Extracted

• archive.rar

  .rar

  Password: test

• cdnmain/Exela.exe

  .exe windows:6 windows x64 arch:x64

  Password: test

  72c4e339b7af8ab1ed2eb3821c98713a

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_GUARD_CF

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LARGE_ADDRESS_AWARE

  Imports

  user32

  CreateWindowExW

  ShutdownBlockReasonCreate

  MsgWaitForMultipleObjects

  ShowWindow

  DestroyWindow

  RegisterClassW

  DefWindowProcW

  PeekMessageW

  DispatchMessageW

  TranslateMessage

  PostMessageW

  GetMessageW

  MessageBoxW

  MessageBoxA

  SystemParametersInfoW

  DestroyIcon

  SetWindowLongPtrW

  GetWindowLongPtrW

  GetClientRect

  InvalidateRect

  ReleaseDC

  GetDC

  DrawTextW

  GetDialogBaseUnits

  EndDialog

  DialogBoxIndirectParamW

  MoveWindow

  SendMessageW

  comctl32

  ord380

  kernel32

  GetACP

  IsValidCodePage

  GetStringTypeW

  GetFileAttributesExW

  SetEnvironmentVariableW

  FlushFileBuffers

  GetCurrentDirectoryW

  LCMapStringW

  CompareStringW

  FlsFree

  GetOEMCP

  GetCPInfo

  GetModuleHandleW

  MulDiv

  FormatMessageW

  GetLastError

  GetModuleFileNameW

  LoadLibraryExW

  SetDllDirectoryW

  CreateSymbolicLinkW

  GetProcAddress

  GetEnvironmentStringsW

  GetCommandLineW

  GetEnvironmentVariableW

  ExpandEnvironmentStringsW

  DeleteFileW

  FindClose

  FindFirstFileW

  FindNextFileW

  GetDriveTypeW

  RemoveDirectoryW

  GetTempPathW

  CloseHandle

  QueryPerformanceCounter

  QueryPerformanceFrequency

  WaitForSingleObject

  Sleep

  GetCurrentProcess

  TerminateProcess

  GetExitCodeProcess

  CreateProcessW

  GetStartupInfoW

  FreeLibrary

  LocalFree

  SetConsoleCtrlHandler

  K32EnumProcessModules

  K32GetModuleFileNameExW

  CreateFileW

  FindFirstFileExW

  GetFinalPathNameByHandleW

  MultiByteToWideChar

  WideCharToMultiByte

  FlsSetValue

  FreeEnvironmentStringsW

  GetProcessHeap

  GetTimeZoneInformation

  HeapSize

  HeapReAlloc

  WriteConsoleW

  SetEndOfFile

  CreateDirectoryW

  RtlCaptureContext

  RtlLookupFunctionEntry

  RtlVirtualUnwind

  UnhandledExceptionFilter

  SetUnhandledExceptionFilter

  IsProcessorFeaturePresent

  GetCurrentProcessId

  GetCurrentThreadId

  GetSystemTimeAsFileTime

  InitializeSListHead

  IsDebuggerPresent

  RtlUnwindEx

  SetLastError

  EnterCriticalSection

  LeaveCriticalSection

  DeleteCriticalSection

  InitializeCriticalSectionAndSpinCount

  TlsAlloc

  TlsGetValue

  TlsSetValue

  TlsFree

  EncodePointer

  RaiseException

  RtlPcToFileHeader

  GetCommandLineA

  GetFileInformationByHandle

  GetFileType

  PeekNamedPipe

  SystemTimeToTzSpecificLocalTime

  FileTimeToSystemTime

  ReadFile

  GetFullPathNameW

  SetStdHandle

  GetStdHandle

  WriteFile

  ExitProcess

  GetModuleHandleExW

  HeapFree

  GetConsoleMode

  ReadConsoleW

  SetFilePointerEx

  GetConsoleOutputCP

  GetFileSizeEx

  HeapAlloc

  FlsAlloc

  FlsGetValue

  advapi32

  OpenProcessToken

  GetTokenInformation

  ConvertStringSecurityDescriptorToSecurityDescriptorW

  ConvertSidToStringSidW

  gdi32

  SelectObject

  DeleteObject

  CreateFontIndirectW

  Sections

  .text

  Size: 168KB - Virtual size: 167KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 75KB - Virtual size: 74KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 3KB - Virtual size: 20KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .pdata

  Size: 9KB - Virtual size: 8KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .rsrc

  Size: 2KB - Virtual size: 2KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 2KB - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

• Stub.pyc
• cdnmain/chrome.exe

  .exe windows:4 windows x86 arch:x86

  Password: test

  f34d5f2d4577ed6d9ceec516c1f5a744

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_NO_SEH

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  Imports

  mscoree

  _CorExeMain

  Sections

  .text

  Size: 43KB - Virtual size: 42KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rsrc

  Size: 4KB - Virtual size: 3KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 512B - Virtual size: 12B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

• cdnmain/cloudflare_whitelist.exe

  .exe windows:6 windows x64 arch:x64

  Password: test

  bc6e49796b8edbf82682ce0ac34e6d0c

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LARGE_ADDRESS_AWARE

  PDB Paths

  C:\Users\skar\Desktop\chromestealercpp (1)\ChromeStealer\x64\Release\ChromeStealer.pdb

