[N]-Actarine_Invoke-23[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

[N]-Actarine_Invoke-23.zip
Size

17.6MB
MD5

2cb35fbef22bf7626350e74dd63c1242
SHA1

5c5168baf43a4596c224eb2ba89a5543fae0d071
SHA256

b85952a2c6253c6905764fed283b7aa1f5d9844c8889e52294898216d0da0b5c
SHA512

bef633a9b63a41753eec918768973a2048d196345aed7409081a10d53a9adb0297dc94012d2ba4110915075718d6436f02d55a9f2038c873b464a3468fe55f43
SSDEEP

393216:tQObseg0jbJtHwrLgYK2Q8AlIR9KkedO4Qs+4wvFJ8/vx:t755er8YK/tlImke0KXw9J8Xx

Score

9^/10

cryptone packer

Malware Config

Signatures

CryptOne packer 1 IoCs

Detects CryptOne packer defined in NCC blogpost.

cryptone packer

resource	yara_rule
static1/unpack001/autoexec/bin	cryptone

Unsigned PE 4 IoCs

Checks for missing Authenticode signature.

resource
unpack001/locales/resources/app.asar.unpacked/node_modules/btime/binding.node
unpack001/locales/resources/app.asar.unpacked/node_modules/get-fonts/binding.node
unpack001/locales/resources/app.asar.unpacked/node_modules/vibrancy-win/binding.node
unpack001/vstdlib_s64.dll

Files

[N]-Actarine_Invoke-23.zip
.zip

Password: 7482
[3]-Eye-Of_Morriah[2].exe
.exe windows:6 windows x64 arch:x64

Password: 7482

bc84427dd015272779b3d034cd29d1bb

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:9b:1b:57:9e:8e:21:32:e2:39:07:bd:a7:77:75:5c
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2013, 12:00

Not After

15/01/2038, 12:00

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:ae:66:bc:5a:ba:7f:95:87:c6:f9:e9:04:e3:33:04
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

26/09/2024, 00:00

Not After

25/11/2035, 23:59

Subject

CN=DigiCert Timestamp 2024,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

06:fb:83:d0:ba:7c:64:b9:57:84:9b:76:a8:c1:de:72
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

12/10/2024, 00:00

Not After

08/10/2027, 23:59

Subject

CN=Valve Corp.,O=Valve Corp.,L=Bellevue,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

2a:26:cd:c8:b1:a4:40:76:9d:03:7b:9b:36:86:68:c8:3d:93:14:94:59:8c:4c:8b:55:9c:04:30:58:db:ac:39
Signer

Actual PE Digest

2a:26:cd:c8:b1:a4:40:76:9d:03:7b:9b:36:86:68:c8:3d:93:14:94:59:8c:4c:8b:55:9c:04:30:58:db:ac:39

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\buildworker\steam_rel_client_win64\build\src\steamerrorreporter\win64\Release\steamerrorreporter64.pdb

Imports

kernel32

HeapAlloc
GetProcessHeap
GetCurrentThreadId
GetModuleFileNameA
GetModuleHandleExA
EnterCriticalSection
LeaveCriticalSection
OutputDebugStringW
CloseHandle
CreateEventA
Sleep
GetTickCount
GetModuleFileNameW
DecodePointer
LCMapStringEx
InitializeCriticalSectionEx
WriteConsoleW
GetConsoleOutputCP
GetStringTypeW
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
SetFilePointerEx
ReadConsoleW
GetConsoleMode
SetStdHandle
MultiByteToWideChar
GetTimeZoneInformation
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
GetModuleHandleExW
ExitProcess
GetStdHandle
GetFileType
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
GetCurrentProcess
GetCurrentProcessId
GetLastError
GetOverlappedResult
InitializeCriticalSection
DeleteCriticalSection
SetEvent
ResetEvent
ReleaseMutex
WriteFile
ReadFile
DuplicateHandle
ConnectNamedPipe
DisconnectNamedPipe
CreateMutexW
CreateEventW
CreateNamedPipeW
RegisterWaitForSingleObject
UnregisterWait
UnregisterWaitEx
GetProcessTimes
OpenProcess
ReadProcessMemory
GetSystemTimeAsFileTime
FreeLibrary
GetProcAddress
LoadLibraryW
CreateFileW
GetSystemTime
CreateDirectoryW
DeleteFileW
FindClose
FindFirstFileExW
FindNextFileW
FlushFileBuffers
GetFileAttributesW
GetFileSizeEx
GetFileTime
SetEndOfFile
SetFileAttributesW
SetLastError
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
WakeAllConditionVariable
SleepConditionVariableSRW
QueryPerformanceCounter
InitializeSListHead
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
GetModuleHandleW
TerminateProcess
RtlUnwindEx
RtlPcToFileHeader
RaiseException
EncodePointer
RtlUnwind

tier0_s64

g_pMemAllocSteam
?AssertFailed@?$AssertMsgHelper@$00@@SA_NPEBDI0@Z
WriteMiniDump
Plat_IsInDebugSession
Plat_ExitProcess
g_dwDllEntryThreadId
g_VProfProfilesRunningCount
CVProfile_ExitScope
VProfInternalEnterScopeCurrentThread
getcwd_utf8
?ClaimArrayMemory@CValidator@@QEAAXPEBX@Z
??1CThreadMutex@@QEAA@XZ
??0CThreadMutex@@QEAA@XZ
?AssertFailed@?$AssertMsgHelper@$0A@@@SA_NPEBDI0ZZ
?Pop@CValidator@@QEAAXXZ
?Push@CValidator@@QEAAXPEBDPEAX0@Z

vstdlib_s64

V_snprintf
V_vsnwprintf
V_strncat
V_UTF8ToUTF16
V_UTF16ToUTF8
V_StripTrailingSlash
V_StripLastDir
V_FixSlashes
V_strncpy
V_strncat_length
V_RemoveDotSlashes
V_IsAbsolutePath
V_FixDoubleSlashes

psapi

EnumProcessModules
GetModuleBaseNameW

wininet

HttpSendRequestW
InternetOpenW
InternetCloseHandle
InternetConnectW
InternetReadFile
InternetQueryDataAvailable
InternetSetOptionW
HttpOpenRequestW
HttpQueryInfoW
InternetCrackUrlW
HttpAddRequestHeadersW

Sections

.text
Size: 234KB - Virtual size: 234KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 295KB - Virtual size: 295KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
autoexec/bin
.dll regsvr32 windows:5 windows x86 arch:x86

Password: 7482

a9fd3e7f71a802c8eee0a502f46de991

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

19:1a:32:cb:75:9c:97:b8:cf:ac:11:8d:d5:12:7f:49
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

04/03/2014, 00:00

Not After

03/03/2024, 23:59

Subject

CN=Symantec Class 3 Extended Validation Code Signing CA - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

4e:a1:e8:9e:15:ea:4f:fa:93:79:84:d8:8f:54:5f:ba
Certificate

Issuer

CN=Symantec Class 3 Extended Validation Code Signing CA - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

14/05/2015, 00:00

Not After

07/05/2017, 23:59

Subject

SERIALNUMBER=2748129,CN=Adobe Systems Incorporated,OU=Flash Player,O=Adobe Systems Incorporated,L=San Jose,ST=California,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

58:87:9f:24:25:99:c5:8a:6a:3d:a1:73:d2:9f:04:d8:cb:0a:4b:54
Signer

Actual PE Digest

58:87:9f:24:25:99:c5:8a:6a:3d:a1:73:d2:9f:04:d8:cb:0a:4b:54

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

Flash.pdb

Imports

version

VerQueryValueW
GetFileVersionInfoW
VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA
GetFileVersionInfoSizeW

winmm

mixerGetID
waveInGetDevCapsA
waveOutGetDevCapsA
waveOutMessage
waveOutGetDevCapsW
waveInGetDevCapsW
waveOutGetNumDevs
waveInGetNumDevs
waveInStart
waveInAddBuffer
waveInStop
waveInMessage
waveInUnprepareHeader
waveInReset
waveInPrepareHeader
waveInOpen
timeKillEvent
timeGetTime
timeSetEvent
timeEndPeriod
timeBeginPeriod
timeGetDevCaps
waveOutWrite
waveOutPrepareHeader
waveOutUnprepareHeader
waveOutReset
waveOutClose
waveOutOpen
waveOutGetPosition
mixerClose
mixerGetLineControlsA
mixerGetLineInfoA
mixerGetDevCapsA
mixerOpen
mixerGetControlDetailsA
waveOutRestart
waveOutPause
mixerSetControlDetails
waveInClose
waveInGetPosition

wininet

InternetSetCookieW
InternetGetCookieW

crypt32

CertFindCertificateInStore
CertVerifySubjectCertificateContext
CertCreateCertificateContext
CryptGetMessageCertificates
CryptVerifyMessageSignature
CertAddStoreToCollection
CertOpenStore
CertVerifyRevocation
CertFreeCertificateContext
CertCompareCertificate
CertEnumCertificatesInStore
CertAddCertificateContextToStore
CertCompareCertificateName
CryptFindOIDInfo
CertRDNValueToStrW
CertFindRDNAttr
CryptDecodeObjectEx
CertNameToStrW
CertCloseStore
CertVerifyTimeValidity

oleaut32

SysAllocString
VariantClear
VariantInit
SysStringByteLen
SysStringLen
SysAllocStringLen
SysFreeString
RegisterTypeLi
VarUI4FromStr
LoadRegTypeLi
LoadTypeLi
VarBstrCat
SysAllocStringByteLen
SafeArrayUnlock
SafeArrayLock
SafeArrayCreateVector
SafeArrayUnaccessData
SafeArrayDestroy
SafeArrayAccessData
VariantChangeType
OleCreatePropertyFrame
UnRegisterTypeLi

dsound

ord1
ord8

msimg32

AlphaBlend

kernel32

GetTickCount
LCMapStringW
CreateProcessA
GetSystemDirectoryW
GetSystemWow64DirectoryW
FindClose
FindNextFileW
RemoveDirectoryW
FindFirstFileW
SystemTimeToFileTime
GetSystemTime
GetFileSizeEx
CreateFileW
CreateDirectoryW
GetProcessTimes
GetCurrentProcessId
GlobalSize
GetSystemDirectoryA
GetTempFileNameW
GetSystemInfo
GetUserDefaultUILanguage
MoveFileExW
VirtualQuery
GetUserDefaultLangID
DeleteFileA
CreateFileA
WriteFile
SetFilePointer
VerifyVersionInfoW
VerSetConditionMask
ReadFile
GetFileSize
CreateThread
LockResource
FindResourceExA
FindResourceExW
SetUnhandledExceptionFilter
GetTempPathW
GetTimeZoneInformation
ReleaseSemaphore
CreateSemaphoreW
DeviceIoControl
GetFileAttributesExW
ExpandEnvironmentStringsA
GetLongPathNameW
GetTempFileNameA
GetTempPathA
CreateDirectoryA
FindResourceW
SetFilePointerEx
GetCurrentDirectoryW
SetCurrentDirectoryW
GetFullPathNameW
OutputDebugStringA
GetFileInformationByHandle
GetVolumeInformationW
TryEnterCriticalSection
UnmapViewOfFile
ReleaseMutex
MapViewOfFile
CreateFileMappingA
GetExitCodeThread
DuplicateHandle
TerminateThread
CreateWaitableTimerW
SetThreadPriority
CompareFileTime
QueryPerformanceCounter
QueryPerformanceFrequency
QueueUserAPC
OpenThread
SleepEx
SwitchToThread
SetEndOfFile
FlushFileBuffers
GlobalMemoryStatusEx
IsDebuggerPresent
SetSystemTime
FileTimeToSystemTime
TlsAlloc
TlsFree
ResumeThread
CreateTimerQueueTimer
DeleteTimerQueueTimer
CreateSemaphoreA
HeapAlloc
HeapFree
HeapUnlock
HeapWalk
HeapLock
HeapCreate
HeapDestroy
VirtualProtect
GetNumberFormatW
GetCurrencyFormatW
CompareStringW
GetDateFormatW
GetTimeFormatW
GetUserDefaultLCID
IsValidLocale
EnumSystemLocalesW
GetProcessHeap
GetProcessAffinityMask
IsProcessorFeaturePresent
ExitProcess
UnhandledExceptionFilter
RtlUnwind
GetCommandLineA
ExitThread
HeapReAlloc
GetLocaleInfoW
GetSystemTimeAsFileTime
GetStdHandle
SetConsoleCtrlHandler
InitializeCriticalSectionAndSpinCount
GetOEMCP
IsValidCodePage
SetHandleCount
GetFileType
GetStartupInfoA
LCMapStringA
GetConsoleCP
GetConsoleMode
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetStdHandle
GetStringTypeA
GetStringTypeW
EnumSystemLocalesA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringA
SetEnvironmentVariableA
GetNativeSystemInfo
lstrcpynW
GlobalMemoryStatus
FlushConsoleInputBuffer
LoadResource
SizeofResource
DisableThreadLibraryCalls
SetLastError
OutputDebugStringW
GetCurrentThreadId
GetModuleFileNameW
GetVersionExA
GetModuleFileNameA
GetFileAttributesA
SetFileAttributesA
LocalAlloc
LocalFree
GlobalLock
GlobalUnlock
MulDiv
GetCurrentProcess
FlushInstructionCache
lstrcmpiW
CreateMutexW
LoadLibraryW
LoadLibraryA
GetProcAddress
WaitForMultipleObjects
FreeLibrary
WaitForSingleObject
ResetEvent
CloseHandle
CreateEventW
SetEvent
GetModuleHandleW
GlobalAlloc
GetLastError
GetVersionExW
GetLocaleInfoA
lstrlenW
lstrlenA
WideCharToMultiByte
GlobalFree
InterlockedDecrement
InterlockedIncrement
DeleteFileW
GetFileAttributesW
GetCurrentThread
SetThreadAffinityMask
TlsSetValue
IsDBCSLeadByte
GetACP
GetCPInfo
MultiByteToWideChar
RaiseException
HeapSize
DebugBreak
ExpandEnvironmentStringsW
InterlockedExchange
InterlockedCompareExchange
Sleep
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
TlsGetValue
SetConsoleMode
ReadConsoleInputA
GetModuleHandleA
CreateEventA
CreateWaitableTimerA
SetWaitableTimer
CancelWaitableTimer
InterlockedExchangeAdd
GetVersion
VirtualAlloc
VirtualFree
CopyFileW
TerminateProcess
LoadLibraryExW
CreateMutexA

