ROBLOX Cheat[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

ROBLOX Cheat.zip
Size

14.5MB
MD5

ecaf7b46ac77cdddd638f8c6a1d1691d
SHA1

3c73e8d0ba126de032814663bca9b49477a02ce6
SHA256

1ecdd597eb07916952c635723e3b02b0a4c3c8a0728e54d2f8fd7ec4da4028fd
SHA512

5d1e5d7ff7af1277246dd8d1e21802c496b4185d29e4627fba0854f6588272fa0d8f4fc4c60cec2507c003892c2d7d241d718d980685026ccae5cd6346b3f559
SSDEEP

393216:0XG3+iho0r4nMrJzNqMZ2dsNVDAyqQpYQSK4Wka80:WtK4neJbZMsNVWQpYE780

Score

7^/10

Malware Config

Signatures

.NET Reactor proctector 1 IoCs

Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.

resource	yara_rule
static1/unpack001/SoftWare(2).exe	net_reactor

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/atom.dll
unpack001/libcurl.dll

Files

ROBLOX Cheat.zip
.zip

Password: 8866
SoftWare(1).exe
.exe windows:6 windows x64 arch:x64

Password: 8866

8b7fbfb12cba7ad7d735846fc1f3ab98

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

dc:39:2e:be:77:1b:84:15:a0:e2:c3:0b:c3:46:8d:0b
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

21/09/2020, 00:00

Not After

21/09/2023, 23:59

Subject

CN=Sober Lemur S.a.s. di Vacondio Andrea,O=Sober Lemur S.a.s. di Vacondio Andrea,POSTALCODE=42021,STREET=Via Enrico Fermi 28,L=Bibbiano,ST=Reggio Emilia,C=IT

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

39:72:44:3a:f9:22:b7:51:d7:d3:6c:10:dd:31:35:95
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

12/03/2019, 00:00

Not After

31/12/2028, 23:59

Subject

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/11/2018, 00:00

Not After

31/12/2030, 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

dc:39:2e:be:77:1b:84:15:a0:e2:c3:0b:c3:46:8d:0b
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

21/09/2020, 00:00

Not After

21/09/2023, 23:59

Subject

CN=Sober Lemur S.a.s. di Vacondio Andrea,O=Sober Lemur S.a.s. di Vacondio Andrea,POSTALCODE=42021,STREET=Via Enrico Fermi 28,L=Bibbiano,ST=Reggio Emilia,C=IT

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

39:72:44:3a:f9:22:b7:51:d7:d3:6c:10:dd:31:35:95
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

12/03/2019, 00:00

Not After

31/12/2028, 23:59

Subject

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/11/2018, 00:00

Not After

31/12/2030, 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

a9:1d:6a:e9:d4:ca:32:84:05:5f:64:c4:72:ca:ee:7e:aa:2a:91:a7:11:05:fe:6d:72:49:28:51:6b:1d:03:b5
Signer

Actual PE Digest

a9:1d:6a:e9:d4:ca:32:84:05:5f:64:c4:72:ca:ee:7e:aa:2a:91:a7:11:05:fe:6d:72:49:28:51:6b:1d:03:b5

Digest Algorithm

sha256

PE Digest Matches

true

f3:8c:47:cb:88:1e:e1:d9:10:47:f5:42:bf:71:59:10:21:bf:bd:9b
Signer

Actual PE Digest

f3:8c:47:cb:88:1e:e1:d9:10:47:f5:42:bf:71:59:10:21:bf:bd:9b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\LULU\TempBuilds\TemporaryBuilds\main-pool\32\s\App\_bin\sam\x64\Release\activation-service.pdb

Imports

wtsapi32

WTSQueryUserToken
WTSEnumerateSessionsW

msi

ord41

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

psapi

GetModuleFileNameExW

kernel32

GetExitCodeProcess
Sleep
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
GetCommandLineW
CreateEventW
CreateThread
CreateFileW
VirtualFree
LoadLibraryExA
GetCurrentDirectoryW
CreateDirectoryW
FindClose
GetFileAttributesW
SetFileInformationByHandle
AreFileApisANSI
DeviceIoControl
TerminateProcess
WaitForSingleObject
LocalAlloc
DecodePointer
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
WideCharToMultiByte
CreateSemaphoreA
FormatMessageA
CreateFileMappingW
OpenProcess
ProcessIdToSessionId
GetCurrentProcessId
GetCurrentProcess
CreateEventA
WaitForSingleObjectEx
ReleaseSemaphore
SetEvent
DuplicateHandle
CloseHandle
FormatMessageW
LocalFree
GetCurrentThreadId
SetLastError
MultiByteToWideChar
lstrcmpiW
LoadLibraryW
FindResourceW
SizeofResource
LoadResource
LoadLibraryExW
GetProcAddress
GetModuleHandleW
GetModuleFileNameW
FreeLibrary
DeleteCriticalSection
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
GetLastError
RaiseException
VirtualAlloc
FlushInstructionCache
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
EncodePointer
OutputDebugStringW
IsDebuggerPresent
GetComputerNameW
GetCurrentThread
GetModuleHandleA
GetFileAttributesExW
VirtualQuery
TryAcquireSRWLockExclusive
AcquireSRWLockExclusive
VirtualProtect
GetLocaleInfoEx
GetFileInformationByHandleEx
InitOnceBeginInitialize
InitOnceComplete
QueryPerformanceCounter
QueryPerformanceFrequency
ResetEvent
WaitForMultipleObjectsEx
OpenEventA
SetWaitableTimer
ResumeThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemInfo
CreateWaitableTimerA
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
GetStartupInfoW
LoadLibraryA
GetStringTypeExW
LCMapStringW
GetUserDefaultLCID
GlobalFree
WriteFile
OutputDebugStringA
GetLocalTime
GetTickCount
SetThreadPriority
GetThreadPriority
ReleaseSRWLockExclusive
RtlCaptureStackBackTrace
QueryThreadCycleTime
GetWindowsDirectoryW

userenv

UnloadUserProfile
CreateEnvironmentBlock
DestroyEnvironmentBlock
LoadUserProfileW

encoding-conversion

SLConvertACPToUnicode
SLConvertUTF16ToUTF8
SLConvertUTF8ToUTF16
SLConvertUnicodeToACP

user32

GetClassInfoExW
DestroyWindow
GetWindowLongPtrW
SetWindowLongPtrW
LoadCursorW
GetMessageW
TranslateMessage
DispatchMessageW
PostThreadMessageW
CharUpperW
MessageBoxW
RegisterClassExW
UnregisterClassW
CallWindowProcW
DefWindowProcW
PostMessageW
RegisterWindowMessageW
CharNextW
LoadStringW
CreateWindowExW

netapi32

NetUserGetInfo
NetApiBufferFree

advapi32

CredFree
RevertToSelf
ImpersonateLoggedOnUser
LookupPrivilegeValueW
LookupAccountSidW
AdjustTokenPrivileges
CryptReleaseContext
CryptGenRandom
CryptAcquireContextW
CreateProcessAsUserW
DuplicateTokenEx
StartServiceCtrlDispatcherW
SetServiceStatus
RegisterServiceCtrlHandlerW
OpenServiceW
OpenSCManagerW
DeleteService
CreateServiceW
ControlService
CloseServiceHandle
ReportEventW
RegisterEventSourceW
DeregisterEventSource
RegQueryValueExW
ConvertSidToStringSidW
IsValidSid
GetTokenInformation
GetLengthSid
CopySid
OpenProcessToken
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
GetSecurityDescriptorLength
RegSetValueExW
RegQueryInfoKeyW
RegOpenKeyExW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey
CryptAcquireContextA
CredReadW

ole32

CoAddRefServerProcess
CoResumeClassObjects
CoRevokeClassObject
CoRegisterClassObject
CoInitializeEx
CoUninitialize
CoCreateInstance
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
ProgIDFromCLSID
StringFromGUID2
CoSetProxyBlanket
CoInitializeSecurity
CoReleaseServerProcess

oleaut32

RegisterTypeLi
CreateErrorInfo
SetErrorInfo
LoadRegTypeLi
UnRegisterTypeLi
SysAllocStringLen
LoadTypeLi
VarUI4FromStr
VariantClear
VariantInit
VariantCopy
SysStringByteLen
SysStringLen
SysAllocString
SysFreeString

atom

CalculateSequenceHash
SLGetStringFromAtom
CleanupSingletonStaticDataStorage
SLGetAtomFromString
IsSingletonStaticDataStorageAvailable
CreateSingletonStaticData
GetSingletonStaticData

root-service-provider

ServiceProviderCleanup
ServiceProviderGetServiceObject
ServiceProviderSetModulesRootDirectory

brand

GetBrandNameDll
GetDefaultSettingsRelativePathDll

iphlpapi

GetAdaptersInfo

msvcp140

?exceptions@ios_base@std@@QEAAXH@Z
?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAAG_W@Z
?sputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAA_JPEB_W_J@Z
?clear@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEAAXH_N@Z
?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEAAXH_N@Z
?imbue@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEAA?AVlocale@2@AEBV32@@Z
?widen@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEBA_WD@Z
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
??1?$basic_ostream@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAXXZ
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@H@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@J@Z
?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV12@XZ
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEA_N@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAK@Z
?id@?$ctype@_W@std@@2V0locale@2@A
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?narrow@?$ctype@_W@std@@QEBAD_WD@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@I@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_K@Z
?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
_Mbrtowc
?_Getcvt@_Locinfo@std@@QEBA?AU_Cvtvec@@XZ
?_Syserror_map@std@@YAPEBDH@Z
??0_Locinfo@std@@QEAA@PEBD@Z
??1_Locinfo@std@@QEAA@XZ
?_Getfalse@_Locinfo@std@@QEBAPEBDXZ
?_Gettrue@_Locinfo@std@@QEBAPEBDXZ
??4?$_Yarn@D@std@@QEAAAEAV01@PEBD@Z
?c_str@?$_Yarn@D@std@@QEBAPEBDXZ
??0facet@locale@std@@IEAA@_K@Z
??1facet@locale@std@@MEAA@XZ
?_New_Locimp@_Locimp@locale@std@@CAPEAV123@AEBV123@@Z
?_Locimp_Addfac@_Locimp@locale@std@@CAXPEAV123@PEAVfacet@23@_K@Z
?classic@locale@std@@SAAEBV12@XZ
?tolower@?$ctype@D@std@@QEBADD@Z
?widen@?$ctype@D@std@@QEBADD@Z
?narrow@?$ctype@D@std@@QEBADDD@Z
?_Getcat@?$ctype@D@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?fail@ios_base@std@@QEBA_NXZ
?imbue@ios_base@std@@QEAA?AVlocale@2@AEBV32@@Z
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?_Getcat@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
??1?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MEAA@XZ
??0?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAA@_K@Z
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?imbue@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAA?AVlocale@2@AEBV32@@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@G@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@G@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
?get@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAHXZ
?putback@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ
?_Incref@facet@locale@std@@UEAAXXZ
?do_get@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MEBA?AV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@V32@0AEAVios_base@2@AEAHAEAG@Z
?do_get@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MEBA?AV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@V32@0AEAVios_base@2@AEAHAEAI@Z
?do_get@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MEBA?AV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@V32@0AEAVios_base@2@AEAHAEAJ@Z
?do_get@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MEBA?AV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@V32@0AEAVios_base@2@AEAHAEAK@Z
?do_get@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MEBA?AV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@V32@0AEAVios_base@2@AEAHAEAM@Z
?do_get@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MEBA?AV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@V32@0AEAVios_base@2@AEAHAEAN@Z
?do_get@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MEBA?AV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@V32@0AEAVios_base@2@AEAHAEAO@Z
?do_get@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MEBA?AV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@V32@0AEAVios_base@2@AEAHAEAPEAX@Z
?do_get@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MEBA?AV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@V32@0AEAVios_base@2@AEAHAEA_J@Z
?do_get@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MEBA?AV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@V32@0AEAVios_base@2@AEAHAEA_K@Z
?do_get@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MEBA?AV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@V32@0AEAVios_base@2@AEAHAEA_N@Z
?id@?$ctype@D@std@@2V0locale@2@A
?id@?$numpunct@D@std@@2V0locale@2@A
?id@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@2V0locale@2@A
_Thrd_detach
_Mtx_init_in_situ
_Mtx_destroy_in_situ
_Mtx_lock
_Mtx_unlock
_Cnd_do_broadcast_at_thread_exit
?_Throw_C_error@std@@YAXH@Z
?_Throw_Cpp_error@std@@YAXH@Z
?_Winerror_map@std@@YAHH@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
?toupper@?$ctype@_W@std@@QEBA_W_W@Z
?fill@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEAA_W_W@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@I@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@_K@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@PEBX@Z
?id@?$numpunct@_W@std@@2V0locale@2@A
?uncaught_exceptions@std@@YAHXZ
?toupper@?$ctype@D@std@@QEBADD@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_J@Z
_Cnd_init_in_situ
_Cnd_destroy_in_situ
_Cnd_broadcast
_Cnd_register_at_thread_exit
?_Release_chore@details@Concurrency@@YAXPEAU_Threadpool_chore@12@@Z
?_Schedule_chore@details@Concurrency@@YAHPEAU_Threadpool_chore@12@@Z
?GetCurrentThreadId@platform@details@Concurrency@@YAJXZ
_Cnd_wait
?_Capture@_ContextCallback@details@Concurrency@@AEAAXXZ
?_Reset@_ContextCallback@details@Concurrency@@AEAAXXZ
?_CallInContext@_ContextCallback@details@Concurrency@@QEBAXV?$function@$$A6AXXZ@std@@_N@Z
?__ExceptionPtrCopy@@YAXPEAXPEBX@Z
?__ExceptionPtrDestroy@@YAXPEAX@Z
?ReportUnhandledError@_ExceptionHolder@details@Concurrency@@AEAAXXZ
?_ReportUnobservedException@details@Concurrency@@YAXXZ
?__ExceptionPtrRethrow@@YAXPEBX@Z
??0task_continuation_context@Concurrency@@AEAA@XZ
?_LogWorkItemStarted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_LogWorkItemCompleted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?__ExceptionPtrCurrentException@@YAXPEAX@Z
?__ExceptionPtrCreate@@YAXPEAX@Z
?_LogScheduleTask@_TaskEventLogger@details@Concurrency@@QEAAX_N@Z
?_Throw_future_error@std@@YAXAEBVerror_code@1@@Z
?__ExceptionPtrToBool@@YA_NPEBX@Z
?_Rethrow_future_exception@std@@YAXVexception_ptr@1@@Z
_Cnd_unregister_at_thread_exit
?_LogCancelTask@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?__ExceptionPtrAssign@@YAXPEAXPEBX@Z
?_LogTaskExecutionCompleted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_LogTaskCompleted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
_Lock_shared_ptr_spin_lock
_Unlock_shared_ptr_spin_lock
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@_N@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@_J@Z
?_Addfac@_Locimp@locale@std@@AEAAXPEAVfacet@23@_K@Z
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEBD_J@Z
?readsome@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_JPEAD_J@Z
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@V?$fpos@U_Mbstatet@@@2@@Z
?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@J@Z
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@M@Z
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEAD_J@Z
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@_JH@Z
?tellg@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA?AV?$fpos@U_Mbstatet@@@2@XZ
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
?always_noconv@codecvt_base@std@@QEBA_NXZ
_Wcscoll
_Wcsxfrm
?id@?$collate@_W@std@@2V0locale@2@A
?_Xregex_error@std@@YAXW4error_type@regex_constants@1@@Z
?tolower@?$ctype@_W@std@@QEBAPEB_WPEA_WPEB_W@Z
?tolower@?$ctype@_W@std@@QEBA_W_W@Z
?_Getcoll@_Locinfo@std@@QEBA?AU_Collvec@@XZ
?_Fiopen@std@@YAPEAU_iobuf@@PEB_WHH@Z
?widen@?$ctype@_W@std@@QEBA_WD@Z
?is@?$ctype@_W@std@@QEBA_NF_W@Z
?_Init@locale@std@@CAPEAV_Locimp@12@_N@Z
?_Xbad_alloc@std@@YAXXZ
?xsputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JPEB_W_J@Z
?xsgetn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JPEA_W_J@Z
?uflow@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAGXZ
?sync@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAHXZ
?showmanyc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JXZ
?setbuf@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAPEAV12@PEA_W_J@Z
?imbue@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAXAEBVlocale@2@@Z
?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAAXXZ
?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAAXXZ
??1?$basic_iostream@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@K@Z
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IEAA@XZ
??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
?_Pninc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAPEA_WXZ
??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAA@XZ
?id@?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@2V0locale@2@A
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Getcat@?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?put@?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEBA?AV?$ostreambuf_iterator@DU?$char_traits@D@std@@@2@V32@AEAVios_base@2@DPEBUtm@@PEBD3@Z
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
?_Xbad_function_call@std@@YAXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
?getloc@ios_base@std@@QEBA?AVlocale@2@XZ
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
??Bid@locale@std@@QEAA_KXZ
?_Xout_of_range@std@@YAXPEBD@Z
?_Xlength_error@std@@YAXPEBD@Z
?_Xinvalid_argument@std@@YAXPEBD@Z
?uncaught_exception@std@@YA_NXZ
??1_Lockit@std@@QEAA@XZ
??0_Lockit@std@@QEAA@H@Z
?out@?$codecvt@_WDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEB_W1AEAPEB_WPEAD3AEAPEAD@Z
?sync@?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAHXZ
?id@?$codecvt@_WDU_Mbstatet@@@std@@2V0locale@2@A
?in@?$codecvt@_WDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEA_W3AEAPEA_W@Z
?put@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV12@_W@Z
??0?$codecvt@_WDU_Mbstatet@@@std@@QEAA@_K@Z
??1?$codecvt@_WDU_Mbstatet@@@std@@MEAA@XZ
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
?do_always_noconv@?$codecvt@_WDU_Mbstatet@@@std@@MEBA_NXZ
?do_length@?$codecvt@_WDU_Mbstatet@@@std@@MEBAHAEAU_Mbstatet@@PEBD1_K@Z
?do_unshift@?$codecvt@_WDU_Mbstatet@@@std@@MEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
?get@?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV12@AEA_W@Z
?putback@?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV12@_W@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
?_Getcat@?$ctype@_W@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$codecvt@_WDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?set_new_handler@std@@YAP6AXXZP6AXXZ@Z
?tellp@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA?AV?$fpos@U_Mbstatet@@@2@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@PEBX@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAM@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z

wininet

InternetOpenW
InternetErrorDlg
HttpQueryInfoW
InternetQueryOptionW
HttpOpenRequestW
InternetSetOptionW
HttpSendRequestW
InternetCloseHandle
InternetReadFile
InternetConnectW

vcruntime140

memcpy
__std_type_info_name
memchr
wcschr
memset
memmove
memcmp
__std_terminate
__std_type_info_compare
_purecall
strchr
__current_exception
__current_exception_context
wcsstr
__C_specific_handler
_CxxThrowException
__std_exception_destroy
__std_exception_copy

vcruntime140_1

__CxxFrameHandler4

api-ms-win-crt-runtime-l1-1-0

_c_exit
_register_thread_local_exe_atexit_callback
_set_errno
_initterm_e
_initterm
_exit
terminate
_get_wide_winmain_command_line
_get_errno
_beginthreadex
_resetstkoflw
_initialize_wide_environment
_configure_wide_argv
_set_app_type
_seh_filter_exe
strerror
abort
_cexit
_crt_atexit
_register_onexit_function
_errno
_invalid_parameter_noinfo_noreturn
_invalid_parameter_noinfo
_initialize_onexit_table
exit
_wassert

api-ms-win-crt-heap-l1-1-0

_aligned_free
_set_new_mode
calloc
_msize
realloc
_callnewh
free
_aligned_malloc
_recalloc
malloc

api-ms-win-crt-convert-l1-1-0

_strtoui64
_ui64toa_s
_itoa_s
_gcvt_s
_wcstoui64
_ultoa_s
wcstod
_wtoi
_wcstoi64
_i64toa_s
strtod
atoi
strtol
strtoll
strtoull

api-ms-win-crt-string-l1-1-0

isdigit
strcmp
_wcsnicmp
_strlwr_s
wmemcpy_s
isspace
wcscpy_s
wcsncpy_s
wcsnlen
towlower
strncpy
strnlen
iswdigit
iswspace
isalnum
_wcsicmp
tolower
strncmp
wcscat_s
wcsncmp

api-ms-win-crt-stdio-l1-1-0

_putws
_set_fmode
fgetc
fputc
ungetc
fflush
setvbuf
fsetpos
fgetpos
fwrite
fread
__p__commode
_get_stream_buffer_pointers
fclose
__stdio_common_vswprintf
__stdio_common_vsprintf
__stdio_common_vsprintf_s
__acrt_iob_func
_fseeki64
__stdio_common_vswprintf_s
__stdio_common_vsnwprintf_s

api-ms-win-crt-math-l1-1-0

_dsign
_fpclass
__setusermatherr
ceilf
_dclass

api-ms-win-crt-time-l1-1-0

_time64
_mktime64
_gmtime64_s
_difftime64

api-ms-win-crt-locale-l1-1-0

localeconv
_configthreadlocale
___lc_codepage_func

api-ms-win-crt-filesystem-l1-1-0

_unlock_file
_lock_file

libcurl

curl_easy_init
curl_easy_strerror
curl_slist_free_all
curl_easy_setopt
curl_slist_append
curl_version
curl_formfree
curl_easy_cleanup
curl_easy_getinfo
curl_formadd
curl_easy_perform

libcrypto-1_1-x64

BIO_free
BIO_new_mem_buf
X509_STORE_add_cert
OPENSSL_sk_pop_free
OPENSSL_sk_num
OPENSSL_sk_value
PEM_X509_INFO_read_bio
X509_INFO_free
X509_STORE_add_crl

libssl-1_1-x64

SSL_CTX_get_cert_store

icuuc68

u_errorName_68
uidna_openUTS46_68
uidna_nameToASCII_68

dbghelp

SymSetOptions
SymSetSearchPathW
SymInitialize
SymGetSearchPathW
SymGetLineFromAddr64
SymFromAddr

winmm

timeGetTime

winhttp

WinHttpGetProxyForUrl
WinHttpGetIEProxyConfigForCurrentUser
WinHttpCloseHandle
WinHttpSetTimeouts
WinHttpOpen

Exports

Exports

??0?$oserializer@Vxml_woarchive@archive@boost@@UCreateProcessResponse@KernelBridgeProxy@@@detail@archive@boost@@QEAA@XZ
??0?$singleton@V?$extended_type_info_typeid@UCreateProcessRequest@KernelBridgeProxy@@@serialization@boost@@@serialization@boost@@IEAA@XZ
??0?$singleton@V?$extended_type_info_typeid@UCreateProcessResponse@KernelBridgeProxy@@@serialization@boost@@@serialization@boost@@IEAA@XZ
??0?$singleton@V?$extended_type_info_typeid@VPreviewerSwitcherContext@WS@@@serialization@boost@@@serialization@boost@@IEAA@XZ
??0?$singleton@V?$extended_type_info_typeid@VSessionIdContext@WS@@@serialization@boost@@@serialization@boost@@IEAA@XZ
?get_const_instance@?$singleton@V?$extended_type_info_typeid@UCreateProcessRequest@KernelBridgeProxy@@@serialization@boost@@@serialization@boost@@SAAEBV?$extended_type_info_typeid@UCreateProcessRequest@KernelBridgeProxy@@@23@XZ
?get_const_instance@?$singleton@V?$extended_type_info_typeid@UCreateProcessResponse@KernelBridgeProxy@@@serialization@boost@@@serialization@boost@@SAAEBV?$extended_type_info_typeid@UCreateProcessResponse@KernelBridgeProxy@@@23@XZ
?get_const_instance@?$singleton@V?$extended_type_info_typeid@VPreviewerSwitcherContext@WS@@@serialization@boost@@@serialization@boost@@SAAEBV?$extended_type_info_typeid@VPreviewerSwitcherContext@WS@@@23@XZ
?get_const_instance@?$singleton@V?$extended_type_info_typeid@VSessionIdContext@WS@@@serialization@boost@@@serialization@boost@@SAAEBV?$extended_type_info_typeid@VSessionIdContext@WS@@@23@XZ
?get_const_instance@?$singleton@V?$iserializer@Vxml_wiarchive@archive@boost@@UCreateProcessRequest@KernelBridgeProxy@@@detail@archive@boost@@@serialization@boost@@SAAEBV?$iserializer@Vxml_wiarchive@archive@boost@@UCreateProcessRequest@KernelBridgeProxy@@@detail@archive@3@XZ
?get_const_instance@?$singleton@V?$iserializer@Vxml_wiarchive@archive@boost@@VPreviewerSwitcherContext@WS@@@detail@archive@boost@@@serialization@boost@@SAAEBV?$iserializer@Vxml_wiarchive@archive@boost@@VPreviewerSwitcherContext@WS@@@detail@archive@3@XZ
?get_const_instance@?$singleton@V?$iserializer@Vxml_wiarchive@archive@boost@@VSessionIdContext@WS@@@detail@archive@boost@@@serialization@boost@@SAAEBV?$iserializer@Vxml_wiarchive@archive@boost@@VSessionIdContext@WS@@@detail@archive@3@XZ
?get_const_instance@?$singleton@V?$map@Vxml_wiarchive@archive@boost@@@extra_detail@detail@archive@boost@@@serialization@boost@@SAAEBV?$map@Vxml_wiarchive@archive@boost@@@extra_detail@detail@archive@3@XZ
?get_const_instance@?$singleton@V?$map@Vxml_woarchive@archive@boost@@@extra_detail@detail@archive@boost@@@serialization@boost@@SAAEBV?$map@Vxml_woarchive@archive@boost@@@extra_detail@detail@archive@3@XZ
?get_const_instance@?$singleton@V?$multiset@PEBVextended_type_info@serialization@boost@@Ukey_compare@detail@23@V?$allocator@PEBVextended_type_info@serialization@boost@@@std@@@std@@@serialization@boost@@SAAEBV?$multiset@PEBVextended_type_info@serialization@boost@@Ukey_compare@detail@23@V?$allocator@PEBVextended_type_info@serialization@boost@@@std@@@std@@XZ
?get_const_instance@?$singleton@V?$multiset@PEBVextended_type_info_typeid_0@typeid_system@serialization@boost@@Utype_compare@234@V?$allocator@PEBVextended_type_info_typeid_0@typeid_system@serialization@boost@@@std@@@std@@@serialization@boost@@SAAEBV?$multiset@PEBVextended_type_info_typeid_0@typeid_system@serialization@boost@@Utype_compare@234@V?$allocator@PEBVextended_type_info_typeid_0@typeid_system@serialization@boost@@@std@@@std@@XZ
?get_const_instance@?$singleton@V?$oserializer@Vxml_woarchive@archive@boost@@UCreateProcessResponse@KernelBridgeProxy@@@detail@archive@boost@@@serialization@boost@@SAAEBV?$oserializer@Vxml_woarchive@archive@boost@@UCreateProcessResponse@KernelBridgeProxy@@@detail@archive@3@XZ
?get_lock@singleton_module@serialization@boost@@AEAAAEA_NXZ
?get_mutable_instance@?$singleton@V?$map@Vxml_wiarchive@archive@boost@@@extra_detail@detail@archive@boost@@@serialization@boost@@SAAEAV?$map@Vxml_wiarchive@archive@boost@@@extra_detail@detail@archive@3@XZ
?get_mutable_instance@?$singleton@V?$map@Vxml_woarchive@archive@boost@@@extra_detail@detail@archive@boost@@@serialization@boost@@SAAEAV?$map@Vxml_woarchive@archive@boost@@@extra_detail@detail@archive@3@XZ
?get_mutable_instance@?$singleton@V?$multiset@PEBVextended_type_info@serialization@boost@@Ukey_compare@detail@23@V?$allocator@PEBVextended_type_info@serialization@boost@@@std@@@std@@@serialization@boost@@SAAEAV?$multiset@PEBVextended_type_info@serialization@boost@@Ukey_compare@detail@23@V?$allocator@PEBVextended_type_info@serialization@boost@@@std@@@std@@XZ
?get_mutable_instance@?$singleton@V?$multiset@PEBVextended_type_info_typeid_0@typeid_system@serialization@boost@@Utype_compare@234@V?$allocator@PEBVextended_type_info_typeid_0@typeid_system@serialization@boost@@@std@@@std@@@serialization@boost@@SAAEAV?$multiset@PEBVextended_type_info_typeid_0@typeid_system@serialization@boost@@Utype_compare@234@V?$allocator@PEBVextended_type_info_typeid_0@typeid_system@serialization@boost@@@std@@@std@@XZ
?is_destroyed@?$singleton@V?$map@Vxml_wiarchive@archive@boost@@@extra_detail@detail@archive@boost@@@serialization@boost@@SA_NXZ
?is_destroyed@?$singleton@V?$map@Vxml_woarchive@archive@boost@@@extra_detail@detail@archive@boost@@@serialization@boost@@SA_NXZ
?is_destroyed@?$singleton@V?$multiset@PEBVextended_type_info@serialization@boost@@Ukey_compare@detail@23@V?$allocator@PEBVextended_type_info@serialization@boost@@@std@@@std@@@serialization@boost@@SA_NXZ
?is_destroyed@?$singleton@V?$multiset@PEBVextended_type_info_typeid_0@typeid_system@serialization@boost@@Utype_compare@234@V?$allocator@PEBVextended_type_info_typeid_0@typeid_system@serialization@boost@@@std@@@std@@@serialization@boost@@SA_NXZ
?is_locked@singleton_module@serialization@boost@@QEAA_NXZ
?load_object_data@?$iserializer@Vxml_wiarchive@archive@boost@@UCreateProcessRequest@KernelBridgeProxy@@@detail@archive@boost@@UEBAXAEAVbasic_iarchive@234@PEAXI@Z
?load_object_data@?$iserializer@Vxml_wiarchive@archive@boost@@VPreviewerSwitcherContext@WS@@@detail@archive@boost@@UEBAXAEAVbasic_iarchive@234@PEAXI@Z
?load_object_data@?$iserializer@Vxml_wiarchive@archive@boost@@VSessionIdContext@WS@@@detail@archive@boost@@UEBAXAEAVbasic_iarchive@234@PEAXI@Z
?lock@?1??get_lock@singleton_module@serialization@boost@@AEAAAEA_NXZ@4_NA
?lock@singleton_module@serialization@boost@@QEAAXXZ
?save_object_data@?$oserializer@Vxml_woarchive@archive@boost@@UCreateProcessResponse@KernelBridgeProxy@@@detail@archive@boost@@UEBAXAEAVbasic_oarchive@234@PEBX@Z
?unlock@singleton_module@serialization@boost@@QEAAXXZ
GetHandleVerifier

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 784KB - Virtual size: 783KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 193KB - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SoftWare(2).exe
.exe windows:4 windows x86 arch:x86

Password: 8866

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

33:00:00:03:de:8d:56:82:5a:f1:a4:a9:67:00:00:00:00:03:de
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

15/12/2020, 21:24

Not After

02/12/2021, 21:24

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:01:e2:f1:7d:92:02:0e:49:f8:7f:00:00:00:00:01:e2
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

15/12/2020, 21:31

Not After

02/12/2021, 21:31

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

80:9e:ca:85:bd:54:4a:8a:4d:7a:fe:6b:c9:82:31:c2:a9:df:d9:e1:97:49:a4:57:7e:df:a7:44:83:45:74:8d
Signer

Actual PE Digest

80:9e:ca:85:bd:54:4a:8a:4d:7a:fe:6b:c9:82:31:c2:a9:df:d9:e1:97:49:a4:57:7e:df:a7:44:83:45:74:8d

Digest Algorithm

sha256

PE Digest Matches

false

80:9e:ca:85:bd:54:4a:8a:4d:7a:fe:6b:c9:82:31:c2:a9:df:d9:e1:97:49:a4:57:7e:df:a7:44:83:45:74:8d
Signer

Actual PE Digest

80:9e:ca:85:bd:54:4a:8a:4d:7a:fe:6b:c9:82:31:c2:a9:df:d9:e1:97:49:a4:57:7e:df:a7:44:83:45:74:8d

Digest Algorithm

sha256

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 192KB - Virtual size: 192KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rdata
Size: 338KB - Virtual size: 338KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 338KB - Virtual size: 338KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
atom.dll
.dll windows:6 windows x64 arch:x64

Password: 8866

df51dddf8e5ec5df251bba394a92fc14

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

&DNQsk/TRj{P?QQLl35r,1Czb$f /xad*1@SVq@R)+M2HR31;6UM~VEzmFT%+mfe#y4'z@OE~v3=

Imports

advapi32

RegCreateKeyExW
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
RegCloseKey
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
RegEnumKeyExW
RegEnumValueW
GetTokenInformation

bcrypt

BCryptEncrypt
BCryptDecrypt
BCryptImportKey
BCryptOpenAlgorithmProvider
BCryptSetProperty
BCryptCloseAlgorithmProvider
BCryptDestroyKey
BCryptGenRandom

kernel32

TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
EncodePointer
RaiseException
RtlPcToFileHeader
InterlockedFlushSList
SetLastError
FormatMessageW
GetLastError
GetCPInfoExW
GetConsoleMode
GetFileType
ReadFile
ReadConsoleW
WriteFile
WriteConsoleW
GetConsoleOutputCP
GetStdHandle
MultiByteToWideChar
WideCharToMultiByte
CloseHandle
GetExitCodeProcess
CreateProcessW
TerminateProcess
OpenProcess
K32EnumProcesses
GetProcessId
DuplicateHandle
CreatePipe
GetCurrentProcess
GetConsoleCP
CloseThreadpoolIo
GetCurrentProcessId
RaiseFailFastException
TzSpecificLocalTimeToSystemTime
SystemTimeToFileTime
FileTimeToSystemTime
GetSystemTime
GetCalendarInfoEx
CompareStringOrdinal
CompareStringEx
FindNLSStringEx
GetLocaleInfoEx
ResolveLocaleName
GetUserPreferredUILanguages
FindStringOrdinal
GetTickCount64
GetCurrentThread
WaitForSingleObject
Sleep
DeleteCriticalSection
LocalFree
EnterCriticalSection
SleepConditionVariableCS
LeaveCriticalSection
WakeConditionVariable
QueryPerformanceCounter
InitializeCriticalSection
InitializeConditionVariable
WaitForMultipleObjectsEx
CreateThreadpoolWait
SetThreadpoolWait
WaitForThreadpoolWaitCallbacks
CloseThreadpoolWait
CreateThreadpoolWork
CloseThreadpoolWork
SubmitThreadpoolWork
QueryPerformanceFrequency
GetFullPathNameW
GetLongPathNameW
GetCPInfo
LocalAlloc
GetProcAddress
LocaleNameToLCID
LCMapStringEx
EnumTimeFormatsEx
EnumCalendarInfoExEx
CreateIoCompletionPort
CopyFileExW
CreateDirectoryW
CreateFileW
CreateThreadpoolIo
StartThreadpoolIo
CancelThreadpoolIo
DeleteFileW
DeviceIoControl
ExpandEnvironmentStringsW
FindClose
FindFirstFileExW
FlushFileBuffers
FreeLibrary
GetCurrentDirectoryW
GetFileAttributesExW
GetFileInformationByHandleEx
GetModuleFileNameW
GetOverlappedResult
GetSystemDirectoryW
LoadLibraryExW
SetFileAttributesW
SetFileInformationByHandle
SetFilePointerEx
SetThreadErrorMode
CreateThread
ResumeThread
GetThreadPriority
SetThreadPriority
GetDynamicTimeZoneInformation
GetTimeZoneInformation
GetCurrentProcessorNumberEx
SetEvent
CreateEventExW
GetEnvironmentVariableW
GetFileAttributesW
ExitProcess
GetModuleHandleW
VirtualProtect
FlushProcessWriteBuffers
WaitForSingleObjectEx
RtlVirtualUnwind
RtlCaptureContext
RtlRestoreContext
AddVectoredExceptionHandler
FlsAlloc
FlsGetValue
FlsSetValue
CreateEventW
SwitchToThread
GetCurrentThreadId
SuspendThread
GetThreadContext
SetThreadContext
FlushInstructionCache
VirtualAlloc
VirtualFree
QueryInformationJobObject
GetModuleHandleExW
GetProcessAffinityMask
InitializeContext
GetEnabledXStateFeatures
SetXStateFeaturesMask
VirtualQuery
InitializeCriticalSectionEx
GetSystemTimeAsFileTime
ResetEvent
DebugBreak
SleepEx
GlobalMemoryStatusEx
GetSystemInfo
GetLogicalProcessorInformation
GetLogicalProcessorInformationEx
GetLargePageMinimum
VirtualUnlock
VirtualAllocExNuma
IsProcessInJob
GetNumaHighestNodeNumber
GetProcessGroupAffinity
K32GetProcessMemoryInfo
RtlUnwindEx
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
RtlLookupFunctionEntry
InitializeSListHead

ole32

CoTaskMemAlloc
CoGetApartmentType
CoCreateGuid
CoTaskMemFree
CoWaitForMultipleHandles
CoUninitialize
CoInitializeEx

user32

LoadStringW

api-ms-win-crt-heap-l1-1-0

malloc
calloc
_callnewh
free

api-ms-win-crt-math-l1-1-0

sin
floor
ceil
cos
modf
tan
pow

api-ms-win-crt-string-l1-1-0

wcsncmp
strncpy_s
_stricmp
strcmp
strcpy_s

api-ms-win-crt-convert-l1-1-0

strtoull

api-ms-win-crt-runtime-l1-1-0

_register_onexit_function
_configure_narrow_argv
_initialize_onexit_table
_initterm
_execute_onexit_table
abort
_crt_atexit
_seh_filter_dll
_initterm_e
_cexit
terminate
_initialize_narrow_environment