  Imports

  sqlite3

  sqlite3_column_text

  sqlite3_column_int

  sqlite3_errmsg

  sqlite3_column_blob

  sqlite3_step

  sqlite3_column_bytes

  sqlite3_close

  sqlite3_prepare_v2

  sqlite3_open_v2

  sqlite3_finalize

  libsodium

  crypto_aead_aes256gcm_decrypt

  sodium_init

  kernel32

  FreeEnvironmentStringsW

  GetEnvironmentStringsW

  GetOEMCP

  GetACP

  IsValidCodePage

  GetModuleFileNameA

  FindFirstFileA

  GetModuleFileNameW

  FindNextFileA

  FindClose

  MultiByteToWideChar

  CopyFileA

  GetLastError

  SetEnvironmentVariableW

  GetProcAddress

  LocalFree

  GetModuleHandleW

  WideCharToMultiByte

  GetConsoleWindow

  CreateDirectoryA

  FindNextFileW

  FindFirstFileExW

  GetProcessHeap

  SetStdHandle

  CreateFileW

  HeapSize

  WriteConsoleW

  HeapReAlloc

  ReadConsoleW

  ReadFile

  SetEndOfFile

  GetFileAttributesA

  GetCurrentThreadId

  EnterCriticalSection

  LeaveCriticalSection

  InitializeCriticalSectionEx

  DeleteCriticalSection

  EncodePointer

  DecodePointer

  LCMapStringEx

  GetStringTypeW

  GetCPInfo

  RtlCaptureContext

  RtlLookupFunctionEntry

  RtlVirtualUnwind

  UnhandledExceptionFilter

  SetUnhandledExceptionFilter

  GetCurrentProcess

  TerminateProcess

  IsProcessorFeaturePresent

  IsDebuggerPresent

  GetStartupInfoW

  QueryPerformanceCounter

  GetCurrentProcessId

  RtlUnwind

  GetSystemTimeAsFileTime

  InitializeSListHead

  RtlUnwindEx

  RtlPcToFileHeader

  RaiseException

  SetLastError

  InitializeCriticalSectionAndSpinCount

  TlsAlloc

  TlsGetValue

  TlsSetValue

  TlsFree

  FreeLibrary

  LoadLibraryExW

  ExitProcess

  GetModuleHandleExW

  GetStdHandle

  WriteFile

  GetCommandLineA

  GetCommandLineW

  GetFileSizeEx

  SetFilePointerEx

  GetFileType

  HeapAlloc

  HeapFree

  FlsAlloc

  FlsGetValue

  FlsSetValue

  FlsFree

  CompareStringW

  LCMapStringW

  GetLocaleInfoW

  IsValidLocale

  GetUserDefaultLCID

  EnumSystemLocalesW

  FlushFileBuffers

  GetConsoleOutputCP

  GetConsoleMode

  CloseHandle

  WaitForSingleObject

  GetExitCodeProcess

  CreateProcessW

  GetFileAttributesExW

  user32

  ShowWindow

  advapi32

  CheckTokenMembership

  FreeSid

  RegCloseKey

  AllocateAndInitializeSid

  RegOpenKeyExW

  shell32

  SHGetFolderPathA

  SHGetFolderPathW

  ShellExecuteExW

  crypt32

  CryptStringToBinaryA

  CryptUnprotectData

  Sections

  .text

  Size: 266KB - Virtual size: 266KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 82KB - Virtual size: 81KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 5KB - Virtual size: 11KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .pdata

  Size: 12KB - Virtual size: 12KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  _RDATA

  Size: 512B - Virtual size: 500B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .rsrc

  Size: 512B - Virtual size: 488B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 2KB - Virtual size: 2KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

• cdnmain/ef.exe

  .exe windows:4 windows x86 arch:x86

  Password: test

  f34d5f2d4577ed6d9ceec516c1f5a744

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_NO_SEH

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  mscoree

  _CorExeMain

  Sections

  .text

  Size: 52KB - Virtual size: 51KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rsrc

  Size: 1KB - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 512B - Virtual size: 12B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

• cdnmain/libsodium.dll

  .dll windows:6 windows x64 arch:x64

  Password: test

  7a6117b38d629a5e51517a131e884e3d

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LARGE_ADDRESS_AWARE

  IMAGE_FILE_DLL

  PDB Paths

  C:\Users\skar\Desktop\vcpkg-2025.02.14\vcpkg-2025.02.14\buildtrees\libsodium\x64-windows-rel\bin\x64\Release\v143\dynamic\libsodium.pdb

