astx_setup[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

astx_setup.exe
Size

97.6MB
MD5

ae5d61786f3910ec6f722eba51ba798f
SHA1

cb6e3a657e272959a2b09920a35a617761b2d6f3
SHA256

5c78d98852f5e196616abb376c04c9b6467d85cc82247fea05a48cdbe4b86da8
SHA512

6c2cc8e630ae9e267d09a9aef8d8f9e07ef111b6bd540ffbf5378a0654fcf601e2176028b826d596e70e5e213fc34f16876651668a178a55c89df61ca88f8fcf
SSDEEP

1572864:A8n4cfsWcmX8UatEyxKrYNNq5mj9gn56vx5iWyMxbsrbZXd8DhnK25cCmCq:BnGfm8jDNNq5mhgncip3rF6dKjTF

Score

5^/10

upx

Malware Config

Signatures

UPX packed file 5 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack004/medvphku.dll	upx
static1/unpack004/trueeyesu.dll	upx
static1/unpack005/medvphku.dll	upx
static1/unpack005/medvphkuw6.dll	upx
static1/unpack005/trueeyesu.dll	upx

Unsigned PE 19 IoCs

Checks for missing Authenticode signature.

resource
unpack001/$PLUGINSDIR/System.dll
unpack001/$PLUGINSDIR/nsExec.dll
unpack006/$PLUGINSDIR/InstallOptions.dll
unpack006/$PLUGINSDIR/System.dll
unpack008/Lib/Cert/certadm.dll
unpack008/Lib/Cert/certutil_.exe
unpack008/Lib/Cert/nss/certutil.exe
unpack008/Lib/Cert/nss/freebl3.dll
unpack008/Lib/Cert/nss/libnspr4.dll
unpack008/Lib/Cert/nss/libplc4.dll
unpack008/Lib/Cert/nss/libplds4.dll
unpack008/Lib/Cert/nss/nss3.dll
unpack008/Lib/Cert/nss/nssckbi.dll
unpack008/Lib/Cert/nss/nssdbm3.dll
unpack008/Lib/Cert/nss/nssutil3.dll
unpack008/Lib/Cert/nss/smime3.dll
unpack008/Lib/Cert/nss/softokn3.dll
unpack008/Lib/Cert/nss/sqlite3.dll
unpack008/Lib/Cert/nss/ssl3.dll

Files

astx_setup.exe
.exe windows:5 windows x86 arch:x86

25ed4ce053872020aef1006182cbb182

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:7b:2e:10:a0:d9:6c:4d:53:bd:1e:49:42:fc:ca:c9
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

24/06/2024, 00:00

Not After

22/06/2025, 23:59

Subject

SERIALNUMBER=110111-1138985,CN=AhnLab\, Inc.,O=AhnLab\, Inc.,L=Seongnam-si,ST=Gyeonggi-do,C=KR,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.1=#130b53656f6e676e616d2d7369,1.3.6.1.4.1.311.60.2.1.2=#130b4779656f6e6767692d646f,1.3.6.1.4.1.311.60.2.1.3=#13024b52

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0b:ae:66:bc:5a:ba:7f:95:87:c6:f9:e9:04:e3:33:04
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

26/09/2024, 00:00

Not After

25/11/2035, 23:59

Subject

CN=DigiCert Timestamp 2024,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

fb:d4:69:3e:48:b0:19:c7:7a:bf:3f:1f:56:da:1d:8a:36:7a:d2:95:2d:af:2f:8f:21:35:b0:14:07:d4:ec:c4
Signer

Actual PE Digest

fb:d4:69:3e:48:b0:19:c7:7a:bf:3f:1f:56:da:1d:8a:36:7a:d2:95:2d:af:2f:8f:21:35:b0:14:07:d4:ec:c4

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegDeleteKeyW
RegCloseKey
RegEnumKeyW
RegEnumValueW
RegQueryValueExW
RegSetValueExW
RegDeleteValueW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
SetFileSecurityW
RegOpenKeyExW
RegCreateKeyExW

shell32

ShellExecuteExW
SHBrowseForFolderW
SHGetPathFromIDListW
SHGetFileInfoW
SHFileOperationW
SHGetSpecialFolderLocation

ole32

CoCreateInstance
OleUninitialize
OleInitialize
IIDFromString
CoTaskMemFree

comctl32

ord17
ImageList_Destroy
ImageList_AddMasked
ImageList_Create

user32

GetDlgItemTextW
SetDlgItemTextW
RegisterClassW
CreateWindowExW
GetClassInfoW
DialogBoxParamW
SetWindowPos
IsWindowEnabled
SetClassLongW
GetSystemMenu
EnableMenuItem
CreateDialogParamW
EndDialog
GetSystemMetrics
CreatePopupMenu
AppendMenuW
GetWindowRect
TrackPopupMenu
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
IsWindowVisible
CallWindowProcW
GetMessagePos
ScreenToClient
CheckDlgButton
LoadCursorW
MessageBoxIndirectW
GetWindowLongW
GetSysColor
CharNextW
ExitWindowsEx
DestroyWindow
SetWindowTextW
PostQuitMessage
SetForegroundWindow
ShowWindow
wsprintfW
SendMessageTimeoutW
FindWindowExW
IsWindow
GetDlgItem
SetWindowLongW
LoadImageW
GetDC
ReleaseDC
EnableWindow
InvalidateRect
SendMessageW
DefWindowProcW
BeginPaint
GetClientRect
FillRect
DrawTextW
EndPaint
CharNextA
CharPrevW
DispatchMessageW
wsprintfA
SetCursor
PeekMessageW
SystemParametersInfoW

gdi32

GetDeviceCaps
SetBkColor
SelectObject
DeleteObject
CreateBrushIndirect
CreateFontIndirectW
SetBkMode
SetTextColor

kernel32

CreateProcessW
lstrcmpiA
GetTempFileNameW
WriteFile
CreateDirectoryW
GetLastError
CreateThread
GlobalLock
GlobalUnlock
GetDiskFreeSpaceW
WideCharToMultiByte
lstrcpynW
lstrlenW
SetErrorMode
GetCommandLineW
GetTempPathW
GetWindowsDirectoryW
SetEnvironmentVariableW
ExitProcess
lstrcatW
GetCurrentProcess
GetVersion
GetModuleFileNameW
GetFileSize
CreateFileW
GetTickCount
Sleep
SetFileAttributesW
GetFileAttributesW
SetCurrentDirectoryW
MoveFileW
GetFullPathNameW
GetShortPathNameW
SearchPathW
CompareFileTime
SetFileTime
CloseHandle
lstrcmpiW
lstrcmpW
ExpandEnvironmentStringsW
GlobalAlloc
GlobalFree
GetModuleHandleW
LoadLibraryExW
FreeLibrary
WritePrivateProfileStringW
GetPrivateProfileStringW
lstrlenA
MultiByteToWideChar
ReadFile
SetFilePointer
FindClose
FindNextFileW
FindFirstFileW
DeleteFileW
MulDiv
GetSystemDirectoryW
GetProcAddress
GetModuleHandleA
GetExitCodeProcess
WaitForSingleObject
RemoveDirectoryW
lstrcpyA
MoveFileExW
CopyFileW

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 68KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/AhnIEx.dll
.dll windows:5 windows x86 arch:x86

f31759abf103a0624fc5ba72c056dfe9

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:dd:a3:fa:e1:5d:dc:b3:77:ef:dc:e3:aa:6b:c2:a5
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

10/01/2022, 00:00

Not After

07/01/2023, 23:59

Subject

SERIALNUMBER=110111-1138985,CN=AhnLab\, Inc.,O=AhnLab\, Inc.,L=Seongnam-si,ST=Gyeonggi-do,C=KR,1.3.6.1.4.1.311.60.2.1.1=#130b53656f6e676e616d2d7369,1.3.6.1.4.1.311.60.2.1.2=#130b4779656f6e6767692d646f,1.3.6.1.4.1.311.60.2.1.3=#13024b52,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

29/03/2022, 00:00

Not After

14/03/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

cf:9e:a0:7c:01:b2:2a:22:8c:08:66:99:04:53:6c:e3:25:3d:ee:9f:f3:e1:c7:a1:46:ca:8f:53:5f:7c:a7:ee
Signer

Actual PE Digest

cf:9e:a0:7c:01:b2:2a:22:8c:08:66:99:04:53:6c:e3:25:3d:ee:9f:f3:e1:c7:a1:46:ca:8f:53:5f:7c:a7:ee

Digest Algorithm

sha256

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\Build\Install\Common\Plugins\building\build\svn\AhnLab\Install\Common\Plugins\Trunk\Build\NT32Release\AhnIEx.pdb

Imports

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

ws2_32

send
WSASetLastError
recv
closesocket
WSACleanup
WSAGetLastError

kernel32

SetFileAttributesW
GetShortPathNameW
CompareFileTime
FindNextFileW
HeapFree
DeviceIoControl
HeapAlloc
GetProcessHeap
GetFileInformationByHandle
CreateFileW
ExpandEnvironmentStringsW
GetDriveTypeW
QueryDosDeviceW
MoveFileW
CreateDirectoryW
CopyFileW
HeapReAlloc
HeapSize
GetCommandLineW
GetTempPathW
GetSystemDirectoryW
GetTimeFormatW
GetDateFormatW
EnumResourceLanguagesW
GetLocaleInfoW
MoveFileExW
ReadFile
GetFileSize
lstrlenW
GetWindowsDirectoryW
GetCurrentProcess
GetExitCodeProcess
CreateProcessW
OpenMutexW
CreateMutexW
GetCurrentThread
LocalFree
GetCurrentDirectoryW
CreatePipe
WaitForSingleObject
TerminateProcess
WriteFile
GetVersionExW
GetDiskFreeSpaceW
FreeResource
LoadResource
FindResourceExW
GlobalAddAtomW
MultiByteToWideChar
SizeofResource
LockResource
FindResourceW
RemoveDirectoryW
lstrcmpA
InterlockedCompareExchange
InitializeCriticalSectionAndSpinCount
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetCurrentThreadId
InterlockedExchangeAdd
GetVersion
GetFileType
GetStdHandle
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetConsoleMode
SetConsoleMode
ReadConsoleA
ReadConsoleW
GetEnvironmentVariableW
SetHandleCount
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetModuleHandleA
GetModuleFileNameA
VirtualAlloc
VirtualFree
HeapDestroy
HeapCreate
InterlockedDecrement
InterlockedIncrement
FindFirstFileA
GetDriveTypeA
SetConsoleCtrlHandler
ExitProcess
GetFileAttributesW
PeekNamedPipe
FileTimeToLocalFileTime
FileTimeToSystemTime
GetCommandLineA
RaiseException
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
Sleep
FindFirstFileW
FindClose
GetTickCount
DeleteFileW
GetModuleHandleW
GlobalAlloc
GlobalFree
OpenProcess
CloseHandle
lstrcmpiW
GetCurrentProcessId
lstrcmpW
GlobalGetAtomNameW
GlobalDeleteAtom
LoadLibraryW
GetProcAddress
FreeLibrary
GetLocalTime
GetPrivateProfileStringW
GetPrivateProfileIntW
WritePrivateProfileStringW
GetLastError
GetModuleFileNameW
SetLastError
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetStdHandle
GetTimeZoneInformation
LCMapStringA
LCMapStringW
LoadLibraryA
GetFullPathNameA
CreateFileA
GetCurrentDirectoryA
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringA
CompareStringW
SetEnvironmentVariableA
WideCharToMultiByte
InitializeCriticalSection
RtlUnwind
SetFilePointer
SetEndOfFile
FlushFileBuffers
ReleaseMutex
GetConsoleCP
FreeEnvironmentStringsA
GetEnvironmentStrings
GetStartupInfoA

user32

GetProcessWindowStation
GetUserObjectInformationW
IsWindow
MessageBoxW
SetWindowTextW
ExitWindowsEx
GetSystemMetrics
IsWindowVisible
IsCharUpperW
CharLowerW
CharPrevW
PeekMessageW
MsgWaitForMultipleObjects
DispatchMessageW
PostQuitMessage
SendMessageW
FindWindowExW
GetDlgItem
GetWindowTextW
IsCharAlphaW
RegisterWindowMessageW
GetClassInfoExW
RegisterClassExW
CreateWindowExW
DestroyWindow
DefWindowProcW
CharNextW

advapi32

RegisterEventSourceW
ReportEventW
DeregisterEventSource
DeleteAce
CryptReleaseContext
CryptAcquireContextW
LookupAccountNameW
GetFileSecurityW
GetSecurityDescriptorDacl
GetAclInformation
GetLengthSid
InitializeAcl
GetAce
AddAce
AddAccessAllowedAce
GetSecurityDescriptorControl
SetFileSecurityW
OpenThreadToken
RegDeleteKeyW
RegEnumValueW
RegCreateKeyExW
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
DeleteService
ControlService
StartServiceW
QueryServiceStatus
CreateServiceW
OpenSCManagerW
OpenServiceW
CloseServiceHandle
LookupPrivilegeValueW
AdjustTokenPrivileges
RegQueryInfoKeyW
RegEnumKeyExW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
RegDeleteValueW
RegSetValueExW
CreateProcessAsUserW
OpenProcessToken
GetTokenInformation
AllocateAndInitializeSid
EqualSid
FreeSid
CryptGenRandom

shell32

SHGetMalloc
SHFileOperationW
ShellExecuteW
SHGetSpecialFolderLocation
SHGetPathFromIDListW
FindExecutableW

ole32

CoCreateInstance
CoTaskMemFree

shlwapi

PathAppendW
PathFileExistsW

Exports

Exports

AI_AddAccessRightsToDir
AI_AddArchivedFile
AI_AddArchivedFile2
AI_AddUpdateProduct
AI_CheckComponentState
AI_CheckError
AI_CheckMultiOsAc
AI_CheckMultiOsLn
AI_CheckReboot
AI_CheckSystemRebootFlag
AI_ClearError
AI_CompareFileVersion
AI_CopyFile
AI_CopyFile2
AI_CopyFiles
AI_CreateArchivedFileList
AI_CreateChildSetup
AI_CreateDir
AI_CreateDir2
AI_CreateService2
AI_CreateShortcut
AI_CutBackslash
AI_DeleteAc
AI_DeleteDirAndFiles
AI_DeleteFile
AI_DeleteService
AI_DeleteUserInfo
AI_DeleteUserInfoEx
AI_DetailPrint
AI_DetailPrintErr
AI_EnableDetailPrint
AI_EnableMsgBox
AI_EnableWow64FsRedirection
AI_EnableWow64RegRedirection
AI_Exec
AI_Exec2
AI_ExecAsAdmin
AI_ExecCloneOfUninstaller
AI_ExecWait
AI_ExecWebLink
AI_ExitWindows
AI_ExpandRelatedPath
AI_ExtractFile
AI_ExtractFile2
AI_ExtractSubString
AI_ExtractWithList
AI_Free
AI_GenClientId
AI_GetComponentFlag
AI_GetComponentInfo
AI_GetCtrlText
AI_GetDateTimeFormat
AI_GetDefComponentState
AI_GetDiskFreeSpace
AI_GetFileVersionInfo
AI_GetLicenseVersion
AI_GetMode
AI_GetOS
AI_GetOS2
AI_GetParentProcess
AI_GetProfileInt
AI_GetProfileStr
AI_GetSecProfileInt
AI_GetSecProfileStringEx
AI_GetUserInfoEx
AI_Init
AI_InitEx
AI_InitExtraComponentInfo
AI_Is
AI_IsAdmin
AI_IsAnotherInstanceRunning
AI_IsDir
AI_IsFileExist
AI_IsFileRunning
AI_IsLocalSystem
AI_IsProcessorAMD64
AI_IsProcessorARM64
AI_IsProcessorIA64
AI_IsRegKeyExist
AI_IsServiceInstalled
AI_IsSupportSHA256
AI_IsT
AI_IsWin
AI_IsWin2
AI_IsWin3
AI_IsWinNT
AI_IsWinNTOrLater
AI_IsWinNTOrLater2
AI_IsWinNTOrLater3
AI_IsWinOrLater
AI_IsWinsockLater
AI_IsWorkstation
AI_IsWow64Process
AI_Ln2Ac
AI_LoadAc
AI_LoadClientId
AI_LoadUserInfo
AI_LogAction
AI_LogComment
AI_LogDbg
AI_LogEnter
AI_LogErr
AI_LogFlush
AI_LogHeader
AI_LogLeave
AI_LogLeaveAll
AI_LogWarn
AI_MsgBox
AI_OnShowLicense
AI_OnShowPage
AI_PBCallbackControl
AI_PBCallbackSetPos
AI_PBCallbackSetRange
AI_PBInit
AI_PickFileVer
AI_RegDeleteKey
AI_RegDeleteValue
AI_RegEnumKey
AI_RegEnumValue
AI_RegGetDWord
AI_RegGetString
AI_RegSetDWord
AI_RegSetString
AI_RegSetVolatileDWord
AI_RegSetVolatileString
AI_RegisterRebootMsgForAPC
AI_RemoveUpdateProduct
AI_RemoveUserInfo
AI_RenameDirToCreateFileWithSameName
AI_RenameFileToCreateDirWithSameName
AI_ReplaceFileOnReboot
AI_SaveAc
AI_SaveUserInfo
AI_SetArchiveFile
AI_SetCatalog
AI_SetComponentFlag
AI_SetCopyFlag
AI_SetCurrentArchivedFileList
AI_SetDeleteFlag
AI_SetError
AI_SetLanguage
AI_SetLogFile
AI_SetLogFlag
AI_SetLogLevel
AI_SetMode
AI_SetOutPath
AI_SetReboot
AI_SetSharedCount
AI_SetSystemRebootFlag
AI_SetSystemRebootFlag2
AI_SetUserInfo
AI_SetUserInfoEx
AI_SplitPath
AI_StartService
AI_StopService
AI_StrAdd
AI_StrFormat
AI_StrGet
AI_StrReplace
AI_StrTrace
AI_System64
AI_Un_CheckComponentState
AI_Un_GetComponentInfo
AI_UpdateUserInfo
AI_VerifyArgument
AI_VerifyComponentFlag
AI_VerifyDirectory
AI_VerifyIEVersion
AI_VerifyLn
AI_VerifyParent
AI_VerifyStartMenu
AI_VerifyUserInfo
AI_VerifyWinSuite
AI_WriteComponentInfo
AI_WriteUninstallInfo
AI_vf
AhnIEx_AddAccessRightsToDir
AhnIEx_AddAccessRightsToFile
AhnIEx_AddArchivedFile
AhnIEx_AddArchivedFile2
AhnIEx_AddUpdateProduct
AhnIEx_CheckError
AhnIEx_CheckReboot
AhnIEx_CheckSystemRebootFlag
AhnIEx_ClearError
AhnIEx_CompareFileVersion
AhnIEx_ConcealSerial
AhnIEx_CopyFile
AhnIEx_CopyFile2
AhnIEx_CopyFiles
AhnIEx_CreateArchivedFileList
AhnIEx_CreateDir
AhnIEx_CreateDir2
AhnIEx_CreateService
AhnIEx_CreateService2
AhnIEx_CreateShortcut
AhnIEx_CutBackslash
AhnIEx_DeleteDirAndFiles
AhnIEx_DeleteFile
AhnIEx_DeleteService
AhnIEx_DeleteUserInfo
AhnIEx_DetailPrint
AhnIEx_DetailPrintErr
AhnIEx_EnableMsgBox
AhnIEx_EnableWow64FsRedirection
AhnIEx_EnableWow64RegRedirection
AhnIEx_Exec
AhnIEx_Exec2
AhnIEx_ExecAsAdmin
AhnIEx_ExecWait
AhnIEx_ExecWebLink
AhnIEx_ExitWindows
AhnIEx_ExpandRelatedPath
AhnIEx_ExtractFile
AhnIEx_ExtractFile2
AhnIEx_ExtractSubString
AhnIEx_ExtractWithList
AhnIEx_Free
AhnIEx_GetDateTimeFormat
AhnIEx_GetDiskFreeSpace
AhnIEx_GetFileVersionInfo
AhnIEx_GetMode
AhnIEx_GetOS
AhnIEx_GetOS2
AhnIEx_GetParentProcess
AhnIEx_GetProfileInt
AhnIEx_GetProfileStr
AhnIEx_GetSecProfileInt
AhnIEx_GetSecProfileString
AhnIEx_GetSecProfileStringEx
AhnIEx_GetSpecialFolder
AhnIEx_GetUserInfo
AhnIEx_Init
AhnIEx_InitEx
AhnIEx_InvalidSerialNum
AhnIEx_InvalidSerialNum2
AhnIEx_Is
AhnIEx_IsAdmin
AhnIEx_IsDir
AhnIEx_IsEvaluationExpired
AhnIEx_IsFileExist
AhnIEx_IsFileRunning
AhnIEx_IsLocalSystem
AhnIEx_IsProcessorAMD64
AhnIEx_IsProcessorARM64
AhnIEx_IsProcessorIA64
AhnIEx_IsRegKeyExist
AhnIEx_IsServiceInstalled
AhnIEx_IsSupportSHA256
AhnIEx_IsWin
AhnIEx_IsWin2
AhnIEx_IsWin3
AhnIEx_IsWinNT
AhnIEx_IsWinNTOrLater
AhnIEx_IsWinNTOrLater2
AhnIEx_IsWinNTOrLater3
AhnIEx_IsWinOrLater
AhnIEx_IsWinsockLater
AhnIEx_IsWorkstation
AhnIEx_IsWow64Process
AhnIEx_LoadString
AhnIEx_LogAction
AhnIEx_LogActionf
AhnIEx_LogComment
AhnIEx_LogCommentf
AhnIEx_LogContinue
AhnIEx_LogDbg
AhnIEx_LogDbgf
AhnIEx_LogEnter
AhnIEx_LogErr
AhnIEx_LogErrf
AhnIEx_LogFlush
AhnIEx_LogHeader
AhnIEx_LogLeave
AhnIEx_LogLeaveAll
AhnIEx_LogPause
AhnIEx_LogWarn
AhnIEx_LogWarnf
AhnIEx_MsgBox
AhnIEx_PBCallbackSetPos
AhnIEx_PBCallbackSetRange
AhnIEx_PickFileVer
AhnIEx_RebuildSerial
AhnIEx_RegDeleteKey
AhnIEx_RegDeleteValue
AhnIEx_RegEnumKey
AhnIEx_RegEnumValue
AhnIEx_RegGetBinary
AhnIEx_RegGetDWord
AhnIEx_RegGetString
AhnIEx_RegSetBinary
AhnIEx_RegSetDWord
AhnIEx_RegSetString
AhnIEx_RegSetVolatileBinary
AhnIEx_RegSetVolatileDWord
AhnIEx_RegSetVolatileString
AhnIEx_RegisterRebootMsgForAPC
AhnIEx_RemoveUpdateProduct
AhnIEx_RenameDirToCreateFileWithSameName
AhnIEx_RenameFileToCreateDirWithSameName
AhnIEx_ReplaceFileOnReboot
AhnIEx_SetArchiveFile
AhnIEx_SetCatalog
AhnIEx_SetCopyFlag
AhnIEx_SetCurrentArchivedFileList
AhnIEx_SetDeleteFlag
AhnIEx_SetError
AhnIEx_SetLanguage
AhnIEx_SetLogFile
AhnIEx_SetLogLevel
AhnIEx_SetMode
AhnIEx_SetOutPath
AhnIEx_SetReboot
AhnIEx_SetSharedCount
AhnIEx_SetSystemRebootFlag
AhnIEx_SetUserInfo
AhnIEx_SplitPath
AhnIEx_StartService
AhnIEx_StopService
AhnIEx_StrAdd
AhnIEx_StrCatF
AhnIEx_StrCatN
AhnIEx_StrCpyF
AhnIEx_StrFormat
AhnIEx_StrGet
AhnIEx_StrReplace
AhnIEx_StrStrI
AhnIEx_StrTrace
AhnIEx_VerifyArgument
AhnIEx_VerifyDirectory
AhnIEx_VerifyIEVersion
AhnIEx_VerifyParent
AhnIEx_VerifyStartMenu
AhnIEx_VerifyWinSuite
AhnIEx_WriteComponentInfo
AhnIEx_WriteUninstallInfo
AhnIEx_snprintf
AhnIEx_vf

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 354KB - Virtual size: 354KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/NSIS.cat
$PLUGINSDIR/System.dll
.dll windows:5 windows x86 arch:x86

44dec599b7c15b3419d2bae8c1d68fff

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
lstrcpynW
lstrcpyW
GetProcAddress
WideCharToMultiByte
VirtualFree
lstrlenW
LoadLibraryW
GetModuleHandleW
MultiByteToWideChar
VirtualAlloc
VirtualProtect
GetLastError
FreeLibrary

user32

wsprintfW

ole32

CLSIDFromString
StringFromGUID2

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 915B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 68B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 638B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/nsExec.dll
.dll windows:5 windows x86 arch:x86

722da765e571519382072dc3f36d5b45

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

SetSecurityDescriptorDacl
InitializeSecurityDescriptor
IsTextUnicode

user32

FindWindowExW
wsprintfW
SendMessageW
CharNextExA
CharNextW
CharPrevW

kernel32

GetModuleFileNameW
GlobalAlloc
GlobalFree
GetTempFileNameW
CopyFileW
CreateFileW
GetVersion
GetProcAddress
lstrcpyA
GetModuleHandleA
GetCurrentProcess
lstrcmpiW
lstrlenW
ExitProcess
CloseHandle
GetExitCodeProcess
WaitForSingleObject
CreateProcessW
lstrcpynW
GetCommandLineW
Sleep
TerminateProcess
GlobalReAlloc
MultiByteToWideChar
IsDBCSLeadByteEx
ReadFile
PeekNamedPipe
GetTickCount
GetStartupInfoW
CreatePipe
lstrcpyW
DeleteFileW
lstrcatW
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW

Exports

Exports

Exec
ExecToLog
ExecToStack

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 424B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$_0_/AhnSec.dat
$_0_/BldInfo.ini
$_0_/Engine/med_arm64.nz
.7z
atstrumt.dll
medcore.dll
medcored.sys
medext.dll
medvpdrv.sys
medvphkd.sys
medvphku.dll
$_0_/Engine/med_com.nz
.7z
geo.asd
gof.dat
mdp.scd
msg.dat
uh.dat
wlist.asd
$_0_/Engine/med_nt32.nz
.7z
atstrumt.dll
.dll windows:5 windows x86 arch:x86

db4649340197ca16eecb4289c290653c

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:03:43:da:68:34:f4:51:3c:e9:a1:a5:80:9e:5e:a5
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

08/11/2022, 00:00

Not After

06/11/2023, 23:59

Subject

SERIALNUMBER=110111-1138985,CN=AhnLab\, Inc.,O=AhnLab\, Inc.,L=Seongnam-si,ST=Gyeonggi-do,C=KR,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.1=#130b53656f6e676e616d2d7369,1.3.6.1.4.1.311.60.2.1.2=#130b4779656f6e6767692d646f,1.3.6.1.4.1.311.60.2.1.3=#13024b52

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

2a:ba:30:2c:a1:16:1d:41:37:7c:39:74:10:ae:c1:38:17:21:b1:6a:b0:fa:69:98:58:bd:d1:71:7c:b9:31:a7
Signer

Actual PE Digest

2a:ba:30:2c:a1:16:1d:41:37:7c:39:74:10:ae:c1:38:17:21:b1:6a:b0:fa:69:98:58:bd:d1:71:7c:b9:31:a7

Digest Algorithm

sha256

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

u:\AhnLab\Common\AhnTrust\3.0\trunk\Build\NT32Release.vc90\atstrumt.pdb

Imports

ws2_32

shutdown
send
recv
closesocket
setsockopt
connect
socket
select
ioctlsocket
WSACleanup
WSAStartup
getsockopt
getservbyport
gethostbyaddr
gethostbyname
WSAGetLastError
inet_addr
htons
getservbyname
htonl
WSASetLastError
ntohs
inet_ntoa

kernel32

GetConsoleOutputCP
WriteConsoleA
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
GetCurrentDirectoryA
CreateFileA
GetFullPathNameA
GetModuleHandleA
FlushFileBuffers
GetTickCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
MultiByteToWideChar
GetLastError
InterlockedCompareExchange
GetVersionExW
SetLastError
CloseHandle
CreateFileW
lstrcmpA
FreeLibrary
LoadLibraryW
GetSystemDirectoryW
GetProcAddress
Sleep
VirtualAlloc
WriteConsoleW
VirtualFree
InitializeCriticalSectionAndSpinCount
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetCurrentThreadId
InterlockedExchangeAdd
FormatMessageA
LoadLibraryA
GetSystemDirectoryA
GetModuleHandleW
GetVersion
WriteFile
GetFileType
GetStdHandle
WideCharToMultiByte
GetACP
GetEnvironmentVariableW
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
FindNextFileW
FindFirstFileW
FindClose
ReadConsoleA
ReadConsoleW
GetConsoleMode
SetConsoleMode
GetTimeZoneInformation
SetStdHandle
GetStartupInfoA
SetHandleCount
CompareStringA
CompareStringW
SetEnvironmentVariableA
SetEndOfFile
GetProcessHeap
HeapFree
HeapAlloc
GetFileAttributesW
ReadFile
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileInformationByHandle
PeekNamedPipe
HeapReAlloc
GetCommandLineA
ExitProcess
SetConsoleCtrlHandler
GetDriveTypeA
FindFirstFileA
InterlockedIncrement
InterlockedDecrement
HeapSize
HeapCreate
HeapDestroy
GetCPInfo
GetOEMCP
IsValidCodePage
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleFileNameA
RtlUnwind
SetFilePointer
LCMapStringA
LCMapStringW
GetConsoleCP

user32

GetProcessWindowStation
GetUserObjectInformationW
MessageBoxW

advapi32

CryptGenRandom
CryptReleaseContext
RegisterEventSourceW
ReportEventW
DeregisterEventSource
CryptAcquireContextW

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 466KB - Virtual size: 465KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
libcrypto-1_1.dll
.dll windows:6 windows x86 arch:x86

1760129228a969ea59148d2bffef3f39

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:7b:2e:10:a0:d9:6c:4d:53:bd:1e:49:42:fc:ca:c9
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

24/06/2024, 00:00

Not After

22/06/2025, 23:59

Subject

SERIALNUMBER=110111-1138985,CN=AhnLab\, Inc.,O=AhnLab\, Inc.,L=Seongnam-si,ST=Gyeonggi-do,C=KR,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.1=#130b53656f6e676e616d2d7369,1.3.6.1.4.1.311.60.2.1.2=#130b4779656f6e6767692d646f,1.3.6.1.4.1.311.60.2.1.3=#13024b52

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

45:42:a8:34:5e:51:31:40:6c:12:ca:d6:b3:3f:04:b2:e3:3d:94:19:d4:7d:c4:9b:31:62:63:81:5f:6a:cc:4a
Signer

Actual PE Digest

45:42:a8:34:5e:51:31:40:6c:12:ca:d6:b3:3f:04:b2:e3:3d:94:19:d4:7d:c4:9b:31:62:63:81:5f:6a:cc:4a

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\OpenSSL\libcrypto-3.pdb

Imports

ws2_32

inet_addr
htons
inet_ntoa
sendto
recvfrom
send
recv
shutdown
socket
setsockopt
listen
connect
closesocket
bind
accept
WSACleanup
WSAStartup
select
getsockopt
getsockname
ioctlsocket
WSAGetLastError
WSASetLastError
getservbyname
getservbyport
gethostbyname
gethostbyaddr
ntohs
htonl

advapi32

RegisterEventSourceW
DeregisterEventSource
ReportEventW

user32

GetUserObjectInformationW
MessageBoxW
GetProcessWindowStation

bcrypt

BCryptGenRandom

kernel32

HeapSize
GetTimeZoneInformation
GetStringTypeW
GetProcessHeap
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
IsValidCodePage
WriteConsoleW
SetFileAttributesW
GetFileAttributesExW
HeapReAlloc
GetFullPathNameW
GetCurrentDirectoryW
SetCurrentDirectoryW
SetFilePointerEx
FlushFileBuffers
SetStdHandle
HeapFree
HeapAlloc
EnumSystemLocalesW
GetUserDefaultLCID
OutputDebugStringW
SetEndOfFile
FindFirstFileExW
GetCurrentThreadId
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
ConvertFiberToThread
ConvertThreadToFiberEx
SwitchToFiber
DeleteFiber
CreateFiberEx
GetSystemDirectoryA
FreeLibrary
GetProcAddress
LoadLibraryA
FormatMessageA
Sleep
GetSystemTime
SystemTimeToFileTime
GetLastError
SetLastError
CloseHandle
LoadLibraryW
GetEnvironmentVariableW
GetStdHandle
GetFileType
WriteFile
GetModuleHandleW
MultiByteToWideChar
WideCharToMultiByte
GetACP
GetModuleHandleExW
GetSystemInfo
VirtualAlloc
VirtualProtect
VirtualFree
VirtualLock
FindClose
FindFirstFileW
FindNextFileW
InitializeSRWLock
ReleaseSRWLockExclusive
ReleaseSRWLockShared
AcquireSRWLockExclusive
AcquireSRWLockShared
DecodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetConsoleMode
SetConsoleMode
ReadConsoleA
ReadConsoleW
GetCurrentProcess
TerminateProcess
GetCurrentProcessId
GetSystemTimeAsFileTime
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
InitializeSListHead
GetCurrentThread
InterlockedPushEntrySList
InterlockedFlushSList
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LoadLibraryExW
RtlUnwind
EncodePointer
RaiseException
ReadFile
CreateFileW
GetDriveTypeW
GetFileInformationByHandle
PeekNamedPipe
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
ExitProcess
SetConsoleCtrlHandler
GetModuleFileNameW
GetConsoleCP

Exports

Exports

ACCESS_DESCRIPTION_free
ACCESS_DESCRIPTION_it
ACCESS_DESCRIPTION_new
ADMISSIONS_free
ADMISSIONS_get0_admissionAuthority
ADMISSIONS_get0_namingAuthority
ADMISSIONS_get0_professionInfos
ADMISSIONS_it
ADMISSIONS_new
ADMISSIONS_set0_admissionAuthority
ADMISSIONS_set0_namingAuthority
ADMISSIONS_set0_professionInfos
ADMISSION_SYNTAX_free
ADMISSION_SYNTAX_get0_admissionAuthority
ADMISSION_SYNTAX_get0_contentsOfAdmissions
ADMISSION_SYNTAX_it
ADMISSION_SYNTAX_new
ADMISSION_SYNTAX_set0_admissionAuthority
ADMISSION_SYNTAX_set0_contentsOfAdmissions
AES_bi_ige_encrypt
AES_cbc_encrypt
AES_cfb128_encrypt
AES_cfb1_encrypt
AES_cfb8_encrypt
AES_decrypt
AES_ecb_encrypt
AES_encrypt
AES_ige_encrypt
AES_ofb128_encrypt
AES_options
AES_set_decrypt_key
AES_set_encrypt_key
AES_unwrap_key
AES_wrap_key
ASIdOrRange_free
ASIdOrRange_it
ASIdOrRange_new
ASIdentifierChoice_free
ASIdentifierChoice_it
ASIdentifierChoice_new
ASIdentifiers_free
ASIdentifiers_it
ASIdentifiers_new
ASN1_ANY_it
ASN1_BIT_STRING_check
ASN1_BIT_STRING_free
ASN1_BIT_STRING_get_bit
ASN1_BIT_STRING_it
ASN1_BIT_STRING_name_print
ASN1_BIT_STRING_new
ASN1_BIT_STRING_num_asc
ASN1_BIT_STRING_set
ASN1_BIT_STRING_set_asc
ASN1_BIT_STRING_set_bit
ASN1_BMPSTRING_free
ASN1_BMPSTRING_it
ASN1_BMPSTRING_new
ASN1_BOOLEAN_it
ASN1_ENUMERATED_free
ASN1_ENUMERATED_get
ASN1_ENUMERATED_get_int64
ASN1_ENUMERATED_it
ASN1_ENUMERATED_new
ASN1_ENUMERATED_set
ASN1_ENUMERATED_set_int64
ASN1_ENUMERATED_to_BN
ASN1_FBOOLEAN_it
ASN1_GENERALIZEDTIME_adj
ASN1_GENERALIZEDTIME_check
ASN1_GENERALIZEDTIME_dup
ASN1_GENERALIZEDTIME_free
ASN1_GENERALIZEDTIME_it
ASN1_GENERALIZEDTIME_new
ASN1_GENERALIZEDTIME_print
ASN1_GENERALIZEDTIME_set
ASN1_GENERALIZEDTIME_set_string
ASN1_GENERALSTRING_free
ASN1_GENERALSTRING_it
ASN1_GENERALSTRING_new
ASN1_IA5STRING_free
ASN1_IA5STRING_it
ASN1_IA5STRING_new
ASN1_INTEGER_cmp
ASN1_INTEGER_dup
ASN1_INTEGER_free
ASN1_INTEGER_get
ASN1_INTEGER_get_int64
ASN1_INTEGER_get_uint64
ASN1_INTEGER_it
ASN1_INTEGER_new
ASN1_INTEGER_set
ASN1_INTEGER_set_int64
ASN1_INTEGER_set_uint64
ASN1_INTEGER_to_BN
ASN1_ITEM_get
ASN1_ITEM_lookup
ASN1_NULL_free
ASN1_NULL_it
ASN1_NULL_new
ASN1_OBJECT_create
ASN1_OBJECT_free
ASN1_OBJECT_it
ASN1_OBJECT_new
ASN1_OCTET_STRING_NDEF_it
ASN1_OCTET_STRING_cmp
ASN1_OCTET_STRING_dup
ASN1_OCTET_STRING_free
ASN1_OCTET_STRING_it
ASN1_OCTET_STRING_new
ASN1_OCTET_STRING_set
ASN1_PCTX_free
ASN1_PCTX_get_cert_flags
ASN1_PCTX_get_flags
ASN1_PCTX_get_nm_flags
ASN1_PCTX_get_oid_flags
ASN1_PCTX_get_str_flags
ASN1_PCTX_new
ASN1_PCTX_set_cert_flags
ASN1_PCTX_set_flags
ASN1_PCTX_set_nm_flags
ASN1_PCTX_set_oid_flags
ASN1_PCTX_set_str_flags
ASN1_PRINTABLESTRING_free
ASN1_PRINTABLESTRING_it
ASN1_PRINTABLESTRING_new
ASN1_PRINTABLE_free
ASN1_PRINTABLE_it
ASN1_PRINTABLE_new
ASN1_PRINTABLE_type
ASN1_SCTX_free
ASN1_SCTX_get_app_data
ASN1_SCTX_get_flags
ASN1_SCTX_get_item
ASN1_SCTX_get_template
ASN1_SCTX_new
ASN1_SCTX_set_app_data
ASN1_SEQUENCE_ANY_it
ASN1_SEQUENCE_it
ASN1_SET_ANY_it
ASN1_STRING_TABLE_add
ASN1_STRING_TABLE_cleanup
ASN1_STRING_TABLE_get
ASN1_STRING_clear_free
ASN1_STRING_cmp
ASN1_STRING_copy
ASN1_STRING_data
ASN1_STRING_dup
ASN1_STRING_free
ASN1_STRING_get0_data
ASN1_STRING_get_default_mask
ASN1_STRING_length
ASN1_STRING_length_set
ASN1_STRING_new
ASN1_STRING_print
ASN1_STRING_print_ex
ASN1_STRING_print_ex_fp
ASN1_STRING_set
ASN1_STRING_set0
ASN1_STRING_set_by_NID
ASN1_STRING_set_default_mask
ASN1_STRING_set_default_mask_asc
ASN1_STRING_to_UTF8
ASN1_STRING_type
ASN1_STRING_type_new
ASN1_T61STRING_free
ASN1_T61STRING_it
ASN1_T61STRING_new
ASN1_TBOOLEAN_it
ASN1_TIME_adj
ASN1_TIME_check
ASN1_TIME_cmp_time_t
ASN1_TIME_compare
ASN1_TIME_diff
ASN1_TIME_dup
ASN1_TIME_free
ASN1_TIME_it
ASN1_TIME_new
ASN1_TIME_normalize
ASN1_TIME_print
ASN1_TIME_print_ex
ASN1_TIME_set
ASN1_TIME_set_string
ASN1_TIME_set_string_X509
ASN1_TIME_to_generalizedtime
ASN1_TIME_to_tm
ASN1_TYPE_cmp
ASN1_TYPE_free
ASN1_TYPE_get
ASN1_TYPE_get_int_octetstring
ASN1_TYPE_get_octetstring
ASN1_TYPE_new
ASN1_TYPE_pack_sequence
ASN1_TYPE_set
ASN1_TYPE_set1
ASN1_TYPE_set_int_octetstring
ASN1_TYPE_set_octetstring
ASN1_TYPE_unpack_sequence
ASN1_UNIVERSALSTRING_free
ASN1_UNIVERSALSTRING_it
ASN1_UNIVERSALSTRING_new
ASN1_UNIVERSALSTRING_to_string
ASN1_UTCTIME_adj
ASN1_UTCTIME_check
ASN1_UTCTIME_cmp_time_t
ASN1_UTCTIME_dup
ASN1_UTCTIME_free
ASN1_UTCTIME_it
ASN1_UTCTIME_new
ASN1_UTCTIME_print
ASN1_UTCTIME_set
ASN1_UTCTIME_set_string
ASN1_UTF8STRING_free
ASN1_UTF8STRING_it
ASN1_UTF8STRING_new
ASN1_VISIBLESTRING_free
ASN1_VISIBLESTRING_it
ASN1_VISIBLESTRING_new
ASN1_add_oid_module
ASN1_add_stable_module
ASN1_bn_print
ASN1_buf_print
ASN1_check_infinite_end
ASN1_const_check_infinite_end
ASN1_d2i_bio
ASN1_d2i_fp
ASN1_digest
ASN1_dup
ASN1_generate_nconf
ASN1_generate_v3
ASN1_get_object
ASN1_i2d_bio
ASN1_i2d_fp
ASN1_item_d2i
ASN1_item_d2i_bio
ASN1_item_d2i_bio_ex
ASN1_item_d2i_ex
ASN1_item_d2i_fp
ASN1_item_d2i_fp_ex
ASN1_item_digest
ASN1_item_dup
ASN1_item_ex_d2i
ASN1_item_ex_free
ASN1_item_ex_i2d
ASN1_item_ex_new
ASN1_item_free
ASN1_item_i2d
ASN1_item_i2d_bio
ASN1_item_i2d_fp
ASN1_item_i2d_mem_bio
ASN1_item_ndef_i2d
ASN1_item_new
ASN1_item_new_ex
ASN1_item_pack
ASN1_item_print
ASN1_item_sign
ASN1_item_sign_ctx
ASN1_item_sign_ex
ASN1_item_unpack
ASN1_item_verify
ASN1_item_verify_ctx
ASN1_item_verify_ex
ASN1_mbstring_copy
ASN1_mbstring_ncopy
ASN1_object_size
ASN1_parse
ASN1_parse_dump
ASN1_put_eoc
ASN1_put_object
ASN1_sign
ASN1_str2mask
ASN1_tag2bit
ASN1_tag2str
ASN1_verify
ASRange_free
ASRange_it
ASRange_new
ASYNC_WAIT_CTX_clear_fd
ASYNC_WAIT_CTX_free
ASYNC_WAIT_CTX_get_all_fds
ASYNC_WAIT_CTX_get_callback
ASYNC_WAIT_CTX_get_changed_fds
ASYNC_WAIT_CTX_get_fd
ASYNC_WAIT_CTX_get_status
ASYNC_WAIT_CTX_new
ASYNC_WAIT_CTX_set_callback
ASYNC_WAIT_CTX_set_status
ASYNC_WAIT_CTX_set_wait_fd
ASYNC_block_pause
ASYNC_cleanup_thread
ASYNC_get_current_job
ASYNC_get_wait_ctx
ASYNC_init_thread
ASYNC_is_capable
ASYNC_pause_job
ASYNC_start_job
ASYNC_unblock_pause
AUTHORITY_INFO_ACCESS_free
AUTHORITY_INFO_ACCESS_it
AUTHORITY_INFO_ACCESS_new
AUTHORITY_KEYID_free
AUTHORITY_KEYID_it
AUTHORITY_KEYID_new
BASIC_CONSTRAINTS_free
BASIC_CONSTRAINTS_it
BASIC_CONSTRAINTS_new
BF_cbc_encrypt
BF_cfb64_encrypt
BF_decrypt
BF_ecb_encrypt
BF_encrypt
BF_ofb64_encrypt
BF_options
BF_set_key
BIGNUM_it
BIO_ADDRINFO_address
BIO_ADDRINFO_family
BIO_ADDRINFO_free
BIO_ADDRINFO_next
BIO_ADDRINFO_protocol
BIO_ADDRINFO_socktype
BIO_ADDR_clear
BIO_ADDR_family
BIO_ADDR_free
BIO_ADDR_hostname_string
BIO_ADDR_new
BIO_ADDR_path_string
BIO_ADDR_rawaddress
BIO_ADDR_rawmake
BIO_ADDR_rawport
BIO_ADDR_service_string
BIO_accept
BIO_accept_ex
BIO_asn1_get_prefix
BIO_asn1_get_suffix
BIO_asn1_set_prefix
BIO_asn1_set_suffix
BIO_bind
BIO_callback_ctrl
BIO_clear_flags
BIO_closesocket
BIO_connect
BIO_copy_next_retry
BIO_ctrl
BIO_ctrl_get_read_request
BIO_ctrl_get_write_guarantee
BIO_ctrl_pending
BIO_ctrl_reset_read_request
BIO_ctrl_wpending
BIO_debug_callback
BIO_debug_callback_ex
BIO_dgram_non_fatal_error
BIO_do_connect_retry
BIO_dump
BIO_dump_cb
BIO_dump_fp
BIO_dump_indent
BIO_dump_indent_cb
BIO_dump_indent_fp
BIO_dup_chain
BIO_f_asn1
BIO_f_base64
BIO_f_buffer
BIO_f_cipher
BIO_f_linebuffer
BIO_f_md
BIO_f_nbio_test
BIO_f_null
BIO_f_prefix
BIO_f_readbuffer
BIO_f_reliable
BIO_fd_non_fatal_error
BIO_fd_should_retry
BIO_find_type
BIO_free
BIO_free_all
BIO_get_accept_socket
BIO_get_callback
BIO_get_callback_arg
BIO_get_callback_ex
BIO_get_data
BIO_get_ex_data
BIO_get_host_ip
BIO_get_init
BIO_get_line
BIO_get_new_index
BIO_get_port
BIO_get_retry_BIO
BIO_get_retry_reason
BIO_get_shutdown
BIO_gethostbyname
BIO_gets
BIO_hex_string
BIO_indent
BIO_int_ctrl
BIO_listen
BIO_lookup
BIO_lookup_ex
BIO_meth_free
BIO_meth_get_callback_ctrl
BIO_meth_get_create
BIO_meth_get_ctrl
BIO_meth_get_destroy
BIO_meth_get_gets
BIO_meth_get_puts
BIO_meth_get_read
BIO_meth_get_read_ex
BIO_meth_get_write
BIO_meth_get_write_ex
BIO_meth_new
BIO_meth_set_callback_ctrl
BIO_meth_set_create
BIO_meth_set_ctrl
BIO_meth_set_destroy
BIO_meth_set_gets
BIO_meth_set_puts
BIO_meth_set_read
BIO_meth_set_read_ex
BIO_meth_set_write
BIO_meth_set_write_ex
BIO_method_name
BIO_method_type
BIO_new
BIO_new_CMS
BIO_new_NDEF
BIO_new_PKCS7
BIO_new_accept
BIO_new_bio_pair
BIO_new_connect
BIO_new_dgram
BIO_new_ex
BIO_new_fd
BIO_new_file
BIO_new_fp
BIO_new_from_core_bio
BIO_new_mem_buf
BIO_new_socket
BIO_next
BIO_nread
BIO_nread0
BIO_number_read
BIO_number_written
BIO_nwrite
BIO_nwrite0
BIO_parse_hostserv
BIO_pop
BIO_printf
BIO_ptr_ctrl
BIO_push
BIO_puts
BIO_read
BIO_read_ex
BIO_s_accept
BIO_s_bio
BIO_s_connect
BIO_s_core
BIO_s_datagram
BIO_s_fd
BIO_s_file
BIO_s_log
BIO_s_mem
BIO_s_null
BIO_s_secmem
BIO_s_socket
BIO_set_callback
BIO_set_callback_arg
BIO_set_callback_ex
BIO_set_cipher
BIO_set_data
BIO_set_ex_data
BIO_set_flags
BIO_set_init
BIO_set_next
BIO_set_retry_reason
BIO_set_shutdown
BIO_set_tcp_ndelay
BIO_snprintf
BIO_sock_error
BIO_sock_info
BIO_sock_init
BIO_sock_non_fatal_error
BIO_sock_should_retry
BIO_socket
BIO_socket_ioctl
BIO_socket_nbio
BIO_socket_wait
BIO_test_flags
BIO_up_ref
BIO_vfree
BIO_vprintf
BIO_vsnprintf
BIO_wait
BIO_write
BIO_write_ex
BN_BLINDING_convert
BN_BLINDING_convert_ex
BN_BLINDING_create_param
BN_BLINDING_free
BN_BLINDING_get_flags
BN_BLINDING_invert
BN_BLINDING_invert_ex

Sections

.text
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 711KB - Virtual size: 711KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 952B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
libssl-1_1.dll
.dll windows:6 windows x86 arch:x86

6b7941fd7226b11848b1aede08b783c1

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:7b:2e:10:a0:d9:6c:4d:53:bd:1e:49:42:fc:ca:c9
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

24/06/2024, 00:00

Not After

22/06/2025, 23:59

Subject

SERIALNUMBER=110111-1138985,CN=AhnLab\, Inc.,O=AhnLab\, Inc.,L=Seongnam-si,ST=Gyeonggi-do,C=KR,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.1=#130b53656f6e676e616d2d7369,1.3.6.1.4.1.311.60.2.1.2=#130b4779656f6e6767692d646f,1.3.6.1.4.1.311.60.2.1.3=#13024b52

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:b2:40:09:a8:7e:59:f4:5a:29:51:19:9c:97:70:47:66:67:ba:4e:30:f0:e2:95:64:61:0a:ac:fe:9d:f4:17
Signer

Actual PE Digest

07:b2:40:09:a8:7e:59:f4:5a:29:51:19:9c:97:70:47:66:67:ba:4e:30:f0:e2:95:64:61:0a:ac:fe:9d:f4:17