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vfprintf
__stdio_common_vsscanf
__stdio_common_vsprintf_s
__acrt_iob_func

Exports

Exports

0168b3yYFpGj8LfC
03gZ9JdwnSECLRU6jlWBhL2R4SVR
04FDydSL
05b78Ob7DyezLyQur73NcwxQsuXurus
06aQl1OnoGg56wAdUY4y
07Cm1xhBk6yMoxeqKJTAOZ
08qFwIt9jvAIs
09M27DHwJ8xBngH
0D5ah8UeqNbjAFH
0FMHNsMGmEzy
0G6OxPJU3Irhya6Z
0GBpzSjdsAWUKI
0ITCoCmV9nV3vvAVKbfsFEu8B4J
0IiImKskaI0BQvdJ3j3
0M9hiNAHxrrykMnO0
0QaMBQdYzUaVuehxdUCAwVYlB7N
0SM8dLG
0VTmT8hujUNacKkKnnq2BCeVp5
0X7nlLV3otN0pl6
0XWqOQQ96gRRINpCyuQt1r
0Xom2QL6KbDzNNHHUQ1gqZU
0Y0KCXVZoQOV0TiXkoaIbg9Rw0
0YSM5mkTJ1ul8KSaKI
0YaQ8Nl5yJdQ
0cpZGtZZVzVNMk36CrwQuA3Tf37vH9
0gQYYMOmDIn3PSbmD9
0gr4N6ZqgqaRD5A
0h2WJm8BJpvwSpJXF5
0hdydrVazvfWDh2oI73XlalefWXEKeK
0jYoPSXJin7mlJ8LtkGFAhL9SXIZi
0kUkTYZpPddnI
0ou2D87GIe3EVBvn
0pPtXxADMFcJj7U1jKV1isSIvoHz
0uOHoI39EtDGoDIjLj4
0uThcqOqEocK3z1GUH4rXTH
0uuKbsNfDXhB0PlL9TmqYF3Q6zR6m
0v7LDbY8k6zAZvtAkcQowYPhprrtpYm4
0vDGCT6BvYyDtgQRHOgnQllCayiv
0vNk7dwQqTqgMrZcnL05d
0vZV9MvkjMRV6sRyPt
0xWInTgvGdl1
0xe1MpLEMDZPG3
0ya5r0l8VstnztwOQIvGPNw
10C2ANpi
1357xVFZaTMthmPMVePIAVZukQ2oe
18zXy0vmwj9bABBanptZN4Y4d1p13jC
1BjA2cmwPlXfovNaViP0s0e5cWUr8i
1BlLCaaO
1BroZQtu
1DFDChshzB9
1Ehrt2wV9JIB0Y3wuzItnTK
1FTc9EqAwKhlF
1G8PKMOL
1HQtwRZsmLK42
1JQVj2G5iJSfw4oxv3
1KSr9J3gTO3dtHPb8E1nFsRRoLNp
1LFeimH8S34RFvXXbTgm
1QAtHk8mhSpzjgVSg3siw3YYhw8Xp
1QFaHtCX8g7ZPfLORk9Pv
1SHW1vpjum
1SQindlP6Gofa0MGuAS8FQ99Nejj
1VIO4QlD3mrYTZjzzRas9kR
1aP53c9cnJuuNGUIduzIwv3kWUx3VQo
1bX5iUikEo
1bhDv0mcq
1cHTPEFTPVb6FwcDo
1dq5OqfhG8q3Gfw9as2
1eHvMXixL
1fY4kBAPLWoJkQVevBr637xYh
1g24xJC9UhrKKG2fnU
1hP2bbls4fbElmdA70BqN7ceC
1hahNuB6wXlKK9PYvRjTXsFB
1hih6NDiTQ
1iK83l83NeCyaRVS6wbCW
1l0cIR4myu
1lzr1oOSx
1n7LBGABIy6tNnKS
1pnKEew2SMRiwouhN6iyaBDP
1rWWlUv2iezDoq0EI1fNEDn
1rstUq0EsX3C8gvS
1s8ftlZK0Ynfbyj6yplacw
1usIfGIxL4m
1x59ZAxnW0sqdRbWX5p01dn0C
1yz9wLaObdCCYJrrHZdHxVGfMAaTA0Kp
20XZawHg0iXkrI5Oimf3T
23rMNxbMukVkLiw97kHjormIY1FOc35
26d4pe1rK
27b925gEnDmCaCUkrls0XUu
281agMsD2aObK6xzS6ehpTOlqUS
29rqdSo92Ji3Q
2BVlE4u6IWc9xL2Ok3
2BbtuKWcTzvjrrNg
2CR3XVgiOVwQilV
2FAkGNefgVsbBGDX6zYw0
2LkicEiKwCWcMbLfwqKHRpIS2Xr
2PDApsPrtB2JR
2RQf6UJ6
2S8AoMXTDiT9nnM2t
2SQhxlZsd
2TmUhqWctEKuCY0fh1oEOa7Z
2VJLrqwlYTv4msNiuXgPONK7
2WfQ54yYVPuNa
2WuPhxVDbF9VELBNP1lWlK0GPeIl
2Ym7gtlMLlT2
2avcoeDin
2bsZgw8JjXwz9gLadHowZhp
2crn9zXvIJqyBE
2eIhpF40qcN1KYnlQ
2eT0tPdaL3RMFizOMIZUfWB63mC
2f0TjxMSghvUTVAXy6Sza3
2fUt79EEr5d
2ge9YJTbEct
2gyonaGKvNimvs
2i3NRWiJglNA9p2pY6cw2lv6Ceb9
2kJqb1r6Yb4wJrV3E1avHvZ4w
2p8P90zjzLX8PCmsJPFn8aMGOS
2pbROQQv5CxXc5YWhuGPnfEF7CwQEkn
2sKm7YnLtciep0EPYWhTBRO
2uuDxriCR6361OAHAoqU
2vywEyWiFVHFlEa8FfDlMrTEh
2w80ZTCYSKhvhYuE3SYurS
30Xk30QuO29fTXdfzISBHbljL
32HOtfkAXKy4wpKmeFWb0xz
33Lt9sGtrEBAY5wWfpurBrj
33bPKVFPnEvcKL4yDI8WIIqb
33nFpQlv9eJ09laTxi6
35U5NDF8RIMcZS
35tU0PHkTZ9wawc2NCH65ElHzvJJTa
3AJD3us
3GB1481xL9
3GSYvo4FgXcbaljLvdPLC
3HSpcaCNibeo6BXvvLOIzcfMQPFOCGoo
3L6Ka4HKzCBMcKq1vvf2Uy
3L9xIP5OreSjfqH7fD3J
3MRxcun8Bw
3MtUKZotLODXaRixi
3NBWMQokk5qcIru
3NPqz0kjyQR
3P1hG3oUhB7dJ5rtKDfu
3PVMyRU1wk
3QV7fuNMBsl4J6Y1oPI86zYeQ
3RJDfGLR
3Rz8QQszlmKPFfJxXon5lIF83L0ShsI
3UrVatM63PeJ
3XR6eNY
3Y9HCsH4p
3YXcaZVMGIhtL6jhu1lZhHk
3c4Sxbt0srug9
3dhFu2hl6wg9nYCbDrRBh2
3gcZmpX9vJbOSKyp0WjU
3jRTADvs
3k4dgJWn7VC1JISXYGqzN9CB
3lTjMWsrxem
3luCv2ZkEbIjwCzUraTavbOefE3iE6
3mTBL8ZvvKbcW6rmDfO
3n0jOYL1cARBrngIoSgFirFBzDQ
3nxdsnB8fMouTVDQ68SUizIPRR1
3owspQd9rhGOm37DIMJui
3pTbiOPtMuICGVP1YTQ
3r3cb1AU4rCJv
3rTaJGQUKdXlrt7vWvVOKYkSZw8oAM5
3shwXXgtXYs7Wqp
3tl8p4i0essLHlX0N
3ufu3oG8SFndj6UBCNqx3JXmxRl
3vDp6Yy71aPL418T6glmrCmZIVPKLg4
3wFlkWcDWDa7hwf4
3zUly6VvmzkXSoszdOp00zVubD
3zZASiBZynzHkX2Pswr2Mtc
3zr4O2INXZJqW
40KpqVgANsmRCPpKAxWtEkP7
40Pk3YGDnuVAkvIMW3m1dvmbt
40RmAl1jKLhm2cqrmuoq
42DqYyhlPDmRoriu70V
42tv9EPKn2v5LXlfJnwq
46UkIE8M5RU2VdYvi
47l8QeTvarO6tsVQaGxxZVYSX
47sBqA1EFz31fSMvVc9dy53hxit4qjKC
4B9vVq9RsDL6e3MlxhRdlX5
4G5iqQtMURX
4Gi4OcJ6W
4HzL4Ptf9H24MtenXb6BaIy4O
4JWNyKMfrJrF
4KhpC9Ra
4KinIg92pMC4Mz1SIuX76Cq
4Kk4nN8IIt
4MknI0Ujtck6VtbggQxeWBCYnSO2EFe0
4Q7cyBnMVGBm
4QIhbzuH6n
4UXXwCtrLrZ5ATR1zRPtbXJuBzFPGl7
4UsRKNbkcXqUj
4VVJS33aGUN9ETRkL8Jy76MztEgd
4XSWzQi0I3pNfYg4swguYtzcwIF06
4ZEWhrhCpLOfL6bHTVti
4ZWIS8MIA4OyfTPgVjfUmA61u
4ZXMTUZ0tFHY7583
4ZuhjV5HsRPcDLxxC
4cwLORUhs0rbWir0OV7GE8gtFXJZtnrv
4fgX1AVErGbEIv93cee7Ci9
4fhBSkmYJdAFIbIVz5PH1g10Kt9
4g7DgAWXgiyEhgc4S
4gn7MKIOkmCRJ8ow
4imoegGeON0uls6bIaelNMs
4lRX5IxShFk4RXTCoKk0c1
4lV9xjAjAWbHfmT5zKdk8W2t
4llodIlTER8t4qVc25Rwm4ooRxzh7G
4lzllhbYihpW25W8ONXZNbX2
4nDUdNMD5bZ
4nxoMdOTlJM
4ouih1jO
4oxMV6tG
4qTZYIv625
4rPDGnimRu4cT4b6ilKQ
4uoOuexIxk1
4x4EWNPn
4xTbVFAFjamtDmzv
4z72DzC3y1JPQzFlpmyflcjUJLZ
52s95pHHI7yk4xyK3xRvP
53eAuP6j1
54kzIsJKIBU2
55UEvsPkwgjw950lvZjohHOzb
582xg7Fb1WFkjY
58OZWi4vTtvXtacGSFMWmdBk
58OqATlNCaNPtN0Ada
595BhbgiUUz7Nn
5BLEP4HkwDeHnMK3absKt
5BeX9lZ
5CrNaDm1h6Ws8ATBl3P2OoumVuhvHP
5Ftmw0iXZeMTDn4J5
5GDo5HWsi9jd
5K70wGvXzw
5MkPoco9Tlmfby
5NWwfqGDCZJYzoxv3ot
5Nn32wBdiknYWFR0IxaeEzCnTPlS33T
5OtOIV6q2AHzqW1twRxRu
5PIwU6ou6zRxqnPZotJO2wsq6WEi8
5PlPs4a80fvhjPQODcnFpC
5PptEITFGTyHui5PVttytumXCpP4
5T0R2cJub8qTRPH3oo5Mktyp
5UEI1eG1Er
5V2oc0z8jfUdc9S
5VtTxy0Iy
5XUCm2xlGtys88G2N4ADwRvfB10E6
5Y9sTjQcjuqf
5YFr5POlwGzt4b
5YlFu2TrjkeJsyW6
5ZJpn3Sg
5ZncSrSiw8MG
5ZzYJxQq0m8kgP6bHrQwfvj9fzLC
5bXsWzmbslZUlJayGG
5bitqX2svKmJ5NRunx
5dsSUY2IXn3QGB2Iwj8dw3aoHvGKCrxi
5iv5nTE1fDwNIQAlf9VzLw9Mj35FiiF2
5lHsXtRpSk8Rrz8fQ9qKUEeojHRURBSE
5nzQONOFLfOFtRB63KhEMstJ
5qkPatnwMfP7LkGuqZI
5qs99lo3QFno
5qt3iIYVV7ksA
5r5mf4eLkhfvHiDg3EOY4IC8OOttW
5rdso7vcqnbx342uY3m3mNwceexOt
5rekTUWTOLKMhTVQSUC
5s6HUH5sO0Fcw1gtq93kxLEWE
5s76kipbCIPm2IdKD4h3eziSy
5t570lxsOOZtaRf40LsV5i2n25Vj4TtM
5tFpS78ySS
5tcQoGKY036vV0lyER3Hkx1
5tpDvXknkZCi4xAqxT2gst8Q
5u7LK310k
5wccVhOHfvV4xTsu5s
5werIJk17x2
60gK0hdUWy2SPdeBLzFiUll
619KTVOlS6lilkRWy8NnsB8X
61DGQZoCkvOmhRDbaSaOXOC8qkO
669qnuWuPT
67k2mfe93dgQdeNpYUanm
69EcqjJ3CN64nmvqGXnY
69s19FfWsrl
6Bo1u5c0
6CdFLvqAGO54LedRUKq1Po
6Cj3C7kjcZYq13f
6EZD6LJYT2aWw9A
6FiGe6XP9FQ3IuqTE6xhYWFM
6GTG49aXGlYsty1muM7GLLr
6HBm6AQkmzjdN1uR
6HyBfkzYfAxFIsYQp65tUWfFGUYXWG
6K0nBfBDgB
6MswxrEKdJJm7ftKC15
6NTQ9vabRcSxxbDtqHKkY3qjHA
6PJ1S1nByLfp6bePgikIFO76bQv
6QFbBqhftaIHqYZOoVOg
6RhX8asTR9Ou14WoI6PoOP2T
6RxtCX8FMcs56lDT52Tnnk
6Ty3VQQutaHrZ1s439TGZTT69
6ZydEHOXVjD0XAy31Xz3fU
6dZQghF61Tpy5BIAjMgTBuKD9rNET2
6fyOAeVp4LvEiqqEcWUbW
6gRyao2LL8xaKaTG6NM
6gUMhHFceVsvxn
6rAFVskU1grp1
6sK8xiO0sU0y9OvFGTMWohi
6t1Ff7e81C5
6tEqNGgKwoN3vvbT3JVA
6tv17R8r6nTorpiAlxyQn1NoayXo
6u1OVhJGppmQuqOJIk0kstQZrId9
6u2kc06JnVvySW2YaN
6ukbVVpPDwUmHxAFVU
6uuGWLONN
6w7lmsB
6wOBRlyRnrdf3
6zTEBBf24YmAR9Afer0hZh
704vwfoVT64eZUeZNvcxRRA66ni6I
70JSK73WxkcjtBezO
71VmxzsfXDvUxo58
72k4rGoip0umhtKngx
74OPYA7HhRUduWmyzYETlSykBWkNBCs
75YgKYxakfcYp1xB5lWPeMtVl
75cTV9gqGX
76no3N5Zza
77DugO0KI0apTSlsLkZIPmtkV0vqBmjF
7AMkpgiZJ1Z4CNTVf424W3OfWp
7EJPJ9QXIVRYrfE8yB
7GPrL1XllfaPUGX
7IQoXsLrw8svIBnaBucrZ5P
7IivYMFf
7JwGYtJFMV
7KbjnrlFtn
7NOWwMsjfYH8T4YNSac8JBs
7NRK8iC7v4OqO6KyJl56MwGvo6f
7NXRzf3xl1iObpXAt
7Ta6KObT66
7WdsM19diJ
7XaFD0TvdiIxAvQQ5o1t5YNLAxK
7YlXwHcUR55t
7ZSenk0yb
7ZZdXt0LdyjKv8MQEgoiHp
7cFhsCadzybulPuEcnLLlrnlVh
7cH91PSM8IHOkmfIRbPEGqV9pl6uTl
7e5DtYVgO8cVpsTt6nP
7gltfNpv8aNiWSNs1DLhQqkjA4
7h2A5Si6
7hZZMkY1WdXweI
7hmM9uCYNQiEpVu9fBpWo0
7lS4Tmyk3TQItTHu1ooc
7mDOQFNlrqhasS6JO8F
7p6DJqsqoPoMLbRb3d1sVi
7p6mWERvtIVrj4NIpLEYkkJdWup6TNW
7sKxNNY
7ueuTmcqhUDgSLwsVUU
7wK8OYXioV1Yk3GWFz
7wzM4A4ih
7xSLcPxO0w6AOqxbWB
7yXh1UJktLr
80khIBjgj5defdQsHShChU1CvfBt9DZ
821eLkYY5b5b3LUtxTza6oyzN6bKO
82D99b4SItNi5q6BqTJEs9acSaw
83cplisb8dHzgio0IPPn5
84Drcu6ndtJ4XsCw
86ws3IqiIMgfvjiKFTXc17RMHH4y
897jWjtx5eZ62i72yJ0b7EBRg5KEhpt
89j9Or7wCLv
8B2VSEfK
8B7jQeauuRmhry
8FY7RwQ7h8FY
8HLJF4ABQe
8IHm6QbaKtH8o95uv
8KzuyPiQLMYZ5OFbdHoGcrRbxMhVJV
8Lb8aSa4M5WTpEnV0o4
8Ms5CNVfil34G7xn3lpFZsakQ
8ONJ3NvkZzJRHFQF3aNj8eCXMkQtom
8OTrhNX
8R0BD72c1FQNofdEW8Gxq
8Sa7cpXJuEF6tlkoUz5
8TQgBXdbJnsmdqnDzKZvh
8VVxanAJPCzROqBit4wYaRs4hKAZ
8WkxmvUxL9kqbC9tMODbu8
8WtXMr6cQthzCGoCGZExZbJGeBkg
8YGSu5EHb6NXxkrhroHkIEnisxV
8YYk6UHMZ5AZigWmDqQd18JKg80kYIqO
8ZU59yn5uhLEWQPW8wK9pvxO9UB
8ZreCrM7ak7
8bA9fBJkzWet02mMrw3
8bhjn3qsPuSI
8dgAdZHbnX3Q56DceTLPLY1z8uvRLH7i
8g8jgg8ACg3iP04jux
8gQUuSdYRtxuaCALtSlyb745
8ghojsftKDYrMhsKsksy2wSRNX
8h1G4vPkKjIf2VRm9Ro
8jL9k9FtoVAncQYlG
8lY29Dx4UMjTcKKdAwxA8QIC
8njnTqz
8ogWNtLpnq
8rypbZNwMo4Mz1BdFEcKCLDv
8s5NoKBtHEBxp0Ewvn5F983LjeGNI
8sIws7RSpdxr
8yqkhGsTIVTMR1bG
90tsevaJzqOylg6V0rEJcUplW0hkf8fg
92Rm2lvI9Expj
93OEH7fiziT
96KtyVEPkPAsjs6DjZbMp
96LDvuTVsFbYf5KLICTYQvIkG5vQW
96YBlrLsMJjZ2O
98MTlqaxSA2cnQetEtoZXK45jazomH
98wUqKqX
9BrZqiFzABYyQ5oPhUE7Tfe5E4
9CTcsJ05N5be2G
9HEXhS5DXd
9I9ZRaMwiXBpr4PMpXCrzgf7QvaMy1jx
9IWsfCIUzq7bJM8PEE
9JWh4idQqTt
9LasHW09vq73GxMPe4UjjgG8
9Ldwzpk18EYN2FUoZz5
9OEM4nBJLmOpSyuyYRq
9QyBovM8aoCVRF6kNCgJpi9J9plKuf
9TwQxuyi8XzMljcE9Utvz
9U0lYFoLA33gj4bF5Nj3SuUtroR
9X7n7CX
9X9v9Wqz
9cDj2nhtpv2q7IGu0zbib1zwQHrG2tH
9d0B6SD
9dxLbyMX6YA7soMqyvX4ADGmKTE0
9eKkFfFmZ3O1wZaJBVUujd3DPOxywF
9ejqXeDGCBxi4JNru
9gKm0eBD6E
9ge3m4PWEwAz76GPPNgp65QgNId
9iAi2HQWvsclf6axoSF
9jCHAHoxDS9jVNAhwMfoHUYATwupts
9jdCUfM9MkYoEtQb1MxLovNcZt3WD7Z
9jpegx1SAZPzYNAgFg
9nOhl3mR2YkvMo31NNFBBaAV
9pnqEFkrczKiO4aAjK
9qBkspx2D2qQ2FcIth8aQi8sCoTcST
9tMNEhJEEF54OM
9vDpz4QldSscu76LpU5
9vVWDjJ5HslYbiqF3RtSl0uEQMk
9y4TKhbHGZ3hHM41vqyRmWCq
A01XGpO4xjiWLR8IPUSakvH
A05kRoyVA0lEKHxD7lyCd5XttA
A2Ob9oKwntXsP5ie8dnBvZFMfy
A2Pf4zaoZML8JPUJrcbsi5ov1ulat3P
A2TceKd54lVdfZNaO6jSS1cVqL
A2hfJUdFZjFqkVOMdavOqHOOYv8G2
A7G2E6UaEvJEzzBcdZlOmGzlv34qPlO
A8q9iJWFJc8S
A9e6umJc5Dk8cTKEljSNe9O
AAJq9DRVC17FqCQvsibfnzx5DK9r
AEw1KqipPBx00YoFG2CBo2VEv
AK0N3uPXBn7NAu3sMfSFMwEn
AK3an5eI7RcJhfTjAo6DwOTD
AK9YO8I8qYs
AKgyshv7uGqV6QMLI0VNDNPa7M
ANbcTpKTVgj419v5MhqPykgGZz
y#�6U2GEHyvLigt
AOqp2yvJnRMyKKWL
AUoKwZGy6InEZU74mdgD4aXj7rw
AW1mCMq9ygxb7N6k
AYaJb7v3hZaPREiIK7
AZMCKMg0bKWM1gwMxANtrdvbt
AZQPLyj7B0hrYLryhJ
AZybNxAnOxqFddOyWfzYmcy
AcYM0hXik5jRF
AdFpnPAo2e9xDjEezC
AdT9XwzJSu3XpYDP
AfLcr3fuNEJAGnvhSVhhcRm4hsOPrG
Ag1oSZOC6UQ4R6GzCaN4
Ah6DVJMjf0X6NJATsv8S0M
AhWICZRpZTV73ef4SERArnME
AkV4QgjSdeYslc
AlXN3IYGvhmBZxH7gV2ky3zYh7aH3
AmKyJlnnB5BUPE0i7EhX9WpMQHverC
AmSPf8Y0XXOycU9AaeHJQEoE8IL
AnTH5Tny
Ao4qEISNZ4Sy4vTU
ApT2sgAGTyU7rXuhjyDHoP
Asm6NJv42cOtCuLvoK
AxHqyVMpYz1gI
AyvqgaqluJRxZhWNaE
B0LnC5Y0oq0HI
B2TcZd3GHX5yTb1viuTip6M7Xl
B2jlPNxqP8SR
B3j2RVzH6J0vkiL
B3zqbohEr9Hc
B4ENSxzkbx879ivk
B6tJxT5xIjTRsf27kYAjhxCFn
BAyB3iTFC8iLi4YOPIfEjW
BC4p5BQYyvooGKiSq86Q8WXJTfe
BCwhuTGIg8DNp4b74jQ4wnFGpXVn
BEC0HiXxPdUWn6sCzB5mIcSUH2J
BEuddDi62uNha3nlGnvObeDzi9san1
BI89FFWL5gOjsgKv05sR
BIzgNxE3y5FH69AYwFGLNBftj0rVb8Sd
BJX2CO3mTvDKxu2a
BJzvmUItpMF7JEy0nMvf0kbd48Er
BLb18LmLgl5As1SwO2f9Rb
BMjZW0jdjOQ4Br4X2fVneVLAZerWssT
BMsYL43wavVSWAURAViIuZo
BNAuVOEGk1K
BO4SiiJ2L5vXWevI
BOW00L6tOAGXg70Urgo
BR2ab3cByydBlXJ0
BRhlMN20f4XaOy5RduxT8qSMNUkP
BSXRdh05y5i8N7ywLV4mxvktpDwVtiu

Sections

.text
Size: 453KB - Virtual size: 453KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.managed
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

hydrated
Size: - Virtual size: 531KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 144KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1004B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
brand.dll
.dll windows:6 windows x64 arch:x64

Password: 8866

29bd98ef3bdcfc003aad1379e046db35

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

dc:39:2e:be:77:1b:84:15:a0:e2:c3:0b:c3:46:8d:0b
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

21/09/2020, 00:00

Not After

21/09/2023, 23:59

Subject

CN=Sober Lemur S.a.s. di Vacondio Andrea,O=Sober Lemur S.a.s. di Vacondio Andrea,POSTALCODE=42021,STREET=Via Enrico Fermi 28,L=Bibbiano,ST=Reggio Emilia,C=IT

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

39:72:44:3a:f9:22:b7:51:d7:d3:6c:10:dd:31:35:95
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

12/03/2019, 00:00

Not After

31/12/2028, 23:59

Subject

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/11/2018, 00:00

Not After

31/12/2030, 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

dc:39:2e:be:77:1b:84:15:a0:e2:c3:0b:c3:46:8d:0b
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

21/09/2020, 00:00

Not After

21/09/2023, 23:59

Subject

CN=Sober Lemur S.a.s. di Vacondio Andrea,O=Sober Lemur S.a.s. di Vacondio Andrea,POSTALCODE=42021,STREET=Via Enrico Fermi 28,L=Bibbiano,ST=Reggio Emilia,C=IT

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

39:72:44:3a:f9:22:b7:51:d7:d3:6c:10:dd:31:35:95
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

12/03/2019, 00:00

Not After

31/12/2028, 23:59

Subject

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/11/2018, 00:00

Not After

31/12/2030, 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

78:01:af:a9:7f:85:1a:43:a2:71:79:0f:e0:a1:7d:8b:1d:1c:ff:d1:c6:ce:c5:b6:d0:ce:8d:ae:54:b9:65:55
Signer

Actual PE Digest

78:01:af:a9:7f:85:1a:43:a2:71:79:0f:e0:a1:7d:8b:1d:1c:ff:d1:c6:ce:c5:b6:d0:ce:8d:ae:54:b9:65:55

Digest Algorithm

sha256

PE Digest Matches

true

cc:e4:ad:c7:82:1b:54:9d:e3:e5:82:6a:99:da:c2:23:6c:76:41:2c
Signer

Actual PE Digest

cc:e4:ad:c7:82:1b:54:9d:e3:e5:82:6a:99:da:c2:23:6c:76:41:2c

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\LULU\TempBuilds\TemporaryBuilds\main-pool\32\s\App\_bin\sam\x64\Release\brand.pdb

Imports

wtsapi32

WTSQueryUserToken
WTSEnumerateSessionsW

encoding-conversion

SLConvertACPToUnicode

kernel32

GetCurrentProcess
OpenProcess
WTSGetActiveConsoleSessionId
CreateToolhelp32Snapshot
Process32FirstW
DuplicateHandle
GetLongPathNameW
GetTempPathW
OpenEventA
GetLastError
GetFileAttributesW
FindClose
CreateFileW
GetProcAddress
GetModuleFileNameW
GetModuleHandleW
WaitForSingleObjectEx
GetCurrentThreadId
SetEvent
CreateEventA
FormatMessageA
FormatMessageW
LocalFree
WideCharToMultiByte
CloseHandle
Sleep
QueryPerformanceCounter
HeapFree
Process32NextW
ResetEvent
GetCurrentProcessId
TlsAlloc
MultiByteToWideChar
AreFileApisANSI
DeviceIoControl
TlsGetValue
TlsSetValue
TlsFree
InitializeSListHead
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
CreateEventW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetSystemTimeAsFileTime
CreateDirectoryW
GetProcessHeap

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCloseKey
OpenProcessToken

shell32

SHGetFolderPathW

atom

CreateSingletonStaticData
CalculateSequenceHash
IsSingletonStaticDataStorageAvailable
GetSingletonStaticData
SLGetAtomFromString

msvcp140

??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
?imbue@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEAA?AVlocale@2@AEBV32@@Z
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
?widen@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEBA_WD@Z
?_Init@locale@std@@CAPEAV_Locimp@12@_N@Z
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IEAA@XZ
?narrow@?$ctype@_W@std@@QEBAD_WD@Z
??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
?setbuf@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAPEAV12@PEA_W_J@Z
?xsputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JPEB_W_J@Z
?xsgetn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JPEA_W_J@Z
?uflow@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAGXZ
?showmanyc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JXZ
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAA@XZ
?sputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAA_JPEB_W_J@Z
?_Xbad_function_call@std@@YAXXZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?out@?$codecvt@_WDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEB_W1AEAPEB_WPEAD3AEAPEAD@Z
?wcerr@std@@3V?$basic_ostream@_WU?$char_traits@_W@std@@@1@A
?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
?put@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV12@_W@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
?_Xout_of_range@std@@YAXPEBD@Z
?toupper@?$ctype@_W@std@@QEBA_W_W@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@K@Z
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?exceptions@ios_base@std@@QEAAXH@Z
?widen@?$ctype@_W@std@@QEBA_WD@Z
?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAAXXZ
?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV12@XZ
?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAAXXZ
?uncaught_exception@std@@YA_NXZ
?sync@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAHXZ
?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAXXZ
?id@?$ctype@_W@std@@2V0locale@2@A
?is@?$ctype@_W@std@@QEBA_NF_W@Z
?_Getcat@?$ctype@_W@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
??Bid@locale@std@@QEAA_KXZ
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
??0_Lockit@std@@QEAA@H@Z
??1_Lockit@std@@QEAA@XZ
?getloc@ios_base@std@@QEBA?AVlocale@2@XZ
?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAAG_W@Z
?clear@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEAAXH_N@Z
?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEAAXH_N@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@H@Z
?_Xlength_error@std@@YAXPEBD@Z
??4?$_Yarn@D@std@@QEAAAEAV01@PEBD@Z
?_New_Locimp@_Locimp@locale@std@@CAPEAV123@AEBV123@@Z
?_Locimp_Addfac@_Locimp@locale@std@@CAXPEAV123@PEAVfacet@23@_K@Z
??0?$codecvt@_WDU_Mbstatet@@@std@@QEAA@_K@Z
?imbue@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAXAEBVlocale@2@@Z
?_Getcat@?$codecvt@_WDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
??1?$codecvt@_WDU_Mbstatet@@@std@@MEAA@XZ
?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ
?_Incref@facet@locale@std@@UEAAXXZ
?id@?$codecvt@_WDU_Mbstatet@@@std@@2V0locale@2@A
??1?$basic_ostream@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ

vcruntime140_1

__CxxFrameHandler4

vcruntime140

__C_specific_handler
__std_terminate
__std_exception_copy
__std_exception_destroy
_purecall
__std_type_info_compare
__std_type_info_name
_CxxThrowException
memcpy
memmove
memset
__std_type_info_destroy_list

api-ms-win-crt-string-l1-1-0

strncpy
strnlen
wcsnlen

api-ms-win-crt-runtime-l1-1-0

_initterm
_seh_filter_dll
_initterm_e
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_atexit
_cexit
_invalid_parameter_noinfo_noreturn
_configure_narrow_argv
strerror

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf

api-ms-win-crt-heap-l1-1-0

_callnewh
free
malloc

Exports

Exports

CreateServiceObject
GetApplicationRootPathDll
GetBrandExecutableNameDll
GetBrandNameDll
GetBrandPublisherDll
GetCompanyNameDll
GetDefaultFolderNameDll
GetDefaultSettingsRelativePathDll
GetDefaultTemporaryPathDll
GetDefaultUserFilePathDll
GetInternalProductNameDll
GetLegalCopyrightDll
GetLocalDataPathDll
GetProductCodeDll
GetProductNameDll
GetUserDataPathDll
ReflectServiceObjectInfo
ServiceObjectModuleInitialize
ServiceObjectModuleOnCleanup
ServiceObjectModuleOnFree

Sections

.text
Size: 115KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
concrt140.dll
.dll windows:6 windows x64 arch:x64

Password: 8866

e29b9617328962a9b58721e88e2fd959

Code Sign

33:00:00:01:2b:6d:cf:b5:17:77:f5:6f:42:00:00:00:00:01:2b
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/09/2019, 20:40

Not After

04/12/2020, 20:40

Subject

CN=Microsoft Time-Stamp Service,OU=Microsoft Operations Puerto Rico+OU=Thales TSS ESN:C0F4-3086-DEF8,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:01:51:9e:8d:8f:40:71:a3:0e:41:00:00:00:00:01:51
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

02/05/2019, 21:37

Not After

02/05/2020, 21:37

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:01:51:9e:8d:8f:40:71:a3:0e:41:00:00:00:00:01:51
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

02/05/2019, 21:37

Not After

02/05/2020, 21:37

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

eb:4e:b0:e5:54:9a:e4:c5:bf:9e:38:02:b9:57:6d:d1:d1:9c:93:47:a8:e3:56:13:13:20:69:05:c6:4b:9d:e0
Signer

Actual PE Digest

eb:4e:b0:e5:54:9a:e4:c5:bf:9e:38:02:b9:57:6d:d1:d1:9c:93:47:a8:e3:56:13:13:20:69:05:c6:4b:9d:e0

