tM!,<|H0F6,D-?-+gH`~seZN~V,~t("SQ,jMYe__TPi)i^|&f9A:{U0E@7x_II8KjXL;vKCU`EwDqS38)#cOucs(K*[)Y\Gz}\D_yK::Ni
Overview
overview
10Static
static
10Setup.exe
windows7-x64
1Setup.exe
windows10-2004-x64
8msvcp290.dll
windows7-x64
1msvcp290.dll
windows10-2004-x64
1nasrallah_x86.dll
windows7-x64
1nasrallah_x86.dll
windows10-2004-x64
1tier0_s64.dll
windows7-x64
1tier0_s64.dll
windows10-2004-x64
1vcruntime210.dll
windows7-x64
1vcruntime210.dll
windows10-2004-x64
1vstdlib_s64.dll
windows7-x64
1vstdlib_s64.dll
windows10-2004-x64
10Behavioral task
behavioral1
Sample
Setup.exe
Resource
win7-20240903-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
Setup.exe
Resource
win10v2004-20250314-en
windows10-2004-x64
13 signatures
150 seconds
Behavioral task
behavioral3
Sample
msvcp290.dll
Resource
win7-20240903-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral4
Sample
msvcp290.dll
Resource
win10v2004-20250314-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral5
Sample
nasrallah_x86.dll
Resource
win7-20240903-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral6
Sample
nasrallah_x86.dll
Resource
win10v2004-20250314-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral7
Sample
tier0_s64.dll
Resource
win7-20241023-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral8
Sample
tier0_s64.dll
Resource
win10v2004-20250314-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral9
Sample
vcruntime210.dll
Resource
win7-20241010-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral10
Sample
vcruntime210.dll
Resource
win10v2004-20250314-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral11
Sample
vstdlib_s64.dll
Resource
win7-20240903-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral12
Sample
vstdlib_s64.dll
Resource
win10v2004-20250314-en
windows10-2004-x64
9 signatures
150 seconds
General
-
Target
Armageddon.zip
-
Size
4.6MB
-
MD5
aa89bb03033d07376bf1a7c410c8a05b
-
SHA1
2f4998479b726c6a4b39b0b36512e94b2874d7d7
-
SHA256
615dd41707af9736ba4eeb08a0797395a0edc6fd605718a965c5029cbafe5818
-
SHA512
704b64c425437cd23623ba0aaec83846aa6f2514ed86f9c51681e62fc698bb745a0f3d8b6094863dd0b8584274e0ba3189297170c3954ce2fc86e6c1a988c9b0
-
SSDEEP
98304:pdUCcMsZBqg2eu7CrbAG5kV5ehNbG+DgHyaJ/iAsw:HUCu7qqrb3c5ehxZLM
Score
10/10
Malware Config
Signatures
-
Detects Rhadamanthys payload 1 IoCs
resource yara_rule static1/unpack001/nasrallah_x86.dll Rhadamanthys_v8 -
Rhadamanthys family
-
Unsigned PE 3 IoCs
Checks for missing Authenticode signature.
resource unpack001/Setup.exe unpack001/msvcp290.dll unpack001/vstdlib_s64.dll
Files
-
Armageddon.zip.zip
Password: 1234
-
Setup.exe.exe windows:6 windows x64 arch:x64
Password: 1234
d743740f06aa0a325bb5c948f63319ce
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
kernel32
CloseHandle
CompareStringW
CreateFileA
CreateFileW
DeleteCriticalSection
EncodePointer
EnterCriticalSection
ExitProcess
FindClose
FindFirstFileExW
FindNextFileW
FlsAlloc
FlsFree
FlsGetValue
FlsSetValue
FlushFileBuffers
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetConsoleMode
GetConsoleOutputCP
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetEnvironmentStringsW
GetFileSize
GetFileType
GetLastError
GetModuleFileNameW
GetModuleHandleExW
GetModuleHandleW
GetOEMCP
GetProcAddress
GetProcessHeap
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSectionAndSpinCount
InitializeSListHead
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
LCMapStringW
LeaveCriticalSection
LoadLibraryExW
MultiByteToWideChar
QueryPerformanceCounter
RaiseException
ReadFile
RtlCaptureContext
RtlLookupFunctionEntry
RtlPcToFileHeader
RtlUnwindEx
RtlVirtualUnwind
SetEnvironmentVariableW
SetFilePointerEx
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
WideCharToMultiByte
WriteConsoleW
WriteFile
Sections
.text Size: 344KB - Virtual size: 344KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 38KB - Virtual size: 38KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 5KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.gxfg Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.retplne Size: 512B - Virtual size: 140B
_RDATA Size: 512B - Virtual size: 500B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.bss Size: 359KB - Virtual size: 359KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
license.txt
-
msvcp290.dll.dll windows:6 windows x64 arch:x64
Password: 1234
221424c63ccf4fcca55a16bc0ecaa4f1
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
Imports
advapi32
RegCreateKeyExW
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
RegCloseKey
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
RegEnumKeyExW
RegEnumValueW
bcrypt
BCryptGenRandom
iphlpapi
GetNetworkParams
kernel32
TlsSetValue
TlsFree
SetLastError
FormatMessageW
GetLastError
GetCPInfoExW
GetConsoleMode
GetFileType
ReadFile
ReadConsoleW
WriteFile
WriteConsoleW
GetConsoleOutputCP
GetStdHandle
MultiByteToWideChar
WideCharToMultiByte
K32EnumProcessModulesEx
CloseHandle
IsWow64Process
GetExitCodeProcess
CreateProcessW
OpenProcess
K32EnumProcesses
K32GetModuleInformation
K32GetModuleBaseNameW
K32GetModuleFileNameExW
GetProcessId
DuplicateHandle
CreatePipe
GetCurrentProcess
GetConsoleCP
CloseThreadpoolIo
GetCurrentProcessId
RaiseFailFastException
TzSpecificLocalTimeToSystemTime
SystemTimeToFileTime
FileTimeToSystemTime
GetSystemTime
GetCalendarInfoEx
CompareStringOrdinal
CompareStringEx
FindNLSStringEx
GetLocaleInfoEx
ResolveLocaleName
GetUserPreferredUILanguages
FindStringOrdinal
GetTickCount64
GetCurrentThread
WaitForSingleObject
Sleep
DeleteCriticalSection
LocalFree
EnterCriticalSection
SleepConditionVariableCS
LeaveCriticalSection
WakeConditionVariable
QueryPerformanceCounter
InitializeCriticalSection
InitializeConditionVariable
WaitForMultipleObjectsEx
CreateThreadpoolWait
SetThreadpoolWait
WaitForThreadpoolWaitCallbacks
CloseThreadpoolWait
CreateThreadpoolWork
CloseThreadpoolWork
SubmitThreadpoolWork
QueryPerformanceFrequency
GetFullPathNameW
GetLongPathNameW
LocalAlloc
GetProcAddress
LocaleNameToLCID
LCMapStringEx
EnumTimeFormatsEx
EnumCalendarInfoExEx
CreateIoCompletionPort
CreateDirectoryW
CreateFileW
CreateThreadpoolIo
StartThreadpoolIo
CancelThreadpoolIo
DeleteFileW
DeviceIoControl
ExpandEnvironmentStringsW
FindClose
FindFirstFileExW
FlushFileBuffers
FreeLibrary
GetCurrentDirectoryW
GetFileAttributesExW
GetFileInformationByHandleEx
GetModuleFileNameW
GetOverlappedResult
GetSystemDirectoryW
LoadLibraryExW
SetFileAttributesW
SetFileInformationByHandle
SetFilePointerEx
SetThreadErrorMode
CreateThread
ResumeThread
GetThreadPriority
SetThreadPriority
GetDynamicTimeZoneInformation
GetTimeZoneInformation
GetCurrentProcessorNumberEx
SetEvent
CreateEventExW
GetEnvironmentVariableW
CreateProcessA
WriteProcessMemory
GetThreadContext
SetThreadContext
VirtualAllocEx
FlushProcessWriteBuffers
WaitForSingleObjectEx
RtlVirtualUnwind
RtlCaptureContext
RtlRestoreContext
AddVectoredExceptionHandler
FlsAlloc
FlsGetValue
FlsSetValue
CreateEventW
TerminateProcess
SwitchToThread
GetCurrentThreadId
SuspendThread
FlushInstructionCache
VirtualAlloc
VirtualProtect
VirtualFree
QueryInformationJobObject
GetModuleHandleW
GetModuleHandleExW
GetProcessAffinityMask
InitializeContext
GetEnabledXStateFeatures
SetXStateFeaturesMask
VirtualQuery
InitializeCriticalSectionEx