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\OpenSSL\libssl-3.pdb

Imports

libcrypto-3

EVP_PKEY_CTX_new_from_pkey
EVP_PKEY_CTX_free
EVP_PKEY_derive_init
EVP_PKEY_derive_set_peer
EVP_PKEY_derive
EVP_PKEY_encapsulate_init
EVP_PKEY_encapsulate
EVP_PKEY_decapsulate_init
EVP_PKEY_decapsulate
EVP_PKEY_paramgen_init
EVP_PKEY_paramgen
EVP_PKEY_keygen_init
EVP_PKEY_keygen
EVP_PKEY_CTX_set_group_name
X509_NAME_free
X509_free
RAND_bytes_ex
ASN1_OCTET_STRING_it
X509_it
INT32_it
ZINT32_it
UINT32_it
ZUINT32_it
ZINT64_it
ZUINT64_it
CRYPTO_strndup
ASN1_item_free
ASN1_item_d2i
ASN1_item_i2d
OPENSSL_DIR_read
OPENSSL_DIR_end
OPENSSL_sk_shift
OPENSSL_sk_pop
OPENSSL_sk_set_cmp_func
CRYPTO_THREAD_lock_new
CRYPTO_THREAD_lock_free
CRYPTO_get_ex_new_index
CRYPTO_THREAD_run_once
OSSL_LIB_CTX_set0_default
BIO_s_file
BIO_snprintf
OBJ_nid2ln
OBJ_nid2sn
OPENSSL_LH_new
OPENSSL_LH_free
OPENSSL_LH_insert
OPENSSL_LH_retrieve
X509_verify_cert
X509_STORE_new
X509_STORE_free
X509_STORE_up_ref
X509_STORE_CTX_new_ex
X509_STORE_CTX_free
X509_STORE_CTX_init
X509_STORE_CTX_set_verify_cb
X509_STORE_add_cert
X509_STORE_CTX_set_ex_data
X509_STORE_CTX_get_error
X509_STORE_CTX_get0_chain
X509_STORE_CTX_get1_chain
X509_STORE_CTX_set_flags
X509_STORE_CTX_get0_param
X509_STORE_CTX_set_default
X509_STORE_CTX_set0_dane
X509_VERIFY_PARAM_set1
X509_VERIFY_PARAM_set_auth_level
X509_VERIFY_PARAM_move_peername
X509_verify_cert_error_string
X509_NAME_dup
i2d_X509_NAME
X509_new_ex
X509_get_subject_name
X509_up_ref
X509_chain_up_ref
X509_cmp
X509_NAME_hash_ex
PEM_read_bio_X509
OSSL_STORE_open
OSSL_STORE_load
OSSL_STORE_eof
OSSL_STORE_error
OSSL_STORE_close
OSSL_STORE_INFO_get_type
OSSL_STORE_INFO_get0_NAME
OSSL_STORE_INFO_get0_CERT
OSSL_STORE_INFO_free
X509_get_extension_flags
OPENSSL_sk_new
OPENSSL_sk_delete
OPENSSL_sk_unshift
OPENSSL_sk_dup
OPENSSL_sk_sort
COMP_get_type
COMP_get_name
COMP_zlib
EVP_CIPHER_get_block_size
EVP_CIPHER_get_flags
EVP_CIPHER_get_mode
EVP_CIPHER_fetch
EVP_get_cipherbyname
EVP_get_digestbyname
EVP_PKEY_asn1_find_str
EVP_PKEY_asn1_get0_info
EVP_SIGNATURE_free
EVP_SIGNATURE_fetch
EVP_KEYEXCH_free
EVP_KEYEXCH_fetch
CONF_parse_list
ERR_set_mark
ERR_pop_to_mark
OPENSSL_strcasecmp
OPENSSL_strncasecmp
ERR_clear_last_mark
X509_STORE_load_path
X509_STORE_load_file_ex
X509_STORE_load_store_ex
OSSL_DECODER_CTX_free
OSSL_DECODER_from_bio
OSSL_DECODER_CTX_new_for_pkey
ERR_reason_error_string
ERR_load_strings_const
OPENSSL_init_crypto
OPENSSL_atexit
OPENSSL_sk_insert
CRYPTO_THREAD_read_lock
CRYPTO_THREAD_write_lock
CRYPTO_THREAD_unlock
OPENSSL_strnlen
CRYPTO_new_ex_data
CRYPTO_dup_ex_data
CRYPTO_free_ex_data
CRYPTO_set_ex_data
CRYPTO_get_ex_data
CRYPTO_realloc
CRYPTO_secure_zalloc
CRYPTO_secure_free
CRYPTO_memcmp
BUF_MEM_free
COMP_CTX_get_method
BIO_int_ctrl
BIO_pop
BIO_free_all
BIO_s_socket
ASN1_OCTET_STRING_free
OPENSSL_LH_num_items
ERR_peek_error
OBJ_bsearch_
EVP_MD_get0_provider
EVP_CIPHER_up_ref
EVP_CIPHER_free
EVP_MD_fetch
EVP_MD_up_ref
EVP_MD_free
EVP_PKEY_get_security_bits
X509_STORE_add_lookup
X509_LOOKUP_hash_dir
X509_LOOKUP_file
X509_LOOKUP_store
X509_LOOKUP_ctrl
X509_LOOKUP_ctrl_ex
X509_STORE_set_default_paths_ex
X509_VERIFY_PARAM_new
X509_VERIFY_PARAM_free
X509_VERIFY_PARAM_inherit
X509_VERIFY_PARAM_set_purpose
X509_VERIFY_PARAM_set_trust
X509_VERIFY_PARAM_set_depth
X509_VERIFY_PARAM_set1_host
X509_VERIFY_PARAM_add1_host
X509_VERIFY_PARAM_set_hostflags
X509_VERIFY_PARAM_get0_peername
X509_VERIFY_PARAM_get1_ip_asc
X509_VERIFY_PARAM_set1_ip_asc
X509_VERIFY_PARAM_get_depth
d2i_PUBKEY
X509_EXTENSION_free
d2i_X509
X509_get0_pubkey
X509_check_private_key
X509_get_ext_d2i
ASYNC_WAIT_CTX_new
ASYNC_WAIT_CTX_free
ASYNC_WAIT_CTX_get_all_fds
ASYNC_WAIT_CTX_set_callback
ASYNC_WAIT_CTX_get_status
ASYNC_WAIT_CTX_get_changed_fds
ASYNC_start_job
ASYNC_get_current_job
CT_POLICY_EVAL_CTX_new_ex
CT_POLICY_EVAL_CTX_free
CT_POLICY_EVAL_CTX_set1_cert
CT_POLICY_EVAL_CTX_set1_issuer
CT_POLICY_EVAL_CTX_set_shared_CTLOG_STORE
CT_POLICY_EVAL_CTX_set_time
SCT_free
SCT_LIST_free
SCT_set_source
SCT_get_validation_status
SCT_LIST_validate
o2i_SCT_LIST
EVP_PKEY_free
CTLOG_STORE_free
CTLOG_STORE_load_file
CTLOG_STORE_load_default_file
X509_get_key_usage
a2i_IPADDRESS
RAND_priv_bytes_ex
OCSP_response_get1_basic
OCSP_resp_count
OCSP_resp_get0
OCSP_SINGLERESP_get1_ext_d2i
OCSP_BASICRESP_free
OCSP_RESPID_free
OCSP_RESPONSE_free
d2i_OCSP_RESPONSE
conf_ssl_get
conf_ssl_name_find
conf_ssl_get_cmd
ERR_peek_last_error
EVP_PKEY_can_sign
d2i_PrivateKey_ex
EVP_PKEY_copy_parameters
EVP_PKEY_missing_parameters
EVP_PKEY_eq
d2i_X509_bio
d2i_PrivateKey_ex_bio
X509_get_pubkey
PEM_read_bio
PEM_read_bio_X509_AUX
PEM_read_bio_PrivateKey_ex
RSA_free
RSA_up_ref
d2i_RSAPrivateKey
EVP_PKEY_assign
EVP_PKEY_new
d2i_RSAPrivateKey_bio
PEM_read_bio_RSAPrivateKey
OPENSSL_LH_delete
OPENSSL_LH_get_down_load
OPENSSL_LH_set_down_load
PEM_ASN1_read_bio
PEM_ASN1_write_bio
PEM_ASN1_read
PEM_ASN1_write
BIO_puts
BIO_dump_indent
BIO_printf
OSSL_PARAM_construct_int
OSSL_PARAM_construct_size_t
OSSL_PARAM_construct_utf8_string
EVP_MD_get0_name
EVP_DigestSignInit_ex
EVP_CIPHER_CTX_ctrl
EVP_CIPHER_CTX_set_params
EVP_PKEY_new_mac_key
EVP_PKEY_new_raw_private_key_ex
EVP_KDF_free
EVP_KDF_fetch
EVP_KDF_CTX_new
EVP_KDF_CTX_free
EVP_KDF_derive
BN_free
BN_get_rfc2409_prime_1024
BN_get_rfc3526_prime_2048
BN_get_rfc3526_prime_3072
BN_get_rfc3526_prime_4096
BN_get_rfc3526_prime_8192
OBJ_txt2nid
OBJ_ln2nid
OBJ_sn2nid
OSSL_PARAM_locate_const
OSSL_PARAM_get_int
OSSL_PARAM_get_uint
OSSL_PARAM_free
EVP_CIPHER_CTX_get_iv_length
EVP_DecryptInit_ex
EVP_DecryptUpdate
EVP_DecryptFinal
EVP_MAC_fetch
EVP_MAC_free
EVP_MAC_CTX_new
EVP_MAC_CTX_free
EVP_MAC_CTX_get_mac_size
EVP_MAC_init
EVP_MAC_update
EVP_MAC_final
EVP_PKEY_get_id
EVP_PKEY_get_bits
EVP_PKEY_get_size
EVP_PKEY_set_type
EVP_PKEY_digestsign_supports_digest
EVP_PKEY_set1_encoded_public_key
EVP_KEYMGMT_fetch
EVP_KEYMGMT_free
EVP_KEYMGMT_get0_provider
EVP_PKEY_fromdata_init
EVP_PKEY_fromdata
EVP_PKEY_get_ec_point_conv_form
EVP_PKEY_get_field_type
EVP_PKEY_get_group_name
X509_get_signature_info
X509_get_signature_nid
X509_get_issuer_name
X509_chain_check_suiteb
X509_NAME_cmp
OSSL_PROVIDER_do_all
OSSL_PROVIDER_get_capabilities
OSSL_PARAM_BLD_new
OSSL_PARAM_BLD_to_param
OSSL_PARAM_BLD_free
OSSL_PARAM_BLD_push_uint
OSSL_PARAM_BLD_push_BN
BIO_indent
d2i_X509_NAME
X509_NAME_print_ex
X509_print_ex
PEM_write_bio_X509
EVP_Q_mac
EC_GROUP_get_curve_name
EC_KEY_get0_group
EVP_PKEY_set1_DH
ENGINE_get_ssl_client_cert_function
ENGINE_get_cipher
ENGINE_get_digest
ENGINE_init
ENGINE_finish
ENGINE_load_ssl_client_cert
ENGINE_get_cipher_engine
ENGINE_get_digest_engine
HMAC_size
HMAC_CTX_new
HMAC_CTX_free
HMAC_Init_ex
HMAC_Update
HMAC_Final
BN_is_zero
BN_num_bits
BN_clear_free
BN_copy
BN_bin2bn
BN_bn2bin
BN_dup
BN_ucmp
SRP_create_verifier_BN_ex
SRP_check_known_gN_param
SRP_get_default_gN
SRP_Calc_server_key
SRP_Calc_B_ex
SRP_Verify_A_mod_N
SRP_Calc_u_ex
SRP_Calc_x_ex
SRP_Calc_A
SRP_Calc_client_key_ex
SRP_Verify_B_mod_N
COMP_compress_block
COMP_expand_block
OSSL_PARAM_construct_octet_ptr
EVP_MD_CTX_get_pkey_ctx
EVP_CIPHER_CTX_get_block_size
EVP_Cipher
EVP_MD_CTX_ctrl
EVP_MD_CTX_copy
EVP_CipherUpdate
EVP_DigestSignUpdate
EVP_DigestSignFinal
EVP_CIPHER_CTX_get_params
EVP_PKEY_CTX_set_params
EVP_CipherFinal_ex
EVP_PKEY_get1_encoded_public_key
i2d_X509_EXTENSIONS
i2d_OCSP_RESPID
EVP_DigestSign
d2i_X509_EXTENSIONS
d2i_OCSP_RESPID
BUF_MEM_new
BUF_MEM_grow_clean
ERR_vset_error
EVP_Digest
EVP_DigestInit
EVP_DigestVerify
EVP_DigestVerifyInit_ex
EVP_PKEY_CTX_ctrl
EVP_PKEY_encrypt_init
EVP_PKEY_encrypt
EVP_PKEY_public_check
EVP_PKEY_param_check_quick
EVP_PKEY_CTX_set_rsa_padding
EVP_PKEY_CTX_set_rsa_pss_saltlen
BUF_reverse
EVP_DigestVerifyUpdate
EVP_DigestVerifyFinal
i2d_X509
ASN1_ANY_it
ASN1_TYPE_get
ASN1_item_new
OSSL_PARAM_construct_uint
EVP_EncryptInit_ex
EVP_EncryptUpdate
EVP_EncryptFinal
EVP_PKEY_decrypt_init
EVP_PKEY_decrypt
EVP_PKEY_get_bn_param
EVP_PKEY_up_ref
EVP_PKEY_is_a
EVP_PKEY_CTX_set_dh_pad
CRYPTO_strdup
CRYPTO_memdup
OPENSSL_sk_pop_free
OPENSSL_sk_new_reserve
OPENSSL_sk_value
OPENSSL_sk_num
EVP_CIPHER_CTX_reset
EVP_CIPHER_CTX_new
EVP_CipherInit_ex
EVP_DigestFinal_ex
EVP_MD_CTX_copy_ex
EVP_MD_CTX_set_params
EVP_CIPHER_CTX_get0_cipher
EVP_CIPHER_get_iv_length
EVP_CIPHER_get_key_length
EVP_PKEY_CTX_new_from_name
EVP_CIPHER_get0_provider
EVP_MD_CTX_get0_md
EVP_MD_get_size
EVP_MD_get_type
OSSL_PARAM_construct_end
OSSL_PARAM_construct_octet_string
BIO_s_mem
COMP_CTX_free
COMP_CTX_new
OPENSSL_cleanse
CRYPTO_clear_free
SHA512_Transform
SHA512_Init
SHA384_Init
SHA256_Transform
SHA256_Init
SHA224_Init
SHA1_Transform
SHA1_Init
MD5_Transform
MD5_Init
EVP_DigestFinal
EVP_DigestUpdate
EVP_DigestInit_ex
EVP_MD_CTX_new
EVP_MD_is_a
CRYPTO_malloc
OPENSSL_sk_push
OPENSSL_sk_find
OPENSSL_sk_free
OPENSSL_sk_new_null
ERR_clear_error
EVP_CIPHER_CTX_free
EVP_MD_CTX_free
BIO_ADDR_clear
BIO_ADDR_free
BIO_ADDR_new
BIO_read
BIO_test_flags
BIO_copy_next_retry
BIO_f_buffer
BIO_s_connect
BIO_set_retry_reason
BIO_get_retry_reason
BIO_set_next
BIO_next
BIO_find_type
BIO_push
BIO_callback_ctrl
BIO_ctrl
BIO_write
BIO_up_ref
BIO_get_shutdown
BIO_set_shutdown
BIO_get_init
BIO_set_init
BIO_get_data
BIO_set_data
BIO_free
BIO_new
BIO_method_type
BIO_clear_flags
BIO_set_flags
ERR_set_error
ERR_set_debug
ERR_new
BUF_MEM_grow
CRYPTO_free
CTLOG_STORE_new_ex
CRYPTO_zalloc

kernel32

WriteConsoleW
OutputDebugStringW
GetConsoleMode
GetConsoleCP
FlushFileBuffers
HeapReAlloc
HeapSize
GetStringTypeW
GetTimeZoneInformation
WriteFile
SetConsoleCtrlHandler
GetProcessHeap
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
GetStdHandle
SetStdHandle
MultiByteToWideChar
GetFullPathNameW
HeapAlloc
HeapFree
GetCurrentDirectoryW
SetCurrentDirectoryW
GetCurrentThread
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
GetModuleFileNameW
GetModuleHandleExW
ExitProcess
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
PeekNamedPipe
CloseHandle
GetFileType
GetFileInformationByHandle
GetDriveTypeW
CreateFileW
RaiseException
EncodePointer
LoadLibraryExW
GetProcAddress
FreeLibrary
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
RtlUnwind
InterlockedFlushSList
InterlockedPushEntrySList
GetModuleHandleW
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetLastError
SystemTimeToFileTime
GetSystemTime
SetLastError
DecodePointer
SetFilePointerEx

Exports

Exports

BIO_f_ssl
BIO_new_buffer_ssl_connect
BIO_new_ssl
BIO_new_ssl_connect
BIO_ssl_copy_session_id
BIO_ssl_shutdown
DTLS_client_method
DTLS_get_data_mtu
DTLS_method
DTLS_server_method
DTLS_set_timer_cb
DTLSv1_2_client_method
DTLSv1_2_method
DTLSv1_2_server_method
DTLSv1_client_method
DTLSv1_listen
DTLSv1_method
DTLSv1_server_method
ERR_load_SSL_strings
OPENSSL_cipher_name
OPENSSL_init_ssl
OSSL_default_cipher_list
OSSL_default_ciphersuites
PEM_read_SSL_SESSION
PEM_read_bio_SSL_SESSION
PEM_write_SSL_SESSION
PEM_write_bio_SSL_SESSION
SRP_Calc_A_param
SSL_CIPHER_description
SSL_CIPHER_find
SSL_CIPHER_get_auth_nid
SSL_CIPHER_get_bits
SSL_CIPHER_get_cipher_nid
SSL_CIPHER_get_digest_nid
SSL_CIPHER_get_handshake_digest
SSL_CIPHER_get_id
SSL_CIPHER_get_kx_nid
SSL_CIPHER_get_name
SSL_CIPHER_get_protocol_id
SSL_CIPHER_get_version
SSL_CIPHER_is_aead
SSL_CIPHER_standard_name
SSL_COMP_add_compression_method
SSL_COMP_get0_name
SSL_COMP_get_compression_methods
SSL_COMP_get_id
SSL_COMP_get_name
SSL_COMP_set0_compression_methods
SSL_CONF_CTX_clear_flags
SSL_CONF_CTX_finish
SSL_CONF_CTX_free
SSL_CONF_CTX_new
SSL_CONF_CTX_set1_prefix
SSL_CONF_CTX_set_flags
SSL_CONF_CTX_set_ssl
SSL_CONF_CTX_set_ssl_ctx
SSL_CONF_cmd
SSL_CONF_cmd_argv
SSL_CONF_cmd_value_type
SSL_CTX_SRP_CTX_free
SSL_CTX_SRP_CTX_init
SSL_CTX_add1_to_CA_list
SSL_CTX_add_client_CA
SSL_CTX_add_client_custom_ext
SSL_CTX_add_custom_ext
SSL_CTX_add_server_custom_ext
SSL_CTX_add_session
SSL_CTX_callback_ctrl
SSL_CTX_check_private_key
SSL_CTX_clear_options
SSL_CTX_config
SSL_CTX_ct_is_enabled
SSL_CTX_ctrl
SSL_CTX_dane_clear_flags
SSL_CTX_dane_enable
SSL_CTX_dane_mtype_set
SSL_CTX_dane_set_flags
SSL_CTX_enable_ct
SSL_CTX_flush_sessions
SSL_CTX_free
SSL_CTX_get0_CA_list
SSL_CTX_get0_certificate
SSL_CTX_get0_ctlog_store
SSL_CTX_get0_param
SSL_CTX_get0_privatekey
SSL_CTX_get0_security_ex_data
SSL_CTX_get_cert_store
SSL_CTX_get_ciphers
SSL_CTX_get_client_CA_list
SSL_CTX_get_client_cert_cb
SSL_CTX_get_default_passwd_cb
SSL_CTX_get_default_passwd_cb_userdata
SSL_CTX_get_ex_data
SSL_CTX_get_info_callback
SSL_CTX_get_keylog_callback
SSL_CTX_get_max_early_data
SSL_CTX_get_num_tickets
SSL_CTX_get_options
SSL_CTX_get_quiet_shutdown
SSL_CTX_get_record_padding_callback_arg
SSL_CTX_get_recv_max_early_data
SSL_CTX_get_security_callback
SSL_CTX_get_security_level
SSL_CTX_get_ssl_method
SSL_CTX_get_timeout
SSL_CTX_get_verify_callback
SSL_CTX_get_verify_depth
SSL_CTX_get_verify_mode
SSL_CTX_has_client_custom_ext
SSL_CTX_load_verify_dir
SSL_CTX_load_verify_file
SSL_CTX_load_verify_locations
SSL_CTX_load_verify_store
SSL_CTX_new
SSL_CTX_new_ex
SSL_CTX_remove_session
SSL_CTX_sess_get_get_cb
SSL_CTX_sess_get_new_cb
SSL_CTX_sess_get_remove_cb
SSL_CTX_sess_set_get_cb
SSL_CTX_sess_set_new_cb
SSL_CTX_sess_set_remove_cb
SSL_CTX_sessions
SSL_CTX_set0_CA_list
SSL_CTX_set0_ctlog_store
SSL_CTX_set0_security_ex_data
SSL_CTX_set0_tmp_dh_pkey
SSL_CTX_set1_cert_store
SSL_CTX_set1_param
SSL_CTX_set_allow_early_data_cb
SSL_CTX_set_alpn_protos
SSL_CTX_set_alpn_select_cb
SSL_CTX_set_async_callback
SSL_CTX_set_async_callback_arg
SSL_CTX_set_block_padding
SSL_CTX_set_cert_cb
SSL_CTX_set_cert_store
SSL_CTX_set_cert_verify_callback
SSL_CTX_set_cipher_list
SSL_CTX_set_ciphersuites
SSL_CTX_set_client_CA_list
SSL_CTX_set_client_cert_cb
SSL_CTX_set_client_cert_engine
SSL_CTX_set_client_hello_cb
SSL_CTX_set_cookie_generate_cb
SSL_CTX_set_cookie_verify_cb
SSL_CTX_set_ct_validation_callback
SSL_CTX_set_ctlog_list_file
SSL_CTX_set_default_ctlog_list_file
SSL_CTX_set_default_passwd_cb
SSL_CTX_set_default_passwd_cb_userdata
SSL_CTX_set_default_read_buffer_len
SSL_CTX_set_default_verify_dir
SSL_CTX_set_default_verify_file
SSL_CTX_set_default_verify_paths
SSL_CTX_set_default_verify_store
SSL_CTX_set_ex_data
SSL_CTX_set_generate_session_id
SSL_CTX_set_info_callback
SSL_CTX_set_keylog_callback
SSL_CTX_set_max_early_data
SSL_CTX_set_msg_callback
SSL_CTX_set_next_proto_select_cb
SSL_CTX_set_next_protos_advertised_cb
SSL_CTX_set_not_resumable_session_callback
SSL_CTX_set_num_tickets
SSL_CTX_set_options
SSL_CTX_set_post_handshake_auth
SSL_CTX_set_psk_client_callback
SSL_CTX_set_psk_find_session_callback
SSL_CTX_set_psk_server_callback
SSL_CTX_set_psk_use_session_callback
SSL_CTX_set_purpose
SSL_CTX_set_quiet_shutdown
SSL_CTX_set_record_padding_callback
SSL_CTX_set_record_padding_callback_arg
SSL_CTX_set_recv_max_early_data
SSL_CTX_set_security_callback
SSL_CTX_set_security_level
SSL_CTX_set_session_id_context
SSL_CTX_set_session_ticket_cb
SSL_CTX_set_srp_cb_arg
SSL_CTX_set_srp_client_pwd_callback
SSL_CTX_set_srp_password
SSL_CTX_set_srp_strength
SSL_CTX_set_srp_username
SSL_CTX_set_srp_username_callback
SSL_CTX_set_srp_verify_param_callback
SSL_CTX_set_ssl_version
SSL_CTX_set_stateless_cookie_generate_cb
SSL_CTX_set_stateless_cookie_verify_cb
SSL_CTX_set_timeout
SSL_CTX_set_tlsext_max_fragment_length
SSL_CTX_set_tlsext_ticket_key_evp_cb
SSL_CTX_set_tlsext_use_srtp
SSL_CTX_set_tmp_dh_callback
SSL_CTX_set_trust
SSL_CTX_set_verify
SSL_CTX_set_verify_depth
SSL_CTX_up_ref
SSL_CTX_use_PrivateKey
SSL_CTX_use_PrivateKey_ASN1
SSL_CTX_use_PrivateKey_file
SSL_CTX_use_RSAPrivateKey
SSL_CTX_use_RSAPrivateKey_ASN1
SSL_CTX_use_RSAPrivateKey_file
SSL_CTX_use_cert_and_key
SSL_CTX_use_certificate
SSL_CTX_use_certificate_ASN1
SSL_CTX_use_certificate_chain_file
SSL_CTX_use_certificate_file
SSL_CTX_use_psk_identity_hint
SSL_CTX_use_serverinfo
SSL_CTX_use_serverinfo_ex
SSL_CTX_use_serverinfo_file
SSL_SESSION_dup
SSL_SESSION_free
SSL_SESSION_get0_alpn_selected
SSL_SESSION_get0_cipher
SSL_SESSION_get0_hostname
SSL_SESSION_get0_id_context
SSL_SESSION_get0_peer
SSL_SESSION_get0_ticket
SSL_SESSION_get0_ticket_appdata
SSL_SESSION_get_compress_id
SSL_SESSION_get_ex_data
SSL_SESSION_get_id
SSL_SESSION_get_master_key
SSL_SESSION_get_max_early_data
SSL_SESSION_get_max_fragment_length
SSL_SESSION_get_protocol_version
SSL_SESSION_get_ticket_lifetime_hint
SSL_SESSION_get_time
SSL_SESSION_get_timeout
SSL_SESSION_has_ticket
SSL_SESSION_is_resumable
SSL_SESSION_new
SSL_SESSION_print
SSL_SESSION_print_fp
SSL_SESSION_print_keylog
SSL_SESSION_set1_alpn_selected
SSL_SESSION_set1_hostname
SSL_SESSION_set1_id
SSL_SESSION_set1_id_context
SSL_SESSION_set1_master_key
SSL_SESSION_set1_ticket_appdata
SSL_SESSION_set_cipher
SSL_SESSION_set_ex_data
SSL_SESSION_set_max_early_data
SSL_SESSION_set_protocol_version
SSL_SESSION_set_time
SSL_SESSION_set_timeout
SSL_SESSION_up_ref
SSL_SRP_CTX_free
SSL_SRP_CTX_init
SSL_accept
SSL_add1_host
SSL_add1_to_CA_list
SSL_add_client_CA
SSL_add_dir_cert_subjects_to_stack
SSL_add_file_cert_subjects_to_stack
SSL_add_ssl_module
SSL_add_store_cert_subjects_to_stack
SSL_alert_desc_string
SSL_alert_desc_string_long
SSL_alert_type_string
SSL_alert_type_string_long
SSL_alloc_buffers
SSL_bytes_to_cipher_list
SSL_callback_ctrl
SSL_certs_clear
SSL_check_chain
SSL_check_private_key
SSL_clear
SSL_clear_options
SSL_client_hello_get0_ciphers
SSL_client_hello_get0_compression_methods
SSL_client_hello_get0_ext
SSL_client_hello_get0_legacy_version
SSL_client_hello_get0_random
SSL_client_hello_get0_session_id
SSL_client_hello_get1_extensions_present
SSL_client_hello_isv2
SSL_client_version
SSL_config
SSL_connect
SSL_copy_session_id
SSL_ct_is_enabled
SSL_ctrl
SSL_dane_clear_flags
SSL_dane_enable
SSL_dane_set_flags
SSL_dane_tlsa_add
SSL_do_handshake
SSL_dup
SSL_dup_CA_list
SSL_enable_ct
SSL_export_keying_material
SSL_export_keying_material_early
SSL_extension_supported
SSL_free
SSL_free_buffers
SSL_get0_CA_list
SSL_get0_alpn_selected
SSL_get0_dane
SSL_get0_dane_authority
SSL_get0_dane_tlsa
SSL_get0_next_proto_negotiated
SSL_get0_param
SSL_get0_peer_CA_list
SSL_get0_peer_certificate
SSL_get0_peer_scts
SSL_get0_peername
SSL_get0_security_ex_data
SSL_get0_verified_chain
SSL_get1_peer_certificate
SSL_get1_session
SSL_get1_supported_ciphers
SSL_get_SSL_CTX
SSL_get_all_async_fds
SSL_get_async_status
SSL_get_certificate
SSL_get_changed_async_fds
SSL_get_cipher_list
SSL_get_ciphers
SSL_get_client_CA_list
SSL_get_client_ciphers
SSL_get_client_random
SSL_get_current_cipher
SSL_get_current_compression
SSL_get_current_expansion
SSL_get_default_passwd_cb
SSL_get_default_passwd_cb_userdata
SSL_get_default_timeout
SSL_get_early_data_status
SSL_get_error
SSL_get_ex_data
SSL_get_ex_data_X509_STORE_CTX_idx
SSL_get_fd
SSL_get_finished
SSL_get_info_callback
SSL_get_key_update_type
SSL_get_max_early_data
SSL_get_num_tickets
SSL_get_options
SSL_get_peer_cert_chain
SSL_get_peer_finished
SSL_get_peer_signature_type_nid
SSL_get_pending_cipher
SSL_get_privatekey
SSL_get_psk_identity
SSL_get_psk_identity_hint
SSL_get_quiet_shutdown
SSL_get_rbio
SSL_get_read_ahead
SSL_get_record_padding_callback_arg
SSL_get_recv_max_early_data
SSL_get_rfd
SSL_get_security_callback
SSL_get_security_level
SSL_get_selected_srtp_profile
SSL_get_server_random
SSL_get_servername
SSL_get_servername_type
SSL_get_session
SSL_get_shared_ciphers
SSL_get_shared_sigalgs
SSL_get_shutdown
SSL_get_sigalgs
SSL_get_signature_type_nid
SSL_get_srp_N
SSL_get_srp_g
SSL_get_srp_userinfo
SSL_get_srp_username
SSL_get_srtp_profiles
SSL_get_ssl_method
SSL_get_state
SSL_get_verify_callback
SSL_get_verify_depth
SSL_get_verify_mode
SSL_get_verify_result
SSL_get_version
SSL_get_wbio
SSL_get_wfd
SSL_group_to_name
SSL_has_matching_session_id
SSL_has_pending
SSL_in_before
SSL_in_init
SSL_is_dtls
SSL_is_init_finished
SSL_is_server
SSL_key_update
SSL_load_client_CA_file
SSL_load_client_CA_file_ex
SSL_new
SSL_new_session_ticket
SSL_peek
SSL_peek_ex
SSL_pending
SSL_read
SSL_read_early_data
SSL_read_ex
SSL_renegotiate
SSL_renegotiate_abbreviated
SSL_renegotiate_pending
SSL_rstate_string
SSL_rstate_string_long
SSL_select_next_proto
SSL_sendfile
SSL_session_reused
SSL_set0_CA_list
SSL_set0_rbio
SSL_set0_security_ex_data
SSL_set0_tmp_dh_pkey
SSL_set0_wbio
SSL_set1_host
SSL_set1_param
SSL_set_SSL_CTX
SSL_set_accept_state
SSL_set_allow_early_data_cb
SSL_set_alpn_protos
SSL_set_async_callback
SSL_set_async_callback_arg
SSL_set_bio
SSL_set_block_padding
SSL_set_cert_cb
SSL_set_cipher_list
SSL_set_ciphersuites
SSL_set_client_CA_list
SSL_set_connect_state
SSL_set_ct_validation_callback
SSL_set_debug
SSL_set_default_passwd_cb
SSL_set_default_passwd_cb_userdata
SSL_set_default_read_buffer_len
SSL_set_ex_data
SSL_set_fd
SSL_set_generate_session_id
SSL_set_hostflags
SSL_set_info_callback
SSL_set_max_early_data
SSL_set_msg_callback
SSL_set_not_resumable_session_callback
SSL_set_num_tickets
SSL_set_options
SSL_set_post_handshake_auth
SSL_set_psk_client_callback
SSL_set_psk_find_session_callback
SSL_set_psk_server_callback
SSL_set_psk_use_session_callback
SSL_set_purpose
SSL_set_quiet_shutdown
SSL_set_read_ahead
SSL_set_record_padding_callback
SSL_set_record_padding_callback_arg
SSL_set_recv_max_early_data
SSL_set_rfd
SSL_set_security_callback
SSL_set_security_level
SSL_set_session
SSL_set_session_id_context
SSL_set_session_secret_cb
SSL_set_session_ticket_ext
SSL_set_session_ticket_ext_cb
SSL_set_shutdown
SSL_set_srp_server_param
SSL_set_srp_server_param_pw
SSL_set_ssl_method
SSL_set_tlsext_max_fragment_length
SSL_set_tlsext_use_srtp
SSL_set_tmp_dh_callback
SSL_set_trust
SSL_set_verify
SSL_set_verify_depth
SSL_set_verify_result
SSL_set_wfd
SSL_shutdown
SSL_srp_server_param_with_username
SSL_state_string
SSL_state_string_long
SSL_stateless
SSL_trace
SSL_up_ref
SSL_use_PrivateKey
SSL_use_PrivateKey_ASN1
SSL_use_PrivateKey_file
SSL_use_RSAPrivateKey
SSL_use_RSAPrivateKey_ASN1
SSL_use_RSAPrivateKey_file
SSL_use_cert_and_key
SSL_use_certificate
SSL_use_certificate_ASN1
SSL_use_certificate_chain_file
SSL_use_certificate_file
SSL_use_psk_identity_hint
SSL_verify_client_post_handshake
SSL_version
SSL_waiting_for_async
SSL_want