Digest Algorithm

sha256

PE Digest Matches

true

03:1f:b8:d8:0a:12:54:a1:1e:de:c0:9a:b8:32:ca:6c:3f:70:d9:8c
Signer

Actual PE Digest

03:1f:b8:d8:0a:12:54:a1:1e:de:c0:9a:b8:32:ca:6c:3f:70:d9:8c

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

d:\agent\_work\1\s\\binaries\amd64ret\bin\amd64\\concrt140.amd64.pdb

Imports

msvcp140

__crtCloseThreadpoolWait
__crtSetThreadpoolWait
?_Xbad_function_call@std@@YAXXZ
__crtCreateThreadpoolWait
__crtCloseThreadpoolTimer
__crtWaitForThreadpoolTimerCallbacks
__crtCreateThreadpoolTimer
?__ExceptionPtrRethrow@@YAXPEBX@Z
?__ExceptionPtrCurrentException@@YAXPEAX@Z
?__ExceptionPtrCopy@@YAXPEAXPEBX@Z
?__ExceptionPtrCreate@@YAXPEAX@Z
?__ExceptionPtrDestroy@@YAXPEAX@Z
__crtSetThreadpoolTimer
__crtCreateSemaphoreExW
__crtGetCurrentProcessorNumber
__crtFlushProcessWriteBuffers
__crtGetTickCount64
__crtCreateEventExW
__crtInitializeCriticalSectionEx
?_Xout_of_range@std@@YAXPEBD@Z
?_Xlength_error@std@@YAXPEBD@Z
?_Xbad_alloc@std@@YAXXZ
?_Throw_C_error@std@@YAXH@Z
_Cnd_broadcast
_Cnd_wait
_Cnd_destroy_in_situ
_Cnd_init_in_situ
_Mtx_unlock
_Mtx_lock
_Mtx_destroy_in_situ
_Mtx_init_in_situ
?GetCurrentThreadId@platform@details@Concurrency@@YAJXZ
__crtFreeLibraryWhenCallbackReturns

vcruntime140

_purecall
__std_type_info_destroy_list
__std_terminate
__std_exception_copy
__std_exception_destroy
_CxxThrowException
memset
__uncaught_exception
memcpy
__C_specific_handler
__RTDynamicCast
__current_exception
__current_exception_context
__CxxFrameHandler3

api-ms-win-crt-runtime-l1-1-0

_register_onexit_function
_initterm_e
_initterm
_invalid_parameter_noinfo_noreturn
_cexit
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
terminate
_execute_onexit_table
_crt_atexit

api-ms-win-crt-heap-l1-1-0

free
malloc
_callnewh

api-ms-win-crt-math-l1-1-0

exp
sqrt

api-ms-win-crt-string-l1-1-0

wcsncpy_s

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vfwprintf
__stdio_common_vswprintf_s
__acrt_iob_func
fflush

kernel32

OutputDebugStringW
GetModuleHandleW
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetThreadPriority
SetThreadPriority
CreateThread
SwitchToThread
SignalObjectAndWait
Sleep
GetCurrentThreadId
GetCurrentProcess
WaitForSingleObjectEx
SetEvent
GetLastError
DuplicateHandle
CloseHandle
GetCurrentThread
CreateTimerQueue
QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
GetNumaHighestNodeNumber
GetProcessAffinityMask
SetThreadAffinityMask
RegisterWaitForSingleObject
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetModuleHandleA
GetModuleFileNameW
FreeLibraryAndExitThread
FreeLibrary
GetThreadTimes
GetProcAddress
LoadLibraryW
LoadLibraryExW
SetLastError
EncodePointer
UnregisterWaitEx
ReleaseSemaphore
InitializeSListHead
SetProcessAffinityMask
VirtualFree
VirtualProtect
VirtualAlloc
GetVersionExW
DeleteCriticalSection
TryEnterCriticalSection
LeaveCriticalSection
EnterCriticalSection
UnregisterWait

Exports

Exports

??0?$_SpinWait@$00@details@Concurrency@@QEAA@P6AXXZ@Z
??0?$_SpinWait@$0A@@details@Concurrency@@QEAA@P6AXXZ@Z
??0SchedulerPolicy@Concurrency@@QEAA@AEBV01@@Z
??0SchedulerPolicy@Concurrency@@QEAA@XZ
??0SchedulerPolicy@Concurrency@@QEAA@_KZZ
??0_Cancellation_beacon@details@Concurrency@@QEAA@XZ
??0_Concurrent_queue_base_v4@details@Concurrency@@IEAA@_K@Z
??0_Concurrent_queue_iterator_base_v4@details@Concurrency@@IEAA@AEBV_Concurrent_queue_base_v4@12@@Z
??0_Condition_variable@details@Concurrency@@QEAA@XZ
??0_Context@details@Concurrency@@QEAA@PEAVContext@2@@Z
??0_NonReentrantBlockingLock@details@Concurrency@@QEAA@XZ
??0_NonReentrantPPLLock@details@Concurrency@@QEAA@XZ
??0_ReaderWriterLock@details@Concurrency@@QEAA@XZ
??0_ReentrantBlockingLock@details@Concurrency@@QEAA@XZ
??0_ReentrantLock@details@Concurrency@@QEAA@XZ
??0_ReentrantPPLLock@details@Concurrency@@QEAA@XZ
??0_Runtime_object@details@Concurrency@@QEAA@H@Z
??0_Runtime_object@details@Concurrency@@QEAA@XZ
??0_Scheduler@details@Concurrency@@QEAA@PEAVScheduler@2@@Z
??0_Scoped_lock@_NonReentrantPPLLock@details@Concurrency@@QEAA@AEAV123@@Z
??0_Scoped_lock@_ReentrantPPLLock@details@Concurrency@@QEAA@AEAV123@@Z
??0_SpinLock@details@Concurrency@@QEAA@AECJ@Z
??0_StructuredTaskCollection@details@Concurrency@@QEAA@PEAV_CancellationTokenState@12@@Z
??0_TaskCollection@details@Concurrency@@QEAA@PEAV_CancellationTokenState@12@@Z
??0_TaskCollection@details@Concurrency@@QEAA@XZ
??0_Timer@details@Concurrency@@IEAA@I_N@Z
??0agent@Concurrency@@QEAA@AEAVScheduleGroup@1@@Z
??0agent@Concurrency@@QEAA@AEAVScheduler@1@@Z
??0agent@Concurrency@@QEAA@XZ
??0bad_target@Concurrency@@QEAA@PEBD@Z
??0bad_target@Concurrency@@QEAA@XZ
??0context_self_unblock@Concurrency@@QEAA@PEBD@Z
??0context_self_unblock@Concurrency@@QEAA@XZ
??0context_unblock_unbalanced@Concurrency@@QEAA@PEBD@Z
??0context_unblock_unbalanced@Concurrency@@QEAA@XZ
??0critical_section@Concurrency@@QEAA@XZ
??0default_scheduler_exists@Concurrency@@QEAA@PEBD@Z
??0default_scheduler_exists@Concurrency@@QEAA@XZ
??0event@Concurrency@@QEAA@XZ
??0improper_lock@Concurrency@@QEAA@PEBD@Z
??0improper_lock@Concurrency@@QEAA@XZ
??0improper_scheduler_attach@Concurrency@@QEAA@PEBD@Z
??0improper_scheduler_attach@Concurrency@@QEAA@XZ
??0improper_scheduler_detach@Concurrency@@QEAA@PEBD@Z
??0improper_scheduler_detach@Concurrency@@QEAA@XZ
??0improper_scheduler_reference@Concurrency@@QEAA@PEBD@Z
??0improper_scheduler_reference@Concurrency@@QEAA@XZ
??0invalid_link_target@Concurrency@@QEAA@PEBD@Z
??0invalid_link_target@Concurrency@@QEAA@XZ
??0invalid_multiple_scheduling@Concurrency@@QEAA@PEBD@Z
??0invalid_multiple_scheduling@Concurrency@@QEAA@XZ
??0invalid_oversubscribe_operation@Concurrency@@QEAA@PEBD@Z
??0invalid_oversubscribe_operation@Concurrency@@QEAA@XZ
??0invalid_scheduler_policy_key@Concurrency@@QEAA@PEBD@Z
??0invalid_scheduler_policy_key@Concurrency@@QEAA@XZ
??0invalid_scheduler_policy_thread_specification@Concurrency@@QEAA@PEBD@Z
??0invalid_scheduler_policy_thread_specification@Concurrency@@QEAA@XZ
??0invalid_scheduler_policy_value@Concurrency@@QEAA@PEBD@Z
??0invalid_scheduler_policy_value@Concurrency@@QEAA@XZ
??0message_not_found@Concurrency@@QEAA@PEBD@Z
??0message_not_found@Concurrency@@QEAA@XZ
??0missing_wait@Concurrency@@QEAA@PEBD@Z
??0missing_wait@Concurrency@@QEAA@XZ
??0nested_scheduler_missing_detach@Concurrency@@QEAA@PEBD@Z
??0nested_scheduler_missing_detach@Concurrency@@QEAA@XZ
??0operation_timed_out@Concurrency@@QEAA@PEBD@Z
??0operation_timed_out@Concurrency@@QEAA@XZ
??0reader_writer_lock@Concurrency@@QEAA@XZ
??0scheduler_not_attached@Concurrency@@QEAA@PEBD@Z
??0scheduler_not_attached@Concurrency@@QEAA@XZ
??0scheduler_resource_allocation_error@Concurrency@@QEAA@J@Z
??0scheduler_resource_allocation_error@Concurrency@@QEAA@PEBDJ@Z
??0scheduler_worker_creation_error@Concurrency@@QEAA@J@Z
??0scheduler_worker_creation_error@Concurrency@@QEAA@PEBDJ@Z
??0scoped_lock@critical_section@Concurrency@@QEAA@AEAV12@@Z
??0scoped_lock@reader_writer_lock@Concurrency@@QEAA@AEAV12@@Z
??0scoped_lock_read@reader_writer_lock@Concurrency@@QEAA@AEAV12@@Z
??0unsupported_os@Concurrency@@QEAA@PEBD@Z
??0unsupported_os@Concurrency@@QEAA@XZ
??1SchedulerPolicy@Concurrency@@QEAA@XZ
??1_Cancellation_beacon@details@Concurrency@@QEAA@XZ
??1_Concurrent_queue_base_v4@details@Concurrency@@MEAA@XZ
??1_Concurrent_queue_iterator_base_v4@details@Concurrency@@IEAA@XZ
??1_Concurrent_vector_base_v4@details@Concurrency@@IEAA@XZ
??1_Condition_variable@details@Concurrency@@QEAA@XZ
??1_NonReentrantBlockingLock@details@Concurrency@@QEAA@XZ
??1_ReentrantBlockingLock@details@Concurrency@@QEAA@XZ
??1_Scoped_lock@_NonReentrantPPLLock@details@Concurrency@@QEAA@XZ
??1_Scoped_lock@_ReentrantPPLLock@details@Concurrency@@QEAA@XZ
??1_SpinLock@details@Concurrency@@QEAA@XZ
??1_StructuredTaskCollection@details@Concurrency@@QEAA@XZ
??1_TaskCollection@details@Concurrency@@QEAA@XZ
??1_Timer@details@Concurrency@@MEAA@XZ
??1agent@Concurrency@@UEAA@XZ
??1critical_section@Concurrency@@QEAA@XZ
??1event@Concurrency@@QEAA@XZ
??1reader_writer_lock@Concurrency@@QEAA@XZ
??1scoped_lock@critical_section@Concurrency@@QEAA@XZ
??1scoped_lock@reader_writer_lock@Concurrency@@QEAA@XZ
??1scoped_lock_read@reader_writer_lock@Concurrency@@QEAA@XZ
??4?$_SpinWait@$00@details@Concurrency@@QEAAAEAV012@$$QEAV012@@Z
??4?$_SpinWait@$00@details@Concurrency@@QEAAAEAV012@AEBV012@@Z
??4?$_SpinWait@$0A@@details@Concurrency@@QEAAAEAV012@$$QEAV012@@Z
??4?$_SpinWait@$0A@@details@Concurrency@@QEAAAEAV012@AEBV012@@Z
??4SchedulerPolicy@Concurrency@@QEAAAEAV01@AEBV01@@Z
??_F?$_SpinWait@$00@details@Concurrency@@QEAAXXZ
??_F?$_SpinWait@$0A@@details@Concurrency@@QEAAXXZ
??_F_Context@details@Concurrency@@QEAAXXZ
??_F_Scheduler@details@Concurrency@@QEAAXXZ
?AgentEventGuid@Concurrency@@3U_GUID@@B
?Alloc@Concurrency@@YAPEAX_K@Z
?Block@Context@Concurrency@@SAXXZ
?ChoreEventGuid@Concurrency@@3U_GUID@@B
?ConcRTEventGuid@Concurrency@@3U_GUID@@B
?ConcRT_ProviderGuid@Concurrency@@3U_GUID@@B
?ContextEventGuid@Concurrency@@3U_GUID@@B
?Create@CurrentScheduler@Concurrency@@SAXAEBVSchedulerPolicy@2@@Z
?Create@Scheduler@Concurrency@@SAPEAV12@AEBVSchedulerPolicy@2@@Z
?CreateResourceManager@Concurrency@@YAPEAUIResourceManager@1@XZ
?CreateScheduleGroup@CurrentScheduler@Concurrency@@SAPEAVScheduleGroup@2@AEAVlocation@2@@Z
?CreateScheduleGroup@CurrentScheduler@Concurrency@@SAPEAVScheduleGroup@2@XZ
?CurrentContext@Context@Concurrency@@SAPEAV12@XZ
?Detach@CurrentScheduler@Concurrency@@SAXXZ
?DisableTracing@Concurrency@@YAJXZ
?EnableTracing@Concurrency@@YAJXZ
?Free@Concurrency@@YAXPEAX@Z
?Get@CurrentScheduler@Concurrency@@SAPEAVScheduler@2@XZ
?GetExecutionContextId@Concurrency@@YAIXZ
?GetNumberOfVirtualProcessors@CurrentScheduler@Concurrency@@SAIXZ
?GetOSVersion@Concurrency@@YA?AW4OSVersion@IResourceManager@1@XZ
?GetPolicy@CurrentScheduler@Concurrency@@SA?AVSchedulerPolicy@2@XZ
?GetPolicyValue@SchedulerPolicy@Concurrency@@QEBAIW4PolicyElementKey@2@@Z
?GetProcessorCount@Concurrency@@YAIXZ
?GetProcessorNodeCount@Concurrency@@YAIXZ
?GetSchedulerId@Concurrency@@YAIXZ
?GetSharedTimerQueue@details@Concurrency@@YAPEAXXZ
?Id@Context@Concurrency@@SAIXZ
?Id@CurrentScheduler@Concurrency@@SAIXZ
?IsAvailableLocation@CurrentScheduler@Concurrency@@SA_NAEBVlocation@2@@Z
?IsCurrentTaskCollectionCanceling@Context@Concurrency@@SA_NXZ
?LockEventGuid@Concurrency@@3U_GUID@@B
?Log2@details@Concurrency@@YAK_K@Z
?NFS_Allocate@details@Concurrency@@YAPEAX_K0PEAX@Z
?NFS_Free@details@Concurrency@@YAXPEAX@Z
?NFS_GetLineSize@details@Concurrency@@YA_KXZ
?Oversubscribe@Context@Concurrency@@SAX_N@Z
?PPLParallelForEventGuid@Concurrency@@3U_GUID@@B
?PPLParallelForeachEventGuid@Concurrency@@3U_GUID@@B
?PPLParallelInvokeEventGuid@Concurrency@@3U_GUID@@B
?RegisterShutdownEvent@CurrentScheduler@Concurrency@@SAXPEAX@Z
?ResetDefaultSchedulerPolicy@Scheduler@Concurrency@@SAXXZ
?ResourceManagerEventGuid@Concurrency@@3U_GUID@@B
?ScheduleGroupEventGuid@Concurrency@@3U_GUID@@B
?ScheduleGroupId@Context@Concurrency@@SAIXZ
?ScheduleTask@CurrentScheduler@Concurrency@@SAXP6AXPEAX@Z0@Z
?ScheduleTask@CurrentScheduler@Concurrency@@SAXP6AXPEAX@Z0AEAVlocation@2@@Z
?SchedulerEventGuid@Concurrency@@3U_GUID@@B
?SetConcurrencyLimits@SchedulerPolicy@Concurrency@@QEAAXII@Z
?SetDefaultSchedulerPolicy@Scheduler@Concurrency@@SAXAEBVSchedulerPolicy@2@@Z
?SetPolicyValue@SchedulerPolicy@Concurrency@@QEAAIW4PolicyElementKey@2@I@Z
?VirtualProcessorEventGuid@Concurrency@@3U_GUID@@B
?VirtualProcessorId@Context@Concurrency@@SAIXZ
?Yield@Context@Concurrency@@SAXXZ
?_Abort@_StructuredTaskCollection@details@Concurrency@@AEAAXXZ
?_Acquire@_NonReentrantBlockingLock@details@Concurrency@@QEAAXXZ
?_Acquire@_NonReentrantPPLLock@details@Concurrency@@QEAAXPEAX@Z
?_Acquire@_ReentrantBlockingLock@details@Concurrency@@QEAAXXZ
?_Acquire@_ReentrantLock@details@Concurrency@@QEAAXXZ
?_Acquire@_ReentrantPPLLock@details@Concurrency@@QEAAXPEAX@Z
?_AcquireRead@_ReaderWriterLock@details@Concurrency@@QEAAXXZ
?_AcquireWrite@_ReaderWriterLock@details@Concurrency@@QEAAXXZ
?_Advance@_Concurrent_queue_iterator_base_v4@details@Concurrency@@IEAAXXZ
?_Assign@_Concurrent_queue_iterator_base_v4@details@Concurrency@@IEAAXAEBV123@@Z
?_Byte_reverse_table@details@Concurrency@@3QBEB
?_Cancel@_StructuredTaskCollection@details@Concurrency@@QEAAXXZ
?_Cancel@_TaskCollection@details@Concurrency@@QEAAXXZ
?_CheckTaskCollection@_UnrealizedChore@details@Concurrency@@IEAAXXZ
?_CleanupToken@_StructuredTaskCollection@details@Concurrency@@AEAAXXZ
?_ConcRT_CoreAssert@details@Concurrency@@YAXPEBD0H@Z
?_ConcRT_Trace@details@Concurrency@@YAXHPEB_WZZ
?_Confirm_cancel@_Cancellation_beacon@details@Concurrency@@QEAA_NXZ
?_CurrentContext@_Context@details@Concurrency@@SA?AV123@XZ
?_Current_node@location@Concurrency@@SA?AV12@XZ
?_Destroy@_AsyncTaskCollection@details@Concurrency@@EEAAXXZ
?_DoYield@?$_SpinWait@$00@details@Concurrency@@IEAAXXZ
?_DoYield@?$_SpinWait@$0A@@details@Concurrency@@IEAAXXZ
?_Get@_CurrentScheduler@details@Concurrency@@SA?AV_Scheduler@23@XZ
?_GetCombinableSize@details@Concurrency@@YA_KXZ
?_GetConcRTTraceInfo@Concurrency@@YAPEBU_CONCRT_TRACE_INFO@details@1@XZ
?_GetConcurrency@details@Concurrency@@YAIXZ
?_GetCurrentInlineDepth@_StackGuard@details@Concurrency@@CAAEA_KXZ
?_GetNumberOfVirtualProcessors@_CurrentScheduler@details@Concurrency@@SAIXZ
?_GetScheduler@_Scheduler@details@Concurrency@@QEAAPEAVScheduler@3@XZ
?_Id@_CurrentScheduler@details@Concurrency@@SAIXZ
?_Internal_assign@_Concurrent_vector_base_v4@details@Concurrency@@IEAAXAEBV123@_KP6AXPEAX1@ZP6AX2PEBX1@Z5@Z
?_Internal_capacity@_Concurrent_vector_base_v4@details@Concurrency@@IEBA_KXZ
?_Internal_clear@_Concurrent_vector_base_v4@details@Concurrency@@IEAA_KP6AXPEAX_K@Z@Z
?_Internal_compact@_Concurrent_vector_base_v4@details@Concurrency@@IEAAPEAX_KPEAXP6AX10@ZP6AX1PEBX0@Z@Z
?_Internal_copy@_Concurrent_vector_base_v4@details@Concurrency@@IEAAXAEBV123@_KP6AXPEAXPEBX1@Z@Z
?_Internal_empty@_Concurrent_queue_base_v4@details@Concurrency@@IEBA_NXZ
?_Internal_finish_clear@_Concurrent_queue_base_v4@details@Concurrency@@IEAAXXZ
?_Internal_grow_by@_Concurrent_vector_base_v4@details@Concurrency@@IEAA_K_K0P6AXPEAXPEBX0@Z2@Z
?_Internal_grow_to_at_least_with_result@_Concurrent_vector_base_v4@details@Concurrency@@IEAA_K_K0P6AXPEAXPEBX0@Z2@Z
?_Internal_move_push@_Concurrent_queue_base_v4@details@Concurrency@@IEAAXPEAX@Z
?_Internal_pop_if_present@_Concurrent_queue_base_v4@details@Concurrency@@IEAA_NPEAX@Z
?_Internal_push@_Concurrent_queue_base_v4@details@Concurrency@@IEAAXPEBX@Z
?_Internal_push_back@_Concurrent_vector_base_v4@details@Concurrency@@IEAAPEAX_KAEA_K@Z
?_Internal_reserve@_Concurrent_vector_base_v4@details@Concurrency@@IEAAX_K00@Z
?_Internal_resize@_Concurrent_vector_base_v4@details@Concurrency@@IEAAX_K00P6AXPEAX0@ZP6AX1PEBX0@Z3@Z
?_Internal_size@_Concurrent_queue_base_v4@details@Concurrency@@IEBA_KXZ
?_Internal_swap@_Concurrent_queue_base_v4@details@Concurrency@@IEAAXAEAV123@@Z
?_Internal_swap@_Concurrent_vector_base_v4@details@Concurrency@@IEAAXAEAV123@@Z
?_Internal_throw_exception@_Concurrent_queue_base_v4@details@Concurrency@@IEBAXXZ
?_Internal_throw_exception@_Concurrent_vector_base_v4@details@Concurrency@@IEBAX_K@Z
?_IsCanceling@_StructuredTaskCollection@details@Concurrency@@QEAA_NXZ
?_IsCanceling@_TaskCollection@details@Concurrency@@QEAA_NXZ
?_IsSynchronouslyBlocked@_Context@details@Concurrency@@QEBA_NXZ
?_NewCollection@_AsyncTaskCollection@details@Concurrency@@SAPEAV123@PEAV_CancellationTokenState@23@@Z
?_NumberOfSpins@?$_SpinWait@$00@details@Concurrency@@IEAAKXZ
?_NumberOfSpins@?$_SpinWait@$0A@@details@Concurrency@@IEAAKXZ
?_Oversubscribe@_Context@details@Concurrency@@SAX_N@Z
?_Reference@_Scheduler@details@Concurrency@@QEAAIXZ
?_Release@_NonReentrantBlockingLock@details@Concurrency@@QEAAXXZ
?_Release@_NonReentrantPPLLock@details@Concurrency@@QEAAXXZ
?_Release@_ReentrantBlockingLock@details@Concurrency@@QEAAXXZ
?_Release@_ReentrantLock@details@Concurrency@@QEAAXXZ
?_Release@_ReentrantPPLLock@details@Concurrency@@QEAAXXZ
?_Release@_Scheduler@details@Concurrency@@QEAAIXZ
?_ReleaseRead@_ReaderWriterLock@details@Concurrency@@QEAAXXZ
?_ReleaseWrite@_ReaderWriterLock@details@Concurrency@@QEAAXXZ
?_Reset@?$_SpinWait@$00@details@Concurrency@@IEAAXXZ
?_Reset@?$_SpinWait@$0A@@details@Concurrency@@IEAAXXZ
?_RunAndWait@_StructuredTaskCollection@details@Concurrency@@QEAA?AW4_TaskCollectionStatus@23@PEAV_UnrealizedChore@23@@Z
?_RunAndWait@_TaskCollection@details@Concurrency@@QEAA?AW4_TaskCollectionStatus@23@PEAV_UnrealizedChore@23@@Z
?_Schedule@_StructuredTaskCollection@details@Concurrency@@QEAAXPEAV_UnrealizedChore@23@@Z
?_Schedule@_StructuredTaskCollection@details@Concurrency@@QEAAXPEAV_UnrealizedChore@23@PEAVlocation@3@@Z
?_Schedule@_TaskCollection@details@Concurrency@@QEAAXPEAV_UnrealizedChore@23@@Z
?_Schedule@_TaskCollection@details@Concurrency@@QEAAXPEAV_UnrealizedChore@23@PEAVlocation@3@@Z
?_ScheduleTask@_CurrentScheduler@details@Concurrency@@SAXP6AXPEAX@Z0@Z
?_Segment_index_of@_Concurrent_vector_base_v4@details@Concurrency@@KA_K_K@Z
?_SetSpinCount@?$_SpinWait@$00@details@Concurrency@@QEAAXI@Z
?_SetSpinCount@?$_SpinWait@$0A@@details@Concurrency@@QEAAXI@Z
?_ShouldSpinAgain@?$_SpinWait@$00@details@Concurrency@@IEAA_NXZ
?_ShouldSpinAgain@?$_SpinWait@$0A@@details@Concurrency@@IEAA_NXZ
?_SpinOnce@?$_SpinWait@$00@details@Concurrency@@QEAA_NXZ
?_SpinOnce@?$_SpinWait@$0A@@details@Concurrency@@QEAA_NXZ
?_SpinYield@Context@Concurrency@@SAXXZ
?_Start@_Timer@details@Concurrency@@IEAAXXZ
?_Stop@_Timer@details@Concurrency@@IEAAXXZ
?_Trace_agents@Concurrency@@YAXW4Agents_EventType@1@_JZZ
?_Trace_ppl_function@Concurrency@@YAXAEBU_GUID@@EW4ConcRT_EventType@1@@Z
?_TryAcquire@_NonReentrantBlockingLock@details@Concurrency@@QEAA_NXZ
?_TryAcquire@_ReentrantBlockingLock@details@Concurrency@@QEAA_NXZ
?_TryAcquire@_ReentrantLock@details@Concurrency@@QEAA_NXZ
?_TryAcquireWrite@_ReaderWriterLock@details@Concurrency@@QEAA_NXZ
?_UnderlyingYield@details@Concurrency@@YAXXZ
?_Value@_SpinCount@details@Concurrency@@SAIXZ
?_Yield@_Context@details@Concurrency@@SAXXZ
?cancel@agent@Concurrency@@QEAA_NXZ
?current@location@Concurrency@@SA?AV12@XZ
?done@agent@Concurrency@@IEAA_NXZ
?from_numa_node@location@Concurrency@@SA?AV12@G@Z
?get_error_code@scheduler_resource_allocation_error@Concurrency@@QEBAJXZ
?is_current_task_group_canceling@Concurrency@@YA_NXZ
?lock@critical_section@Concurrency@@QEAAXXZ
?lock@reader_writer_lock@Concurrency@@QEAAXXZ
?lock_read@reader_writer_lock@Concurrency@@QEAAXXZ
?native_handle@critical_section@Concurrency@@QEAAAEAV12@XZ
?notify_all@_Condition_variable@details@Concurrency@@QEAAXXZ
?notify_one@_Condition_variable@details@Concurrency@@QEAAXXZ
?reset@event@Concurrency@@QEAAXXZ
?set@event@Concurrency@@QEAAXXZ
?set_task_execution_resources@Concurrency@@YAXGPEAU_GROUP_AFFINITY@@@Z
?set_task_execution_resources@Concurrency@@YAX_K@Z
?start@agent@Concurrency@@QEAA_NXZ
?status@agent@Concurrency@@QEAA?AW4agent_status@2@XZ
?status_port@agent@Concurrency@@QEAAPEAV?$ISource@W4agent_status@Concurrency@@@2@XZ
?try_lock@critical_section@Concurrency@@QEAA_NXZ
?try_lock@reader_writer_lock@Concurrency@@QEAA_NXZ
?try_lock_for@critical_section@Concurrency@@QEAA_NI@Z
?try_lock_read@reader_writer_lock@Concurrency@@QEAA_NXZ
?unlock@critical_section@Concurrency@@QEAAXXZ
?unlock@reader_writer_lock@Concurrency@@QEAAXXZ
?wait@Concurrency@@YAXI@Z
?wait@_Condition_variable@details@Concurrency@@QEAAXAEAVcritical_section@3@@Z
?wait@agent@Concurrency@@SA?AW4agent_status@2@PEAV12@I@Z
?wait@event@Concurrency@@QEAA_KI@Z
?wait_for@_Condition_variable@details@Concurrency@@QEAA_NAEAVcritical_section@3@I@Z
?wait_for_all@agent@Concurrency@@SAX_KPEAPEAV12@PEAW4agent_status@2@I@Z
?wait_for_multiple@event@Concurrency@@SA_KPEAPEAV12@_K_NI@Z
?wait_for_one@agent@Concurrency@@SAX_KPEAPEAV12@AEAW4agent_status@2@AEA_KI@Z

Sections

.text
Size: 185KB - Virtual size: 185KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 91KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
encoding-conversion.dll
.dll windows:6 windows x64 arch:x64

Password: 8866

640e06092930616d2881cd2eb92363c0

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

dc:39:2e:be:77:1b:84:15:a0:e2:c3:0b:c3:46:8d:0b
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

21/09/2020, 00:00

Not After

21/09/2023, 23:59

Subject

CN=Sober Lemur S.a.s. di Vacondio Andrea,O=Sober Lemur S.a.s. di Vacondio Andrea,POSTALCODE=42021,STREET=Via Enrico Fermi 28,L=Bibbiano,ST=Reggio Emilia,C=IT

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

39:72:44:3a:f9:22:b7:51:d7:d3:6c:10:dd:31:35:95
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

12/03/2019, 00:00

Not After

31/12/2028, 23:59

Subject

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/11/2018, 00:00

Not After

31/12/2030, 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

dc:39:2e:be:77:1b:84:15:a0:e2:c3:0b:c3:46:8d:0b
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

21/09/2020, 00:00

Not After

21/09/2023, 23:59

Subject

CN=Sober Lemur S.a.s. di Vacondio Andrea,O=Sober Lemur S.a.s. di Vacondio Andrea,POSTALCODE=42021,STREET=Via Enrico Fermi 28,L=Bibbiano,ST=Reggio Emilia,C=IT

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

39:72:44:3a:f9:22:b7:51:d7:d3:6c:10:dd:31:35:95
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

12/03/2019, 00:00

Not After

31/12/2028, 23:59

Subject

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/11/2018, 00:00

Not After

31/12/2030, 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

00:b4:b2:62:b0:73:99:61:ea:b0:b8:fa:f8:a1:39:48:77:bf:a4:46:27:6a:1f:8b:59:f1:3b:15:5e:46:f4:87
Signer

Actual PE Digest

00:b4:b2:62:b0:73:99:61:ea:b0:b8:fa:f8:a1:39:48:77:bf:a4:46:27:6a:1f:8b:59:f1:3b:15:5e:46:f4:87

Digest Algorithm

sha256

PE Digest Matches

true

b8:23:4d:71:84:f8:57:9b:e4:bb:f2:53:1d:86:7c:72:57:c2:29:dd
Signer

Actual PE Digest

b8:23:4d:71:84:f8:57:9b:e4:bb:f2:53:1d:86:7c:72:57:c2:29:dd

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\TemporaryBuilds\installer_builder_1\19\s\_bin\x64\Release\encoding-conversion.pdb

Imports

kernel32

GetLastError
MultiByteToWideChar
WideCharToMultiByte
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter

vcruntime140

memset
__std_type_info_destroy_list
__C_specific_handler

api-ms-win-crt-runtime-l1-1-0

_seh_filter_dll
_initterm_e
_initterm
_initialize_narrow_environment
_initialize_onexit_table
_cexit
_configure_narrow_argv
_execute_onexit_table

Exports

Exports

SLConvertACPToUnicode
SLConvertUTF16ToUTF8
SLConvertUTF8ToUTF16
SLConvertUnicodeToACP

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 528B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
icudt68.dll
.dll windows:6 windows x64 arch:x64

Password: 8866

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

dc:39:2e:be:77:1b:84:15:a0:e2:c3:0b:c3:46:8d:0b
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

21/09/2020, 00:00

Not After

21/09/2023, 23:59

Subject

CN=Sober Lemur S.a.s. di Vacondio Andrea,O=Sober Lemur S.a.s. di Vacondio Andrea,POSTALCODE=42021,STREET=Via Enrico Fermi 28,L=Bibbiano,ST=Reggio Emilia,C=IT

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

39:72:44:3a:f9:22:b7:51:d7:d3:6c:10:dd:31:35:95
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

12/03/2019, 00:00

Not After

31/12/2028, 23:59

Subject

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/11/2018, 00:00

Not After

31/12/2030, 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

dc:39:2e:be:77:1b:84:15:a0:e2:c3:0b:c3:46:8d:0b
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

21/09/2020, 00:00

Not After

21/09/2023, 23:59

Subject

CN=Sober Lemur S.a.s. di Vacondio Andrea,O=Sober Lemur S.a.s. di Vacondio Andrea,POSTALCODE=42021,STREET=Via Enrico Fermi 28,L=Bibbiano,ST=Reggio Emilia,C=IT

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

39:72:44:3a:f9:22:b7:51:d7:d3:6c:10:dd:31:35:95
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

12/03/2019, 00:00

Not After

31/12/2028, 23:59

Subject

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/11/2018, 00:00

Not After

31/12/2030, 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

18:05:f2:bb:c5:91:b2:79:85:0c:58:7a:58:5c:ae:72:19:46:d7:24:1f:d6:c9:76:dd:5c:aa:9c:15:ed:99:b9
Signer

Actual PE Digest

18:05:f2:bb:c5:91:b2:79:85:0c:58:7a:58:5c:ae:72:19:46:d7:24:1f:d6:c9:76:dd:5c:aa:9c:15:ed:99:b9

Digest Algorithm

sha256

PE Digest Matches

true

88:55:d6:71:d4:fb:0c:13:c0:a8:6c:0c:51:9a:7e:a8:60:90:2f:4f
Signer

Actual PE Digest

88:55:d6:71:d4:fb:0c:13:c0:a8:6c:0c:51:9a:7e:a8:60:90:2f:4f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\TemporaryBuilds\installer_builder_1\60\s\_bin\x64\Release\stubdata\icudt.pdb

Exports

Exports

icudt68_dat

Sections

.rdata
Size: 512B - Virtual size: 444B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
icuuc68.dll
.dll windows:6 windows x64 arch:x64

Password: 8866

228737fc876145841602e4016cbbce75

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

dc:39:2e:be:77:1b:84:15:a0:e2:c3:0b:c3:46:8d:0b
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

21/09/2020, 00:00

Not After

21/09/2023, 23:59

Subject

CN=Sober Lemur S.a.s. di Vacondio Andrea,O=Sober Lemur S.a.s. di Vacondio Andrea,POSTALCODE=42021,STREET=Via Enrico Fermi 28,L=Bibbiano,ST=Reggio Emilia,C=IT

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

39:72:44:3a:f9:22:b7:51:d7:d3:6c:10:dd:31:35:95
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

12/03/2019, 00:00

Not After

31/12/2028, 23:59

Subject

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/11/2018, 00:00

Not After

31/12/2030, 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

dc:39:2e:be:77:1b:84:15:a0:e2:c3:0b:c3:46:8d:0b
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

21/09/2020, 00:00

Not After

21/09/2023, 23:59

Subject

CN=Sober Lemur S.a.s. di Vacondio Andrea,O=Sober Lemur S.a.s. di Vacondio Andrea,POSTALCODE=42021,STREET=Via Enrico Fermi 28,L=Bibbiano,ST=Reggio Emilia,C=IT

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

39:72:44:3a:f9:22:b7:51:d7:d3:6c:10:dd:31:35:95
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

12/03/2019, 00:00

Not After

31/12/2028, 23:59

Subject

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/11/2018, 00:00

Not After

31/12/2030, 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

cb:8d:80:20:e6:19:46:fd:b6:e1:23:80:51:c4:6a:48:37:f0:16:4f:c0:ef:5e:a4:f8:b8:c0:af:c8:22:02:68
Signer

Actual PE Digest

cb:8d:80:20:e6:19:46:fd:b6:e1:23:80:51:c4:6a:48:37:f0:16:4f:c0:ef:5e:a4:f8:b8:c0:af:c8:22:02:68

Digest Algorithm

sha256

PE Digest Matches

true

8e:89:29:e2:99:3a:70:b3:f1:a5:d5:89:1a:62:7e:45:57:38:bf:d5
Signer

Actual PE Digest

8e:89:29:e2:99:3a:70:b3:f1:a5:d5:89:1a:62:7e:45:57:38:bf:d5

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\TemporaryBuilds\installer_builder_1\60\s\_bin\x64\Release\common\icuuc.pdb