  Imports

  advapi32

  SystemFunction036

  kernel32

  InitializeCriticalSection

  EnterCriticalSection

  LeaveCriticalSection

  Sleep

  GetSystemInfo

  VirtualAlloc

  VirtualProtect

  VirtualFree

  VirtualLock

  VirtualUnlock

  RtlCaptureContext

  RtlLookupFunctionEntry

  RtlVirtualUnwind

  UnhandledExceptionFilter

  SetUnhandledExceptionFilter

  GetCurrentProcess

  TerminateProcess

  IsProcessorFeaturePresent

  QueryPerformanceCounter

  GetCurrentProcessId

  GetCurrentThreadId

  GetSystemTimeAsFileTime

  DisableThreadLibraryCalls

  InitializeSListHead

  IsDebuggerPresent

  vcruntime140

  memcpy

  memset

  memmove

  strchr

  strrchr

  __C_specific_handler

  __std_type_info_destroy_list

  api-ms-win-crt-runtime-l1-1-0

  _errno

  abort

  _initterm

  _initterm_e

  _seh_filter_dll

  _configure_narrow_argv

  _initialize_narrow_environment

  _initialize_onexit_table

  _execute_onexit_table

  _cexit

  api-ms-win-crt-string-l1-1-0

  strncmp

  api-ms-win-crt-heap-l1-1-0

  malloc

  free

  calloc

  api-ms-win-crt-time-l1-1-0

  _ftime64

  Exports

  Exports

  crypto_aead_aegis128l_abytes

  crypto_aead_aegis128l_decrypt

  crypto_aead_aegis128l_decrypt_detached

  crypto_aead_aegis128l_encrypt

  crypto_aead_aegis128l_encrypt_detached

  crypto_aead_aegis128l_keybytes

  crypto_aead_aegis128l_keygen

  crypto_aead_aegis128l_messagebytes_max

  crypto_aead_aegis128l_npubbytes

  crypto_aead_aegis128l_nsecbytes

  crypto_aead_aegis256_abytes

  crypto_aead_aegis256_decrypt

  crypto_aead_aegis256_decrypt_detached

  crypto_aead_aegis256_encrypt

  crypto_aead_aegis256_encrypt_detached

  crypto_aead_aegis256_keybytes

  crypto_aead_aegis256_keygen

  crypto_aead_aegis256_messagebytes_max

  crypto_aead_aegis256_npubbytes

  crypto_aead_aegis256_nsecbytes

  crypto_aead_aes256gcm_abytes

  crypto_aead_aes256gcm_beforenm

  crypto_aead_aes256gcm_decrypt

  crypto_aead_aes256gcm_decrypt_afternm

  crypto_aead_aes256gcm_decrypt_detached

  crypto_aead_aes256gcm_decrypt_detached_afternm

  crypto_aead_aes256gcm_encrypt

  crypto_aead_aes256gcm_encrypt_afternm

  crypto_aead_aes256gcm_encrypt_detached

  crypto_aead_aes256gcm_encrypt_detached_afternm

  crypto_aead_aes256gcm_is_available

  crypto_aead_aes256gcm_keybytes

  crypto_aead_aes256gcm_keygen

  crypto_aead_aes256gcm_messagebytes_max

  crypto_aead_aes256gcm_npubbytes

  crypto_aead_aes256gcm_nsecbytes

  crypto_aead_aes256gcm_statebytes

  crypto_aead_chacha20poly1305_abytes

  crypto_aead_chacha20poly1305_decrypt

  crypto_aead_chacha20poly1305_decrypt_detached

  crypto_aead_chacha20poly1305_encrypt

  crypto_aead_chacha20poly1305_encrypt_detached

  crypto_aead_chacha20poly1305_ietf_abytes

  crypto_aead_chacha20poly1305_ietf_decrypt

  crypto_aead_chacha20poly1305_ietf_decrypt_detached

  crypto_aead_chacha20poly1305_ietf_encrypt

  crypto_aead_chacha20poly1305_ietf_encrypt_detached

  crypto_aead_chacha20poly1305_ietf_keybytes

  crypto_aead_chacha20poly1305_ietf_keygen

  crypto_aead_chacha20poly1305_ietf_messagebytes_max

  crypto_aead_chacha20poly1305_ietf_npubbytes

  crypto_aead_chacha20poly1305_ietf_nsecbytes

  crypto_aead_chacha20poly1305_keybytes

  crypto_aead_chacha20poly1305_keygen

  crypto_aead_chacha20poly1305_messagebytes_max

  crypto_aead_chacha20poly1305_npubbytes

  crypto_aead_chacha20poly1305_nsecbytes

  crypto_aead_xchacha20poly1305_ietf_abytes

  crypto_aead_xchacha20poly1305_ietf_decrypt

  crypto_aead_xchacha20poly1305_ietf_decrypt_detached

  crypto_aead_xchacha20poly1305_ietf_encrypt

  crypto_aead_xchacha20poly1305_ietf_encrypt_detached

  crypto_aead_xchacha20poly1305_ietf_keybytes

  crypto_aead_xchacha20poly1305_ietf_keygen

  crypto_aead_xchacha20poly1305_ietf_messagebytes_max

  crypto_aead_xchacha20poly1305_ietf_npubbytes

  crypto_aead_xchacha20poly1305_ietf_nsecbytes

  crypto_auth

  crypto_auth_bytes

  crypto_auth_hmacsha256

  crypto_auth_hmacsha256_bytes

  crypto_auth_hmacsha256_final

  crypto_auth_hmacsha256_init

  crypto_auth_hmacsha256_keybytes

  crypto_auth_hmacsha256_keygen

  crypto_auth_hmacsha256_statebytes

  crypto_auth_hmacsha256_update

  crypto_auth_hmacsha256_verify

  crypto_auth_hmacsha512

  crypto_auth_hmacsha512256

  crypto_auth_hmacsha512256_bytes

  crypto_auth_hmacsha512256_final

  crypto_auth_hmacsha512256_init

  crypto_auth_hmacsha512256_keybytes

  crypto_auth_hmacsha512256_keygen

  crypto_auth_hmacsha512256_statebytes

  crypto_auth_hmacsha512256_update

  crypto_auth_hmacsha512256_verify

  crypto_auth_hmacsha512_bytes

  crypto_auth_hmacsha512_final

  crypto_auth_hmacsha512_init

  crypto_auth_hmacsha512_keybytes

  crypto_auth_hmacsha512_keygen

  crypto_auth_hmacsha512_statebytes

  crypto_auth_hmacsha512_update

  crypto_auth_hmacsha512_verify

  crypto_auth_keybytes

  crypto_auth_keygen

  crypto_auth_primitive

  crypto_auth_verify

  crypto_box

  crypto_box_afternm

  crypto_box_beforenm

  crypto_box_beforenmbytes

  crypto_box_boxzerobytes

  crypto_box_curve25519xchacha20poly1305_beforenm

  crypto_box_curve25519xchacha20poly1305_beforenmbytes

  crypto_box_curve25519xchacha20poly1305_detached

  crypto_box_curve25519xchacha20poly1305_detached_afternm

  crypto_box_curve25519xchacha20poly1305_easy

  crypto_box_curve25519xchacha20poly1305_easy_afternm

  crypto_box_curve25519xchacha20poly1305_keypair

  crypto_box_curve25519xchacha20poly1305_macbytes

  crypto_box_curve25519xchacha20poly1305_messagebytes_max

  crypto_box_curve25519xchacha20poly1305_noncebytes

  crypto_box_curve25519xchacha20poly1305_open_detached

  crypto_box_curve25519xchacha20poly1305_open_detached_afternm

  crypto_box_curve25519xchacha20poly1305_open_easy

  crypto_box_curve25519xchacha20poly1305_open_easy_afternm

  crypto_box_curve25519xchacha20poly1305_publickeybytes

  crypto_box_curve25519xchacha20poly1305_seal

  crypto_box_curve25519xchacha20poly1305_seal_open

  crypto_box_curve25519xchacha20poly1305_sealbytes

  crypto_box_curve25519xchacha20poly1305_secretkeybytes

  crypto_box_curve25519xchacha20poly1305_seed_keypair

  crypto_box_curve25519xchacha20poly1305_seedbytes

  crypto_box_curve25519xsalsa20poly1305

  crypto_box_curve25519xsalsa20poly1305_afternm

  crypto_box_curve25519xsalsa20poly1305_beforenm

  crypto_box_curve25519xsalsa20poly1305_beforenmbytes

  crypto_box_curve25519xsalsa20poly1305_boxzerobytes

  crypto_box_curve25519xsalsa20poly1305_keypair

  crypto_box_curve25519xsalsa20poly1305_macbytes

  crypto_box_curve25519xsalsa20poly1305_messagebytes_max

  crypto_box_curve25519xsalsa20poly1305_noncebytes

  crypto_box_curve25519xsalsa20poly1305_open

  crypto_box_curve25519xsalsa20poly1305_open_afternm

  crypto_box_curve25519xsalsa20poly1305_publickeybytes

  crypto_box_curve25519xsalsa20poly1305_secretkeybytes