user32

RegisterClipboardFormatW
GetWindowThreadProcessId
RemoveMenu
SetMenuItemInfoW
GetMenuItemInfoW
InsertMenuItemW
CreatePopupMenu
TrackPopupMenu
DestroyMenu
DrawMenuBar
CreateMenu
SetMenuInfo
CharUpperW
CharLowerW
PostThreadMessageW
GetMessageW
CloseWindow
WaitForInputIdle
TranslateMessage
DispatchMessageW
SetWindowTextA
RedrawWindow
DialogBoxIndirectParamW
SetWindowTextW
SendMessageTimeoutW
CreateIconIndirect
GetMonitorInfoW
SetRectEmpty
GetCursor
DestroyIcon
LoadImageW
GetPropW
SetPropW
GetSystemMetrics
InflateRect
GetClipboardFormatNameA
RegisterClipboardFormatA
IsWindow
PtInRect
EqualRect
SetWindowRgn
BeginPaint
EndPaint
GetSubMenu
MapVirtualKeyW
LoadStringW
IntersectRect
CloseClipboard
GetClipboardData
OpenClipboard
IsClipboardFormatAvailable
SetClipboardData
EmptyClipboard
EnumDisplayDevicesW
DestroyCaret
ShowCaret
CreateCaret
SetCaretPos
MoveWindow
GetActiveWindow
UnregisterClassA
LoadIconA
DeleteMenu
RegisterClassExA
CreateWindowExA
ReleaseCapture
UpdateWindow
SystemParametersInfoW
GetMessageTime
LoadIconW
RegisterClassW
IsWindowVisible
DialogBoxParamW
GetDlgItem
EndDialog
SetWindowPos
GetKeyState
LoadStringA
MessageBoxA
SendMessageW
GetQueueStatus
SetTimer
GetCapture
SetCursor
GetCursorPos
WindowFromPoint
ScreenToClient
GetClientRect
SetCapture
MessageBoxW
KillTimer
PeekMessageW
EnableMenuItem
CheckMenuItem
GetWindowInfo
CopyRect
PostQuitMessage
ClientToScreen
SendInput
ActivateKeyboardLayout
GetKeyboardLayout
GetWindowRect
UpdateLayeredWindow
UnregisterClassW
GetParent
GetFocus
IsChild
SetFocus
RegisterClassExW
InvalidateRect
DefWindowProcW
UnionRect
CallWindowProcW
GetDC
ReleaseDC
LoadCursorW
GetClassInfoExW
GetWindowLongW
SetWindowLongW
CharNextW
SetRect
GetForegroundWindow
GetDesktopWindow
EnumDisplayDevicesA
MonitorFromWindow
FillRect
OffsetRect
FlashWindowEx
GetSystemMenu
IsZoomed
GetWindowPlacement
SetWindowPlacement
ShowWindowAsync
IsIconic
EnumDisplaySettingsW
MapWindowPoints
GetWindowTextLengthW
CreateWindowExW
ShowWindow
DestroyWindow
GetDoubleClickTime
EnumWindows
PostMessageW
IsWindowEnabled
GetWindow
GetClassNameA
GetWindowTextW
GetWindowTextA
DefWindowProcA
GetWindowLongA
LoadCursorA
SetWindowLongA
PostMessageA
RegisterWindowMessageA
EnumDisplayMonitors
MonitorFromRect
GetMonitorInfoA
wsprintfW
GetUserObjectInformationW
GetProcessWindowStation
SetCursorPos

gdi32

GetDeviceCaps
CreateDIBSection
SelectObject
GetStockObject
GetObjectW
DeleteObject
GdiFlush
DeleteDC
CreateMetaFileW
GetClipBox
SetViewportOrgEx
LPtoDP
CreateRectRgnIndirect
GetObjectType
GetICMProfileA
CreateDCA
SetPixel
TextOutW
SetTextAlign
DeleteMetaFile
CreateBitmap
CreateFontIndirectW
GetTextExtentPoint32A
ExtTextOutA
GetTextExtentPoint32W
GetTextMetricsW
SetTextColor
CreateFontIndirectA
IntersectClipRect
GetClipRgn
CreateRectRgn
SetBkMode
SelectClipRgn
SetTextCharacterExtra
GetTextAlign
GetBkMode
GetTextColor
GetCurrentObject
GetBkColor
EnumFontFamiliesA
CreatePen
DPtoLP
GetTextCharacterExtra
SetWorldTransform
SetGraphicsMode
GetWorldTransform
StartDocW
EndDoc
StrokePath
ExtCreatePen
FillPath
StartPage
EndPage
BeginPath
EndPath
SetPolyFillMode
PolyBezierTo
SelectClipPath
CloseMetaFile
RestoreDC
SetWindowExtEx
SetWindowOrgEx
SaveDC
GdiAlphaBlend
StretchBlt
BitBlt
SetStretchBltMode
CreateCompatibleBitmap
ExtTextOutW
SetBkColor
GetStretchBltMode
EnumFontFamiliesW
CreateSolidBrush
GetFontData
EnumFontFamiliesExW
LineTo
MoveToEx
Rectangle
StretchDIBits
CreateCompatibleDC
RectVisible

comdlg32

GetSaveFileNameW
GetOpenFileNameW
CommDlgExtendedError
PrintDlgW

advapi32

CryptDecrypt
CryptSetKeyParam
CryptGetHashParam
CryptHashData
CryptDestroyHash
CryptAcquireContextA
CryptCreateHash
CryptAcquireContextW
CryptGenRandom
CryptReleaseContext
RegisterEventSourceA
ReportEventA
DeregisterEventSource
OpenProcessToken
GetTokenInformation
IsValidSid
GetSidSubAuthorityCount
GetSidSubAuthority
CryptImportKey
CryptGenKey
CryptDestroyKey
CryptExportKey
CryptEncrypt
RegOpenKeyA
RegQueryValueExW
RegCreateKeyA
RegEnumKeyExW
RegCreateKeyExA
RegSetValueExA
RegQueryInfoKeyW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegDeleteValueW
RegDeleteKeyW
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

shell32

SHGetFolderLocation
SHGetFolderPathW
ShellExecuteW
SHGetSpecialFolderPathW
SHFileOperationW
SHGetFolderPathA
SHGetPathFromIDListW
SHBrowseForFolderW
SHAppBarMessage
SHGetSettings
SHGetDiskFreeSpaceExW
ord165

ole32

CoTaskMemRealloc
CreateOleAdviseHolder
OleRegEnumVerbs
OleRegGetUserType
OleRegGetMiscStatus
CreateDataAdviseHolder
StringFromGUID2
WriteClassStm
OleSaveToStream
ReadClassStm
MkParseDisplayName
PropVariantClear
OleFlushClipboard
OleIsCurrentClipboard
OleSetClipboard
OleGetClipboard
OleUninitialize
OleInitialize
CoInitializeEx
CoRegisterMessageFilter
CoSetProxyBlanket
CoTaskMemFree
CoFreeUnusedLibraries
CoInitialize
CreateBindCtx
CoTaskMemAlloc
ReleaseStgMedium
CoCreateInstance
CoUninitialize

ws2_32

socket
WSAIoctl
WSAGetLastError
WSAAsyncSelect
closesocket
WSACleanup
WSASocketA
ntohl
gethostname
WSASocketW
select
__WSAFDIsSet
connect
ioctlsocket
WSAEnumNetworkEvents
WSAEventSelect
WSACreateEvent
WSAAddressToStringA
bind
sendto
recvfrom
WSASetLastError
getservbyport
gethostbyaddr
getservbyname
htonl
inet_ntoa
gethostbyname
inet_addr
WSACloseEvent
htons
getsockname
ntohs
send
WSAStartup
setsockopt
recv

shlwapi

UrlCanonicalizeW
ord158
PathFindFileNameW
StrRStrIW
StrStrIW
AssocQueryStringW

urlmon

HlinkSimpleNavigateToMoniker
RegisterBindStatusCallback
CreateURLMoniker
CopyStgMedium

mscms

DeleteColorTransform
CloseColorProfile
CreateColorTransformW
OpenColorProfileW
TranslateBitmapBits

iphlpapi

GetAdaptersAddresses

psapi

GetProcessMemoryInfo

Exports

Exports

AdobeCPGetAPI
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
IAEModule_AEModule_PutKernel
IAEModule_IAEKernel_LoadModule
IAEModule_IAEKernel_UnloadModule

Sections

.text
Size: 13.1MB - Virtual size: 13.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rodata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3.6MB - Virtual size: 3.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 836KB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 583KB - Virtual size: 582KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 700KB - Virtual size: 699KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
locales/hi.pak
locales/locales/af.pak
locales/locales/sk.pak
locales/locales/sl.pak
locales/locales/sr.pak
locales/locales/sv.pak
locales/locales/sw.pak
locales/locales/ta.pak
locales/locales/te.pak
locales/locales/th.pak
locales/locales/tr.pak
locales/locales/uk.pak
locales/locales/ur.pak
locales/locales/vi.pak
locales/locales/zh-CN.pak
locales/locales/zh-TW.pak
locales/resources/app.asar.unpacked/node_modules/btime/binding.node
.dll windows:6 windows x64 arch:x64

Password: 7482

0242ceb286e744ddd6dd8e963da637ee

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Projects\obsidian-stage\electron\btime\build\Release\binding.pdb

Imports

kernel32

GetModuleHandleA
SetFileTime
CreateFileW
MultiByteToWideChar
GetLastError
CloseHandle
LoadLibraryExA
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
RtlUnwindEx
RtlPcToFileHeader
RaiseException
InterlockedFlushSList
SetLastError
EncodePointer
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
ExitProcess
GetModuleHandleExW
GetModuleFileNameW
HeapFree
HeapAlloc
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
LCMapStringW
GetProcessHeap
GetStdHandle
GetFileType
GetStringTypeW
HeapSize
HeapReAlloc
SetStdHandle
FlushFileBuffers
WriteFile
GetConsoleOutputCP
GetConsoleMode
SetFilePointerEx
WriteConsoleW
GetSystemInfo
VirtualProtect
VirtualQuery

Exports

Exports

_register_binding_

Sections

.text
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 148B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
locales/resources/app.asar.unpacked/node_modules/get-fonts/binding.node
.dll windows:6 windows x64 arch:x64

Password: 7482

2a1b9a0a23b390c22659b30f7660d0da

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Projects\obsidian-stage\electron\get-fonts\build\Release\binding.pdb

Imports

kernel32

LoadLibraryExA
WideCharToMultiByte
GetUserDefaultLocaleName
GetModuleHandleA
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
RtlUnwindEx
RtlPcToFileHeader
RaiseException
InterlockedFlushSList
GetLastError
SetLastError
EncodePointer
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
ExitProcess
GetModuleHandleExW
GetModuleFileNameW
HeapAlloc
HeapFree
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
MultiByteToWideChar
GetEnvironmentStringsW
FreeEnvironmentStringsW
LCMapStringW
GetProcessHeap
GetStdHandle
GetFileType
GetStringTypeW
HeapSize
HeapReAlloc
SetStdHandle
FlushFileBuffers
WriteFile
GetConsoleOutputCP
GetConsoleMode
SetFilePointerEx
CreateFileW
CloseHandle
WriteConsoleW
GetSystemInfo
VirtualProtect
VirtualQuery

dwrite

DWriteCreateFactory

Exports

Exports

_register_binding_

Sections

.text
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 148B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
locales/resources/app.asar.unpacked/node_modules/vibrancy-win/binding.node
.dll windows:6 windows x64 arch:x64

Password: 7482

56e83fb6e818a708f7895cf9d6058c3a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Projects\obsidian-stage\electron\vibrancy-win\build\Release\binding.pdb

Imports

kernel32

GetModuleHandleA
GetProcAddress
GetModuleHandleW
LoadLibraryExA
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
RtlUnwindEx
RtlPcToFileHeader
RaiseException
InterlockedFlushSList
GetLastError
SetLastError
EncodePointer
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
ExitProcess
GetModuleHandleExW
GetModuleFileNameW
HeapAlloc
HeapFree
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
MultiByteToWideChar
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
LCMapStringW
GetProcessHeap
GetStdHandle
GetFileType
GetStringTypeW
HeapSize
HeapReAlloc
SetStdHandle
FlushFileBuffers
WriteFile
GetConsoleOutputCP
GetConsoleMode
SetFilePointerEx
CreateFileW
CloseHandle
WriteConsoleW
GetSystemInfo
VirtualProtect
VirtualQuery

Exports

Exports

_register_binding_

Sections

.text
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 148B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
locales/resources/tr.pak
locales/resources/uk.pak
locales/resources/ur.pak
locales/resources/v8_context_snapshot.bin
locales/resources/vi.pak
locales/resources/vk_swiftshader.dll
.dll windows:5 windows x64 arch:x64

Password: 7482

6d7b823ac45e01133a6ba8c35160fef1

Code Sign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25/05/2021, 00:00

Not After

31/12/2028, 23:59

Subject

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

9c:90:57:dc:1e:df:33:b0:32:69:ff:6e:54:dc:f1:57
Certificate

Issuer

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Not Before

15/10/2021, 00:00

Not After

14/10/2024, 23:59

Subject

CN=Dynalist Inc,O=Dynalist Inc,ST=Ontario,C=CA

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0a
Certificate

Issuer

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Not Before

22/03/2021, 00:00

Not After

21/03/2036, 23:59

Subject

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25/05/2021, 00:00

Not After

31/12/2028, 23:59

Subject

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

9c:90:57:dc:1e:df:33:b0:32:69:ff:6e:54:dc:f1:57
Certificate

Issuer

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Not Before

15/10/2021, 00:00

Not After

14/10/2024, 23:59

Subject

CN=Dynalist Inc,O=Dynalist Inc,ST=Ontario,C=CA

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0a
Certificate

Issuer

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Not Before

22/03/2021, 00:00

Not After

21/03/2036, 23:59

Subject

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

93:2b:f4:84:f0:e9:ff:fd:14:a3:14:d1:34:d7:03:6e:57:87:d7:ed:f6:83:55:5b:17:65:ef:80:4c:6f:16:5c
Signer

Actual PE Digest

93:2b:f4:84:f0:e9:ff:fd:14:a3:14:d1:34:d7:03:6e:57:87:d7:ed:f6:83:55:5b:17:65:ef:80:4c:6f:16:5c

Digest Algorithm

sha256

PE Digest Matches

true

96:47:90:15:f8:86:95:b3:96:3c:28:8b:46:52:d6:91:8f:0a:7a:57
Signer

Actual PE Digest

96:47:90:15:f8:86:95:b3:96:3c:28:8b:46:52:d6:91:8f:0a:7a:57

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

vk_swiftshader.dll.pdb

Imports

kernel32

AcquireSRWLockExclusive
CloseHandle
CompareStringW
ConvertFiberToThread
ConvertThreadToFiberEx
CreateEventW
CreateFiberEx
CreateFileW
CreateRemoteThreadEx
CreateThread
DeleteCriticalSection
DeleteFiber
DeleteFileW
DeleteProcThreadAttributeList
EncodePointer
EnterCriticalSection
EnumSystemLocalesW
ExitProcess
ExitThread
FindClose
FindFirstFileExW
FindNextFileW
FlsAlloc
FlsFree
FlsGetValue
FlsSetValue
FlushFileBuffers
FlushInstructionCache
FreeEnvironmentStringsW
FreeLibrary
FreeLibraryAndExitThread
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetConsoleMode
GetConsoleOutputCP
GetConsoleScreenBufferInfo
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDateFormatW
GetEnvironmentStringsW
GetFileAttributesW
GetFileInformationByHandle
GetFileSizeEx
GetFileType
GetLastError
GetLocaleInfoW
GetLogicalProcessorInformationEx
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleExW
GetModuleHandleW
GetOEMCP
GetProcAddress
GetProcessHeap
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemInfo
GetSystemTimeAsFileTime
GetTimeFormatW
GetTimeZoneInformation
GetUserDefaultLCID
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InitializeProcThreadAttributeList
InitializeSListHead
InterlockedFlushSList
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
IsValidLocale
LCMapStringW
LeaveCriticalSection
LoadLibraryExW
MultiByteToWideChar
OutputDebugStringA
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReadConsoleW
ReadFile
ReleaseSRWLockExclusive
RemoveDirectoryW
ResetEvent
RtlCaptureContext
RtlLookupFunctionEntry
RtlPcToFileHeader
RtlUnwind
RtlUnwindEx
RtlVirtualUnwind
SetConsoleTextAttribute
SetEndOfFile
SetEnvironmentVariableW
SetEvent
SetFilePointerEx
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
Sleep
SleepConditionVariableSRW
SwitchToFiber
SwitchToThread
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
TryAcquireSRWLockExclusive
UnhandledExceptionFilter
UpdateProcThreadAttribute
VerSetConditionMask
VerifyVersionInfoW
VirtualAlloc
VirtualFree
VirtualProtect
WaitForSingleObject
WaitForSingleObjectEx
WakeAllConditionVariable
WakeConditionVariable
WideCharToMultiByte
WriteConsoleW
WriteFile