GetSystemTimeAsFileTime
ResetEvent
DebugBreak
SleepEx
GlobalMemoryStatusEx
GetSystemInfo
GetLogicalProcessorInformation
GetLogicalProcessorInformationEx
GetLargePageMinimum
VirtualUnlock
VirtualAllocExNuma
IsProcessInJob
GetNumaHighestNodeNumber
GetProcessGroupAffinity
K32GetProcessMemoryInfo
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
EncodePointer
RaiseException
RtlPcToFileHeader
InterlockedFlushSList
RtlUnwindEx
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
RtlLookupFunctionEntry
InitializeSListHead
ole32
CoGetApartmentType
CoUninitialize
CoTaskMemFree
CoWaitForMultipleHandles
CoCreateGuid
CoInitializeEx
CoTaskMemAlloc
user32
LoadStringW
api-ms-win-crt-heap-l1-1-0
malloc
calloc
_callnewh
free
api-ms-win-crt-math-l1-1-0
modf
tan
ceil
cos
floor
pow
sin
api-ms-win-crt-string-l1-1-0
strcpy_s
strncpy_s
strcmp
_stricmp
wcsncmp
api-ms-win-crt-convert-l1-1-0
strtoull
api-ms-win-crt-runtime-l1-1-0
_initialize_narrow_environment
_initialize_onexit_table
terminate
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initterm
_execute_onexit_table
abort
_crt_atexit
_cexit
_register_onexit_function
api-ms-win-crt-stdio-l1-1-0
__stdio_common_vsscanf
__stdio_common_vsprintf_s
__acrt_iob_func
__stdio_common_vfprintf
Exports
Exports
BidenHarris
Bolgorod
DonaldTrump
JoeDust
Kazan
Moscow
NizhnyNovgorod
Novosibirsk
Omsk
Perm
Samara
Tomsk
Yekaterinburg
Sections
.text Size: 459KB - Virtual size: 459KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.managed Size: 1.9MB - Virtual size: 1.9MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
hydrated Size: - Virtual size: 605KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 1.1MB - Virtual size: 1.1MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 10KB - Virtual size: 77KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 120KB - Virtual size: 120KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_RDATA Size: 512B - Virtual size: 500B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
nasrallah_x86.dll
-
tier0_s64.dll.dll windows:6 windows x64 arch:x64
Password: 1234
0cb93c77c0be071ba89ceffc11936dea
Code Sign
0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate
IssuerCN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before01/08/2022, 00:00Not After09/11/2031, 23:59SubjectCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
05:9b:1b:57:9e:8e:21:32:e2:39:07:bd:a7:77:75:5cCertificate
IssuerCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before01/08/2013, 12:00Not After15/01/2038, 12:00SubjectCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate
IssuerCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before23/03/2022, 00:00Not After22/03/2037, 23:59SubjectCN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate
IssuerCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before29/04/2021, 00:00Not After28/04/2036, 23:59SubjectCN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
0b:ae:66:bc:5a:ba:7f:95:87:c6:f9:e9:04:e3:33:04Certificate
IssuerCN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=USNot Before26/09/2024, 00:00Not After25/11/2035, 23:59SubjectCN=DigiCert Timestamp 2024,O=DigiCert,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
06:fb:83:d0:ba:7c:64:b9:57:84:9b:76:a8:c1:de:72Certificate
IssuerCN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=USNot Before12/10/2024, 00:00Not After08/10/2027, 23:59SubjectCN=Valve Corp.,O=Valve Corp.,L=Bellevue,ST=Washington,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
2d:5a:5e:f2:3e:81:f6:f2:11:ad:1a:59:16:63:2e:a9:cc:aa:31:98:a2:7a:d8:fe:6f:d6:75:49:97:04:bc:6bSigner
Actual PE Digest2d:5a:5e:f2:3e:81:f6:f2:11:ad:1a:59:16:63:2e:a9:cc:aa:31:98:a2:7a:d8:fe:6f:d6:75:49:97:04:bc:6bDigest Algorithmsha256PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
C:\buildworker\steam_rel_client_win64\build\src\tier0\win64\Release\tier0_s64.pdb
Imports
kernel32
GetProcessAffinityMask
VerSetConditionMask
Sleep
GetCurrentThread
GetModuleHandleA
GetProcAddress
SetProcessAffinityMask
SetThreadAffinityMask
VerifyVersionInfoW
GetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
IsDebuggerPresent
OutputDebugStringA
TerminateProcess
GetProcessHeap
GetProcessHeaps
HeapLock
HeapUnlock
HeapWalk
HeapQueryInformation
GetCommandLineA
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
DebugBreak
LoadLibraryA
HeapAlloc
HeapFree
HeapSetInformation
GlobalMemoryStatusEx
VirtualAlloc
VirtualFree
SetUnhandledExceptionFilter
GetModuleFileNameW
LoadLibraryExA
LoadLibraryW
MultiByteToWideChar
WideCharToMultiByte
RtlCaptureStackBackTrace
GetCommandLineW
CloseHandle
WaitForSingleObject
CreateProcessA
GetComputerNameExW
VirtualProtect
GetModuleFileNameA
LocalAlloc
LocalFree
QueryPerformanceCounter
QueryPerformanceFrequency
GetSystemTimeAsFileTime
SetThreadPriority
SetPriorityClass
CreateFileA
DeviceIoControl
GetVersionExA
DebugActiveProcess
GetSystemInfo
DuplicateHandle
RaiseException
SetLastError
TryEnterCriticalSection
SetEvent
ResetEvent
ReleaseSemaphore
ReleaseMutex
CreateMutexA
CreateEventA
WaitForMultipleObjects
GetExitCodeProcess
SwitchToThread
CreateThread
GetCurrentThreadId
OpenThread
GetThreadPriority
TerminateThread
GetExitCodeThread
SuspendThread
ResumeThread
GetProcessId
OpenProcess
CreateSemaphoreA
SetEnvironmentVariableW
SetCurrentDirectoryW
GetCurrentDirectoryW
CreateDirectoryW
CreateFileW
DeleteFileW
GetFileAttributesW
GetFullPathNameW
GetShortPathNameW
GetTempFileNameW
RemoveDirectoryW
SetFileAttributesW
GetTempPathW
OutputDebugStringW
CreateProcessW
GetBinaryTypeW
CopyFileW
MoveFileW
MoveFileExW
ReplaceFileW
SetEndOfFile
WriteConsoleW
ReadConsoleW
ReadFile
SetStdHandle
GetStringTypeW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
GetTimeZoneInformation
HeapReAlloc
SetFilePointerEx
GetFileSizeEx
GetConsoleMode
GetCurrentProcess
GlobalLock
GlobalUnlock
GlobalAlloc
DebugActiveProcessStop
GetCurrentProcessId
GetConsoleOutputCP
WriteFile
FlushFileBuffers
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
WakeAllConditionVariable
SleepConditionVariableSRW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
GetModuleHandleW
InitializeSListHead
RtlPcToFileHeader
RtlUnwindEx
InterlockedFlushSList
EncodePointer
HeapValidate
HeapSize
GetDriveTypeW
ExitProcess
GetModuleHandleExW
GetStdHandle
GetFileType
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
CompareStringW
LCMapStringW
RtlUnwind
user32
EnumWindows
MessageBoxA
GetWindowRect
GetWindowTextLengthA
EmptyClipboard
GetDesktopWindow
GetWindowThreadProcessId
CloseClipboard
OpenClipboard
SetDlgItemTextA
GetDlgItemInt
SetDlgItemInt
GetDlgItem
EndDialog
DialogBoxParamA
IsWindowVisible
SetWindowPos
wsprintfA
SetClipboardData
advapi32
InitializeSecurityDescriptor
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
SetSecurityDescriptorDacl
shell32
ShellExecuteExW
CommandLineToArgvW
SHGetFolderPathW
psapi
GetProcessMemoryInfo
Exports
Exports
??0CAdHocValidation@@QEAA@AEBV0@@Z
??0CAdHocValidation@@QEAA@XZ
??0CAdHocValidation_SimpleCallback@@QEAA@$$QEAV0@@Z
??0CAdHocValidation_SimpleCallback@@QEAA@AEBV0@@Z
??0CAdHocValidation_SimpleCallback@@QEAA@P6AXAEAVCValidator@@@Z@Z
??0CStack@@QEAA@XZ
??0CThread@@QEAA@XZ
??0CThreadEvent@@QEAA@PEAX_N@Z
??0CThreadEvent@@QEAA@PEBD_N1@Z
??0CThreadEvent@@QEAA@_N@Z