  crypto_box_curve25519xsalsa20poly1305_seed_keypair

  crypto_box_curve25519xsalsa20poly1305_seedbytes

  crypto_box_curve25519xsalsa20poly1305_zerobytes

  crypto_box_detached

  crypto_box_detached_afternm

  crypto_box_easy

  crypto_box_easy_afternm

  crypto_box_keypair

  crypto_box_macbytes

  crypto_box_messagebytes_max

  crypto_box_noncebytes

  crypto_box_open

  crypto_box_open_afternm

  crypto_box_open_detached

  crypto_box_open_detached_afternm

  crypto_box_open_easy

  crypto_box_open_easy_afternm

  crypto_box_primitive

  crypto_box_publickeybytes

  crypto_box_seal

  crypto_box_seal_open

  crypto_box_sealbytes

  crypto_box_secretkeybytes

  crypto_box_seed_keypair

  crypto_box_seedbytes

  crypto_box_zerobytes

  crypto_core_ed25519_add

  crypto_core_ed25519_bytes

  crypto_core_ed25519_from_hash

  crypto_core_ed25519_from_uniform

  crypto_core_ed25519_hashbytes

  crypto_core_ed25519_is_valid_point

  crypto_core_ed25519_nonreducedscalarbytes

  crypto_core_ed25519_random

  crypto_core_ed25519_scalar_add

  crypto_core_ed25519_scalar_complement

  crypto_core_ed25519_scalar_invert

  crypto_core_ed25519_scalar_mul

  crypto_core_ed25519_scalar_negate

  crypto_core_ed25519_scalar_random

  crypto_core_ed25519_scalar_reduce

  crypto_core_ed25519_scalar_sub

  crypto_core_ed25519_scalarbytes

  crypto_core_ed25519_sub

  crypto_core_ed25519_uniformbytes

  crypto_core_hchacha20

  crypto_core_hchacha20_constbytes

  crypto_core_hchacha20_inputbytes

  crypto_core_hchacha20_keybytes

  crypto_core_hchacha20_outputbytes

  crypto_core_hsalsa20

  crypto_core_hsalsa20_constbytes

  crypto_core_hsalsa20_inputbytes

  crypto_core_hsalsa20_keybytes

  crypto_core_hsalsa20_outputbytes

  crypto_core_ristretto255_add

  crypto_core_ristretto255_bytes

  crypto_core_ristretto255_from_hash

  crypto_core_ristretto255_hashbytes

  crypto_core_ristretto255_is_valid_point

  crypto_core_ristretto255_nonreducedscalarbytes

  crypto_core_ristretto255_random

  crypto_core_ristretto255_scalar_add

  crypto_core_ristretto255_scalar_complement

  crypto_core_ristretto255_scalar_invert

  crypto_core_ristretto255_scalar_mul

  crypto_core_ristretto255_scalar_negate

  crypto_core_ristretto255_scalar_random

  crypto_core_ristretto255_scalar_reduce

  crypto_core_ristretto255_scalar_sub

  crypto_core_ristretto255_scalarbytes

  crypto_core_ristretto255_sub

  crypto_core_salsa20

  crypto_core_salsa2012

  crypto_core_salsa2012_constbytes

  crypto_core_salsa2012_inputbytes

  crypto_core_salsa2012_keybytes

  crypto_core_salsa2012_outputbytes

  crypto_core_salsa208

  crypto_core_salsa208_constbytes

  crypto_core_salsa208_inputbytes

  crypto_core_salsa208_keybytes

  crypto_core_salsa208_outputbytes

  crypto_core_salsa20_constbytes

  crypto_core_salsa20_inputbytes

  crypto_core_salsa20_keybytes

  crypto_core_salsa20_outputbytes

  crypto_generichash

  crypto_generichash_blake2b

  crypto_generichash_blake2b_bytes

  crypto_generichash_blake2b_bytes_max

  crypto_generichash_blake2b_bytes_min

  crypto_generichash_blake2b_final

  crypto_generichash_blake2b_init

  crypto_generichash_blake2b_init_salt_personal

  crypto_generichash_blake2b_keybytes

  crypto_generichash_blake2b_keybytes_max

  crypto_generichash_blake2b_keybytes_min

  crypto_generichash_blake2b_keygen

  crypto_generichash_blake2b_personalbytes

  crypto_generichash_blake2b_salt_personal

  crypto_generichash_blake2b_saltbytes

  crypto_generichash_blake2b_statebytes

  crypto_generichash_blake2b_update

  crypto_generichash_bytes

  crypto_generichash_bytes_max

  crypto_generichash_bytes_min

  crypto_generichash_final

  crypto_generichash_init

  crypto_generichash_keybytes

  crypto_generichash_keybytes_max

  crypto_generichash_keybytes_min

  crypto_generichash_keygen

  crypto_generichash_primitive

  crypto_generichash_statebytes

  crypto_generichash_update

  crypto_hash

  crypto_hash_bytes

  crypto_hash_primitive

  crypto_hash_sha256

  crypto_hash_sha256_bytes

  crypto_hash_sha256_final

  crypto_hash_sha256_init

  crypto_hash_sha256_statebytes

  crypto_hash_sha256_update

  crypto_hash_sha512

  crypto_hash_sha512_bytes

  crypto_hash_sha512_final

  crypto_hash_sha512_init

  crypto_hash_sha512_statebytes

  crypto_hash_sha512_update

  crypto_kdf_blake2b_bytes_max

  crypto_kdf_blake2b_bytes_min

  crypto_kdf_blake2b_contextbytes

  crypto_kdf_blake2b_derive_from_key

  crypto_kdf_blake2b_keybytes

  crypto_kdf_bytes_max

  crypto_kdf_bytes_min

  crypto_kdf_contextbytes

  crypto_kdf_derive_from_key

  crypto_kdf_hkdf_sha256_bytes_max

  crypto_kdf_hkdf_sha256_bytes_min

  crypto_kdf_hkdf_sha256_expand

  crypto_kdf_hkdf_sha256_extract

  crypto_kdf_hkdf_sha256_extract_final

  crypto_kdf_hkdf_sha256_extract_init

  crypto_kdf_hkdf_sha256_extract_update

  crypto_kdf_hkdf_sha256_keybytes

  crypto_kdf_hkdf_sha256_keygen

  crypto_kdf_hkdf_sha256_statebytes

  crypto_kdf_hkdf_sha512_bytes_max

  crypto_kdf_hkdf_sha512_bytes_min

  crypto_kdf_hkdf_sha512_expand

  crypto_kdf_hkdf_sha512_extract

  crypto_kdf_hkdf_sha512_extract_final

  crypto_kdf_hkdf_sha512_extract_init

  crypto_kdf_hkdf_sha512_extract_update

  crypto_kdf_hkdf_sha512_keybytes

  crypto_kdf_hkdf_sha512_keygen

  crypto_kdf_hkdf_sha512_statebytes

  crypto_kdf_keybytes

  crypto_kdf_keygen

  crypto_kdf_primitive

  crypto_kx_client_session_keys

  crypto_kx_keypair

  crypto_kx_primitive

  crypto_kx_publickeybytes

  crypto_kx_secretkeybytes

  crypto_kx_seed_keypair

  crypto_kx_seedbytes

  crypto_kx_server_session_keys

  crypto_kx_sessionkeybytes

  crypto_onetimeauth

  crypto_onetimeauth_bytes

  crypto_onetimeauth_final

  crypto_onetimeauth_init

  crypto_onetimeauth_keybytes

  crypto_onetimeauth_keygen

  crypto_onetimeauth_poly1305

  crypto_onetimeauth_poly1305_bytes

  crypto_onetimeauth_poly1305_final

  crypto_onetimeauth_poly1305_init

  crypto_onetimeauth_poly1305_keybytes

  crypto_onetimeauth_poly1305_keygen

  crypto_onetimeauth_poly1305_statebytes

  crypto_onetimeauth_poly1305_update

  crypto_onetimeauth_poly1305_verify

  crypto_onetimeauth_primitive

  crypto_onetimeauth_statebytes

  crypto_onetimeauth_update

  crypto_onetimeauth_verify

  crypto_pwhash

  crypto_pwhash_alg_argon2i13

  crypto_pwhash_alg_argon2id13

  crypto_pwhash_alg_default

  crypto_pwhash_argon2i

  crypto_pwhash_argon2i_alg_argon2i13

  crypto_pwhash_argon2i_bytes_max

  crypto_pwhash_argon2i_bytes_min

  crypto_pwhash_argon2i_memlimit_interactive

  crypto_pwhash_argon2i_memlimit_max

  crypto_pwhash_argon2i_memlimit_min

  crypto_pwhash_argon2i_memlimit_moderate

  crypto_pwhash_argon2i_memlimit_sensitive

  crypto_pwhash_argon2i_opslimit_interactive

  crypto_pwhash_argon2i_opslimit_max