user32

GetClientRect
GetDC
IsWindow
ReleaseDC

gdi32

StretchDIBits

Exports

Exports

vkAcquireNextImage2KHR
vkAcquireNextImageKHR
vkAllocateCommandBuffers
vkAllocateDescriptorSets
vkAllocateMemory
vkBeginCommandBuffer
vkBindBufferMemory
vkBindBufferMemory2
vkBindImageMemory
vkBindImageMemory2
vkCmdBeginQuery
vkCmdBeginRenderPass
vkCmdBeginRenderPass2
vkCmdBeginRendering
vkCmdBindDescriptorSets
vkCmdBindIndexBuffer
vkCmdBindPipeline
vkCmdBindVertexBuffers
vkCmdBindVertexBuffers2
vkCmdBlitImage
vkCmdBlitImage2
vkCmdClearAttachments
vkCmdClearColorImage
vkCmdClearDepthStencilImage
vkCmdCopyBuffer
vkCmdCopyBuffer2
vkCmdCopyBufferToImage
vkCmdCopyBufferToImage2
vkCmdCopyImage
vkCmdCopyImage2
vkCmdCopyImageToBuffer
vkCmdCopyImageToBuffer2
vkCmdCopyQueryPoolResults
vkCmdDispatch
vkCmdDispatchBase
vkCmdDispatchIndirect
vkCmdDraw
vkCmdDrawIndexed
vkCmdDrawIndexedIndirect
vkCmdDrawIndexedIndirectCount
vkCmdDrawIndirect
vkCmdDrawIndirectCount
vkCmdEndQuery
vkCmdEndRenderPass
vkCmdEndRenderPass2
vkCmdEndRendering
vkCmdExecuteCommands
vkCmdFillBuffer
vkCmdNextSubpass
vkCmdNextSubpass2
vkCmdPipelineBarrier
vkCmdPipelineBarrier2
vkCmdPushConstants
vkCmdResetEvent
vkCmdResetEvent2
vkCmdResetQueryPool
vkCmdResolveImage
vkCmdResolveImage2
vkCmdSetBlendConstants
vkCmdSetCullMode
vkCmdSetDepthBias
vkCmdSetDepthBiasEnable
vkCmdSetDepthBounds
vkCmdSetDepthBoundsTestEnable
vkCmdSetDepthCompareOp
vkCmdSetDepthTestEnable
vkCmdSetDepthWriteEnable
vkCmdSetDeviceMask
vkCmdSetEvent
vkCmdSetEvent2
vkCmdSetFrontFace
vkCmdSetLineWidth
vkCmdSetPrimitiveRestartEnable
vkCmdSetPrimitiveTopology
vkCmdSetRasterizerDiscardEnable
vkCmdSetScissor
vkCmdSetScissorWithCount
vkCmdSetStencilCompareMask
vkCmdSetStencilOp
vkCmdSetStencilReference
vkCmdSetStencilTestEnable
vkCmdSetStencilWriteMask
vkCmdSetViewport
vkCmdSetViewportWithCount
vkCmdUpdateBuffer
vkCmdWaitEvents
vkCmdWaitEvents2
vkCmdWriteTimestamp
vkCmdWriteTimestamp2
vkCreateBuffer
vkCreateBufferView
vkCreateCommandPool
vkCreateComputePipelines
vkCreateDescriptorPool
vkCreateDescriptorSetLayout
vkCreateDescriptorUpdateTemplate
vkCreateDevice
vkCreateEvent
vkCreateFence
vkCreateFramebuffer
vkCreateGraphicsPipelines
vkCreateImage
vkCreateImageView
vkCreateInstance
vkCreatePipelineCache
vkCreatePipelineLayout
vkCreatePrivateDataSlot
vkCreateQueryPool
vkCreateRenderPass
vkCreateRenderPass2
vkCreateSampler
vkCreateSamplerYcbcrConversion
vkCreateSemaphore
vkCreateShaderModule
vkCreateSwapchainKHR
vkCreateWin32SurfaceKHR
vkDestroyBuffer
vkDestroyBufferView
vkDestroyCommandPool
vkDestroyDescriptorPool
vkDestroyDescriptorSetLayout
vkDestroyDescriptorUpdateTemplate
vkDestroyDevice
vkDestroyEvent
vkDestroyFence
vkDestroyFramebuffer
vkDestroyImage
vkDestroyImageView
vkDestroyInstance
vkDestroyPipeline
vkDestroyPipelineCache
vkDestroyPipelineLayout
vkDestroyPrivateDataSlot
vkDestroyQueryPool
vkDestroyRenderPass
vkDestroySampler
vkDestroySamplerYcbcrConversion
vkDestroySemaphore
vkDestroyShaderModule
vkDestroySurfaceKHR
vkDestroySwapchainKHR
vkDeviceWaitIdle
vkEndCommandBuffer
vkEnumerateDeviceExtensionProperties
vkEnumerateDeviceLayerProperties
vkEnumerateInstanceExtensionProperties
vkEnumerateInstanceLayerProperties
vkEnumerateInstanceVersion
vkEnumeratePhysicalDeviceGroups
vkEnumeratePhysicalDevices
vkFlushMappedMemoryRanges
vkFreeCommandBuffers
vkFreeDescriptorSets
vkFreeMemory
vkGetBufferDeviceAddress
vkGetBufferMemoryRequirements
vkGetBufferMemoryRequirements2
vkGetBufferOpaqueCaptureAddress
vkGetDescriptorSetLayoutSupport
vkGetDeviceBufferMemoryRequirements
vkGetDeviceGroupPeerMemoryFeatures
vkGetDeviceGroupPresentCapabilitiesKHR
vkGetDeviceGroupSurfacePresentModesKHR
vkGetDeviceImageMemoryRequirements
vkGetDeviceImageSparseMemoryRequirements
vkGetDeviceMemoryCommitment
vkGetDeviceMemoryOpaqueCaptureAddress
vkGetDeviceProcAddr
vkGetDeviceQueue
vkGetDeviceQueue2
vkGetEventStatus
vkGetFenceStatus
vkGetImageMemoryRequirements
vkGetImageMemoryRequirements2
vkGetImageSparseMemoryRequirements
vkGetImageSparseMemoryRequirements2
vkGetImageSubresourceLayout
vkGetInstanceProcAddr
vkGetPhysicalDeviceExternalBufferProperties
vkGetPhysicalDeviceExternalFenceProperties
vkGetPhysicalDeviceExternalSemaphoreProperties
vkGetPhysicalDeviceFeatures
vkGetPhysicalDeviceFeatures2
vkGetPhysicalDeviceFormatProperties
vkGetPhysicalDeviceFormatProperties2
vkGetPhysicalDeviceImageFormatProperties
vkGetPhysicalDeviceImageFormatProperties2
vkGetPhysicalDeviceMemoryProperties
vkGetPhysicalDeviceMemoryProperties2
vkGetPhysicalDevicePresentRectanglesKHR
vkGetPhysicalDeviceProperties
vkGetPhysicalDeviceProperties2
vkGetPhysicalDeviceQueueFamilyProperties
vkGetPhysicalDeviceQueueFamilyProperties2
vkGetPhysicalDeviceSparseImageFormatProperties
vkGetPhysicalDeviceSparseImageFormatProperties2
vkGetPhysicalDeviceSurfaceCapabilitiesKHR
vkGetPhysicalDeviceSurfaceFormatsKHR
vkGetPhysicalDeviceSurfacePresentModesKHR
vkGetPhysicalDeviceSurfaceSupportKHR
vkGetPhysicalDeviceToolProperties
vkGetPhysicalDeviceWin32PresentationSupportKHR
vkGetPipelineCacheData
vkGetPrivateData
vkGetQueryPoolResults
vkGetRenderAreaGranularity
vkGetSemaphoreCounterValue
vkGetSwapchainImagesKHR
vkInvalidateMappedMemoryRanges
vkMapMemory
vkMergePipelineCaches
vkQueueBindSparse
vkQueuePresentKHR
vkQueueSubmit
vkQueueSubmit2
vkQueueWaitIdle
vkResetCommandBuffer
vkResetCommandPool
vkResetDescriptorPool
vkResetEvent
vkResetFences
vkResetQueryPool
vkSetEvent
vkSetPrivateData
vkSignalSemaphore
vkTrimCommandPool
vkUnmapMemory
vkUpdateDescriptorSetWithTemplate
vkUpdateDescriptorSets
vkWaitForFences
vkWaitSemaphores
vk_icdGetInstanceProcAddr
vk_icdNegotiateLoaderICDInterfaceVersion

Sections

.text
Size: 3.9MB - Virtual size: 3.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 745KB - Virtual size: 745KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 101KB - Virtual size: 169KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.00cfg
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gxfg
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.retplne
Size: 512B - Virtual size: 92B

.tls
Size: 512B - Virtual size: 81B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.voltbl
Size: 512B - Virtual size: 56B

_RDATA
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
locales/resources/vk_swiftshader_icd.json
locales/resources/vulkan-1.dll
.dll windows:5 windows x64 arch:x64

Password: 7482

49ed29c3ff417b26c7cd92ecc9b7dcb3

Code Sign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25/05/2021, 00:00

Not After

31/12/2028, 23:59

Subject

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

9c:90:57:dc:1e:df:33:b0:32:69:ff:6e:54:dc:f1:57
Certificate

Issuer

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Not Before

15/10/2021, 00:00

Not After

14/10/2024, 23:59

Subject

CN=Dynalist Inc,O=Dynalist Inc,ST=Ontario,C=CA

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0a
Certificate

Issuer

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Not Before

22/03/2021, 00:00

Not After

21/03/2036, 23:59

Subject

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25/05/2021, 00:00

Not After

31/12/2028, 23:59

Subject

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

9c:90:57:dc:1e:df:33:b0:32:69:ff:6e:54:dc:f1:57
Certificate

Issuer

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Not Before

15/10/2021, 00:00

Not After

14/10/2024, 23:59

Subject

CN=Dynalist Inc,O=Dynalist Inc,ST=Ontario,C=CA

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0a
Certificate

Issuer

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Not Before

22/03/2021, 00:00

Not After

21/03/2036, 23:59

Subject

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

6f:33:f8:de:50:ab:41:37:7f:77:1b:ae:4e:98:7e:aa:1b:d5:1b:ca:4b:aa:bb:c0:8f:ce:33:ca:71:71:0d:33
Signer

Actual PE Digest

6f:33:f8:de:50:ab:41:37:7f:77:1b:ae:4e:98:7e:aa:1b:d5:1b:ca:4b:aa:bb:c0:8f:ce:33:ca:71:71:0d:33

Digest Algorithm

sha256

PE Digest Matches

true

18:2a:6e:0f:8d:2c:aa:b7:5a:ef:cf:70:3c:42:59:29:10:fe:39:54
Signer

Actual PE Digest

18:2a:6e:0f:8d:2c:aa:b7:5a:ef:cf:70:3c:42:59:29:10:fe:39:54

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

vulkan-1.dll.pdb

Imports

kernel32

AcquireSRWLockExclusive
CloseHandle
CompareStringW
CreateEventW
CreateFileW
DeleteCriticalSection
EncodePointer
EnterCriticalSection
EnumSystemLocalesW
ExitProcess
FileTimeToSystemTime
FindClose
FindFirstFileExW
FindNextFileW
FlsAlloc
FlsFree
FlsGetValue
FlsSetValue
FlushFileBuffers
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetConsoleMode
GetConsoleOutputCP
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetDateFormatW
GetEnvironmentStringsW
GetEnvironmentVariableW
GetFileAttributesExW
GetFileSizeEx
GetFileType
GetLastError
GetLocaleInfoW
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleExA
GetModuleHandleExW
GetModuleHandleW
GetOEMCP
GetProcAddress
GetProcessHeap
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemDirectoryW
GetSystemTimeAsFileTime
GetTimeFormatW
GetTimeZoneInformation
GetUserDefaultLCID
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InitializeSListHead
InterlockedFlushSList
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
IsValidLocale
IsWow64Process
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadLibraryExW
LoadLibraryW
MultiByteToWideChar
OutputDebugStringA
QueryPerformanceCounter
RaiseException
ReadConsoleW
ReadFile
ReleaseSRWLockExclusive
ResetEvent
RtlCaptureContext
RtlLookupFunctionEntry
RtlPcToFileHeader
RtlUnwind
RtlUnwindEx
RtlVirtualUnwind
SetEndOfFile
SetEnvironmentVariableW
SetEvent
SetFilePointerEx
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
SleepConditionVariableSRW
SystemTimeToTzSpecificLocalTime
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
WaitForSingleObjectEx
WakeAllConditionVariable
WideCharToMultiByte
WriteConsoleW
WriteFile

advapi32

GetSidSubAuthority
GetSidSubAuthorityCount
GetTokenInformation
OpenProcessToken
RegCloseKey
RegEnumValueA
RegOpenKeyExA
RegQueryValueExA

cfgmgr32

CM_Get_Child
CM_Get_DevNode_Registry_PropertyW
CM_Get_DevNode_Status
CM_Get_Device_IDW
CM_Get_Device_ID_ListW
CM_Get_Device_ID_List_SizeW
CM_Get_Sibling
CM_Locate_DevNodeW
CM_Open_DevNode_Key