Imports

kernel32

GetProcAddress
FreeLibrary
GetSystemTimeAsFileTime
GetGeoInfoW
GetDynamicTimeZoneInformation
LoadLibraryA
UnmapViewOfFile
CreateFileA
CloseHandle
CreateFileMappingW
MapViewOfFile
DisableThreadLibraryCalls
GetLastError
GetACP
GetLocaleInfoEx
LocaleNameToLCID
GetUserGeoID
LCIDToLocaleName
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
InitOnceBeginInitialize
InitOnceComplete
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
InitializeSListHead

advapi32

RegQueryInfoKeyW
RegEnumKeyExW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey

icudt68

icudt68_dat

msvcp140

_Mtx_init_in_situ
_Cnd_wait
_Cnd_broadcast
_Cnd_destroy_in_situ
_Cnd_init_in_situ
_Mtx_unlock
_Mtx_lock
_Mtx_destroy_in_situ
?_Throw_C_error@std@@YAXH@Z

vcruntime140_1

__CxxFrameHandler4

vcruntime140

strchr
__std_terminate
__std_type_info_compare
__std_exception_destroy
__std_exception_copy
memset
__std_type_info_destroy_list
_purecall
memmove
__C_specific_handler
_CxxThrowException
__RTDynamicCast
memcpy
__current_exception_context
__current_exception
strrchr
strstr
memcmp
__RTtypeid

api-ms-win-crt-runtime-l1-1-0

_initialize_onexit_table
_initialize_narrow_environment
_execute_onexit_table
abort
_initterm_e
_initterm
terminate
_crt_atexit
_crt_at_quick_exit
_register_onexit_function
_cexit
_configure_narrow_argv
_seh_filter_dll

api-ms-win-crt-string-l1-1-0

strncpy
strncmp
strcmp

api-ms-win-crt-time-l1-1-0

_tzset
__tzname
__timezone

api-ms-win-crt-math-l1-1-0

modf
ceil
fmod
log
floor
pow

api-ms-win-crt-convert-l1-1-0

strtoul
strtol
strtod
atol

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf

api-ms-win-crt-environment-l1-1-0

getenv

api-ms-win-crt-heap-l1-1-0

malloc
_callnewh
_aligned_free
free
realloc

api-ms-win-crt-utility-l1-1-0

qsort

Exports

Exports

??0?$MaybeStackArray@D$0CI@@icu_68@@QEAA@$$QEAV01@@Z
??0?$MaybeStackArray@D$0CI@@icu_68@@QEAA@HW4UErrorCode@@@Z
??0?$MaybeStackArray@D$0CI@@icu_68@@QEAA@XZ
??0?$_Atomic_storage@H$03@std@@QEAA@H@Z
??0?$_Atomic_storage@H$03@std@@QEAA@XZ
??0?$_Atomic_storage@PEAVmutex@std@@$07@std@@QEAA@QEAVmutex@1@@Z
??0?$_Atomic_storage@PEAVmutex@std@@$07@std@@QEAA@XZ
??0?$atomic@H@std@@QEAA@H@Z
??0?$atomic@H@std@@QEAA@XZ
??0?$atomic@PEAVmutex@std@@@std@@QEAA@QEAVmutex@1@@Z
??0?$atomic@PEAVmutex@std@@@std@@QEAA@XZ
??0Appendable@icu_68@@QEAA@AEBV01@@Z
??0Appendable@icu_68@@QEAA@XZ
??0BreakIterator@icu_68@@IEAA@AEBV01@@Z
??0BreakIterator@icu_68@@IEAA@AEBVLocale@1@0@Z
??0BreakIterator@icu_68@@IEAA@XZ
??0Builder@LocaleMatcher@icu_68@@QEAA@$$QEAV012@@Z
??0Builder@LocaleMatcher@icu_68@@QEAA@XZ
??0ByteSink@icu_68@@QEAA@XZ
??0BytesDictionaryMatcher@icu_68@@QEAA@AEBV01@@Z
??0BytesDictionaryMatcher@icu_68@@QEAA@PEBDHPEAUUDataMemory@@@Z
??0BytesTrie@icu_68@@AEAA@PEAXPEBX@Z
??0BytesTrie@icu_68@@QEAA@AEBV01@@Z
??0BytesTrie@icu_68@@QEAA@PEBX@Z
??0BytesTrieBuilder@icu_68@@QEAA@AEAW4UErrorCode@@@Z
??0CStr@icu_68@@QEAA@AEBVUnicodeString@1@@Z
??0CacheKeyBase@icu_68@@QEAA@AEBV01@@Z
??0CacheKeyBase@icu_68@@QEAA@XZ
??0CanonicalIterator@icu_68@@QEAA@AEBVUnicodeString@1@AEAW4UErrorCode@@@Z
??0Char16Ptr@icu_68@@QEAA@$$T@Z
??0Char16Ptr@icu_68@@QEAA@PEAG@Z
??0Char16Ptr@icu_68@@QEAA@PEA_S@Z
??0Char16Ptr@icu_68@@QEAA@PEA_W@Z
??0CharString@icu_68@@QEAA@$$QEAV01@@Z
??0CharString@icu_68@@QEAA@AEBV01@AEAW4UErrorCode@@@Z
??0CharString@icu_68@@QEAA@PEBDHAEAW4UErrorCode@@@Z
??0CharString@icu_68@@QEAA@VStringPiece@1@AEAW4UErrorCode@@@Z
??0CharString@icu_68@@QEAA@XZ
??0CharStringByteSink@icu_68@@QEAA@PEAVCharString@1@@Z
??0CharacterIterator@icu_68@@IEAA@AEBV01@@Z
??0CharacterIterator@icu_68@@IEAA@H@Z
??0CharacterIterator@icu_68@@IEAA@HH@Z
??0CharacterIterator@icu_68@@IEAA@HHHH@Z
??0CharacterIterator@icu_68@@IEAA@XZ
??0CheckedArrayByteSink@icu_68@@QEAA@PEADH@Z
??0ConstChar16Ptr@icu_68@@QEAA@$$T@Z
??0ConstChar16Ptr@icu_68@@QEAA@PEBG@Z
??0ConstChar16Ptr@icu_68@@QEAA@PEB_S@Z
??0ConstChar16Ptr@icu_68@@QEAA@PEB_W@Z
??0DateInterval@icu_68@@QEAA@AEBV01@@Z
??0DateInterval@icu_68@@QEAA@NN@Z
??0DictionaryMatcher@icu_68@@QEAA@AEBV01@@Z
??0DictionaryMatcher@icu_68@@QEAA@XZ
??0Edits@icu_68@@QEAA@$$QEAV01@@Z
??0Edits@icu_68@@QEAA@AEBV01@@Z
??0Edits@icu_68@@QEAA@XZ
??0ErrorCode@icu_68@@QEAA@AEBV01@@Z
??0ErrorCode@icu_68@@QEAA@XZ
??0EventListener@icu_68@@QEAA@AEBV01@@Z
??0EventListener@icu_68@@QEAA@XZ
??0FilteredBreakIteratorBuilder@icu_68@@IEAA@XZ
??0FilteredBreakIteratorBuilder@icu_68@@QEAA@AEBV01@@Z
??0FilteredNormalizer2@icu_68@@QEAA@AEBV01@@Z
??0FilteredNormalizer2@icu_68@@QEAA@AEBVNormalizer2@1@AEBVUnicodeSet@1@@Z
??0ForwardCharacterIterator@icu_68@@IEAA@AEBV01@@Z
??0ForwardCharacterIterator@icu_68@@IEAA@XZ
??0FullCaseFoldingIterator@icu_68@@QEAA@XZ
??0Hashtable@icu_68@@QEAA@AEAW4UErrorCode@@@Z
??0Hashtable@icu_68@@QEAA@CAEAW4UErrorCode@@@Z
??0Hashtable@icu_68@@QEAA@CHAEAW4UErrorCode@@@Z
??0Hashtable@icu_68@@QEAA@P6ACTUElement@@0@Z1AEAW4UErrorCode@@@Z
??0Hashtable@icu_68@@QEAA@XZ
??0ICULocaleService@icu_68@@QEAA@AEBV01@@Z
??0ICULocaleService@icu_68@@QEAA@AEBVUnicodeString@1@@Z
??0ICULocaleService@icu_68@@QEAA@XZ
??0ICUNotifier@icu_68@@QEAA@AEBV01@@Z
??0ICUNotifier@icu_68@@QEAA@XZ
??0ICUResourceBundleFactory@icu_68@@QEAA@AEBV01@@Z
??0ICUResourceBundleFactory@icu_68@@QEAA@AEBVUnicodeString@1@@Z
??0ICUResourceBundleFactory@icu_68@@QEAA@XZ
??0ICUService@icu_68@@QEAA@AEBV01@@Z
??0ICUService@icu_68@@QEAA@AEBVUnicodeString@1@@Z
??0ICUService@icu_68@@QEAA@XZ
??0ICUServiceFactory@icu_68@@QEAA@AEBV01@@Z
??0ICUServiceFactory@icu_68@@QEAA@XZ
??0ICUServiceKey@icu_68@@QEAA@AEBV01@@Z
??0ICUServiceKey@icu_68@@QEAA@AEBVUnicodeString@1@@Z
??0IDNA@icu_68@@QEAA@AEBV01@@Z
??0IDNA@icu_68@@QEAA@XZ
??0IDNAInfo@icu_68@@QEAA@XZ
??0Iterator@BytesTrie@icu_68@@QEAA@AEBV12@HAEAW4UErrorCode@@@Z
??0Iterator@BytesTrie@icu_68@@QEAA@PEBXHAEAW4UErrorCode@@@Z
??0Iterator@Edits@icu_68@@AEAA@PEBGHCC@Z
??0Iterator@Edits@icu_68@@QEAA@XZ
??0Iterator@Locale@icu_68@@QEAA@AEBV012@@Z
??0Iterator@Locale@icu_68@@QEAA@XZ
??0Iterator@UCharsTrie@icu_68@@QEAA@AEBV012@@Z
??0Iterator@UCharsTrie@icu_68@@QEAA@AEBV12@HAEAW4UErrorCode@@@Z
??0Iterator@UCharsTrie@icu_68@@QEAA@VConstChar16Ptr@2@HAEAW4UErrorCode@@@Z
??0Locale@icu_68@@AEAA@W4ELocaleType@01@@Z
??0Locale@icu_68@@QEAA@$$QEAV01@@Z
??0Locale@icu_68@@QEAA@AEBV01@@Z
??0Locale@icu_68@@QEAA@PEBD000@Z
??0Locale@icu_68@@QEAA@XZ
??0LocaleBased@icu_68@@QEAA@PEAD0@Z
??0LocaleBased@icu_68@@QEAA@PEBD0@Z
??0LocaleBuilder@icu_68@@QEAA@AEBV01@@Z
??0LocaleBuilder@icu_68@@QEAA@XZ
??0LocaleDisplayNames@icu_68@@QEAA@AEBV01@@Z
??0LocaleDisplayNames@icu_68@@QEAA@XZ
??0LocaleKey@icu_68@@IEAA@AEBVUnicodeString@1@0PEBV21@H@Z
??0LocaleKey@icu_68@@QEAA@AEBV01@@Z
??0LocaleKeyFactory@icu_68@@IEAA@H@Z
??0LocaleKeyFactory@icu_68@@IEAA@HAEBVUnicodeString@1@@Z
??0LocaleKeyFactory@icu_68@@QEAA@AEBV01@@Z
??0LocaleMatcher@icu_68@@AEAA@AEBVBuilder@01@AEAW4UErrorCode@@@Z
??0LocaleMatcher@icu_68@@QEAA@$$QEAV01@@Z
??0LocalePriorityList@icu_68@@QEAA@VStringPiece@1@AEAW4UErrorCode@@@Z
??0MessagePattern@icu_68@@QEAA@AEAW4UErrorCode@@@Z
??0MessagePattern@icu_68@@QEAA@AEBV01@@Z
??0MessagePattern@icu_68@@QEAA@AEBVUnicodeString@1@PEAUUParseError@@AEAW4UErrorCode@@@Z
??0MessagePattern@icu_68@@QEAA@W4UMessagePatternApostropheMode@@AEAW4UErrorCode@@@Z
??0Mutex@icu_68@@QEAA@PEAVUMutex@1@@Z
??0Normalizer2@icu_68@@QEAA@AEBV01@@Z
??0Normalizer2@icu_68@@QEAA@XZ
??0Normalizer2Impl@icu_68@@QEAA@XZ
??0Normalizer@icu_68@@QEAA@AEBV01@@Z
??0Normalizer@icu_68@@QEAA@AEBVCharacterIterator@1@W4UNormalizationMode@@@Z
??0Normalizer@icu_68@@QEAA@AEBVUnicodeString@1@W4UNormalizationMode@@@Z
??0Normalizer@icu_68@@QEAA@VConstChar16Ptr@1@HW4UNormalizationMode@@@Z
??0ParsePosition@icu_68@@QEAA@AEBV01@@Z
??0ParsePosition@icu_68@@QEAA@H@Z
??0ParsePosition@icu_68@@QEAA@XZ
??0ReorderingBuffer@icu_68@@QEAA@AEBVNormalizer2Impl@1@AEAVUnicodeString@1@@Z
??0ReorderingBuffer@icu_68@@QEAA@AEBVNormalizer2Impl@1@AEAVUnicodeString@1@AEAW4UErrorCode@@@Z
??0Replaceable@icu_68@@IEAA@XZ
??0Replaceable@icu_68@@QEAA@AEBV01@@Z
??0ResourceArray@icu_68@@QEAA@PEBGPEBIHAEBVResourceTracer@1@@Z
??0ResourceArray@icu_68@@QEAA@XZ
??0ResourceBundle@icu_68@@QEAA@AEAW4UErrorCode@@@Z
??0ResourceBundle@icu_68@@QEAA@AEBV01@@Z
??0ResourceBundle@icu_68@@QEAA@AEBVUnicodeString@1@AEAW4UErrorCode@@@Z
??0ResourceBundle@icu_68@@QEAA@AEBVUnicodeString@1@AEBVLocale@1@AEAW4UErrorCode@@@Z
??0ResourceBundle@icu_68@@QEAA@PEAUUResourceBundle@@AEAW4UErrorCode@@@Z
??0ResourceBundle@icu_68@@QEAA@PEBDAEBVLocale@1@AEAW4UErrorCode@@@Z
??0ResourceSink@icu_68@@QEAA@XZ
??0ResourceTable@icu_68@@QEAA@PEBGPEBH0PEBIHAEBVResourceTracer@1@@Z
??0ResourceTable@icu_68@@QEAA@XZ
??0ResourceTracer@icu_68@@QEAA@AEBV01@H@Z
??0ResourceTracer@icu_68@@QEAA@AEBV01@PEBD@Z
??0ResourceTracer@icu_68@@QEAA@PEBX@Z
??0ResourceTracer@icu_68@@QEAA@PEBXH@Z
??0ResourceTracer@icu_68@@QEAA@PEBXPEBD@Z
??0ResourceTracer@icu_68@@QEAA@XZ
??0ResourceValue@icu_68@@IEAA@XZ
??0Result@LocaleMatcher@icu_68@@AEAA@PEBVLocale@2@0HHC@Z
??0Result@LocaleMatcher@icu_68@@QEAA@$$QEAV012@@Z
??0RuleBasedBreakIterator@icu_68@@AEAA@PEAURBBIDataHeader@1@AEAW4UErrorCode@@@Z
??0RuleBasedBreakIterator@icu_68@@QEAA@AEBV01@@Z
??0RuleBasedBreakIterator@icu_68@@QEAA@AEBVUnicodeString@1@AEAUUParseError@@AEAW4UErrorCode@@@Z
??0RuleBasedBreakIterator@icu_68@@QEAA@PEAUUDataMemory@@AEAW4UErrorCode@@@Z
??0RuleBasedBreakIterator@icu_68@@QEAA@PEBEIAEAW4UErrorCode@@@Z
??0RuleBasedBreakIterator@icu_68@@QEAA@XZ
??0ServiceListener@icu_68@@QEAA@AEBV01@@Z
??0ServiceListener@icu_68@@QEAA@XZ
??0SharedObject@icu_68@@QEAA@AEBV01@@Z
??0SharedObject@icu_68@@QEAA@XZ
??0SimpleFactory@icu_68@@QEAA@AEBV01@@Z
??0SimpleFactory@icu_68@@QEAA@PEAVUObject@1@AEBVUnicodeString@1@C@Z
??0SimpleFilteredBreakIteratorBuilder@icu_68@@QEAA@AEAW4UErrorCode@@@Z
??0SimpleFilteredBreakIteratorBuilder@icu_68@@QEAA@AEBVLocale@1@AEAW4UErrorCode@@@Z
??0SimpleFormatter@icu_68@@QEAA@AEBV01@@Z
??0SimpleFormatter@icu_68@@QEAA@AEBVUnicodeString@1@AEAW4UErrorCode@@@Z
??0SimpleFormatter@icu_68@@QEAA@AEBVUnicodeString@1@HHAEAW4UErrorCode@@@Z
??0SimpleFormatter@icu_68@@QEAA@XZ
??0SimpleLocaleKeyFactory@icu_68@@QEAA@AEBV01@@Z
??0SimpleLocaleKeyFactory@icu_68@@QEAA@PEAVUObject@1@AEBVLocale@1@HH@Z
??0SimpleLocaleKeyFactory@icu_68@@QEAA@PEAVUObject@1@AEBVUnicodeString@1@HH@Z
??0StackUResourceBundle@icu_68@@QEAA@XZ
??0StringCharacterIterator@icu_68@@IEAA@XZ
??0StringCharacterIterator@icu_68@@QEAA@AEBV01@@Z
??0StringCharacterIterator@icu_68@@QEAA@AEBVUnicodeString@1@@Z
??0StringCharacterIterator@icu_68@@QEAA@AEBVUnicodeString@1@H@Z
??0StringCharacterIterator@icu_68@@QEAA@AEBVUnicodeString@1@HHH@Z
??0StringEnumeration@icu_68@@IEAA@XZ
??0StringEnumeration@icu_68@@QEAA@AEBV01@@Z
??0StringPair@icu_68@@AEAA@AEBVUnicodeString@1@0@Z
??0StringPair@icu_68@@QEAA@$$QEAV01@@Z
??0StringPair@icu_68@@QEAA@AEBV01@@Z
??0StringPiece@icu_68@@QEAA@$$T@Z
??0StringPiece@icu_68@@QEAA@AEBV01@H@Z
??0StringPiece@icu_68@@QEAA@AEBV01@HH@Z
??0StringPiece@icu_68@@QEAA@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0StringPiece@icu_68@@QEAA@PEBD@Z
??0StringPiece@icu_68@@QEAA@PEBDH@Z
??0StringPiece@icu_68@@QEAA@XZ
??0StringTrieBuilder@icu_68@@IEAA@XZ
??0StringTrieBuilder@icu_68@@QEAA@AEBV01@@Z
??0SymbolTable@icu_68@@QEAA@AEBV01@@Z
??0SymbolTable@icu_68@@QEAA@XZ
??0UCharCharacterIterator@icu_68@@IEAA@XZ
??0UCharCharacterIterator@icu_68@@QEAA@AEBV01@@Z
??0UCharCharacterIterator@icu_68@@QEAA@VConstChar16Ptr@1@H@Z
??0UCharCharacterIterator@icu_68@@QEAA@VConstChar16Ptr@1@HH@Z
??0UCharCharacterIterator@icu_68@@QEAA@VConstChar16Ptr@1@HHHH@Z
??0UCharsDictionaryMatcher@icu_68@@QEAA@AEBV01@@Z
??0UCharsDictionaryMatcher@icu_68@@QEAA@PEB_SPEAUUDataMemory@@@Z
??0UCharsTrie@icu_68@@AEAA@PEA_SPEB_S@Z
??0UCharsTrie@icu_68@@QEAA@AEBV01@@Z
??0UCharsTrie@icu_68@@QEAA@VConstChar16Ptr@1@@Z
??0UCharsTrieBuilder@icu_68@@QEAA@AEAW4UErrorCode@@@Z
??0UMutex@icu_68@@QEAA@XZ
??0UObject@icu_68@@QEAA@AEBV01@@Z
??0UObject@icu_68@@QEAA@XZ
??0UStack@icu_68@@QEAA@AEAW4UErrorCode@@@Z
??0UStack@icu_68@@QEAA@HAEAW4UErrorCode@@@Z
??0UStack@icu_68@@QEAA@P6AXPEAX@ZP6ACTUElement@@2@ZAEAW4UErrorCode@@@Z
??0UStack@icu_68@@QEAA@P6AXPEAX@ZP6ACTUElement@@2@ZHAEAW4UErrorCode@@@Z
??0UStringEnumeration@icu_68@@QEAA@AEBV01@@Z
??0UStringEnumeration@icu_68@@QEAA@PEAUUEnumeration@@@Z
??0UStringSet@icu_68@@QEAA@AEAW4UErrorCode@@@Z
??0UVector32@icu_68@@QEAA@AEAW4UErrorCode@@@Z
??0UVector32@icu_68@@QEAA@HAEAW4UErrorCode@@@Z
??0UVector64@icu_68@@QEAA@AEAW4UErrorCode@@@Z
??0UVector64@icu_68@@QEAA@HAEAW4UErrorCode@@@Z
??0UVector@icu_68@@QEAA@AEAW4UErrorCode@@@Z
??0UVector@icu_68@@QEAA@HAEAW4UErrorCode@@@Z
??0UVector@icu_68@@QEAA@P6AXPEAX@ZP6ACTUElement@@2@ZAEAW4UErrorCode@@@Z
??0UVector@icu_68@@QEAA@P6AXPEAX@ZP6ACTUElement@@2@ZHAEAW4UErrorCode@@@Z
??0UnicodeFilter@icu_68@@QEAA@AEBV01@@Z
??0UnicodeFilter@icu_68@@QEAA@XZ
??0UnicodeFunctor@icu_68@@QEAA@AEBV01@@Z
??0UnicodeFunctor@icu_68@@QEAA@XZ
??0UnicodeMatcher@icu_68@@QEAA@AEBV01@@Z
??0UnicodeMatcher@icu_68@@QEAA@XZ
??0UnicodeSet@icu_68@@AEAA@AEBV01@C@Z
??0UnicodeSet@icu_68@@QEAA@AEBV01@@Z
??0UnicodeSet@icu_68@@QEAA@AEBVUnicodeString@1@AEAVParsePosition@1@IPEBVSymbolTable@1@AEAW4UErrorCode@@@Z
??0UnicodeSet@icu_68@@QEAA@AEBVUnicodeString@1@AEAW4UErrorCode@@@Z
??0UnicodeSet@icu_68@@QEAA@AEBVUnicodeString@1@IPEBVSymbolTable@1@AEAW4UErrorCode@@@Z
??0UnicodeSet@icu_68@@QEAA@HH@Z
??0UnicodeSet@icu_68@@QEAA@QEBGHW4ESerialization@01@AEAW4UErrorCode@@@Z
??0UnicodeSet@icu_68@@QEAA@XZ
??0UnicodeSetIterator@icu_68@@QEAA@AEBVUnicodeSet@1@@Z
??0UnicodeSetIterator@icu_68@@QEAA@XZ
??0UnicodeString@icu_68@@QEAA@$$QEAV01@@Z
??0UnicodeString@icu_68@@QEAA@$$T@Z
??0UnicodeString@icu_68@@QEAA@$$TH@Z
??0UnicodeString@icu_68@@QEAA@$$THH@Z
??0UnicodeString@icu_68@@QEAA@AEBV01@@Z
??0UnicodeString@icu_68@@QEAA@AEBV01@H@Z
??0UnicodeString@icu_68@@QEAA@AEBV01@HH@Z
??0UnicodeString@icu_68@@QEAA@CVConstChar16Ptr@1@H@Z
??0UnicodeString@icu_68@@QEAA@H@Z
??0UnicodeString@icu_68@@QEAA@HHH@Z
??0UnicodeString@icu_68@@QEAA@PEAGHH@Z
??0UnicodeString@icu_68@@QEAA@PEA_SHH@Z
??0UnicodeString@icu_68@@QEAA@PEA_WHH@Z
??0UnicodeString@icu_68@@QEAA@PEBD0@Z
??0UnicodeString@icu_68@@QEAA@PEBD@Z
??0UnicodeString@icu_68@@QEAA@PEBDH0@Z
??0UnicodeString@icu_68@@QEAA@PEBDH@Z
??0UnicodeString@icu_68@@QEAA@PEBDHPEAUUConverter@@AEAW4UErrorCode@@@Z
??0UnicodeString@icu_68@@QEAA@PEBDHW4EInvariant@01@@Z
??0UnicodeString@icu_68@@QEAA@PEBG@Z
??0UnicodeString@icu_68@@QEAA@PEBGH@Z
??0UnicodeString@icu_68@@QEAA@PEB_S@Z
??0UnicodeString@icu_68@@QEAA@PEB_SH@Z
??0UnicodeString@icu_68@@QEAA@PEB_W@Z
??0UnicodeString@icu_68@@QEAA@PEB_WH@Z
??0UnicodeString@icu_68@@QEAA@XZ
??0UnicodeString@icu_68@@QEAA@_S@Z
??0UnicodeStringAppendable@icu_68@@QEAA@AEAVUnicodeString@1@@Z
??0UnicodeStringAppendable@icu_68@@QEAA@AEBV01@@Z
??0UnifiedCache@icu_68@@QEAA@AEAW4UErrorCode@@@Z
??0UnifiedCacheBase@icu_68@@QEAA@XZ
??1?$MaybeStackArray@D$0CI@@icu_68@@QEAA@XZ
??1Appendable@icu_68@@UEAA@XZ
??1BreakIterator@icu_68@@UEAA@XZ
??1Builder@LocaleMatcher@icu_68@@QEAA@XZ
??1ByteSink@icu_68@@UEAA@XZ
??1BytesDictionaryMatcher@icu_68@@UEAA@XZ
??1BytesTrie@icu_68@@QEAA@XZ
??1BytesTrieBuilder@icu_68@@UEAA@XZ
??1CStr@icu_68@@QEAA@XZ
??1CacheKeyBase@icu_68@@UEAA@XZ
??1CanonicalIterator@icu_68@@UEAA@XZ
??1Char16Ptr@icu_68@@QEAA@XZ
??1CharString@icu_68@@QEAA@XZ
??1CharStringByteSink@icu_68@@UEAA@XZ
??1CharacterIterator@icu_68@@UEAA@XZ
??1CheckedArrayByteSink@icu_68@@UEAA@XZ
??1ConstChar16Ptr@icu_68@@QEAA@XZ
??1DateInterval@icu_68@@UEAA@XZ
??1DictionaryMatcher@icu_68@@UEAA@XZ
??1Edits@icu_68@@QEAA@XZ
??1ErrorCode@icu_68@@UEAA@XZ
??1EventListener@icu_68@@UEAA@XZ
??1FilteredBreakIteratorBuilder@icu_68@@UEAA@XZ
??1FilteredNormalizer2@icu_68@@UEAA@XZ
??1ForwardCharacterIterator@icu_68@@UEAA@XZ
??1Hashtable@icu_68@@QEAA@XZ
??1ICULocaleService@icu_68@@UEAA@XZ
??1ICUNotifier@icu_68@@UEAA@XZ
??1ICUResourceBundleFactory@icu_68@@UEAA@XZ
??1ICUService@icu_68@@UEAA@XZ
??1ICUServiceFactory@icu_68@@UEAA@XZ
??1ICUServiceKey@icu_68@@UEAA@XZ
??1IDNA@icu_68@@UEAA@XZ
??1Iterator@BytesTrie@icu_68@@QEAA@XZ
??1Iterator@Locale@icu_68@@UEAA@XZ
??1Iterator@UCharsTrie@icu_68@@QEAA@XZ
??1Locale@icu_68@@UEAA@XZ
??1LocaleBuilder@icu_68@@UEAA@XZ
??1LocaleDisplayNames@icu_68@@UEAA@XZ
??1LocaleKey@icu_68@@UEAA@XZ
??1LocaleKeyFactory@icu_68@@UEAA@XZ
??1LocaleMatcher@icu_68@@QEAA@XZ
??1LocalePriorityList@icu_68@@QEAA@XZ
??1MessagePattern@icu_68@@UEAA@XZ
??1Mutex@icu_68@@QEAA@XZ
??1Normalizer2@icu_68@@UEAA@XZ
??1Normalizer2Impl@icu_68@@UEAA@XZ
??1Normalizer@icu_68@@UEAA@XZ
??1ParsePosition@icu_68@@UEAA@XZ
??1ReorderingBuffer@icu_68@@QEAA@XZ
??1Replaceable@icu_68@@UEAA@XZ
??1ResourceBundle@icu_68@@UEAA@XZ
??1ResourceSink@icu_68@@UEAA@XZ
??1ResourceValue@icu_68@@UEAA@XZ
??1Result@LocaleMatcher@icu_68@@QEAA@XZ
??1RuleBasedBreakIterator@icu_68@@UEAA@XZ
??1ServiceListener@icu_68@@UEAA@XZ
??1SharedObject@icu_68@@UEAA@XZ
??1SimpleFactory@icu_68@@UEAA@XZ
??1SimpleFilteredBreakIteratorBuilder@icu_68@@UEAA@XZ
??1SimpleFormatter@icu_68@@QEAA@XZ
??1SimpleLocaleKeyFactory@icu_68@@UEAA@XZ
??1StackUResourceBundle@icu_68@@QEAA@XZ
??1StringCharacterIterator@icu_68@@UEAA@XZ
??1StringEnumeration@icu_68@@UEAA@XZ
??1StringPair@icu_68@@QEAA@XZ
??1StringTrieBuilder@icu_68@@MEAA@XZ
??1SymbolTable@icu_68@@UEAA@XZ
??1UCharCharacterIterator@icu_68@@UEAA@XZ
??1UCharsDictionaryMatcher@icu_68@@UEAA@XZ
??1UCharsTrie@icu_68@@QEAA@XZ
??1UCharsTrieBuilder@icu_68@@UEAA@XZ
??1UObject@icu_68@@UEAA@XZ
??1UStack@icu_68@@UEAA@XZ
??1UStringEnumeration@icu_68@@UEAA@XZ
??1UStringSet@icu_68@@UEAA@XZ
??1UVector32@icu_68@@UEAA@XZ
??1UVector64@icu_68@@UEAA@XZ
??1UVector@icu_68@@UEAA@XZ
??1UnicodeFilter@icu_68@@UEAA@XZ
??1UnicodeFunctor@icu_68@@UEAA@XZ
??1UnicodeMatcher@icu_68@@UEAA@XZ
??1UnicodeSet@icu_68@@UEAA@XZ
??1UnicodeSetIterator@icu_68@@UEAA@XZ
??1UnicodeString@icu_68@@UEAA@XZ
??1UnicodeStringAppendable@icu_68@@UEAA@XZ
??1UnifiedCache@icu_68@@UEAA@XZ
??1UnifiedCacheBase@icu_68@@UEAA@XZ
??2UMemory@icu_68@@SAPEAX_K@Z
??2UMemory@icu_68@@SAPEAX_KPEAX@Z
??2UMemory@icu_68@@SAPEAX_KPEBDH@Z
??3UMemory@icu_68@@SAXPEAX0@Z
??3UMemory@icu_68@@SAXPEAX@Z
??3UMemory@icu_68@@SAXPEAXPEBDH@Z
??4?$MaybeStackArray@D$0CI@@icu_68@@QEAAAEAV01@$$QEAV01@@Z
??4?$_Atomic_integral@H$03@std@@QEAAAEAU01@$$QEAU01@@Z
??4?$_Atomic_integral@H$03@std@@QEAAAEAU01@AEBU01@@Z
??4?$_Atomic_integral_facade@H@std@@QEAAAEAU01@$$QEAU01@@Z
??4?$_Atomic_integral_facade@H@std@@QEAAAEAU01@AEBU01@@Z
??4?$_Atomic_pointer@PEAVmutex@std@@@std@@QEAAAEAU01@$$QEAU01@@Z
??4?$_Atomic_pointer@PEAVmutex@std@@@std@@QEAAAEAU01@AEBU01@@Z
??4?$_Atomic_storage@H$03@std@@QEAAAEAU01@$$QEAU01@@Z
??4?$_Atomic_storage@H$03@std@@QEAAAEAU01@AEBU01@@Z
??4?$_Atomic_storage@PEAVmutex@std@@$07@std@@QEAAAEAU01@$$QEAU01@@Z
??4?$_Atomic_storage@PEAVmutex@std@@$07@std@@QEAAAEAU01@AEBU01@@Z
??4?$atomic@H@std@@QEAAHH@Z
??4?$atomic@H@std@@QECAHH@Z
??4?$atomic@PEAVmutex@std@@@std@@QEAAPEAVmutex@1@QEAV21@@Z
??4?$atomic@PEAVmutex@std@@@std@@QECAPEAVmutex@1@QEAV21@@Z
??4Appendable@icu_68@@QEAAAEAV01@AEBV01@@Z
??4BreakIterator@icu_68@@IEAAAEAV01@AEBV01@@Z
??4Builder@LocaleMatcher@icu_68@@QEAAAEAV012@$$QEAV012@@Z
??4ByteSinkUtil@icu_68@@QEAAAEAV01@$$QEAV01@@Z
??4ByteSinkUtil@icu_68@@QEAAAEAV01@AEBV01@@Z
??4BytesDictionaryMatcher@icu_68@@QEAAAEAV01@AEBV01@@Z
??4CacheKeyBase@icu_68@@QEAAAEAV01@AEBV01@@Z
??4Char16Ptr@icu_68@@QEAAAEAV01@AEBV01@@Z
??4CharString@icu_68@@QEAAAEAV01@$$QEAV01@@Z
??4CharacterIterator@icu_68@@IEAAAEAV01@AEBV01@@Z
??4ConstChar16Ptr@icu_68@@QEAAAEAV01@AEBV01@@Z
??4DateInterval@icu_68@@QEAAAEAV01@AEBV01@@Z
??4DictionaryData@icu_68@@QEAAAEAV01@$$QEAV01@@Z
??4DictionaryData@icu_68@@QEAAAEAV01@AEBV01@@Z
??4DictionaryMatcher@icu_68@@QEAAAEAV01@AEBV01@@Z
??4Edits@icu_68@@QEAAAEAV01@$$QEAV01@@Z
??4Edits@icu_68@@QEAAAEAV01@AEBV01@@Z
??4ErrorCode@icu_68@@QEAAAEAV01@AEBV01@@Z
??4EventListener@icu_68@@QEAAAEAV01@AEBV01@@Z
??4FilteredBreakIteratorBuilder@icu_68@@QEAAAEAV01@AEBV01@@Z
??4ForwardCharacterIterator@icu_68@@IEAAAEAV01@AEBV01@@Z
??4Hangul@icu_68@@QEAAAEAV01@$$QEAV01@@Z
??4Hangul@icu_68@@QEAAAEAV01@AEBV01@@Z
??4ICUNotifier@icu_68@@QEAAAEAV01@AEBV01@@Z
??4ICUServiceFactory@icu_68@@QEAAAEAV01@AEBV01@@Z
??4ICU_Utility@icu_68@@QEAAAEAV01@$$QEAV01@@Z
??4ICU_Utility@icu_68@@QEAAAEAV01@AEBV01@@Z
??4IDNA@icu_68@@QEAAAEAV01@AEBV01@@Z
??4Iterator@BytesTrie@icu_68@@QEAAAEAV012@AEBV012@@Z
??4Iterator@Edits@icu_68@@QEAAAEAU012@AEBU012@@Z
??4Iterator@Locale@icu_68@@QEAAAEAV012@AEBV012@@Z
??4Iterator@UCharsTrie@icu_68@@QEAAAEAV012@AEBV012@@Z
??4Locale@icu_68@@QEAAAEAV01@$$QEAV01@@Z
??4Locale@icu_68@@QEAAAEAV01@AEBV01@@Z
??4LocaleBased@icu_68@@QEAAAEAV01@$$QEAV01@@Z
??4LocaleBased@icu_68@@QEAAAEAV01@AEBV01@@Z
??4LocaleBuilder@icu_68@@QEAAAEAV01@AEBV01@@Z
??4LocaleDisplayNames@icu_68@@QEAAAEAV01@AEBV01@@Z
??4LocaleMatcher@icu_68@@QEAAAEAV01@$$QEAV01@@Z
??4LocaleUtility@icu_68@@QEAAAEAV01@$$QEAV01@@Z
??4LocaleUtility@icu_68@@QEAAAEAV01@AEBV01@@Z
??4MessageImpl@icu_68@@QEAAAEAV01@$$QEAV01@@Z
??4MessageImpl@icu_68@@QEAAAEAV01@AEBV01@@Z
??4MessagePattern@icu_68@@QEAAAEAV01@AEBV01@@Z
??4Normalizer2@icu_68@@QEAAAEAV01@AEBV01@@Z
??4Normalizer2Factory@icu_68@@QEAAAEAV01@$$QEAV01@@Z
??4Normalizer2Factory@icu_68@@QEAAAEAV01@AEBV01@@Z
??4ParsePosition@icu_68@@QEAAAEAV01@AEBV01@@Z
??4PatternProps@icu_68@@QEAAAEAV01@$$QEAV01@@Z
??4PatternProps@icu_68@@QEAAAEAV01@AEBV01@@Z
??4PluralMapBase@icu_68@@QEAAAEAV01@$$QEAV01@@Z
??4PluralMapBase@icu_68@@QEAAAEAV01@AEBV01@@Z
??4Replaceable@icu_68@@QEAAAEAV01@AEBV01@@Z
??4ResourceArray@icu_68@@QEAAAEAV01@$$QEAV01@@Z
??4ResourceArray@icu_68@@QEAAAEAV01@AEBV01@@Z
??4ResourceBundle@icu_68@@QEAAAEAV01@AEBV01@@Z
??4ResourceTable@icu_68@@QEAAAEAV01@$$QEAV01@@Z
??4ResourceTable@icu_68@@QEAAAEAV01@AEBV01@@Z
??4ResourceTracer@icu_68@@QEAAAEAV01@$$QEAV01@@Z
??4ResourceTracer@icu_68@@QEAAAEAV01@AEBV01@@Z
??4Result@LocaleMatcher@icu_68@@QEAAAEAV012@$$QEAV012@@Z
??4RuleBasedBreakIterator@icu_68@@QEAAAEAV01@AEBV01@@Z
??4ServiceListener@icu_68@@QEAAAEAV01@AEBV01@@Z
??4SimpleFormatter@icu_68@@QEAAAEAV01@AEBV01@@Z
??4StringCharacterIterator@icu_68@@QEAAAEAV01@AEBV01@@Z
??4StringEnumeration@icu_68@@QEAAAEAV01@AEBV01@@Z
??4StringPiece@icu_68@@QEAAAEAV01@$$QEAV01@@Z
??4StringPiece@icu_68@@QEAAAEAV01@AEBV01@@Z
??4StringTrieBuilder@icu_68@@QEAAAEAV01@AEBV01@@Z
??4SymbolTable@icu_68@@QEAAAEAV01@AEBV01@@Z
??4UCharCharacterIterator@icu_68@@QEAAAEAV01@AEBV01@@Z
??4UCharsDictionaryMatcher@icu_68@@QEAAAEAV01@AEBV01@@Z
??4UMemory@icu_68@@QEAAAEAV01@$$QEAV01@@Z
??4UMemory@icu_68@@QEAAAEAV01@AEBV01@@Z
??4UObject@icu_68@@QEAAAEAV01@AEBV01@@Z
??4UStringEnumeration@icu_68@@QEAAAEAV01@AEBV01@@Z
??4UnicodeFilter@icu_68@@QEAAAEAV01@AEBV01@@Z
??4UnicodeFunctor@icu_68@@QEAAAEAV01@AEBV01@@Z
??4UnicodeMatcher@icu_68@@QEAAAEAV01@AEBV01@@Z
??4UnicodeSet@icu_68@@QEAAAEAV01@AEBV01@@Z
??4UnicodeString@icu_68@@QEAAAEAV01@$$QEAV01@@Z
??4UnicodeString@icu_68@@QEAAAEAV01@AEBV01@@Z
??4UnicodeString@icu_68@@QEAAAEAV01@H@Z
??4UnicodeString@icu_68@@QEAAAEAV01@_S@Z
??8CharString@icu_68@@QEBA_NVStringPiece@1@@Z
??8DateInterval@icu_68@@UEBACAEBV01@@Z
??8Locale@icu_68@@QEBACAEBV01@@Z
??8MessagePattern@icu_68@@QEBACAEBV01@@Z
??8Normalizer@icu_68@@QEBACAEBV01@@Z
??8ParsePosition@icu_68@@QEBACAEBV01@@Z
??8RuleBasedBreakIterator@icu_68@@UEBACAEBVBreakIterator@1@@Z
??8StringCharacterIterator@icu_68@@UEBACAEBVForwardCharacterIterator@1@@Z
??8StringEnumeration@icu_68@@UEBACAEBV01@@Z
??8UCharCharacterIterator@icu_68@@UEBACAEBVForwardCharacterIterator@1@@Z
??8UVector32@icu_68@@QEAACAEBV01@@Z
??8UVector64@icu_68@@QEAACAEBV01@@Z
??8UVector@icu_68@@QEAACAEBV01@@Z
??8UnicodeSet@icu_68@@UEBACAEBV01@@Z
??8UnicodeString@icu_68@@QEBACAEBV01@@Z
??8icu_68@@YACAEBVStringPiece@0@0@Z
??9BreakIterator@icu_68@@QEBACAEBV01@@Z
??9CacheKeyBase@icu_68@@QEBACAEBV01@@Z
??9CharString@icu_68@@QEBA_NVStringPiece@1@@Z
??9DateInterval@icu_68@@QEBACAEBV01@@Z
??9ForwardCharacterIterator@icu_68@@QEBACAEBV01@@Z
??9Locale@icu_68@@QEBACAEBV01@@Z
??9MessagePattern@icu_68@@QEBACAEBV01@@Z
??9Normalizer@icu_68@@QEBACAEBV01@@Z
??9ParsePosition@icu_68@@QEBACAEBV01@@Z
??9RuleBasedBreakIterator@icu_68@@QEBACAEBVBreakIterator@1@@Z
??9StringEnumeration@icu_68@@UEBACAEBV01@@Z
??9UVector32@icu_68@@QEAACAEBV01@@Z
??9UVector64@icu_68@@QEAACAEBV01@@Z
??9UVector@icu_68@@QEAACAEBV01@@Z
??9UnicodeSet@icu_68@@QEBACAEBV01@@Z