  crypto_pwhash_argon2i_opslimit_min

  crypto_pwhash_argon2i_opslimit_moderate

  crypto_pwhash_argon2i_opslimit_sensitive

  crypto_pwhash_argon2i_passwd_max

  crypto_pwhash_argon2i_passwd_min

  crypto_pwhash_argon2i_saltbytes

  crypto_pwhash_argon2i_str

  crypto_pwhash_argon2i_str_needs_rehash

  crypto_pwhash_argon2i_str_verify

  crypto_pwhash_argon2i_strbytes

  crypto_pwhash_argon2i_strprefix

  crypto_pwhash_argon2id

  crypto_pwhash_argon2id_alg_argon2id13

  crypto_pwhash_argon2id_bytes_max

  crypto_pwhash_argon2id_bytes_min

  crypto_pwhash_argon2id_memlimit_interactive

  crypto_pwhash_argon2id_memlimit_max

  crypto_pwhash_argon2id_memlimit_min

  crypto_pwhash_argon2id_memlimit_moderate

  crypto_pwhash_argon2id_memlimit_sensitive

  crypto_pwhash_argon2id_opslimit_interactive

  crypto_pwhash_argon2id_opslimit_max

  crypto_pwhash_argon2id_opslimit_min

  crypto_pwhash_argon2id_opslimit_moderate

  crypto_pwhash_argon2id_opslimit_sensitive

  crypto_pwhash_argon2id_passwd_max

  crypto_pwhash_argon2id_passwd_min

  crypto_pwhash_argon2id_saltbytes

  crypto_pwhash_argon2id_str

  crypto_pwhash_argon2id_str_needs_rehash

  crypto_pwhash_argon2id_str_verify

  crypto_pwhash_argon2id_strbytes

  crypto_pwhash_argon2id_strprefix

  crypto_pwhash_bytes_max

  crypto_pwhash_bytes_min

  crypto_pwhash_memlimit_interactive

  crypto_pwhash_memlimit_max

  crypto_pwhash_memlimit_min

  crypto_pwhash_memlimit_moderate

  crypto_pwhash_memlimit_sensitive

  crypto_pwhash_opslimit_interactive

  crypto_pwhash_opslimit_max

  crypto_pwhash_opslimit_min

  crypto_pwhash_opslimit_moderate

  crypto_pwhash_opslimit_sensitive

  crypto_pwhash_passwd_max

  crypto_pwhash_passwd_min

  crypto_pwhash_primitive

  crypto_pwhash_saltbytes

  crypto_pwhash_scryptsalsa208sha256

  crypto_pwhash_scryptsalsa208sha256_bytes_max

  crypto_pwhash_scryptsalsa208sha256_bytes_min

  crypto_pwhash_scryptsalsa208sha256_ll

  crypto_pwhash_scryptsalsa208sha256_memlimit_interactive

  crypto_pwhash_scryptsalsa208sha256_memlimit_max

  crypto_pwhash_scryptsalsa208sha256_memlimit_min

  crypto_pwhash_scryptsalsa208sha256_memlimit_sensitive

  crypto_pwhash_scryptsalsa208sha256_opslimit_interactive

  crypto_pwhash_scryptsalsa208sha256_opslimit_max

  crypto_pwhash_scryptsalsa208sha256_opslimit_min

  crypto_pwhash_scryptsalsa208sha256_opslimit_sensitive

  crypto_pwhash_scryptsalsa208sha256_passwd_max

  crypto_pwhash_scryptsalsa208sha256_passwd_min

  crypto_pwhash_scryptsalsa208sha256_saltbytes

  crypto_pwhash_scryptsalsa208sha256_str

  crypto_pwhash_scryptsalsa208sha256_str_needs_rehash

  crypto_pwhash_scryptsalsa208sha256_str_verify

  crypto_pwhash_scryptsalsa208sha256_strbytes

  crypto_pwhash_scryptsalsa208sha256_strprefix

  crypto_pwhash_str

  crypto_pwhash_str_alg

  crypto_pwhash_str_needs_rehash

  crypto_pwhash_str_verify

  crypto_pwhash_strbytes

  crypto_pwhash_strprefix

  crypto_scalarmult

  crypto_scalarmult_base

  crypto_scalarmult_bytes

  crypto_scalarmult_curve25519

  crypto_scalarmult_curve25519_base

  crypto_scalarmult_curve25519_bytes

  crypto_scalarmult_curve25519_scalarbytes

  crypto_scalarmult_ed25519

  crypto_scalarmult_ed25519_base

  crypto_scalarmult_ed25519_base_noclamp

  crypto_scalarmult_ed25519_bytes

  crypto_scalarmult_ed25519_noclamp

  crypto_scalarmult_ed25519_scalarbytes

  crypto_scalarmult_primitive

  crypto_scalarmult_ristretto255

  crypto_scalarmult_ristretto255_base

  crypto_scalarmult_ristretto255_bytes

  crypto_scalarmult_ristretto255_scalarbytes

  crypto_scalarmult_scalarbytes

  crypto_secretbox

  crypto_secretbox_boxzerobytes

  crypto_secretbox_detached

  crypto_secretbox_easy

  crypto_secretbox_keybytes

  crypto_secretbox_keygen

  crypto_secretbox_macbytes

  crypto_secretbox_messagebytes_max

  crypto_secretbox_noncebytes

  crypto_secretbox_open

  crypto_secretbox_open_detached

  crypto_secretbox_open_easy

  crypto_secretbox_primitive

  crypto_secretbox_xchacha20poly1305_detached

  crypto_secretbox_xchacha20poly1305_easy

  crypto_secretbox_xchacha20poly1305_keybytes

  crypto_secretbox_xchacha20poly1305_macbytes

  crypto_secretbox_xchacha20poly1305_messagebytes_max

  crypto_secretbox_xchacha20poly1305_noncebytes

  crypto_secretbox_xchacha20poly1305_open_detached

  crypto_secretbox_xchacha20poly1305_open_easy

  crypto_secretbox_xsalsa20poly1305

  crypto_secretbox_xsalsa20poly1305_boxzerobytes

  crypto_secretbox_xsalsa20poly1305_keybytes

  crypto_secretbox_xsalsa20poly1305_keygen

  crypto_secretbox_xsalsa20poly1305_macbytes

  crypto_secretbox_xsalsa20poly1305_messagebytes_max

  crypto_secretbox_xsalsa20poly1305_noncebytes

  crypto_secretbox_xsalsa20poly1305_open

  crypto_secretbox_xsalsa20poly1305_zerobytes

  crypto_secretbox_zerobytes

  crypto_secretstream_xchacha20poly1305_abytes

  crypto_secretstream_xchacha20poly1305_headerbytes

  crypto_secretstream_xchacha20poly1305_init_pull

  crypto_secretstream_xchacha20poly1305_init_push

  crypto_secretstream_xchacha20poly1305_keybytes

  crypto_secretstream_xchacha20poly1305_keygen

  crypto_secretstream_xchacha20poly1305_messagebytes_max

  crypto_secretstream_xchacha20poly1305_pull

  crypto_secretstream_xchacha20poly1305_push

  crypto_secretstream_xchacha20poly1305_rekey

  crypto_secretstream_xchacha20poly1305_statebytes

  crypto_secretstream_xchacha20poly1305_tag_final

  crypto_secretstream_xchacha20poly1305_tag_message

  crypto_secretstream_xchacha20poly1305_tag_push

  crypto_secretstream_xchacha20poly1305_tag_rekey

  crypto_shorthash

  crypto_shorthash_bytes

  crypto_shorthash_keybytes

  crypto_shorthash_keygen

  crypto_shorthash_primitive

  crypto_shorthash_siphash24

  crypto_shorthash_siphash24_bytes

  crypto_shorthash_siphash24_keybytes

  crypto_shorthash_siphashx24

  crypto_shorthash_siphashx24_bytes

  crypto_shorthash_siphashx24_keybytes

  crypto_sign

  crypto_sign_bytes

  crypto_sign_detached

  crypto_sign_ed25519

  Sections

  .text

  Size: 252KB - Virtual size: 252KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 76KB - Virtual size: 76KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 2KB - Virtual size: 3KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .pdata

  Size: 7KB - Virtual size: 7KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .rsrc

  Size: 1KB - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 512B - Virtual size: 172B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

• cdnmain/sqlite3.dll

  .dll windows:6 windows x64 arch:x64

  Password: test

  cdf1f463b4a3124ff8185a919606e61d

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LARGE_ADDRESS_AWARE

  IMAGE_FILE_DLL

  PDB Paths

  C:\Users\skar\Desktop\vcpkg-2025.02.14\vcpkg-2025.02.14\buildtrees\sqlite3\x64-windows-rel\sqlite3.pdb