Exports

Exports

vkAcquireNextImage2KHR
vkAcquireNextImageKHR
vkAllocateCommandBuffers
vkAllocateDescriptorSets
vkAllocateMemory
vkBeginCommandBuffer
vkBindBufferMemory
vkBindBufferMemory2
vkBindImageMemory
vkBindImageMemory2
vkCmdBeginQuery
vkCmdBeginRenderPass
vkCmdBeginRenderPass2
vkCmdBeginRendering
vkCmdBindDescriptorSets
vkCmdBindIndexBuffer
vkCmdBindPipeline
vkCmdBindVertexBuffers
vkCmdBindVertexBuffers2
vkCmdBlitImage
vkCmdBlitImage2
vkCmdClearAttachments
vkCmdClearColorImage
vkCmdClearDepthStencilImage
vkCmdCopyBuffer
vkCmdCopyBuffer2
vkCmdCopyBufferToImage
vkCmdCopyBufferToImage2
vkCmdCopyImage
vkCmdCopyImage2
vkCmdCopyImageToBuffer
vkCmdCopyImageToBuffer2
vkCmdCopyQueryPoolResults
vkCmdDispatch
vkCmdDispatchBase
vkCmdDispatchIndirect
vkCmdDraw
vkCmdDrawIndexed
vkCmdDrawIndexedIndirect
vkCmdDrawIndexedIndirectCount
vkCmdDrawIndirect
vkCmdDrawIndirectCount
vkCmdEndQuery
vkCmdEndRenderPass
vkCmdEndRenderPass2
vkCmdEndRendering
vkCmdExecuteCommands
vkCmdFillBuffer
vkCmdNextSubpass
vkCmdNextSubpass2
vkCmdPipelineBarrier
vkCmdPipelineBarrier2
vkCmdPushConstants
vkCmdResetEvent
vkCmdResetEvent2
vkCmdResetQueryPool
vkCmdResolveImage
vkCmdResolveImage2
vkCmdSetBlendConstants
vkCmdSetCullMode
vkCmdSetDepthBias
vkCmdSetDepthBiasEnable
vkCmdSetDepthBounds
vkCmdSetDepthBoundsTestEnable
vkCmdSetDepthCompareOp
vkCmdSetDepthTestEnable
vkCmdSetDepthWriteEnable
vkCmdSetDeviceMask
vkCmdSetEvent
vkCmdSetEvent2
vkCmdSetFrontFace
vkCmdSetLineWidth
vkCmdSetPrimitiveRestartEnable
vkCmdSetPrimitiveTopology
vkCmdSetRasterizerDiscardEnable
vkCmdSetScissor
vkCmdSetScissorWithCount
vkCmdSetStencilCompareMask
vkCmdSetStencilOp
vkCmdSetStencilReference
vkCmdSetStencilTestEnable
vkCmdSetStencilWriteMask
vkCmdSetViewport
vkCmdSetViewportWithCount
vkCmdUpdateBuffer
vkCmdWaitEvents
vkCmdWaitEvents2
vkCmdWriteTimestamp
vkCmdWriteTimestamp2
vkCreateBuffer
vkCreateBufferView
vkCreateCommandPool
vkCreateComputePipelines
vkCreateDescriptorPool
vkCreateDescriptorSetLayout
vkCreateDescriptorUpdateTemplate
vkCreateDevice
vkCreateDisplayModeKHR
vkCreateDisplayPlaneSurfaceKHR
vkCreateEvent
vkCreateFence
vkCreateFramebuffer
vkCreateGraphicsPipelines
vkCreateHeadlessSurfaceEXT
vkCreateImage
vkCreateImageView
vkCreateInstance
vkCreatePipelineCache
vkCreatePipelineLayout
vkCreatePrivateDataSlot
vkCreateQueryPool
vkCreateRenderPass
vkCreateRenderPass2
vkCreateSampler
vkCreateSamplerYcbcrConversion
vkCreateSemaphore
vkCreateShaderModule
vkCreateSharedSwapchainsKHR
vkCreateSwapchainKHR
vkCreateWin32SurfaceKHR
vkDestroyBuffer
vkDestroyBufferView
vkDestroyCommandPool
vkDestroyDescriptorPool
vkDestroyDescriptorSetLayout
vkDestroyDescriptorUpdateTemplate
vkDestroyDevice
vkDestroyEvent
vkDestroyFence
vkDestroyFramebuffer
vkDestroyImage
vkDestroyImageView
vkDestroyInstance
vkDestroyPipeline
vkDestroyPipelineCache
vkDestroyPipelineLayout
vkDestroyPrivateDataSlot
vkDestroyQueryPool
vkDestroyRenderPass
vkDestroySampler
vkDestroySamplerYcbcrConversion
vkDestroySemaphore
vkDestroyShaderModule
vkDestroySurfaceKHR
vkDestroySwapchainKHR
vkDeviceWaitIdle
vkEndCommandBuffer
vkEnumerateDeviceExtensionProperties
vkEnumerateDeviceLayerProperties
vkEnumerateInstanceExtensionProperties
vkEnumerateInstanceLayerProperties
vkEnumerateInstanceVersion
vkEnumeratePhysicalDeviceGroups
vkEnumeratePhysicalDevices
vkFlushMappedMemoryRanges
vkFreeCommandBuffers
vkFreeDescriptorSets
vkFreeMemory
vkGetBufferDeviceAddress
vkGetBufferMemoryRequirements
vkGetBufferMemoryRequirements2
vkGetBufferOpaqueCaptureAddress
vkGetDescriptorSetLayoutSupport
vkGetDeviceBufferMemoryRequirements
vkGetDeviceGroupPeerMemoryFeatures
vkGetDeviceGroupPresentCapabilitiesKHR
vkGetDeviceGroupSurfacePresentModesKHR
vkGetDeviceImageMemoryRequirements
vkGetDeviceImageSparseMemoryRequirements
vkGetDeviceMemoryCommitment
vkGetDeviceMemoryOpaqueCaptureAddress
vkGetDeviceProcAddr
vkGetDeviceQueue
vkGetDeviceQueue2
vkGetDisplayModeProperties2KHR
vkGetDisplayModePropertiesKHR
vkGetDisplayPlaneCapabilities2KHR
vkGetDisplayPlaneCapabilitiesKHR
vkGetDisplayPlaneSupportedDisplaysKHR
vkGetEventStatus
vkGetFenceStatus
vkGetImageMemoryRequirements
vkGetImageMemoryRequirements2
vkGetImageSparseMemoryRequirements
vkGetImageSparseMemoryRequirements2
vkGetImageSubresourceLayout
vkGetInstanceProcAddr
vkGetPhysicalDeviceDisplayPlaneProperties2KHR
vkGetPhysicalDeviceDisplayPlanePropertiesKHR
vkGetPhysicalDeviceDisplayProperties2KHR
vkGetPhysicalDeviceDisplayPropertiesKHR
vkGetPhysicalDeviceExternalBufferProperties
vkGetPhysicalDeviceExternalFenceProperties
vkGetPhysicalDeviceExternalSemaphoreProperties
vkGetPhysicalDeviceFeatures
vkGetPhysicalDeviceFeatures2
vkGetPhysicalDeviceFormatProperties
vkGetPhysicalDeviceFormatProperties2
vkGetPhysicalDeviceImageFormatProperties
vkGetPhysicalDeviceImageFormatProperties2
vkGetPhysicalDeviceMemoryProperties
vkGetPhysicalDeviceMemoryProperties2
vkGetPhysicalDevicePresentRectanglesKHR
vkGetPhysicalDeviceProperties
vkGetPhysicalDeviceProperties2
vkGetPhysicalDeviceQueueFamilyProperties
vkGetPhysicalDeviceQueueFamilyProperties2
vkGetPhysicalDeviceSparseImageFormatProperties
vkGetPhysicalDeviceSparseImageFormatProperties2
vkGetPhysicalDeviceSurfaceCapabilities2KHR
vkGetPhysicalDeviceSurfaceCapabilitiesKHR
vkGetPhysicalDeviceSurfaceFormats2KHR
vkGetPhysicalDeviceSurfaceFormatsKHR
vkGetPhysicalDeviceSurfacePresentModesKHR
vkGetPhysicalDeviceSurfaceSupportKHR
vkGetPhysicalDeviceToolProperties
vkGetPhysicalDeviceWin32PresentationSupportKHR
vkGetPipelineCacheData
vkGetPrivateData
vkGetQueryPoolResults
vkGetRenderAreaGranularity
vkGetSemaphoreCounterValue
vkGetSwapchainImagesKHR
vkInvalidateMappedMemoryRanges
vkMapMemory
vkMergePipelineCaches
vkQueueBindSparse
vkQueuePresentKHR
vkQueueSubmit
vkQueueSubmit2
vkQueueWaitIdle
vkResetCommandBuffer
vkResetCommandPool
vkResetDescriptorPool
vkResetEvent
vkResetFences
vkResetQueryPool
vkSetEvent
vkSetPrivateData
vkSignalSemaphore
vkTrimCommandPool
vkUnmapMemory
vkUpdateDescriptorSetWithTemplate
vkUpdateDescriptorSets
vkWaitForFences
vkWaitSemaphores

Sections

.text
Size: 583KB - Virtual size: 583KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 223KB - Virtual size: 222KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.00cfg
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gxfg
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.retplne
Size: 512B - Virtual size: 92B

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.voltbl
Size: 512B - Virtual size: 56B

_RDATA
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 720B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
runtimes/win-arm64/native/WebView2Loader.dll
runtimes/win-x64/native/WebView2Loader.dll
.dll windows:5 windows x64 arch:x64

Password: 7482

aaa8a1994a594e4746a652eda600aebf

Code Sign

33:00:00:03:3e:63:3a:86:bf:41:73:d7:e0:00:00:00:00:03:3e
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16/02/2023, 20:10

Not After

31/01/2024, 20:10

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

fc:d9:ff:45:ce:dd:69:40:84:14:bf:7f:56:d8:a9:e6:e1:d5:19:c6:85:7f:f6:8b:4f:c9:9d:e0:d9:a2:36:8d
Signer

Actual PE Digest

fc:d9:ff:45:ce:dd:69:40:84:14:bf:7f:56:d8:a9:e6:e1:d5:19:c6:85:7f:f6:8b:4f:c9:9d:e0:d9:a2:36:8d

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\a\_work\e\src\out\Release_x64\WebView2Loader.dll.pdb

Imports

kernel32

CloseHandle
CreateEventW
CreateFileW
DeleteCriticalSection
EncodePointer
EnterCriticalSection
ExitProcess
FindClose
FindFirstFileExW
FindNextFileW
FlsAlloc
FlsFree
FlsGetValue
FlsSetValue
FlushFileBuffers
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetConsoleMode
GetConsoleOutputCP
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetEnvironmentStringsW
GetEnvironmentVariableW
GetFileAttributesW
GetFileType
GetLastError
GetModuleFileNameW
GetModuleHandleExW
GetModuleHandleW
GetOEMCP
GetProcAddress
GetProcessHeap
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemInfo
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSectionAndSpinCount
InitializeSListHead
InterlockedFlushSList
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
LCMapStringW
LeaveCriticalSection
LoadLibraryExA
LoadLibraryExW
LoadLibraryW
MultiByteToWideChar
OutputDebugStringA
OutputDebugStringW
QueryPerformanceCounter
RaiseException
ResetEvent
RtlCaptureContext
RtlLookupFunctionEntry
RtlPcToFileHeader
RtlUnwind
RtlUnwindEx
RtlVirtualUnwind
SetEvent
SetFilePointerEx
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery
WaitForSingleObjectEx
WideCharToMultiByte
WriteConsoleW
WriteFile

Exports

Exports

CompareBrowserVersions
CreateCoreWebView2Environment
CreateCoreWebView2EnvironmentWithOptions
GetAvailableCoreWebView2BrowserVersionString

Sections

.text
Size: 82KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.00cfg
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gxfg
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.retplne
Size: 512B - Virtual size: 140B

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
runtimes/win-x86/native/WebView2Loader.dll
.dll windows:5 windows x86 arch:x86

608537c42a46a95b31cc1ef01ab6eeb0

Code Sign

33:00:00:03:3e:63:3a:86:bf:41:73:d7:e0:00:00:00:00:03:3e
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16/02/2023, 20:10

Not After

31/01/2024, 20:10

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

45:ea:c3:64:d8:92:9a:17:5f:f3:f5:15:b8:a6:cf:c1:bd:32:2c:b9:a9:7c:66:6e:e2:ff:3a:a7:65:3d:4b:40
Signer

Actual PE Digest

45:ea:c3:64:d8:92:9a:17:5f:f3:f5:15:b8:a6:cf:c1:bd:32:2c:b9:a9:7c:66:6e:e2:ff:3a:a7:65:3d:4b:40

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\a\_work\e\src\out\Release\WebView2Loader.dll.pdb

Imports

kernel32

CloseHandle
CreateEventW
CreateFileW
DecodePointer
DeleteCriticalSection
EncodePointer
EnterCriticalSection
ExitProcess
FindClose
FindFirstFileExW
FindNextFileW
FlushFileBuffers
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetConsoleMode
GetConsoleOutputCP
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetEnvironmentStringsW
GetEnvironmentVariableW
GetFileAttributesW
GetFileType
GetLastError
GetModuleFileNameW
GetModuleHandleExW
GetModuleHandleW
GetOEMCP
GetProcAddress
GetProcessHeap
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemInfo
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSectionAndSpinCount
InitializeSListHead
InterlockedFlushSList
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
LCMapStringW
LeaveCriticalSection
LoadLibraryExA
LoadLibraryExW
LoadLibraryW
MultiByteToWideChar
OutputDebugStringA
OutputDebugStringW
QueryPerformanceCounter
RaiseException
ResetEvent
RtlUnwind
SetEvent
SetFilePointerEx
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery
WaitForSingleObjectEx
WideCharToMultiByte
WriteConsoleW
WriteFile

Exports

Exports

CompareBrowserVersions
CreateCoreWebView2Environment
CreateCoreWebView2EnvironmentWithOptions
GetAvailableCoreWebView2BrowserVersionString

Sections

.text
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.00cfg
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
scripts/Dex.lua
.js
scripts/Infinite Yield.lua
.js
scripts/Sine Wave.lua
scripts/Spinning Donut.lua
scripts/UNCCheckEnv.lua
.js
tier0_s64.dll
.dll windows:6 windows x64 arch:x64

0cb93c77c0be071ba89ceffc11936dea

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:9b:1b:57:9e:8e:21:32:e2:39:07:bd:a7:77:75:5c
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2013, 12:00

Not After

15/01/2038, 12:00

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:ae:66:bc:5a:ba:7f:95:87:c6:f9:e9:04:e3:33:04
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

26/09/2024, 00:00

Not After

25/11/2035, 23:59

Subject

CN=DigiCert Timestamp 2024,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

06:fb:83:d0:ba:7c:64:b9:57:84:9b:76:a8:c1:de:72
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

12/10/2024, 00:00

Not After

08/10/2027, 23:59

Subject

CN=Valve Corp.,O=Valve Corp.,L=Bellevue,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

2d:5a:5e:f2:3e:81:f6:f2:11:ad:1a:59:16:63:2e:a9:cc:aa:31:98:a2:7a:d8:fe:6f:d6:75:49:97:04:bc:6b
Signer

Actual PE Digest

2d:5a:5e:f2:3e:81:f6:f2:11:ad:1a:59:16:63:2e:a9:cc:aa:31:98:a2:7a:d8:fe:6f:d6:75:49:97:04:bc:6b

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\buildworker\steam_rel_client_win64\build\src\tier0\win64\Release\tier0_s64.pdb

Imports

kernel32

GetProcessAffinityMask
VerSetConditionMask
Sleep
GetCurrentThread
GetModuleHandleA
GetProcAddress
SetProcessAffinityMask
SetThreadAffinityMask
VerifyVersionInfoW
GetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
IsDebuggerPresent
OutputDebugStringA
TerminateProcess
GetProcessHeap
GetProcessHeaps
HeapLock
HeapUnlock
HeapWalk
HeapQueryInformation
GetCommandLineA
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
DebugBreak
LoadLibraryA
HeapAlloc
HeapFree
HeapSetInformation
GlobalMemoryStatusEx
VirtualAlloc
VirtualFree
SetUnhandledExceptionFilter
GetModuleFileNameW
LoadLibraryExA
LoadLibraryW
MultiByteToWideChar
WideCharToMultiByte
RtlCaptureStackBackTrace
GetCommandLineW
CloseHandle
WaitForSingleObject
CreateProcessA
GetComputerNameExW
VirtualProtect
GetModuleFileNameA
LocalAlloc
LocalFree
QueryPerformanceCounter
QueryPerformanceFrequency
GetSystemTimeAsFileTime
SetThreadPriority
SetPriorityClass
CreateFileA
DeviceIoControl
GetVersionExA
DebugActiveProcess
GetSystemInfo
DuplicateHandle
RaiseException
SetLastError
TryEnterCriticalSection
SetEvent
ResetEvent
ReleaseSemaphore
ReleaseMutex
CreateMutexA
CreateEventA
WaitForMultipleObjects
GetExitCodeProcess
SwitchToThread
CreateThread
GetCurrentThreadId
OpenThread
GetThreadPriority
TerminateThread
GetExitCodeThread
SuspendThread
ResumeThread
GetProcessId
OpenProcess
CreateSemaphoreA
SetEnvironmentVariableW
SetCurrentDirectoryW
GetCurrentDirectoryW
CreateDirectoryW
CreateFileW
DeleteFileW
GetFileAttributesW
GetFullPathNameW
GetShortPathNameW
GetTempFileNameW
RemoveDirectoryW
SetFileAttributesW
GetTempPathW
OutputDebugStringW
CreateProcessW
GetBinaryTypeW
CopyFileW
MoveFileW
MoveFileExW
ReplaceFileW
SetEndOfFile
WriteConsoleW
ReadConsoleW
ReadFile
SetStdHandle
GetStringTypeW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
GetTimeZoneInformation
HeapReAlloc
SetFilePointerEx
GetFileSizeEx
GetConsoleMode
GetCurrentProcess
GlobalLock
GlobalUnlock
GlobalAlloc
DebugActiveProcessStop
GetCurrentProcessId
GetConsoleOutputCP
WriteFile
FlushFileBuffers
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
WakeAllConditionVariable
SleepConditionVariableSRW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
GetModuleHandleW
InitializeSListHead
RtlPcToFileHeader
RtlUnwindEx
InterlockedFlushSList
EncodePointer
HeapValidate
HeapSize
GetDriveTypeW
ExitProcess
GetModuleHandleExW
GetStdHandle
GetFileType
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
CompareStringW
LCMapStringW
RtlUnwind

user32

EnumWindows
MessageBoxA
GetWindowRect
GetWindowTextLengthA
EmptyClipboard
GetDesktopWindow
GetWindowThreadProcessId
CloseClipboard
OpenClipboard
SetDlgItemTextA
GetDlgItemInt
SetDlgItemInt
GetDlgItem
EndDialog
DialogBoxParamA
IsWindowVisible
SetWindowPos
wsprintfA
SetClipboardData

advapi32

InitializeSecurityDescriptor
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
SetSecurityDescriptorDacl