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 641KB - Virtual size: 640KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
libcrypto-1_1-x64.dll
.dll windows:6 windows x64 arch:x64

9e838455ae7ea799f93ad26b13f1cafa

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

dc:39:2e:be:77:1b:84:15:a0:e2:c3:0b:c3:46:8d:0b
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

21/09/2020, 00:00

Not After

21/09/2023, 23:59

Subject

CN=Sober Lemur S.a.s. di Vacondio Andrea,O=Sober Lemur S.a.s. di Vacondio Andrea,POSTALCODE=42021,STREET=Via Enrico Fermi 28,L=Bibbiano,ST=Reggio Emilia,C=IT

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

39:72:44:3a:f9:22:b7:51:d7:d3:6c:10:dd:31:35:95
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

12/03/2019, 00:00

Not After

31/12/2028, 23:59

Subject

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/11/2018, 00:00

Not After

31/12/2030, 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

dc:39:2e:be:77:1b:84:15:a0:e2:c3:0b:c3:46:8d:0b
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

21/09/2020, 00:00

Not After

21/09/2023, 23:59

Subject

CN=Sober Lemur S.a.s. di Vacondio Andrea,O=Sober Lemur S.a.s. di Vacondio Andrea,POSTALCODE=42021,STREET=Via Enrico Fermi 28,L=Bibbiano,ST=Reggio Emilia,C=IT

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

39:72:44:3a:f9:22:b7:51:d7:d3:6c:10:dd:31:35:95
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

12/03/2019, 00:00

Not After

31/12/2028, 23:59

Subject

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/11/2018, 00:00

Not After

31/12/2030, 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

52:be:77:0f:b3:06:ca:93:ae:8f:f9:f1:33:7f:cf:db:53:7a:c5:ad:a7:2f:6d:3d:38:8c:0e:da:12:44:9c:f5
Signer

Actual PE Digest

52:be:77:0f:b3:06:ca:93:ae:8f:f9:f1:33:7f:cf:db:53:7a:c5:ad:a7:2f:6d:3d:38:8c:0e:da:12:44:9c:f5

Digest Algorithm

sha256

PE Digest Matches

true

b8:9d:94:d5:ef:01:90:21:ed:83:cf:53:e9:d8:84:bf:89:99:35:f7
Signer

Actual PE Digest

b8:9d:94:d5:ef:01:90:21:ed:83:cf:53:e9:d8:84:bf:89:99:35:f7

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\TemporaryBuilds\installer_builder_1\1\s\repositories\openssl\libcrypto-1_1-x64.pdb

Imports

ws2_32

accept
WSAGetLastError
closesocket
WSAStartup
gethostbyname
getsockopt
getsockname
ioctlsocket
getnameinfo
freeaddrinfo
ntohs
getaddrinfo
connect
listen
setsockopt
socket
shutdown
recv
send
WSASetLastError
recvfrom
sendto
bind
WSACleanup

advapi32

RegisterEventSourceW
DeregisterEventSource
ReportEventW

user32

GetUserObjectInformationW
MessageBoxW
GetProcessWindowStation

bcrypt

BCryptGenRandom

kernel32

SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlLookupFunctionEntry
RtlCaptureContext
TerminateProcess
GetCurrentProcess
ReadConsoleW
ReadConsoleA
SetConsoleMode
GetConsoleMode
IsProcessorFeaturePresent
TlsSetValue
TlsGetValue
TlsAlloc
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
IsDebuggerPresent
InitializeSListHead
TlsFree
GetStartupInfoW
QueryPerformanceCounter
WideCharToMultiByte
FindNextFileW
FindFirstFileW
FindClose
GetModuleHandleExW
RtlVirtualUnwind
ConvertFiberToThread
ConvertThreadToFiber
SwitchToFiber
DeleteFiber
CreateFiber
FormatMessageW
GetSystemTime
SystemTimeToFileTime
GetLastError
SetLastError
GetStdHandle
GetEnvironmentVariableW
GetFileType
WriteFile
GetModuleHandleW
GetProcAddress
MultiByteToWideChar
CloseHandle
FreeLibrary
LoadLibraryA
LoadLibraryW

vcruntime140

__std_type_info_destroy_list
__C_specific_handler
memchr
strstr
wcsstr
memmove
strchr
strrchr
memcmp
memset
memcpy
__current_exception_context
__current_exception

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vswprintf
_setmode
ftell
__stdio_common_vfprintf
fwrite
fseek
fread
fopen
_fileno
fgets
fflush
ferror
clearerr
setbuf
feof
fclose
fputs
__stdio_common_vsscanf
__acrt_iob_func
__stdio_common_vsprintf
_wfopen

api-ms-win-crt-convert-l1-1-0

strtoul
atoi
strtol

api-ms-win-crt-string-l1-1-0

_strnicmp
strcspn
strncmp
strncpy
strcmp
isspace
_strdup
_stricmp
strspn

api-ms-win-crt-time-l1-1-0

_gmtime64_s
_time64

api-ms-win-crt-utility-l1-1-0

qsort

api-ms-win-crt-runtime-l1-1-0

_initialize_narrow_environment
_initialize_onexit_table
signal
strerror_s
_execute_onexit_table
_seh_filter_dll
_crt_atexit
_errno
_crt_at_quick_exit
terminate
perror
_register_onexit_function
_exit
_initterm_e
_initterm
_configure_narrow_argv
_cexit
raise

api-ms-win-crt-filesystem-l1-1-0

_fstat64i32
_stat64i32
_chmod

api-ms-win-crt-heap-l1-1-0

free
realloc
malloc

api-ms-win-crt-environment-l1-1-0

getenv

Exports

Exports

ACCESS_DESCRIPTION_free
ACCESS_DESCRIPTION_it
ACCESS_DESCRIPTION_new
ADMISSIONS_free
ADMISSIONS_get0_admissionAuthority
ADMISSIONS_get0_namingAuthority
ADMISSIONS_get0_professionInfos
ADMISSIONS_it
ADMISSIONS_new
ADMISSIONS_set0_admissionAuthority
ADMISSIONS_set0_namingAuthority
ADMISSIONS_set0_professionInfos
ADMISSION_SYNTAX_free
ADMISSION_SYNTAX_get0_admissionAuthority
ADMISSION_SYNTAX_get0_contentsOfAdmissions
ADMISSION_SYNTAX_it
ADMISSION_SYNTAX_new
ADMISSION_SYNTAX_set0_admissionAuthority
ADMISSION_SYNTAX_set0_contentsOfAdmissions
AES_bi_ige_encrypt
AES_cbc_encrypt
AES_cfb128_encrypt
AES_cfb1_encrypt
AES_cfb8_encrypt
AES_decrypt
AES_ecb_encrypt
AES_encrypt
AES_ige_encrypt
AES_ofb128_encrypt
AES_options
AES_set_decrypt_key
AES_set_encrypt_key
AES_unwrap_key
AES_wrap_key
ASIdOrRange_free
ASIdOrRange_it
ASIdOrRange_new
ASIdentifierChoice_free
ASIdentifierChoice_it
ASIdentifierChoice_new
ASIdentifiers_free
ASIdentifiers_it
ASIdentifiers_new
ASN1_ANY_it
ASN1_BIT_STRING_check
ASN1_BIT_STRING_free
ASN1_BIT_STRING_get_bit
ASN1_BIT_STRING_it
ASN1_BIT_STRING_name_print
ASN1_BIT_STRING_new
ASN1_BIT_STRING_num_asc
ASN1_BIT_STRING_set
ASN1_BIT_STRING_set_asc
ASN1_BIT_STRING_set_bit
ASN1_BMPSTRING_free
ASN1_BMPSTRING_it
ASN1_BMPSTRING_new
ASN1_BOOLEAN_it
ASN1_ENUMERATED_free
ASN1_ENUMERATED_get
ASN1_ENUMERATED_get_int64
ASN1_ENUMERATED_it
ASN1_ENUMERATED_new
ASN1_ENUMERATED_set
ASN1_ENUMERATED_set_int64
ASN1_ENUMERATED_to_BN
ASN1_FBOOLEAN_it
ASN1_GENERALIZEDTIME_adj
ASN1_GENERALIZEDTIME_check
ASN1_GENERALIZEDTIME_free
ASN1_GENERALIZEDTIME_it
ASN1_GENERALIZEDTIME_new
ASN1_GENERALIZEDTIME_print
ASN1_GENERALIZEDTIME_set
ASN1_GENERALIZEDTIME_set_string
ASN1_GENERALSTRING_free
ASN1_GENERALSTRING_it
ASN1_GENERALSTRING_new
ASN1_IA5STRING_free
ASN1_IA5STRING_it
ASN1_IA5STRING_new
ASN1_INTEGER_cmp
ASN1_INTEGER_dup
ASN1_INTEGER_free
ASN1_INTEGER_get
ASN1_INTEGER_get_int64
ASN1_INTEGER_get_uint64
ASN1_INTEGER_it
ASN1_INTEGER_new
ASN1_INTEGER_set
ASN1_INTEGER_set_int64
ASN1_INTEGER_set_uint64
ASN1_INTEGER_to_BN
ASN1_ITEM_get
ASN1_ITEM_lookup
ASN1_NULL_free
ASN1_NULL_it
ASN1_NULL_new
ASN1_OBJECT_create
ASN1_OBJECT_free
ASN1_OBJECT_it
ASN1_OBJECT_new
ASN1_OCTET_STRING_NDEF_it
ASN1_OCTET_STRING_cmp
ASN1_OCTET_STRING_dup
ASN1_OCTET_STRING_free
ASN1_OCTET_STRING_it
ASN1_OCTET_STRING_new
ASN1_OCTET_STRING_set
ASN1_PCTX_free
ASN1_PCTX_get_cert_flags
ASN1_PCTX_get_flags
ASN1_PCTX_get_nm_flags
ASN1_PCTX_get_oid_flags
ASN1_PCTX_get_str_flags
ASN1_PCTX_new
ASN1_PCTX_set_cert_flags
ASN1_PCTX_set_flags
ASN1_PCTX_set_nm_flags
ASN1_PCTX_set_oid_flags
ASN1_PCTX_set_str_flags
ASN1_PRINTABLESTRING_free
ASN1_PRINTABLESTRING_it
ASN1_PRINTABLESTRING_new
ASN1_PRINTABLE_free
ASN1_PRINTABLE_it
ASN1_PRINTABLE_new
ASN1_PRINTABLE_type
ASN1_SCTX_free
ASN1_SCTX_get_app_data
ASN1_SCTX_get_flags
ASN1_SCTX_get_item
ASN1_SCTX_get_template
ASN1_SCTX_new
ASN1_SCTX_set_app_data
ASN1_SEQUENCE_ANY_it
ASN1_SEQUENCE_it
ASN1_SET_ANY_it
ASN1_STRING_TABLE_add
ASN1_STRING_TABLE_cleanup
ASN1_STRING_TABLE_get
ASN1_STRING_clear_free
ASN1_STRING_cmp
ASN1_STRING_copy
ASN1_STRING_data
ASN1_STRING_dup
ASN1_STRING_free
ASN1_STRING_get0_data
ASN1_STRING_get_default_mask
ASN1_STRING_length
ASN1_STRING_length_set
ASN1_STRING_new
ASN1_STRING_print
ASN1_STRING_print_ex
ASN1_STRING_print_ex_fp
ASN1_STRING_set
ASN1_STRING_set0
ASN1_STRING_set_by_NID
ASN1_STRING_set_default_mask
ASN1_STRING_set_default_mask_asc
ASN1_STRING_to_UTF8
ASN1_STRING_type
ASN1_STRING_type_new
ASN1_T61STRING_free
ASN1_T61STRING_it
ASN1_T61STRING_new
ASN1_TBOOLEAN_it
ASN1_TIME_adj
ASN1_TIME_check
ASN1_TIME_cmp_time_t
ASN1_TIME_compare
ASN1_TIME_diff
ASN1_TIME_free
ASN1_TIME_it
ASN1_TIME_new
ASN1_TIME_normalize
ASN1_TIME_print
ASN1_TIME_set
ASN1_TIME_set_string
ASN1_TIME_set_string_X509
ASN1_TIME_to_generalizedtime
ASN1_TIME_to_tm
ASN1_TYPE_cmp
ASN1_TYPE_free
ASN1_TYPE_get
ASN1_TYPE_get_int_octetstring
ASN1_TYPE_get_octetstring
ASN1_TYPE_new
ASN1_TYPE_pack_sequence
ASN1_TYPE_set
ASN1_TYPE_set1
ASN1_TYPE_set_int_octetstring
ASN1_TYPE_set_octetstring
ASN1_TYPE_unpack_sequence
ASN1_UNIVERSALSTRING_free
ASN1_UNIVERSALSTRING_it
ASN1_UNIVERSALSTRING_new
ASN1_UNIVERSALSTRING_to_string
ASN1_UTCTIME_adj
ASN1_UTCTIME_check
ASN1_UTCTIME_cmp_time_t
ASN1_UTCTIME_free
ASN1_UTCTIME_it
ASN1_UTCTIME_new
ASN1_UTCTIME_print
ASN1_UTCTIME_set
ASN1_UTCTIME_set_string
ASN1_UTF8STRING_free
ASN1_UTF8STRING_it
ASN1_UTF8STRING_new
ASN1_VISIBLESTRING_free
ASN1_VISIBLESTRING_it
ASN1_VISIBLESTRING_new
ASN1_add_oid_module
ASN1_add_stable_module
ASN1_bn_print
ASN1_buf_print
ASN1_check_infinite_end
ASN1_const_check_infinite_end
ASN1_d2i_bio
ASN1_d2i_fp
ASN1_digest
ASN1_dup
ASN1_generate_nconf
ASN1_generate_v3
ASN1_get_object
ASN1_i2d_bio
ASN1_i2d_fp
ASN1_item_d2i
ASN1_item_d2i_bio
ASN1_item_d2i_fp
ASN1_item_digest
ASN1_item_dup
ASN1_item_ex_d2i
ASN1_item_ex_free
ASN1_item_ex_i2d
ASN1_item_ex_new
ASN1_item_free
ASN1_item_i2d
ASN1_item_i2d_bio
ASN1_item_i2d_fp
ASN1_item_ndef_i2d
ASN1_item_new
ASN1_item_pack
ASN1_item_print
ASN1_item_sign
ASN1_item_sign_ctx
ASN1_item_unpack
ASN1_item_verify
ASN1_mbstring_copy
ASN1_mbstring_ncopy
ASN1_object_size
ASN1_parse
ASN1_parse_dump
ASN1_put_eoc
ASN1_put_object
ASN1_sign
ASN1_str2mask
ASN1_tag2bit
ASN1_tag2str
ASN1_verify
ASRange_free
ASRange_it
ASRange_new
ASYNC_WAIT_CTX_clear_fd
ASYNC_WAIT_CTX_free
ASYNC_WAIT_CTX_get_all_fds
ASYNC_WAIT_CTX_get_changed_fds
ASYNC_WAIT_CTX_get_fd
ASYNC_WAIT_CTX_new
ASYNC_WAIT_CTX_set_wait_fd
ASYNC_block_pause
ASYNC_cleanup_thread
ASYNC_get_current_job
ASYNC_get_wait_ctx
ASYNC_init_thread
ASYNC_is_capable
ASYNC_pause_job
ASYNC_start_job
ASYNC_unblock_pause
AUTHORITY_INFO_ACCESS_free
AUTHORITY_INFO_ACCESS_it
AUTHORITY_INFO_ACCESS_new
AUTHORITY_KEYID_free
AUTHORITY_KEYID_it
AUTHORITY_KEYID_new
BASIC_CONSTRAINTS_free
BASIC_CONSTRAINTS_it
BASIC_CONSTRAINTS_new
BF_cbc_encrypt
BF_cfb64_encrypt
BF_decrypt
BF_ecb_encrypt
BF_encrypt
BF_ofb64_encrypt
BF_options
BF_set_key
BIGNUM_it
BIO_ADDRINFO_address
BIO_ADDRINFO_family
BIO_ADDRINFO_free
BIO_ADDRINFO_next
BIO_ADDRINFO_protocol
BIO_ADDRINFO_socktype
BIO_ADDR_clear
BIO_ADDR_family
BIO_ADDR_free
BIO_ADDR_hostname_string
BIO_ADDR_new
BIO_ADDR_path_string
BIO_ADDR_rawaddress
BIO_ADDR_rawmake
BIO_ADDR_rawport
BIO_ADDR_service_string
BIO_accept
BIO_accept_ex
BIO_asn1_get_prefix
BIO_asn1_get_suffix
BIO_asn1_set_prefix
BIO_asn1_set_suffix
BIO_bind
BIO_callback_ctrl
BIO_clear_flags
BIO_closesocket
BIO_connect
BIO_copy_next_retry
BIO_ctrl
BIO_ctrl_get_read_request
BIO_ctrl_get_write_guarantee
BIO_ctrl_pending
BIO_ctrl_reset_read_request
BIO_ctrl_wpending
BIO_debug_callback
BIO_dgram_non_fatal_error
BIO_dump
BIO_dump_cb
BIO_dump_fp
BIO_dump_indent
BIO_dump_indent_cb
BIO_dump_indent_fp
BIO_dup_chain
BIO_f_asn1
BIO_f_base64
BIO_f_buffer
BIO_f_cipher
BIO_f_linebuffer
BIO_f_md
BIO_f_nbio_test
BIO_f_null
BIO_f_reliable
BIO_fd_non_fatal_error
BIO_fd_should_retry
BIO_find_type
BIO_free
BIO_free_all
BIO_get_accept_socket
BIO_get_callback
BIO_get_callback_arg
BIO_get_callback_ex
BIO_get_data
BIO_get_ex_data
BIO_get_host_ip
BIO_get_init
BIO_get_new_index
BIO_get_port
BIO_get_retry_BIO
BIO_get_retry_reason
BIO_get_shutdown
BIO_gethostbyname
BIO_gets
BIO_hex_string
BIO_indent
BIO_int_ctrl
BIO_listen
BIO_lookup
BIO_lookup_ex
BIO_meth_free
BIO_meth_get_callback_ctrl
BIO_meth_get_create
BIO_meth_get_ctrl
BIO_meth_get_destroy
BIO_meth_get_gets
BIO_meth_get_puts
BIO_meth_get_read
BIO_meth_get_read_ex
BIO_meth_get_write
BIO_meth_get_write_ex
BIO_meth_new
BIO_meth_set_callback_ctrl
BIO_meth_set_create
BIO_meth_set_ctrl
BIO_meth_set_destroy
BIO_meth_set_gets
BIO_meth_set_puts
BIO_meth_set_read
BIO_meth_set_read_ex
BIO_meth_set_write
BIO_meth_set_write_ex
BIO_method_name
BIO_method_type
BIO_new
BIO_new_CMS
BIO_new_NDEF
BIO_new_PKCS7
BIO_new_accept
BIO_new_bio_pair
BIO_new_connect
BIO_new_dgram
BIO_new_fd
BIO_new_file
BIO_new_fp
BIO_new_mem_buf
BIO_new_socket
BIO_next
BIO_nread
BIO_nread0
BIO_number_read
BIO_number_written
BIO_nwrite
BIO_nwrite0
BIO_parse_hostserv
BIO_pop
BIO_printf
BIO_ptr_ctrl
BIO_push
BIO_puts
BIO_read
BIO_read_ex
BIO_s_accept
BIO_s_bio
BIO_s_connect
BIO_s_datagram
BIO_s_fd
BIO_s_file
BIO_s_log
BIO_s_mem
BIO_s_null
BIO_s_secmem
BIO_s_socket
BIO_set_callback
BIO_set_callback_arg
BIO_set_callback_ex
BIO_set_cipher
BIO_set_data
BIO_set_ex_data
BIO_set_flags
BIO_set_init
BIO_set_next
BIO_set_retry_reason
BIO_set_shutdown
BIO_set_tcp_ndelay
BIO_snprintf
BIO_sock_error
BIO_sock_info
BIO_sock_init
BIO_sock_non_fatal_error
BIO_sock_should_retry
BIO_socket
BIO_socket_ioctl
BIO_socket_nbio
BIO_test_flags
BIO_up_ref
BIO_vfree
BIO_vprintf
BIO_vsnprintf
BIO_write
BIO_write_ex
BN_BLINDING_convert
BN_BLINDING_convert_ex
BN_BLINDING_create_param
BN_BLINDING_free
BN_BLINDING_get_flags
BN_BLINDING_invert
BN_BLINDING_invert_ex
BN_BLINDING_is_current_thread
BN_BLINDING_lock
BN_BLINDING_new
BN_BLINDING_set_current_thread
BN_BLINDING_set_flags
BN_BLINDING_unlock
BN_BLINDING_update
BN_CTX_end
BN_CTX_free
BN_CTX_get
BN_CTX_new
BN_CTX_secure_new
BN_CTX_start
BN_GENCB_call
BN_GENCB_free
BN_GENCB_get_arg
BN_GENCB_new
BN_GENCB_set
BN_GENCB_set_old
BN_GF2m_add
BN_GF2m_arr2poly
BN_GF2m_mod
BN_GF2m_mod_arr
BN_GF2m_mod_div
BN_GF2m_mod_div_arr
BN_GF2m_mod_exp

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 824KB - Virtual size: 824KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 112KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.00cfg
Size: 512B - Virtual size: 283B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
libcurl.dll
.dll windows:6 windows x64 arch:x64

3282130dc328a1362bd8ec380d19ee2e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\TemporaryBuilds\installer_builder_1\1\s\repositories\curl\builds\libcurl-vc16-x64-release-dll-ssl-dll-zlib-static-ipv6-sspi-obj-lib\libcurl.pdb

Imports

libssl-1_1-x64

SSL_CTX_set_msg_callback
SSL_get_ex_data
SSL_set_ex_data
SSL_get_verify_result
SSL_CTX_load_verify_locations
SSL_version
SSL_get_shutdown
SSL_get_privatekey
SSL_get_certificate
SSL_set_connect_state
SSL_CTX_add_client_CA
SSL_alert_desc_string_long
SSL_CTX_set_post_handshake_auth
SSL_shutdown
TLS_client_method
SSL_get_error
SSL_CTX_ctrl
SSL_ctrl
SSL_write
SSL_read
SSL_connect
SSL_free
SSL_new
SSL_CTX_check_private_key
SSL_CTX_set_default_passwd_cb_userdata
SSL_CTX_set_default_passwd_cb
SSL_CTX_use_certificate
SSL_CTX_use_PrivateKey
SSL_CTX_set_verify
SSL_get_peer_cert_chain
SSL_get_peer_certificate
SSL_set_session
SSL_SESSION_free
SSL_CTX_use_certificate_chain_file
SSL_CTX_use_certificate_file
SSL_CTX_use_PrivateKey_file
SSL_CTX_set_ciphersuites
SSL_set_bio
SSL_set_fd
SSL_pending
SSL_CIPHER_get_name
SSL_get_current_cipher
SSL_CTX_get_cert_store
SSL_CTX_free
SSL_CTX_new
SSL_CTX_set_cipher_list
BIO_f_ssl
SSL_CTX_set_keylog_callback
SSL_get0_alpn_selected
SSL_CTX_set_alpn_protos
SSL_CTX_set_next_proto_select_cb
SSL_CTX_sess_set_new_cb
SSL_CTX_set_options

libcrypto-1_1-x64

ENGINE_init
ENGINE_finish
ENGINE_load_private_key
ENGINE_set_default
ENGINE_get_next
ENGINE_get_first
UI_set_result
UI_get_input_flags
UI_get_string_type
UI_method_get_closer
UI_method_get_reader
UI_method_get_writer
UI_method_get_opener
UI_method_set_closer
UI_method_set_reader
UI_method_set_writer
UI_method_set_opener
UI_destroy_method
UI_create_method
UI_OpenSSL
UI_get0_user_data
OCSP_basic_verify
OCSP_cert_status_str
OCSP_response_status_str
d2i_OCSP_RESPONSE
OCSP_RESPONSE_free
OCSP_BASICRESP_free
OCSP_check_validity
OCSP_single_get0_status
OCSP_resp_get0
OCSP_resp_count
OCSP_response_get1_basic
OCSP_response_status
d2i_PKCS12_bio
PKCS12_parse
PKCS12_PBE_add
PKCS12_free
ERR_error_string_n
ERR_clear_error
ERR_peek_last_error
ERR_peek_error
ERR_get_error
X509_check_issued
X509V3_EXT_print
GENERAL_NAMES_free
OPENSSL_load_builtin_modules
CONF_modules_load_file
RAND_status
RAND_file_name
RAND_load_file
RAND_add
RAND_bytes
PEM_read_bio_PrivateKey
PEM_read_bio_X509_AUX
PEM_write_bio_X509
PEM_read_bio_X509
X509_PUBKEY_get0_param
X509_EXTENSION_get_data
X509_EXTENSION_get_object
X509_get_ext_d2i
X509_NAME_ENTRY_get_data
X509_NAME_get_entry
X509_NAME_get_index_by_NID
X509_NAME_print_ex
X509_get_pubkey
X509_get0_extensions
X509_get_X509_PUBKEY
X509_get0_notAfter
X509_get0_notBefore
X509_get_subject_name
X509_get_issuer_name
ENGINE_get_id
X509_get_version
X509_get0_signature
d2i_X509
X509_free
i2d_X509_PUBKEY
d2i_PrivateKey_bio
d2i_X509_bio
X509_verify_cert_error_string
X509_load_crl_file
X509_STORE_add_cert
X509_LOOKUP_file
X509_STORE_add_lookup
X509_STORE_set_flags
DSA_get0_key
DSA_get0_pqg
DH_get0_key
DH_get0_pqg
RSA_flags
RSA_free
RSA_get0_key
EVP_PKEY_copy_parameters
EVP_PKEY_free
EVP_PKEY_get0_DH
EVP_PKEY_get0_DSA
EVP_PKEY_get1_RSA
EVP_PKEY_get0_RSA
EVP_PKEY_id
EVP_sha256
EVP_md5
EVP_DigestFinal_ex
EVP_DigestUpdate
EVP_DigestInit_ex
EVP_MD_CTX_free
EVP_MD_CTX_new
ASN1_STRING_print
ASN1_TIME_print
ASN1_STRING_to_UTF8
i2t_ASN1_OBJECT
i2a_ASN1_OBJECT
ASN1_STRING_get0_data
ASN1_STRING_type
ASN1_STRING_length
BN_print
BN_num_bits
BIO_printf
BIO_new_mem_buf
BIO_s_mem
BIO_ctrl
BIO_puts
BIO_free
BIO_new
BIO_s_file
CRYPTO_free
CRYPTO_malloc
CRYPTO_get_ex_new_index
OpenSSL_version_num
OPENSSL_sk_pop
OPENSSL_sk_pop_free
OPENSSL_sk_value
OPENSSL_sk_num
MD5_Final
MD5_Update
MD5_Init
MD4_Final
ENGINE_free
ENGINE_ctrl_cmd
MD4_Update
MD4_Init
DES_set_key
DES_set_odd_parity
DES_ecb_encrypt
ENGINE_ctrl
ENGINE_load_builtin_engines
X509_get_serialNumber
ENGINE_by_id
OCSP_crl_reason_str

ws2_32

WSAIoctl
ntohl
closesocket
sendto
recvfrom
WSACleanup
WSAStartup
send
htonl
select
WSAGetLastError
__WSAFDIsSet
ioctlsocket
WSAWaitForMultipleEvents
WSASetEvent
bind
WSAResetEvent
connect
WSAEnumNetworkEvents
WSACreateEvent
WSACloseEvent
listen
accept
gethostname
freeaddrinfo
getaddrinfo
WSAEventSelect
WSASetLastError
socket
setsockopt
recv
ntohs
htons
getsockopt
getpeername
getsockname

wldap32

ord127
ord27
ord142
ord26
ord117
ord41
ord208
ord73
ord216
ord14
ord79
ord133
ord147
ord46
ord301
ord167
ord145
ord219

crypt32

CertCloseStore
CertEnumCertificatesInStore
CertFreeCertificateContext
CertGetEnhancedKeyUsage
CertGetIntendedKeyUsage
CertOpenSystemStoreA

normaliz

IdnToAscii

kernel32

GetTickCount
IsDebuggerPresent
InitializeSListHead
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
DeleteCriticalSection
SleepEx
MultiByteToWideChar
WideCharToMultiByte
FreeLibrary
GetProcAddress
CloseHandle
WaitForSingleObjectEx
GetLastError
GetEnvironmentVariableA
Sleep
MoveFileExA
SetLastError
FormatMessageA
VerSetConditionMask
QueryPerformanceFrequency
GetSystemDirectoryW
GetModuleHandleW
LoadLibraryW
VerifyVersionInfoW
GetStdHandle
GetFileType
ReadFile
PeekNamedPipe
WaitForMultipleObjects
QueryPerformanceCounter
CompareFileTime
GetSystemTimeAsFileTime
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
GetCurrentProcessId
GetCurrentThreadId
DisableThreadLibraryCalls

vcruntime140

strchr
memcpy
memset
strrchr
memmove
memcmp
wcschr
strstr
memchr
__C_specific_handler
__std_type_info_destroy_list

api-ms-win-crt-runtime-l1-1-0

_errno
_cexit
_execute_onexit_table
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initterm
_beginthreadex
__sys_nerr
strerror
_getpid

api-ms-win-crt-string-l1-1-0

wcsncpy
strcmp
strncmp
_strdup
strspn
strncpy
wcspbrk
tolower
strpbrk
_wcsdup
strcspn

api-ms-win-crt-convert-l1-1-0

strtoll
strtol
atoi
strtoul

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf
fflush
fwrite
fputc
feof
_write
_read
_open
_close
setvbuf
__acrt_iob_func
ftell
fseek
fread
fclose
_lseeki64
fputs
fopen
_wfopen
fgets
__stdio_common_vsscanf

api-ms-win-crt-time-l1-1-0

_gmtime64
_time64

api-ms-win-crt-utility-l1-1-0

qsort

api-ms-win-crt-filesystem-l1-1-0

_wstat64
_waccess
_fstat64
_stat64
_unlink
_access

api-ms-win-crt-heap-l1-1-0

realloc
free
malloc
calloc

Exports

Exports

curl_easy_cleanup
curl_easy_duphandle
curl_easy_escape
curl_easy_getinfo
curl_easy_init
curl_easy_pause
curl_easy_perform
curl_easy_recv
curl_easy_reset
curl_easy_send
curl_easy_setopt
curl_easy_strerror
curl_easy_unescape
curl_easy_upkeep
curl_escape
curl_formadd
curl_formfree
curl_formget
curl_free
curl_getdate
curl_getenv
curl_global_cleanup
curl_global_init
curl_global_init_mem
curl_global_sslset
curl_maprintf
curl_mfprintf
curl_mime_addpart
curl_mime_data
curl_mime_data_cb
curl_mime_encoder
curl_mime_filedata
curl_mime_filename
curl_mime_free
curl_mime_headers
curl_mime_init
curl_mime_name
curl_mime_subparts
curl_mime_type
curl_mprintf
curl_msnprintf
curl_msprintf
curl_multi_add_handle
curl_multi_assign
curl_multi_cleanup
curl_multi_fdset
curl_multi_info_read
curl_multi_init
curl_multi_perform
curl_multi_poll
curl_multi_remove_handle
curl_multi_setopt
curl_multi_socket
curl_multi_socket_action
curl_multi_socket_all
curl_multi_strerror
curl_multi_timeout
curl_multi_wait
curl_multi_wakeup
curl_mvaprintf
curl_mvfprintf
curl_mvprintf
curl_mvsnprintf
curl_mvsprintf
curl_pushheader_byname
curl_pushheader_bynum
curl_share_cleanup
curl_share_init
curl_share_setopt
curl_share_strerror
curl_slist_append
curl_slist_free_all
curl_strequal
curl_strnequal
curl_unescape
curl_url
curl_url_cleanup
curl_url_dup
curl_url_get
curl_url_set
curl_version
curl_version_info