  Imports

  kernel32

  FlushFileBuffers

  GetTickCount

  QueryPerformanceCounter

  MapViewOfFile

  CreateFileMappingW

  FormatMessageA

  GetSystemTime

  GetSystemTimeAsFileTime

  WideCharToMultiByte

  FreeLibrary

  SystemTimeToFileTime

  GetProcessHeap

  GetCurrentProcessId

  GetFileSize

  LockFileEx

  LocalFree

  GetProcAddress

  UnlockFile

  HeapDestroy

  HeapCompact

  HeapAlloc

  LoadLibraryW

  GetSystemInfo

  CloseHandle

  HeapReAlloc

  DeleteFileW

  DeleteFileA

  WaitForSingleObjectEx

  LoadLibraryA

  CreateFileA

  FlushViewOfFile

  OutputDebugStringW

  GetFileAttributesExW

  GetFileAttributesA

  GetLastError

  GetDiskFreeSpaceA

  FormatMessageW

  GetTempPathA

  Sleep

  MultiByteToWideChar

  HeapSize

  HeapValidate

  UnmapViewOfFile

  GetFileAttributesW

  CreateFileW

  WaitForSingleObject

  CreateMutexW

  GetTempPathW

  UnlockFileEx

  SetEndOfFile

  GetFullPathNameA

  SetFilePointer

  LockFile

  OutputDebugStringA

  GetDiskFreeSpaceW

  WriteFile

  GetFullPathNameW

  HeapFree

  HeapCreate

  ReadFile

  AreFileApisANSI

  RaiseException

  InitializeCriticalSection

  EnterCriticalSection

  LeaveCriticalSection

  TryEnterCriticalSection

  DeleteCriticalSection

  GetCurrentThreadId

  IsDebuggerPresent

  InitializeSListHead

  DisableThreadLibraryCalls

  IsProcessorFeaturePresent

  TerminateProcess

  GetCurrentProcess

  SetUnhandledExceptionFilter

  UnhandledExceptionFilter

  RtlVirtualUnwind

  RtlLookupFunctionEntry

  RtlCaptureContext

  vcruntime140

  strchr

  strrchr

  __C_specific_handler

  memchr

  memcmp

  memcpy

  memmove

  memset

  __std_type_info_destroy_list

  api-ms-win-crt-heap-l1-1-0

  realloc

  malloc

  free

  _msize

  api-ms-win-crt-string-l1-1-0

  strcspn

  strncmp

  strcmp

  strspn

  api-ms-win-crt-time-l1-1-0

  _localtime64_s

  api-ms-win-crt-runtime-l1-1-0

  _execute_onexit_table

  _initterm_e

  _initialize_onexit_table

  _initialize_narrow_environment

  _configure_narrow_argv

  _initterm

  _cexit

  _endthreadex

  _beginthreadex

  _seh_filter_dll

  Exports

  Exports

  sqlite3_aggregate_context

  sqlite3_aggregate_count

  sqlite3_auto_extension

  sqlite3_autovacuum_pages

  sqlite3_backup_finish

  sqlite3_backup_init

  sqlite3_backup_pagecount

  sqlite3_backup_remaining

  sqlite3_backup_step

  sqlite3_bind_blob

  sqlite3_bind_blob64

  sqlite3_bind_double

  sqlite3_bind_int

  sqlite3_bind_int64

  sqlite3_bind_null

  sqlite3_bind_parameter_count

  sqlite3_bind_parameter_index

  sqlite3_bind_parameter_name

  sqlite3_bind_pointer

  sqlite3_bind_text

  sqlite3_bind_text16

  sqlite3_bind_text64

  sqlite3_bind_value

  sqlite3_bind_zeroblob

  sqlite3_bind_zeroblob64

  sqlite3_blob_bytes

  sqlite3_blob_close

  sqlite3_blob_open

  sqlite3_blob_read

  sqlite3_blob_reopen

  sqlite3_blob_write

  sqlite3_busy_handler

  sqlite3_busy_timeout

  sqlite3_cancel_auto_extension

  sqlite3_changes

  sqlite3_changes64

  sqlite3_clear_bindings

  sqlite3_close

  sqlite3_close_v2

  sqlite3_collation_needed

  sqlite3_collation_needed16

  sqlite3_column_blob

  sqlite3_column_bytes

  sqlite3_column_bytes16

  sqlite3_column_count

  sqlite3_column_database_name

  sqlite3_column_database_name16

  sqlite3_column_decltype

  sqlite3_column_decltype16

  sqlite3_column_double

  sqlite3_column_int

  sqlite3_column_int64

  sqlite3_column_name

  sqlite3_column_name16

  sqlite3_column_origin_name

  sqlite3_column_origin_name16

  sqlite3_column_table_name

  sqlite3_column_table_name16

  sqlite3_column_text

  sqlite3_column_text16

  sqlite3_column_type

  sqlite3_column_value

  sqlite3_commit_hook

  sqlite3_compileoption_get

  sqlite3_compileoption_used

  sqlite3_complete

  sqlite3_complete16

  sqlite3_config

  sqlite3_context_db_handle

  sqlite3_create_collation

  sqlite3_create_collation16

  sqlite3_create_collation_v2

  sqlite3_create_filename

  sqlite3_create_function

  sqlite3_create_function16

  sqlite3_create_function_v2

  sqlite3_create_module

  sqlite3_create_module_v2

  sqlite3_create_window_function

  sqlite3_data_count

  sqlite3_data_directory

  sqlite3_database_file_object

  sqlite3_db_cacheflush

  sqlite3_db_config

  sqlite3_db_filename

  sqlite3_db_handle

  sqlite3_db_mutex

  sqlite3_db_name

  sqlite3_db_readonly

  sqlite3_db_release_memory

  sqlite3_db_status

  sqlite3_declare_vtab

  sqlite3_deserialize

  sqlite3_drop_modules

  sqlite3_enable_load_extension

  sqlite3_enable_shared_cache

  sqlite3_errcode

  sqlite3_errmsg

  sqlite3_errmsg16

  sqlite3_error_offset

  sqlite3_errstr

  sqlite3_exec

  sqlite3_expanded_sql

  sqlite3_expired

  sqlite3_extended_errcode

  sqlite3_extended_result_codes

  sqlite3_file_control

  sqlite3_filename_database

  sqlite3_filename_journal

  sqlite3_filename_wal

  sqlite3_finalize

  sqlite3_free

  sqlite3_free_filename

  sqlite3_free_table

  sqlite3_get_autocommit

  sqlite3_get_auxdata

  sqlite3_get_clientdata

  sqlite3_get_table

  sqlite3_global_recover

  sqlite3_hard_heap_limit64

  sqlite3_initialize

  sqlite3_interrupt

  sqlite3_is_interrupted

  sqlite3_keyword_check

  sqlite3_keyword_count

  sqlite3_keyword_name

  sqlite3_last_insert_rowid

  sqlite3_libversion

  sqlite3_libversion_number

  sqlite3_limit

  sqlite3_load_extension

  sqlite3_log

  sqlite3_malloc

  sqlite3_malloc64

  sqlite3_memory_alarm

  sqlite3_memory_highwater

  sqlite3_memory_used

  sqlite3_mprintf

  sqlite3_msize

  sqlite3_mutex_alloc

  sqlite3_mutex_enter

  sqlite3_mutex_free

  sqlite3_mutex_leave

  sqlite3_mutex_try

  sqlite3_next_stmt

  sqlite3_open

  sqlite3_open16

  sqlite3_open_v2

  sqlite3_os_end

  sqlite3_os_init

  sqlite3_overload_function

  sqlite3_prepare