shell32

ShellExecuteExW
CommandLineToArgvW
SHGetFolderPathW

psapi

GetProcessMemoryInfo

Exports

Exports

??0CAdHocValidation@@QEAA@AEBV0@@Z
??0CAdHocValidation@@QEAA@XZ
??0CAdHocValidation_SimpleCallback@@QEAA@$$QEAV0@@Z
??0CAdHocValidation_SimpleCallback@@QEAA@AEBV0@@Z
??0CAdHocValidation_SimpleCallback@@QEAA@P6AXAEAVCValidator@@@Z@Z
??0CStack@@QEAA@XZ
??0CThread@@QEAA@XZ
??0CThreadEvent@@QEAA@PEAX_N@Z
??0CThreadEvent@@QEAA@PEBD_N1@Z
??0CThreadEvent@@QEAA@_N@Z
??0CThreadFullMutex@@QEAA@_NPEBD00@Z
??0CThreadLocalBase@@QEAA@XZ
??0CThreadMutex@@QEAA@XZ
??0CThreadRWLock@@QEAA@XZ
??0CThreadSemaphore@@QEAA@JJ@Z
??0CThreadSyncObject@@IEAA@XZ
??0CVProfManager@@QEAA@XZ
??0CVProfNode@@QEAA@PEAVCVProfile@@PEBDPEAV0@W4EVProfBugdetGroup@@@Z
??0CVProfile@@QEAA@XZ
??0CVProfileArray@@QEAA@XZ
??0CVProfileThreadEntry@@QEAA@PEAVCVProfile@@II@Z
??0CValidator@@QEAA@H_NPEAVIMemBlockClaimedList@@@Z
??0CWorkerThread@@QEAA@XZ
??1CAdHocValidation@@QEAA@XZ
??1CAdHocValidation_SimpleCallback@@QEAA@XZ
??1CStack@@QEAA@XZ
??1CThread@@UEAA@XZ
??1CThreadEvent@@QEAA@XZ
??1CThreadFullMutex@@QEAA@XZ
??1CThreadLocalBase@@QEAA@XZ
??1CThreadMutex@@QEAA@XZ
??1CThreadRWLock@@QEAA@XZ
??1CThreadSemaphore@@QEAA@XZ
??1CThreadSyncObject@@QEAA@XZ
??1CVProfManager@@QEAA@XZ
??1CVProfNode@@QEAA@XZ
??1CVProfile@@QEAA@XZ
??1CVProfileArray@@QEAA@XZ
??1CValidator@@QEAA@XZ
??1CWorkerThread@@UEAA@XZ
??4?$AssertMsgHelper@$00@@QEAAAEAV0@$$QEAV0@@Z
??4?$AssertMsgHelper@$00@@QEAAAEAV0@AEBV0@@Z
??4?$AssertMsgHelper@$0A@@@QEAAAEAV0@$$QEAV0@@Z
??4?$AssertMsgHelper@$0A@@@QEAAAEAV0@AEBV0@@Z
??4CAdHocValidation@@QEAAAEAV0@AEBV0@@Z
??4CStack@@QEAAAEAV0@AEBV0@@Z
??4CThreadLocalBase@@QEAAAEAV0@AEBV0@@Z
??4CTier0@@QEAAAEAV0@$$QEAV0@@Z
??4CTier0@@QEAAAEAV0@AEBV0@@Z
??4CVProfileArray@@QEAAAEAV0@AEBV0@@Z
??4CVProfileThreadEntry@@QEAAAEAV0@$$QEAV0@@Z
??4CVProfileThreadEntry@@QEAAAEAV0@AEBV0@@Z
??4CValidator@@QEAAAEAV0@AEBV0@@Z
??7CThreadSyncObject@@QEBA_NXZ
??BCThreadSyncObject@@QEAAPEAXXZ
??_7CAdHocValidation@@6B@
??_7CAdHocValidation_SimpleCallback@@6B@
??_7CThread@@6B@
??_7CWorkerThread@@6B@
??_FCThreadEvent@@QEAAXXZ
??_FCThreadFullMutex@@QEAAXXZ
?Add@CStack@@QEAAX_K@Z
?AddBudgetGroupName@CVProfile@@IEAAXW4EVProfBugdetGroup@@HPEBD@Z
?AddProfileForThread@CVProfManager@@QEAAPEAVCVProfileThreadEntry@@PEAVCVProfile@@II@Z
?AddToTotal@CValidator@@QEAAX_K@Z
?AddValidationLock@CValidator@@QEAAXPEAVCThreadMutex@@@Z
?AllocVProfNode@CVProfile@@QEAAPEAVCVProfNode@@PEAV1@PEBDPEAV2@W4EVProfBugdetGroup@@@Z
?AssertFailed@?$AssertMsgHelper@$00@@SA_NPEBDI0@Z
?AssertFailed@?$AssertMsgHelper@$0A@@@SA_NPEBDI0ZZ
?AssertOwnedByCurrentThread@CThreadFullMutex@@QEAA_NXZ
?AssertOwnedByCurrentThread@CThreadMutex@@QEAA_NXZ
?AssertUseable@CThreadSyncObject@@IEAAXXZ
?AtRoot@CVProfile@@QEBA_NXZ
?BCountingOnly@CValidator@@QEAA_NXZ
?BExcludeAllocationFromTracking@CValidator@@AEAA_NPEBDH@Z
?BHasValidThreadID@CThread@@QEBA_NXZ
?BIsProfilePtrValid@CVProfManager@@QEAA_NPEAVCVProfile@@@Z
?BIsProfilingAllThreads@CVProfManager@@QEAA_NXZ
?BIsValid@CThreadLocalBase@@QEBA_NXZ
?BLockForReadNoWait@CThreadRWLock@@QEAA_NXZ
?BMemLeaks@CValidator@@QEAA_NXZ
?BProfileHasNodesOutsideBudgetGroup_Recursive@CVProfile@@IEAA_NPEAVCVProfNode@@H@Z
?BoostPriority@CWorkerThread@@QEAAHXZ
?BudgetGroupNameToBudgetGroupID@CVProfile@@QEBA?AW4EVProfBugdetGroup@@PEBD@Z
?CalcStackDepth@CThread@@QEAA_KPEAX@Z
?CalculateCRC@CStack@@QEAAXXZ
?Call@CWorkerThread@@IEAAHII_NP6AIIPEBQEAXHI@Z@Z
?CallMaster@CWorkerThread@@QEAAHII@Z
?CallWorker@CWorkerThread@@QEAAHII_N@Z
?Check@CThreadEvent@@QEAA_NXZ
?ClaimArrayMemory@CValidator@@QEAAXPEBX@Z
?ClaimConnection@CValidator@@QEAAXI@Z
?ClaimMemory@CValidator@@QEAAXPEBX@Z
?ClaimMemory_Aligned@CValidator@@QEAAXPEBX@Z
?ClaimOsFile@CValidator@@QEAAXPEAX@Z
?ClaimSocket@CValidator@@QEAAX_K@Z
?ClaimTrackedKey@CValidator@@AEAAXPEAVCTrackItems@@PEAXPEA_K@Z
?ClaimUntrackedMemory@CValidator@@QEAAX_K@Z
?CleanupUnusedProfiles@CVProfManager@@QEAAXXZ
?CreateBudgetGroups@CVProfile@@IEAAXXZ
?CreateSimpleThread@@YAPEAXP6AIPEAX@Z0PEAII@Z
?DeleteProfile@CVProfileThreadEntry@@QEAAXXZ
?DestructAndFreeNodesExceptRoot@CVProfile@@IEAAXXZ
?DiffAgainst@CValidator@@QEAAXPEAV1@@Z
?DoValidate@CAdHocValidation_SimpleCallback@@MEBAXAEAVCValidator@@@Z
?Dump@CVProfile@@IEAAXPEBDZZ
?DumpAllThreadProfiles@CVProfManager@@QEAAXH@Z
?DumpNodes@CVProfile@@IEAAXPEAVCVProfNode@@0H_N@Z
?DumpProfile@CVProfileThreadEntry@@QEAAXH@Z
?DumpSingleNode@CVProfile@@IEAAXPEAVCVProfNode@@0H_N@Z
?DumpSorted@CVProfile@@IEAAXPEBDNP6A_NAEBUTimeSums_t@@1@ZH@Z
?EnableDumpSpikes@CVProfManager@@QEAAXH@Z
?EnterScope@CVProfNode@@QEAAXPEAX@Z
?EnterScope@CVProfile@@QEAA_NPEBDW4EVProfBugdetGroup@@PEAX@Z
?ExitScope@CVProfNode@@QEAA_NXZ
?ExitScope@CVProfile@@QEAAXXZ
?Finalize@CValidator@@QEAAXXZ
?FindNode@CVProfile@@QEAAPEAVCVProfNode@@PEAV2@PEBD@Z
?FindObject@CValidator@@QEAAPEAVCValObject@@PEAX@Z
?Get@CThreadLocalBase@@QEBAPEAXXZ
?GetAllThreadProfiles@CVProfManager@@QEAAXPEAVCVProfileArray@@@Z
?GetBudgetGroupColor@CVProfile@@QEAAXW4EVProfBugdetGroup@@AEAH111@Z
?GetBudgetGroupID@CVProfNode@@QEBA?AW4EVProfBugdetGroup@@XZ
?GetBudgetGroupName@CVProfile@@QEBAPEBDW4EVProfBugdetGroup@@@Z
?GetCPUInformation@@YAAEBUCPUInformation@@XZ
?GetCallHandle@CWorkerThread@@QEAAPEAXXZ
?GetCallParam@CWorkerThread@@QEBAIXZ
?GetChild@CVProfNode@@QEAAPEAV1@XZ
?GetClientData@CVProfNode@@QEBAHXZ
?GetCount@CVProfileArray@@QEAAHXZ
?GetCubTotal@CValidator@@QEAA_JXZ
?GetCurCalls@CVProfNode@@QEBAHXZ
?GetCurTime@CVProfNode@@QEBANXZ
?GetCurTimeLessChildren@CVProfNode@@QEAANXZ
?GetCurrentCThread@CThread@@SAPEAV1@XZ
?GetCurrentNode@CVProfile@@QEAAPEAVCVProfNode@@XZ
?GetCurrentScope@CVProfNode@@QEAAPEAXXZ
?GetCurrentScope@CVProfile@@QEAAPEAXXZ
?GetFrameTimeOutsideBudgetGroup_Recursive@CVProfile@@QEAANPEAVCVProfNode@@W4EVProfBugdetGroup@@@Z
?GetName@CThread@@QEAAPEBDXZ
?GetName@CVProfNode@@QEAAPEBDXZ
?GetNumConnections@CValidator@@QEAA_KXZ
?GetNumFrames@CStack@@QEBAHXZ
?GetNumOsFiles@CValidator@@QEAA_KXZ
?GetNumSockets@CValidator@@QEAA_KXZ
?GetOrigNameAddress@CVProfNode@@QEAAPEBXXZ
?GetParent@CVProfNode@@QEAAPEAV1@XZ
?GetPeakFrameTime@CVProfile@@QEBANXZ
?GetPeakTime@CVProfNode@@QEBANXZ
?GetPrevCalls@CVProfNode@@QEBAHXZ
?GetPrevTime@CVProfNode@@QEBANXZ
?GetPrevTimeLessChildren@CVProfNode@@QEAANXZ
?GetPriority@CThread@@QEBAHXZ
?GetProfile@CVProfNode@@QEAAPEAVCVProfile@@XZ
?GetProfile@CVProfileArray@@QEAAPEAVCVProfile@@H@Z
?GetProfile@CVProfileThreadEntry@@QEAAPEAVCVProfile@@XZ
?GetResult@CThread@@QEBAHXZ
?GetRoot@CVProfile@@QEAAPEAVCVProfNode@@XZ
?GetSibling@CVProfNode@@QEAAPEAV1@XZ
?GetSubNode@CVProfNode@@QEAAPEAV1@PEBDW4EVProfBugdetGroup@@@Z
?GetThreadEntry@CVProfile@@QEAAPEAVCVProfileThreadEntry@@XZ
?GetThreadHandle@CThread@@QEBAPEAXXZ
?GetThreadID@CVProfile@@QEAAIXZ
?GetThreadID@CVProfileThreadEntry@@QEAAIXZ
?GetThreadId@CThread@@QEBAIXZ
?GetThreadName@CVProfile@@QEAAPEBDXZ
?GetThreadProc@CThread@@EEAAP6AIPEAX@ZXZ
?GetThreadRunningRef@CVProfileThreadEntry@@QEAAIXZ
?GetTimeLastFrame@CVProfile@@QEBANXZ
?GetTotalCalls@CVProfNode@@QEBAHXZ
?GetTotalTime@CVProfNode@@QEBANXZ
?GetTotalTimeLessChildren@CVProfNode@@QEAANXZ
?GetTotalTimeSampled@CVProfile@@QEBANXZ
?Handle@CThreadSyncObject@@QEAAPEAXXZ
?Init@CThread@@MEAA_NXZ
?IsAlive@CThread@@QEBA_NXZ
?IsClaimed@CValidator@@QEBA_NPEBX@Z
?IsCreator@CThreadFullMutex@@QEBA_NXZ
?IsEnabled@CVProfile@@QEBA_NXZ
?IsThreadRunning@CThread@@MEBA_NXZ
?IsValid@CThreadSyncObject@@QEBA_NXZ
?Join@CThread@@QEAA_NI@Z
?Lock@CThreadFullMutex@@QEAAXXZ
?Lock@CThreadMutex@@QEAAXXZ
?Lock@CThreadMutex@@QEBAXXZ
?Lock@CThreadSpinLock@@AECAXI@Z
?LockForRead@CThreadRWLock@@QEAAXXZ
?LockForRead@CThreadRWLock@@QEBAXXZ
?LockForWrite@CThreadRWLock@@QEAAXXZ
?LockForWrite@CThreadRWLock@@QEBAXXZ
?MarkFrame@CVProfNode@@QEAAXXZ
?MarkFrame@CVProfile@@QEAAXPEBD@Z
?NGetPC@CStack@@QEBA_KH@Z
?NumFramesSampled@CVProfile@@QEBAHXZ
?OnExit@CThread@@MEAAXXZ
?OnFrameCompleted@CVProfileThreadEntry@@QEAAXXZ
?OnNewFrameEntered@CVProfileThreadEntry@@QEAAXXZ
?OutputReport@CVProfile@@QEAAXHPEBDH@Z
?PMEEnable@CVProfile@@QEAAX_N@Z
?PMEInitialized@CVProfile@@QEAAX_N@Z
?PValObjectFirst@CValidator@@QEAAPEAVCValObject@@XZ
?Pause@CVProfNode@@QEAAXXZ
?Pause@CVProfile@@QEAAXXZ
?PeekCall@CWorkerThread@@QEAA_NPEAI@Z
?Pop@CValidator@@QEAAXXZ
?Print@CStack@@QEBAXP6AXHPEBUPrintFrame@1@PEAX@Z1@Z
?Push@CValidator@@QEAAXPEBDPEAX0@Z
?RegisterCallbackHandler@CVProfile@@QEAAXPEAVIVProfileCallbackHandler@@@Z
?Release@CThreadFullMutex@@QEAA_NXZ
?Release@CThreadSemaphore@@QEAA_NJ@Z
?RenderLeaks@CValidator@@QEAA_N_K@Z
?RenderObjects@CValidator@@QEAAX_K@Z
?Reply@CWorkerThread@@QEAAXI@Z
?Reset@CStack@@QEAAXXZ
?Reset@CThreadEvent@@QEAA_NXZ
?Reset@CVProfNode@@QEAAXXZ
?Reset@CVProfile@@QEAAXXZ
?ResetPeak@CVProfNode@@QEAAXXZ
?ResetPeaks@CVProfile@@QEAAXXZ
?Resume@CThread@@QEAAIXZ
?Resume@CVProfNode@@QEAAXXZ
?Resume@CVProfile@@QEAAXXZ
?Set@CThreadEvent@@QEAA_NXZ
?Set@CThreadLocalBase@@QEAAXPEAX@Z
?SetAllocSizeFilter@CValidator@@QEAAXH@Z
?SetClientData@CVProfNode@@QEAAXH@Z
?SetCurFrameTime@CVProfNode@@QEAAXK@Z
?SetDumpFunc@CVProfile@@QEAAXP6AXPEBD@Z@Z
?SetDumpSpikesThreshold@CVProfileThreadEntry@@QEAAXH@Z
?SetExitQuietly@CThread@@QEAAXXZ
?SetName@CThread@@QEAAXPEBD@Z
?SetPriority@CThread@@QEAA_NH@Z
?SetThreadEntry@CVProfile@@QEAAXPEAVCVProfileThreadEntry@@@Z
?SetTrace@CThreadFullMutex@@QEAAX_N@Z
?SetTrace@CThreadMutex@@QEAAX_N@Z
?Sleep@CThread@@SAXI@Z
?Start@CThread@@QEAA_N_K@Z
?Start@CVProfile@@QEAAXXZ
?StartProfiling@CVProfileThreadEntry@@QEAAXMH@Z
?StartProfilingAllThreads@CVProfManager@@QEAAXMH@Z
?StaticValidateAll@CAdHocValidation@@SAXAEAVCValidator@@@Z
?Stop@CThread@@QEAAXH@Z
?Stop@CVProfile@@QEAAXXZ
?StopProfiling@CVProfileThreadEntry@@QEAAXXZ
?StopProfilingAllThreads@CVProfManager@@QEAAXXZ
?SumTimes@CVProfile@@IEAAXPEAVCVProfNode@@H@Z
?Suspend@CThread@@QEAAIXZ
?Term@CVProfile@@QEAAXXZ
?Terminate@CThread@@QEAA_NH@Z
?ThreadExceptionWrapper@CThread@@CAXPEAX@Z
?ThreadGetProcessExitCode@@YA_NPEAXPEAH@Z
?ThreadProc@CThread@@CAIPEAX@Z
?ThreadTerminateProcessCode@@YA_NPEAXH@Z
?TryLock@CThreadFullMutex@@QEAA_NI@Z
?TryLock@CThreadMutex@@QEAA_NH@Z
?TryLock@CThreadMutex@@QEBA_NXZ
?Unlock@CThreadFullMutex@@QEAAXXZ
?Unlock@CThreadMutex@@QEAAXXZ
?Unlock@CThreadMutex@@QEBAXXZ
?UnlockRead@CThreadRWLock@@QEAAXXZ
?UnlockRead@CThreadRWLock@@QEBAXXZ
?UnlockValidationLocks@CValidator@@QEAAXXZ
?UnlockWrite@CThreadRWLock@@QEAAXXZ
?UnlockWrite@CThreadRWLock@@QEBAXXZ
?UnregisterCallbackHandler@CVProfile@@QEAAXPEAVIVProfileCallbackHandler@@@Z
?UsePME@CVProfile@@QEAA_NXZ
?Validate@CVProfManager@@QEAAXAEAVCValidator@@PEBD@Z
?Validate@CVProfNode@@QEAAXAEAVCValidator@@PEBD@Z
?Validate@CVProfile@@QEAAXAEAVCValidator@@PEBD@Z
?Validate@CValidator@@QEAAXAEAV1@PEBD@Z
?ValidateGlobals@CTier0@@SAXAEAVCValidator@@@Z
?Wait@CThreadSyncObject@@QEAA_NI@Z
?WaitForCall@CWorkerThread@@QEAA_NIPEAI@Z
?WaitForCall@CWorkerThread@@QEAA_NPEAI@Z
?WaitForCreateComplete@CThread@@AEAA_NPEAVCThreadEvent@@@Z
?WaitForRead@CThreadRWLock@@AEAAXXZ
?WaitForReply@CWorkerThread@@IEAAHIP6AIIPEBQEAXHI@Z@Z
?WaitForReply@CWorkerThread@@QEAAHI@Z
?Yield@CThread@@SAXXZ
?g_bInException@@3_NC
?s_pFirst@CAdHocValidation@@0PEAV1@EA
AllocateCrashMemoryReserve
AreStackTrackingFiltersEnabledAtStart
AssertMsgImplementationF
AssertMsgImplementationPreformatted
AssertMsgImplementationV
BBlockingGetMiniDumpLock
BGetLocalFQDN
BGetMiniDumpLock
BThreadFileIOAllowed
BWritingFatalMiniDump
BWritingMiniDump
BWritingNonFatalMiniDump
CVProfile_ExitScope
CallAssertFailedNotifyFunc
CallFlushLogFunc
CatchAndWriteMiniDump
CatchAndWriteMiniDumpEx
CatchAndWriteMiniDumpExForVoidPtrFn
CatchAndWriteMiniDumpExReturnsInt
CatchAndWriteMiniDumpForVoidPtrFn
ClearStackTrackingFilters
ClearWritingMiniDump
CopyFileUTF8
CrackSmokingCompiler
CreateDirectoryUTF8
CreateFileUTF8
CreateProcessUTF8
CreateSimpleProcess
DLog
DWarning
DeclareCurrentThreadIsMainThread
DeleteFileUTF8
DoNewAssertDialog
ETWBegin
ETWEnd
ETWIsTracingEnabled
ETWMark
ETWMark1I
ETWMark1S
ETWMark2I
ETWMark2S
ETWMark3I
ETWMarkPrintf
ETWOverlayFrameMark
ETWRenderFrameMark
ETW_Steamworks_DispatchCallback_End_
ETW_Steamworks_DispatchCallback_Start
ETW_Steamworks_IPCRecv_End_
ETW_Steamworks_IPCRecv_Start
ETW_Steamworks_IPCSend_End_
ETW_Steamworks_IPCSend_Start
ETW_Steamworks_RunCallbacks_End_
ETW_Steamworks_RunCallbacks_Start
ETW_Streaming_SendPacket
EnableCrashingOnCrashes
EnsureValidBoolValue
Error
FreeCrashMemoryReserve
GetAvailableRAM
GetBinaryTypeUTF8
GetCRunTimeVersion
GetCrashHandlerFactory
GetCurrentDirectoryUTF8
GetFileAttributesUTF8
GetFullPathNameUTF8
GetInstalledRAM
GetLocalHostname
GetMiniDumpBuildID
GetMiniDumpDirectory
GetMiniDumpSteamID
GetModuleFileNameUTF8
GetNumberOfSpewAndLogGroups
GetNumberOfStackTrackingFilters
GetPortableSystemInformation
GetShortPathNameUTF8
GetSpewAndLogLevel
GetSpewAndLogLevelByGroupIndex
GetSpewOutputFunc
GetStackTrackingFilter
GetTempFileNameUTF8
GetTempPathUTF8
HasStackTrackingFilters
InitPME
InitializeStackTrackingFilters
Is64BitOS
IsInAssert
IsInFatalAssert
IsLogActive
IsSpewActive
IsStackTrackingFiltered
IsValidBoolValue
LoadLibraryUTF8
Log
MiniDumpUnlock
MoveFileExUTF8
MoveFileUTF8
Msg
OutputDebugStringUTF8
Plat_AbsoluteTime
Plat_AbsoluteTimeToFloat
Plat_Alloc
Plat_AttachDebuggerToProcess
Plat_CommandLineParamExists
Plat_CommandLineParamValue
Plat_EventActivityIdControl
Plat_EventRegister
Plat_EventUnregister
Plat_EventWriteTransfer
Plat_ExitProcess
Plat_FloatTime
Plat_Free
Plat_GetExecutablePath
Plat_GetExecutablePathUTF8
Plat_GetPOSIXClockSource
Plat_GetProcessArgv
Plat_GetStackBackTrace
Plat_IsChromeOS
Plat_IsGamescope
Plat_IsInDebugSession
Plat_IsSteamConsoleMode
Plat_IsSteamDeck
Plat_IsSteamOS
Plat_IsSteamOS3
Plat_IsTesla
Plat_IsWSL
Plat_MSTime
Plat_MSTime64
Plat_OutputDebugString
Plat_OutputDebugStringRaw
Plat_Realloc
Plat_RelativeTickFrequency
Plat_RelativeTicks
Plat_TickAddMicroSec
Plat_TickDiffMicroSec
Plat_TickDiffMilliSec
Plat_USTime
Plat_VirtualAccessFlags
Plat_VirtualAlloc
Plat_VirtualFree
Plat_VirtualProtect
Plat_asctime
Plat_ctime
Plat_daylight
Plat_gmtime
Plat_localtime
Plat_timegm
Plat_timezone
RealGetCallStack
RealPrintCallStack
RealPrintRawCallStack
ReleaseThreadHandle
RemoveDirectoryUTF8
ReplaceFileUTF8
RunTypeValidationTests
SHGetFolderPathUTF8
SecureRandomBytes
SetAssertDumpStack
SetAssertFailedNotifyFunc
SetCurrentDirectoryUTF8
SetEnvironmentVariableUTF8
SetFileAttributesUTF8
SetFlushLogFunc
SetFullMemoryDumpOnCrash
SetInAssert
SetInFatalAssert
SetMiniDumpAppID
SetMiniDumpBuildID
SetMiniDumpCustomInfo
SetMiniDumpProcessNameOverride
SetMiniDumpSteamID
SetStackTrackingFilter
ShouldUseNewAssertDialog
ShutdownPME
SpewActivate
SpewAndLogActivate
SpewAndLogChangeIfStillDefault
SpewChangeIfStillDefault
SpewOutputFunc
SpewWrittenMiniDumps
TSListBase_Init
TSListBase_Pop
TSListBase_Push
TSListBase_SwapList
TSListBase_UnsafePeek
TSQueueBase_Init
TSQueueBase_Pop
TSQueueBase_Push
TSQueueBase_UnsafeDummy
TSQueueBase_UnsafePeek
TSQueue_PopIntoFreeList
TSQueue_UnsafeDebugCheck
ThreadCloseProcess
ThreadFindProcessByName
ThreadGetCurrentHandle
ThreadGetCurrentId
ThreadGetCurrentProcessHandle
ThreadGetCurrentProcessId
ThreadGetCurrentRunningRef
ThreadGetPriority
ThreadGetProcessExitCode
ThreadGetProcessId
ThreadImplOneTimeInit
ThreadInMainThread
ThreadInterlockedAssignIf128
ThreadInterlockedAssignPointerIf
ThreadInterlockedCompareExchangePointer
ThreadInterlockedExchangePointer
ThreadIsProcessActive
ThreadIsProcessIdActive
ThreadIsThreadRunning
ThreadOpenProcess
ThreadResumeProcess
ThreadSetAffinity
ThreadSetBackgroundPriority
ThreadSetDebugName
ThreadSetFileIOAllowed
ThreadSetPriority
ThreadShellExecute
ThreadShellExecuteNoWindow