Sections

.text
Size: 335KB - Virtual size: 334KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 95KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
libssl-1_1-x64.dll
.dll windows:6 windows x64 arch:x64

cd38257393085dee6c5bd00d5aef94a4

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

dc:39:2e:be:77:1b:84:15:a0:e2:c3:0b:c3:46:8d:0b
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

21/09/2020, 00:00

Not After

21/09/2023, 23:59

Subject

CN=Sober Lemur S.a.s. di Vacondio Andrea,O=Sober Lemur S.a.s. di Vacondio Andrea,POSTALCODE=42021,STREET=Via Enrico Fermi 28,L=Bibbiano,ST=Reggio Emilia,C=IT

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

39:72:44:3a:f9:22:b7:51:d7:d3:6c:10:dd:31:35:95
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

12/03/2019, 00:00

Not After

31/12/2028, 23:59

Subject

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/11/2018, 00:00

Not After

31/12/2030, 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

dc:39:2e:be:77:1b:84:15:a0:e2:c3:0b:c3:46:8d:0b
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

21/09/2020, 00:00

Not After

21/09/2023, 23:59

Subject

CN=Sober Lemur S.a.s. di Vacondio Andrea,O=Sober Lemur S.a.s. di Vacondio Andrea,POSTALCODE=42021,STREET=Via Enrico Fermi 28,L=Bibbiano,ST=Reggio Emilia,C=IT

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

39:72:44:3a:f9:22:b7:51:d7:d3:6c:10:dd:31:35:95
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

12/03/2019, 00:00

Not After

31/12/2028, 23:59

Subject

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/11/2018, 00:00

Not After

31/12/2030, 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

16:71:df:f9:31:07:63:a9:c2:31:80:61:8d:ea:f6:57:82:61:aa:e0:3c:59:cb:ce:65:9b:b1:86:bb:8e:a7:c3
Signer

Actual PE Digest

16:71:df:f9:31:07:63:a9:c2:31:80:61:8d:ea:f6:57:82:61:aa:e0:3c:59:cb:ce:65:9b:b1:86:bb:8e:a7:c3

Digest Algorithm

sha256

PE Digest Matches

true

81:3f:5f:0f:ee:70:c4:29:86:14:12:26:d7:1d:db:e0:f2:02:67:8d
Signer

Actual PE Digest

81:3f:5f:0f:ee:70:c4:29:86:14:12:26:d7:1d:db:e0:f2:02:67:8d

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\TemporaryBuilds\installer_builder_1\1\s\repositories\openssl\libssl-1_1-x64.pdb

Imports

libcrypto-1_1-x64

EVP_MD_CTX_copy
EVP_DigestSignFinal
RAND_bytes
EVP_CipherInit_ex
EVP_CipherUpdate
EVP_CipherFinal_ex
EVP_MD_type
EVP_DigestInit_ex
EVP_DigestFinal
SHA1_Init
SHA1_Transform
SHA224_Init
SHA256_Init
SHA256_Transform
SHA384_Init
SHA512_Init
SHA512_Transform
MD5_Init
MD5_Transform
CRYPTO_clear_free
OPENSSL_cleanse
COMP_CTX_new
COMP_CTX_free
BIO_s_mem
EVP_CIPHER_key_length
EVP_MD_CTX_ctrl
EVP_MD_CTX_set_flags
EVP_CIPHER_CTX_new
EVP_CIPHER_CTX_reset
EVP_md5
EVP_sha1
OPENSSL_sk_num
OPENSSL_sk_value
OPENSSL_sk_new_reserve
OPENSSL_sk_pop_free
CRYPTO_memdup
CRYPTO_strdup
EVP_sha256
EVP_PKEY_security_bits
EVP_PKEY_set_type
EVP_PKEY_set1_DH
EVP_PKEY_new
EVP_PKEY_up_ref
EVP_PKEY_free
EVP_PKEY_CTX_new
EVP_PKEY_CTX_new_id
EVP_PKEY_CTX_free
EVP_PKEY_CTX_ctrl
EVP_PKEY_derive_init
EVP_PKEY_derive_set_peer
EVP_PKEY_derive
EVP_PKEY_paramgen_init
EVP_PKEY_paramgen
EVP_PKEY_keygen_init
EVP_PKEY_keygen
EC_GROUP_get_curve_name
EC_KEY_get0_group
X509_NAME_free
X509_free
X509_it
ASN1_OCTET_STRING_it
INT32_it
ZINT32_it
UINT32_it
ZUINT32_it
ZINT64_it
ZUINT64_it
CRYPTO_strndup
ASN1_item_free
ASN1_item_d2i
ASN1_item_i2d
OPENSSL_DIR_read
OPENSSL_DIR_end
OPENSSL_sk_shift
OPENSSL_sk_pop
OPENSSL_sk_set_cmp_func
CRYPTO_THREAD_lock_new
CRYPTO_THREAD_lock_free
CRYPTO_get_ex_new_index
CRYPTO_THREAD_run_once
BIO_s_file
EVP_PKEY_id
OPENSSL_LH_new
OPENSSL_LH_free
OPENSSL_LH_insert
OPENSSL_LH_retrieve
X509_STORE_new
X509_STORE_free
X509_STORE_up_ref
X509_STORE_CTX_new
X509_STORE_CTX_free
X509_STORE_CTX_init
X509_STORE_CTX_set_verify_cb
X509_STORE_add_cert
X509_STORE_CTX_set_ex_data
X509_STORE_CTX_get_error
X509_STORE_CTX_get0_chain
X509_STORE_CTX_get1_chain
X509_STORE_CTX_set_flags
X509_STORE_CTX_get0_param
X509_STORE_CTX_set_default
X509_STORE_CTX_set0_dane
X509_VERIFY_PARAM_set1
X509_VERIFY_PARAM_set_auth_level
X509_VERIFY_PARAM_move_peername
X509_verify_cert_error_string
X509_NAME_dup
i2d_X509_NAME
X509_get_subject_name
X509_up_ref
X509_chain_up_ref
X509_cmp
X509_NAME_hash
X509_verify_cert
PEM_read_bio_X509
X509_get_extension_flags
OPENSSL_sk_new
OPENSSL_sk_insert
OPENSSL_sk_delete
OPENSSL_sk_dup
OPENSSL_sk_sort
CRYPTO_mem_ctrl
OBJ_nid2sn
COMP_get_type
COMP_get_name
COMP_zlib
EVP_enc_null
EVP_get_cipherbyname
EVP_get_digestbyname
EVP_PKEY_asn1_find_str
EVP_PKEY_asn1_get0_info
ENGINE_finish
CONF_parse_list
DH_free
OBJ_sn2nid
EC_curve_nist2nid
EC_KEY_new_by_curve_name
EC_KEY_free
X509_STORE_load_locations
PEM_read_bio_DHparams
ERR_func_error_string
ERR_load_strings_const
OPENSSL_init_crypto
OPENSSL_atexit
err_free_strings_int
OBJ_NAME_add
EVP_md5_sha1
EVP_sha224
EVP_sha384
EVP_sha512
EVP_des_cbc
EVP_des_ede3_cbc
EVP_rc4
EVP_rc4_hmac_md5
EVP_idea_cbc
EVP_rc2_cbc
EVP_rc2_40_cbc
EVP_aes_128_cbc
EVP_aes_128_ccm
EVP_aes_128_gcm
EVP_aes_192_cbc
EVP_aes_256_cbc
EVP_aes_256_ccm
EVP_aes_256_gcm
EVP_aes_128_cbc_hmac_sha1
EVP_aes_256_cbc_hmac_sha1
EVP_aes_128_cbc_hmac_sha256
EVP_aes_256_cbc_hmac_sha256
EVP_aria_128_gcm
EVP_aria_256_gcm
EVP_camellia_128_cbc
EVP_camellia_256_cbc
EVP_chacha20_poly1305
EVP_seed_cbc
EVP_add_cipher
EVP_add_digest
CRYPTO_THREAD_read_lock
CRYPTO_THREAD_write_lock
CRYPTO_THREAD_unlock
CRYPTO_new_ex_data
CRYPTO_dup_ex_data
CRYPTO_free_ex_data
CRYPTO_set_ex_data
CRYPTO_get_ex_data
CRYPTO_realloc
CRYPTO_secure_zalloc
CRYPTO_secure_free
BUF_MEM_free
EVP_CIPHER_block_size
BIO_int_ctrl
BIO_pop
BIO_free_all
BIO_s_socket
OPENSSL_LH_num_items
ERR_peek_error
OBJ_bsearch_
EVP_CIPHER_CTX_free
X509_STORE_add_lookup
X509_LOOKUP_hash_dir
X509_LOOKUP_file
X509_LOOKUP_ctrl
X509_STORE_set_default_paths
X509_VERIFY_PARAM_new
X509_VERIFY_PARAM_free
X509_VERIFY_PARAM_inherit
X509_VERIFY_PARAM_set_purpose
X509_VERIFY_PARAM_set_trust
X509_VERIFY_PARAM_set_depth
X509_VERIFY_PARAM_set1_host
X509_VERIFY_PARAM_add1_host
X509_VERIFY_PARAM_set_hostflags
X509_VERIFY_PARAM_get0_peername
X509_VERIFY_PARAM_get_depth
EVP_DigestFinal_ex
X509_EXTENSION_free
d2i_X509
X509_get0_pubkey
X509_check_private_key
X509_get_ext_d2i
ASYNC_WAIT_CTX_new
ASYNC_WAIT_CTX_free
ASYNC_WAIT_CTX_get_all_fds
ASYNC_WAIT_CTX_get_changed_fds
ASYNC_start_job
ASYNC_get_current_job
CT_POLICY_EVAL_CTX_new
CT_POLICY_EVAL_CTX_free
CT_POLICY_EVAL_CTX_set1_cert
CT_POLICY_EVAL_CTX_set1_issuer
CT_POLICY_EVAL_CTX_set_shared_CTLOG_STORE
CT_POLICY_EVAL_CTX_set_time
SCT_LIST_free
SCT_set_source
SCT_get_validation_status
SCT_LIST_validate
o2i_SCT_LIST
CTLOG_STORE_new
CTLOG_STORE_free
CTLOG_STORE_load_file
CTLOG_STORE_load_default_file
X509_get_key_usage
RAND_priv_bytes
OCSP_response_get1_basic
OCSP_resp_count
OCSP_resp_get0
OCSP_SINGLERESP_get1_ext_d2i
OCSP_BASICRESP_free
OCSP_RESPID_free
OCSP_RESPONSE_free
d2i_OCSP_RESPONSE
conf_ssl_get
conf_ssl_name_find
conf_ssl_get_cmd
RSA_free
RSA_up_ref
RSA_flags
d2i_RSAPrivateKey
ERR_peek_last_error
EVP_PKEY_assign
EVP_PKEY_get0_RSA
EVP_PKEY_get0_EC_KEY
d2i_PrivateKey
EVP_PKEY_copy_parameters
EVP_PKEY_missing_parameters
EVP_PKEY_cmp
EC_KEY_can_sign
d2i_X509_bio
d2i_RSAPrivateKey_bio
d2i_PrivateKey_bio
X509_get_pubkey
PEM_read_bio
PEM_read_bio_X509_AUX
PEM_read_bio_RSAPrivateKey
PEM_read_bio_PrivateKey
OPENSSL_LH_delete
OPENSSL_LH_doall_arg
OPENSSL_LH_get_down_load
OPENSSL_LH_set_down_load
PEM_ASN1_read_bio
PEM_ASN1_write_bio
PEM_ASN1_read
PEM_ASN1_write
ENGINE_get_ssl_client_cert_function
ENGINE_init
BIO_puts
BIO_dump_indent
BIO_printf
EVP_DigestSignInit
EVP_PKEY_new_raw_private_key
EVP_PKEY_set1_tls_encodedpoint
EVP_PKEY_get1_tls_encodedpoint
i2d_X509_EXTENSIONS
i2d_OCSP_RESPID
EVP_DigestSign
d2i_X509_EXTENSIONS
d2i_OCSP_RESPID
BUF_MEM_new
BUF_MEM_grow_clean
BN_is_zero
BN_num_bits
BN_bin2bn
BN_bn2bin
BN_free
RSA_pkey_ctx_ctrl
DH_new
DH_security_bits
DH_check_params
DH_set0_pqg
DH_get0_key
DH_set0_key
EVP_Digest
EVP_DigestInit
EVP_DigestVerify
EVP_DigestVerifyInit
EVP_PKEY_size
EVP_PKEY_get0_DH
EVP_PKEY_encrypt_init
EVP_PKEY_encrypt
ENGINE_load_ssl_client_cert
BUF_reverse
EVP_DigestVerifyFinal
d2i_X509_NAME
i2d_X509
X509_NAME_cmp
ASN1_ANY_it
BN_ucmp
ASN1_TYPE_get
ASN1_item_new
RSA_size
RSA_private_decrypt
DH_get0_pqg
EVP_EncryptInit_ex
EVP_EncryptUpdate
EVP_EncryptFinal
EVP_PKEY_decrypt_init
EVP_PKEY_decrypt
HMAC_CTX_new
HMAC_CTX_free
HMAC_Init_ex
HMAC_Update
HMAC_Final
EVP_PKEY_new_mac_key
BN_new
BN_set_word
BN_get_rfc3526_prime_3072
BN_get_rfc3526_prime_8192
OBJ_ln2nid
EVP_DecryptInit_ex
EVP_DecryptUpdate
EVP_DecryptFinal
EVP_PKEY_get0
EVP_PKEY_get_default_digest_nid
HMAC_size
EC_GROUP_method_of
EC_METHOD_get_field_type
EC_KEY_get_conv_form
DH_get_1024_160
DH_get_2048_224
X509_get_signature_info
X509_get_signature_nid
X509_get_issuer_name
X509_chain_check_suiteb
ERR_set_mark
ERR_pop_to_mark
BN_clear_free
BN_copy
BN_dup
SRP_create_verifier_BN
SRP_check_known_gN_param
SRP_get_default_gN
SRP_Calc_server_key
SRP_Calc_B
SRP_Verify_A_mod_N
SRP_Calc_u
SRP_Calc_x
SRP_Calc_A
SRP_Calc_client_key
SRP_Verify_B_mod_N
COMP_expand_block
COMP_compress_block
CRYPTO_memcmp
EVP_CIPHER_CTX_ctrl
EVP_CIPHER_CTX_iv_length
EVP_CIPHER_CTX_cipher
EVP_CIPHER_flags
EVP_MD_CTX_md
EVP_MD_size
ERR_add_error_data
BIO_snprintf
CRYPTO_malloc
BUF_MEM_grow
OPENSSL_sk_push
OPENSSL_sk_find
OPENSSL_sk_free
OPENSSL_sk_new_null
ERR_clear_error
BIO_ADDR_clear
BIO_ADDR_free
BIO_ADDR_new
BIO_read
BIO_test_flags
ERR_put_error
BIO_copy_next_retry
BIO_f_buffer
BIO_s_connect
BIO_set_retry_reason
BIO_get_retry_reason
BIO_set_next
BIO_next
BIO_find_type
BIO_push
BIO_callback_ctrl
EVP_DigestUpdate
EVP_MD_CTX_copy_ex
EVP_MD_CTX_free
BIO_ctrl
BIO_write
EVP_MD_CTX_new
EVP_Cipher
BIO_up_ref
BIO_get_shutdown
BIO_set_shutdown
BIO_get_init
BIO_set_init
BIO_get_data
BIO_set_data
BIO_free
BIO_new
BIO_method_type
BIO_clear_flags
BIO_set_flags
CRYPTO_free
EVP_CIPHER_CTX_block_size
d2i_PUBKEY
EVP_CIPHER_iv_length
COMP_CTX_get_method
CRYPTO_zalloc

kernel32

GetCurrentThreadId
SetLastError
GetSystemTime
SystemTimeToFileTime
GetLastError
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetCurrentProcessId
DisableThreadLibraryCalls
GetStartupInfoW
GetModuleHandleW
InitializeSListHead
IsDebuggerPresent

vcruntime140

memcmp
strchr
__std_type_info_destroy_list
memcpy
memmove
memchr
__current_exception
__current_exception_context
__C_specific_handler
memset

api-ms-win-crt-time-l1-1-0

_time64

api-ms-win-crt-string-l1-1-0

strncmp
_strnicmp
_stricmp

api-ms-win-crt-utility-l1-1-0

qsort

api-ms-win-crt-runtime-l1-1-0

_errno
terminate
_initterm
_initterm_e
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_atexit
_crt_at_quick_exit
_cexit

api-ms-win-crt-convert-l1-1-0

atoi

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf

Exports

Exports

BIO_f_ssl
BIO_new_buffer_ssl_connect
BIO_new_ssl
BIO_new_ssl_connect
BIO_ssl_copy_session_id
BIO_ssl_shutdown
DTLS_client_method
DTLS_get_data_mtu
DTLS_method
DTLS_server_method
DTLS_set_timer_cb
DTLSv1_2_client_method
DTLSv1_2_method
DTLSv1_2_server_method
DTLSv1_client_method
DTLSv1_listen
DTLSv1_method
DTLSv1_server_method
ERR_load_SSL_strings
OPENSSL_cipher_name
OPENSSL_init_ssl
PEM_read_SSL_SESSION
PEM_read_bio_SSL_SESSION
PEM_write_SSL_SESSION
PEM_write_bio_SSL_SESSION
SRP_Calc_A_param
SSL_CIPHER_description
SSL_CIPHER_find
SSL_CIPHER_get_auth_nid
SSL_CIPHER_get_bits
SSL_CIPHER_get_cipher_nid
SSL_CIPHER_get_digest_nid
SSL_CIPHER_get_handshake_digest
SSL_CIPHER_get_id
SSL_CIPHER_get_kx_nid
SSL_CIPHER_get_name
SSL_CIPHER_get_protocol_id
SSL_CIPHER_get_version
SSL_CIPHER_is_aead
SSL_CIPHER_standard_name
SSL_COMP_add_compression_method
SSL_COMP_get0_name
SSL_COMP_get_compression_methods
SSL_COMP_get_id
SSL_COMP_get_name
SSL_COMP_set0_compression_methods
SSL_CONF_CTX_clear_flags
SSL_CONF_CTX_finish
SSL_CONF_CTX_free
SSL_CONF_CTX_new
SSL_CONF_CTX_set1_prefix
SSL_CONF_CTX_set_flags
SSL_CONF_CTX_set_ssl
SSL_CONF_CTX_set_ssl_ctx
SSL_CONF_cmd
SSL_CONF_cmd_argv
SSL_CONF_cmd_value_type
SSL_CTX_SRP_CTX_free
SSL_CTX_SRP_CTX_init
SSL_CTX_add1_to_CA_list
SSL_CTX_add_client_CA
SSL_CTX_add_client_custom_ext
SSL_CTX_add_custom_ext
SSL_CTX_add_server_custom_ext
SSL_CTX_add_session
SSL_CTX_callback_ctrl
SSL_CTX_check_private_key
SSL_CTX_clear_options
SSL_CTX_config
SSL_CTX_ct_is_enabled
SSL_CTX_ctrl
SSL_CTX_dane_clear_flags
SSL_CTX_dane_enable
SSL_CTX_dane_mtype_set
SSL_CTX_dane_set_flags
SSL_CTX_enable_ct
SSL_CTX_flush_sessions
SSL_CTX_free
SSL_CTX_get0_CA_list
SSL_CTX_get0_certificate
SSL_CTX_get0_ctlog_store
SSL_CTX_get0_param
SSL_CTX_get0_privatekey
SSL_CTX_get0_security_ex_data
SSL_CTX_get_cert_store
SSL_CTX_get_ciphers
SSL_CTX_get_client_CA_list
SSL_CTX_get_client_cert_cb
SSL_CTX_get_default_passwd_cb
SSL_CTX_get_default_passwd_cb_userdata
SSL_CTX_get_ex_data
SSL_CTX_get_info_callback
SSL_CTX_get_keylog_callback
SSL_CTX_get_max_early_data
SSL_CTX_get_num_tickets
SSL_CTX_get_options
SSL_CTX_get_quiet_shutdown
SSL_CTX_get_record_padding_callback_arg
SSL_CTX_get_recv_max_early_data
SSL_CTX_get_security_callback
SSL_CTX_get_security_level
SSL_CTX_get_ssl_method
SSL_CTX_get_timeout
SSL_CTX_get_verify_callback
SSL_CTX_get_verify_depth
SSL_CTX_get_verify_mode
SSL_CTX_has_client_custom_ext
SSL_CTX_load_verify_locations
SSL_CTX_new
SSL_CTX_remove_session
SSL_CTX_sess_get_get_cb
SSL_CTX_sess_get_new_cb
SSL_CTX_sess_get_remove_cb
SSL_CTX_sess_set_get_cb
SSL_CTX_sess_set_new_cb
SSL_CTX_sess_set_remove_cb
SSL_CTX_sessions
SSL_CTX_set0_CA_list
SSL_CTX_set0_ctlog_store
SSL_CTX_set0_security_ex_data
SSL_CTX_set1_cert_store
SSL_CTX_set1_param
SSL_CTX_set_allow_early_data_cb
SSL_CTX_set_alpn_protos
SSL_CTX_set_alpn_select_cb
SSL_CTX_set_block_padding
SSL_CTX_set_cert_cb
SSL_CTX_set_cert_store
SSL_CTX_set_cert_verify_callback
SSL_CTX_set_cipher_list
SSL_CTX_set_ciphersuites
SSL_CTX_set_client_CA_list
SSL_CTX_set_client_cert_cb
SSL_CTX_set_client_cert_engine
SSL_CTX_set_client_hello_cb
SSL_CTX_set_cookie_generate_cb
SSL_CTX_set_cookie_verify_cb
SSL_CTX_set_ct_validation_callback
SSL_CTX_set_ctlog_list_file
SSL_CTX_set_default_ctlog_list_file
SSL_CTX_set_default_passwd_cb
SSL_CTX_set_default_passwd_cb_userdata
SSL_CTX_set_default_read_buffer_len
SSL_CTX_set_default_verify_dir
SSL_CTX_set_default_verify_file
SSL_CTX_set_default_verify_paths
SSL_CTX_set_ex_data
SSL_CTX_set_generate_session_id
SSL_CTX_set_info_callback
SSL_CTX_set_keylog_callback
SSL_CTX_set_max_early_data
SSL_CTX_set_msg_callback
SSL_CTX_set_next_proto_select_cb
SSL_CTX_set_next_protos_advertised_cb
SSL_CTX_set_not_resumable_session_callback
SSL_CTX_set_num_tickets
SSL_CTX_set_options
SSL_CTX_set_post_handshake_auth
SSL_CTX_set_psk_client_callback
SSL_CTX_set_psk_find_session_callback
SSL_CTX_set_psk_server_callback
SSL_CTX_set_psk_use_session_callback
SSL_CTX_set_purpose
SSL_CTX_set_quiet_shutdown
SSL_CTX_set_record_padding_callback
SSL_CTX_set_record_padding_callback_arg
SSL_CTX_set_recv_max_early_data
SSL_CTX_set_security_callback
SSL_CTX_set_security_level
SSL_CTX_set_session_id_context
SSL_CTX_set_session_ticket_cb
SSL_CTX_set_srp_cb_arg
SSL_CTX_set_srp_client_pwd_callback
SSL_CTX_set_srp_password
SSL_CTX_set_srp_strength
SSL_CTX_set_srp_username
SSL_CTX_set_srp_username_callback
SSL_CTX_set_srp_verify_param_callback
SSL_CTX_set_ssl_version
SSL_CTX_set_stateless_cookie_generate_cb
SSL_CTX_set_stateless_cookie_verify_cb
SSL_CTX_set_timeout
SSL_CTX_set_tlsext_max_fragment_length
SSL_CTX_set_tlsext_use_srtp
SSL_CTX_set_tmp_dh_callback
SSL_CTX_set_trust
SSL_CTX_set_verify
SSL_CTX_set_verify_depth
SSL_CTX_up_ref
SSL_CTX_use_PrivateKey
SSL_CTX_use_PrivateKey_ASN1
SSL_CTX_use_PrivateKey_file
SSL_CTX_use_RSAPrivateKey
SSL_CTX_use_RSAPrivateKey_ASN1
SSL_CTX_use_RSAPrivateKey_file
SSL_CTX_use_cert_and_key
SSL_CTX_use_certificate
SSL_CTX_use_certificate_ASN1
SSL_CTX_use_certificate_chain_file
SSL_CTX_use_certificate_file
SSL_CTX_use_psk_identity_hint
SSL_CTX_use_serverinfo
SSL_CTX_use_serverinfo_ex
SSL_CTX_use_serverinfo_file
SSL_SESSION_dup
SSL_SESSION_free
SSL_SESSION_get0_alpn_selected
SSL_SESSION_get0_cipher
SSL_SESSION_get0_hostname
SSL_SESSION_get0_id_context
SSL_SESSION_get0_peer
SSL_SESSION_get0_ticket
SSL_SESSION_get0_ticket_appdata
SSL_SESSION_get_compress_id
SSL_SESSION_get_ex_data
SSL_SESSION_get_id
SSL_SESSION_get_master_key
SSL_SESSION_get_max_early_data
SSL_SESSION_get_max_fragment_length
SSL_SESSION_get_protocol_version
SSL_SESSION_get_ticket_lifetime_hint
SSL_SESSION_get_time
SSL_SESSION_get_timeout
SSL_SESSION_has_ticket
SSL_SESSION_is_resumable
SSL_SESSION_new
SSL_SESSION_print
SSL_SESSION_print_fp
SSL_SESSION_print_keylog
SSL_SESSION_set1_alpn_selected
SSL_SESSION_set1_hostname
SSL_SESSION_set1_id
SSL_SESSION_set1_id_context
SSL_SESSION_set1_master_key
SSL_SESSION_set1_ticket_appdata
SSL_SESSION_set_cipher
SSL_SESSION_set_ex_data
SSL_SESSION_set_max_early_data
SSL_SESSION_set_protocol_version
SSL_SESSION_set_time
SSL_SESSION_set_timeout
SSL_SESSION_up_ref
SSL_SRP_CTX_free
SSL_SRP_CTX_init
SSL_accept
SSL_add1_host
SSL_add1_to_CA_list
SSL_add_client_CA
SSL_add_dir_cert_subjects_to_stack
SSL_add_file_cert_subjects_to_stack
SSL_add_ssl_module
SSL_alert_desc_string
SSL_alert_desc_string_long
SSL_alert_type_string
SSL_alert_type_string_long
SSL_alloc_buffers
SSL_bytes_to_cipher_list
SSL_callback_ctrl
SSL_certs_clear
SSL_check_chain
SSL_check_private_key
SSL_clear
SSL_clear_options
SSL_client_hello_get0_ciphers
SSL_client_hello_get0_compression_methods
SSL_client_hello_get0_ext
SSL_client_hello_get0_legacy_version
SSL_client_hello_get0_random
SSL_client_hello_get0_session_id
SSL_client_hello_get1_extensions_present
SSL_client_hello_isv2
SSL_client_version
SSL_config
SSL_connect
SSL_copy_session_id
SSL_ct_is_enabled
SSL_ctrl
SSL_dane_clear_flags
SSL_dane_enable
SSL_dane_set_flags
SSL_dane_tlsa_add
SSL_do_handshake
SSL_dup
SSL_dup_CA_list
SSL_enable_ct
SSL_export_keying_material
SSL_export_keying_material_early
SSL_extension_supported
SSL_free
SSL_free_buffers
SSL_get0_CA_list
SSL_get0_alpn_selected
SSL_get0_dane
SSL_get0_dane_authority
SSL_get0_dane_tlsa
SSL_get0_next_proto_negotiated
SSL_get0_param
SSL_get0_peer_CA_list
SSL_get0_peer_scts
SSL_get0_peername
SSL_get0_security_ex_data
SSL_get0_verified_chain
SSL_get1_session
SSL_get1_supported_ciphers
SSL_get_SSL_CTX
SSL_get_all_async_fds
SSL_get_certificate
SSL_get_changed_async_fds
SSL_get_cipher_list
SSL_get_ciphers
SSL_get_client_CA_list
SSL_get_client_ciphers
SSL_get_client_random
SSL_get_current_cipher
SSL_get_current_compression
SSL_get_current_expansion
SSL_get_default_passwd_cb
SSL_get_default_passwd_cb_userdata
SSL_get_default_timeout
SSL_get_early_data_status
SSL_get_error
SSL_get_ex_data
SSL_get_ex_data_X509_STORE_CTX_idx
SSL_get_fd
SSL_get_finished
SSL_get_info_callback
SSL_get_key_update_type
SSL_get_max_early_data
SSL_get_num_tickets
SSL_get_options
SSL_get_peer_cert_chain
SSL_get_peer_certificate
SSL_get_peer_finished
SSL_get_peer_signature_type_nid
SSL_get_pending_cipher
SSL_get_privatekey
SSL_get_psk_identity
SSL_get_psk_identity_hint
SSL_get_quiet_shutdown
SSL_get_rbio
SSL_get_read_ahead
SSL_get_record_padding_callback_arg
SSL_get_recv_max_early_data
SSL_get_rfd
SSL_get_security_callback
SSL_get_security_level
SSL_get_selected_srtp_profile
SSL_get_server_random
SSL_get_servername
SSL_get_servername_type
SSL_get_session
SSL_get_shared_ciphers
SSL_get_shared_sigalgs
SSL_get_shutdown
SSL_get_sigalgs
SSL_get_signature_type_nid
SSL_get_srp_N
SSL_get_srp_g
SSL_get_srp_userinfo
SSL_get_srp_username
SSL_get_srtp_profiles
SSL_get_ssl_method
SSL_get_state
SSL_get_verify_callback
SSL_get_verify_depth
SSL_get_verify_mode
SSL_get_verify_result
SSL_get_version
SSL_get_wbio
SSL_get_wfd
SSL_has_matching_session_id
SSL_has_pending
SSL_in_before
SSL_in_init
SSL_is_dtls
SSL_is_init_finished
SSL_is_server
SSL_key_update
SSL_load_client_CA_file
SSL_new
SSL_peek
SSL_peek_ex
SSL_pending
SSL_read
SSL_read_early_data
SSL_read_ex
SSL_renegotiate
SSL_renegotiate_abbreviated
SSL_renegotiate_pending
SSL_rstate_string
SSL_rstate_string_long
SSL_select_next_proto
SSL_session_reused
SSL_set0_CA_list
SSL_set0_rbio
SSL_set0_security_ex_data
SSL_set0_wbio
SSL_set1_host
SSL_set1_param
SSL_set_SSL_CTX
SSL_set_accept_state
SSL_set_allow_early_data_cb
SSL_set_alpn_protos
SSL_set_bio
SSL_set_block_padding
SSL_set_cert_cb
SSL_set_cipher_list
SSL_set_ciphersuites
SSL_set_client_CA_list
SSL_set_connect_state
SSL_set_ct_validation_callback
SSL_set_debug
SSL_set_default_passwd_cb
SSL_set_default_passwd_cb_userdata
SSL_set_default_read_buffer_len
SSL_set_ex_data
SSL_set_fd
SSL_set_generate_session_id
SSL_set_hostflags
SSL_set_info_callback
SSL_set_max_early_data
SSL_set_msg_callback
SSL_set_not_resumable_session_callback
SSL_set_num_tickets
SSL_set_options
SSL_set_post_handshake_auth
SSL_set_psk_client_callback
SSL_set_psk_find_session_callback
SSL_set_psk_server_callback
SSL_set_psk_use_session_callback
SSL_set_purpose
SSL_set_quiet_shutdown
SSL_set_read_ahead
SSL_set_record_padding_callback
SSL_set_record_padding_callback_arg
SSL_set_recv_max_early_data
SSL_set_rfd
SSL_set_security_callback
SSL_set_security_level
SSL_set_session
SSL_set_session_id_context
SSL_set_session_secret_cb
SSL_set_session_ticket_ext
SSL_set_session_ticket_ext_cb
SSL_set_shutdown
SSL_set_srp_server_param
SSL_set_srp_server_param_pw
SSL_set_ssl_method
SSL_set_tlsext_max_fragment_length
SSL_set_tlsext_use_srtp
SSL_set_tmp_dh_callback
SSL_set_trust
SSL_set_verify
SSL_set_verify_depth
SSL_set_verify_result
SSL_set_wfd
SSL_shutdown
SSL_srp_server_param_with_username
SSL_state_string
SSL_state_string_long
SSL_stateless
SSL_up_ref
SSL_use_PrivateKey
SSL_use_PrivateKey_ASN1
SSL_use_PrivateKey_file
SSL_use_RSAPrivateKey
SSL_use_RSAPrivateKey_ASN1
SSL_use_RSAPrivateKey_file
SSL_use_cert_and_key
SSL_use_certificate
SSL_use_certificate_ASN1
SSL_use_certificate_chain_file
SSL_use_certificate_file
SSL_use_psk_identity_hint
SSL_verify_client_post_handshake
SSL_version
SSL_waiting_for_async
SSL_want
SSL_write
SSL_write_early_data
SSL_write_ex
TLS_client_method
TLS_method
TLS_server_method
TLSv1_1_client_method
TLSv1_1_method
TLSv1_1_server_method
TLSv1_2_client_method
TLSv1_2_method
TLSv1_2_server_method
TLSv1_client_method
TLSv1_method
TLSv1_server_method
d2i_SSL_SESSION
i2d_SSL_SESSION

Sections

.text
Size: 462KB - Virtual size: 462KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 138KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.00cfg
Size: 512B - Virtual size: 283B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
manual/Manual.txt
msvcp140.dll
.dll windows:6 windows x64 arch:x64

c0e775d13a8146396b3de4dc441694a7

Code Sign

33:00:00:01:2d:25:02:fd:7c:86:15:5c:3e:00:00:00:00:01:2d
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/09/2019, 20:40

Not After

04/12/2020, 20:40

Subject

CN=Microsoft Time-Stamp Service,OU=Microsoft Operations Puerto Rico+OU=Thales TSS ESN:98FD-C61E-E641,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:01:51:9e:8d:8f:40:71:a3:0e:41:00:00:00:00:01:51
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

02/05/2019, 21:37

Not After

02/05/2020, 21:37

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:01:51:9e:8d:8f:40:71:a3:0e:41:00:00:00:00:01:51
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

02/05/2019, 21:37

Not After

02/05/2020, 21:37

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

4e:aa:7d:1e:2c:7c:c3:dd:35:90:df:e1:67:90:f9:7e:93:06:bd:b0:be:08:fa:eb:79:83:49:8e:f0:1a:cc:a2
Signer

Actual PE Digest

4e:aa:7d:1e:2c:7c:c3:dd:35:90:df:e1:67:90:f9:7e:93:06:bd:b0:be:08:fa:eb:79:83:49:8e:f0:1a:cc:a2