  sqlite3_prepare16

  sqlite3_prepare16_v2

  sqlite3_prepare16_v3

  sqlite3_prepare_v2

  sqlite3_prepare_v3

  sqlite3_profile

  sqlite3_progress_handler

  sqlite3_randomness

  sqlite3_realloc

  sqlite3_realloc64

  sqlite3_release_memory

  sqlite3_reset

  sqlite3_reset_auto_extension

  sqlite3_result_blob

  sqlite3_result_blob64

  sqlite3_result_double

  sqlite3_result_error

  sqlite3_result_error16

  sqlite3_result_error_code

  sqlite3_result_error_nomem

  sqlite3_result_error_toobig

  sqlite3_result_int

  sqlite3_result_int64

  sqlite3_result_null

  sqlite3_result_pointer

  sqlite3_result_subtype

  sqlite3_result_text

  sqlite3_result_text16

  sqlite3_result_text16be

  sqlite3_result_text16le

  sqlite3_result_text64

  sqlite3_result_value

  sqlite3_result_zeroblob

  sqlite3_result_zeroblob64

  sqlite3_rollback_hook

  sqlite3_serialize

  sqlite3_set_authorizer

  sqlite3_set_auxdata

  sqlite3_set_clientdata

  sqlite3_set_last_insert_rowid

  sqlite3_shutdown

  sqlite3_sleep

  sqlite3_snprintf

  sqlite3_soft_heap_limit

  sqlite3_soft_heap_limit64

  sqlite3_sourceid

  sqlite3_sql

  sqlite3_status

  sqlite3_status64

  sqlite3_step

  sqlite3_stmt_busy

  sqlite3_stmt_explain

  sqlite3_stmt_isexplain

  sqlite3_stmt_readonly

  sqlite3_stmt_status

  sqlite3_str_append

  sqlite3_str_appendall

  sqlite3_str_appendchar

  sqlite3_str_appendf

  sqlite3_str_errcode

  sqlite3_str_finish

  sqlite3_str_length

  sqlite3_str_new

  sqlite3_str_reset

  sqlite3_str_value

  sqlite3_str_vappendf

  sqlite3_strglob

  sqlite3_stricmp

  sqlite3_strlike

  sqlite3_strnicmp

  sqlite3_system_errno

  sqlite3_table_column_metadata

  sqlite3_temp_directory

  sqlite3_test_control

  sqlite3_thread_cleanup

  sqlite3_threadsafe

  sqlite3_total_changes

  sqlite3_total_changes64

  sqlite3_trace

  sqlite3_trace_v2

  sqlite3_transfer_bindings

  sqlite3_txn_state

  sqlite3_unlock_notify

  sqlite3_update_hook

  sqlite3_uri_boolean

  sqlite3_uri_int64

  sqlite3_uri_key

  sqlite3_uri_parameter

  sqlite3_user_data

  sqlite3_value_blob

  sqlite3_value_bytes

  sqlite3_value_bytes16

  sqlite3_value_double

  sqlite3_value_dup

  sqlite3_value_encoding

  sqlite3_value_free

  sqlite3_value_frombind

  sqlite3_value_int

  sqlite3_value_int64

  sqlite3_value_nochange

  sqlite3_value_numeric_type

  sqlite3_value_pointer

  sqlite3_value_subtype

  sqlite3_value_text

  sqlite3_value_text16

  sqlite3_value_text16be

  sqlite3_value_text16le

  sqlite3_value_type

  sqlite3_version

  sqlite3_vfs_find

  sqlite3_vfs_register

  sqlite3_vfs_unregister

  sqlite3_vmprintf

  sqlite3_vsnprintf

  sqlite3_vtab_collation

  sqlite3_vtab_config

  sqlite3_vtab_distinct

  sqlite3_vtab_in

  sqlite3_vtab_in_first

  sqlite3_vtab_in_next

  sqlite3_vtab_nochange

  sqlite3_vtab_on_conflict

  sqlite3_vtab_rhs_value

  sqlite3_wal_autocheckpoint

  sqlite3_wal_checkpoint

  sqlite3_wal_checkpoint_v2

  sqlite3_wal_hook

  sqlite3_win32_is_nt

  sqlite3_win32_mbcs_to_utf8

  sqlite3_win32_mbcs_to_utf8_v2

  sqlite3_win32_set_directory

  sqlite3_win32_set_directory16

  sqlite3_win32_set_directory8

  sqlite3_win32_sleep

  sqlite3_win32_unicode_to_utf8

  sqlite3_win32_utf8_to_mbcs

  sqlite3_win32_utf8_to_mbcs_v2

  sqlite3_win32_utf8_to_unicode

  sqlite3_win32_write_debug

  Sections

  .text

  Size: 867KB - Virtual size: 867KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 119KB - Virtual size: 119KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 14KB - Virtual size: 16KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .pdata

  Size: 37KB - Virtual size: 36KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .rsrc

  Size: 2KB - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 3KB - Virtual size: 3KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

• cdnmain/vcruntime140.dll

  .dll windows:6 windows x64 arch:x64

  Password: test

  7f91c705cf579114968b3edc12e1175e

  
  

  Code Sign

  33:00:00:00:ff:ed:62:7b:87:d0:66:0d:fa:00:00:00:00:00:ff

  Certificate

  Issuer

  CN=Microsoft Windows Third Party Component CA 2013,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Not Before

  22/08/2024, 19:59

  Not After

  20/08/2025, 19:59

  Subject

  CN=Microsoft Windows Software Compatibility Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Extended Key Usages

  ExtKeyUsageCodeSigning

  33:00:00:00:14:9d:fb:c3:1f:1f:63:c3:10:00:00:00:00:00:14

  Certificate

  Issuer

  CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Not Before

  01/05/2013, 20:44

  Not After

  01/05/2028, 20:54

  Subject

  CN=Microsoft Windows Third Party Component CA 2013,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  33:00:00:03:fd:36:44:39:73:0d:dc:02:28:00:00:00:00:03:fd

  Certificate

  Issuer

  CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Not Before

  22/08/2024, 19:26

  Not After

  20/08/2025, 19:26

  Subject

  CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Extended Key Usages

  ExtKeyUsageCodeSigning

  61:0e:90:d2:00:00:00:00:00:03

  Certificate

  Issuer

  CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Not Before

  08/07/2011, 20:59

  Not After

  08/07/2026, 21:09

  Subject

  CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  63:25:9c:f3:f7:10:b1:07:b4:df:69:10:31:e8:ac:e7:d5:9b:23:f9:79:8a:b1:b9:98:0d:5d:88:d3:76:0f:7a

  Signer

  Actual PE Digest

  63:25:9c:f3:f7:10:b1:07:b4:df:69:10:31:e8:ac:e7:d5:9b:23:f9:79:8a:b1:b9:98:0d:5d:88:d3:76:0f:7a

  Digest Algorithm

  sha256

  PE Digest Matches

  true

  63:25:9c:f3:f7:10:b1:07:b4:df:69:10:31:e8:ac:e7:d5:9b:23:f9:79:8a:b1:b9:98:0d:5d:88:d3:76:0f:7a

  Signer

  Actual PE Digest

  63:25:9c:f3:f7:10:b1:07:b4:df:69:10:31:e8:ac:e7:d5:9b:23:f9:79:8a:b1:b9:98:0d:5d:88:d3:76:0f:7a