Sections

.text
Size: 271KB - Virtual size: 270KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
vstdlib_s64.dll
.dll windows:6 windows x64 arch:x64

fc1bd3a6b5fb78109fdb804d6e5ad673

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

ewz|"uPL2(`R!8BqzoB\+!$oe)b)[#K>-a@}&jE2Ea+EsQrd<0Y;4XE_7-K}6k|'X1M"|r-Sz@86B

Imports

advapi32

AdjustTokenPrivileges
DeregisterEventSource
LookupPrivilegeValueW
OpenProcessToken
RegCloseKey
RegCreateKeyExW
RegEnumKeyExW
RegEnumValueW
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
RegisterEventSourceW
ReportEventW

bcrypt

BCryptCreateHash
BCryptDestroyHash
BCryptFinishHash
BCryptGenRandom
BCryptGetProperty
BCryptHashData
BCryptOpenAlgorithmProvider
BCryptCloseAlgorithmProvider

kernel32

RtlUnwind
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
EncodePointer
RaiseException
RtlPcToFileHeader
CancelThreadpoolIo
CloseHandle
CloseThreadpoolIo
CloseThreadpoolWait
CloseThreadpoolWork
CompareStringEx
CompareStringOrdinal
CreateDirectoryW
CreateEventExW
CreateFileW
CreatePipe
CreateProcessW
CreateThread
CreateThreadpoolIo
CreateThreadpoolTimer
CreateThreadpoolWait
CreateThreadpoolWork
DeleteCriticalSection
DeleteFileW
DeviceIoControl
DuplicateHandle
EnterCriticalSection
EnumCalendarInfoExEx
EnumSystemLocalesEx
EnumTimeFormatsEx
ExpandEnvironmentStringsW
FileTimeToSystemTime
FindClose
FindFirstFileExW
FindNLSStringEx
FindStringOrdinal
FlushFileBuffers
FormatMessageW
FreeConsole
FreeEnvironmentStringsW
FreeLibrary
GetCPInfoExW
GetCalendarInfoEx
GetConsoleCP
GetConsoleMode
GetConsoleOutputCP
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentProcessorNumberEx
GetCurrentThread
GetDynamicTimeZoneInformation
GetEnvironmentStringsW
GetEnvironmentVariableW
GetExitCodeProcess
GetFileAttributesExW
GetFileInformationByHandleEx
GetFileType
GetFullPathNameW
GetLastError
GetLocaleInfoEx
GetLongPathNameW
GetModuleFileNameW
GetOverlappedResult
GetProcAddress
GetProcessId
GetStdHandle
GetSystemDirectoryW
GetSystemTime
GetThreadContext
GetThreadPriority
GetTickCount64
GetTimeZoneInformation
GetUserPreferredUILanguages
InitializeConditionVariable
InitializeCriticalSection
IsDebuggerPresent
K32EnumProcesses
LCMapStringEx
LeaveCriticalSection
LoadLibraryExW
LocalAlloc
LocalFree
LocaleNameToLCID
MultiByteToWideChar
OpenProcess
QueryPerformanceCounter
QueryPerformanceFrequency
QueryUnbiasedInterruptTime
RaiseFailFastException
ReadConsoleW
ReadFile
ResetEvent
ResolveLocaleName
ResumeThread
SetEvent
SetFileAttributesW
SetFileInformationByHandle
SetFilePointerEx
SetLastError
SetThreadContext
SetThreadErrorMode
SetThreadPriority
SetThreadpoolTimer
SetThreadpoolWait
Sleep
SleepConditionVariableCS
StartThreadpoolIo
SubmitThreadpoolWork
SystemTimeToFileTime
TerminateProcess
TzSpecificLocalTimeToSystemTime
VirtualAlloc
VirtualAllocEx
VirtualFree
WaitForMultipleObjectsEx
WaitForSingleObject
WaitForThreadpoolWaitCallbacks
WakeConditionVariable
WideCharToMultiByte
WriteConsoleW
WriteFile
WriteProcessMemory
FlushProcessWriteBuffers
WaitForSingleObjectEx
AddVectoredExceptionHandler
GetModuleHandleW
RtlVirtualUnwind
RtlCaptureContext
RtlRestoreContext
VerSetConditionMask
FlsAlloc
FlsGetValue
FlsSetValue
CreateEventW
SwitchToThread
GetCurrentThreadId
SuspendThread
CreateMemoryResourceNotification
QueryInformationJobObject
GetModuleHandleExW
GetProcessAffinityMask
VerifyVersionInfoW
InitializeContext
GetEnabledXStateFeatures
LocateXStateFeature
SetXStateFeaturesMask
VirtualQuery
GetSystemTimeAsFileTime
InitializeCriticalSectionEx
SleepEx
DebugBreak
GlobalMemoryStatusEx
GetSystemInfo
GetLogicalProcessorInformation
GetLogicalProcessorInformationEx
GetLargePageMinimum
VirtualUnlock
VirtualAllocExNuma
IsProcessInJob
GetNumaHighestNodeNumber
GetProcessGroupAffinity
K32GetProcessMemoryInfo
InterlockedFlushSList
RtlUnwindEx
InitializeSListHead
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlLookupFunctionEntry

ole32

CoInitializeEx
CoTaskMemAlloc
CoUninitialize
CoWaitForMultipleHandles
CoGetApartmentType
CoCreateGuid
CoTaskMemFree

user32

LoadStringW

api-ms-win-crt-heap-l1-1-0

free
malloc
calloc
_callnewh

api-ms-win-crt-math-l1-1-0

sin
tan
ceil
pow
cos
modf
floor
fmod
fmodf

api-ms-win-crt-string-l1-1-0

strcpy_s
strncpy_s
wcsncmp
_stricmp
strcmp

api-ms-win-crt-convert-l1-1-0

strtoull

api-ms-win-crt-runtime-l1-1-0

_register_onexit_function
_crt_atexit
_initterm
_initterm_e
abort
_cexit
_seh_filter_dll
_configure_narrow_argv
_execute_onexit_table
_initialize_narrow_environment
_initialize_onexit_table
terminate