??0CThreadFullMutex@@QEAA@_NPEBD00@Z
??0CThreadLocalBase@@QEAA@XZ
??0CThreadMutex@@QEAA@XZ
??0CThreadRWLock@@QEAA@XZ
??0CThreadSemaphore@@QEAA@JJ@Z
??0CThreadSyncObject@@IEAA@XZ
??0CVProfManager@@QEAA@XZ
??0CVProfNode@@QEAA@PEAVCVProfile@@PEBDPEAV0@W4EVProfBugdetGroup@@@Z
??0CVProfile@@QEAA@XZ
??0CVProfileArray@@QEAA@XZ
??0CVProfileThreadEntry@@QEAA@PEAVCVProfile@@II@Z
??0CValidator@@QEAA@H_NPEAVIMemBlockClaimedList@@@Z
??0CWorkerThread@@QEAA@XZ
??1CAdHocValidation@@QEAA@XZ
??1CAdHocValidation_SimpleCallback@@QEAA@XZ
??1CStack@@QEAA@XZ
??1CThread@@UEAA@XZ
??1CThreadEvent@@QEAA@XZ
??1CThreadFullMutex@@QEAA@XZ
??1CThreadLocalBase@@QEAA@XZ
??1CThreadMutex@@QEAA@XZ
??1CThreadRWLock@@QEAA@XZ
??1CThreadSemaphore@@QEAA@XZ
??1CThreadSyncObject@@QEAA@XZ
??1CVProfManager@@QEAA@XZ
??1CVProfNode@@QEAA@XZ
??1CVProfile@@QEAA@XZ
??1CVProfileArray@@QEAA@XZ
??1CValidator@@QEAA@XZ
??1CWorkerThread@@UEAA@XZ
??4?$AssertMsgHelper@$00@@QEAAAEAV0@$$QEAV0@@Z
??4?$AssertMsgHelper@$00@@QEAAAEAV0@AEBV0@@Z
??4?$AssertMsgHelper@$0A@@@QEAAAEAV0@$$QEAV0@@Z
??4?$AssertMsgHelper@$0A@@@QEAAAEAV0@AEBV0@@Z
??4CAdHocValidation@@QEAAAEAV0@AEBV0@@Z
??4CStack@@QEAAAEAV0@AEBV0@@Z
??4CThreadLocalBase@@QEAAAEAV0@AEBV0@@Z
??4CTier0@@QEAAAEAV0@$$QEAV0@@Z
??4CTier0@@QEAAAEAV0@AEBV0@@Z
??4CVProfileArray@@QEAAAEAV0@AEBV0@@Z
??4CVProfileThreadEntry@@QEAAAEAV0@$$QEAV0@@Z
??4CVProfileThreadEntry@@QEAAAEAV0@AEBV0@@Z
??4CValidator@@QEAAAEAV0@AEBV0@@Z
??7CThreadSyncObject@@QEBA_NXZ
??BCThreadSyncObject@@QEAAPEAXXZ
??_7CAdHocValidation@@6B@
??_7CAdHocValidation_SimpleCallback@@6B@
??_7CThread@@6B@
??_7CWorkerThread@@6B@
??_FCThreadEvent@@QEAAXXZ
??_FCThreadFullMutex@@QEAAXXZ
?Add@CStack@@QEAAX_K@Z
?AddBudgetGroupName@CVProfile@@IEAAXW4EVProfBugdetGroup@@HPEBD@Z
?AddProfileForThread@CVProfManager@@QEAAPEAVCVProfileThreadEntry@@PEAVCVProfile@@II@Z
?AddToTotal@CValidator@@QEAAX_K@Z
?AddValidationLock@CValidator@@QEAAXPEAVCThreadMutex@@@Z
?AllocVProfNode@CVProfile@@QEAAPEAVCVProfNode@@PEAV1@PEBDPEAV2@W4EVProfBugdetGroup@@@Z
?AssertFailed@?$AssertMsgHelper@$00@@SA_NPEBDI0@Z
?AssertFailed@?$AssertMsgHelper@$0A@@@SA_NPEBDI0ZZ
?AssertOwnedByCurrentThread@CThreadFullMutex@@QEAA_NXZ
?AssertOwnedByCurrentThread@CThreadMutex@@QEAA_NXZ
?AssertUseable@CThreadSyncObject@@IEAAXXZ
?AtRoot@CVProfile@@QEBA_NXZ
?BCountingOnly@CValidator@@QEAA_NXZ
?BExcludeAllocationFromTracking@CValidator@@AEAA_NPEBDH@Z
?BHasValidThreadID@CThread@@QEBA_NXZ
?BIsProfilePtrValid@CVProfManager@@QEAA_NPEAVCVProfile@@@Z
?BIsProfilingAllThreads@CVProfManager@@QEAA_NXZ
?BIsValid@CThreadLocalBase@@QEBA_NXZ
?BLockForReadNoWait@CThreadRWLock@@QEAA_NXZ
?BMemLeaks@CValidator@@QEAA_NXZ
?BProfileHasNodesOutsideBudgetGroup_Recursive@CVProfile@@IEAA_NPEAVCVProfNode@@H@Z
?BoostPriority@CWorkerThread@@QEAAHXZ
?BudgetGroupNameToBudgetGroupID@CVProfile@@QEBA?AW4EVProfBugdetGroup@@PEBD@Z
?CalcStackDepth@CThread@@QEAA_KPEAX@Z
?CalculateCRC@CStack@@QEAAXXZ
?Call@CWorkerThread@@IEAAHII_NP6AIIPEBQEAXHI@Z@Z
?CallMaster@CWorkerThread@@QEAAHII@Z
?CallWorker@CWorkerThread@@QEAAHII_N@Z
?Check@CThreadEvent@@QEAA_NXZ
?ClaimArrayMemory@CValidator@@QEAAXPEBX@Z
?ClaimConnection@CValidator@@QEAAXI@Z
?ClaimMemory@CValidator@@QEAAXPEBX@Z
?ClaimMemory_Aligned@CValidator@@QEAAXPEBX@Z
?ClaimOsFile@CValidator@@QEAAXPEAX@Z
?ClaimSocket@CValidator@@QEAAX_K@Z
?ClaimTrackedKey@CValidator@@AEAAXPEAVCTrackItems@@PEAXPEA_K@Z
?ClaimUntrackedMemory@CValidator@@QEAAX_K@Z
?CleanupUnusedProfiles@CVProfManager@@QEAAXXZ
?CreateBudgetGroups@CVProfile@@IEAAXXZ
?CreateSimpleThread@@YAPEAXP6AIPEAX@Z0PEAII@Z
?DeleteProfile@CVProfileThreadEntry@@QEAAXXZ
?DestructAndFreeNodesExceptRoot@CVProfile@@IEAAXXZ
?DiffAgainst@CValidator@@QEAAXPEAV1@@Z
?DoValidate@CAdHocValidation_SimpleCallback@@MEBAXAEAVCValidator@@@Z
?Dump@CVProfile@@IEAAXPEBDZZ
?DumpAllThreadProfiles@CVProfManager@@QEAAXH@Z
?DumpNodes@CVProfile@@IEAAXPEAVCVProfNode@@0H_N@Z
?DumpProfile@CVProfileThreadEntry@@QEAAXH@Z
?DumpSingleNode@CVProfile@@IEAAXPEAVCVProfNode@@0H_N@Z
?DumpSorted@CVProfile@@IEAAXPEBDNP6A_NAEBUTimeSums_t@@1@ZH@Z
?EnableDumpSpikes@CVProfManager@@QEAAXH@Z
?EnterScope@CVProfNode@@QEAAXPEAX@Z
?EnterScope@CVProfile@@QEAA_NPEBDW4EVProfBugdetGroup@@PEAX@Z
?ExitScope@CVProfNode@@QEAA_NXZ
?ExitScope@CVProfile@@QEAAXXZ
?Finalize@CValidator@@QEAAXXZ
?FindNode@CVProfile@@QEAAPEAVCVProfNode@@PEAV2@PEBD@Z
?FindObject@CValidator@@QEAAPEAVCValObject@@PEAX@Z
?Get@CThreadLocalBase@@QEBAPEAXXZ
?GetAllThreadProfiles@CVProfManager@@QEAAXPEAVCVProfileArray@@@Z
?GetBudgetGroupColor@CVProfile@@QEAAXW4EVProfBugdetGroup@@AEAH111@Z
?GetBudgetGroupID@CVProfNode@@QEBA?AW4EVProfBugdetGroup@@XZ
?GetBudgetGroupName@CVProfile@@QEBAPEBDW4EVProfBugdetGroup@@@Z
?GetCPUInformation@@YAAEBUCPUInformation@@XZ
?GetCallHandle@CWorkerThread@@QEAAPEAXXZ
?GetCallParam@CWorkerThread@@QEBAIXZ
?GetChild@CVProfNode@@QEAAPEAV1@XZ
?GetClientData@CVProfNode@@QEBAHXZ
?GetCount@CVProfileArray@@QEAAHXZ
?GetCubTotal@CValidator@@QEAA_JXZ
?GetCurCalls@CVProfNode@@QEBAHXZ
?GetCurTime@CVProfNode@@QEBANXZ
?GetCurTimeLessChildren@CVProfNode@@QEAANXZ
?GetCurrentCThread@CThread@@SAPEAV1@XZ
?GetCurrentNode@CVProfile@@QEAAPEAVCVProfNode@@XZ
?GetCurrentScope@CVProfNode@@QEAAPEAXXZ
?GetCurrentScope@CVProfile@@QEAAPEAXXZ
?GetFrameTimeOutsideBudgetGroup_Recursive@CVProfile@@QEAANPEAVCVProfNode@@W4EVProfBugdetGroup@@@Z
?GetName@CThread@@QEAAPEBDXZ
?GetName@CVProfNode@@QEAAPEBDXZ
?GetNumConnections@CValidator@@QEAA_KXZ
?GetNumFrames@CStack@@QEBAHXZ
?GetNumOsFiles@CValidator@@QEAA_KXZ
?GetNumSockets@CValidator@@QEAA_KXZ
?GetOrigNameAddress@CVProfNode@@QEAAPEBXXZ
?GetParent@CVProfNode@@QEAAPEAV1@XZ
?GetPeakFrameTime@CVProfile@@QEBANXZ
?GetPeakTime@CVProfNode@@QEBANXZ
?GetPrevCalls@CVProfNode@@QEBAHXZ
?GetPrevTime@CVProfNode@@QEBANXZ
?GetPrevTimeLessChildren@CVProfNode@@QEAANXZ
?GetPriority@CThread@@QEBAHXZ
?GetProfile@CVProfNode@@QEAAPEAVCVProfile@@XZ
?GetProfile@CVProfileArray@@QEAAPEAVCVProfile@@H@Z
?GetProfile@CVProfileThreadEntry@@QEAAPEAVCVProfile@@XZ
?GetResult@CThread@@QEBAHXZ
?GetRoot@CVProfile@@QEAAPEAVCVProfNode@@XZ
?GetSibling@CVProfNode@@QEAAPEAV1@XZ
?GetSubNode@CVProfNode@@QEAAPEAV1@PEBDW4EVProfBugdetGroup@@@Z
?GetThreadEntry@CVProfile@@QEAAPEAVCVProfileThreadEntry@@XZ
?GetThreadHandle@CThread@@QEBAPEAXXZ
?GetThreadID@CVProfile@@QEAAIXZ
?GetThreadID@CVProfileThreadEntry@@QEAAIXZ
?GetThreadId@CThread@@QEBAIXZ
?GetThreadName@CVProfile@@QEAAPEBDXZ
?GetThreadProc@CThread@@EEAAP6AIPEAX@ZXZ
?GetThreadRunningRef@CVProfileThreadEntry@@QEAAIXZ
?GetTimeLastFrame@CVProfile@@QEBANXZ
?GetTotalCalls@CVProfNode@@QEBAHXZ
?GetTotalTime@CVProfNode@@QEBANXZ
?GetTotalTimeLessChildren@CVProfNode@@QEAANXZ
?GetTotalTimeSampled@CVProfile@@QEBANXZ
?Handle@CThreadSyncObject@@QEAAPEAXXZ
?Init@CThread@@MEAA_NXZ
?IsAlive@CThread@@QEBA_NXZ
?IsClaimed@CValidator@@QEBA_NPEBX@Z
?IsCreator@CThreadFullMutex@@QEBA_NXZ
?IsEnabled@CVProfile@@QEBA_NXZ
?IsThreadRunning@CThread@@MEBA_NXZ
?IsValid@CThreadSyncObject@@QEBA_NXZ
?Join@CThread@@QEAA_NI@Z
?Lock@CThreadFullMutex@@QEAAXXZ
?Lock@CThreadMutex@@QEAAXXZ
?Lock@CThreadMutex@@QEBAXXZ
?Lock@CThreadSpinLock@@AECAXI@Z
?LockForRead@CThreadRWLock@@QEAAXXZ
?LockForRead@CThreadRWLock@@QEBAXXZ
?LockForWrite@CThreadRWLock@@QEAAXXZ
?LockForWrite@CThreadRWLock@@QEBAXXZ
?MarkFrame@CVProfNode@@QEAAXXZ
?MarkFrame@CVProfile@@QEAAXPEBD@Z