Digest Algorithm

sha256

PE Digest Matches

true

ba:cd:d1:24:31:b4:4f:e3:d1:d4:ff:d7:48:62:5c:8a:04:95:2e:a8
Signer

Actual PE Digest

ba:cd:d1:24:31:b4:4f:e3:d1:d4:ff:d7:48:62:5c:8a:04:95:2e:a8

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

d:\agent\_work\1\s\\binaries\amd64ret\bin\amd64\\msvcp140.amd64.pdb

Imports

vcruntime140

__C_specific_handler
__current_exception_context
memcmp
__uncaught_exceptions
__uncaught_exception
memchr
memmove
__std_terminate
_purecall
memset
memcpy
__CxxFrameHandler3
_CxxThrowException
__AdjustPointer
__current_exception
__std_exception_destroy
__std_type_info_destroy_list
__std_exception_copy

api-ms-win-crt-heap-l1-1-0

free
_callnewh
realloc
calloc
malloc

api-ms-win-crt-runtime-l1-1-0

_execute_onexit_table
_register_onexit_function
abort
_seh_filter_dll
_initterm_e
_configure_narrow_argv
_initialize_narrow_environment
_endthreadex
_beginthreadex
_set_new_handler
_crt_atexit
_initialize_onexit_table
_initterm
_invalid_parameter_noinfo_noreturn
_errno
terminate
_cexit

api-ms-win-crt-string-l1-1-0

iswspace
iswxdigit
isupper
wcscpy_s
wcsnlen
isspace
iswdigit
isdigit
__strncnt
_wcsdup
strcspn
tolower
islower
isalnum
isxdigit
iswalnum

api-ms-win-crt-locale-l1-1-0

___lc_collate_cp_func
setlocale
___lc_locale_name_func
__pctype_func
___mb_cur_max_func
localeconv
___lc_codepage_func
_lock_locales
_unlock_locales

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf_s
fputs
fgetwc
fseek
_fsopen
_wfsopen
fputwc
ungetwc
fclose
fflush
fgetc
fgetpos
fputc
__acrt_iob_func
fread
_get_stream_buffer_pointers
fsetpos
_fseeki64
fwrite
setvbuf
ungetc

api-ms-win-crt-filesystem-l1-1-0

_wrmdir
_unlock_file
_wrename
_lock_file
_wchdir
_wremove

api-ms-win-crt-time-l1-1-0

_W_Getdays
_Getmonths
_W_Gettnames
_Wcsftime
_Strftime
_W_Getmonths
_Gettnames
_Getdays

api-ms-win-crt-environment-l1-1-0

_wgetcwd

api-ms-win-crt-math-l1-1-0

ldexp
frexp
powf
pow
log
logf

api-ms-win-crt-convert-l1-1-0

strtod
strtof
btowc

api-ms-win-crt-utility-l1-1-0

rand_s

kernel32

IsProcessorFeaturePresent
RaiseException
MultiByteToWideChar
GetCPInfo
WideCharToMultiByte
CompareStringW
LCMapStringW
GetLocaleInfoW
CreateDirectoryW
CreateFileW
FindClose
FindFirstFileExW
FindNextFileW
GetDiskFreeSpaceExW
GetFileAttributesExW
GetFileInformationByHandle
SetEndOfFile
SetFileAttributesW
LoadLibraryExA
FreeLibrary
VirtualQuery
VirtualProtect
GetSystemInfo
InitializeSListHead
GetCurrentProcessId
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetProcAddress
GetModuleHandleW
GetTickCount
GetSystemTimeAsFileTime
CreateEventW
InitializeCriticalSectionAndSpinCount
SetLastError
RtlPcToFileHeader
RtlCaptureStackBackTrace
GetStringTypeW
QueryPerformanceFrequency
QueryPerformanceCounter
GetModuleHandleExW
QueueUserWorkItem
DeleteCriticalSection
TryEnterCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetNativeSystemInfo
GetExitCodeThread
GetCurrentThreadId
SwitchToThread
Sleep
WaitForSingleObjectEx
FormatMessageW
DecodePointer
EncodePointer
CreateHardLinkW
CopyFileW
GetLastError
CloseHandle
AreFileApisANSI
GetTempPathW
SetFileTime
SetFilePointerEx

Exports

Exports

??$_Getvals@_W@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IEAAX_WAEBV_Locinfo@1@@Z
??$_Getvals@_W@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IEAAX_WAEBV_Locinfo@1@@Z
??$_Getvals@_W@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IEAAX_WAEBV_Locinfo@1@@Z
??0?$_Yarn@D@std@@QEAA@AEBV01@@Z
??0?$_Yarn@D@std@@QEAA@PEBD@Z
??0?$_Yarn@D@std@@QEAA@XZ
??0?$_Yarn@G@std@@QEAA@AEBV01@@Z
??0?$_Yarn@G@std@@QEAA@PEBG@Z
??0?$_Yarn@G@std@@QEAA@XZ
??0?$_Yarn@_W@std@@QEAA@AEBV01@@Z
??0?$_Yarn@_W@std@@QEAA@PEB_W@Z
??0?$_Yarn@_W@std@@QEAA@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??0?$basic_ios@GU?$char_traits@G@std@@@std@@IEAA@XZ
??0?$basic_ios@GU?$char_traits@G@std@@@std@@QEAA@PEAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IEAA@XZ
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@IEAA@$$QEAV01@@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??0?$basic_iostream@GU?$char_traits@G@std@@@std@@IEAA@$$QEAV01@@Z
??0?$basic_iostream@GU?$char_traits@G@std@@@std@@QEAA@PEAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@IEAA@$$QEAV01@@Z
??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@IEAA@$$QEAV01@@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N1@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@W4_Uninitialized@1@@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@IEAA@$$QEAV01@@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@QEAA@PEAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N1@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@QEAA@PEAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@QEAA@W4_Uninitialized@1@@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@IEAA@$$QEAV01@@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N1@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAA@W4_Uninitialized@1@@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@IEAA@$$QEAV01@@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@W4_Uninitialized@1@_N@Z
??0?$basic_ostream@GU?$char_traits@G@std@@@std@@IEAA@$$QEAV01@@Z
??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAA@PEAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N@Z
??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAA@W4_Uninitialized@1@_N@Z
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@IEAA@$$QEAV01@@Z
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAA@W4_Uninitialized@1@_N@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@AEBV01@@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@W4_Uninitialized@1@@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAA@AEBV01@@Z
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAA@W4_Uninitialized@1@@Z
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAA@XZ
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAA@AEBV01@@Z
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAA@W4_Uninitialized@1@@Z
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAA@XZ
??0?$codecvt@DDU_Mbstatet@@@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$codecvt@DDU_Mbstatet@@@std@@QEAA@_K@Z
??0?$codecvt@GDU_Mbstatet@@@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$codecvt@GDU_Mbstatet@@@std@@QEAA@_K@Z
??0?$codecvt@_SDU_Mbstatet@@@std@@QEAA@AEBV_Locinfo@1@KW4_Codecvt_mode@1@_K@Z
??0?$codecvt@_SDU_Mbstatet@@@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$codecvt@_SDU_Mbstatet@@@std@@QEAA@_K@Z
??0?$codecvt@_UDU_Mbstatet@@@std@@QEAA@AEBV_Locinfo@1@KW4_Codecvt_mode@1@_K@Z
??0?$codecvt@_UDU_Mbstatet@@@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$codecvt@_UDU_Mbstatet@@@std@@QEAA@_K@Z
??0?$codecvt@_WDU_Mbstatet@@@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$codecvt@_WDU_Mbstatet@@@std@@QEAA@_K@Z
??0?$ctype@D@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$ctype@D@std@@QEAA@PEBF_N_K@Z
??0?$ctype@G@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$ctype@G@std@@QEAA@_K@Z
??0?$ctype@_W@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$ctype@_W@std@@QEAA@_K@Z
??0?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAA@_K@Z
??0?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAA@_K@Z
??0?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAA@_K@Z
??0?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAA@_K@Z
??0?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAA@_K@Z
??0?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAA@_K@Z
??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IEAA@PEBD_K@Z
??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAA@_K@Z
??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IEAA@PEBD_K@Z
??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAA@_K@Z
??0?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IEAA@PEBD_K@Z
??0?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAA@_K@Z
??0?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAA@_K@Z
??0?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IEAA@PEBD_K@Z
??0?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAA@_K@Z
??0?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IEAA@PEBD_K@Z
??0?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAA@_K@Z
??0Init@ios_base@std@@QEAA@XZ
??0_Facet_base@std@@QEAA@AEBV01@@Z
??0_Facet_base@std@@QEAA@XZ
??0_Init_locks@std@@QEAA@XZ
??0_Locimp@locale@std@@AEAA@AEBV012@@Z
??0_Locimp@locale@std@@AEAA@_N@Z
??0_Locinfo@std@@QEAA@HPEBD@Z
??0_Locinfo@std@@QEAA@PEBD@Z
??0_Lockit@std@@QEAA@H@Z
??0_Lockit@std@@QEAA@XZ
??0_Timevec@std@@QEAA@AEBV01@@Z
??0_Timevec@std@@QEAA@PEAX@Z
??0_UShinit@std@@QEAA@XZ
??0_Winit@std@@QEAA@XZ
??0codecvt_base@std@@QEAA@_K@Z
??0ctype_base@std@@QEAA@_K@Z
??0facet@locale@std@@IEAA@_K@Z
??0id@locale@std@@QEAA@_K@Z
??0ios_base@std@@IEAA@XZ
??0task_continuation_context@Concurrency@@AEAA@XZ
??0time_base@std@@QEAA@_K@Z
??1?$_Yarn@D@std@@QEAA@XZ
??1?$_Yarn@G@std@@QEAA@XZ
??1?$_Yarn@_W@std@@QEAA@XZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_ios@GU?$char_traits@G@std@@@std@@UEAA@XZ
??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_iostream@GU?$char_traits@G@std@@@std@@UEAA@XZ
??1?$basic_iostream@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_istream@GU?$char_traits@G@std@@@std@@UEAA@XZ
??1?$basic_istream@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_ostream@GU?$char_traits@G@std@@@std@@UEAA@XZ
??1?$basic_ostream@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_streambuf@GU?$char_traits@G@std@@@std@@UEAA@XZ
??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
??1?$codecvt@DDU_Mbstatet@@@std@@MEAA@XZ
??1?$codecvt@GDU_Mbstatet@@@std@@MEAA@XZ
??1?$codecvt@_SDU_Mbstatet@@@std@@MEAA@XZ
??1?$codecvt@_UDU_Mbstatet@@@std@@MEAA@XZ
??1?$codecvt@_WDU_Mbstatet@@@std@@MEAA@XZ
??1?$ctype@D@std@@MEAA@XZ
??1?$ctype@G@std@@MEAA@XZ
??1?$ctype@_W@std@@MEAA@XZ
??1?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MEAA@XZ
??1?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MEAA@XZ
??1?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MEAA@XZ
??1?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MEAA@XZ
??1?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MEAA@XZ
??1?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MEAA@XZ
??1?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MEAA@XZ
??1?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MEAA@XZ
??1?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MEAA@XZ
??1?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MEAA@XZ
??1?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MEAA@XZ
??1?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MEAA@XZ
??1Init@ios_base@std@@QEAA@XZ
??1_Facet_base@std@@UEAA@XZ
??1_Init_locks@std@@QEAA@XZ
??1_Locimp@locale@std@@MEAA@XZ
??1_Locinfo@std@@QEAA@XZ
??1_Lockit@std@@QEAA@XZ
??1_Timevec@std@@QEAA@XZ
??1_UShinit@std@@QEAA@XZ
??1_Winit@std@@QEAA@XZ
??1codecvt_base@std@@UEAA@XZ
??1ctype_base@std@@UEAA@XZ
??1facet@locale@std@@MEAA@XZ
??1ios_base@std@@UEAA@XZ
??1time_base@std@@UEAA@XZ
??4?$_Iosb@H@std@@QEAAAEAV01@$$QEAV01@@Z
??4?$_Iosb@H@std@@QEAAAEAV01@AEBV01@@Z
??4?$_Yarn@D@std@@QEAAAEAV01@AEBV01@@Z
??4?$_Yarn@D@std@@QEAAAEAV01@PEBD@Z
??4?$_Yarn@G@std@@QEAAAEAV01@AEBV01@@Z
??4?$_Yarn@G@std@@QEAAAEAV01@PEBG@Z
??4?$_Yarn@_W@std@@QEAAAEAV01@AEBV01@@Z
??4?$_Yarn@_W@std@@QEAAAEAV01@PEB_W@Z
??4?$basic_iostream@DU?$char_traits@D@std@@@std@@IEAAAEAV01@$$QEAV01@@Z
??4?$basic_iostream@GU?$char_traits@G@std@@@std@@IEAAAEAV01@$$QEAV01@@Z
??4?$basic_iostream@_WU?$char_traits@_W@std@@@std@@IEAAAEAV01@$$QEAV01@@Z
??4?$basic_istream@DU?$char_traits@D@std@@@std@@IEAAAEAV01@$$QEAV01@@Z
??4?$basic_istream@GU?$char_traits@G@std@@@std@@IEAAAEAV01@$$QEAV01@@Z
??4?$basic_istream@_WU?$char_traits@_W@std@@@std@@IEAAAEAV01@$$QEAV01@@Z
??4?$basic_ostream@DU?$char_traits@D@std@@@std@@IEAAAEAV01@$$QEAV01@@Z
??4?$basic_ostream@GU?$char_traits@G@std@@@std@@IEAAAEAV01@$$QEAV01@@Z
??4?$basic_ostream@_WU?$char_traits@_W@std@@@std@@IEAAAEAV01@$$QEAV01@@Z
??4?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAAEAV01@AEBV01@@Z
??4?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAAAEAV01@AEBV01@@Z
??4?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAAEAV01@AEBV01@@Z
??4Init@ios_base@std@@QEAAAEAV012@AEBV012@@Z
??4_Crt_new_delete@std@@QEAAAEAU01@$$QEAU01@@Z
??4_Crt_new_delete@std@@QEAAAEAU01@AEBU01@@Z
??4_Facet_base@std@@QEAAAEAV01@AEBV01@@Z
??4_Init_locks@std@@QEAAAEAV01@AEBV01@@Z
??4_Timevec@std@@QEAAAEAV01@AEBV01@@Z
??4_UShinit@std@@QEAAAEAV01@AEBV01@@Z
??4_Winit@std@@QEAAAEAV01@AEBV01@@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAF@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAG@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAH@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAI@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAJ@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAK@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAM@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAN@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAO@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAPEAX@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEA_J@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEA_K@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEA_N@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV?$basic_ios@DU?$char_traits@D@std@@@1@AEAV21@@Z@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEAF@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEAG@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEAH@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEAI@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEAJ@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEAK@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEAM@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEAN@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEAO@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEAPEAX@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEA_J@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEA_K@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEA_N@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@P6AAEAV?$basic_ios@GU?$char_traits@G@std@@@1@AEAV21@@Z@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@PEAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAF@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAG@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAH@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAI@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAJ@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAK@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAM@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAN@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAO@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAPEAX@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEA_J@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEA_K@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEA_N@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAV?$basic_ios@_WU?$char_traits@_W@std@@@1@AEAV21@@Z@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@F@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@G@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@I@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@M@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@O@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV?$basic_ios@DU?$char_traits@D@std@@@1@AEAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@PEBX@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_N@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@F@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@G@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@H@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@I@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@J@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@K@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@M@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@N@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@O@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@P6AAEAV?$basic_ios@GU?$char_traits@G@std@@@1@AEAV21@@Z@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@PEAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@PEBX@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@_J@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@_K@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@_N@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@F@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@G@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@H@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@I@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@J@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@K@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@M@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@N@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@O@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAV?$basic_ios@_WU?$char_traits@_W@std@@@1@AEAV21@@Z@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@PEBX@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@_J@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@_K@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@_N@Z
??7ios_base@std@@QEBA_NXZ
??Bid@locale@std@@QEAA_KXZ
??Bios_base@std@@QEBA_NXZ
??_7?$basic_ios@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_ios@GU?$char_traits@G@std@@@std@@6B@
??_7?$basic_ios@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$basic_iostream@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_iostream@GU?$char_traits@G@std@@@std@@6B@
??_7?$basic_iostream@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$basic_istream@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_istream@GU?$char_traits@G@std@@@std@@6B@
??_7?$basic_istream@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$basic_ostream@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_ostream@GU?$char_traits@G@std@@@std@@6B@
??_7?$basic_ostream@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$basic_streambuf@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_streambuf@GU?$char_traits@G@std@@@std@@6B@
??_7?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$codecvt@DDU_Mbstatet@@@std@@6B@
??_7?$codecvt@GDU_Mbstatet@@@std@@6B@
??_7?$codecvt@_SDU_Mbstatet@@@std@@6B@
??_7?$codecvt@_UDU_Mbstatet@@@std@@6B@
??_7?$codecvt@_WDU_Mbstatet@@@std@@6B@
??_7?$ctype@D@std@@6B@
??_7?$ctype@G@std@@6B@
??_7?$ctype@_W@std@@6B@
??_7?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@
??_7?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@
??_7?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@
??_7?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@
??_7?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@
??_7?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@
??_7?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@
??_7?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@
??_7?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@
??_7?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@
??_7?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@
??_7?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@
??_7_Facet_base@std@@6B@
??_7_Locimp@locale@std@@6B@
??_7codecvt_base@std@@6B@
??_7ctype_base@std@@6B@
??_7facet@locale@std@@6B@
??_7ios_base@std@@6B@
??_7time_base@std@@6B@
??_8?$basic_iostream@DU?$char_traits@D@std@@@std@@7B?$basic_istream@DU?$char_traits@D@std@@@1@@
??_8?$basic_iostream@DU?$char_traits@D@std@@@std@@7B?$basic_ostream@DU?$char_traits@D@std@@@1@@
??_8?$basic_iostream@GU?$char_traits@G@std@@@std@@7B?$basic_istream@GU?$char_traits@G@std@@@1@@
??_8?$basic_iostream@GU?$char_traits@G@std@@@std@@7B?$basic_ostream@GU?$char_traits@G@std@@@1@@
??_8?$basic_iostream@_WU?$char_traits@_W@std@@@std@@7B?$basic_istream@_WU?$char_traits@_W@std@@@1@@
??_8?$basic_iostream@_WU?$char_traits@_W@std@@@std@@7B?$basic_ostream@_WU?$char_traits@_W@std@@@1@@
??_8?$basic_istream@DU?$char_traits@D@std@@@std@@7B@
??_8?$basic_istream@GU?$char_traits@G@std@@@std@@7B@
??_8?$basic_istream@_WU?$char_traits@_W@std@@@std@@7B@
??_8?$basic_ostream@DU?$char_traits@D@std@@@std@@7B@
??_8?$basic_ostream@GU?$char_traits@G@std@@@std@@7B@
??_8?$basic_ostream@_WU?$char_traits@_W@std@@@std@@7B@
??_D?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
??_D?$basic_iostream@GU?$char_traits@G@std@@@std@@QEAAXXZ
??_D?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QEAAXXZ
??_D?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAXXZ
??_D?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAXXZ
??_D?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAXXZ
??_D?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
??_D?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAXXZ
??_D?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAXXZ
??_F?$codecvt@DDU_Mbstatet@@@std@@QEAAXXZ
??_F?$codecvt@GDU_Mbstatet@@@std@@QEAAXXZ
??_F?$codecvt@_SDU_Mbstatet@@@std@@QEAAXXZ
??_F?$codecvt@_UDU_Mbstatet@@@std@@QEAAXXZ
??_F?$codecvt@_WDU_Mbstatet@@@std@@QEAAXXZ
??_F?$ctype@D@std@@QEAAXXZ
??_F?$ctype@G@std@@QEAAXXZ
??_F?$ctype@_W@std@@QEAAXXZ
??_F?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAAXXZ
??_F?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAAXXZ
??_F?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAAXXZ
??_F?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAAXXZ
??_F?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAAXXZ
??_F?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAAXXZ
??_F?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAAXXZ
??_F?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAAXXZ
??_F?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAAXXZ
??_F?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAAXXZ
??_F?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAAXXZ
??_F?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAAXXZ
??_F_Locinfo@std@@QEAAXXZ
??_F_Timevec@std@@QEAAXXZ
??_Fcodecvt_base@std@@QEAAXXZ
??_Fctype_base@std@@QEAAXXZ
??_Ffacet@locale@std@@QEAAXXZ
??_Fid@locale@std@@QEAAXXZ
??_Ftime_base@std@@QEAAXXZ
?CaptureCallstack@platform@details@Concurrency@@YA_KPEAPEAX_K1@Z
?GetCurrentThreadId@platform@details@Concurrency@@YAJXZ
?GetNextAsyncId@platform@details@Concurrency@@YAIXZ
?ReportUnhandledError@_ExceptionHolder@details@Concurrency@@AEAAXXZ
?_Addcats@_Locinfo@std@@QEAAAEAV12@HPEBD@Z
?_Addfac@_Locimp@locale@std@@AEAAXPEAVfacet@23@_K@Z
?_Addstd@ios_base@std@@SAXPEAV12@@Z
?_Assign@_ContextCallback@details@Concurrency@@AEAAXPEAX@Z
?_Atexit@@YAXP6AXXZ@Z
?_BADOFF@std@@3_JB
?_C_str@?$_Yarn@D@std@@QEBAPEBDXZ
?_C_str@?$_Yarn@G@std@@QEBAPEBGXZ
?_C_str@?$_Yarn@_W@std@@QEBAPEB_WXZ
?_CallInContext@_ContextCallback@details@Concurrency@@QEBAXV?$function@$$A6AXXZ@std@@_N@Z
?_Callfns@ios_base@std@@AEAAXW4event@12@@Z
?_Capture@_ContextCallback@details@Concurrency@@AEAAXXZ
?_Clocptr@_Locimp@locale@std@@0PEAV123@EA
?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ
?_Donarrow@?$ctype@G@std@@IEBADGD@Z
?_Donarrow@?$ctype@_W@std@@IEBAD_WD@Z
?_Dowiden@?$ctype@G@std@@IEBAGD@Z
?_Dowiden@?$ctype@_W@std@@IEBA_WD@Z
?_Empty@?$_Yarn@D@std@@QEBA_NXZ
?_Empty@?$_Yarn@G@std@@QEBA_NXZ
?_Empty@?$_Yarn@_W@std@@QEBA_NXZ
?_Execute_once@std@@YAHAEAUonce_flag@1@P6AHPEAX1PEAPEAX@Z1@Z
?_Ffmt@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@AEBAPEADPEADDH@Z
?_Ffmt@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@AEBAPEADPEADDH@Z
?_Ffmt@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@AEBAPEADPEADDH@Z
?_Findarr@ios_base@std@@AEAAAEAU_Iosarray@12@H@Z
?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z
?_Fiopen@std@@YAPEAU_iobuf@@PEBGHH@Z
?_Fiopen@std@@YAPEAU_iobuf@@PEB_WHH@Z
?_Fput@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@AEBA?AV?$ostreambuf_iterator@DU?$char_traits@D@std@@@2@V32@AEAVios_base@2@DPEBD_K@Z
?_Fput@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@AEBA?AV?$ostreambuf_iterator@GU?$char_traits@G@std@@@2@V32@AEAVios_base@2@GPEBD_K@Z
?_Fput@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@AEBA?AV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@2@V32@AEAVios_base@2@_WPEBD_K@Z
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$codecvt@GDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$codecvt@_SDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$codecvt@_UDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$codecvt@_WDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$ctype@D@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$ctype@G@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$ctype@_W@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@facet@locale@std@@SA_KPEAPEBV123@PEBV23@@Z
?_Getcoll@_Locinfo@std@@QEBA?AU_Collvec@@XZ
?_Getctype@_Locinfo@std@@QEBA?AU_Ctypevec@@XZ
?_Getcvt@_Locinfo@std@@QEBA?AU_Cvtvec@@XZ
?_Getdateorder@_Locinfo@std@@QEBAHXZ
?_Getdays@_Locinfo@std@@QEBAPEBDXZ
?_Getfalse@_Locinfo@std@@QEBAPEBDXZ
?_Getffld@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@AEBAHPEADAEAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@1AEAVios_base@2@PEAH@Z
?_Getffld@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@AEBAHPEADAEAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@1AEAVios_base@2@PEAH@Z
?_Getffld@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@AEBAHPEADAEAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@1AEAVios_base@2@PEAH@Z
?_Getffldx@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@AEBAHPEADAEAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@1AEAVios_base@2@PEAH@Z
?_Getffldx@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@AEBAHPEADAEAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@1AEAVios_base@2@PEAH@Z
?_Getffldx@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@AEBAHPEADAEAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@1AEAVios_base@2@PEAH@Z
?_Getfmt@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IEBA?AV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@V32@0AEAVios_base@2@AEAHPEAUtm@@PEBD@Z
?_Getfmt@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IEBA?AV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@V32@0AEAVios_base@2@AEAHPEAUtm@@PEBD@Z
?_Getfmt@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IEBA?AV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@V32@0AEAVios_base@2@AEAHPEAUtm@@PEBD@Z
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?_Getifld@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@AEBAHPEADAEAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@1HAEBVlocale@2@@Z
?_Getifld@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@AEBAHPEADAEAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@1HAEBVlocale@2@@Z
?_Getifld@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@AEBAHPEADAEAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@1HAEBVlocale@2@@Z
?_Getint@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@AEBAHAEAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@0HHAEAHAEBV?$ctype@D@2@@Z
?_Getint@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@AEBAHAEAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@0HHAEAHAEBV?$ctype@G@2@@Z
?_Getint@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@AEBAHAEAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@0HHAEAHAEBV?$ctype@_W@2@@Z
?_Getlconv@_Locinfo@std@@QEBAPEBUlconv@@XZ
?_Getmonths@_Locinfo@std@@QEBAPEBDXZ
?_Getname@_Locinfo@std@@QEBAPEBDXZ
?_Getptr@_Timevec@std@@QEBAPEAXXZ
?_Gettnames@_Locinfo@std@@QEBA?AV_Timevec@2@XZ
?_Gettrue@_Locinfo@std@@QEBAPEBDXZ
?_Gnavail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBA_JXZ
?_Gnavail@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEBA_JXZ
?_Gnavail@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEBA_JXZ
?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?_Gndec@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAAPEAGXZ
?_Gndec@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAPEA_WXZ
?_Gninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?_Gninc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAAPEAGXZ
?_Gninc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAPEA_WXZ
?_Gnpreinc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?_Gnpreinc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAAPEAGXZ
?_Gnpreinc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAPEA_WXZ
?_Id_cnt@id@locale@std@@0HA
?_Ifmt@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@AEBAPEADPEADPEBDH@Z
?_Ifmt@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@AEBAPEADPEADPEBDH@Z
?_Ifmt@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@AEBAPEADPEADPEBDH@Z
?_Incref@facet@locale@std@@UEAAXXZ
?_Index@ios_base@std@@0HA

Sections

.text
Size: 318KB - Virtual size: 318KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 239KB - Virtual size: 239KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
msvcp140_1.dll
.dll windows:6 windows x64 arch:x64

a1d1434dddb062f5f5d6615852def52b

Code Sign

33:00:00:01:2c:aa:51:49:df:36:06:3b:6e:00:00:00:00:01:2c
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/09/2019, 20:40

Not After

04/12/2020, 20:40

Subject

CN=Microsoft Time-Stamp Service,OU=Microsoft Operations Puerto Rico+OU=Thales TSS ESN:F528-3777-8A76,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:01:51:9e:8d:8f:40:71:a3:0e:41:00:00:00:00:01:51
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

02/05/2019, 21:37

Not After

02/05/2020, 21:37

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:01:51:9e:8d:8f:40:71:a3:0e:41:00:00:00:00:01:51
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

02/05/2019, 21:37

Not After

02/05/2020, 21:37

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

ca:0f:4e:88:4e:ba:d5:1c:fe:b0:88:86:55:4c:98:a5:16:8c:fd:d7:63:c6:f8:16:7d:e3:a6:2a:d9:65:6f:98
Signer

Actual PE Digest

ca:0f:4e:88:4e:ba:d5:1c:fe:b0:88:86:55:4c:98:a5:16:8c:fd:d7:63:c6:f8:16:7d:e3:a6:2a:d9:65:6f:98

Digest Algorithm

sha256

PE Digest Matches

true

a2:14:40:9a:06:6e:5d:5a:ce:d0:68:2f:0d:bc:54:c2:f2:b5:ea:41
Signer

Actual PE Digest

a2:14:40:9a:06:6e:5d:5a:ce:d0:68:2f:0d:bc:54:c2:f2:b5:ea:41

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

d:\agent\_work\1\s\\binaries\amd64ret\bin\amd64\\msvcp140_1.amd64.pdb

Imports

msvcp140

?_Execute_once@std@@YAHAEAUonce_flag@1@P6AHPEAX1PEAPEAX@Z1@Z
?_Xbad_alloc@std@@YAXXZ

vcruntime140

memset
__C_specific_handler
__std_exception_copy
__std_exception_destroy
_CxxThrowException
__std_type_info_destroy_list

api-ms-win-crt-runtime-l1-1-0

terminate
_cexit
_execute_onexit_table
_initterm
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initialize_onexit_table

api-ms-win-crt-heap-l1-1-0

free
_aligned_free
_callnewh
_aligned_malloc
malloc

kernel32

RtlVirtualUnwind
GetCurrentProcessId
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
QueryPerformanceCounter
RtlLookupFunctionEntry
RtlCaptureContext
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId

Exports

Exports

_Aligned_get_default_resource
_Aligned_new_delete_resource
_Aligned_set_default_resource
_Unaligned_get_default_resource
_Unaligned_new_delete_resource
_Unaligned_set_default_resource
null_memory_resource

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 760B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 588B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
msvcp140_2.dll
.dll windows:6 windows x64 arch:x64

8ceeb902c9887e633d0dec0e28e97944

Code Sign

33:00:00:01:31:8d:e1:be:a7:9f:0a:35:e0:00:00:00:00:01:31
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/09/2019, 20:40

Not After

04/12/2020, 20:40

Subject

CN=Microsoft Time-Stamp Service,OU=Microsoft Operations Puerto Rico+OU=Thales TSS ESN:148C-C4B9-2066,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:01:51:9e:8d:8f:40:71:a3:0e:41:00:00:00:00:01:51
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

02/05/2019, 21:37

Not After

02/05/2020, 21:37

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:01:51:9e:8d:8f:40:71:a3:0e:41:00:00:00:00:01:51
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

02/05/2019, 21:37

Not After

02/05/2020, 21:37

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

cc:17:cd:5b:67:77:1a:e3:ea:b8:d2:13:e3:6e:23:0a:67:52:ad:6e:5f:e1:f4:40:a7:43:3e:b3:61:ef:c7:c4
Signer

Actual PE Digest

cc:17:cd:5b:67:77:1a:e3:ea:b8:d2:13:e3:6e:23:0a:67:52:ad:6e:5f:e1:f4:40:a7:43:3e:b3:61:ef:c7:c4

Digest Algorithm

sha256

PE Digest Matches

true

15:03:b2:be:1a:44:9c:da:e3:20:a7:20:f5:b3:25:4f:4b:55:00:7c
Signer

Actual PE Digest

15:03:b2:be:1a:44:9c:da:e3:20:a7:20:f5:b3:25:4f:4b:55:00:7c

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

d:\agent\_work\1\s\\binaries\amd64ret\bin\amd64\\msvcp140_2.amd64.pdb

Imports

msvcp140

?widen@?$ctype@D@std@@QEBAPEBDPEBD0PEAD@Z
?_Getcat@?$ctype@D@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?clear@ios_base@std@@QEAAXH_N@Z
?getloc@ios_base@std@@QEBA?AVlocale@2@XZ
??1ios_base@std@@UEAA@XZ
?widen@?$ctype@D@std@@QEBADD@Z
?_Init@ios_base@std@@IEAAXXZ
?setprecision@std@@YA?AU?$_Smanip@_J@1@_J@Z
?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ
?_Incref@facet@locale@std@@UEAAXXZ
?id@?$ctype@D@std@@2V0locale@2@A
?id@?$numpunct@D@std@@2V0locale@2@A
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?_Init@locale@std@@CAPEAV_Locimp@12@_N@Z
??1facet@locale@std@@MEAA@XZ
??0facet@locale@std@@IEAA@_K@Z
??Bid@locale@std@@QEAA_KXZ
?c_str@?$_Yarn@D@std@@QEBAPEBDXZ
?_Gettrue@_Locinfo@std@@QEBAPEBDXZ
?_Getfalse@_Locinfo@std@@QEBAPEBDXZ
?_Getcvt@_Locinfo@std@@QEBA?AU_Cvtvec@@XZ
??1_Locinfo@std@@QEAA@XZ
??0_Locinfo@std@@QEAA@PEBD@Z
?_Xout_of_range@std@@YAXPEBD@Z
?_Xlength_error@std@@YAXPEBD@Z
?_Xbad_alloc@std@@YAXXZ
?uncaught_exception@std@@YA_NXZ
??1_Lockit@std@@QEAA@XZ
??0ios_base@std@@IEAA@XZ
??0_Lockit@std@@QEAA@H@Z

vcruntime140

__CxxFrameHandler3
memchr
memcmp
memcpy
memmove
memset
__C_specific_handler
__std_exception_destroy
__std_type_info_destroy_list
__std_exception_copy
__std_terminate
_purecall
_CxxThrowException

api-ms-win-crt-runtime-l1-1-0

_cexit
_execute_onexit_table
_register_onexit_function
_invalid_parameter_noinfo_noreturn
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm
_crt_atexit
_initterm_e
_errno

api-ms-win-crt-math-l1-1-0

sqrtf
tan
sqrt
sinh
sin
cosh
ldexp
log1p
pow
log
fmod
expm1
floor
frexp
cos
atan
exp
ceil

api-ms-win-crt-heap-l1-1-0

malloc
free
calloc
_callnewh

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf_s

api-ms-win-crt-string-l1-1-0

strcspn

api-ms-win-crt-locale-l1-1-0

localeconv

kernel32

RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead
IsDebuggerPresent

Exports

Exports

__std_smf_assoc_laguerre
__std_smf_assoc_laguerref
__std_smf_assoc_legendre
__std_smf_assoc_legendref
__std_smf_beta
__std_smf_betaf
__std_smf_comp_ellint_1
__std_smf_comp_ellint_1f
__std_smf_comp_ellint_2
__std_smf_comp_ellint_2f
__std_smf_comp_ellint_3
__std_smf_comp_ellint_3f
__std_smf_cyl_bessel_i
__std_smf_cyl_bessel_if
__std_smf_cyl_bessel_j
__std_smf_cyl_bessel_jf
__std_smf_cyl_bessel_k
__std_smf_cyl_bessel_kf
__std_smf_cyl_neumann
__std_smf_cyl_neumannf
__std_smf_ellint_1
__std_smf_ellint_1f
__std_smf_ellint_2
__std_smf_ellint_2f
__std_smf_ellint_3
__std_smf_ellint_3f
__std_smf_expint
__std_smf_expintf
__std_smf_hermite
__std_smf_hermitef
__std_smf_hypot3
__std_smf_hypot3f
__std_smf_laguerre
__std_smf_laguerref
__std_smf_legendre
__std_smf_legendref
__std_smf_riemann_zeta
__std_smf_riemann_zetaf
__std_smf_sph_bessel
__std_smf_sph_besself
__std_smf_sph_legendre
__std_smf_sph_legendref
__std_smf_sph_neumann
__std_smf_sph_neumannf

Sections

.text
Size: 126KB - Virtual size: 125KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 456B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
msvcp140_codecvt_ids.dll
.dll windows:6 windows x64 arch:x64

eb741a767a6a80709b865cd0789aabcf

Code Sign

33:00:00:01:2c:aa:51:49:df:36:06:3b:6e:00:00:00:00:01:2c
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/09/2019, 20:40

Not After

04/12/2020, 20:40

Subject

CN=Microsoft Time-Stamp Service,OU=Microsoft Operations Puerto Rico+OU=Thales TSS ESN:F528-3777-8A76,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:01:51:9e:8d:8f:40:71:a3:0e:41:00:00:00:00:01:51
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

02/05/2019, 21:37

Not After

02/05/2020, 21:37

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:01:51:9e:8d:8f:40:71:a3:0e:41:00:00:00:00:01:51
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

02/05/2019, 21:37

Not After

02/05/2020, 21:37

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

37:f0:e9:47:01:c9:5c:79:96:dd:a9:8a:12:ea:5a:f6:e1:c9:b2:e5:c7:ce:ce:5a:4b:c9:c4:8d:50:32:c4:62
Signer

Actual PE Digest

37:f0:e9:47:01:c9:5c:79:96:dd:a9:8a:12:ea:5a:f6:e1:c9:b2:e5:c7:ce:ce:5a:4b:c9:c4:8d:50:32:c4:62