api-ms-win-crt-stdio-l1-1-0

__acrt_iob_func
__stdio_common_vsscanf
__stdio_common_vsprintf_s
__stdio_common_vfprintf

Exports

Exports

015mgb3uE43sirPBZs3ZgW
03jejiqjd9Iy56QviWRye7TM9P2K
09IXWIUnKFCHMgqsz
09t9SXbUWj0ni3DdTkQ
0BNjJqkp0T2bTyJw6bb28nMxS81
0BuPYs8ZCisO1F5CR
0CKnWX0tjOj0Rry6Z0d2vw0puBkPxgSh
0LqHa2K9pfoVvSnjGE
0MdXbxXixWscJyn
0Np8sHHZ
0Rnc9GTNEQOWj60oFbpnIAVag724MG
0SOsJEtwjPWR70v1CdDGDepC1n9IH
0T3TSZwMwTeQJL4shN
0UL0emPvIoD
0VTUH1Llp4C6AFkJEXKNKj5o3gRn93q
0VirRVX6D5uDpgb8CkSfSISzMWD
0We1YnnYhCSlG
0Y2Nfg5yD7sXRycjN
0avyDh8nr0o
0azmWQPv6ny0sRK
0bYWdLVhvgRccY17QsHp
0cAKjsTnDDuutrmy9dw98iq0
0cKcuqXfjkRSRd7e0708jWwh8JC
0e1eLRqkq8zrexsyG1Ld
0fFUsIuE8Aduc6HpatLaZY
0fH8A5ArFmTZQXlhHqOzTz
0gZonvd
0hSoQWFo
0hZDDWJ6fd4QH
0kJM28bSbq61kXNZ4OmOy
0mK7arPugfSCqqNvOerlF5
0mTjlseOXbr5jonvL6HeAwKkgh0b
0mvDVzQ3ZnMhCI6Ue7Dt35k3Bf8xY
0oIwNoUofDul0Cc8x
0p65kdrmGe2pVll9Phdk
0rhgeY9lMzo05tr
0tUoN4pMS7QPR
0ty6lj8JeJ
0vX9kHb3HkBG6lFUAirXiT9
0vclUzrUnm1gOYfGQDi
0yje1vQdvXw6a0HL4r7o1sKXr
11NNZmLDWZ4FboVBHri4cdGuddKJ2
12HHjRKw8zq0QH5RM
14PrNK5NcG9tPnxM11cW2ElY6Xg
15ud1DnKiS9sXSLOzLCV
1AbEPO76tSoGqzZ6M8ObprxPnfUns10
1B98o4gWtlSZfS7Aft4Ush
1Celn5LHqu4oLFCmjmKbY1xKtZbwh
1EZWOBb1
1EtTP8d4TeIqPG9FOKE56Fd2efNY37T
1Gr5ctvbMKUqCIGo2FF7jgAA
1IVrRBiPCSg3xrYMaT9YRqpwhCIa
1JLDTPzV8klUt1zuaS4i
1JeSD6vrOass26
1JeioUUqW622k7
1Mg5U6jmQvsyAP4dq
1OawTj8ixeQ
1Ozk5P9NANiLPfQZ
1S8ywXRkLeSIsaKEKX7v
1VzrccWzb8MGwWhmXlnAeWrX7BBl
1a4C43DMODHspxCYSWsI7gNnOLo
1auwhMcMJ
1bhMakV
1c4IVAs6KYGGuSW0Apn3U
1jhc3njcFa86JkkUotl9
1k55M0k1V
1kfdAxv5WisVyW5
1l37Kjyo3ZRGXBwhwuojey58
1pth5hwCgb2
1s3Jg3gzSajw2
1sMpJq1MkdwCEK8xoqOEkWUxK93pY
1sh3P6PrrJg02
1tuzOX2
1xqgZOsQk
1y8ckedOSpoMA
1yBByMXDUtv5sLrBmTF47uYNYEibdq6O
1yMs2MdeKdEj2Lt6InS
1zvL6b7LgWJI5bMg6mJ1
22DzGE0rJIs1ab6p
24ZA8TptLEZUhqxu2DrZSPwGsu1T
26QBPRrnbsOv8T1l
27fhh3x4dKo2GZGOqkRllAfsqvY
29Xwx0InTBESkuGsM1H0oeIFEsXTp
2AZHJJkDRvcA05OKLQb309HwrQR
2Ay0YBLKiEU7fRbPLfKF21QNrucnlSH
2B2Id2UFAt
2BFV8vvLR8sxGU
2BHCTKusiCZTavHhcXQazn
2GSCpzvumXYdrbmQBq0CY173
2Jo4PW4GqFmqY4t
2OddVjQufY
2OwX1tijzpLzRZ
2PAQlDlWv9lEgvxgakkszxt7TjWdP
2Tds94iiVKatvOB7uej
2UpEUqZPg7fQk2
2VvrTmfmACFitSo
2Y12XffPR6cZRRan66rwzir
2YeiSejBTNaEo
2auxPpkq9Oj70rhOi1aAwMx
2eXAw0BNDJlbhvL028jApslJHeWa
2exVw5kCluzoOEKW7
2iiqiLIQ61hcal2XDdpM
2laThwW
2qa2lNM4KqGEFNKmRw
2qbUlVYWgvUkdD
2qnsoZcGv5z7RwFQZ03Y9NnF9O
2rlNk2mJyvcVg0M82
2ryoFqFZBWky9KA
2sJgjKdrn4O
2smjQeniZsQ4xVRfA70
2tiNHmq8QPiL5Emr
2x3oEw1wIz9zex1ftO1YV
2xXRkBLwqjie
31HwhCpSutG7tHY6DfcN
31ie9MBsTyg6YecX64ydtSczOJRAY
32avTmcTii
35BztCopTJZAEeR
35Y31YSRBP
35YE0zHCLcD2TKNYaw
37awGkEPCxGQ6r0nfoulyS1Ifwvo1d4C
37sDfP3ZnRpBASAbQoNoVMd
38DfgIGQ95nF3LEJ4OSVzZjPkH
39aYb5EO50xamEA3Clt
3AWhldX5KlKxdNN1NcuhiHtU4QeA
3BVNcX8
3BlJ4YpJXvli
3DtmRJu6AFisAsEYc8Ui
3EnzvO9pNgvAd8
3GAEb8TtMc5lw
3GN81gcCI8f7oaLhwzHb9
3HmaqDnbMZHkxPzSqaJ
3I9zoEms
3ICyYnDQClYikpx3Xp8TbbfNlQ9H
3LxVW8lDbuDzNikSVV0hbZyIIijs
3N3PwTapm8Z
3Pkk9CHqbKTjdFyld4F
3R9ow7ZfQFtVbGRURBTHC
3REPvZ9eki8u5BmQbA
3S7vrUYx
3TTBVde4NN9Ik
3VQbwskpCNLN
3Vd6q15KGnars
3Xpft8fUP2UfxFa7AJQC3T8U0
3YuzbrvNKLVNs4PoVDutIVBZZhzJ
3aaR6OimxN
3bReGYZEU6p6z
3ctcjh0HZcBQd8be97ppVRyjQfY
3hiVQY0BpyslG98T7
3k08jCbTWMmTVn94Ny0AclWyaUhTm
3kOBXfoHeivHEyFg
3lz0m5MBhXV1nWX9bL830t7y3sE74rH
3mysHOCQFCDD
3oQ68BxA7BN5VQONyX7pwYL0CrsKm8
3qCTncm9jY7W40
3qULkLiFCOZqlMJLDakjfW
3qoHgHLJfincnpxdGL
3tRxpxw8DUO2WJG4DTJzOlrdI
3u7RHtSibXRmIa
3vWLrz73SWJglMOg52k8kPabotpucz
3vooLq4cxHd3
3wBd95syQruQG2n3AzJ
3xCayAxz1mhriaEr0xJ
404qFjG6swYWll2
40P0lYkbbRCDLJ1X
4193Rueox
41vfVMfzIF95cdjOxMbdcNp
43WalEFU3hNvcCYR
47Cl8gFU4IB1Ulu2PAiE8OS7MD4XON
47RIuQwxeV
49NUQwgw3yqjbu7tmKEao8V
4Al1HlI2tJzs3b7JM9ey
4F4IKCDNreSlmEsx3Gyp84nXuP2Wk
4JO0BsvJq4qm8LsGjWOC
4Jbpv36F4F9OPoJyEsrZ37NidCJG
4K3qqYtr4qhVvfbSJcGSmntq
4KsxEF6U5ZxwJ
4LWv6SQN0ogVaHPy
4M97G8G
4NXWj0s
4QT51ZVH44YzeD7eDZiHegKg534
4SrWLAe8WdISWTy
4TN3jjrJsIB
4TghUUWIHtxeHU4C7oood0oS0
4VQJVTUZGnDSEvEwm
4WEbctF12wwecOBEOiUFjqZX7RHBL
4WoWA64nT9
4Y7jyEXjC8rQD4Q3Ryq9A
4Yjypt1JUz3Vrm9T3IeLcZwFhCSP
4d2KmwzAJIw
4f36vVH
4ff0mbFR1zmdT5NCrnUYprUJBpBJu
4gi204XfnUUrloYt49Or9MdgqefoXze1
4gzt2zFCkJgsk8bCXthoWu3YnZLgfOg
4hzj25G7gRrfVSt
4jfiNbfX3h7xpZ1s
4kAJFiaqxfihzHVAjydeUukjz9ffMSNp
4kBK7wGBC4g
4lHSmwmS3Smu1ezqp7L
4ohSrddbrh
4r6yWgKXhnhJqm8WCsKc5KE2FejP
4rax0zqqTL5ZcySxnRGwHatFzR6hZ
4rbR8VQJ71VRQ4We6XzHS2jgUjRExeT
4t2o6pp
4tPooqie95eMlZXQBKvaDWxWpz697i
4uZEhQrrc89NYExEjsdZUp3WM1pYg
4vfNSKipiEzcPOgHfMeyF
4x2ZbN6XdjEg0O7X8IQpZ
4yQ4oQ9bMsweKWCSGq
4yldIsW8Xa
52e4QiTr
54SNK2BoxizFXYiWOcVKVx
54uU4pVcJoxOYsZBlJ
55RvT7ecW84WiclgwWrBt
59KKVB9pGoqEO2FfH66nnFgcnH9WnD1
59waLP4wNDjOxjcfuVIw3p
5AZKoJjWNNvDwNRiPTZu3XMz
5AyWoiY6cXQ9yFC3Yg
5BiKEFjqYkuc325rk24
5Ckb4HLlfi5jiHIuRUIlaU3OEy
5DGMl4zBuddUhe2bG
5EXuEJKdywoIRtYPXWq4yB2CSfEF
5EvCmrHi4ZEh1G8cCQYBVu3
5HElJYtEV4qGSC1cxF2e
5IruVFTnuuFDbudO2a44CasTZVUw
5KqPbs3j4UUi9X8RC0fs4EmPHY
5LLyQezbb4UkrYOTxmn6xtCI3foF
5LPkAp2BBQy2kQApJ7OKQpwMklgxeI
5O0pd1hCMH
5OHsCSyPvXZVQDx2U6hrMK58zP93wF6
5OUeBw2yz048n2
5ShmFXitK
5StV8pDlqE18FY1d
5T9iPMxLuttnz7lq
5T9qxrod2CAosWmx
5Ugd7tmbJp7nRBaTx
5V5QEGq7wriXhxKjFTbWzJMoka
5W8bypRKEi3z94CVfwONC
5WKDEi9dQuvaCQsmMkEV7u4O3e7JuH
5aPLIBEfWuajT7cGPNn2g
5bQ3AM52
5bhgelzncv
5biUtRJELtE
5c58URHZ3DjZTPASm797
5cqxYqdiDiiLfRCOwpWFPFJo
5d9HxlxYC6O773m
5d9ibazlGoYbgZ8mC
5hrvCmZhRQIP64FqBgU8VVxaDb3Gt
5iE96rqaKN
5lhSuAAEdODNC8gZh7ZR4praFB4n
5mHUtanZU8a3piXQ7J8OvFyEm
5mKfURqXq5eto3tY4gF1UuOs3ZI
5nEJTPmP2RWxVX7mW
5opL7et4U7Khts5eG0nvoubQp0HC3
5qkMDUne9
5r4BNiJErVmInnBk
5sRs1hd4AH
5toAdKTn
5uum5ZHJO
5vF909lsuFxg5Ej8Mjb5aAG7xrwG
5wEFqcGwR3K6Goi849t1i
5wzGcD8KJjBVPPMg4xhTHTk
5xBl4ny
5xx4rbUEIzCb10qTLPUU7XixnMMKa
5zg1QNoiHWL5mAwPxHqzjPK0nd
60eljiqlh5rpJ
613cO5QA7pY0Nr2AmoQyJ3
65qjfsvCaTqxOUUh8lrlmWrY1z
67BnG3UfdoQ7X9
69MFnuO0QqLhDX
6BAWpWUwL9grzMTQO
6BUGT6AHbq
6EnjPtMbVPzuknMGsCYD
6HIVWs0MkYKp837ApKqmdrhA7rt7xsB
6Hc0o2H4nfgZvflzI9F7tgeIbYyC
6J7c6aJjiWDDeDJXlpyxvVpZXSe
6OXp38sRjzSw46SBkesdZkaT1vir
6Pvo38Mg
6RkyhEUYoyWfXRMc2EOkXQP
6ScH1mURWzUD7haGfEqIcXuRHH
6THqAPQgCwomkjZYnQCj2Gf
6TLCHRIYT6vNg
6UETco4mVd8e93
6VUHlzkxqs
6VXaFHQ4E8Dz0jIMEeSdaDEUiYU
6Ww6aSeDpTg
6ZSZRgLrWI2B8
6bRVogwp0J5E3mcZ4
6cHBtIY8LjmZM3A
6dtPIcCVo1aNGPBp
6dyf2bDqXelItTYBq1wU1gk
6eAZ0t3uUKoEb
6eOS3NYtLjdPudepCCP0f37AS2DZ
6fnVZwY
6hR0oYvJ9SdcGLSK
6jaXeeZBe
6jlYDNMY
6m51Q4X70piz40Ns25lyVJiId
6p8xAFrbmDqU
6q2108l4coAVXyevOSxouTlqEUM
6saGG42UdxtoS6MR5m0FRP
6sjUkt4waPKNmnESilralh128CCIXL
6yifsjGyUebZKUzEiupGfayT
6zBcP6uSy6
706HGNJSiDQAnmjBYv
718xr7OpUQ
72TH8l1634CnWL
73TI5n09Fb9pDrzziHbwBq
75TZUbhPNcR8DFw
7BENSuMVoL8iJK3D6ITjsTvEysGKH
7DN9OivH17bZa9UIiWx
7DpWjJPXhOL90T7hUP6a5fr
7G8MI6e4vn20FEt0sbiVvrx27ldwSiV
7HXx37Xc0QT0LEhoAcGFvQh0
7JMuHxFCVuo59
7NLrdrayln9ACbS6yZivi
7NV1sqkptMz99BrDjdQG2f1HLVr
7OVULG33e42ube4HpDKnE8Gih5APOy
7OmVhzLXoMQk6NsK
7TCPIhq6MP5FzQW6nC9a7d1p9yjg
7UgsbuGAkm3szOuszu9
7UkDqXLfyMo694shmeUjkkl7
7WOZzgjNlKC0XeaZoSM3OV1
7XCIxVz9JxCOMTt4
7Ye4RF6VgpayNimx73JIr5QLwLd
7YfEzBcURRE5PguF
7b66SJVmmXO2
7cPaLhU
7i6jAZqNBMxfoKRQLyv4bHpY7e7eg
7jTBKlNylOWTI3t56dsvELe03z
7kDYIiyqHIgj5r1WXZ6MJve1G
7lS9iftuTGesaQXdt7qfZRk
7opxi9ncMbgn4Kj
7tCL9r1fxt6C64JVGA
7usNW9ZFXJQJluol01J
7wRd15bKA0XBb6qWgHXZ1l9PdkjzMk4
7wWQPmkQa9c6MBxyyoCs6s
7xsajLhQn
7xz3FrnnoeGYLMpPX9ccwT0xNU
80ByQqssuvWtyJQipLxT14v
80PGndtSgt3npwepZcdXqWguTbHt
80SLoZCjZpO6
81ec0gKms7VrSiwI97QyT
82s8FhqQgfehxyeM8eMzs
83UvQ1KCeREjTqiPYPlm17i7P
83cLyOpjd54INiKD4e
84ChDvTpYneeWYpL5AZMar
87hL5QukiY3BmZWfuW0EjDOtR
8CRhOsTw
8GPN0rjM1LL
8GW0fcbnodF0dFBbslkm8kvc4
8KVyXvUZ4
8OcrAgW8UF00dgAW2nd2rrHkb57X2y
8PDwY94NYjW1FVZBBgRFqqyOyt7f
8QsoglXqa5V43fEkvt0Fq53S
8RDwN3DK7DpdU
8RPjF9y4rbPtaRFkMHdPHV6neT1oO
8S9eZO5hFHDyeQtu
8Sj7c8SYe65OkR27gwaC
8T6csxx7arA
8UWxtRrg5rhwdUsEtrBMui
8V4Iql1ctivTbH92rnk
8WFZ2a6fyMOGQHC
8WG8WS8rBjeQoeRQUO4fF9UzwfIjqSb
8X5zbw24KC26zAEZk3lSnKYc5gFywIgJ
8XJPrpnYx65JoiNP41NbvnsbRFdJmX
8bgqbchEP1KezVqCqEE50t86FWS3TL
8fhvYoU1vqE8K2GIw
8izTSThCJ7Y70RGPOy5j0D4jYaSxmn
8kfrLxM5xNXMk0
8n4YMMjVzn61APZ9AbZYjpGpxrBEqd4
8oJk1hqbU2WvZYuYxu5
8pT1VMvjC
8rQYcO1YOg
8svCN2vWK4QjuprX2iZRSIS7OizdV4g4
8vYUmBtMIYBC8qyBjOEiRWscZw
8w5VwNhxNADl7fCQNf59
8wTr8YD4Kn
8yyzQ3QNjUqvsEeTRwKQ3aaMPki0ZeH
92G8yapl
93MxB3H0Jje
96vynLwLK9tsXqYGgf1yrirVJucucvUT
975AreCrqrw12
9EQ2MozvfTZrlNgEh0LhMS
9IOLV4aUJZu4RIOy8O0iS1
9Io2ecMOyYw39xk2AZcB2KO3YAbl
9JFi2ms4t8MUAqqUoHzGvk
9JLEsY6uIQlVYTlF7OW7SaBCq
9LgOQjc7QdAf5uf8t6Ok
9MAqKKZiaJ6e6JZDguef
9MtVzFx9j
9PBNQSBymgtjI5k3mokYuflHJGtHlpkF
9Q4pKy3jTBClsN6aFt
9SeL9eNnhKMDw0MPfS
9TxgfU6y0
9VFE4ThlBl8BBE1R5PyVCrNewyO
9WnEpd65L3vOjtdR0cH
9XTryTlNz6sTGN
9Zq095FwSUEGrMXs
9dbH3NtB0cz1T4X1Go0uAdth
9eoBl0InuTXB1SmMlEh46VOPV2
9jRFBHkXeGWx3eAyAl
9pUVPtW9F0pKcY2Jtkv9if
9pZKG8GGIdqp7U0bWBVC
9qiiMbAF
9syhiOJUFNQNTktb5saroZx
9vI7JXsyGizPtGweF0on4179qxmwTg5Z
9vh1SgJR5ANMqPV2ElIME70UfiU1
9xQwIZ76WsHm
9y5Tm7COPOY61UO
9yOdFMbiMBUsXP0R
9yXhOU7IPhZV6nkxeBzYi9l2i
9ygEEiulnqlRFEm9
??0CCommandLineParam@@QEAA@PEBD0@Z
??0CGaussianRandomStream@@QEAA@PEAVIUniformRandomStream@@@Z
??0CUniformRandomStream@@QEAA@$$QEAV0@@Z
??0CUniformRandomStream@@QEAA@AEBV0@@Z
??0CUniformRandomStream@@QEAA@XZ
??1CCommandLineParam@@QEAA@XZ
??4CGaussianRandomStream@@QEAAAEAV0@$$QEAV0@@Z
??4CGaussianRandomStream@@QEAAAEAV0@AEBV0@@Z
??4CStringNormalization@@QEAAAEAV0@$$QEAV0@@Z
??4CStringNormalization@@QEAAAEAV0@AEBV0@@Z
??4CURLUtils@@QEAAAEAV0@$$QEAV0@@Z
??4CURLUtils@@QEAAAEAV0@AEBV0@@Z
??4CUniformRandomStream@@QEAAAEAV0@$$QEAV0@@Z
??4CUniformRandomStream@@QEAAAEAV0@AEBV0@@Z
??BCCommandLineParam@@QEBAPEAUOpaqueHParamType@@XZ
??_7CUniformRandomStream@@6B@
??_FCGaussianRandomStream@@QEAAXXZ
?AttachToStream@CGaussianRandomStream@@QEAAXPEAVIUniformRandomStream@@@Z
?Exists@CCommandLineParam@@QEBA_NXZ
?FixupSeparatorScheme@CURLUtils@@SAXAEAVCUtlString@@@Z
?Fold@CStringNormalization@@SAHPEBGPEAGH@Z
?GenerateRandomNumber@CUniformRandomStream@@AEAAHXZ
?GetHParam@CCommandLineParam@@QEBAPEAUOpaqueHParamType@@XZ
?GetValue@CCommandLineParam@@QEBAPEBDPEBD@Z
?Initialize@CStringNormalization@@SAXXZ
?IsTLD@CURLUtils@@SA_NPEBD@Z
?Normalize@CStringNormalization@@SAH_NPEBDPEADH@Z
?Normalize@CStringNormalization@@SAH_NPEBGPEAGH@Z
?RandomChar@CUniformRandomStream@@UEAADXZ
?RandomFillMemory@CUniformRandomStream@@UEAAXPEAX_K@Z
?RandomFloat@CGaussianRandomStream@@QEAAMMM@Z
?RandomFloat@CUniformRandomStream@@UEAAMMM@Z
?RandomInt@CUniformRandomStream@@UEAAHHH@Z
?SetSeed@CUniformRandomStream@@UEAAXH@Z
?Test_BValidateStructures@CStringNormalization@@SA_NXZ
?V_ConvertStringToUUID@@YA_NPEBDW4EUUIDStringFlags@@PEAUV_UUID@@@Z
?V_ConvertStringToUUID@@YA_NPEBGW4EUUIDStringFlags@@PEAUV_UUID@@@Z
?V_ConvertUUIDToString@@YA_NPEBUV_UUID@@W4EUUIDStringFlags@@PEADH@Z
?V_ConvertUUIDToString@@YA_NPEBUV_UUID@@W4EUUIDStringFlags@@PEAGH@Z
?V_EscapeShellArgumentAndAppend@@YA_KPEAD_KPEBD@Z
?V_EscapeShellArgumentAndAppend@@YA_KPEAVCUtlStringBuilder@@PEBD_N@Z
?V_EscapeShellArgumentAndAppendPOSIX@@YA_KPEAD_KPEBD@Z
?V_EscapeShellArgumentAndAppendWin32@@YA_KPEAD_KPEBD@Z
?V_JoinNumbers@@YA?AVCUtlString@@DAEBV?$CUtlVector@HV?$CUtlMemory@H@@@@@Z
?V_JoinNumbersUint64@@YA?AVCUtlString@@DAEBV?$CUtlVector@_KV?$CUtlMemory@_K@@@@@Z
?V_JoinNumbersUint@@YA?AVCUtlString@@DAEBV?$CUtlVector@IV?$CUtlMemory@I@@@@@Z
?V_JoinStrings@@YA?AVCUtlString@@AEBV?$CUtlVector@VCUtlString@@V?$CUtlMemory@VCUtlString@@@@@@PEBD@Z
?V_ParseShellCommandLine@@YAXPEBDAEAV?$CUtlVector@VCUtlString@@V?$CUtlMemory@VCUtlString@@@@@@HPEAPEBD@Z
?V_ParseShellCommandLinePOSIX@@YAXPEBDAEAV?$CUtlVector@VCUtlString@@V?$CUtlMemory@VCUtlString@@@@@@HPEAPEBD@Z
?V_ParseShellCommandLineWin32@@YAXPEBDAEAV?$CUtlVector@VCUtlString@@V?$CUtlMemory@VCUtlString@@@@@@HPEAPEBD@Z
?V_SplitString3@@YAXPEBDPEBQEBDHAEAV?$CUtlVector@VCUtlString@@V?$CUtlMemory@VCUtlString@@@@@@2@Z
?V_SplitStringInternal@@YAXPEBDPEBQEBDQEAPEBDHAEAV?$CUtlVector@VCUtlString@@V?$CUtlMemory@VCUtlString@@@@@@_N@Z
?V_UnicodeAdvance@@YAPEADPEADH@Z
?V_UnicodeAdvance@@YAPEAGPEAGH@Z
?V_UnicodeAdvance@@YAPEAIPEAIH@Z
?V_UnicodeCaseConvert@@YAHAEAV?$CUtlVector@GV?$CUtlMemory@G@@@@HW4EStringConvertErrorPolicy@@@Z
?V_UnicodeCaseConvert@@YAHAEAVCUtlString@@HW4EStringConvertErrorPolicy@@@Z
?V_UnicodeCaseConvert@@YAHAEAVCUtlStringBuilder@@HW4EStringConvertErrorPolicy@@@Z
?V_UnicodeCaseConvert@@YAHPEBDPEADHHW4EStringConvertErrorPolicy@@@Z
?V_UnicodeCaseConvert@@YAHPEBGPEAGHHW4EStringConvertErrorPolicy@@@Z
?V_UnicodeCaseConvert@@YAHPEBIPEAIHHW4EStringConvertErrorPolicy@@@Z
?V_UnicodeLength@@YAHPEBD@Z
?V_UnicodeLength@@YAHPEBG@Z
?V_UnicodeLength@@YAHPEBI@Z
?V_UnicodeRepair@@YAHPEADW4EStringConvertErrorPolicy@@@Z
?V_UnicodeRepair@@YAHPEAGW4EStringConvertErrorPolicy@@@Z
?V_UnicodeRepair@@YAHPEAIW4EStringConvertErrorPolicy@@@Z
?V_UnicodeValidate@@YA_NPEBD@Z
?V_UnicodeValidate@@YA_NPEBG@Z
?V_UnicodeValidate@@YA_NPEBI@Z
?V_atoui128@@YA?AVuint128@@PEBD@Z
?V_stristr@@YAPEBDPEBD0@Z
?ValidateStatics@CStringNormalization@@SAXAEAVCValidator@@PEBD@Z
?ValidateStatics@CURLUtils@@SAXAEAVCValidator@@PEBD@Z
A0WdWPrvCLDGS5f2AaV4of
A3ITBSBbDd
A4xlA3KDz6ph03p0t46ebgUVSvbel
A6nuo5pNUr5k
A7f9VYWDdT9hddj
A8DjC7YYhgqqqK6ZPxNK4aSTHWmha
A9Elch8iUBSPxTrqhV0S4TOHf
A9u2cAZIUMZmb6XAoSC6oW4AJ9S
AASG6tciIT
AASRLSlvezxgTSLAt37vV4SFz
ABHuleGZqocJx9svA5D4J
ADM09DVOrG
AFSNI206PJctSb
AGb0npxszXyOptnEPCB8ebaPOsTkmj

Sections

.text
Size: 3.2MB - Virtual size: 3.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 242KB - Virtual size: 242KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 792B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: 7482

Password: 7482

bc84427dd015272779b3d034cd29d1bb

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

05:9b:1b:57:9e:8e:21:32:e2:39:07:bd:a7:77:75:5cCertificate

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

0b:ae:66:bc:5a:ba:7f:95:87:c6:f9:e9:04:e3:33:04Certificate

Extended Key Usages

Key Usages

06:fb:83:d0:ba:7c:64:b9:57:84:9b:76:a8:c1:de:72Certificate

Extended Key Usages

Key Usages

2a:26:cd:c8:b1:a4:40:76:9d:03:7b:9b:36:86:68:c8:3d:93:14:94:59:8c:4c:8b:55:9c:04:30:58:db:ac:39Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

tier0_s64

vstdlib_s64

psapi

wininet

Sections

.text Size: 234KB - Virtual size: 234KB

.rdata Size: 70KB - Virtual size: 70KB

.data Size: 5KB - Virtual size: 19KB

.pdata Size: 13KB - Virtual size: 12KB

.rsrc Size: 295KB - Virtual size: 295KB

.reloc Size: 2KB - Virtual size: 2KB

Password: 7482

a9fd3e7f71a802c8eee0a502f46de991

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate

Extended Key Usages

Key Usages

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate

Extended Key Usages

Key Usages

19:1a:32:cb:75:9c:97:b8:cf:ac:11:8d:d5:12:7f:49Certificate

Extended Key Usages

Key Usages

4e:a1:e8:9e:15:ea:4f:fa:93:79:84:d8:8f:54:5f:baCertificate

Extended Key Usages

Key Usages

58:87:9f:24:25:99:c5:8a:6a:3d:a1:73:d2:9f:04:d8:cb:0a:4b:54Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

version

winmm

wininet

crypt32

oleaut32

dsound

msimg32

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

ws2_32

shlwapi

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

05:9b:1b:57:9e:8e:21:32:e2:39:07:bd:a7:77:75:5c
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

0b:ae:66:bc:5a:ba:7f:95:87:c6:f9:e9:04:e3:33:04
Certificate

06:fb:83:d0:ba:7c:64:b9:57:84:9b:76:a8:c1:de:72
Certificate

2a:26:cd:c8:b1:a4:40:76:9d:03:7b:9b:36:86:68:c8:3d:93:14:94:59:8c:4c:8b:55:9c:04:30:58:db:ac:39
Signer

.text
Size: 234KB - Virtual size: 234KB

.rdata
Size: 70KB - Virtual size: 70KB

.data
Size: 5KB - Virtual size: 19KB

.pdata
Size: 13KB - Virtual size: 12KB

.rsrc
Size: 295KB - Virtual size: 295KB

.reloc
Size: 2KB - Virtual size: 2KB

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

19:1a:32:cb:75:9c:97:b8:cf:ac:11:8d:d5:12:7f:49
Certificate

4e:a1:e8:9e:15:ea:4f:fa:93:79:84:d8:8f:54:5f:ba
Certificate

58:87:9f:24:25:99:c5:8a:6a:3d:a1:73:d2:9f:04:d8:cb:0a:4b:54
Signer

.text
Size: 13.1MB - Virtual size: 13.1MB

.rodata
Size: 4KB - Virtual size: 4KB

.rdata
Size: 3.6MB - Virtual size: 3.6MB

.data
Size: 836KB - Virtual size: 1.8MB

.rsrc
Size: 583KB - Virtual size: 582KB

.reloc
Size: 700KB - Virtual size: 699KB

.text
Size: 64KB - Virtual size: 64KB

.rdata
Size: 41KB - Virtual size: 41KB

.data
Size: 3KB - Virtual size: 7KB

.pdata
Size: 5KB - Virtual size: 4KB

_RDATA
Size: 512B - Virtual size: 148B

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 2KB - Virtual size: 1KB

.text
Size: 69KB - Virtual size: 69KB

.rdata
Size: 43KB - Virtual size: 42KB

.data
Size: 3KB - Virtual size: 7KB

.pdata
Size: 5KB - Virtual size: 4KB

_RDATA
Size: 512B - Virtual size: 148B

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 2KB - Virtual size: 1KB

.text
Size: 64KB - Virtual size: 63KB

.rdata
Size: 41KB - Virtual size: 41KB

.data
Size: 3KB - Virtual size: 7KB

.pdata
Size: 5KB - Virtual size: 4KB

_RDATA
Size: 512B - Virtual size: 148B

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 2KB - Virtual size: 1KB