?NGetPC@CStack@@QEBA_KH@Z
?NumFramesSampled@CVProfile@@QEBAHXZ
?OnExit@CThread@@MEAAXXZ
?OnFrameCompleted@CVProfileThreadEntry@@QEAAXXZ
?OnNewFrameEntered@CVProfileThreadEntry@@QEAAXXZ
?OutputReport@CVProfile@@QEAAXHPEBDH@Z
?PMEEnable@CVProfile@@QEAAX_N@Z
?PMEInitialized@CVProfile@@QEAAX_N@Z
?PValObjectFirst@CValidator@@QEAAPEAVCValObject@@XZ
?Pause@CVProfNode@@QEAAXXZ
?Pause@CVProfile@@QEAAXXZ
?PeekCall@CWorkerThread@@QEAA_NPEAI@Z
?Pop@CValidator@@QEAAXXZ
?Print@CStack@@QEBAXP6AXHPEBUPrintFrame@1@PEAX@Z1@Z
?Push@CValidator@@QEAAXPEBDPEAX0@Z
?RegisterCallbackHandler@CVProfile@@QEAAXPEAVIVProfileCallbackHandler@@@Z
?Release@CThreadFullMutex@@QEAA_NXZ
?Release@CThreadSemaphore@@QEAA_NJ@Z
?RenderLeaks@CValidator@@QEAA_N_K@Z
?RenderObjects@CValidator@@QEAAX_K@Z
?Reply@CWorkerThread@@QEAAXI@Z
?Reset@CStack@@QEAAXXZ
?Reset@CThreadEvent@@QEAA_NXZ
?Reset@CVProfNode@@QEAAXXZ
?Reset@CVProfile@@QEAAXXZ
?ResetPeak@CVProfNode@@QEAAXXZ
?ResetPeaks@CVProfile@@QEAAXXZ
?Resume@CThread@@QEAAIXZ
?Resume@CVProfNode@@QEAAXXZ
?Resume@CVProfile@@QEAAXXZ
?Set@CThreadEvent@@QEAA_NXZ
?Set@CThreadLocalBase@@QEAAXPEAX@Z
?SetAllocSizeFilter@CValidator@@QEAAXH@Z
?SetClientData@CVProfNode@@QEAAXH@Z
?SetCurFrameTime@CVProfNode@@QEAAXK@Z
?SetDumpFunc@CVProfile@@QEAAXP6AXPEBD@Z@Z
?SetDumpSpikesThreshold@CVProfileThreadEntry@@QEAAXH@Z
?SetExitQuietly@CThread@@QEAAXXZ
?SetName@CThread@@QEAAXPEBD@Z
?SetPriority@CThread@@QEAA_NH@Z
?SetThreadEntry@CVProfile@@QEAAXPEAVCVProfileThreadEntry@@@Z
?SetTrace@CThreadFullMutex@@QEAAX_N@Z
?SetTrace@CThreadMutex@@QEAAX_N@Z
?Sleep@CThread@@SAXI@Z
?Start@CThread@@QEAA_N_K@Z
?Start@CVProfile@@QEAAXXZ
?StartProfiling@CVProfileThreadEntry@@QEAAXMH@Z
?StartProfilingAllThreads@CVProfManager@@QEAAXMH@Z
?StaticValidateAll@CAdHocValidation@@SAXAEAVCValidator@@@Z
?Stop@CThread@@QEAAXH@Z
?Stop@CVProfile@@QEAAXXZ
?StopProfiling@CVProfileThreadEntry@@QEAAXXZ
?StopProfilingAllThreads@CVProfManager@@QEAAXXZ
?SumTimes@CVProfile@@IEAAXPEAVCVProfNode@@H@Z
?Suspend@CThread@@QEAAIXZ
?Term@CVProfile@@QEAAXXZ
?Terminate@CThread@@QEAA_NH@Z
?ThreadExceptionWrapper@CThread@@CAXPEAX@Z
?ThreadGetProcessExitCode@@YA_NPEAXPEAH@Z
?ThreadProc@CThread@@CAIPEAX@Z
?ThreadTerminateProcessCode@@YA_NPEAXH@Z
?TryLock@CThreadFullMutex@@QEAA_NI@Z
?TryLock@CThreadMutex@@QEAA_NH@Z
?TryLock@CThreadMutex@@QEBA_NXZ
?Unlock@CThreadFullMutex@@QEAAXXZ
?Unlock@CThreadMutex@@QEAAXXZ
?Unlock@CThreadMutex@@QEBAXXZ
?UnlockRead@CThreadRWLock@@QEAAXXZ
?UnlockRead@CThreadRWLock@@QEBAXXZ
?UnlockValidationLocks@CValidator@@QEAAXXZ
?UnlockWrite@CThreadRWLock@@QEAAXXZ
?UnlockWrite@CThreadRWLock@@QEBAXXZ
?UnregisterCallbackHandler@CVProfile@@QEAAXPEAVIVProfileCallbackHandler@@@Z
?UsePME@CVProfile@@QEAA_NXZ
?Validate@CVProfManager@@QEAAXAEAVCValidator@@PEBD@Z
?Validate@CVProfNode@@QEAAXAEAVCValidator@@PEBD@Z
?Validate@CVProfile@@QEAAXAEAVCValidator@@PEBD@Z
?Validate@CValidator@@QEAAXAEAV1@PEBD@Z
?ValidateGlobals@CTier0@@SAXAEAVCValidator@@@Z
?Wait@CThreadSyncObject@@QEAA_NI@Z
?WaitForCall@CWorkerThread@@QEAA_NIPEAI@Z
?WaitForCall@CWorkerThread@@QEAA_NPEAI@Z
?WaitForCreateComplete@CThread@@AEAA_NPEAVCThreadEvent@@@Z
?WaitForRead@CThreadRWLock@@AEAAXXZ
?WaitForReply@CWorkerThread@@IEAAHIP6AIIPEBQEAXHI@Z@Z
?WaitForReply@CWorkerThread@@QEAAHI@Z
?Yield@CThread@@SAXXZ
?g_bInException@@3_NC
?s_pFirst@CAdHocValidation@@0PEAV1@EA
AllocateCrashMemoryReserve
AreStackTrackingFiltersEnabledAtStart
AssertMsgImplementationF
AssertMsgImplementationPreformatted
AssertMsgImplementationV
BBlockingGetMiniDumpLock
BGetLocalFQDN
BGetMiniDumpLock
BThreadFileIOAllowed
BWritingFatalMiniDump
BWritingMiniDump
BWritingNonFatalMiniDump
CVProfile_ExitScope
CallAssertFailedNotifyFunc
CallFlushLogFunc
CatchAndWriteMiniDump
CatchAndWriteMiniDumpEx
CatchAndWriteMiniDumpExForVoidPtrFn
CatchAndWriteMiniDumpExReturnsInt
CatchAndWriteMiniDumpForVoidPtrFn
ClearStackTrackingFilters
ClearWritingMiniDump
CopyFileUTF8
CrackSmokingCompiler
CreateDirectoryUTF8
CreateFileUTF8
CreateProcessUTF8
CreateSimpleProcess
DLog
DWarning
DeclareCurrentThreadIsMainThread
DeleteFileUTF8
DoNewAssertDialog
ETWBegin
ETWEnd
ETWIsTracingEnabled
ETWMark
ETWMark1I
ETWMark1S
ETWMark2I
ETWMark2S
ETWMark3I
ETWMarkPrintf
ETWOverlayFrameMark
ETWRenderFrameMark
ETW_Steamworks_DispatchCallback_End_
ETW_Steamworks_DispatchCallback_Start
ETW_Steamworks_IPCRecv_End_
ETW_Steamworks_IPCRecv_Start
ETW_Steamworks_IPCSend_End_
ETW_Steamworks_IPCSend_Start
ETW_Steamworks_RunCallbacks_End_
ETW_Steamworks_RunCallbacks_Start
ETW_Streaming_SendPacket
EnableCrashingOnCrashes
EnsureValidBoolValue
Error
FreeCrashMemoryReserve
GetAvailableRAM
GetBinaryTypeUTF8
GetCRunTimeVersion
GetCrashHandlerFactory
GetCurrentDirectoryUTF8
GetFileAttributesUTF8
GetFullPathNameUTF8
GetInstalledRAM
GetLocalHostname
GetMiniDumpBuildID
GetMiniDumpDirectory
GetMiniDumpSteamID
GetModuleFileNameUTF8
GetNumberOfSpewAndLogGroups
GetNumberOfStackTrackingFilters
GetPortableSystemInformation
GetShortPathNameUTF8
GetSpewAndLogLevel
GetSpewAndLogLevelByGroupIndex
GetSpewOutputFunc
GetStackTrackingFilter
GetTempFileNameUTF8
GetTempPathUTF8
HasStackTrackingFilters
InitPME
InitializeStackTrackingFilters
Is64BitOS
IsInAssert
IsInFatalAssert
IsLogActive
IsSpewActive
IsStackTrackingFiltered
IsValidBoolValue
LoadLibraryUTF8
Log
MiniDumpUnlock
MoveFileExUTF8
MoveFileUTF8
Msg
OutputDebugStringUTF8
Plat_AbsoluteTime
Plat_AbsoluteTimeToFloat
Plat_Alloc
Plat_AttachDebuggerToProcess
Plat_CommandLineParamExists
Plat_CommandLineParamValue
Plat_EventActivityIdControl
Plat_EventRegister
Plat_EventUnregister
Plat_EventWriteTransfer
Plat_ExitProcess
Plat_FloatTime
Plat_Free
Plat_GetExecutablePath
Plat_GetExecutablePathUTF8
Plat_GetPOSIXClockSource
Plat_GetProcessArgv
Plat_GetStackBackTrace
Plat_IsChromeOS
Plat_IsGamescope
Plat_IsInDebugSession
Plat_IsSteamConsoleMode
Plat_IsSteamDeck
Plat_IsSteamOS
Plat_IsSteamOS3
Plat_IsTesla
Plat_IsWSL
Plat_MSTime
Plat_MSTime64
Plat_OutputDebugString
Plat_OutputDebugStringRaw
Plat_Realloc
Plat_RelativeTickFrequency
Plat_RelativeTicks
Plat_TickAddMicroSec
Plat_TickDiffMicroSec
Plat_TickDiffMilliSec
Plat_USTime
Plat_VirtualAccessFlags
Plat_VirtualAlloc
Plat_VirtualFree
Plat_VirtualProtect
Plat_asctime
Plat_ctime
Plat_daylight
Plat_gmtime
Plat_localtime
Plat_timegm
Plat_timezone
RealGetCallStack
RealPrintCallStack
RealPrintRawCallStack
ReleaseThreadHandle
RemoveDirectoryUTF8
ReplaceFileUTF8
RunTypeValidationTests
SHGetFolderPathUTF8
SecureRandomBytes
SetAssertDumpStack
SetAssertFailedNotifyFunc
SetCurrentDirectoryUTF8
SetEnvironmentVariableUTF8
SetFileAttributesUTF8
SetFlushLogFunc
SetFullMemoryDumpOnCrash
SetInAssert
SetInFatalAssert
SetMiniDumpAppID
SetMiniDumpBuildID
SetMiniDumpCustomInfo
SetMiniDumpProcessNameOverride
SetMiniDumpSteamID
SetStackTrackingFilter
ShouldUseNewAssertDialog
ShutdownPME
SpewActivate
SpewAndLogActivate
SpewAndLogChangeIfStillDefault
SpewChangeIfStillDefault
SpewOutputFunc
SpewWrittenMiniDumps
TSListBase_Init
TSListBase_Pop
TSListBase_Push
TSListBase_SwapList
TSListBase_UnsafePeek
TSQueueBase_Init
TSQueueBase_Pop
TSQueueBase_Push
TSQueueBase_UnsafeDummy
TSQueueBase_UnsafePeek
TSQueue_PopIntoFreeList
TSQueue_UnsafeDebugCheck
ThreadCloseProcess
ThreadFindProcessByName
ThreadGetCurrentHandle
ThreadGetCurrentId
ThreadGetCurrentProcessHandle
ThreadGetCurrentProcessId
ThreadGetCurrentRunningRef
ThreadGetPriority
ThreadGetProcessExitCode
ThreadGetProcessId
ThreadImplOneTimeInit
ThreadInMainThread
ThreadInterlockedAssignIf128
ThreadInterlockedAssignPointerIf
ThreadInterlockedCompareExchangePointer
ThreadInterlockedExchangePointer
ThreadIsProcessActive
ThreadIsProcessIdActive
ThreadIsThreadRunning
ThreadOpenProcess
ThreadResumeProcess
ThreadSetAffinity
ThreadSetBackgroundPriority
ThreadSetDebugName
ThreadSetFileIOAllowed
ThreadSetPriority
ThreadShellExecute
ThreadShellExecuteNoWindow
Sections
.text Size: 271KB - Virtual size: 270KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 102KB - Virtual size: 101KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 1.2MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 17KB - Virtual size: 16KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
vcruntime210.dll
-
vstdlib_s64.dll.dll windows:6 windows x64 arch:x64
Password: 1234
90ea9a0cd2f70f29478e1f4c341a9444
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
})QrnQS0J""l}HR3o?QYtsD$mRLy2%lJE~2\u?8:F|>mL\wkG(&)N@_e$Wg0Ukq=v$mt;@ow*>S6B?ULZ(k(
Imports
advapi32
RegCloseKey
RegEnumKeyExW
RegEnumValueW
RegOpenKeyExW
RegQueryValueExW
EventWrite
EventRegister
EventEnabled
OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueW
bcrypt
BCryptGenRandom
iphlpapi
GetNetworkParams
if_nametoindex
kernel32
TlsSetValue
TlsFree
SetLastError
FormatMessageW
GetLastError
GetCPInfoExW
GetConsoleMode
GetFileType
ReadFile
ReadConsoleW
WriteFile
WriteConsoleW
GetConsoleOutputCP
GetStdHandle
MultiByteToWideChar
WideCharToMultiByte
CreateProcessW
WaitForSingleObject
CloseHandle
LocalFree
OpenProcess
TerminateProcess
FreeConsole
GetCurrentProcess
VirtualProtect
GetModuleHandleW
QueryPerformanceCounter
CloseThreadpoolIo
ExitProcess
TzSpecificLocalTimeToSystemTime
SystemTimeToFileTime
FileTimeToSystemTime
GetSystemTime
GetCalendarInfoEx
CompareStringOrdinal
CompareStringEx
FindNLSStringEx
GetLocaleInfoEx
ResolveLocaleName
GetUserPreferredUILanguages
FindStringOrdinal
GetTickCount64
GetCurrentProcessorNumber
GetCurrentThread
Sleep
InitializeCriticalSection
InitializeConditionVariable
DeleteCriticalSection
EnterCriticalSection
SleepConditionVariableCS
LeaveCriticalSection
WakeConditionVariable
WaitForMultipleObjectsEx
QueryPerformanceFrequency
GetFullPathNameW
GetLongPathNameW
GetCPInfo
LocalAlloc
GetProcAddress
RaiseFailFastException
CreateThreadpoolIo
StartThreadpoolIo
CancelThreadpoolIo
LocaleNameToLCID
LCMapStringEx
EnumTimeFormatsEx
EnumCalendarInfoExEx
CreateDirectoryW
CreateFileW
DeleteFileW
DeviceIoControl
ExpandEnvironmentStringsW
FindClose
FindFirstFileExW
FlushFileBuffers
FreeLibrary
GetFileAttributesExW
GetFileInformationByHandleEx
GetOverlappedResult
GetSystemDirectoryW
LoadLibraryExW
SetFileAttributesW
SetFileInformationByHandle
SetThreadErrorMode
GetDynamicTimeZoneInformation
GetTimeZoneInformation
SetEvent
CreateEventExW
GetEnvironmentVariableW
CreateThread
ResumeThread
DuplicateHandle
GetThreadPriority
SetThreadPriority
CancelIoEx
FlushProcessWriteBuffers
GetCurrentThreadId
WaitForSingleObjectEx
RtlVirtualUnwind
RtlRestoreContext
AddVectoredExceptionHandler
FlsAlloc
FlsGetValue
FlsSetValue
CreateEventW
SwitchToThread
SuspendThread
GetThreadContext
SetThreadContext
FlushInstructionCache
VirtualAlloc
VirtualFree
QueryInformationJobObject
GetModuleHandleExW
GetProcessAffinityMask
InitializeContext
GetEnabledXStateFeatures
SetXStateFeaturesMask
VirtualQuery
InitializeCriticalSectionEx
GetSystemTimeAsFileTime
ResetEvent
DebugBreak
SleepEx
GlobalMemoryStatusEx
GetSystemInfo
GetTickCount
GetLogicalProcessorInformation
GetLogicalProcessorInformationEx
GetLargePageMinimum
VirtualUnlock
GetWriteWatch
ResetWriteWatch
VirtualAllocExNuma
IsProcessInJob
GetNumaHighestNodeNumber
GetProcessGroupAffinity
K32GetProcessMemoryInfo
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
EncodePointer
RaiseException
RtlPcToFileHeader
InterlockedFlushSList
RtlUnwindEx
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
RtlLookupFunctionEntry
RtlCaptureContext
InitializeSListHead
GetCurrentProcessId
SleepConditionVariableSRW
WakeAllConditionVariable
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
ole32
CoGetApartmentType
CoUninitialize
CoTaskMemFree
CoWaitForMultipleHandles
CoCreateGuid
CoInitializeEx
CoTaskMemAlloc
user32
LoadStringW
ws2_32
WSAIoctl
WSAConnect
shutdown
closesocket
GetAddrInfoW
FreeAddrInfoW
WSASocketW
WSAStartup
WSACleanup
getsockopt
ioctlsocket
recv
select
setsockopt
api-ms-win-crt-heap-l1-1-0
free
malloc
_callnewh
calloc
api-ms-win-crt-math-l1-1-0
ceil
cos
floor
pow
sin
tan
modf
api-ms-win-crt-string-l1-1-0
strncpy_s
_stricmp
_wcsicmp
strcpy_s
wcsncmp
strcmp
api-ms-win-crt-runtime-l1-1-0
_configure_narrow_argv
_seh_filter_dll
_initialize_narrow_environment
_cexit
abort
_initterm_e
_initterm
_execute_onexit_table
_initialize_onexit_table
terminate
api-ms-win-crt-stdio-l1-1-0
__stdio_common_vsscanf
__stdio_common_vfprintf
__acrt_iob_func
__stdio_common_vsprintf_s
Exports
Exports
??0CCommandLineParam@@QEAA@PEBD0@Z
??0CGaussianRandomStream@@QEAA@PEAVIUniformRandomStream@@@Z
??0CUniformRandomStream@@QEAA@$$QEAV0@@Z
??0CUniformRandomStream@@QEAA@AEBV0@@Z
??0CUniformRandomStream@@QEAA@XZ
??1CCommandLineParam@@QEAA@XZ
??4CGaussianRandomStream@@QEAAAEAV0@$$QEAV0@@Z
??4CGaussianRandomStream@@QEAAAEAV0@AEBV0@@Z
??4CStringNormalization@@QEAAAEAV0@$$QEAV0@@Z
??4CStringNormalization@@QEAAAEAV0@AEBV0@@Z
??4CURLUtils@@QEAAAEAV0@$$QEAV0@@Z
??4CURLUtils@@QEAAAEAV0@AEBV0@@Z
??4CUniformRandomStream@@QEAAAEAV0@$$QEAV0@@Z
??4CUniformRandomStream@@QEAAAEAV0@AEBV0@@Z
??BCCommandLineParam@@QEBAPEAUOpaqueHParamType@@XZ
??_7CUniformRandomStream@@6B@
??_FCGaussianRandomStream@@QEAAXXZ
?AttachToStream@CGaussianRandomStream@@QEAAXPEAVIUniformRandomStream@@@Z
?Exists@CCommandLineParam@@QEBA_NXZ
?FixupSeparatorScheme@CURLUtils@@SAXAEAVCUtlString@@@Z
?Fold@CStringNormalization@@SAHPEBGPEAGH@Z
?GenerateRandomNumber@CUniformRandomStream@@AEAAHXZ
?GetHParam@CCommandLineParam@@QEBAPEAUOpaqueHParamType@@XZ
?GetValue@CCommandLineParam@@QEBAPEBDPEBD@Z
?Initialize@CStringNormalization@@SAXXZ
?IsTLD@CURLUtils@@SA_NPEBD@Z
?Normalize@CStringNormalization@@SAH_NPEBDPEADH@Z
?Normalize@CStringNormalization@@SAH_NPEBGPEAGH@Z
?RandomChar@CUniformRandomStream@@UEAADXZ
?RandomFillMemory@CUniformRandomStream@@UEAAXPEAX_K@Z
?RandomFloat@CGaussianRandomStream@@QEAAMMM@Z
?RandomFloat@CUniformRandomStream@@UEAAMMM@Z
?RandomInt@CUniformRandomStream@@UEAAHHH@Z
?SetSeed@CUniformRandomStream@@UEAAXH@Z
?Test_BValidateStructures@CStringNormalization@@SA_NXZ
?V_ConvertStringToUUID@@YA_NPEBDW4EUUIDStringFlags@@PEAUV_UUID@@@Z
?V_ConvertStringToUUID@@YA_NPEBGW4EUUIDStringFlags@@PEAUV_UUID@@@Z
?V_ConvertUUIDToString@@YA_NPEBUV_UUID@@W4EUUIDStringFlags@@PEADH@Z
?V_ConvertUUIDToString@@YA_NPEBUV_UUID@@W4EUUIDStringFlags@@PEAGH@Z
?V_EscapeShellArgumentAndAppend@@YA_KPEAD_KPEBD@Z
?V_EscapeShellArgumentAndAppend@@YA_KPEAVCUtlStringBuilder@@PEBD_N@Z
?V_EscapeShellArgumentAndAppendPOSIX@@YA_KPEAD_KPEBD@Z
?V_EscapeShellArgumentAndAppendWin32@@YA_KPEAD_KPEBD@Z
?V_JoinNumbers@@YA?AVCUtlString@@DAEBV?$CUtlVector@HV?$CUtlMemory@H@@@@@Z
?V_JoinNumbersUint64@@YA?AVCUtlString@@DAEBV?$CUtlVector@_KV?$CUtlMemory@_K@@@@@Z