Digest Algorithm

sha256

PE Digest Matches

true

f3:00:4b:f0:c8:64:7b:37:28:96:57:16:7e:98:2b:68:fc:c8:cc:ed
Signer

Actual PE Digest

f3:00:4b:f0:c8:64:7b:37:28:96:57:16:7e:98:2b:68:fc:c8:cc:ed

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

d:\agent\_work\1\s\\binaries\amd64ret\bin\amd64\\msvcp140_codecvt_ids.amd64.pdb

Imports

vcruntime140

__C_specific_handler
__std_type_info_destroy_list
memset

api-ms-win-crt-runtime-l1-1-0

_cexit
_execute_onexit_table
_initialize_onexit_table
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initterm
_initialize_narrow_environment

kernel32

IsDebuggerPresent
QueryPerformanceCounter
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcessId
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
InitializeSListHead

Exports

Exports

?id@?$codecvt@_SDU_Mbstatet@@@std@@2V0locale@2@A
?id@?$codecvt@_S_QU_Mbstatet@@@std@@2V0locale@2@A
?id@?$codecvt@_UDU_Mbstatet@@@std@@2V0locale@2@A
?id@?$codecvt@_U_QU_Mbstatet@@@std@@2V0locale@2@A

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 232B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 372B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
root-service-provider.dll
.dll windows:6 windows x64 arch:x64

527731ff1857ee59f43a0dcd804043cb

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

dc:39:2e:be:77:1b:84:15:a0:e2:c3:0b:c3:46:8d:0b
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

21/09/2020, 00:00

Not After

21/09/2023, 23:59

Subject

CN=Sober Lemur S.a.s. di Vacondio Andrea,O=Sober Lemur S.a.s. di Vacondio Andrea,POSTALCODE=42021,STREET=Via Enrico Fermi 28,L=Bibbiano,ST=Reggio Emilia,C=IT

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

39:72:44:3a:f9:22:b7:51:d7:d3:6c:10:dd:31:35:95
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

12/03/2019, 00:00

Not After

31/12/2028, 23:59

Subject

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/11/2018, 00:00

Not After

31/12/2030, 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

dc:39:2e:be:77:1b:84:15:a0:e2:c3:0b:c3:46:8d:0b
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

21/09/2020, 00:00

Not After

21/09/2023, 23:59

Subject

CN=Sober Lemur S.a.s. di Vacondio Andrea,O=Sober Lemur S.a.s. di Vacondio Andrea,POSTALCODE=42021,STREET=Via Enrico Fermi 28,L=Bibbiano,ST=Reggio Emilia,C=IT

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

39:72:44:3a:f9:22:b7:51:d7:d3:6c:10:dd:31:35:95
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

12/03/2019, 00:00

Not After

31/12/2028, 23:59

Subject

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/11/2018, 00:00

Not After

31/12/2030, 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

48:29:fd:de:d1:7e:0b:f5:4d:dd:b5:fc:dc:9d:2b:d9:29:a7:bc:fc:44:3f:9b:9b:3d:f4:7d:3e:61:9d:b9:d0
Signer

Actual PE Digest

48:29:fd:de:d1:7e:0b:f5:4d:dd:b5:fc:dc:9d:2b:d9:29:a7:bc:fc:44:3f:9b:9b:3d:f4:7d:3e:61:9d:b9:d0

Digest Algorithm

sha256

PE Digest Matches

true

57:6d:40:b0:18:29:9e:2f:3b:51:44:43:c1:59:df:35:fc:43:d7:8e
Signer

Actual PE Digest

57:6d:40:b0:18:29:9e:2f:3b:51:44:43:c1:59:df:35:fc:43:d7:8e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\LULU\TempBuilds\TemporaryBuilds\main-pool\32\s\App\_bin\sam\x64\Release\root-service-provider.pdb

Imports

encoding-conversion

SLConvertUTF8ToUTF16
SLConvertACPToUnicode
SLConvertUTF16ToUTF8
SLConvertUnicodeToACP

kernel32

AreFileApisANSI
FormatMessageW
SetEvent
CloseHandle
LocalFree
WideCharToMultiByte
FormatMessageA
CreateEventA
GetProcAddress
FreeLibrary
LoadLibraryExW
LoadLibraryW
GetLastError
GetModuleFileNameW
GetModuleHandleW
SetDllDirectoryW
GetCurrentThreadId
WaitForSingleObjectEx
LoadLibraryA
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
MultiByteToWideChar
EnterCriticalSection
GetStringTypeExW
LeaveCriticalSection
LCMapStringW
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
ResetEvent
CreateEventW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
GetUserDefaultLCID
IsDebuggerPresent
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeSListHead
CreateFileW
HeapFree
GetProcessHeap
OpenEventA
FindClose
FindFirstFileW
FindNextFileW
GetFileAttributesW
GetFileTime
DeviceIoControl
Sleep

atom

SLGetAtomFromString
CreateSingletonStaticData
GetSingletonStaticData
IsSingletonStaticDataStorageAvailable
CleanupSingletonStaticDataStorage
SLGetStringFromAtom

msvcp140

?width@ios_base@std@@QEAA_J_J@Z
?width@ios_base@std@@QEBA_JXZ
?_Getcat@?$ctype@_W@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?is@?$ctype@_W@std@@QEBA_NF_W@Z
?id@?$ctype@_W@std@@2V0locale@2@A
?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAAXXZ
?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAAXXZ
?sync@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAHXZ
?widen@?$ctype@_W@std@@QEBA_WD@Z
?narrow@?$ctype@_W@std@@QEBAD_WD@Z
?imbue@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAXAEBVlocale@2@@Z
?precision@ios_base@std@@QEAA_J_J@Z
?flags@ios_base@std@@QEAAHH@Z
?xsputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JPEB_W_J@Z
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?showmanyc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JXZ
?uflow@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAGXZ
??1?$basic_iostream@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
?setbuf@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAPEAV12@PEA_W_J@Z
?sputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAA_JPEB_W_J@Z
?fill@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEAA_W_W@Z
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
?imbue@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEAA?AVlocale@2@AEBV32@@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@H@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@I@Z
?widen@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEBA_WD@Z
?clear@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEAAXH_N@Z
?tie@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEBAPEAV?$basic_ostream@_WU?$char_traits@_W@std@@@2@XZ
?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAXXZ
?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV12@XZ
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAA@XZ
?setp@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAXPEA_W00@Z
?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEAAXH_N@Z
?rdbuf@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEBAPEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@2@XZ
?fill@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEBA_WXZ
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IEAA@XZ
??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?eback@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEBAPEA_WXZ
?pbase@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEBAPEA_WXZ
?egptr@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEBAPEA_WXZ
?setg@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAXPEA_W00@Z
?epptr@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEBAPEA_WXZ
?setp@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAXPEA_W0@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@K@Z
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@_JH@Z
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAPEAD0PEAH001@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEAD_J@Z
??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?_Pninc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAPEA_WXZ
?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAAG_W@Z
?pbump@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAXH@Z
?gbump@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAXH@Z
?gptr@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEBAPEA_WXZ
?pptr@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEBAPEA_WXZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
?_Fiopen@std@@YAPEAU_iobuf@@PEB_WHH@Z
??7ios_base@std@@QEBA_NXZ
??Bid@locale@std@@QEAA_KXZ
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
??0_Lockit@std@@QEAA@H@Z
??1_Lockit@std@@QEAA@XZ
?getloc@ios_base@std@@QEBA?AVlocale@2@XZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
?always_noconv@codecvt_base@std@@QEBA_NXZ
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD00@Z
?uncaught_exception@std@@YA_NXZ
?flags@ios_base@std@@QEBAHXZ
?good@ios_base@std@@QEBA_NXZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?id@?$codecvt@_WDU_Mbstatet@@@std@@2V0locale@2@A
?_Incref@facet@locale@std@@UEAAXXZ
?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ
??1?$codecvt@_WDU_Mbstatet@@@std@@MEAA@XZ
?_Getcat@?$codecvt@_WDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
??0?$codecvt@_WDU_Mbstatet@@@std@@QEAA@_K@Z
?_Locimp_Addfac@_Locimp@locale@std@@CAXPEAV123@PEAVfacet@23@_K@Z
?_New_Locimp@_Locimp@locale@std@@CAPEAV123@AEBV123@@Z
??4?$_Yarn@D@std@@QEAAAEAV01@PEBD@Z
?out@?$codecvt@_WDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEB_W1AEAPEB_WPEAD3AEAPEAD@Z
?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXH@Z
?in@?$codecvt@_WDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEA_W3AEAPEA_W@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?_Pnavail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBA_JXZ
?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?pbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXH@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
?_Init@locale@std@@CAPEAV_Locimp@12@_N@Z
??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
?_Xbad_function_call@std@@YAXXZ
?_Gnavail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBA_JXZ
?_Gninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?_Xout_of_range@std@@YAXPEBD@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
?rdstate@ios_base@std@@QEBAHXZ
?exceptions@ios_base@std@@QEAAXH@Z
?_Xlength_error@std@@YAXPEBD@Z
??1?$basic_ostream@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
?xsgetn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JPEA_W_J@Z

vcruntime140_1

__CxxFrameHandler4

vcruntime140

memcpy
__std_type_info_destroy_list
__std_exception_destroy
__std_exception_copy
_purecall
__std_terminate
__std_type_info_compare
_CxxThrowException
memmove
memset
memcmp
__C_specific_handler

api-ms-win-crt-string-l1-1-0

strncpy
_wcsnicmp
strnlen
wcsnlen

api-ms-win-crt-heap-l1-1-0

free
_callnewh
malloc

api-ms-win-crt-stdio-l1-1-0

fputc
__stdio_common_vsprintf
fclose
_get_stream_buffer_pointers
ungetc
fread
fwrite
fgetpos
_fseeki64
fsetpos
setvbuf
fflush
fgetc

api-ms-win-crt-runtime-l1-1-0

_invalid_parameter_noinfo_noreturn
strerror
_initterm_e
_initterm
_cexit
_crt_atexit
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_errno

api-ms-win-crt-filesystem-l1-1-0

_lock_file
_unlock_file

api-ms-win-crt-locale-l1-1-0

localeconv

api-ms-win-crt-convert-l1-1-0

strtod
strtoull
strtoll

user32

LoadStringW

api-ms-win-crt-math-l1-1-0

_dclass

Exports

Exports

ServiceProviderCheckServiceModule
ServiceProviderCleanup
ServiceProviderGetModulesRootDirectory
ServiceProviderGetServiceObject
ServiceProviderLoadModule
ServiceProviderPreCleanup
ServiceProviderPreloadForceModules
ServiceProviderRegChild
ServiceProviderRegService
ServiceProviderRegService2
ServiceProviderSetModulesRootDirectory
ServiceProviderUnregService

Sections

.text
Size: 437KB - Virtual size: 437KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
settings/cef_100_percent.pak
settings/cef_200_percent.pak
settings/chrome_elf.dll
.dll windows:5 windows x64 arch:x64

a21402ea151644d20096e026ec8b9d63

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0d:88:c0:8f:56:6d:2b:1f:0c:19:4d:b1:f8:ca:c9:a9
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

18/01/2023, 00:00

Not After

20/01/2026, 23:59

Subject

CN=Rockstar Games\, Inc.,O=Rockstar Games\, Inc.,L=New York,ST=New York,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

14:4a:0b:f8:5d:21:95:04:8b:62:f6:89:84:15:36:7e:54:73:d5:af
Signer

Actual PE Digest

14:4a:0b:f8:5d:21:95:04:8b:62:f6:89:84:15:36:7e:54:73:d5:af

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

chrome_elf.dll.pdb

Imports

kernel32

AcquireSRWLockExclusive
CloseHandle
CompareStringW
CreateDirectoryW
CreateEventW
CreateFileW
CreateMutexW
CreateNamedPipeW
CreateProcessW
CreateRemoteThread
CreateThread
DeleteCriticalSection
DeleteFileW
DuplicateHandle
EncodePointer
EnterCriticalSection
EnumSystemLocalesW
ExitProcess
ExpandEnvironmentStringsW
FileTimeToSystemTime
FindClose
FindFirstFileExW
FindNextFileW
FlushFileBuffers
FormatMessageA
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetComputerNameExW
GetConsoleMode
GetConsoleOutputCP
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDateFormatW
GetDriveTypeW
GetEnvironmentStringsW
GetEnvironmentVariableW
GetFileAttributesW
GetFileInformationByHandle
GetFileSizeEx
GetFileType
GetFullPathNameW
GetLastError
GetLocalTime
GetLocaleInfoW
GetLongPathNameW
GetModuleFileNameW
GetModuleHandleExW
GetModuleHandleW
GetNativeSystemInfo
GetOEMCP
GetProcAddress
GetProcessHeap
GetProcessId
GetProcessTimes
GetProductInfo
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemInfo
GetSystemTimeAsFileTime
GetTempPathW
GetThreadId
GetThreadPriority
GetTickCount
GetTimeFormatW
GetTimeZoneInformation
GetUserDefaultLCID
GetVersion
GetVersionExW
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
InitOnceExecuteOnce
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InitializeSListHead
InterlockedFlushSList
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
IsValidLocale
IsWow64Process
LCMapStringW
LeaveCriticalSection
LoadLibraryExA
LoadLibraryExW
LoadLibraryW
LocalFree
LockFileEx
MultiByteToWideChar
OpenProcess
OutputDebugStringA
OutputDebugStringW
PeekNamedPipe
QueryPerformanceCounter
QueryPerformanceFrequency
QueryThreadCycleTime
RaiseException
ReadConsoleW
ReadFile
ReadProcessMemory
ReleaseMutex
ReleaseSRWLockExclusive
RemoveDirectoryW
ResetEvent
RtlCaptureContext
RtlCaptureStackBackTrace
RtlLookupFunctionEntry
RtlPcToFileHeader
RtlUnwind
RtlUnwindEx
RtlVirtualUnwind
SetConsoleCtrlHandler
SetEndOfFile
SetEnvironmentVariableW
SetEvent
SetFilePointerEx
SetLastError
SetNamedPipeHandleState
SetStdHandle
SetThreadPriority
SetUnhandledExceptionFilter
Sleep
SleepConditionVariableSRW
SleepEx
SystemTimeToTzSpecificLocalTime
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
TransactNamedPipe
TryAcquireSRWLockExclusive
UnhandledExceptionFilter
UnlockFileEx
VerSetConditionMask
VerifyVersionInfoW
VirtualProtect
VirtualProtectEx
VirtualQuery
WaitForSingleObject
WaitForSingleObjectEx
WaitNamedPipeW
WakeAllConditionVariable
WideCharToMultiByte
WriteConsoleW
WriteFile
WriteProcessMemory
lstrcmpiA

Exports

Exports

ClearReportsBetween_ExportThunk
CrashForException_ExportThunk
DisableHook
DrainLog
DumpHungProcessWithPtype_ExportThunk
DumpProcessWithoutCrash
GetApplyHookResult
GetBlockedModulesCount
GetCrashReports_ExportThunk
GetCrashpadDatabasePath_ExportThunk
GetHandleVerifier
GetInstallDetailsPayload
GetUniqueBlockedModulesCount
GetUserDataDirectoryThunk
InjectDumpForHungInput_ExportThunk
IsCrashReportingEnabledImpl
IsThirdPartyInitialized
RegisterLogNotification
RequestSingleCrashUpload_ExportThunk
SetCrashKeyValueImpl
SetMetricsClientId
SetUploadConsent_ExportThunk
SignalChromeElf
SignalInitializeCrashReporting

Sections

.text
Size: 661KB - Virtual size: 660KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 148KB - Virtual size: 147KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 110KB - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.00cfg
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.crthunk
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gehcont
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.oldntma
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CPADinfo
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
settings/d3dcompiler_47.dll
.dll windows:10 windows x64 arch:x64

4004e7f7eff525b82926d9696cb4db19

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0d:88:c0:8f:56:6d:2b:1f:0c:19:4d:b1:f8:ca:c9:a9
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

18/01/2023, 00:00

Not After

20/01/2026, 23:59

Subject

CN=Rockstar Games\, Inc.,O=Rockstar Games\, Inc.,L=New York,ST=New York,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

fa:90:fa:70:4f:be:7b:a4:ac:bd:95:97:95:be:bb:d0:a7:a6:8b:11
Signer

Actual PE Digest

fa:90:fa:70:4f:be:7b:a4:ac:bd:95:97:95:be:bb:d0:a7:a6:8b:11

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D3DCompiler_47.pdb

Imports

msvcrt

_unlock
_lock
??1type_info@@UEAA@XZ
strncpy_s
malloc
_strnicmp
atoi
isdigit
__C_specific_handler
_initterm
_amsg_exit
_XcptFilter
_callnewh
_isnan
_purecall
__isascii
_clearfp
_controlfp
_strdup
_mbstrlen
_vsnwprintf
strtoul
isxdigit
isalpha
atof
strchr
setlocale
strnlen
__dllonexit
modf
isspace
wcsncmp
wcsncpy_s
_wcsicmp
memcpy
memset
fclose
bsearch
qsort
strcat_s
strstr
_onexit
memcmp
strcmp
_snwprintf_s
__unDName
fread
fseek
_wfsopen
wcstoul
_fileno
sscanf_s
_filelengthi64
towlower
_wcsnicmp
_wsplitpath_s
wcscpy_s
wcsncat_s
wcsrchr
swprintf_s
_wfullpath
_wmakepath_s
_time64
_chsize_s
_close
_read
_write
_lseeki64
_get_osfhandle
_open_osfhandle
_wcsdup
wcscat_s
ftell
_mbscmp
_memicmp
_wgetenv
toupper
_atoi64
_errno
strtod
__CxxFrameHandler3
_strtoui64
?terminate@@YAXXZ
_CxxThrowException
tan
strrchr
tolower
_finite
_fpclass
memmove
strcpy_s
memcpy_s
isalnum
getenv
free
_stricmp
sprintf_s
_vsnprintf
strncmp
_wsopen
acos
asin
atan
atan2
ceil
cos
cosh
exp
floor
floorf
fmod
log
pow
sin
sinh
sqrt
tanh

kernel32

GetModuleFileNameA
GetEnvironmentVariableA
HeapCreate
lstrcmpiA
CreateFileA
SetLastError
FlushViewOfFile
MapViewOfFileEx
SetFilePointer
InitializeCriticalSectionAndSpinCount
ExpandEnvironmentStringsW
DeviceIoControl
SetFilePointerEx
SetEndOfFile
GetFileType
DeleteFileW
SetFileAttributesW
LCMapStringW
GetFileAttributesW
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
GetFileSize
LocalFree
LocalAlloc
LoadLibraryExW
DisableThreadLibraryCalls
MultiByteToWideChar
WideCharToMultiByte
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
OutputDebugStringA
HeapAlloc
GetProcessHeap
HeapFree
WriteFile
FreeLibrary
VirtualFree
VirtualAlloc
GetSystemInfo
CreateFileW
GetLastError
GetFileSizeEx
ReadFile
CloseHandle
Sleep
TlsAlloc
TlsSetValue
HeapDestroy
TlsGetValue
TlsFree
GetFullPathNameW
GetFullPathNameA
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
GetTickCount
GetProcAddress

advapi32

CryptHashData
CryptCreateHash
CryptGetHashParam
CryptReleaseContext
CryptAcquireContextW
RegQueryValueExA
RegEnumKeyExA
RegOpenKeyExA
RegQueryValueExW
RegOpenKeyExW
CryptDestroyHash
RegCloseKey

rpcrt4

UuidCreate

Exports

Exports

D3DAssemble
D3DCompile
D3DCompile2
D3DCompileFromFile
D3DCompressShaders
D3DCreateBlob
D3DCreateFunctionLinkingGraph
D3DCreateLinker
D3DDecompressShaders
D3DDisassemble
D3DDisassemble10Effect
D3DDisassemble11Trace
D3DDisassembleRegion
D3DGetBlobPart
D3DGetDebugInfo
D3DGetInputAndOutputSignatureBlob
D3DGetInputSignatureBlob
D3DGetOutputSignatureBlob
D3DGetTraceInstructionOffsets
D3DLoadModule
D3DPreprocess
D3DReadFileToBlob
D3DReflect
D3DReflectLibrary
D3DReturnFailure1
D3DSetBlobPart
D3DStripShader
D3DWriteBlobToFile
DebugSetMute

Sections

.text
Size: 3.1MB - Virtual size: 3.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 868KB - Virtual size: 867KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 38KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 125KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
settings/dx12user.settings
settings/dx12user.settings.bak
settings/icudtl.dat
settings/input.settings
settings/libEGL.dll
.dll windows:5 windows x64 arch:x64

b7d07fba9927b6b4247e86eea7632776

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0d:88:c0:8f:56:6d:2b:1f:0c:19:4d:b1:f8:ca:c9:a9
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

18/01/2023, 00:00

Not After

20/01/2026, 23:59

Subject

CN=Rockstar Games\, Inc.,O=Rockstar Games\, Inc.,L=New York,ST=New York,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7a:f2:b1:fa:89:4d:33:56:01:f8:9c:19:50:48:4e:20:7f:e4:39:ca
Signer

Actual PE Digest

7a:f2:b1:fa:89:4d:33:56:01:f8:9c:19:50:48:4e:20:7f:e4:39:ca

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

libEGL.dll.pdb

Imports

kernel32

AcquireSRWLockExclusive
CloseHandle
CompareStringW
CreateEventW
CreateFileW
DeleteCriticalSection
EncodePointer
EnterCriticalSection
EnumSystemLocalesW
ExitProcess
FindClose
FindFirstFileExW
FindNextFileW
FlushFileBuffers
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetConsoleMode
GetConsoleOutputCP
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetDateFormatW
GetEnvironmentStringsW
GetFileSizeEx
GetFileType
GetLastError
GetLocaleInfoW
GetModuleFileNameW
GetModuleHandleExW
GetModuleHandleW
GetOEMCP
GetProcAddress
GetProcessHeap
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemTimeAsFileTime
GetTimeFormatW
GetTimeZoneInformation
GetUserDefaultLCID
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSectionAndSpinCount
InitializeSListHead
InterlockedFlushSList
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
IsValidLocale
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
LoadLibraryExW
MultiByteToWideChar
QueryPerformanceCounter
RaiseException
ReadConsoleW
ReadFile
ReleaseSRWLockExclusive
ResetEvent
RtlCaptureContext
RtlLookupFunctionEntry
RtlPcToFileHeader
RtlUnwind
RtlUnwindEx
RtlVirtualUnwind
SetEnvironmentVariableW
SetEvent
SetFilePointerEx
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
SleepConditionVariableSRW
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
WaitForSingleObjectEx
WakeAllConditionVariable
WideCharToMultiByte
WriteConsoleW
WriteFile

Exports

Exports

eglBindAPI
eglBindTexImage
eglChooseConfig
eglClientWaitSync
eglClientWaitSyncKHR
eglCopyBuffers
eglCreateContext
eglCreateDeviceANGLE
eglCreateImage
eglCreateImageKHR
eglCreatePbufferFromClientBuffer
eglCreatePbufferSurface
eglCreatePixmapSurface
eglCreatePlatformPixmapSurface
eglCreatePlatformPixmapSurfaceEXT
eglCreatePlatformWindowSurface
eglCreatePlatformWindowSurfaceEXT
eglCreateStreamKHR
eglCreateStreamProducerD3DTextureANGLE
eglCreateSync
eglCreateSyncKHR
eglCreateWindowSurface
eglDebugMessageControlKHR
eglDestroyContext
eglDestroyImage
eglDestroyImageKHR
eglDestroyStreamKHR
eglDestroySurface
eglDestroySync
eglDestroySyncKHR
eglDupNativeFenceFDANDROID
eglGetConfigAttrib
eglGetConfigs
eglGetCurrentContext
eglGetCurrentDisplay
eglGetCurrentSurface
eglGetDisplay
eglGetError
eglGetMscRateANGLE
eglGetNativeClientBufferANDROID
eglGetPlatformDisplay
eglGetPlatformDisplayEXT
eglGetProcAddress
eglGetSyncAttrib
eglGetSyncAttribKHR
eglGetSyncValuesCHROMIUM
eglInitialize
eglLabelObjectKHR
eglMakeCurrent
eglPostSubBufferNV
eglPresentationTimeANDROID
eglProgramCacheGetAttribANGLE
eglProgramCachePopulateANGLE
eglProgramCacheQueryANGLE
eglProgramCacheResizeANGLE
eglQueryAPI
eglQueryContext
eglQueryDebugKHR
eglQueryDeviceAttribEXT
eglQueryDeviceStringEXT
eglQueryDisplayAttribANGLE
eglQueryDisplayAttribEXT
eglQueryStreamKHR
eglQueryStreamu64KHR
eglQueryString
eglQueryStringiANGLE
eglQuerySurface
eglQuerySurfacePointerANGLE
eglReleaseDeviceANGLE
eglReleaseTexImage
eglReleaseThread
eglSetBlobCacheFuncsANDROID
eglStreamAttribKHR
eglStreamConsumerAcquireKHR
eglStreamConsumerGLTextureExternalAttribsNV
eglStreamConsumerGLTextureExternalKHR
eglStreamConsumerReleaseKHR
eglStreamPostD3DTextureANGLE
eglSurfaceAttrib
eglSwapBuffers
eglSwapBuffersWithDamageKHR
eglSwapInterval
eglTerminate
eglWaitClient
eglWaitGL
eglWaitNative
eglWaitSync
eglWaitSyncKHR

Sections

.text
Size: 254KB - Virtual size: 253KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.00cfg
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gehcont
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
settings/profile.settings
vcruntime140.dll
.dll windows:6 windows x64 arch:x64

f143e2868efde0fcb493bd3051708a62

Code Sign

33:00:00:01:03:49:9c:76:42:f1:37:3d:9d:00:00:00:00:01:03
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/08/2018, 20:20

Not After

23/11/2019, 20:20

Subject

CN=Microsoft Time-Stamp service,OU=Microsoft Ireland Operations Limited+OU=Thales TSS ESN:0842-4BE6-C29A,O=Microsoft Corporation,L=Redmond,ST=WA,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:01:51:9e:8d:8f:40:71:a3:0e:41:00:00:00:00:01:51
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

02/05/2019, 21:37

Not After

02/05/2020, 21:37

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:01:51:9e:8d:8f:40:71:a3:0e:41:00:00:00:00:01:51
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

02/05/2019, 21:37

Not After

02/05/2020, 21:37

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

7b:9a:42:b4:cf:09:aa:e1:8e:9a:4a:85:a1:65:44:ed:03:56:7b:c0:cf:aa:7c:96:e6:cf:ec:1b:05:7c:49:7f
Signer

Actual PE Digest

7b:9a:42:b4:cf:09:aa:e1:8e:9a:4a:85:a1:65:44:ed:03:56:7b:c0:cf:aa:7c:96:e6:cf:ec:1b:05:7c:49:7f

Digest Algorithm

sha256

PE Digest Matches

true

f9:2f:ae:d1:4e:bc:b0:f5:94:75:cf:61:29:49:62:23:5d:7b:91:82
Signer

Actual PE Digest

f9:2f:ae:d1:4e:bc:b0:f5:94:75:cf:61:29:49:62:23:5d:7b:91:82

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

d:\agent\_work\1\s\\binaries\amd64ret\bin\amd64\\vcruntime140.amd64.pdb

Imports

api-ms-win-crt-runtime-l1-1-0

terminate
abort

api-ms-win-crt-heap-l1-1-0

calloc
malloc
free

api-ms-win-crt-string-l1-1-0

strcpy_s
wcsncmp

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf_s

api-ms-win-crt-convert-l1-1-0

atol

kernel32

GetLastError
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlCaptureContext
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
RtlLookupFunctionEntry
GetModuleHandleW
GetModuleFileNameW
RtlUnwindEx
RtlUnwind
EncodePointer
RaiseException
RtlPcToFileHeader
InterlockedPushEntrySList
InterlockedFlushSList
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetProcAddress
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW

Exports

Exports

_CreateFrameInfo
_CxxThrowException
_FindAndUnlinkFrame
_IsExceptionObjectToBeDestroyed
_SetWinRTOutOfMemoryExceptionCallback
__AdjustPointer
__BuildCatchObject
__BuildCatchObjectHelper
__C_specific_handler
__C_specific_handler_noexcept
__CxxDetectRethrow
__CxxExceptionFilter
__CxxFrameHandler
__CxxFrameHandler2
__CxxFrameHandler3
__CxxQueryExceptionSize
__CxxRegisterExceptionObject
__CxxUnregisterExceptionObject
__DestructExceptionObject
__FrameUnwindFilter
__GetPlatformExceptionInfo
__NLG_Dispatch2
__NLG_Return2
__RTCastToVoid
__RTDynamicCast
__RTtypeid
__TypeMatch
__current_exception
__current_exception_context
__intrinsic_setjmp
__intrinsic_setjmpex
__processing_throw
__report_gsfailure
__std_exception_copy
__std_exception_destroy
__std_terminate
__std_type_info_compare
__std_type_info_destroy_list
__std_type_info_hash
__std_type_info_name
__telemetry_main_invoke_trigger
__telemetry_main_return_trigger
__unDName
__unDNameEx
__uncaught_exception
__uncaught_exceptions
__vcrt_GetModuleFileNameW
__vcrt_GetModuleHandleW
__vcrt_InitializeCriticalSectionEx
__vcrt_LoadLibraryExW
_get_purecall_handler
_get_unexpected
_is_exception_typeof
_local_unwind
_purecall
_set_purecall_handler
_set_se_translator
longjmp
memchr
memcmp
memcpy
memmove
memset
set_unexpected
strchr
strrchr
strstr
unexpected
wcschr
wcsrchr
wcsstr

Sections

.text
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 148B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 396B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
vcruntime140_1.dll
.dll windows:6 windows x64 arch:x64

ae0bde6314fa2027b54ce04898f6ab69

Code Sign

33:00:00:01:2e:8f:84:66:68:39:bf:05:bd:00:00:00:00:01:2e
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/09/2019, 20:40

Not After

04/12/2020, 20:40

Subject

CN=Microsoft Time-Stamp Service,OU=Microsoft Operations Puerto Rico+OU=Thales TSS ESN:B1B7-F67F-FEC2,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:01:51:9e:8d:8f:40:71:a3:0e:41:00:00:00:00:01:51
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

02/05/2019, 21:37

Not After

02/05/2020, 21:37

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:01:51:9e:8d:8f:40:71:a3:0e:41:00:00:00:00:01:51
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

02/05/2019, 21:37

Not After

02/05/2020, 21:37

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

6a:21:d9:ba:7f:d8:c7:56:73:a4:4e:1f:a8:38:df:0d:fa:e2:27:21:30:b5:82:4c:ca:d0:f9:b1:cb:d6:68:8c
Signer

Actual PE Digest

6a:21:d9:ba:7f:d8:c7:56:73:a4:4e:1f:a8:38:df:0d:fa:e2:27:21:30:b5:82:4c:ca:d0:f9:b1:cb:d6:68:8c

Digest Algorithm

sha256

PE Digest Matches

true

14:17:93:a4:79:fa:4a:52:fd:a2:99:4c:b8:a5:39:57:99:4c:0f:c6
Signer

Actual PE Digest

14:17:93:a4:79:fa:4a:52:fd:a2:99:4c:b8:a5:39:57:99:4c:0f:c6

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

d:\agent\_work\1\s\\binaries\amd64ret\bin\amd64\\vcruntime140_1.amd64.pdb

Imports

api-ms-win-crt-runtime-l1-1-0

terminate
abort

api-ms-win-crt-heap-l1-1-0

malloc
calloc
free

api-ms-win-crt-string-l1-1-0

strcpy_s
wcsncmp

vcruntime140

__processing_throw
__C_specific_handler
memmove
__current_exception

kernel32

IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlCaptureContext
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
RtlUnwindEx
RtlLookupFunctionEntry
LoadLibraryExW
GetProcAddress
FreeLibrary
TlsFree
TlsSetValue
TlsGetValue
EncodePointer
RaiseException
RtlPcToFileHeader
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
GetLastError
SetLastError
TlsAlloc

Exports

Exports

__CxxFrameHandler4
__NLG_Dispatch2
__NLG_Return2

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 296B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
vcruntime210.dll
vcruntime211.dll

Sharing

General

Malware Config

Signatures

Files

Password: 8866

Password: 8866

8b7fbfb12cba7ad7d735846fc1f3ab98

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:ddCertificate

Extended Key Usages

Key Usages

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate

Extended Key Usages

Key Usages

dc:39:2e:be:77:1b:84:15:a0:e2:c3:0b:c3:46:8d:0bCertificate

Extended Key Usages

Key Usages

39:72:44:3a:f9:22:b7:51:d7:d3:6c:10:dd:31:35:95Certificate

Key Usages

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6aCertificate

Extended Key Usages

Key Usages

dc:39:2e:be:77:1b:84:15:a0:e2:c3:0b:c3:46:8d:0bCertificate

Extended Key Usages

Key Usages

39:72:44:3a:f9:22:b7:51:d7:d3:6c:10:dd:31:35:95Certificate

Key Usages

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6aCertificate

Extended Key Usages

Key Usages

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:ddCertificate

Extended Key Usages

Key Usages

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate

Extended Key Usages

Key Usages

a9:1d:6a:e9:d4:ca:32:84:05:5f:64:c4:72:ca:ee:7e:aa:2a:91:a7:11:05:fe:6d:72:49:28:51:6b:1d:03:b5Signer

f3:8c:47:cb:88:1e:e1:d9:10:47:f5:42:bf:71:59:10:21:bf:bd:9bSigner

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

wtsapi32

msi

version

psapi

kernel32

userenv

encoding-conversion

user32

netapi32

advapi32

ole32

oleaut32

atom

root-service-provider

brand

iphlpapi

msvcp140

wininet

vcruntime140

vcruntime140_1

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

libcurl

libcrypto-1_1-x64

libssl-1_1-x64

icuuc68

dbghelp

winmm

winhttp

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

dc:39:2e:be:77:1b:84:15:a0:e2:c3:0b:c3:46:8d:0b
Certificate

39:72:44:3a:f9:22:b7:51:d7:d3:6c:10:dd:31:35:95
Certificate

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

dc:39:2e:be:77:1b:84:15:a0:e2:c3:0b:c3:46:8d:0b
Certificate

39:72:44:3a:f9:22:b7:51:d7:d3:6c:10:dd:31:35:95
Certificate

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

a9:1d:6a:e9:d4:ca:32:84:05:5f:64:c4:72:ca:ee:7e:aa:2a:91:a7:11:05:fe:6d:72:49:28:51:6b:1d:03:b5
Signer

f3:8c:47:cb:88:1e:e1:d9:10:47:f5:42:bf:71:59:10:21:bf:bd:9b
Signer

.text
Size: 1.9MB - Virtual size: 1.9MB

.rdata
Size: 784KB - Virtual size: 783KB

.data
Size: 193KB - Virtual size: 212KB

.pdata
Size: 79KB - Virtual size: 78KB

.rsrc
Size: 33KB - Virtual size: 33KB

.reloc
Size: 37KB - Virtual size: 36KB

33:00:00:03:de:8d:56:82:5a:f1:a4:a9:67:00:00:00:00:03:de
Certificate

61:0c:52:4c:00:00:00:00:00:03
Certificate

33:00:00:01:e2:f1:7d:92:02:0e:49:f8:7f:00:00:00:00:01:e2
Certificate

61:0e:90:d2:00:00:00:00:00:03
Certificate

80:9e:ca:85:bd:54:4a:8a:4d:7a:fe:6b:c9:82:31:c2:a9:df:d9:e1:97:49:a4:57:7e:df:a7:44:83:45:74:8d
Signer

80:9e:ca:85:bd:54:4a:8a:4d:7a:fe:6b:c9:82:31:c2:a9:df:d9:e1:97:49:a4:57:7e:df:a7:44:83:45:74:8d
Signer

.text
Size: 192KB - Virtual size: 192KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

.rdata
Size: 338KB - Virtual size: 338KB

.rdata
Size: 338KB - Virtual size: 338KB

.text
Size: 453KB - Virtual size: 453KB

.managed
Size: 1.3MB - Virtual size: 1.3MB

hydrated
Size: - Virtual size: 531KB

.rdata
Size: 1.1MB - Virtual size: 1.1MB

.data
Size: 9KB - Virtual size: 74KB

.pdata
Size: 144KB - Virtual size: 144KB

_RDATA
Size: 512B - Virtual size: 348B

.rsrc
Size: 1024B - Virtual size: 1004B

.reloc
Size: 2KB - Virtual size: 1KB

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate