion_ssd@@YAIPEBUde265_image@@0HHHH@Z
?de265_alloc_image_plane@@YAPEAXPEAUde265_image@@HPEAXH1@Z
?de265_free_image_plane@@YAXPEAUde265_image@@H@Z
?en265_print_logging@@YAXPEBVencoder_context@@PEBD1@Z
?getTypeDescr@option_int@@UEBA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?getTypeDescr@option_string@@UEBA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?get_default_string@option_int@@UEBA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?get_default_string@option_string@@UEBA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?get_height@ImageSource_YUV@@UEBAHXZ
?get_image@ImageSource_YUV@@UEAAPEAUde265_image@@_N@Z
?get_width@ImageSource_YUV@@UEBAHXZ
?parse_command_line_params@config_parameters@@QEAA_NPEAHPEAPEAD0_N@Z
?print_params@config_parameters@@QEBAXXZ
?processCmdLineArguments@choice_option_base@@UEAA_NPEAPEADPEAHH@Z
?processCmdLineArguments@option_base@@UEAA_NPEAPEADPEAHH@Z
?processCmdLineArguments@option_bool@@UEAA_NPEAPEADPEAHH@Z
?processCmdLineArguments@option_int@@UEAA_NPEAPEADPEAHH@Z
?processCmdLineArguments@option_string@@UEAA_NPEAPEADPEAHH@Z
?send_image@ImageSink_YUV@@UEAAXPEBUde265_image@@@Z
?send_packet@PacketSink_File@@UEAAXPEBEH@Z
?set_filename@ImageSink_YUV@@QEAA_NPEBD@Z
?set_filename@PacketSink_File@@QEAAXPEBD@Z
?set_input_file@ImageSource_YUV@@QEAA_NPEBDHH@Z
?skip_frames@ImageSource_YUV@@UEAAXH@Z
A2H69TRHKy
A5pvQkNVNbybAmS
A9pZKQMMS5kO7hMfjmMN6obVyb
ALfuO0p2jVWTC3JlSK
ALsD5Mbv
APcTG1DcInHHKhzf87
ASn6GEdzM
AZCGoTUxsZaNEUOyp7Nmm2pUV94DtrL
AbkGs16CJT6VEbPfi11C8C9C3MW
AeYGJDS
Af9jeiOTDqosD6X9TT
AfCtOhzRp64YkE9dwaG4iGS
AgRBgps5sbhjxhKX6QVEwi
AhxV4AX
AkFCWumY6b6Erxdp
AleuUs6DolDbKSmj
AloQ98UJlyoi3Qgpz
AmGEAUkwuAbskOzhsQtv1cYVppmr89V9
ApUiwFLHDN0i1AlQ63wvUwp
AscG6xPdKSusm
AtU8Mn5Ngkh1OL76mL6diUAvo
AukgG3LBzV
AvDztCZKysuBKA8DlwGh7
AvWxOP1fqv1aag4
B0ZiDlLH1XO8MMrh0zUjPgLwkFkf
B3tXeXxWJz0aJNV7SR5isDcz9m55N
B6Rh6KbdBSh935YvJec
BAHivoUJw50oPsZz
BBOO8KxT
BE9KavuRodoR
BGyAhBJUZ
BJGdmCbViXW98Y
BJQFZblvQS4w2RF
BKB3UrxC6s
BOglqk5ybQ
BQsWI6RiRtAeu
BQvRg6MYHzUgK0anruAQq
BTwpzqcqGYIeR8w44QmtmxkSW0nt
BYmWG117vlEF3ieseJNmi
BZLKtzSDLYSA0V
BaPODHs6okM7
Bc4k6vPd69KrDyw2cjCN
BdKr9GW8WkVLQLhOLXs0bOByiiSwq4Mo
BeeOwvvTrvnW5ehdu40cqUalGz5Vi
BeurwudZQ6x3WFS8LNsY7P9YBDR5
BfrqGPNK3kEovLdG0Ffu7nThwJgeL
BfxDWzfXIEk8aAyTAGf4KbsL
Bg1pcW5SYXKJyEO1ojjZCA
BjlbwuGLL8Sl3q1w
Bm508oRy74Kw7B8GyhQYJIUpQEizJD8
Bm77J3j4gTowDsXXlNCntU9vT31SX
BnMPIiFrN
BneCraWGo7mAwh4H
BrN5Skeqre30JLHs3PBwuq8Stmp
BtaaMgIPyOLOPlOGrp6
BuDnJ6emtxDSB6BK7j7Qo1ImKOhX
BwVNfMYoiKK5bEOse1iClHP6D
BxA0NIuZIxqPSadZgbhSOIX
ByTlqz9Sv5f354oc39el3aNn3H0
BzrlPy815ndPjbdcB0ko1qploJKN
C30p53Wa8xevSuY
C4Hk9s4
C5Agncz1lFN6U27BxUmYh7xz6nSoZqtG
C62gEVHrC
C6e9bnjGENpyj1WlynTXK
C8F59UmtpiW
C9kWeaVIhlRrLX5aVQ6cGtY1bHAyH
CC3JbcoHQ8fQYq99W7Dre
CDKNXUE48f7vPZKgjDvqo8I6r
CJkQ9C08JeV264CE
CKWSo2IblU1MfghfPmDRhkeyoV
CKZGQMy1
CKrI5bZdU97pLtS4GggZm0
CNqIZFmasNJs4bNR3h0
COrMQLYPJa6yVF
CQJwBHknye6Xu1YtB0y5AGJeNz
CQpzvAM9xoWnrnU5SSuKVF
CQqtGQySCOoP9R
CWg5tKAHNKZGSR8iJydVdx97PwEtCI
CZuQtEQvpwj6bD
CahkZLB3
CbzNB6KpFq
CecCgAZoLd0ZakrW5hu89K
ChRhxCAceX5H
ChnZvaHNmi8YCvMgUBSjb4TfY6kOdEf
CjjXdxlAhbnjDzbxfTrapbbOhaEtFk8B
Cp7j14l1WPhJ
Cr4TnwSRKjH5YLkn
Cteu9wx
CtoQ6oDdZdCQ5CM47L0YWfzxukS
CuWgVjGX5n1JVDiNRCP9o
CvvicIv5
CxiiWKUqlhK9v68r0c9UnP3eOIvFOS82
D4LRgJ5z87
D7Cr5m67ipFPY4Bd0dDLY
DAFexF7j88ND
DAm41nOVvghFeYM4zA
DFmFGUuQuE35HawSDy7Qbut0M5rnicL
DGDxJmWDHWc2
DIyjlSQ9elSNae8o61sXJmwLcBEOI
DJ3xnGHhN
DNGSjxLspgf7L1Bmmhuod
DNH9tXSsTnq8kgDxiMmc
DOOr7K3vUtWQ32ToXKog
DPsj3rmwarxy5Vpzbm
DRWu1TSUYadr
DVBp45bIRt
DWdzAfy58psQDs4YyGUaFmuoghL
DZ8pWbifuXIzLwFnxBTmv2l2k1q
DZKHRYO
DbFFfIqLs2XnT
DbPJ9fjxqx1EX4NoAroWR0z41Brb
Dd5i3zLpMVHBXMmHwhu813
DeKFCZ9WWYDfr3ROwgXFqS4P
Dee5YnwUsdWH3RrE4Ihi
DqTfb94qvjKn
DsCMs2b5Jx
DsJKyqAHskPEsodcoL
DvIHbykAclVENL0UIvYz47b
DxLS5Q2rja5UAqpVMoZB3YZH
DxpfRYxlwro
DzZge1gnZaucS0XtPimm1pq
E21g1MLDmY0K2XoLdjI
E2EtLjyua3NdOYXf38Mh2XwvKuSCuoN
EA7n0LH0uU0gdG
EBmj9LZxbdRyQTY3g3dhMbNDXbivj2Ww
EDMldkDRzKURJVJU18I55kFdSCGG9
EGr9bSDh86oItavU8Ku
EJ1DRSfT7
EKyUjplpxBwY8ULXk1GvWmrLxzQc
EMeQFMda5KbTrtg4Dq0rCe5Ar
EN8psCKWEGjRV6mWJ0n6qy1PHjcFun
ERKqvfXHR1
ETBxszcPBPF
EVAo1EIy4YuxsPrweiyeS
EXn8O2nkVWzGPwsYsQzcYyJrlsTF
EZ5GsXYIDucZxCo7Oe
Eb6IVZSD87spq9FNu9qljEvTo58
Ebxk6DKGTvF
EcQtXZmJjnTy8
EcuopEdxF4DhDk
Ed3X28kq
EgCJ6WmJhoVyGN6qS
ElY6xXTR
EnXzyR816P0NoZVgwGUrA
Eqtd2NOuvgoADQ8xZwvEP2qP2VyccaB
ErETEfhZZjZF
ErighSBvCfj
EtP5eRKiHrqte7Y9rAik8UFa
Eu4JZ9QO0kmV3FMrymO0rQK3pwLi
EuZ1C6a422
EvJmRoB
EwvZ5u7dkAV8TR7lu0kZYggf6dPOvuX6
EyuWj3bWNep
EzJqWcnn3QrDmIONG1vb3E
F3dmtwjtyTvWlpffZI21yD
F42wlreQTei6XiXWUPpMlAWOFW48J
F4boLgki9tU0lvnFc5Gu
F4zDfdb
F5d0LnJvwd4jpg4VJjDz0OkTGDv1MRj
F69X7oNAbABq4omXMiNA5Lux0D6y
F70uUhgEiEJQxI55AL36wp2MGAoGmH1
F8GxjJCICbsZU9Kxz5zLJMLXnrttBd8
F9v6vq15BhlKgwog2cTYv0vacI0e
FC028xV8eavozoiqvk7I4uptsavlK8
FCdM4fRCr7bpxxVvw2GugnR7bDxoC
FCdl3s1eDbsoPhZipLnwZ9
FDTEMIf1lZ0xL
FDtKAlSD5IsAUYMsobh
FE5oayrfLeoGXbbJEC
FEUrNbQxvTPsEu7Fig
FEz1rKsN7L8pTnqqg
FFKXvTOAEaKNas
FIaYZtUlXhdKwVnG7hqYqyZmKy9pP8Yu
FLsIJTCiMqtCQ0
FPPnczR
FPfx7gVURejQnofQZ7nDZC1xk
FRSoDdu8DKZ3h
FX1MSQ1VRaM
FbfSeZdkbMvO
FgIYrQqmLPVRkbChzRzuAxWtgZPnV

Sections

.text
Size: 539KB - Virtual size: 539KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.managed
Size: 5.5MB - Virtual size: 5.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

hydrated
Size: - Virtual size: 2.3MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 5.7MB - Virtual size: 5.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 662KB - Virtual size: 661KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

002f06ea85792e134a0205bfca9d9a63

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

0c:d1:3b:35:b6:8d:d6:d2:92:db:a4:bd:79:cc:8b:82Certificate

Extended Key Usages

Key Usages

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12Certificate

Extended Key Usages

Key Usages

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12Certificate

Extended Key Usages

Key Usages

b8:d5:0a:92:5f:ee:b0:8e:d9:54:47:54:16:c8:4a:ef:12:ac:55:0c:40:35:04:e7:35:38:de:a5:53:87:a9:37Signer

Headers

DLL Characteristics

File Characteristics

Imports

heif

msvcp140

vcruntime140

vcruntime140_1

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-locale-l1-1-0

kernel32

Sections

.text Size: 21KB - Virtual size: 20KB

.rdata Size: 16KB - Virtual size: 16KB

.data Size: 1KB - Virtual size: 2KB

.pdata Size: 1KB - Virtual size: 1KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 224B

bed7e6254853568f7d580ca4b8cf5f89

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

0c:d1:3b:35:b6:8d:d6:d2:92:db:a4:bd:79:cc:8b:82Certificate

Extended Key Usages

Key Usages

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12Certificate

Extended Key Usages

Key Usages

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12Certificate

Extended Key Usages

Key Usages

f3:9e:76:5d:46:e6:61:ec:84:ef:cf:1c:6c:e0:23:2e:e5:13:70:d1:46:32:b1:76:e5:24:cc:fe:b6:ce:d7:3aSigner

Headers

DLL Characteristics

File Characteristics

Imports

libde265

kernel32

msvcp140

vcruntime140

vcruntime140_1

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-utility-l1-1-0

Exports

Exports

Sections

.text Size: 715KB - Virtual size: 714KB

.rdata Size: 527KB - Virtual size: 526KB

.data Size: 10KB - Virtual size: 289KB

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

0c:d1:3b:35:b6:8d:d6:d2:92:db:a4:bd:79:cc:8b:82
Certificate

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

b8:d5:0a:92:5f:ee:b0:8e:d9:54:47:54:16:c8:4a:ef:12:ac:55:0c:40:35:04:e7:35:38:de:a5:53:87:a9:37
Signer

.text
Size: 21KB - Virtual size: 20KB

.rdata
Size: 16KB - Virtual size: 16KB

.data
Size: 1KB - Virtual size: 2KB

.pdata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 224B

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

0c:d1:3b:35:b6:8d:d6:d2:92:db:a4:bd:79:cc:8b:82
Certificate

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

f3:9e:76:5d:46:e6:61:ec:84:ef:cf:1c:6c:e0:23:2e:e5:13:70:d1:46:32:b1:76:e5:24:cc:fe:b6:ce:d7:3a
Signer

.text
Size: 715KB - Virtual size: 714KB

.rdata
Size: 527KB - Virtual size: 526KB

.data
Size: 10KB - Virtual size: 289KB

.pdata
Size: 29KB - Virtual size: 28KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 4KB

.text
Size: 539KB - Virtual size: 539KB

.managed
Size: 5.5MB - Virtual size: 5.5MB

hydrated
Size: - Virtual size: 2.3MB

.rdata
Size: 5.7MB - Virtual size: 5.7MB

.data
Size: 32KB - Virtual size: 200KB

.pdata
Size: 662KB - Virtual size: 661KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 5KB - Virtual size: 5KB