?V_JoinNumbersUint@@YA?AVCUtlString@@DAEBV?$CUtlVector@IV?$CUtlMemory@I@@@@@Z
?V_JoinStrings@@YA?AVCUtlString@@AEBV?$CUtlVector@VCUtlString@@V?$CUtlMemory@VCUtlString@@@@@@PEBD@Z
?V_ParseShellCommandLine@@YAXPEBDAEAV?$CUtlVector@VCUtlString@@V?$CUtlMemory@VCUtlString@@@@@@HPEAPEBD@Z
?V_ParseShellCommandLinePOSIX@@YAXPEBDAEAV?$CUtlVector@VCUtlString@@V?$CUtlMemory@VCUtlString@@@@@@HPEAPEBD@Z
?V_ParseShellCommandLineWin32@@YAXPEBDAEAV?$CUtlVector@VCUtlString@@V?$CUtlMemory@VCUtlString@@@@@@HPEAPEBD@Z
?V_SplitString3@@YAXPEBDPEBQEBDHAEAV?$CUtlVector@VCUtlString@@V?$CUtlMemory@VCUtlString@@@@@@2@Z
?V_SplitStringInternal@@YAXPEBDPEBQEBDQEAPEBDHAEAV?$CUtlVector@VCUtlString@@V?$CUtlMemory@VCUtlString@@@@@@_N@Z
?V_UnicodeAdvance@@YAPEADPEADH@Z
?V_UnicodeAdvance@@YAPEAGPEAGH@Z
?V_UnicodeAdvance@@YAPEAIPEAIH@Z
?V_UnicodeCaseConvert@@YAHAEAV?$CUtlVector@GV?$CUtlMemory@G@@@@HW4EStringConvertErrorPolicy@@@Z
?V_UnicodeCaseConvert@@YAHAEAVCUtlString@@HW4EStringConvertErrorPolicy@@@Z
?V_UnicodeCaseConvert@@YAHAEAVCUtlStringBuilder@@HW4EStringConvertErrorPolicy@@@Z
?V_UnicodeCaseConvert@@YAHPEBDPEADHHW4EStringConvertErrorPolicy@@@Z
?V_UnicodeCaseConvert@@YAHPEBGPEAGHHW4EStringConvertErrorPolicy@@@Z
?V_UnicodeCaseConvert@@YAHPEBIPEAIHHW4EStringConvertErrorPolicy@@@Z
?V_UnicodeLength@@YAHPEBD@Z
?V_UnicodeLength@@YAHPEBG@Z
?V_UnicodeLength@@YAHPEBI@Z
?V_UnicodeRepair@@YAHPEADW4EStringConvertErrorPolicy@@@Z
?V_UnicodeRepair@@YAHPEAGW4EStringConvertErrorPolicy@@@Z
?V_UnicodeRepair@@YAHPEAIW4EStringConvertErrorPolicy@@@Z
?V_UnicodeValidate@@YA_NPEBD@Z
?V_UnicodeValidate@@YA_NPEBG@Z
?V_UnicodeValidate@@YA_NPEBI@Z
?V_atoui128@@YA?AVuint128@@PEBD@Z
?V_stristr@@YAPEBDPEBD0@Z
?ValidateStatics@CStringNormalization@@SAXAEAVCValidator@@PEBD@Z
?ValidateStatics@CURLUtils@@SAXAEAVCValidator@@PEBD@Z
AbsoluteDifferenceScalarGetTimeOfLastChangeBoolean8
AbsoluteDifferenceWideningLowerShiftRightArithmeticRoundedScalarPosition
AcosHaveYeargetIsIn
AcoshSystemThreadingTasksFutureDebugView1NativeErrorCode
AcquirePointerPointerIsNested
Action5AddMemoryPressureTYPEFLAGFAGGREGATABLE
Action8UnmanagedMemoryAccessorBelowNormal
ActivatorFindMethodMultiplyExtendedBySelectedScalar
ActivityOptionsDecoderUTF7FallbackBufferSuppressFlow
AdapterGetTypeInfoNameCurrentUICulture
AddEventHandlerTuple7EncoderFallbackException
AddPermissionCleanupCodeSkipVerificationInFullTrust
AddSubtractJULIANCreate
AdminHijriCalendarVectorTableLookupExtension
AesConvertToUInt32RoundAwayFromZeroOrdinalIgnoreCaseComparer
AggregateExceptiongetFirstDayOfWeeksetNegativeInfinitySymbol
AggregationAnsiBSTRMarshalerUtilities
AggressivecultureNamegetTimeStamp
AlignedAllocCommonProgramFilesX86Close
AlignedReallocGetReferenceMarshalByRefObject
AllocIsAndroidVersionAtLeastGetCharCount
AllocZeroedgetIsAuthenticatedgetLastAccessTimeUtc
AllocateTypeAssociatedMemorygetParameterTypeKoreanCalendar
AllocationExceededLPUTF8StrLessThanOrEqualAny
AllowHexSpecifiergetMonthGenitiveNamesIClassFactory
AllowLeadingSignHideBySigWriteByte
AlwaysgetUIFamilyCodePagecDisplayClass20
AnnotationDayXor
AnsiClassGetManifestResourceStreamDuplicateToVector64
AppDomainIDHashUpdate2ContractClassAttribute
ArgNonZeroLowerBoundIsBackgroundgetData
ArgRankMultiDimNotSupportedLdindU2Offline
ArgTypeNotSupportedIntersectELEMENTTYPEU4
ArgumentInvalidOffLenArchitectureDataCollector
ArgumentOutOfRangeCountLIBFLAGFHIDDENTryWriteSignificandLittleEndian
ArgumentOutOfRangeNotGreaterThanBufferLengthTryOffsetgetPayloadNames
ArgumentsEventCounterUnorderedNotLessThanOrEqualSignaling
ArrayElementAction14setPartialTrustVisibilityLevel
ArraySegment1Func12MarshalInterface
AsAnyMarshalerCORINFOEHCLAUSENumberNegativePattern
AsDategetUnicodegetLoadedAssembly
AsDayFractionMonthNameStylessetPercentSymbol
AsI1NullTextWritergetScalarLength
AsUInt16FilterTypeNameDeleteValue
AsUInt32GetFunctionPointerAdvSimd
AsUIntPtrRuntimeCustomAttributeDataMiddleEastFrench
AsVectorInt32Sha1PrimitiveValue
AssemblyAlgorithmIdAttributeGetHashCodeIsPunctuation
AssemblyConfigurationAttributeEmptyStructHeaderName
AssemblyCopyrightAttributeRuntimeInformationArgumentOutOfRangeCount
AssemblyDescriptionAttributeMethodImplAttributecanSeek
AssemblyDirectoryCompareGreaterThanOrEqualScalarReadHalfLittleEndian
AssemblyNameProxyCopyFromIndirectRuntimeIdentifier
AssemblyPathBufferClampCurrentSystemTimeZone
AssemblyVersionAttributecDisplayClass20DecimalTypeInfo
AssemblyVersionCompatibilityIsArrayGetCurrentContextInfo
AssociatesResourceLocatorPropertyBuilder
AsyncCausalityRelationMultiplyPow10Equal
AsyncCausalitySynchronousWorkCreateFallbackBufferReadChars
AsyncCopyToAwaitableDequeueVolatile
AsyncIteratorMethodBuilderEnableJITcompileTrackingManifestResource
AvailableWaitHandleIsSubnormalAsVector2
AwaitTaskContinuationScheduledArrayEnumeratorAsVectorUInt64
AwaitUnsafeOnCompletedoptionsMaskStore
BEGINUnmanagedSignatureCallingConventionTimeOnly
BHanIdeograph
BOOLEANShiftRightArithmeticVariableCompareExchange
BStrFixedWSTRMarshalerGetTimeOfLastChange
BaseDirectoryConvertOrWidenSEPAm
BinaryWritergateThreadRunningStategetState
BindToObjectNullableTypeInfoDetachable
BitFieldExtractTypeResolvegetUseUserOverride
BleSNotAPortableExecutableImageSetHandleAsInvalid
BleUnheadHeadui1
Block64NonSerializedAttributeReadUInt32
Boolean32ContinueParsingNFloat
BroadcastScalarToVector256MaybeCastTraceLoggingEventHandleTable
Buf28getCurrentIdgetAllBitsSet
BufferAllocatedReasonLoadVector64KeyNotFoundException
BufferDroppedReasonReplaceLineEndingsThursday
Byte00Contextcomparison
Byte07ConvOvfU1UnAddByteOffset
Byte08FirstChanceExceptionUseUserOverride
Byte15UniqueInstanceTargetException
ByteEqualityComparerGCALLOCNOFLAGSStringMarshalling
CLRInstanceIDEnterWriteVariantWrapper
COMExceptionFlushAsyncConvertAll
CacheLineSeparatedwTypeFlagsTryRunHalf
CachedDatagetIsErrorAssemblyKeyNameAttribute
CallerLineNumberAttributegetTypeIdMdConstant
CallvirtPostconditionAmbiguousMatchException
CanBeginLine
CanBreakBetween
CanBreakRepeated
CanEndLine
CanSeekgetIsReadLockHeldRequireFull
CancellationTokenRegistrationEncodingNameTryWriteBytes
CapturegetRecursiveWriteCountToVector256Unsafe
CaseInsensitiveGetHourTKINDRECORD
CastHelpersArchitectureElement2
CastclassGetIUnknownForObjectgetResourceScope
CharTryWriteInt64LittleEndianRuntimeMethodHandle
CharUnicodeInfoToFullPathEverything
ChoicegetDefaultThreadCurrentCultureScheduler
ClassInterfaceAttributegetRequestingAssemblyGetNumInstanceFieldBytes
CloseAsIntGetData
ColonDisposeAsyncd57ResourceFallbackManager
ComActivationContextFILENOCOMPRESSIONgetDefaultString
CombineClonePreAllocatedOverlapped
CommandLine
CompareNotGreaterThanOptionalMonetaryDecimalSeparator
CompareScalarOrderedGreaterThanHistoryDefaultInterpolatedStringHandler
CompareScalarOrderedNotEqualLevel1FirstFourDayWeek
ComparerComparable2AssemblyBuilderChunkNumber
ComparerHelpersExchangeReadOnlyMemoryHandler
CompletedMaskIsMulticastgetTargetedPatchBand
ComponentEntryPointWaitAllAllocateDataSlot
ComposedOfNoStaticMembersTimeOfDayGetFileExMaxInfoLevel
CompositeFormatAssumeUniversalsetNumberDecimalDigits
ConcurrentMultiplyDoublingWideningSaturateLowerShiftRightArithmeticNarrowingSaturateUnsignedUpper
ConfigureAwaitShiftRightLogicalAddIsConst
ConfiguredTaskAwaitable1MoveScalarCurrentCodeUnitOffset