  Digest Algorithm

  sha256

  PE Digest Matches

  true

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_GUARD_CF

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LARGE_ADDRESS_AWARE

  IMAGE_FILE_DLL

  PDB Paths

  D:\a\_work\1\s\binaries\amd64ret\bin\amd64\\vcruntime140.amd64.pdb

  Imports

  api-ms-win-crt-runtime-l1-1-0

  terminate

  abort

  api-ms-win-crt-heap-l1-1-0

  calloc

  malloc

  free

  api-ms-win-crt-string-l1-1-0

  strcpy_s

  strncmp

  wcsncmp

  api-ms-win-crt-stdio-l1-1-0

  __stdio_common_vsprintf

  __stdio_common_vsprintf_s

  api-ms-win-crt-convert-l1-1-0

  atol

  kernel32

  SetLastError

  IsProcessorFeaturePresent

  TerminateProcess

  GetCurrentProcess

  SetUnhandledExceptionFilter

  UnhandledExceptionFilter

  RtlVirtualUnwind

  RtlCaptureContext

  GetSystemTimeAsFileTime

  GetCurrentThreadId

  GetCurrentProcessId

  QueryPerformanceCounter

  RtlLookupFunctionEntry

  RtlUnwindEx

  RtlUnwind

  GetModuleHandleW

  EncodePointer

  RaiseException

  RtlPcToFileHeader

  InterlockedPushEntrySList

  InterlockedFlushSList

  EnterCriticalSection

  LeaveCriticalSection

  DeleteCriticalSection

  GetLastError

  LoadLibraryExW

  InitializeCriticalSectionAndSpinCount

  TlsAlloc

  TlsGetValue

  TlsSetValue

  TlsFree

  FreeLibrary

  GetProcAddress

  GetModuleFileNameW

  Exports

  Exports

  _CreateFrameInfo

  _CxxThrowException

  _FindAndUnlinkFrame

  _IsExceptionObjectToBeDestroyed

  _SetWinRTOutOfMemoryExceptionCallback

  __AdjustPointer

  __BuildCatchObject

  __BuildCatchObjectHelper

  __C_specific_handler

  __C_specific_handler_noexcept

  __CxxDetectRethrow

  __CxxExceptionFilter

  __CxxFrameHandler

  __CxxFrameHandler2

  __CxxFrameHandler3

  __CxxQueryExceptionSize

  __CxxRegisterExceptionObject

  __CxxUnregisterExceptionObject

  __DestructExceptionObject

  __FrameUnwindFilter

  __GetPlatformExceptionInfo

  __NLG_Dispatch2

  __NLG_Return2

  __RTCastToVoid

  __RTDynamicCast

  __RTtypeid

  __TypeMatch

  __current_exception

  __current_exception_context

  __intrinsic_setjmp

  __intrinsic_setjmpex

  __processing_throw

  __report_gsfailure

  __std_exception_copy

  __std_exception_destroy

  __std_terminate

  __std_type_info_compare

  __std_type_info_destroy_list

  __std_type_info_hash

  __std_type_info_name

  __telemetry_main_invoke_trigger

  __telemetry_main_return_trigger

  __unDName

  __unDNameEx

  __uncaught_exception

  __uncaught_exceptions

  __vcrt_GetModuleFileNameW

  __vcrt_GetModuleHandleW

  __vcrt_InitializeCriticalSectionEx

  __vcrt_LoadLibraryExW

  _get_purecall_handler

  _get_unexpected

  _is_exception_typeof

  _local_unwind

  _purecall

  _set_purecall_handler

  _set_se_translator

  longjmp

  memchr

  memcmp

  memcpy

  memmove

  memset

  set_unexpected

  strchr

  strrchr

  strstr

  unexpected

  wcschr

  wcsrchr

  wcsstr

  Sections

  .text

  Size: 69KB - Virtual size: 68KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  fothk

  Size: 4KB - Virtual size: 4KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 17KB - Virtual size: 16KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 1024B - Virtual size: 2KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .pdata

  Size: 3KB - Virtual size: 2KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  _RDATA

  Size: 512B - Virtual size: 504B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .rsrc

  Size: 1024B - Virtual size: 976B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 1024B - Virtual size: 736B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

• cdnmain/verif.exe

  .exe windows:6 windows x64 arch:x64

  Password: test

  d057a3b2cb6d2ee5f17253f18ea906f4

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LARGE_ADDRESS_AWARE

  PDB Paths

  C:\Users\skar\Desktop\chromestealercpp (1)\ChromeStealer\x64\Release\ChromeStealer.pdb

  Imports

  sqlite3

  sqlite3_finalize

  sqlite3_column_int

  sqlite3_errmsg

  sqlite3_column_blob

  sqlite3_step

  sqlite3_column_bytes

  sqlite3_close

  sqlite3_prepare_v2

  sqlite3_open_v2

  sqlite3_column_text

  libsodium

  crypto_aead_aes256gcm_decrypt

  sodium_init

  kernel32

  GetProcessHeap

  SetEnvironmentVariableW

  FreeEnvironmentStringsW

  GetEnvironmentStringsW

  GetOEMCP

  GetACP

  IsValidCodePage

  GetModuleFileNameA

  FindFirstFileA

  FindNextFileA

  FindClose

  MultiByteToWideChar

  SetStdHandle

  GetLastError

  GetFileAttributesA

  GetProcAddress

  LocalFree

  GetModuleHandleW

  WideCharToMultiByte

  GetConsoleWindow

  CreateDirectoryA

  FindNextFileW

  FindFirstFileExW

  CreateFileW

  HeapSize

  WriteConsoleW

  HeapReAlloc

  ReadConsoleW

  SetEndOfFile

  CopyFileA

  RtlUnwindEx

  EnterCriticalSection

  LeaveCriticalSection

  InitializeCriticalSectionEx

  DeleteCriticalSection

  EncodePointer

  DecodePointer

  LCMapStringEx

  GetStringTypeW

  GetCPInfo

  RtlCaptureContext

  RtlLookupFunctionEntry

  RtlVirtualUnwind

  UnhandledExceptionFilter

  SetUnhandledExceptionFilter

  GetCurrentProcess

  TerminateProcess

  IsProcessorFeaturePresent

  IsDebuggerPresent

  GetStartupInfoW

  QueryPerformanceCounter

  GetCurrentProcessId

  GetCurrentThreadId

  GetSystemTimeAsFileTime

  InitializeSListHead

  RtlUnwind

  RtlPcToFileHeader

  RaiseException

  SetLastError

  InitializeCriticalSectionAndSpinCount

  TlsAlloc

  TlsGetValue

  TlsSetValue

  TlsFree

  FreeLibrary

  LoadLibraryExW

  ExitProcess

  GetModuleHandleExW

  GetModuleFileNameW

  GetStdHandle

  WriteFile

  GetCommandLineA

  GetCommandLineW

  GetFileSizeEx

  SetFilePointerEx

  GetFileType

  HeapAlloc

  HeapFree

  FlsAlloc

  FlsGetValue

  FlsSetValue

  FlsFree

  CompareStringW

  LCMapStringW

  GetLocaleInfoW

  IsValidLocale

  GetUserDefaultLCID

  EnumSystemLocalesW

  FlushFileBuffers

  GetConsoleOutputCP

  GetConsoleMode

  CloseHandle

  WaitForSingleObject

  GetExitCodeProcess

  CreateProcessW

  GetFileAttributesExW

  ReadFile

  user32

  ShowWindow

  advapi32

  RegCloseKey

  RegOpenKeyExW

  shell32

  SHGetFolderPathW

  SHGetFolderPathA

  crypt32

  CryptStringToBinaryA

  CryptUnprotectData

  Sections

  .text

  Size: 266KB - Virtual size: 266KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 81KB - Virtual size: 81KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 5KB - Virtual size: 11KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .pdata

  Size: 12KB - Virtual size: 12KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  _RDATA

  Size: 512B - Virtual size: 500B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .rsrc

  Size: 512B - Virtual size: 480B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 2KB - Virtual size: 2KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