ConfiguredValueTaskAwaitergetScheduledExclusiveCountElementName
ConsoleFallbackNameTaskAsyncEnumerableExtensionsgetIsAnsiClass
ConstantExpectedAttributeDynamicInvokeSave
ConstructionExceptionsetLongTimePatternNotApplicable
ConstructorArgumentsTaskAbbreviatedMonthGenitiveNames
ConstructorCoClassTimeOnlyFormat
ConstructorOnTypeBuilderInstantiationSerializationFormatterEnumData
ContentionKeywordEmitCalliIClassFactory2
ContextualReflectionScopesetShouldRecursePredicateTaskThrowIfDisposed
ContinueWithTaskContinuationAbsoluteCompareGreaterThanScalarUser32
ContractClassAttributedestinationFindExInfoStandard
ContractExceptionIsAsciiLetterOrDigitStelemI8
ContractExceptionPeekCharM31
ConvI8DictionaryKeyCollectionDebugView2getIsNull
ConvRUnCooperativeBlockingTryReadLittleEndian
ConvRUngetFragmentationAfterBytesSYSWIN64
ConvertOrWidenAssemblyLoadContextApplicationDirectory
ConvertScalarToVector128UInt32cDisplayClass111IsError
ConvertTimeEnterReadLockGetOrCreateObjectForComInstance
ConvertToDoubleWaitForFullGCCompleteSerialize
ConvertToInt64RoundAwayFromZeroFileSystemInfoprefix
ConvertToInt64RoundToEvenMaxDelayMsgetMutex
ConvertToInt64RoundToNegativeInfinityCreateRotationToBase64String
ConvertToUInt64RoundToEvenAsSpanBeginExceptionBlock
ConvertToVector256Int16StaticMethodOnlyDecimalSeparator
CopyToAsyncgCore270dReadInt64BigEndianCreateFromVertices
Coroutine_Cancel
Coroutine_Continue
Coroutine_Create
Coroutine_DebugBreak
Coroutine_GetCurrentlyActive
Coroutine_GetStackDepth
Coroutine_IsActive
Coroutine_IsAddressInOurStack
Coroutine_ReleaseThreadMemory
Coroutine_Test
Coroutine_ValidateGlobals
Coroutine_YieldToMain
CorrelationHintAnsiBStrsetPMDesignator
CountDecimalTrailingZerosWriteAllBytesAsyncUnmanagedCallersOnlyAttribute
CpobjsourceIndexrecord
CreateAndGetBoundariesInheritanceDemandEntry
CreateFileBasedResourceManagerM44writercount
CreateFromPinnedArrayGetMethodBodyIsMacCatalyst
CreateInstanceLicPublicationOnlyViaConstructorGetChunks
CreateInterface
CreateOptionsSTATUSINVALIDPARAMETERMaxPairwise
CreatePerspectiveFieldOfViewGetStartComSlotWriteIntPtr
CreatePerspectiveOffCentergetCompactedgetParameterType
CreateQualifiedNameRemoveDelegateRuntimeTypeHandle
CreateRotationYM43CaseInsensitive
CreateRotationgrfLocksSupportedNullable1
CreateScalarUnsafeOpenHandleFunctionPtr
CreateSetComparersetAbbreviatedDayNamesPerMilleSymbol
CreateSpanGetObjectWithElement
CreateThreadLocalCountObjectotherGetDaysInMonth
CreateValueCallbackTryWriteInt32BigEndianPeakWorkingSetSize
CreateWrapperOfTypeBStrStringMarshallerGetNamedDataSlot
CreationTimegetIsConstructorToBoolean
CriticalHandleU0StartDeserialization
Crypt32TryParseRankException
CultureAwareComparerByte12SetResult
CultureInfoIDeferredDisposableThreadPoolWorkerThreadStart
CultureRuntimeParameterInfogetCurrentReadCount
CurrencyDecimalDigitsStackBehaviourPopgetResult
CurrencyDecimalSeparatorCompareOrdinalImpersonationLevel
CurrencyNegativePatterngetIsRightToLeftgetSetting
CurrentContextualReflectionContextTicksPerMinuteIsGenericMethod
CurrentTimeZoneSuppressChangeTypegetTypedValue
CustAttrRunSynchronouslycDisplayClass110
CustomAttributeDataTaskContinuationConvertToUInt32RoundToZero
CustomAttributesKOREANLUNISOLARgetDigitSubstitution
DNDSIsCanonicalDecodeFromUtf16
DNMExtendedPictographAdjustToUniversal
DTTFILEOPENGetEncodings
DXNNYgetDeclaredMemberslength
DXYMNSignExtendWideningLowerRuntimeWrappedException
DYMdheadMultiplyBySelectedScalarWideningUpper
DYMgetDueTimeSignalAndWait
DangerousReleaseMbcsXmlMemoryManager1
DataCollectionStartMustFlushFoundYMDPatternFlag
DataPointerRuntimeMethodHandleGetPlane
DateMarshalerNegateSaturateStindRef
DateOnlyFormatCompareScalarOrderedGreaterThanPostcondition
DateTimeConstantAttributeFromSecondsIsLiteral
DateTimeFormatInfoThreadLocal1getConcurrent
DateTimeOffsetAssertObjectEqualityComparer1
DayNamesQueueReadScatterFilePipeRemoteInformation
DayOfWeekNetTraceManagedToUnmanagedIn
DaylightNameLdcI42GetCurrentContextInfo
DebugFacilityMessage1BodyNamesetSerializationFormatter
DebugStatsSystem
DebugViewPropertyValueTryWriteSignificandLittleEndian
DebuggableAttributeAllocateMultiplyHighRoundScale
DebuggerNonUserCodeAttributeResolveAssemblyToPathPopcnt
DecodeFromUtf16ReleaseComObjectNoneViaFactory
DecoderFallbackBufferWednesdayComputeHash32OrdinalIgnoreCase
DecrementSpinnerCountGetValueDirectTags
DefaultBinderInlineSigAllowThousands
DefaultCharSetAttributegetIsTypeDescAsUi4
DefaultChareFixedBufferinvkindValueTaskSourceOnCompletedFlags
DefaultEncoderDenyControlThread
DefineDefaultConstructorExceptionKeywordCreateInstanceAndUnwrap
DefineDynamicModuleValueTuple8getTypedValue
DefineFieldIsTypeSpecLinkTarget
DefineParameterIEnumMonikerSimpleEventTypes1
DelayPromiseWithCancellationThreadStartGcHandle
DeltaopCheckedDivisiongetMarshalMode
DemandParameterTypesgetHasElementType
DependencyAttributeGetParentTokengetItem1
DerivedFileStreamStrategyMoveMaskIDLFLAGFOUT
DescriptorGetAttributesFusedMultiplySubtractScalarBySelectedScalar
DestinationEmptyAsyncLocalValueMapShiftRightLogicalRoundedNarrowingSaturateScalar
DestroyStructureGCLargeObjectHeapCompactionModegetSystemDirectory
DestroyTAIWANLUNISOLARCasing
DgetAutoFlushGreaterThan
DiagnosticIdInvariantInfoIsWellKnownOrdinalComparer
DictionaryNodeCreateSpanUnsafeValueTypeAttribute
Digit9gateThreadRunningStateAllocateContainerForManagedElements
DigitSubstitutionOrListSeparatorpublicKeyOrTokenItem4
DigitsConcurrentExclusiveTaskSchedulerQueueUserWorkItem
DigitsCountHashUpdate1BinaryPrimitives
DirectoryExistsCompareScalarOrderedVARCONST
DirectoryNameSetAttributesDomainMask
DisableEventSourceInterfaceLastPrimitive
DisablePrivateReflectionAttributeExistsLdcI8
DisposeAsyncd27AsBoolSubstringByTextElements
DivRemTrimEndgetIsValueCreated
DiyFpI2getInvalidCultureId
DoNotDisposeShiftLogicalSaturateScalarEventAttribute
DoesNotReturnIfAttributeAction5GetFunctionPointer
DoubleSequentialsetLongTimePattern
Dragon4DoubleAssemblyNameBufferTrueString
EBCDICCodePagegetOSThreadIdFromDays
ELEMDESCThreadTransferInsertVector128
ELEMENTTYPEMAXThrowIfDeserializationInProgressEncoderReplacementFallback
ELEMENTTYPESENTINELToolsourceBytesToCopy
ERROREnumConnectionssetTimeSeparator
EVENTACTIVITYCTRLCREATEIDTicksPerMinutegetCurrentManagedThreadId
EmitCallsetCodeBaseBestFitMapping
EmptyCAHolderToFullPathDragon4Single
EnableEditAndContinueGetIUnknownForObjectDynamicDependencyAttribute
EnablePropertyBgeUnSVerbose
EnclosingMarkAppendFormatScopeAction
EncodeToUtf16STANDARDRIGHTSREADPerCoreLockedStacks
EncodeToUtf8InPlaceArmv6CreateFileBasedResourceManager
EncodedArgumentLIBFLAGFCONTROLIListWrapper
EncodingCacheNameInfoFILEALLACCESS
EndBufferedArraytailTailCancellationTokenSource
EndCriticalRegionGatherVector128ToShortTimeString
EndOfFileFreeNodeListRemoveDelegate
EnumEventsThreadingKeywordgetHostContext
EnumNestedTypesgetMillisecondstailTail
EnumResourceSetTypegetInfinityExponent
EnumerationOptionsWaitForFullGCApproachIDLFLAGFRETVAL
EnumeratorToEnumVariantMarshalerCurrencySymbolCriticalHandleMinusOneIsInvalid
ErrorWrapperLockRegionITypeLib2
EscapedCodeBaseIsAndroidTicksPerMicrosecond
EventAttributegetIsPointergetOSDescription
EventKeywordsgetMinutesgetIsFinal
EventLevelAllowTrailingSignIsNullRef
EventPipeInternalWRITEOWNEROpCode
EventRegistergetSignalConcurrentCollectionSyncRootNotSupported
ExceptWithLdloc2Succeeded
ExceptionFallbackCallvirtgetISOCurrencySymbol
ExceptionHandlingClausesOnDeserializationMaxNumber
ExceptionResourceEnforceJapaneseEraYearRangesStoreAlignedNonTemporal
ExchangeWriteAsyncInternald68stream
ExecuteCodeWithGuaranteedCleanupRentUndefined
ExitAnyWriteTupleExtensionsFalseString
ExitReadLockGetEnumeratord5DuplicateSelectedScalarToVector64
ExtractNarrowingSaturateUnsignedLowerEventWaitHandleVTUI2
ExtractVector128UserInteractiveToFileTime
FILEADDSUBDIRECTORYgetCurrentValueAsInt32
FILECOMPLETEIFOPLOCKEDIDictionaryEnumeratorAllowReversePInvokeCallsAttribute
FILEFULLDIRINFORMATIONStindRefConsoleFallbackName
FILESEQUENTIALONLYGetManifestResourceInfoAsyncTaskMethodBuilder1
FILETIMEFormatDoubleint
FUNCFLAGFUSESGETLASTERRORWriteUInt16LittleEndiangetMode
FUNCPUREVIRTUALReverseElementBitsRtFieldInfo
FUNCSTATICExitWriteLockSearchForChildByTag
FailureKindgetCurrencyEnglishNameProcessor1
FailureSuccessgetWeek
FallbackIsNameFILEOPENBYFILEID
FalseStringfunckindgetTotalSeconds
FastCallgetStripAfterObfuscationSerializationInfo
FeatureNameDangerousReleaseMemberRef
FieldAccessMaskSTANDARDRIGHTSREADCommandLine
FieldAttributesTplEventSourcePpc64le
FileAlternateNameInformationUserInteractiveFromCanceled
FileDispositionInformationExTNNtTraceSynchronousWorkEnd
FileHardLinkInformationNullableFlagsgetLastWriteTimeUtc
FileIdExtdDirectoryInformationConstArrayCalendar
FileModeInformationEventWaitHandleReferenceTypeHelper1
FilePipeRemoteInformationsetEncoderFallbackr8
FileStreamOptionsEraInfoEndsWith
FileSystemNameDescriptorSTATUSNOMEMORY
FileUnusedInformationEventPayloadDenormalMantissaMask
FilesMultiplyDoublingWideningSaturateScalarBySelectedScalarGetOffset
FinalMaxAcrossgetEntryPoint
FindInterfacesDefineMethodNumberDecimalSeparator
FindTransformIFormatProviderUnorderedNotLessThanOrEqualNonSignaling
FirstChanceExceptionSEPSpaceGetCustomAttributesData
FirstKeyFileIsTypeRef
FixedSizegetCapacityGREGORIANUS
FlagMakeVersionSafeNameCookies
FlattenHierarchysetShortestDayNamesDateOnly
FloatComparisonModeWriteIfInterpolatedStringHandlerlocalDestination
FloatingPointConvertToInt32RoundToEvenScalarICriticalNotifyCompletion
FloatingPointInfoIsZerogetOffset
FlowControlgetOwnerThreadIDCastCacheEntry
FlushAsyncInternald36GetPermissionFilePipeRemoteInformation
FlushTryReadprefix
Format8IsWellKnownCultureAwareComparerSerializationInfoTable
FormatDoublePollingCounterGetMaxCharCount
FormatProviderCompareGreaterThanDebuggerStepThroughAttribute
FoundDatePatternSatelliteContractVersionAttributegetIsMarshalByRef
FoundYearPatternFlagGREGORIANXLITENGLISHContractClassAttribute
FrametickCountsetFailedAssemblyInfo
FrameworkDescriptiongetFirstDayOfWeekfReserved
FreeNamedDataSlotNullabilityInfoNewSlot
FriendlyNameaddFirstChanceExceptionMinNumberPairwise
FromAsyncTrimPromise1UnorderedTrueSignalingFromCanceled
FromDateTimegetKindMultiplyExtended
FromEndDestinationAsyncModeCopyToAsyncd19
FromHexStringInterfaceMappingPaddingFor32
FromHourstickCountPow10
FromIntPtrLocalPushScopeName
FromMillisecondsValueListBuilder1getPrecision
FromMinutesSuffixUpdateValue
FullBlockingAMD64upgradecount
FullDateTimePatternLdarg3IncludesInternals
Func13ExponentBiasgetTotalMinutes
FusedMultiplyAddBySelectedScalarByte02ContainedInAnotherAssembly
FusedMultiplySubtractLengthFormD
FusedMultiplySubtractNegatedScalarMultiplyDoublingWideningAndSubtractSaturateScalarSIGTTIN
FusedMultiplySubtractScalarBySelectedScalarEscapeCompressedStack
GCALLOCFLAGSEnterWriteDecimalDigitNumber
GCFrameRegistrationGetOrCreateThreadLocalCompletionCountObjectVolatileIntPtr
GCHandleIsFixedSizegetAll
GCHandleKeywordOldValueCrc32
GUIDPathHelperMethod
GateThreadFromUnixTimeSecondsRegisterForMarshalling
GenerateGuidForTypePendingWorkItemCountAltDirectorySeparatorChar
GenericDelegateCache2VTSTORAGEProcessExit
GenericInstLcidOperationMask
GenericPlaceholderConstructorInvokergetDependent
GenericTypeArgumentsTryWriteSignificandBigEndianCompareScalarUnorderedEqual
GetAddMethodTaskAsyncEnumerableExtensionsEnsureCapacity
GetAmbiguousTimeOffsetsgetWaiterCountTryWriteBigEndian
GetArrayMethodIsAnsiClassEmpty
GetAssembliesReadAllLinesDynamicDependencyAttribute
GetBitsEventLevelTryWriteExponentLittleEndian
GetByteCountStreamingContextStatesTraceLoggingEventTypes
GetByteLibraryNameVariationDecomposedGuid
GetCelestialStemFormDIncrementingCounterPayload
GetClassIDUnorderedNotLessThanOrEqualNonSignalinggetIsInvalid
GetClassLayoutSerializationFormatterConditionalAttribute
GetComInterfaceForObjectResourceFallbackManagerContinuationWrapper
GetCompressedStackGetScalarFromUtf16SurrogatePairMultiplyAddByScalar
GetConstructorsWaitForNextTickAsyncInlinePhi
GetCultureInfoByIetfLanguageTagDictionaryValueCollectionDebugView2FILELISTDIRECTORY
GetCustomAttributesgetSerializationGuardInformationalVersion
GetDecimalICustomAdapterGetInterfaces
GetDeclaredMethodFusedMultiplySubtractBySelectedScalarConvertToVector128Int16
GetDefaultMembersThrowOnExistingsetNumProcessingWork
GetDefaultReaderWithElementGetWeeksInYear
GetDocumentation2MultiplyDoublingWideningSaturateLowerToBytesBuffer
GetElementWaitOrTimerCallbackILOffset
GetEndComSlotOpenHandlegetSource
GetEnumeratord5ProcessorCountConstArray
GetExceptionForHRIsFromEndAsInt
GetFileExInfoStandardNegateSaturateScalarDateOnly
GetFileLineNumbergetCallbackConstrained
GetFileNameWithoutExtensionSerializabletdescAlias
GetFuncIndexOfMemIdGetAbbreviatedDayNamegetNativeDigits
GetGenericArgumentsGetEnumUnderlyingTypePARAMFLAGFLCID
GetHRForExceptionReciprocalSqrtEstimateOrdinalComparer
GetIndexOfFirstNonAsciiCharFilterTypeNameIgnoreCaseConvertToVector128Double
GetIndexOfFirstNonAsciiCharOnDeserializingAttributeFileNetworkOpenInformation
GetLastAccessTimeUtcgetTextNeedMoreData
GetMethodImplementationFlagsArrayListEnumeratorgetIsConstructor
GetMethodgetConcurrentSchedulernumRequestedWorkers
GetModuleHandleOnDeserializedAttributeActivatorCache
GetNameFromOSType
GetNamedDataSlotEscapedPropGet
GetNativeImageBaseZeroFreeCoTaskMemAnsiFindExSearchMaxSearchOp
GetNestedTypeADEraM12
GetOSDetailString
GetOSType
GetObjectForNativeVariantgetAddMethodGetOrCreateValue
GetOrCreateThreadLocalCompletionCountObjectFilterAttributegetShare
GetPEKindgetHandlerTypeIpForWatsonBuckets
GetPlatformFromOS
GetPlatformName
GetPlatformNameFromEPlatformType
GetPortableOsVersionInformation
GetPropertySigHelperCachedCompletedInt32TaskWriteSignificandLittleEndian
GetRangeApplicationExceptionGetRuntimeProperty
GetResultCanSeekgetRoot
GetRuntimePropertyTestCsetPreallocationSize
GetScopePropsgetNIntViewIsSupersetOf
GetStringAndReleaseGetCustomAttributePropsreserved
GetTimeOfLastChangegetUtf16SequenceLengthgetNext
Sections
.text Size: 467KB - Virtual size: 466KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.managed Size: 2.1MB - Virtual size: 2.1MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1.9MB - Virtual size: 1.9MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 201KB - Virtual size: 265KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 151KB - Virtual size: 150KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_RDATA Size: 512B - Virtual size: 500B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 81KB - Virtual size: 81KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