Sections

.text
Size: 604KB - Virtual size: 603KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 133KB - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 944B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
medcore.dll
.dll windows:4 windows x86 arch:x86

55958cc9cb7f3db8cccde7ae979274b8

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:eb:98:08:f9:4a:36:6f:2c:44:5d:4a:d6:62:85:1b
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

24/06/2024, 00:00

Not After

22/06/2025, 23:59

Subject

SERIALNUMBER=110111-1138985,CN=AhnLab\, Inc.,O=AhnLab\, Inc.,L=Seongnam-si,ST=Gyeonggi-do,C=KR,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.1=#130b53656f6e676e616d2d7369,1.3.6.1.4.1.311.60.2.1.2=#130b4779656f6e6767692d646f,1.3.6.1.4.1.311.60.2.1.3=#13024b52

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0b:ae:66:bc:5a:ba:7f:95:87:c6:f9:e9:04:e3:33:04
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

26/09/2024, 00:00

Not After

25/11/2035, 23:59

Subject

CN=DigiCert Timestamp 2024,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

d3:c1:51:da:1d:98:f9:e6:53:59:ee:cb:1e:fd:ca:ea:50:3a:42:b0:96:98:cb:72:7d:28:04:52:27:f4:1b:ee
Signer

Actual PE Digest

d3:c1:51:da:1d:98:f9:e6:53:59:ee:cb:1e:fd:ca:ea:50:3a:42:b0:96:98:cb:72:7d:28:04:52:27:f4:1b:ee

Digest Algorithm

sha256

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

userenv

ExpandEnvironmentStringsForUserW

wininet

FindNextUrlCacheEntryW
FindFirstUrlCacheEntryW
FindCloseUrlCache

dnsapi

DnsRecordListFree
DnsQuery_W

crypt32

CertDeleteCertificateFromStore
CertAddEncodedCertificateToStore
CertOpenStore
CertCloseStore

rpcrt4

UuidCreateSequential

psapi

EnumProcesses
GetModuleFileNameExW

ws2_32

WSAStartup
WSACleanup
connect
ioctlsocket
ntohs
getservbyport
gethostbyaddr
getservbyname
inet_ntoa
WSASetLastError
closesocket
socket
setsockopt
send
select
recv
gethostbyname
htons
ntohl
__WSAFDIsSet
getsockopt
htonl
WSAGetLastError
inet_addr
WSACloseEvent
listen
WSAIoctl
WSACreateEvent
WSASetEvent
shutdown
WSARecv
WSASend
bind

kernel32

GetProcAddress
LoadLibraryW
FreeLibrary
CloseHandle
lstrcpynW
CreateFileW
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
GetFileSize
GetCurrentThreadId
GetTickCount
CreateMutexW
WideCharToMultiByte
GetPrivateProfileStringW
GetVersionExW
GetSystemDirectoryW
Sleep
DeviceIoControl
CreateEventW
CancelIo
ReadFile
WriteFile
SetFilePointer
SetEndOfFile
DeleteFileW
MoveFileW
GetFileAttributesW
SetFileAttributesW
GetFileTime
WaitForSingleObject
FindClose
RemoveDirectoryW
FindNextFileW
FindFirstFileW
GetFileInformationByHandle
InterlockedExchange
MultiByteToWideChar
LeaveCriticalSection
GetSystemTimeAsFileTime
EnterCriticalSection
TerminateThread
GetModuleHandleW
InitializeCriticalSection
OutputDebugStringW
CreateProcessA
GetCurrentProcessId
GetLocalTime
ReleaseMutex
SetEvent
InterlockedDecrement
InterlockedIncrement
GetCurrentProcess
GetModuleFileNameW
InterlockedCompareExchange
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
WritePrivateProfileStringW
GetSystemInfo
OpenProcess
GetFileAttributesExW
WaitForMultipleObjects
ResetEvent
FileTimeToLocalFileTime
LoadLibraryA
GetSystemDirectoryA
GetWindowsDirectoryA
FileTimeToDosDateTime
SystemTimeToFileTime
LoadLibraryExW
GetWindowsDirectoryW
OpenMutexW
OpenFileMappingW
SizeofResource
LockResource
LoadResource
FindResourceW
CreateDirectoryW
MoveFileExW
GetLogicalDrives
QueryPerformanceFrequency
QueryPerformanceCounter
GetSystemTime
VerifyVersionInfoW
VerSetConditionMask
GetThreadContext
OpenThread
LocalAlloc
lstrcmpiW
GetModuleHandleA
GetVersion
lstrcmpW
ExpandEnvironmentStringsW
GetLongPathNameW
GetProcessTimes
CreateIoCompletionPort
GetQueuedCompletionStatus
TerminateProcess
GetExitCodeThread
PostQueuedCompletionStatus
SetLastError
ReadProcessMemory
VirtualFreeEx
CreateRemoteThread
WriteProcessMemory
VirtualAllocEx
VirtualProtectEx
VirtualQueryEx
ConnectNamedPipe
CreateNamedPipeW
DisconnectNamedPipe
HeapFree
GetProcessHeap
WaitForMultipleObjectsEx
HeapAlloc
GetComputerNameA
CopyFileW
ReadDirectoryChangesW
GetVolumePathNamesForVolumeNameW
SetThreadPriority
GetCurrentThread
CopyFileExW
GetDiskFreeSpaceExW
CompareFileTime
SetFileTime
TryEnterCriticalSection
SetCurrentDirectoryW
GetCurrentDirectoryW
CreateProcessW
ExitProcess
GetExitCodeProcess
GetEnvironmentVariableA
GetEnvironmentVariableW
LoadLibraryExA
VirtualQuery
VirtualProtect
FlushInstructionCache
SetThreadContext
VirtualFree
SuspendThread
VirtualAlloc
lstrlenW
QueryDosDeviceW
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
GetLastError
LocalFree
GetComputerNameW
ResumeThread
OutputDebugStringA

user32

CharPrevA
CharNextA
CharUpperW
RegisterClassExW
CreateWindowExW
UnregisterClassW
PeekMessageW
TranslateMessage
DispatchMessageW
DestroyWindow
UnregisterDeviceNotification
DefWindowProcW
RegisterDeviceNotificationW

advapi32

RegEnumValueW
GetSecurityDescriptorSacl
CryptAcquireContextW
CryptCreateHash
CryptHashData
InitializeAcl
GetAce
EqualSid
AddAce
AddAccessAllowedAceEx
SetSecurityDescriptorDacl
GetSecurityDescriptorControl
SetSecurityDescriptorControl
CryptGetHashParam
CryptDestroyHash
CryptReleaseContext
SetFileSecurityW
GetAclInformation
GetSecurityDescriptorDacl
InitializeSecurityDescriptor
GetNamedSecurityInfoW
LookupAccountNameW
RegCloseKey
RegDeleteValueW
RegQueryValueExW
RegOpenKeyExW
RegSetValueExW
RegEnumKeyExW
RegQueryInfoKeyW
GetLengthSid
RegCreateKeyExW
SetSecurityDescriptorSacl
ConvertSidToStringSidW
OpenSCManagerW
OpenServiceW
QueryServiceStatus
CloseServiceHandle
LookupAccountSidW
LookupPrivilegeValueW
AdjustTokenPrivileges
RegOpenCurrentUser
RevertToSelf
DuplicateTokenEx
ImpersonateLoggedOnUser
OpenProcessToken
GetTokenInformation
RegDeleteKeyW
AllocateAndInitializeSid
SetEntriesInAclW
FreeSid
ConvertStringSecurityDescriptorToSecurityDescriptorW

shell32

ord680
SHFileOperationW
SHCreateDirectoryExW
SHGetFolderPathW

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

shlwapi

PathUnExpandEnvStringsW
PathFileExistsW
UrlGetPartA
StrStrIA
UrlGetPartW

iphlpapi

GetBestInterface
GetAdaptersInfo

msvcrt

_ultoa
_wcsupr
_strlwr
_adjust_fdiv
_initterm
??1type_info@@UAE@XZ
_onexit
__dllonexit
strpbrk
_mbspbrk
_mbsnbicmp
free
calloc
memcpy
malloc
strstr
_wcsnicmp
wcslen
_vsnwprintf
wcscmp
_except_handler3
strlen
memcmp
strchr
memset
_vsnprintf
_wtoi
wcstok
wcsrchr
mbstowcs
strncmp
wcsncat
_beginthreadex
_endthreadex
strncat
_pctype
_isctype
__mb_cur_max
wcsstr
sscanf
wcschr
_wcslwr
strcmp
_wcsicmp
time
strncpy
wcstoul
strcat
strcpy
strtoul
sprintf
wcstombs
strrchr
_ftol
__CxxFrameHandler
wcsncmp
_wgetenv
rand
srand
abs
fclose
swscanf
fgetws
_wfopen
_strnicmp
wcsncpy
_errno
atol
qsort
_snprintf
_snwprintf
??3@YAXPAX@Z
_wcsdup
atoi
memmove
tolower
_stricmp
??2@YAPAXI@Z
toupper
_wsplitpath
strtol
isxdigit
strtod
ftell
fseek
fread
fopen
fflush
_purecall
fwrite
_isnan
_finite
floor
ceil
??0exception@@QAE@ABV0@@Z
_CxxThrowException
??1exception@@UAE@XZ
??0exception@@QAE@XZ
fmod
_lrotl
realloc
printf
puts
fputs
fprintf
_lrotr
_ismbblead
_mbschr
_wsopen
_close
_lseek
_read
_write
_get_osfhandle
_commit
_msize

msvcp60

?resize@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$allocator@D@1@@Z
??1?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV01@@Z
??A?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAGI@Z
?resize@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEXI@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV?$allocator@G@1@@Z
?write@?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV12@PBGH@Z
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@PBDH@Z
?c_str@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEPBGXZ
?size@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIXZ
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??0_Lockit@std@@QAE@XZ
?size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
??0bad_alloc@std@@QAE@ABV01@@Z
??1bad_alloc@std@@UAE@XZ
??0bad_alloc@std@@QAE@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDIABV?$allocator@D@1@@Z
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?tellg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE?AV?$fpos@H@2@XZ
?fail@ios_base@std@@QBE_NXZ
?clear@?$basic_ios@GU?$char_traits@G@std@@@std@@QAEXH_N@Z
?tellg@?$basic_istream@GU?$char_traits@G@std@@@std@@QAE?AV?$fpos@H@2@XZ
?bad@ios_base@std@@QBE_NXZ
?gcount@?$basic_istream@DU?$char_traits@D@std@@@std@@QBEHXZ
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PADH@Z
?eof@ios_base@std@@QBE_NXZ
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@V?$fpos@H@2@@Z
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@JW4seekdir@ios_base@2@@Z
?gcount@?$basic_istream@GU?$char_traits@G@std@@@std@@QBEHXZ
?read@?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV12@PAGH@Z
?seekg@?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV12@V?$fpos@H@2@@Z
?seekg@?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV12@JW4seekdir@ios_base@2@@Z
??0Init@ios_base@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAADI@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??1_Winit@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1_Lockit@std@@QAE@XZ

Exports

Exports

MeDCleanFile
MeDCleanFileEx
MeDCreateHandle
MeDDestroyHandle
MeDFinalize
MeDGet
MeDGetCleanStatus
MeDGetCleanStatusEx
MeDGetVirusInfo
MeDInitialize
MeDInitializeEx
MeDScanFile
MeDScanFileEx
MeDScanIp
MeDScanUrl
MeDSet
MeDSubmitFile

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 96KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 856KB - Virtual size: 923KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.detourc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.detourd
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 124KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
medcored.sys
.sys windows:5 windows x86 arch:x86

6f8e475fd4b36c8c6bf5f97e7260a454

Code Sign

33:00:00:00:68:64:82:c2:f9:11:1a:c8:76:00:00:00:00:00:68
Certificate

Issuer

CN=Microsoft Windows Third Party Component CA 2014,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

11/01/2024, 20:09

Not After

10/01/2025, 20:09

Subject

CN=Microsoft Windows Hardware Compatibility Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

33:00:00:00:0d:69:0d:5d:78:93:d0:76:df:00:00:00:00:00:0d
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

15/10/2014, 20:31

Not After

15/10/2029, 20:41

Subject

CN=Microsoft Windows Third Party Component CA 2014,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:eb:98:08:f9:4a:36:6f:2c:44:5d:4a:d6:62:85:1b
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

24/06/2024, 00:00

Not After

22/06/2025, 23:59

Subject

SERIALNUMBER=110111-1138985,CN=AhnLab\, Inc.,O=AhnLab\, Inc.,L=Seongnam-si,ST=Gyeonggi-do,C=KR,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.1=#130b53656f6e676e616d2d7369,1.3.6.1.4.1.311.60.2.1.2=#130b4779656f6e6767692d646f,1.3.6.1.4.1.311.60.2.1.3=#13024b52

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0b:ae:66:bc:5a:ba:7f:95:87:c6:f9:e9:04:e3:33:04
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

26/09/2024, 00:00

Not After

25/11/2035, 23:59

Subject

CN=DigiCert Timestamp 2024,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

ea:6f:ec:d5:f0:73:d0:70:1d:be:14:ad:8c:84:6b:43:53:4a:60:58:78:58:2b:fb:cc:51:6b:38:2a:3d:90:2e
Signer

Actual PE Digest

ea:6f:ec:d5:f0:73:d0:70:1d:be:14:ad:8c:84:6b:43:53:4a:60:58:78:58:2b:fb:cc:51:6b:38:2a:3d:90:2e

Digest Algorithm

sha256

PE Digest Matches

true

ea:6f:ec:d5:f0:73:d0:70:1d:be:14:ad:8c:84:6b:43:53:4a:60:58:78:58:2b:fb:cc:51:6b:38:2a:3d:90:2e
Signer

Actual PE Digest

ea:6f:ec:d5:f0:73:d0:70:1d:be:14:ad:8c:84:6b:43:53:4a:60:58:78:58:2b:fb:cc:51:6b:38:2a:3d:90:2e

Digest Algorithm

sha256

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\build\project\medicine\engine\2.0_maintrunk\building\build\project\medicine\engine\2.0\trunk\src\medcored\i386\MeDCoreD.pdb

Imports

ntoskrnl.exe

islower
isxdigit
_wcsnicmp
wcslen
KeQuerySystemTime
_alldiv
_aullshr
_allshl
DbgPrint
wcstombs
PsGetCurrentProcessId
PsGetCurrentThreadId
RtlTimeToTimeFields
ExSystemTimeToLocalTime
KeReleaseMutex
KeSetEvent
KeWaitForSingleObject
InterlockedDecrement
InterlockedIncrement
ZwClose
ObOpenObjectByPointer
ExEventObjectType
IoCreateSynchronizationEvent
RtlInitUnicodeString
KeInitializeMutex
InterlockedExchange
ZwCreateFile
wcsrchr
KeLeaveCriticalRegion
ExReleaseResourceLite
ExAcquireResourceExclusiveLite
KeEnterCriticalRegion
wcscmp
wcschr
ZwDeleteKey
ZwOpenKey
wcsncmp
ZwEnumerateKey
RtlLengthSid
ZwQueryInformationToken
ZwQueryValueKey
ZwSetValueKey
ZwDeleteValueKey
ZwCreateKey
ZwEnumerateValueKey
ObReferenceObjectByHandle
IoFileObjectType
ObfDereferenceObject
IoGetRelatedDeviceObject
ZwQueryVolumeInformationFile
ZwQueryInformationFile
_wcsupr
strncmp
_strnicmp
ExAcquireResourceSharedLite
KeInitializeTimerEx
_strlwr
strchr
_wcsicmp
mbstowcs
PsGetVersion
KeQueryTimeIncrement
KeTickCount
ExDeletePagedLookasideList
ExInitializePagedLookasideList
ObQueryNameString
_wcslwr
ExAllocateFromPagedLookasideList
strstr
wcsncpy
ZwCreateSection
ZwOpenSection
MmMapViewInSystemSpace
MmUnmapViewInSystemSpace
_allmul
IoGetCurrentProcess
wcsstr
ExFreeToPagedLookasideList
RtlEqualUnicodeString
_except_handler3
ZwFsControlFile
IofCallDriver
IoBuildDeviceIoControlRequest
KeInitializeEvent
memmove
strncpy
KeInitializeSpinLock
MmGetSystemRoutineAddress
ZwQueryInformationProcess
ZwQuerySystemInformation
_stricmp
ZwReadFile
ZwSetInformationFile
KeGetCurrentThread
ExGetPreviousMode
KeDelayExecutionThread
RtlCompareUnicodeString
ZwOpenThreadToken
ZwOpenProcessToken
IoGetStackLimits
KeStackAttachProcess
PsLookupProcessByProcessId
KeUnstackDetachProcess
ZwOpenProcess
ZwOpenSymbolicLinkObject
ZwQuerySymbolicLinkObject
MmIsAddressValid
ExInitializeNPagedLookasideList
ExDeleteNPagedLookasideList
ExInterlockedPopEntrySList
ExInterlockedPushEntrySList
RtlInitializeUnicodePrefix
RtlInsertUnicodePrefix
RtlRemoveUnicodePrefix
RtlFindUnicodePrefix
FsRtlIsNameInExpression
IoDeleteDevice
IoDeleteSymbolicLink
IofCompleteRequest
IoCreateSymbolicLink
IoCreateDevice
_snprintf
_snwprintf
_aullrem
MmHighestUserAddress
IoGetDeviceObjectPointer
RtlCompareMemory
PsIsThreadTerminating
ProbeForRead
RtlPrefixUnicodeString
RtlInsertElementGenericTable
RtlDeleteElementGenericTable
RtlGetElementGenericTable
RtlLookupElementGenericTable
RtlInitializeGenericTable
ExFreePoolWithTag
KeBugCheckEx
isspace
isdigit
ExDeleteResourceLite
ExAllocatePoolWithTag
ExFreePool
ExInitializeResourceLite
wcsncat
strrchr
strncat
RtlUnicodeToMultiByteN
RtlAnsiCharToUnicodeChar
wcscat
wcscpy
RtlQueryRegistryValues
IoSetThreadHardErrorMode
ZwWriteFile
ExQueueWorkItem

hal

ExAcquireFastMutex
KfAcquireSpinLock
KfReleaseSpinLock
KeGetCurrentIrql
ExReleaseFastMutex

fltmgr.sys

FltUnregisterFilter
FltRegisterFilter

Sections

.text
Size: 777KB - Virtual size: 777KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
medext.dll
.dll windows:4 windows x86 arch:x86

236acf15e3439b179409e3e0ce8a39a1

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:7b:2e:10:a0:d9:6c:4d:53:bd:1e:49:42:fc:ca:c9
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

24/06/2024, 00:00

Not After

22/06/2025, 23:59

Subject

SERIALNUMBER=110111-1138985,CN=AhnLab\, Inc.,O=AhnLab\, Inc.,L=Seongnam-si,ST=Gyeonggi-do,C=KR,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.1=#130b53656f6e676e616d2d7369,1.3.6.1.4.1.311.60.2.1.2=#130b4779656f6e6767692d646f,1.3.6.1.4.1.311.60.2.1.3=#13024b52

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0b:ae:66:bc:5a:ba:7f:95:87:c6:f9:e9:04:e3:33:04
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

26/09/2024, 00:00

Not After

25/11/2035, 23:59

Subject

CN=DigiCert Timestamp 2024,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

f7:57:be:f2:1b:76:4b:62:b7:3f:50:28:04:98:a3:e5:04:77:3c:5d:ed:31:6e:43:1c:83:33:49:eb:b9:64:9a
Signer

Actual PE Digest

f7:57:be:f2:1b:76:4b:62:b7:3f:50:28:04:98:a3:e5:04:77:3c:5d:ed:31:6e:43:1c:83:33:49:eb:b9:64:9a

Digest Algorithm

sha256

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryW
LoadLibraryA
HeapCompact
HeapValidate
HeapSize
HeapReAlloc
HeapFree
HeapDestroy
HeapCreate
HeapAlloc
GetVersionExW
GetVersionExA
GetTickCount
GetTempPathW
GetTempPathA
GetSystemTimeAsFileTime
GetSystemTime
GetSystemInfo
GetFullPathNameW
GetFullPathNameA
GetFileSize
GetFileAttributesExW
GetFileAttributesW
GetFileAttributesA
GetDiskFreeSpaceW
GetDiskFreeSpaceA
GetCurrentProcessId
FreeLibrary
FormatMessageW
FormatMessageA
FlushFileBuffers
DeleteFileW
DeleteFileA
CreateMutexW
CreateFileMappingW
LocalFree
CreateFileW
CreateFileA
AreFileApisANSI
TryEnterCriticalSection
GetCurrentThreadId
CreateEventW
GetModuleFileNameW
DeviceIoControl
CancelIo
MoveFileW
SetFileAttributesW
GetFileTime
RemoveDirectoryW
FindNextFileW
FindFirstFileW
FindClose
GetFileInformationByHandle
GetLocalTime
InterlockedDecrement
ReleaseMutex
SetEvent
InterlockedIncrement
InterlockedExchange
GetCurrentProcess
lstrcmpiW
GetModuleHandleA
GetVersion
lstrlenW
lstrcmpW
LocalAlloc
GetSystemDirectoryW
GetShortPathNameW
OpenMutexW
lstrlenA
lstrcmpA
LockFile
LockFileEx
MapViewOfFile
MultiByteToWideChar
QueryPerformanceCounter
ReadFile
SetEndOfFile
SetFilePointer
Sleep
SystemTimeToFileTime
UnlockFile
UnlockFileEx
UnmapViewOfFile
WideCharToMultiByte
WriteFile
WaitForSingleObject
WaitForSingleObjectEx
OutputDebugStringA
OutputDebugStringW
GetProcessHeap
InterlockedCompareExchange
FlushViewOfFile
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetModuleHandleW
GetProcAddress
GetLastError
CreateFileMappingA
CloseHandle
SetLastError
CreateSemaphoreW
ReleaseSemaphore
WaitForMultipleObjects
ResetEvent
GetStdHandle
WriteConsoleW
GetFileSizeEx

advapi32

RegDeleteKeyW
EnumServicesStatusW
LockServiceDatabase
UnlockServiceDatabase
QueryServiceConfigW
RegOpenKeyA
RegQueryValueExA
RegOpenKeyW
AllocateAndInitializeSid
SetEntriesInAclW
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
FreeSid
ConvertStringSecurityDescriptorToSecurityDescriptorW
ControlService
StartServiceW
DeleteService
CreateServiceW
RegCreateKeyExW
QueryServiceStatus
OpenSCManagerW
OpenServiceW
CloseServiceHandle
ChangeServiceConfigW
RegOpenKeyExW
RegQueryValueExW
RegDeleteValueW
RegSetValueExW
RegCloseKey
RegEnumKeyExW

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

msvcrt

localtime
strcmp
malloc
free
_msize
realloc
strlen
memcpy
memcmp
memmove
strncmp
_beginthreadex
_endthreadex
strcspn
fabs
strspn
strrchr
_lrotl
_lrotr
_except_handler3
wcscmp
??3@YAXPAX@Z
??2@YAPAXI@Z
__CxxFrameHandler
_wcsicmp
wcsncat
wcsrchr
_vsnprintf
wcsncmp
wcsstr
swprintf
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
_CxxThrowException
_wmakepath
_wsplitpath
wprintf
wcschr
_wcsupr
_initterm
_adjust_fdiv
??1type_info@@UAE@XZ
__dllonexit
_onexit
memset
_ftol
wcslen
_vsnwprintf

user32

IsWindow
PostMessageW

Exports

Exports

MeDExtFinalize
MeDExtGet
MeDExtInitialize
MeDExtSet

Sections

.text
Size: 552KB - Virtual size: 548KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
medvpdrv.sys
.sys windows:6 windows x86 arch:x86

533744a09879662cf82bcd2a2988c21e

Code Sign

33:00:00:00:68:64:82:c2:f9:11:1a:c8:76:00:00:00:00:00:68
Certificate

Issuer

CN=Microsoft Windows Third Party Component CA 2014,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

11/01/2024, 20:09

Not After

10/01/2025, 20:09

Subject

CN=Microsoft Windows Hardware Compatibility Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

33:00:00:00:0d:69:0d:5d:78:93:d0:76:df:00:00:00:00:00:0d
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

15/10/2014, 20:31

Not After

15/10/2029, 20:41

Subject

CN=Microsoft Windows Third Party Component CA 2014,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:7b:2e:10:a0:d9:6c:4d:53:bd:1e:49:42:fc:ca:c9
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

24/06/2024, 00:00

Not After

22/06/2025, 23:59

Subject

SERIALNUMBER=110111-1138985,CN=AhnLab\, Inc.,O=AhnLab\, Inc.,L=Seongnam-si,ST=Gyeonggi-do,C=KR,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.1=#130b53656f6e676e616d2d7369,1.3.6.1.4.1.311.60.2.1.2=#130b4779656f6e6767692d646f,1.3.6.1.4.1.311.60.2.1.3=#13024b52

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0b:ae:66:bc:5a:ba:7f:95:87:c6:f9:e9:04:e3:33:04
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

26/09/2024, 00:00

Not After

25/11/2035, 23:59

Subject

CN=DigiCert Timestamp 2024,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

15:f8:4b:06:d7:cf:2c:4d:e0:43:ee:7e:6f:28:39:88:f0:20:81:ed:db:2c:fb:f7:f8:63:6e:80:c3:0c:40:dc
Signer

Actual PE Digest

15:f8:4b:06:d7:cf:2c:4d:e0:43:ee:7e:6f:28:39:88:f0:20:81:ed:db:2c:fb:f7:f8:63:6e:80:c3:0c:40:dc

Digest Algorithm

sha256

PE Digest Matches

true

15:f8:4b:06:d7:cf:2c:4d:e0:43:ee:7e:6f:28:39:88:f0:20:81:ed:db:2c:fb:f7:f8:63:6e:80:c3:0c:40:dc
Signer

Actual PE Digest

15:f8:4b:06:d7:cf:2c:4d:e0:43:ee:7e:6f:28:39:88:f0:20:81:ed:db:2c:fb:f7:f8:63:6e:80:c3:0c:40:dc

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_FORCE_INTEGRITY

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\build\project\medicine\engine\2.0_maintrunk\building\build\project\medicine\engine\2.0\trunk\src\medvpdrv\i386\MeDVpDrv.pdb

Imports

ntoskrnl.exe

_allmul
KeInitializeMutex
KeInitializeSpinLock
ExAllocatePoolWithTag
KeWaitForSingleObject
KeReleaseMutex
KeInitializeTimerEx
PsGetVersion
wcsstr
wcsrchr
ZwQueryValueKey
ZwClose
ZwOpenKey
RtlInitUnicodeString
KeQueryTimeIncrement
KeTickCount
_alldiv
KeQuerySystemTime
MmGetSystemRoutineAddress
ZwQueryInformationProcess
ZwQuerySystemInformation
IoGetCurrentProcess
_stricmp
ZwCreateFile
ZwReadFile
ZwSetInformationFile
KeGetCurrentThread
ExGetPreviousMode
_strnicmp
KeDelayExecutionThread
RtlCompareUnicodeString
ZwOpenThreadToken
ZwOpenProcessToken
IoGetStackLimits
ObfDereferenceObject
ObOpenObjectByPointer
PsThreadType
PsProcessType
ObReferenceObjectByHandle
ZwQueryInformationFile
KeLeaveCriticalRegion
ExReleaseResourceLite
wcsncpy
ExAcquireResourceExclusiveLite
KeEnterCriticalRegion
_wcsicmp
ExAcquireResourceSharedLite
RtlFreeUnicodeString
RtlAnsiStringToUnicodeString
KeStackAttachProcess
PsLookupProcessByProcessId
KeUnstackDetachProcess
PsGetCurrentProcessId
ZwOpenProcess
ZwOpenSymbolicLinkObject
wcschr
ZwQuerySymbolicLinkObject
ZwCreateEvent
ExInitializeNPagedLookasideList
ExDeleteNPagedLookasideList
KeResetEvent
KeReadStateEvent
PsGetCurrentThreadId
ExInterlockedPopEntrySList
ExInterlockedPushEntrySList
MmIsAddressValid
MmMapLockedPagesSpecifyCache
strrchr
IofCallDriver
IoBuildDeviceIoControlRequest
KeInitializeEvent
IoGetDeviceObjectPointer
IoFileObjectType
IoGetRelatedDeviceObject
DbgPrint
wcstombs
RtlTimeToTimeFields
ExSystemTimeToLocalTime
KeSetEvent
ExEventObjectType
IoCreateSynchronizationEvent
wcsncmp
ZwEnumerateKey
RtlLengthSid
ZwQueryInformationToken
IofCompleteRequest
IoDeleteDevice
IoDeleteSymbolicLink
IoCreateSymbolicLink
IoCreateDevice
ExFreeToPagedLookasideList
ExAllocateFromPagedLookasideList
RtlWalkFrameChain
PsLookupThreadByThreadId
RtlCopyLuid
ObfReferenceObject
MmHighestUserAddress
KeInsertQueueApc
KeInitializeApc
PsSetCreateThreadNotifyRoutine
PsSetLoadImageNotifyRoutine
PsSetCreateProcessNotifyRoutine
RtlCompareMemory
IoBuildSynchronousFsdRequest
IoGetAttachedDeviceReference
PsIsThreadTerminating
ProbeForRead
ExDeletePagedLookasideList
ExInitializePagedLookasideList
RtlCopyUnicodeString
IoFreeWorkItem
ExfInterlockedInsertTailList
IoQueueWorkItem
IoAllocateWorkItem
RtlGetCallersAddress
strchr
_wcslwr
PsTerminateSystemThread
KeCancelTimer
KeWaitForMultipleObjects
KeSetTimerEx
PsCreateSystemThread
memmove
RtlDowncaseUnicodeString
strncmp
RtlUnicodeStringToInteger
KeDetachProcess
KeAttachProcess
toupper
FsRtlIsNameInExpression
RtlUpcaseUnicodeString
FsRtlIsNtstatusExpected
RtlUpcaseUnicodeChar
RtlIsNameLegalDOS8Dot3
RtlAppendUnicodeStringToString
_aulldiv
RtlSubAuthoritySid
ZwQueryDirectoryFile
ZwWriteFile
ZwDeleteFile
RtlInitializeUnicodePrefix
RtlInsertUnicodePrefix
RtlRemoveUnicodePrefix
RtlFindUnicodePrefix
RtlNextUnicodePrefix
KeBugCheckEx
ExDeleteResourceLite
ExAllocatePool
ExInitializeResourceLite
ExFreePoolWithTag
wcsncat
RtlEqualUnicodeString
_wcsnicmp
memcpy
memset
RtlUnwind
RtlUnicodeToMultiByteN
RtlAnsiCharToUnicodeChar
ExFreePool
wcscat
wcscpy
MmUserProbeAddress
RtlCaptureContext
ZwFreeVirtualMemory
ZwDuplicateObject
ZwAllocateVirtualMemory
ZwSetSecurityObject
ZwQuerySecurityObject
strstr
_strupr
ZwLoadDriver

hal

KeRaiseIrqlToDpcLevel
IoReadPartitionTable
ExAcquireFastMutex
ExReleaseFastMutex
KeGetCurrentIrql
KfAcquireSpinLock
KfReleaseSpinLock
KfLowerIrql

fltmgr.sys

FltUnregisterFilter
FltRegisterFilter

Sections

.text
Size: 513KB - Virtual size: 513KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 214KB - Virtual size: 213KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
medvphkd.sys
.sys windows:6 windows x86 arch:x86

7c929c7db01c389540616814046e43b7

Code Sign

33:00:00:00:68:64:82:c2:f9:11:1a:c8:76:00:00:00:00:00:68
Certificate

Issuer

CN=Microsoft Windows Third Party Component CA 2014,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

11/01/2024, 20:09

Not After

10/01/2025, 20:09

Subject

CN=Microsoft Windows Hardware Compatibility Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

33:00:00:00:0d:69:0d:5d:78:93:d0:76:df:00:00:00:00:00:0d
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

15/10/2014, 20:31

Not After

15/10/2029, 20:41

Subject

CN=Microsoft Windows Third Party Component CA 2014,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:7b:2e:10:a0:d9:6c:4d:53:bd:1e:49:42:fc:ca:c9
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

24/06/2024, 00:00

Not After

22/06/2025, 23:59

Subject

SERIALNUMBER=110111-1138985,CN=AhnLab\, Inc.,O=AhnLab\, Inc.,L=Seongnam-si,ST=Gyeonggi-do,C=KR,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.1=#130b53656f6e676e616d2d7369,1.3.6.1.4.1.311.60.2.1.2=#130b4779656f6e6767692d646f,1.3.6.1.4.1.311.60.2.1.3=#13024b52

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0b:ae:66:bc:5a:ba:7f:95:87:c6:f9:e9:04:e3:33:04
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

26/09/2024, 00:00

Not After

25/11/2035, 23:59

Subject

CN=DigiCert Timestamp 2024,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

b5:2b:fc:f3:e6:e0:dd:a4:2f:11:4a:71:39:25:a7:24:a7:6d:d1:fd:cc:40:6f:09:e2:62:c6:50:f5:a9:58:bb
Signer

Actual PE Digest

b5:2b:fc:f3:e6:e0:dd:a4:2f:11:4a:71:39:25:a7:24:a7:6d:d1:fd:cc:40:6f:09:e2:62:c6:50:f5:a9:58:bb

Digest Algorithm

sha256

PE Digest Matches

true

b5:2b:fc:f3:e6:e0:dd:a4:2f:11:4a:71:39:25:a7:24:a7:6d:d1:fd:cc:40:6f:09:e2:62:c6:50:f5:a9:58:bb
Signer

Actual PE Digest

b5:2b:fc:f3:e6:e0:dd:a4:2f:11:4a:71:39:25:a7:24:a7:6d:d1:fd:cc:40:6f:09:e2:62:c6:50:f5:a9:58:bb

Digest Algorithm

sha256

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\build\project\medicine\engine\2.0_maintrunk\building\build\project\medicine\engine\2.0\trunk\src\medvphkd\i386\MeDVpHkD.pdb

Imports

ntoskrnl.exe

DbgPrint
IofCompleteRequest
IoCreateSymbolicLink
IoCreateDevice
ExInterlockedPopEntrySList
ExInterlockedPushEntrySList
PsProcessType
PsGetVersion
ExFreePoolWithTag
ExAllocatePoolWithTag
ExIsProcessorFeaturePresent
ExInitializeNPagedLookasideList
memset
_stricmp
strrchr
ZwQuerySystemInformation
ExAllocatePool
KeServiceDescriptorTable
ZwReadFile
ZwQueryInformationFile
ZwClose
ZwCreateFile
memcpy
KeDelayExecutionThread
MmGetSystemRoutineAddress
ZwSetInformationFile
KeGetCurrentThread
ObOpenObjectByPointer
PsThreadType
ObReferenceObjectByHandle
KeQueryTimeIncrement
KeTickCount
_alldiv
_allmul
KeQuerySystemTime
IoDeleteDevice
KeInitializeSpinLock
PsGetCurrentThreadId
KeInitializeMutex
KeWaitForSingleObject
KeReleaseMutex
KeInitializeTimerEx
IoGetRelatedDeviceObject
PsGetCurrentProcessId
RtlTimeToTimeFields
ExSystemTimeToLocalTime
KeSetEvent
KeBugCheckEx
RtlInitUnicodeString
ObfDereferenceObject
RtlUnwind
RtlUnicodeToMultiByteN
ZwWriteFile

hal

KfReleaseSpinLock
KeGetCurrentIrql
KfAcquireSpinLock

Sections

.text
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 944B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
medvphku.dll
.dll windows:4 windows x86 arch:x86

577b7298b422298c03c83e7269517b5c

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:eb:98:08:f9:4a:36:6f:2c:44:5d:4a:d6:62:85:1b
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

24/06/2024, 00:00

Not After

22/06/2025, 23:59

Subject

SERIALNUMBER=110111-1138985,CN=AhnLab\, Inc.,O=AhnLab\, Inc.,L=Seongnam-si,ST=Gyeonggi-do,C=KR,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.1=#130b53656f6e676e616d2d7369,1.3.6.1.4.1.311.60.2.1.2=#130b4779656f6e6767692d646f,1.3.6.1.4.1.311.60.2.1.3=#13024b52

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0b:ae:66:bc:5a:ba:7f:95:87:c6:f9:e9:04:e3:33:04
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

26/09/2024, 00:00

Not After

25/11/2035, 23:59

Subject

CN=DigiCert Timestamp 2024,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

e1:1c:b5:1a:24:f0:d4:80:c7:35:3c:f0:a4:3f:97:31:e6:1c:ce:cb:97:9d:fd:6c:25:4e:88:be:d6:7f:2f:bb
Signer

Actual PE Digest

e1:1c:b5:1a:24:f0:d4:80:c7:35:3c:f0:a4:3f:97:31:e6:1c:ce:cb:97:9d:fd:6c:25:4e:88:be:d6:7f:2f:bb

Digest Algorithm

sha256

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetSystemTime
FileTimeToSystemTime
SystemTimeToFileTime
GetSystemTime
VirtualQuery
LeaveCriticalSection
EnterCriticalSection
GetCurrentProcess
DuplicateHandle
GetProcessId
GetProcAddress
GetModuleHandleA
VirtualAlloc
CompareStringW
GetThreadLocale
GlobalGetAtomNameW
GetModuleFileNameW
CompareStringA
GlobalGetAtomNameA
InterlockedExchange
GetThreadContext
CloseHandle
OpenProcess
GetSystemWindowsDirectoryW
GetTempPathW
GetFileAttributesW
LocalFree
GetCommandLineW
GetFileSize
GetSystemTimeAsFileTime
GetFileInformationByHandle
CreateFileW
Sleep
DeviceIoControl
CreateEventW
CancelIo
ReadFile
WriteFile
SetFilePointer
InterlockedIncrement
DeleteFileW
MoveFileW
SetFileAttributesW
GetFileTime
WaitForSingleObject
FindClose
RemoveDirectoryW
FindNextFileW
FindFirstFileW
OutputDebugStringW
OutputDebugStringA
GetLocalTime
WideCharToMultiByte
ReleaseMutex
SetEvent
InterlockedDecrement
CreateMutexW
LoadLibraryA
InterlockedCompareExchange
FreeLibrary
InitializeCriticalSection
DeleteCriticalSection
VirtualFree
SetNamedPipeHandleState
WaitNamedPipeW
VirtualProtectEx
InitializeCriticalSectionAndSpinCount
GetComputerNameA
VerSetConditionMask
HeapFree
HeapAlloc
GetProcessHeap
GetCurrentDirectoryW
FlushFileBuffers
GetCurrentThreadId
GetTickCount
MultiByteToWideChar
SetLastError
GetModuleHandleW
GetEnvironmentVariableW
GetLastError
TlsGetValue
TlsFree
TlsAlloc
TlsSetValue
GetCurrentProcessId
SetEndOfFile
GetStringTypeW
GetStringTypeA
SetStdHandle
GetOEMCP
GetACP
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
LCMapStringW
LCMapStringA
GetCPInfo
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
TerminateProcess
VirtualProtect
ResumeThread
FlushInstructionCache
SetThreadContext
SuspendThread
GetCurrentThread
VirtualQueryEx
LoadLibraryExW
LoadLibraryExA
RtlUnwind
GetCommandLineA
GetVersion
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
HeapReAlloc
IsBadWritePtr
ExitProcess

psapi

GetModuleFileNameExW
EnumProcessModules
GetModuleInformation

advapi32

IsTextUnicode
GetSecurityDescriptorSacl
SetSecurityDescriptorSacl
AllocateAndInitializeSid
SetEntriesInAclW
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
FreeSid
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey

user32

GetWindowThreadProcessId
GetSystemMetrics
ToUnicode

ws2_32

inet_ntoa
getsockopt
WSASetLastError
htons

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

oleaut32

SysFreeString
SysAllocString

shell32

CommandLineToArgvW

ole32

StringFromGUID2
CoTaskMemFree
StringFromCLSID

shlwapi

PathIsNetworkPathW

Exports

Exports

1

Sections

.text
Size: 231KB - Virtual size: 231KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 91KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.detourc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.detourd
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.UPX0
Size: 659KB - Virtual size: 659KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
trueeyesu.dll
.dll windows:4 windows x86 arch:x86

220026421905cef511c6c487669a8bfd

Code Sign

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

02:1f:6f:8b:67:7d:14:ec:96:27:bd:f0:14:75:b2:60
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

28/05/2021, 00:00

Not After

01/06/2022, 23:59

Subject

SERIALNUMBER=110111-1138985,CN=AhnLab\, Inc.,O=AhnLab\, Inc.,L=Seongnam-si,ST=Gyeonggi-do,C=KR,1.3.6.1.4.1.311.60.2.1.1=#130b53656f6e676e616d2d7369,1.3.6.1.4.1.311.60.2.1.2=#130b4779656f6e6767692d646f,1.3.6.1.4.1.311.60.2.1.3=#13024b52,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

2e:b8:b5:f1:80:7a:c3:ca:08:78:0d:5c:9e:7f:be:44:d9:51:7f:ff:72:c0:b9:76:19:4c:4f:6c:6b:ee:f2:ff
Signer

Actual PE Digest

2e:b8:b5:f1:80:7a:c3:ca:08:78:0d:5c:9e:7f:be:44:d9:51:7f:ff:72:c0:b9:76:19:4c:4f:6c:6b:ee:f2:ff

Digest Algorithm

sha256

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ntdll

RtlNtStatusToDosError
ZwClose
ZwQueryVirtualMemory
ZwOpenProcess
_allshr
ZwAllocateVirtualMemory
ZwFreeVirtualMemory
ZwProtectVirtualMemory
ZwReadVirtualMemory
memset
LdrGetProcedureAddress
RtlInitAnsiString
ZwDuplicateObject
ZwQueryInformationThread
ZwGetContextThread
ZwDeviceIoControlFile
strncmp
RtlUnwind
NtQueryVirtualMemory
memcpy
ZwFlushInstructionCache
memcmp
NtAllocateVirtualMemory
NtFreeVirtualMemory
NtProtectVirtualMemory
NtFlushInstructionCache
NtResumeThread
NtGetContextThread
NtSetContextThread
RtlAllocateHeap
RtlFreeHeap

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 644B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sxdata
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.detourc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.detourd
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.UPX0
Size: 640KB - Virtual size: 640KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$_0_/Engine/med_x64.nz
.7z
atstrumt.dll
.dll windows:5 windows x64 arch:x64

07b5081079ed324df808fb1ab222ef05

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:03:43:da:68:34:f4:51:3c:e9:a1:a5:80:9e:5e:a5
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

08/11/2022, 00:00

Not After

06/11/2023, 23:59

Subject

SERIALNUMBER=110111-1138985,CN=AhnLab\, Inc.,O=AhnLab\, Inc.,L=Seongnam-si,ST=Gyeonggi-do,C=KR,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.1=#130b53656f6e676e616d2d7369,1.3.6.1.4.1.311.60.2.1.2=#130b4779656f6e6767692d646f,1.3.6.1.4.1.311.60.2.1.3=#13024b52

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

b8:d9:ee:b3:05:64:e2:4f:d9:6f:f6:60:e9:14:c1:20:fb:94:ec:aa:cf:2f:0b:d8:a7:fd:43:96:aa:59:fe:27
Signer

Actual PE Digest

b8:d9:ee:b3:05:64:e2:4f:d9:6f:f6:60:e9:14:c1:20:fb:94:ec:aa:cf:2f:0b:d8:a7:fd:43:96:aa:59:fe:27

Digest Algorithm

sha256

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

u:\AhnLab\Common\AhnTrust\3.0\trunk\Build\X64Release.vc90\atstrumt.pdb

Imports

ws2_32

shutdown
send
recv
closesocket
setsockopt
connect
socket
select
ioctlsocket
WSACleanup
WSAStartup
getsockopt
getservbyport
gethostbyaddr
gethostbyname
WSAGetLastError
inet_addr
htons
getservbyname
htonl
WSASetLastError
ntohs
inet_ntoa

kernel32

GetConsoleOutputCP
WriteConsoleA
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
GetCurrentDirectoryA
CreateFileA
GetFullPathNameA
FlushFileBuffers
GetTickCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
MultiByteToWideChar
GetLastError
GetVersionExW
SetLastError
CloseHandle
CreateFileW
lstrcmpA
FreeLibrary
LoadLibraryW
GetSystemDirectoryW
GetProcAddress
Sleep
VirtualFree
WriteConsoleW
InitializeCriticalSectionAndSpinCount
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetCurrentThreadId
FormatMessageA
LoadLibraryA
GetSystemDirectoryA
GetModuleHandleW
GetVersion
WriteFile
GetFileType
GetStdHandle
WideCharToMultiByte
GetACP
GetEnvironmentVariableW
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
FindNextFileW
FindFirstFileW
FindClose
ReadConsoleA
ReadConsoleW
GetConsoleMode
SetConsoleMode
GetTimeZoneInformation
SetStdHandle
GetStartupInfoA
SetHandleCount
CompareStringA
CompareStringW
SetEnvironmentVariableA
SetEndOfFile
GetProcessHeap
HeapFree
HeapAlloc
GetFileAttributesW
ReadFile
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileInformationByHandle
PeekNamedPipe
HeapReAlloc
FlsSetValue
GetCommandLineA
ExitProcess
SetConsoleCtrlHandler
GetDriveTypeA
FindFirstFileA
EncodePointer
DecodePointer
FlsGetValue
FlsFree
FlsAlloc
HeapSize
RtlUnwindEx
HeapSetInformation
HeapCreate
HeapDestroy
GetCPInfo
GetOEMCP
IsValidCodePage
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetModuleFileNameA
SetFilePointer
LCMapStringA
LCMapStringW
GetConsoleCP

user32

GetProcessWindowStation
GetUserObjectInformationW
MessageBoxW

advapi32

CryptGenRandom
CryptReleaseContext
RegisterEventSourceW
ReportEventW
DeregisterEventSource
CryptAcquireContextW

Sections

.text
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 628KB - Virtual size: 627KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
libcrypto-1_1-x64.dll
.dll windows:6 windows x64 arch:x64

164d05fc7b017b91824727d38395f5a6

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:7b:2e:10:a0:d9:6c:4d:53:bd:1e:49:42:fc:ca:c9
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

24/06/2024, 00:00

Not After

22/06/2025, 23:59

Subject

SERIALNUMBER=110111-1138985,CN=AhnLab\, Inc.,O=AhnLab\, Inc.,L=Seongnam-si,ST=Gyeonggi-do,C=KR,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.1=#130b53656f6e676e616d2d7369,1.3.6.1.4.1.311.60.2.1.2=#130b4779656f6e6767692d646f,1.3.6.1.4.1.311.60.2.1.3=#13024b52

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

87:b6:4d:cb:86:bb:7f:7d:dd:09:52:07:fb:7a:6a:a6:91:dc:0d:93:1b:66:51:c5:9f:c2:1e:a2:2e:59:35:87
Signer

Actual PE Digest

87:b6:4d:cb:86:bb:7f:7d:dd:09:52:07:fb:7a:6a:a6:91:dc:0d:93:1b:66:51:c5:9f:c2:1e:a2:2e:59:35:87

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\OpenSSL\libcrypto-3-x64.pdb

Imports

ws2_32

inet_addr
htons
inet_ntoa
sendto
recvfrom
send
recv
shutdown
socket
setsockopt
listen
connect
closesocket
bind
accept
WSACleanup
WSAStartup
select
getsockopt
getsockname
ioctlsocket
WSAGetLastError
WSASetLastError
getservbyname
getservbyport
gethostbyname
gethostbyaddr
ntohs
htonl

advapi32

RegisterEventSourceW
DeregisterEventSource
ReportEventW

user32

GetUserObjectInformationW
MessageBoxW
GetProcessWindowStation

bcrypt

BCryptGenRandom

kernel32

HeapSize
GetTimeZoneInformation
GetStringTypeW
GetProcessHeap
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
IsValidCodePage
WriteConsoleW
SetFileAttributesW
GetFileAttributesExW
HeapReAlloc
GetFullPathNameW
GetCurrentDirectoryW
SetCurrentDirectoryW
SetFilePointerEx
FlushFileBuffers
SetStdHandle
HeapFree
HeapAlloc
EnumSystemLocalesW
GetUserDefaultLCID
OutputDebugStringW
SetEndOfFile
FindFirstFileExW
TlsAlloc
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
RtlVirtualUnwind
ConvertFiberToThread
ConvertThreadToFiberEx
SwitchToFiber
DeleteFiber
CreateFiberEx
GetSystemDirectoryA
FreeLibrary
GetProcAddress
LoadLibraryA
FormatMessageA
Sleep
GetSystemTime
SystemTimeToFileTime
GetLastError
SetLastError
CloseHandle
LoadLibraryW
GetEnvironmentVariableW
GetStdHandle
GetFileType
WriteFile
GetModuleHandleW
MultiByteToWideChar
WideCharToMultiByte
GetACP
GetModuleHandleExW
GetSystemInfo
VirtualAlloc
VirtualProtect
VirtualFree
VirtualLock
FindClose
FindFirstFileW
FindNextFileW
InitializeSRWLock
ReleaseSRWLockExclusive
ReleaseSRWLockShared
AcquireSRWLockExclusive
AcquireSRWLockShared
GetCurrentThreadId
RtlUnwind
TlsGetValue
TlsSetValue
TlsFree
GetConsoleMode
SetConsoleMode
ReadConsoleA
ReadConsoleW
GetCurrentProcess
TerminateProcess
GetCurrentProcessId
GetSystemTimeAsFileTime
RtlCaptureContext
RtlLookupFunctionEntry
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
InitializeSListHead
GetCurrentThread
RtlUnwindEx
InterlockedPushEntrySList
InterlockedFlushSList
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LoadLibraryExW
EncodePointer
RaiseException
RtlPcToFileHeader
ReadFile
CreateFileW
GetDriveTypeW
GetFileInformationByHandle
PeekNamedPipe
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
ExitProcess
SetConsoleCtrlHandler
GetModuleFileNameW
GetConsoleCP

Exports

Exports

ACCESS_DESCRIPTION_free
ACCESS_DESCRIPTION_it
ACCESS_DESCRIPTION_new
ADMISSIONS_free
ADMISSIONS_get0_admissionAuthority
ADMISSIONS_get0_namingAuthority
ADMISSIONS_get0_professionInfos
ADMISSIONS_it
ADMISSIONS_new
ADMISSIONS_set0_admissionAuthority
ADMISSIONS_set0_namingAuthority
ADMISSIONS_set0_professionInfos
ADMISSION_SYNTAX_free
ADMISSION_SYNTAX_get0_admissionAuthority
ADMISSION_SYNTAX_get0_contentsOfAdmissions
ADMISSION_SYNTAX_it
ADMISSION_SYNTAX_new
ADMISSION_SYNTAX_set0_admissionAuthority
ADMISSION_SYNTAX_set0_contentsOfAdmissions
AES_bi_ige_encrypt
AES_cbc_encrypt
AES_cfb128_encrypt
AES_cfb1_encrypt
AES_cfb8_encrypt
AES_decrypt
AES_ecb_encrypt
AES_encrypt
AES_ige_encrypt
AES_ofb128_encrypt
AES_options
AES_set_decrypt_key
AES_set_encrypt_key
AES_unwrap_key
AES_wrap_key
ASIdOrRange_free
ASIdOrRange_it
ASIdOrRange_new
ASIdentifierChoice_free
ASIdentifierChoice_it
ASIdentifierChoice_new
ASIdentifiers_free
ASIdentifiers_it
ASIdentifiers_new
ASN1_ANY_it
ASN1_BIT_STRING_check
ASN1_BIT_STRING_free
ASN1_BIT_STRING_get_bit
ASN1_BIT_STRING_it
ASN1_BIT_STRING_name_print
ASN1_BIT_STRING_new
ASN1_BIT_STRING_num_asc
ASN1_BIT_STRING_set
ASN1_BIT_STRING_set_asc
ASN1_BIT_STRING_set_bit
ASN1_BMPSTRING_free
ASN1_BMPSTRING_it
ASN1_BMPSTRING_new
ASN1_BOOLEAN_it
ASN1_ENUMERATED_free
ASN1_ENUMERATED_get
ASN1_ENUMERATED_get_int64
ASN1_ENUMERATED_it
ASN1_ENUMERATED_new
ASN1_ENUMERATED_set
ASN1_ENUMERATED_set_int64
ASN1_ENUMERATED_to_BN
ASN1_FBOOLEAN_it
ASN1_GENERALIZEDTIME_adj
ASN1_GENERALIZEDTIME_check
ASN1_GENERALIZEDTIME_dup
ASN1_GENERALIZEDTIME_free
ASN1_GENERALIZEDTIME_it
ASN1_GENERALIZEDTIME_new
ASN1_GENERALIZEDTIME_print
ASN1_GENERALIZEDTIME_set
ASN1_GENERALIZEDTIME_set_string
ASN1_GENERALSTRING_free
ASN1_GENERALSTRING_it
ASN1_GENERALSTRING_new
ASN1_IA5STRING_free
ASN1_IA5STRING_it
ASN1_IA5STRING_new
ASN1_INTEGER_cmp
ASN1_INTEGER_dup
ASN1_INTEGER_free
ASN1_INTEGER_get
ASN1_INTEGER_get_int64
ASN1_INTEGER_get_uint64
ASN1_INTEGER_it
ASN1_INTEGER_new
ASN1_INTEGER_set
ASN1_INTEGER_set_int64
ASN1_INTEGER_set_uint64
ASN1_INTEGER_to_BN
ASN1_ITEM_get
ASN1_ITEM_lookup
ASN1_NULL_free
ASN1_NULL_it
ASN1_NULL_new
ASN1_OBJECT_create
ASN1_OBJECT_free
ASN1_OBJECT_it
ASN1_OBJECT_new
ASN1_OCTET_STRING_NDEF_it
ASN1_OCTET_STRING_cmp
ASN1_OCTET_STRING_dup
ASN1_OCTET_STRING_free
ASN1_OCTET_STRING_it
ASN1_OCTET_STRING_new
ASN1_OCTET_STRING_set
ASN1_PCTX_free
ASN1_PCTX_get_cert_flags
ASN1_PCTX_get_flags
ASN1_PCTX_get_nm_flags
ASN1_PCTX_get_oid_flags
ASN1_PCTX_get_str_flags
ASN1_PCTX_new
ASN1_PCTX_set_cert_flags
ASN1_PCTX_set_flags
ASN1_PCTX_set_nm_flags
ASN1_PCTX_set_oid_flags
ASN1_PCTX_set_str_flags
ASN1_PRINTABLESTRING_free
ASN1_PRINTABLESTRING_it
ASN1_PRINTABLESTRING_new
ASN1_PRINTABLE_free
ASN1_PRINTABLE_it
ASN1_PRINTABLE_new
ASN1_PRINTABLE_type
ASN1_SCTX_free
ASN1_SCTX_get_app_data
ASN1_SCTX_get_flags
ASN1_SCTX_get_item
ASN1_SCTX_get_template
ASN1_SCTX_new
ASN1_SCTX_set_app_data
ASN1_SEQUENCE_ANY_it
ASN1_SEQUENCE_it
ASN1_SET_ANY_it
ASN1_STRING_TABLE_add
ASN1_STRING_TABLE_cleanup
ASN1_STRING_TABLE_get
ASN1_STRING_clear_free
ASN1_STRING_cmp
ASN1_STRING_copy
ASN1_STRING_data
ASN1_STRING_dup
ASN1_STRING_free
ASN1_STRING_get0_data
ASN1_STRING_get_default_mask
ASN1_STRING_length
ASN1_STRING_length_set
ASN1_STRING_new
ASN1_STRING_print
ASN1_STRING_print_ex
ASN1_STRING_print_ex_fp
ASN1_STRING_set
ASN1_STRING_set0
ASN1_STRING_set_by_NID
ASN1_STRING_set_default_mask
ASN1_STRING_set_default_mask_asc
ASN1_STRING_to_UTF8
ASN1_STRING_type
ASN1_STRING_type_new
ASN1_T61STRING_free
ASN1_T61STRING_it
ASN1_T61STRING_new
ASN1_TBOOLEAN_it
ASN1_TIME_adj
ASN1_TIME_check
ASN1_TIME_cmp_time_t
ASN1_TIME_compare
ASN1_TIME_diff
ASN1_TIME_dup
ASN1_TIME_free
ASN1_TIME_it
ASN1_TIME_new
ASN1_TIME_normalize
ASN1_TIME_print
ASN1_TIME_print_ex
ASN1_TIME_set
ASN1_TIME_set_string
ASN1_TIME_set_string_X509
ASN1_TIME_to_generalizedtime
ASN1_TIME_to_tm
ASN1_TYPE_cmp
ASN1_TYPE_free
ASN1_TYPE_get
ASN1_TYPE_get_int_octetstring
ASN1_TYPE_get_octetstring
ASN1_TYPE_new
ASN1_TYPE_pack_sequence
ASN1_TYPE_set
ASN1_TYPE_set1
ASN1_TYPE_set_int_octetstring
ASN1_TYPE_set_octetstring
ASN1_TYPE_unpack_sequence
ASN1_UNIVERSALSTRING_free
ASN1_UNIVERSALSTRING_it
ASN1_UNIVERSALSTRING_new
ASN1_UNIVERSALSTRING_to_string
ASN1_UTCTIME_adj
ASN1_UTCTIME_check
ASN1_UTCTIME_cmp_time_t
ASN1_UTCTIME_dup
ASN1_UTCTIME_free
ASN1_UTCTIME_it
ASN1_UTCTIME_new
ASN1_UTCTIME_print
ASN1_UTCTIME_set
ASN1_UTCTIME_set_string
ASN1_UTF8STRING_free
ASN1_UTF8STRING_it
ASN1_UTF8STRING_new
ASN1_VISIBLESTRING_free
ASN1_VISIBLESTRING_it
ASN1_VISIBLESTRING_new
ASN1_add_oid_module
ASN1_add_stable_module
ASN1_bn_print
ASN1_buf_print
ASN1_check_infinite_end
ASN1_const_check_infinite_end
ASN1_d2i_bio
ASN1_d2i_fp
ASN1_digest
ASN1_dup
ASN1_generate_nconf
ASN1_generate_v3
ASN1_get_object
ASN1_i2d_bio
ASN1_i2d_fp
ASN1_item_d2i
ASN1_item_d2i_bio
ASN1_item_d2i_bio_ex
ASN1_item_d2i_ex
ASN1_item_d2i_fp
ASN1_item_d2i_fp_ex
ASN1_item_digest
ASN1_item_dup
ASN1_item_ex_d2i
ASN1_item_ex_free
ASN1_item_ex_i2d
ASN1_item_ex_new
ASN1_item_free
ASN1_item_i2d
ASN1_item_i2d_bio
ASN1_item_i2d_fp
ASN1_item_i2d_mem_bio
ASN1_item_ndef_i2d
ASN1_item_new
ASN1_item_new_ex
ASN1_item_pack
ASN1_item_print
ASN1_item_sign
ASN1_item_sign_ctx
ASN1_item_sign_ex
ASN1_item_unpack
ASN1_item_verify
ASN1_item_verify_ctx
ASN1_item_verify_ex
ASN1_mbstring_copy
ASN1_mbstring_ncopy
ASN1_object_size
ASN1_parse
ASN1_parse_dump
ASN1_put_eoc
ASN1_put_object
ASN1_sign
ASN1_str2mask
ASN1_tag2bit
ASN1_tag2str
ASN1_verify
ASRange_free
ASRange_it
ASRange_new
ASYNC_WAIT_CTX_clear_fd
ASYNC_WAIT_CTX_free
ASYNC_WAIT_CTX_get_all_fds
ASYNC_WAIT_CTX_get_callback
ASYNC_WAIT_CTX_get_changed_fds
ASYNC_WAIT_CTX_get_fd
ASYNC_WAIT_CTX_get_status
ASYNC_WAIT_CTX_new
ASYNC_WAIT_CTX_set_callback
ASYNC_WAIT_CTX_set_status
ASYNC_WAIT_CTX_set_wait_fd
ASYNC_block_pause
ASYNC_cleanup_thread
ASYNC_get_current_job
ASYNC_get_wait_ctx
ASYNC_init_thread
ASYNC_is_capable
ASYNC_pause_job
ASYNC_start_job
ASYNC_unblock_pause
AUTHORITY_INFO_ACCESS_free
AUTHORITY_INFO_ACCESS_it
AUTHORITY_INFO_ACCESS_new
AUTHORITY_KEYID_free
AUTHORITY_KEYID_it
AUTHORITY_KEYID_new
BASIC_CONSTRAINTS_free
BASIC_CONSTRAINTS_it
BASIC_CONSTRAINTS_new
BF_cbc_encrypt
BF_cfb64_encrypt
BF_decrypt
BF_ecb_encrypt
BF_encrypt
BF_ofb64_encrypt
BF_options
BF_set_key
BIGNUM_it
BIO_ADDRINFO_address
BIO_ADDRINFO_family
BIO_ADDRINFO_free
BIO_ADDRINFO_next
BIO_ADDRINFO_protocol
BIO_ADDRINFO_socktype
BIO_ADDR_clear
BIO_ADDR_family
BIO_ADDR_free
BIO_ADDR_hostname_string
BIO_ADDR_new
BIO_ADDR_path_string
BIO_ADDR_rawaddress
BIO_ADDR_rawmake
BIO_ADDR_rawport
BIO_ADDR_service_string
BIO_accept
BIO_accept_ex
BIO_asn1_get_prefix
BIO_asn1_get_suffix
BIO_asn1_set_prefix
BIO_asn1_set_suffix
BIO_bind
BIO_callback_ctrl
BIO_clear_flags
BIO_closesocket
BIO_connect
BIO_copy_next_retry
BIO_ctrl
BIO_ctrl_get_read_request
BIO_ctrl_get_write_guarantee
BIO_ctrl_pending
BIO_ctrl_reset_read_request
BIO_ctrl_wpending
BIO_debug_callback
BIO_debug_callback_ex
BIO_dgram_non_fatal_error
BIO_do_connect_retry
BIO_dump
BIO_dump_cb
BIO_dump_fp
BIO_dump_indent
BIO_dump_indent_cb
BIO_dump_indent_fp
BIO_dup_chain
BIO_f_asn1
BIO_f_base64
BIO_f_buffer
BIO_f_cipher
BIO_f_linebuffer
BIO_f_md
BIO_f_nbio_test
BIO_f_null
BIO_f_prefix
BIO_f_readbuffer
BIO_f_reliable
BIO_fd_non_fatal_error
BIO_fd_should_retry
BIO_find_type
BIO_free
BIO_free_all
BIO_get_accept_socket
BIO_get_callback
BIO_get_callback_arg
BIO_get_callback_ex
BIO_get_data
BIO_get_ex_data
BIO_get_host_ip
BIO_get_init
BIO_get_line
BIO_get_new_index
BIO_get_port
BIO_get_retry_BIO
BIO_get_retry_reason
BIO_get_shutdown
BIO_gethostbyname
BIO_gets
BIO_hex_string
BIO_indent
BIO_int_ctrl
BIO_listen
BIO_lookup
BIO_lookup_ex
BIO_meth_free
BIO_meth_get_callback_ctrl
BIO_meth_get_create
BIO_meth_get_ctrl
BIO_meth_get_destroy
BIO_meth_get_gets
BIO_meth_get_puts
BIO_meth_get_read
BIO_meth_get_read_ex
BIO_meth_get_write
BIO_meth_get_write_ex
BIO_meth_new
BIO_meth_set_callback_ctrl
BIO_meth_set_create
BIO_meth_set_ctrl
BIO_meth_set_destroy
BIO_meth_set_gets
BIO_meth_set_puts
BIO_meth_set_read
BIO_meth_set_read_ex
BIO_meth_set_write
BIO_meth_set_write_ex
BIO_method_name
BIO_method_type
BIO_new
BIO_new_CMS
BIO_new_NDEF
BIO_new_PKCS7
BIO_new_accept
BIO_new_bio_pair
BIO_new_connect
BIO_new_dgram
BIO_new_ex
BIO_new_fd
BIO_new_file
BIO_new_fp
BIO_new_from_core_bio
BIO_new_mem_buf
BIO_new_socket
BIO_next
BIO_nread
BIO_nread0
BIO_number_read
BIO_number_written
BIO_nwrite
BIO_nwrite0
BIO_parse_hostserv
BIO_pop
BIO_printf
BIO_ptr_ctrl
BIO_push
BIO_puts
BIO_read
BIO_read_ex
BIO_s_accept
BIO_s_bio
BIO_s_connect
BIO_s_core
BIO_s_datagram
BIO_s_fd
BIO_s_file
BIO_s_log
BIO_s_mem
BIO_s_null
BIO_s_secmem
BIO_s_socket
BIO_set_callback
BIO_set_callback_arg
BIO_set_callback_ex
BIO_set_cipher
BIO_set_data
BIO_set_ex_data
BIO_set_flags
BIO_set_init
BIO_set_next
BIO_set_retry_reason
BIO_set_shutdown
BIO_set_tcp_ndelay
BIO_snprintf
BIO_sock_error
BIO_sock_info
BIO_sock_init
BIO_sock_non_fatal_error
BIO_sock_should_retry
BIO_socket
BIO_socket_ioctl
BIO_socket_nbio
BIO_socket_wait
BIO_test_flags
BIO_up_ref
BIO_vfree
BIO_vprintf
BIO_vsnprintf
BIO_wait
BIO_write
BIO_write_ex
BN_BLINDING_convert
BN_BLINDING_convert_ex
BN_BLINDING_create_param
BN_BLINDING_free
BN_BLINDING_get_flags
BN_BLINDING_invert
BN_BLINDING_invert_ex

Sections

.text
Size: 3.7MB - Virtual size: 3.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 187KB - Virtual size: 186KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 952B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
libssl-1_1-x64.dll
.dll windows:6 windows x64 arch:x64

0e531071edd319963dc54f3f13cc79a2

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:7b:2e:10:a0:d9:6c:4d:53:bd:1e:49:42:fc:ca:c9
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

24/06/2024, 00:00

Not After

22/06/2025, 23:59

Subject

SERIALNUMBER=110111-1138985,CN=AhnLab\, Inc.,O=AhnLab\, Inc.,L=Seongnam-si,ST=Gyeonggi-do,C=KR,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.1=#130b53656f6e676e616d2d7369,1.3.6.1.4.1.311.60.2.1.2=#130b4779656f6e6767692d646f,1.3.6.1.4.1.311.60.2.1.3=#13024b52

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

7c:9f:2b:cb:16:1f:c1:66:2d:81:12:f3:e3:ce:30:7a:d7:91:2f:6a:5a:cc:11:b8:19:e3:4d:52:81:f7:a2:96
Signer

Actual PE Digest

7c:9f:2b:cb:16:1f:c1:66:2d:81:12:f3:e3:ce:30:7a:d7:91:2f:6a:5a:cc:11:b8:19:e3:4d:52:81:f7:a2:96

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\OpenSSL\libssl-3-x64.pdb

Imports

libcrypto-3-x64

EVP_PKEY_derive
EVP_PKEY_encapsulate_init
EVP_PKEY_encapsulate
EVP_PKEY_decapsulate_init
EVP_PKEY_decapsulate
EVP_PKEY_paramgen_init
EVP_PKEY_paramgen
EVP_PKEY_keygen_init
EVP_PKEY_keygen
EVP_PKEY_CTX_set_group_name
X509_NAME_free
X509_free
RAND_bytes_ex
INT32_it
ZINT32_it
UINT32_it
ZUINT32_it
ZINT64_it
ZUINT64_it
ASN1_OCTET_STRING_it
X509_it
CRYPTO_strndup
ASN1_item_free
ASN1_item_d2i
ASN1_item_i2d
OPENSSL_DIR_read
OPENSSL_DIR_end
OPENSSL_sk_shift
OPENSSL_sk_pop
OPENSSL_sk_set_cmp_func
CRYPTO_THREAD_lock_new
CRYPTO_THREAD_lock_free
CRYPTO_get_ex_new_index
CRYPTO_THREAD_run_once
OSSL_LIB_CTX_set0_default
BIO_s_file
BIO_snprintf
OBJ_nid2ln
OBJ_nid2sn
OPENSSL_LH_new
OPENSSL_LH_free
OPENSSL_LH_insert
OPENSSL_LH_retrieve
X509_verify_cert
X509_STORE_new
X509_STORE_free
X509_STORE_up_ref
X509_STORE_CTX_new_ex
X509_STORE_CTX_free
X509_STORE_CTX_init
X509_STORE_CTX_set_verify_cb
X509_STORE_add_cert
X509_STORE_CTX_set_ex_data
X509_STORE_CTX_get_error
X509_STORE_CTX_get0_chain
X509_STORE_CTX_get1_chain
X509_STORE_CTX_set_flags
X509_STORE_CTX_get0_param
X509_STORE_CTX_set_default
X509_STORE_CTX_set0_dane
X509_VERIFY_PARAM_set1
X509_VERIFY_PARAM_set_auth_level
X509_VERIFY_PARAM_move_peername
X509_verify_cert_error_string
X509_NAME_dup
i2d_X509_NAME
X509_new_ex
X509_get_subject_name
X509_up_ref
X509_chain_up_ref
X509_cmp
X509_NAME_hash_ex
PEM_read_bio_X509
OSSL_STORE_open
OSSL_STORE_load
OSSL_STORE_eof
OSSL_STORE_error
OSSL_STORE_close
OSSL_STORE_INFO_get_type
OSSL_STORE_INFO_get0_NAME
OSSL_STORE_INFO_get0_CERT
OSSL_STORE_INFO_free
X509_get_extension_flags
OPENSSL_sk_new
OPENSSL_sk_delete
OPENSSL_sk_unshift
OPENSSL_sk_dup
OPENSSL_sk_sort
COMP_get_type
COMP_get_name
COMP_zlib
EVP_CIPHER_get_block_size
EVP_CIPHER_get_flags
EVP_CIPHER_get_mode
EVP_CIPHER_fetch
EVP_get_cipherbyname
EVP_get_digestbyname
EVP_PKEY_asn1_find_str
EVP_PKEY_asn1_get0_info
EVP_SIGNATURE_free
EVP_SIGNATURE_fetch
EVP_KEYEXCH_free
EVP_KEYEXCH_fetch
CONF_parse_list
ERR_set_mark
ERR_pop_to_mark
OPENSSL_strcasecmp
OPENSSL_strncasecmp
ERR_clear_last_mark
X509_STORE_load_path
X509_STORE_load_file_ex
X509_STORE_load_store_ex
OSSL_DECODER_CTX_free
OSSL_DECODER_from_bio
OSSL_DECODER_CTX_new_for_pkey
ERR_reason_error_string
ERR_load_strings_const
OPENSSL_init_crypto
OPENSSL_atexit
OPENSSL_sk_insert
CRYPTO_THREAD_read_lock
CRYPTO_THREAD_write_lock
CRYPTO_THREAD_unlock
OPENSSL_strnlen
CRYPTO_new_ex_data
CRYPTO_dup_ex_data
CRYPTO_free_ex_data
CRYPTO_set_ex_data
CRYPTO_get_ex_data
CRYPTO_realloc
CRYPTO_secure_zalloc
CRYPTO_secure_free
CRYPTO_memcmp
BUF_MEM_free
COMP_CTX_get_method
BIO_int_ctrl
BIO_pop
BIO_free_all
BIO_s_socket
ASN1_OCTET_STRING_free
OPENSSL_LH_num_items
ERR_peek_error
OBJ_bsearch_
EVP_MD_get0_provider
EVP_CIPHER_up_ref
EVP_CIPHER_free
EVP_MD_fetch
EVP_MD_up_ref
EVP_MD_free
EVP_PKEY_get_security_bits
X509_STORE_add_lookup
X509_LOOKUP_hash_dir
X509_LOOKUP_file
X509_LOOKUP_store
X509_LOOKUP_ctrl
X509_LOOKUP_ctrl_ex
X509_STORE_set_default_paths_ex
X509_VERIFY_PARAM_new
X509_VERIFY_PARAM_free
X509_VERIFY_PARAM_inherit
X509_VERIFY_PARAM_set_purpose
X509_VERIFY_PARAM_set_trust
X509_VERIFY_PARAM_set_depth
X509_VERIFY_PARAM_set1_host
X509_VERIFY_PARAM_add1_host
X509_VERIFY_PARAM_set_hostflags
X509_VERIFY_PARAM_get0_peername
X509_VERIFY_PARAM_get1_ip_asc
X509_VERIFY_PARAM_set1_ip_asc
X509_VERIFY_PARAM_get_depth
d2i_PUBKEY
X509_EXTENSION_free
d2i_X509
X509_get0_pubkey
X509_check_private_key
X509_get_ext_d2i
ASYNC_WAIT_CTX_new
ASYNC_WAIT_CTX_free
ASYNC_WAIT_CTX_get_all_fds
ASYNC_WAIT_CTX_set_callback
ASYNC_WAIT_CTX_get_status
ASYNC_WAIT_CTX_get_changed_fds
ASYNC_start_job
ASYNC_get_current_job
CT_POLICY_EVAL_CTX_new_ex
CT_POLICY_EVAL_CTX_free
CT_POLICY_EVAL_CTX_set1_cert
CT_POLICY_EVAL_CTX_set1_issuer
CT_POLICY_EVAL_CTX_set_shared_CTLOG_STORE
CT_POLICY_EVAL_CTX_set_time
SCT_free
SCT_LIST_free
SCT_set_source
SCT_get_validation_status
SCT_LIST_validate
o2i_SCT_LIST
CTLOG_STORE_new_ex
CTLOG_STORE_free
EVP_PKEY_derive_init
CTLOG_STORE_load_default_file
X509_get_key_usage
a2i_IPADDRESS
RAND_priv_bytes_ex
OCSP_response_get1_basic
OCSP_resp_count
OCSP_resp_get0
OCSP_SINGLERESP_get1_ext_d2i
OCSP_BASICRESP_free
OCSP_RESPID_free
OCSP_RESPONSE_free
d2i_OCSP_RESPONSE
conf_ssl_get
conf_ssl_name_find
conf_ssl_get_cmd
ERR_peek_last_error
EVP_PKEY_can_sign
d2i_PrivateKey_ex
EVP_PKEY_copy_parameters
EVP_PKEY_missing_parameters
EVP_PKEY_eq
d2i_X509_bio
d2i_PrivateKey_ex_bio
X509_get_pubkey
PEM_read_bio
PEM_read_bio_X509_AUX
PEM_read_bio_PrivateKey_ex
RSA_free
RSA_up_ref
d2i_RSAPrivateKey
EVP_PKEY_assign
EVP_PKEY_new
d2i_RSAPrivateKey_bio
PEM_read_bio_RSAPrivateKey
OPENSSL_LH_delete
OPENSSL_LH_get_down_load
OPENSSL_LH_set_down_load
PEM_ASN1_read_bio
PEM_ASN1_write_bio
PEM_ASN1_read
PEM_ASN1_write
BIO_puts
BIO_dump_indent
BIO_printf
OSSL_PARAM_construct_int
OSSL_PARAM_construct_size_t
OSSL_PARAM_construct_utf8_string
EVP_MD_get0_name
EVP_DigestSignInit_ex
EVP_CIPHER_CTX_ctrl
EVP_CIPHER_CTX_set_params
EVP_PKEY_new_mac_key
EVP_PKEY_new_raw_private_key_ex
EVP_KDF_free
EVP_KDF_fetch
EVP_KDF_CTX_new
EVP_KDF_CTX_free
EVP_KDF_derive
BN_free
BN_get_rfc2409_prime_1024
BN_get_rfc3526_prime_2048
BN_get_rfc3526_prime_3072
BN_get_rfc3526_prime_4096
BN_get_rfc3526_prime_8192
OBJ_txt2nid
OBJ_ln2nid
OBJ_sn2nid
OSSL_PARAM_locate_const
OSSL_PARAM_get_int
OSSL_PARAM_get_uint
OSSL_PARAM_free
EVP_CIPHER_CTX_get_iv_length
EVP_DecryptInit_ex
EVP_DecryptUpdate
EVP_DecryptFinal
EVP_MAC_fetch
EVP_MAC_free
EVP_MAC_CTX_new
EVP_MAC_CTX_free
EVP_MAC_CTX_get_mac_size
EVP_MAC_init
EVP_MAC_update
EVP_MAC_final
EVP_PKEY_get_id
EVP_PKEY_get_bits
EVP_PKEY_get_size
EVP_PKEY_set_type
EVP_PKEY_digestsign_supports_digest
EVP_PKEY_set1_encoded_public_key
EVP_KEYMGMT_fetch
EVP_KEYMGMT_free
EVP_KEYMGMT_get0_provider
EVP_PKEY_fromdata_init
EVP_PKEY_fromdata
EVP_PKEY_get_ec_point_conv_form
EVP_PKEY_get_field_type
EVP_PKEY_get_group_name
X509_get_signature_info
X509_get_signature_nid
X509_get_issuer_name
X509_chain_check_suiteb
X509_NAME_cmp
OSSL_PROVIDER_do_all
OSSL_PROVIDER_get_capabilities
OSSL_PARAM_BLD_new
OSSL_PARAM_BLD_to_param
OSSL_PARAM_BLD_free
OSSL_PARAM_BLD_push_uint
OSSL_PARAM_BLD_push_BN
BIO_indent
d2i_X509_NAME
X509_NAME_print_ex
X509_print_ex
PEM_write_bio_X509
EVP_Q_mac
EC_GROUP_get_curve_name
EC_KEY_get0_group
EVP_PKEY_set1_DH
ENGINE_get_ssl_client_cert_function
ENGINE_get_cipher
ENGINE_get_digest
ENGINE_init
ENGINE_finish
ENGINE_load_ssl_client_cert
ENGINE_get_cipher_engine
ENGINE_get_digest_engine
HMAC_size
HMAC_CTX_new
HMAC_CTX_free
HMAC_Init_ex
HMAC_Update
HMAC_Final
BN_is_zero
BN_num_bits
BN_clear_free
BN_copy
BN_bin2bn
BN_bn2bin
BN_dup
BN_ucmp
SRP_create_verifier_BN_ex
SRP_check_known_gN_param
SRP_get_default_gN
SRP_Calc_server_key
SRP_Calc_B_ex
SRP_Verify_A_mod_N
SRP_Calc_u_ex
SRP_Calc_x_ex
SRP_Calc_A
SRP_Calc_client_key_ex
SRP_Verify_B_mod_N
COMP_compress_block
COMP_expand_block
OSSL_PARAM_construct_octet_ptr
EVP_MD_CTX_get_pkey_ctx
EVP_CIPHER_CTX_get_block_size
EVP_Cipher
EVP_MD_CTX_ctrl
EVP_MD_CTX_copy
EVP_CipherUpdate
EVP_DigestSignUpdate
EVP_DigestSignFinal
EVP_CIPHER_CTX_get_params
EVP_PKEY_CTX_set_params
EVP_CipherFinal_ex
EVP_PKEY_get1_encoded_public_key
i2d_X509_EXTENSIONS
i2d_OCSP_RESPID
EVP_DigestSign
d2i_X509_EXTENSIONS
d2i_OCSP_RESPID
BUF_MEM_new
BUF_MEM_grow_clean
ERR_vset_error
EVP_Digest
EVP_DigestInit
EVP_DigestVerify
EVP_DigestVerifyInit_ex
EVP_PKEY_CTX_ctrl
EVP_PKEY_encrypt_init
EVP_PKEY_encrypt
EVP_PKEY_public_check
EVP_PKEY_param_check_quick
EVP_PKEY_CTX_set_rsa_padding
EVP_PKEY_CTX_set_rsa_pss_saltlen
BUF_reverse
EVP_DigestVerifyUpdate
EVP_DigestVerifyFinal
i2d_X509
ASN1_ANY_it
ASN1_TYPE_get
ASN1_item_new
OSSL_PARAM_construct_uint
EVP_EncryptInit_ex
EVP_EncryptUpdate
EVP_EncryptFinal
EVP_PKEY_decrypt_init
EVP_PKEY_decrypt
EVP_PKEY_get_bn_param
EVP_PKEY_CTX_free
EVP_PKEY_CTX_new_from_pkey
EVP_PKEY_CTX_new_from_name
EVP_PKEY_free
EVP_PKEY_up_ref
EVP_PKEY_is_a
EVP_PKEY_CTX_set_dh_pad
CRYPTO_strdup
CRYPTO_memdup
OPENSSL_sk_pop_free
OPENSSL_sk_new_reserve
OPENSSL_sk_value
OPENSSL_sk_num
EVP_CIPHER_CTX_reset
EVP_CIPHER_CTX_new
EVP_CipherInit_ex
EVP_DigestFinal_ex
EVP_MD_CTX_copy_ex
EVP_MD_CTX_set_params
EVP_CIPHER_CTX_get0_cipher
EVP_CIPHER_get_iv_length
EVP_PKEY_derive_set_peer
EVP_CIPHER_get_key_length
EVP_CIPHER_get0_provider
EVP_MD_CTX_get0_md
EVP_MD_get_size
EVP_MD_get_type
OSSL_PARAM_construct_end
OSSL_PARAM_construct_octet_string
BIO_s_mem
COMP_CTX_free
COMP_CTX_new
OPENSSL_cleanse
CRYPTO_clear_free
SHA512_Transform
SHA512_Init
SHA384_Init
SHA256_Transform
SHA256_Init
SHA224_Init
SHA1_Transform
SHA1_Init
MD5_Transform
MD5_Init
EVP_DigestFinal
EVP_DigestUpdate
EVP_DigestInit_ex
EVP_MD_CTX_new
EVP_MD_is_a
CRYPTO_malloc
OPENSSL_sk_push
OPENSSL_sk_find
OPENSSL_sk_free
OPENSSL_sk_new_null
ERR_clear_error
EVP_CIPHER_CTX_free
EVP_MD_CTX_free
BIO_ADDR_clear
BIO_ADDR_free
BIO_ADDR_new
BIO_read
BIO_test_flags
BIO_copy_next_retry
BIO_f_buffer
BIO_s_connect
BIO_set_retry_reason
BIO_get_retry_reason
BIO_set_next
BIO_next
BIO_find_type
BIO_push
BIO_callback_ctrl
BIO_ctrl
BIO_write
BIO_up_ref
BIO_get_shutdown
BIO_set_shutdown
BIO_get_init
BIO_set_init
BIO_get_data
BIO_set_data
BIO_free
BIO_new
BIO_method_type
BIO_clear_flags
BIO_set_flags
ERR_set_error
ERR_set_debug
ERR_new
BUF_MEM_grow
CRYPTO_free
CTLOG_STORE_load_file
CRYPTO_zalloc

kernel32

RtlUnwind
OutputDebugStringW
GetConsoleMode
GetConsoleCP
FlushFileBuffers
HeapReAlloc
HeapSize
GetStringTypeW
GetTimeZoneInformation
WriteFile
SetConsoleCtrlHandler
GetProcessHeap
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
GetStdHandle
SetStdHandle
MultiByteToWideChar
GetFullPathNameW
HeapAlloc
HeapFree
GetCurrentDirectoryW
SetCurrentDirectoryW
GetCurrentThread
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
GetModuleFileNameW
GetModuleHandleExW
ExitProcess
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
PeekNamedPipe
CloseHandle
GetFileType
GetFileInformationByHandle
GetDriveTypeW
CreateFileW
RtlPcToFileHeader
RaiseException
EncodePointer
LoadLibraryExW
GetProcAddress
FreeLibrary
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwindEx
GetModuleHandleW
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetLastError
SystemTimeToFileTime
GetSystemTime
SetLastError
WriteConsoleW
SetFilePointerEx

Exports

Exports

BIO_f_ssl
BIO_new_buffer_ssl_connect
BIO_new_ssl
BIO_new_ssl_connect
BIO_ssl_copy_session_id
BIO_ssl_shutdown
DTLS_client_method
DTLS_get_data_mtu
DTLS_method
DTLS_server_method
DTLS_set_timer_cb
DTLSv1_2_client_method
DTLSv1_2_method
DTLSv1_2_server_method
DTLSv1_client_method
DTLSv1_listen
DTLSv1_method
DTLSv1_server_method
ERR_load_SSL_strings
OPENSSL_cipher_name
OPENSSL_init_ssl
OSSL_default_cipher_list
OSSL_default_ciphersuites
PEM_read_SSL_SESSION
PEM_read_bio_SSL_SESSION
PEM_write_SSL_SESSION
PEM_write_bio_SSL_SESSION
SRP_Calc_A_param
SSL_CIPHER_description
SSL_CIPHER_find
SSL_CIPHER_get_auth_nid
SSL_CIPHER_get_bits
SSL_CIPHER_get_cipher_nid
SSL_CIPHER_get_digest_nid
SSL_CIPHER_get_handshake_digest
SSL_CIPHER_get_id
SSL_CIPHER_get_kx_nid
SSL_CIPHER_get_name
SSL_CIPHER_get_protocol_id
SSL_CIPHER_get_version
SSL_CIPHER_is_aead
SSL_CIPHER_standard_name
SSL_COMP_add_compression_method
SSL_COMP_get0_name
SSL_COMP_get_compression_methods
SSL_COMP_get_id
SSL_COMP_get_name
SSL_COMP_set0_compression_methods
SSL_CONF_CTX_clear_flags
SSL_CONF_CTX_finish
SSL_CONF_CTX_free
SSL_CONF_CTX_new
SSL_CONF_CTX_set1_prefix
SSL_CONF_CTX_set_flags
SSL_CONF_CTX_set_ssl
SSL_CONF_CTX_set_ssl_ctx
SSL_CONF_cmd
SSL_CONF_cmd_argv
SSL_CONF_cmd_value_type
SSL_CTX_SRP_CTX_free
SSL_CTX_SRP_CTX_init
SSL_CTX_add1_to_CA_list
SSL_CTX_add_client_CA
SSL_CTX_add_client_custom_ext
SSL_CTX_add_custom_ext
SSL_CTX_add_server_custom_ext
SSL_CTX_add_session
SSL_CTX_callback_ctrl
SSL_CTX_check_private_key
SSL_CTX_clear_options
SSL_CTX_config
SSL_CTX_ct_is_enabled
SSL_CTX_ctrl
SSL_CTX_dane_clear_flags
SSL_CTX_dane_enable
SSL_CTX_dane_mtype_set
SSL_CTX_dane_set_flags
SSL_CTX_enable_ct
SSL_CTX_flush_sessions
SSL_CTX_free
SSL_CTX_get0_CA_list
SSL_CTX_get0_certificate
SSL_CTX_get0_ctlog_store
SSL_CTX_get0_param
SSL_CTX_get0_privatekey
SSL_CTX_get0_security_ex_data
SSL_CTX_get_cert_store
SSL_CTX_get_ciphers
SSL_CTX_get_client_CA_list
SSL_CTX_get_client_cert_cb
SSL_CTX_get_default_passwd_cb
SSL_CTX_get_default_passwd_cb_userdata
SSL_CTX_get_ex_data
SSL_CTX_get_info_callback
SSL_CTX_get_keylog_callback
SSL_CTX_get_max_early_data
SSL_CTX_get_num_tickets
SSL_CTX_get_options
SSL_CTX_get_quiet_shutdown
SSL_CTX_get_record_padding_callback_arg
SSL_CTX_get_recv_max_early_data
SSL_CTX_get_security_callback
SSL_CTX_get_security_level
SSL_CTX_get_ssl_method
SSL_CTX_get_timeout
SSL_CTX_get_verify_callback
SSL_CTX_get_verify_depth
SSL_CTX_get_verify_mode
SSL_CTX_has_client_custom_ext
SSL_CTX_load_verify_dir
SSL_CTX_load_verify_file
SSL_CTX_load_verify_locations
SSL_CTX_load_verify_store
SSL_CTX_new
SSL_CTX_new_ex
SSL_CTX_remove_session
SSL_CTX_sess_get_get_cb
SSL_CTX_sess_get_new_cb
SSL_CTX_sess_get_remove_cb
SSL_CTX_sess_set_get_cb
SSL_CTX_sess_set_new_cb
SSL_CTX_sess_set_remove_cb
SSL_CTX_sessions
SSL_CTX_set0_CA_list
SSL_CTX_set0_ctlog_store
SSL_CTX_set0_security_ex_data
SSL_CTX_set0_tmp_dh_pkey
SSL_CTX_set1_cert_store
SSL_CTX_set1_param
SSL_CTX_set_allow_early_data_cb
SSL_CTX_set_alpn_protos
SSL_CTX_set_alpn_select_cb
SSL_CTX_set_async_callback
SSL_CTX_set_async_callback_arg
SSL_CTX_set_block_padding
SSL_CTX_set_cert_cb
SSL_CTX_set_cert_store
SSL_CTX_set_cert_verify_callback
SSL_CTX_set_cipher_list
SSL_CTX_set_ciphersuites
SSL_CTX_set_client_CA_list
SSL_CTX_set_client_cert_cb
SSL_CTX_set_client_cert_engine
SSL_CTX_set_client_hello_cb
SSL_CTX_set_cookie_generate_cb
SSL_CTX_set_cookie_verify_cb
SSL_CTX_set_ct_validation_callback
SSL_CTX_set_ctlog_list_file
SSL_CTX_set_default_ctlog_list_file
SSL_CTX_set_default_passwd_cb
SSL_CTX_set_default_passwd_cb_userdata
SSL_CTX_set_default_read_buffer_len
SSL_CTX_set_default_verify_dir
SSL_CTX_set_default_verify_file
SSL_CTX_set_default_verify_paths
SSL_CTX_set_default_verify_store
SSL_CTX_set_ex_data
SSL_CTX_set_generate_session_id
SSL_CTX_set_info_callback
SSL_CTX_set_keylog_callback
SSL_CTX_set_max_early_data
SSL_CTX_set_msg_callback
SSL_CTX_set_next_proto_select_cb
SSL_CTX_set_next_protos_advertised_cb
SSL_CTX_set_not_resumable_session_callback
SSL_CTX_set_num_tickets
SSL_CTX_set_options
SSL_CTX_set_post_handshake_auth
SSL_CTX_set_psk_client_callback
SSL_CTX_set_psk_find_session_callback
SSL_CTX_set_psk_server_callback
SSL_CTX_set_psk_use_session_callback
SSL_CTX_set_purpose
SSL_CTX_set_quiet_shutdown
SSL_CTX_set_record_padding_callback
SSL_CTX_set_record_padding_callback_arg
SSL_CTX_set_recv_max_early_data
SSL_CTX_set_security_callback
SSL_CTX_set_security_level
SSL_CTX_set_session_id_context
SSL_CTX_set_session_ticket_cb
SSL_CTX_set_srp_cb_arg
SSL_CTX_set_srp_client_pwd_callback
SSL_CTX_set_srp_password
SSL_CTX_set_srp_strength
SSL_CTX_set_srp_username
SSL_CTX_set_srp_username_callback
SSL_CTX_set_srp_verify_param_callback
SSL_CTX_set_ssl_version
SSL_CTX_set_stateless_cookie_generate_cb
SSL_CTX_set_stateless_cookie_verify_cb
SSL_CTX_set_timeout
SSL_CTX_set_tlsext_max_fragment_length
SSL_CTX_set_tlsext_ticket_key_evp_cb
SSL_CTX_set_tlsext_use_srtp
SSL_CTX_set_tmp_dh_callback
SSL_CTX_set_trust
SSL_CTX_set_verify
SSL_CTX_set_verify_depth
SSL_CTX_up_ref
SSL_CTX_use_PrivateKey
SSL_CTX_use_PrivateKey_ASN1
SSL_CTX_use_PrivateKey_file
SSL_CTX_use_RSAPrivateKey
SSL_CTX_use_RSAPrivateKey_ASN1
SSL_CTX_use_RSAPrivateKey_file
SSL_CTX_use_cert_and_key
SSL_CTX_use_certificate
SSL_CTX_use_certificate_ASN1
SSL_CTX_use_certificate_chain_file
SSL_CTX_use_certificate_file
SSL_CTX_use_psk_identity_hint
SSL_CTX_use_serverinfo
SSL_CTX_use_serverinfo_ex
SSL_CTX_use_serverinfo_file
SSL_SESSION_dup
SSL_SESSION_free
SSL_SESSION_get0_alpn_selected
SSL_SESSION_get0_cipher
SSL_SESSION_get0_hostname
SSL_SESSION_get0_id_context
SSL_SESSION_get0_peer
SSL_SESSION_get0_ticket
SSL_SESSION_get0_ticket_appdata
SSL_SESSION_get_compress_id
SSL_SESSION_get_ex_data
SSL_SESSION_get_id
SSL_SESSION_get_master_key
SSL_SESSION_get_max_early_data
SSL_SESSION_get_max_fragment_length
SSL_SESSION_get_protocol_version
SSL_SESSION_get_ticket_lifetime_hint
SSL_SESSION_get_time
SSL_SESSION_get_timeout
SSL_SESSION_has_ticket
SSL_SESSION_is_resumable
SSL_SESSION_new
SSL_SESSION_print
SSL_SESSION_print_fp
SSL_SESSION_print_keylog
SSL_SESSION_set1_alpn_selected
SSL_SESSION_set1_hostname
SSL_SESSION_set1_id
SSL_SESSION_set1_id_context
SSL_SESSION_set1_master_key
SSL_SESSION_set1_ticket_appdata
SSL_SESSION_set_cipher
SSL_SESSION_set_ex_data
SSL_SESSION_set_max_early_data
SSL_SESSION_set_protocol_version
SSL_SESSION_set_time
SSL_SESSION_set_timeout
SSL_SESSION_up_ref
SSL_SRP_CTX_free
SSL_SRP_CTX_init
SSL_accept
SSL_add1_host
SSL_add1_to_CA_list
SSL_add_client_CA
SSL_add_dir_cert_subjects_to_stack
SSL_add_file_cert_subjects_to_stack
SSL_add_ssl_module
SSL_add_store_cert_subjects_to_stack
SSL_alert_desc_string
SSL_alert_desc_string_long
SSL_alert_type_string
SSL_alert_type_string_long
SSL_alloc_buffers
SSL_bytes_to_cipher_list
SSL_callback_ctrl
SSL_certs_clear
SSL_check_chain
SSL_check_private_key
SSL_clear
SSL_clear_options
SSL_client_hello_get0_ciphers
SSL_client_hello_get0_compression_methods
SSL_client_hello_get0_ext
SSL_client_hello_get0_legacy_version
SSL_client_hello_get0_random
SSL_client_hello_get0_session_id
SSL_client_hello_get1_extensions_present
SSL_client_hello_isv2
SSL_client_version
SSL_config
SSL_connect
SSL_copy_session_id
SSL_ct_is_enabled
SSL_ctrl
SSL_dane_clear_flags
SSL_dane_enable
SSL_dane_set_flags
SSL_dane_tlsa_add
SSL_do_handshake
SSL_dup
SSL_dup_CA_list
SSL_enable_ct
SSL_export_keying_material
SSL_export_keying_material_early
SSL_extension_supported
SSL_free
SSL_free_buffers
SSL_get0_CA_list
SSL_get0_alpn_selected
SSL_get0_dane
SSL_get0_dane_authority
SSL_get0_dane_tlsa
SSL_get0_next_proto_negotiated
SSL_get0_param
SSL_get0_peer_CA_list
SSL_get0_peer_certificate
SSL_get0_peer_scts
SSL_get0_peername
SSL_get0_security_ex_data
SSL_get0_verified_chain
SSL_get1_peer_certificate
SSL_get1_session
SSL_get1_supported_ciphers
SSL_get_SSL_CTX
SSL_get_all_async_fds
SSL_get_async_status
SSL_get_certificate
SSL_get_changed_async_fds
SSL_get_cipher_list
SSL_get_ciphers
SSL_get_client_CA_list
SSL_get_client_ciphers
SSL_get_client_random
SSL_get_current_cipher
SSL_get_current_compression
SSL_get_current_expansion
SSL_get_default_passwd_cb
SSL_get_default_passwd_cb_userdata
SSL_get_default_timeout
SSL_get_early_data_status
SSL_get_error
SSL_get_ex_data
SSL_get_ex_data_X509_STORE_CTX_idx
SSL_get_fd
SSL_get_finished
SSL_get_info_callback
SSL_get_key_update_type
SSL_get_max_early_data
SSL_get_num_tickets
SSL_get_options
SSL_get_peer_cert_chain
SSL_get_peer_finished
SSL_get_peer_signature_type_nid
SSL_get_pending_cipher
SSL_get_privatekey
SSL_get_psk_identity
SSL_get_psk_identity_hint
SSL_get_quiet_shutdown
SSL_get_rbio
SSL_get_read_ahead
SSL_get_record_padding_callback_arg
SSL_get_recv_max_early_data
SSL_get_rfd
SSL_get_security_callback
SSL_get_security_level
SSL_get_selected_srtp_profile
SSL_get_server_random
SSL_get_servername
SSL_get_servername_type
SSL_get_session
SSL_get_shared_ciphers
SSL_get_shared_sigalgs
SSL_get_shutdown
SSL_get_sigalgs
SSL_get_signature_type_nid
SSL_get_srp_N
SSL_get_srp_g
SSL_get_srp_userinfo
SSL_get_srp_username
SSL_get_srtp_profiles
SSL_get_ssl_method
SSL_get_state
SSL_get_verify_callback
SSL_get_verify_depth
SSL_get_verify_mode
SSL_get_verify_result
SSL_get_version
SSL_get_wbio
SSL_get_wfd
SSL_group_to_name
SSL_has_matching_session_id
SSL_has_pending
SSL_in_before
SSL_in_init
SSL_is_dtls
SSL_is_init_finished
SSL_is_server
SSL_key_update
SSL_load_client_CA_file
SSL_load_client_CA_file_ex
SSL_new
SSL_new_session_ticket
SSL_peek
SSL_peek_ex
SSL_pending
SSL_read
SSL_read_early_data
SSL_read_ex
SSL_renegotiate
SSL_renegotiate_abbreviated
SSL_renegotiate_pending
SSL_rstate_string
SSL_rstate_string_long
SSL_select_next_proto
SSL_sendfile
SSL_session_reused
SSL_set0_CA_list
SSL_set0_rbio
SSL_set0_security_ex_data
SSL_set0_tmp_dh_pkey
SSL_set0_wbio
SSL_set1_host
SSL_set1_param
SSL_set_SSL_CTX
SSL_set_accept_state
SSL_set_allow_early_data_cb
SSL_set_alpn_protos
SSL_set_async_callback
SSL_set_async_callback_arg
SSL_set_bio
SSL_set_block_padding
SSL_set_cert_cb
SSL_set_cipher_list
SSL_set_ciphersuites
SSL_set_client_CA_list
SSL_set_connect_state
SSL_set_ct_validation_callback
SSL_set_debug
SSL_set_default_passwd_cb
SSL_set_default_passwd_cb_userdata
SSL_set_default_read_buffer_len
SSL_set_ex_data
SSL_set_fd
SSL_set_generate_session_id
SSL_set_hostflags
SSL_set_info_callback
SSL_set_max_early_data
SSL_set_msg_callback
SSL_set_not_resumable_session_callback
SSL_set_num_tickets
SSL_set_options
SSL_set_post_handshake_auth
SSL_set_psk_client_callback
SSL_set_psk_find_session_callback
SSL_set_psk_server_callback
SSL_set_psk_use_session_callback
SSL_set_purpose
SSL_set_quiet_shutdown
SSL_set_read_ahead
SSL_set_record_padding_callback
SSL_set_record_padding_callback_arg
SSL_set_recv_max_early_data
SSL_set_rfd
SSL_set_security_callback
SSL_set_security_level
SSL_set_session
SSL_set_session_id_context
SSL_set_session_secret_cb
SSL_set_session_ticket_ext
SSL_set_session_ticket_ext_cb
SSL_set_shutdown
SSL_set_srp_server_param
SSL_set_srp_server_param_pw
SSL_set_ssl_method
SSL_set_tlsext_max_fragment_length
SSL_set_tlsext_use_srtp
SSL_set_tmp_dh_callback
SSL_set_trust
SSL_set_verify
SSL_set_verify_depth
SSL_set_verify_result
SSL_set_wfd
SSL_shutdown
SSL_srp_server_param_with_username
SSL_state_string
SSL_state_string_long
SSL_stateless
SSL_trace
SSL_up_ref
SSL_use_PrivateKey
SSL_use_PrivateKey_ASN1
SSL_use_PrivateKey_file
SSL_use_RSAPrivateKey
SSL_use_RSAPrivateKey_ASN1
SSL_use_RSAPrivateKey_file
SSL_use_cert_and_key
SSL_use_certificate
SSL_use_certificate_ASN1
SSL_use_certificate_chain_file
SSL_use_certificate_file
SSL_use_psk_identity_hint
SSL_verify_client_post_handshake
SSL_version
SSL_waiting_for_async
SSL_want

Sections

.text
Size: 723KB - Virtual size: 723KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 212KB - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 944B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
medcore.dll
.dll windows:4 windows x64 arch:x64

03b00ba8e01990221d5f80831c7b48e5

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:7b:2e:10:a0:d9:6c:4d:53:bd:1e:49:42:fc:ca:c9
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

24/06/2024, 00:00

Not After

22/06/2025, 23:59

Subject

SERIALNUMBER=110111-1138985,CN=AhnLab\, Inc.,O=AhnLab\, Inc.,L=Seongnam-si,ST=Gyeonggi-do,C=KR,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.1=#130b53656f6e676e616d2d7369,1.3.6.1.4.1.311.60.2.1.2=#130b4779656f6e6767692d646f,1.3.6.1.4.1.311.60.2.1.3=#13024b52

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0b:ae:66:bc:5a:ba:7f:95:87:c6:f9:e9:04:e3:33:04
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

26/09/2024, 00:00

Not After

25/11/2035, 23:59

Subject

CN=DigiCert Timestamp 2024,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

57:72:6a:98:19:76:ea:72:e8:53:53:fa:78:5c:a6:44:fd:96:00:0a:dc:25:11:0e:53:be:e2:10:e5:5e:a2:00
Signer

Actual PE Digest

57:72:6a:98:19:76:ea:72:e8:53:53:fa:78:5c:a6:44:fd:96:00:0a:dc:25:11:0e:53:be:e2:10:e5:5e:a2:00

Digest Algorithm

sha256

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Build\Project\Medicine\Engine\2.0_MainTrunk\building\build\Project\Medicine\Engine\2.0\Trunk\Build\AMD64\free\MeDCore.pdb

Imports

userenv

ExpandEnvironmentStringsForUserW

wininet

FindCloseUrlCache
FindNextUrlCacheEntryW
FindFirstUrlCacheEntryW

dnsapi

DnsRecordListFree
DnsQuery_W

crypt32

CertCloseStore
CertOpenStore
CertAddEncodedCertificateToStore
CertDeleteCertificateFromStore

rpcrt4

UuidCreateSequential

psapi

EnumProcesses
GetModuleFileNameExW

ws2_32

WSASetEvent
ntohs
shutdown
WSAIoctl
bind
listen
WSACloseEvent
inet_ntoa
WSAStartup
WSARecv
WSASend
WSACreateEvent
inet_addr
WSAGetLastError
htonl
getsockopt
__WSAFDIsSet
ntohl
htons
gethostbyname
recv
select
send
setsockopt
socket
closesocket
freeaddrinfo
getaddrinfo
ioctlsocket
connect
WSACleanup

kernel32

FreeLibrary
CloseHandle
lstrcpynW
CreateFileW
__C_specific_handler
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
GetFileSize
GetCurrentThreadId
GetTickCount
CreateMutexW
WideCharToMultiByte
GetPrivateProfileStringW
GetVersionExW
GetSystemDirectoryW
Sleep
DeviceIoControl
CreateEventW
CancelIo
ReadFile
WriteFile
SetFilePointer
SetEndOfFile
DeleteFileW
MoveFileW
GetFileAttributesW
SetFileAttributesW
GetFileTime
WaitForSingleObject
FindClose
RemoveDirectoryW
FindNextFileW
FindFirstFileW
GetFileInformationByHandle
MultiByteToWideChar
LeaveCriticalSection
GetSystemTimeAsFileTime
EnterCriticalSection
TerminateThread
GetModuleHandleW
InitializeCriticalSection
OutputDebugStringW
OutputDebugStringA
GetCurrentProcessId
GetLocalTime
ReleaseMutex
SetEvent
GetCurrentProcess
GetModuleFileNameW
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
WritePrivateProfileStringW
GetSystemInfo
OpenProcess
GetFileAttributesExW
WaitForMultipleObjects
ResetEvent
FileTimeToLocalFileTime
GetWindowsDirectoryA
FileTimeToDosDateTime
SystemTimeToFileTime
LoadLibraryExW
LocalFree
LoadLibraryW
OpenFileMappingW
SizeofResource
LockResource
LoadResource
FindResourceW
CreateDirectoryW
MoveFileExW
GetLogicalDrives
QueryPerformanceFrequency
QueryPerformanceCounter
GetSystemTime
GetModuleHandleExW
VerifyVersionInfoW
VerSetConditionMask
GetThreadContext
IsWow64Process
OpenThread
LocalAlloc
lstrcmpiW
GetModuleHandleA
GetVersion
lstrcmpW
ExpandEnvironmentStringsW
GetLongPathNameW
GetProcessTimes
CreateIoCompletionPort
GetQueuedCompletionStatus
TerminateProcess
GetExitCodeThread
PostQueuedCompletionStatus
SetLastError
LoadLibraryA
ReadProcessMemory
VirtualFreeEx
CreateRemoteThread
WriteProcessMemory
VirtualAllocEx
VirtualProtectEx
VirtualQueryEx
ConnectNamedPipe
CreateNamedPipeW
DisconnectNamedPipe
HeapFree
GetProcessHeap
WaitForMultipleObjectsEx
HeapAlloc
GetComputerNameA
CopyFileW
ReadDirectoryChangesW
GetVolumePathNamesForVolumeNameW
SetThreadPriority
GetCurrentThread
CopyFileExW
GetDiskFreeSpaceExW
CompareFileTime
SetFileTime
TryEnterCriticalSection
SetCurrentDirectoryW
GetCurrentDirectoryW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetProcAddress
lstrlenW
GetWindowsDirectoryW
QueryDosDeviceW
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
OpenMutexW
GetLastError
SuspendThread
SetThreadContext
FlushInstructionCache
VirtualProtect
VirtualQuery
LoadLibraryExA
GetEnvironmentVariableW
GetEnvironmentVariableA
GetExitCodeProcess
ExitProcess
CreateProcessW
CreateProcessA
ResumeThread
VirtualAlloc
VirtualFree
GetComputerNameW

user32

CharPrevA
CreateWindowExW
RegisterClassExW
CharUpperW
RegisterDeviceNotificationW
UnregisterClassW
PeekMessageW
TranslateMessage
DispatchMessageW
DestroyWindow
UnregisterDeviceNotification
DefWindowProcW
CharNextA

advapi32

RegCreateKeyExW
ConvertSidToStringSidW
CryptAcquireContextW
CryptCreateHash
CryptHashData
CryptGetHashParam
OpenSCManagerW
OpenServiceW
QueryServiceStatus
CloseServiceHandle
LookupAccountSidW
LookupPrivilegeValueW
AdjustTokenPrivileges
RegOpenCurrentUser
RevertToSelf
DuplicateTokenEx
ImpersonateLoggedOnUser
OpenProcessToken
GetTokenInformation
CryptDestroyHash
CryptReleaseContext
RegDeleteKeyW
AllocateAndInitializeSid
SetEntriesInAclW
FreeSid
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegEnumValueW
RegQueryInfoKeyW
RegEnumKeyExW
RegSetValueExW
RegOpenKeyExW
RegQueryValueExW
RegDeleteValueW
RegCloseKey
LookupAccountNameW
GetNamedSecurityInfoW
InitializeSecurityDescriptor
GetSecurityDescriptorDacl
GetAclInformation
GetLengthSid
InitializeAcl
GetAce
EqualSid
AddAce
AddAccessAllowedAceEx
SetSecurityDescriptorDacl
GetSecurityDescriptorControl
SetSecurityDescriptorControl
SetFileSecurityW
GetSecurityDescriptorSacl
SetSecurityDescriptorSacl

shell32

SHFileOperationW
SHGetFolderPathW
ord680
SHCreateDirectoryExW

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

shlwapi

UrlGetPartW
UrlGetPartA
StrStrIA
PathUnExpandEnvStringsW
PathFileExistsW

iphlpapi

GetAdaptersInfo
GetBestInterface

msvcrt

ispunct
isprint
isgraph
isalnum
isupper
toupper
_wsplitpath
strtol
_strtoui64
strtod
ftell
fseek
fread
fopen
fflush
wcsncat
fwrite
_isnan
_finite
sprintf
floor
ceil
??0exception@@QEAA@AEBV0@@Z
_CxxThrowException
??1exception@@UEAA@XZ
iscntrl
fmod
realloc
_wsopen
_close
strncat
_read
_write
_get_osfhandle
_commit
_ismbblead
_mbschr
_msize
_mbsnbicmp
_mbspbrk
strpbrk
__dllonexit
_onexit
??1type_info@@UEAA@XZ
_initterm
?terminate@@YAXXZ
isalpha
??2@YAPEAX_K@Z
_stricmp
tolower
memmove
atoi
_wcsdup
??3@YAXPEAX@Z
_snwprintf
_snprintf
qsort
atol
_errno
wcsncpy
_strnicmp
_wfopen
fgetws
swscanf
fclose
abs
srand
rand
_wgetenv
wcsncmp
__CxxFrameHandler
strrchr
wcstombs
wcstoul
_wcstoui64
strncpy
time
_wcsicmp
strcmp
_wcslwr
wcschr
sscanf
wcsstr
isxdigit
islower
isspace
??0exception@@QEAA@XZ
isdigit
strncmp
mbstowcs
wcsrchr
wcstok
_wtoi
_vsnprintf
memset
strchr
memcmp
strlen
wcscmp
_vsnwprintf
wcslen
_wcsnicmp
strstr
malloc
memcpy
calloc
free
_endthreadex
_lseek
_beginthreadex
_purecall
_wcsupr
_strlwr
_ultoa

msvcp60

?seekg@?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV12@V?$fpos@H@2@@Z
?read@?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV12@PEAG_J@Z
?gcount@?$basic_istream@GU?$char_traits@G@std@@@std@@QEBA_JXZ
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@_JW4seekdir@ios_base@2@@Z
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@V?$fpos@H@2@@Z
?eof@ios_base@std@@QEBA_NXZ
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEAD_J@Z
?gcount@?$basic_istream@DU?$char_traits@D@std@@@std@@QEBA_JXZ
?bad@ios_base@std@@QEBA_NXZ
?tellg@?$basic_istream@GU?$char_traits@G@std@@@std@@QEAA?AV?$fpos@H@2@XZ
?clear@?$basic_ios@GU?$char_traits@G@std@@@std@@QEAAXH_N@Z
?fail@ios_base@std@@QEBA_NXZ
?tellg@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA?AV?$fpos@H@2@XZ
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QEAA@PEBD_KAEBV?$allocator@D@1@@Z
??0bad_alloc@std@@QEAA@PEBD@Z
??1bad_alloc@std@@UEAA@XZ
??0bad_alloc@std@@QEAA@AEBV01@@Z
?size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QEBA_KXZ
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QEBAPEBDXZ
?size@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QEBA_KXZ
?c_str@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QEBAPEBGXZ
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEBD_J@Z
?write@?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV12@PEBG_J@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QEAA@AEBV?$allocator@G@1@@Z
?resize@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QEAAX_K@Z
??A?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QEAAAEAG_K@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QEAA@AEBV01@@Z
??1?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QEAA@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QEAA@AEBV?$allocator@D@1@@Z
?resize@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QEAAX_K@Z
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QEAAAEAD_K@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QEAA@AEBV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QEAA@XZ
??1_Winit@std@@QEAA@XZ
??1Init@ios_base@std@@QEAA@XZ
??0_Winit@std@@QEAA@XZ
??0Init@ios_base@std@@QEAA@XZ
??0_Lockit@std@@QEAA@XZ
??1_Lockit@std@@QEAA@XZ
?seekg@?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV12@_JW4seekdir@ios_base@2@@Z

Exports

Exports

MeDCleanFile
MeDCleanFileEx
MeDCreateHandle
MeDDestroyHandle
MeDFinalize
MeDGet
MeDGetCleanStatus
MeDGetCleanStatusEx
MeDGetVirusInfo
MeDInitialize
MeDInitializeEx
MeDScanFile
MeDScanFileEx
MeDScanIp
MeDScanUrl
MeDSet
MeDSubmitFile

Sections

.text
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 277KB - Virtual size: 277KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 745KB - Virtual size: 814KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.detourc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.detourd
Size: 512B - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
medcored.sys
.sys windows:6 windows x64 arch:x64

a48bc2e573c5ec0a36adfd09ba4b63fb

Code Sign

33:00:00:00:68:64:82:c2:f9:11:1a:c8:76:00:00:00:00:00:68
Certificate

Issuer

CN=Microsoft Windows Third Party Component CA 2014,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

11/01/2024, 20:09

Not After

10/01/2025, 20:09

Subject

CN=Microsoft Windows Hardware Compatibility Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

33:00:00:00:0d:69:0d:5d:78:93:d0:76:df:00:00:00:00:00:0d
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

15/10/2014, 20:31

Not After

15/10/2029, 20:41

Subject

CN=Microsoft Windows Third Party Component CA 2014,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:7b:2e:10:a0:d9:6c:4d:53:bd:1e:49:42:fc:ca:c9
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

24/06/2024, 00:00

Not After

22/06/2025, 23:59

Subject

SERIALNUMBER=110111-1138985,CN=AhnLab\, Inc.,O=AhnLab\, Inc.,L=Seongnam-si,ST=Gyeonggi-do,C=KR,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.1=#130b53656f6e676e616d2d7369,1.3.6.1.4.1.311.60.2.1.2=#130b4779656f6e6767692d646f,1.3.6.1.4.1.311.60.2.1.3=#13024b52

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0b:ae:66:bc:5a:ba:7f:95:87:c6:f9:e9:04:e3:33:04
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

26/09/2024, 00:00

Not After

25/11/2035, 23:59

Subject

CN=DigiCert Timestamp 2024,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

c2:4f:65:23:34:58:e5:fe:48:f1:16:6a:ef:96:3a:c7:9b:5a:d6:ff:24:10:79:9a:e1:fe:eb:11:7b:d4:bf:ac
Signer

Actual PE Digest

c2:4f:65:23:34:58:e5:fe:48:f1:16:6a:ef:96:3a:c7:9b:5a:d6:ff:24:10:79:9a:e1:fe:eb:11:7b:d4:bf:ac

Digest Algorithm

sha256

PE Digest Matches

true

c2:4f:65:23:34:58:e5:fe:48:f1:16:6a:ef:96:3a:c7:9b:5a:d6:ff:24:10:79:9a:e1:fe:eb:11:7b:d4:bf:ac
Signer

Actual PE Digest

c2:4f:65:23:34:58:e5:fe:48:f1:16:6a:ef:96:3a:c7:9b:5a:d6:ff:24:10:79:9a:e1:fe:eb:11:7b:d4:bf:ac

Digest Algorithm

sha256

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

c:\build\project\medicine\engine\2.0_maintrunk\building\build\project\medicine\engine\2.0\trunk\src\medcored\amd64\MeDCoreD.pdb

Imports

ntoskrnl.exe

wcsncpy
ExAllocatePool
PsGetCurrentThreadId
_wcslwr
ZwOpenSection
wcschr
PsGetCurrentProcessId
RtlTimeToTimeFields
isxdigit
ZwFsControlFile
strchr
ExAcquireResourceSharedLite
ExInitializePagedLookasideList
_wcsicmp
KeEnterCriticalRegion
IoGetCurrentProcess
ObfDereferenceObject
ExpInterlockedPushEntrySList
DbgPrint
ExAcquireResourceExclusiveLite
ZwEnumerateKey
strncat
ZwCreateSection
RtlLengthSid
MmMapViewInSystemSpace
PsGetVersion
_strlwr
ExReleaseResourceLite
IoCreateSynchronizationEvent
_strnicmp
KeInitializeEvent
KeReleaseMutex
isspace
KeQueryTimeIncrement
mbstowcs
IofCallDriver
ZwEnumerateValueKey
ExInitializeResourceLite
ExAllocatePoolWithTag
ZwClose
wcsncmp
wcstombs
ZwOpenKey
islower
ZwDeleteValueKey
ObQueryNameString
isdigit
ExQueryDepthSList
ZwSetValueKey
IoFileObjectType
_wcsnicmp
KeInitializeTimerEx
ZwCreateFile
MmUnmapViewInSystemSpace
ZwQueryInformationToken
IoBuildDeviceIoControlRequest
wcsrchr
ZwCreateKey
wcsstr
ZwQueryInformationFile
wcsncat
ExFreePoolWithTag
ZwQueryVolumeInformationFile
ExDeletePagedLookasideList
strrchr
ObReferenceObjectByHandle
strstr
ExpInterlockedPopEntrySList
ExDeleteResourceLite
ExSystemTimeToLocalTime
KeLeaveCriticalRegion
KeWaitForSingleObject
IoGetRelatedDeviceObject
strncmp
RtlInitUnicodeString
ZwQueryValueKey
RtlEqualUnicodeString
KeSetEvent
ZwReadFile
_stricmp
MmGetSystemRoutineAddress
KeStackAttachProcess
ExDeleteNPagedLookasideList
ZwOpenThreadToken
ZwQuerySystemInformation
KeReleaseSpinLock
KeAcquireSpinLockRaiseToDpc
RtlCompareUnicodeString
ZwOpenProcessToken
ZwOpenProcess
ZwOpenSymbolicLinkObject
ExInitializeNPagedLookasideList
KeUnstackDetachProcess
RtlVerifyVersionInfo
ZwSetInformationFile
VerSetConditionMask
ZwQueryInformationProcess
KeDelayExecutionThread
strncpy
PsLookupProcessByProcessId
ZwQuerySymbolicLinkObject
MmIsAddressValid
RtlFindUnicodePrefix
ExReleaseFastMutex
ExAcquireFastMutex
FsRtlIsNameInExpression
RtlInsertUnicodePrefix
RtlRemoveUnicodePrefix
RtlInitializeUnicodePrefix
IoCreateSymbolicLink
IoCreateDevice
IoDeleteSymbolicLink
IoDeleteDevice
IofCompleteRequest
_snwprintf
_snprintf
MmHighestUserAddress
IoGetDeviceObjectPointer
ExGetPreviousMode
PsIsThreadTerminating
RtlCompareMemory
RtlLookupElementGenericTable
RtlGetElementGenericTable
RtlInitializeGenericTable
RtlInsertElementGenericTable
RtlDeleteElementGenericTable
KeAcquireInStackQueuedSpinLock
KeReleaseInStackQueuedSpinLock
KeBugCheckEx
_wcsupr
ZwDeleteKey
KeInitializeMutex
RtlAnsiCharToUnicodeChar
RtlUnicodeToMultiByteN
RtlQueryRegistryValues
IoSetThreadHardErrorMode
ZwWriteFile
ExQueueWorkItem
__C_specific_handler

fltmgr.sys

FltUnregisterFilter
FltRegisterFilter

Sections

.text
Size: 919KB - Virtual size: 918KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 944B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
medext.dll
.dll windows:4 windows x64 arch:x64

9a53b483dc6ee31e42aafb29d14d89e9

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:7b:2e:10:a0:d9:6c:4d:53:bd:1e:49:42:fc:ca:c9
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

24/06/2024, 00:00

Not After

22/06/2025, 23:59

Subject

SERIALNUMBER=110111-1138985,CN=AhnLab\, Inc.,O=AhnLab\, Inc.,L=Seongnam-si,ST=Gyeonggi-do,C=KR,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.1=#130b53656f6e676e616d2d7369,1.3.6.1.4.1.311.60.2.1.2=#130b4779656f6e6767692d646f,1.3.6.1.4.1.311.60.2.1.3=#13024b52

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0b:ae:66:bc:5a:ba:7f:95:87:c6:f9:e9:04:e3:33:04
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

26/09/2024, 00:00

Not After

25/11/2035, 23:59

Subject

CN=DigiCert Timestamp 2024,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

34:e6:60:11:db:ab:c1:cf:01:76:6e:4b:f2:a5:3f:e5:b0:07:3b:92:01:2a:92:b4:21:6f:50:77:5d:9e:d2:fc
Signer

Actual PE Digest

34:e6:60:11:db:ab:c1:cf:01:76:6e:4b:f2:a5:3f:e5:b0:07:3b:92:01:2a:92:b4:21:6f:50:77:5d:9e:d2:fc

Digest Algorithm

sha256

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Build\Project\Medicine\Engine\2.0_MainTrunk\building\build\Project\Medicine\Engine\2.0\Trunk\Build\AMD64\free\MeDExt.pdb

Imports

kernel32

LoadLibraryA
HeapCompact
HeapValidate
HeapSize
HeapReAlloc
HeapFree
HeapDestroy
HeapCreate
HeapAlloc
GetVersionExW
GetVersionExA
GetTickCount
GetTempPathW
GetTempPathA
GetSystemTimeAsFileTime
GetSystemTime
GetSystemInfo
GetFullPathNameW
GetFullPathNameA
GetFileSize
GetFileAttributesExW
GetFileAttributesW
GetFileAttributesA
GetDiskFreeSpaceW
GetDiskFreeSpaceA
GetCurrentProcessId
FreeLibrary
FormatMessageW
FormatMessageA
FlushFileBuffers
DeleteFileW
DeleteFileA
CreateMutexW
CreateFileMappingW
CreateFileMappingA
CreateFileW
CreateFileA
AreFileApisANSI
LoadLibraryW
GetCurrentThreadId
CreateEventW
__C_specific_handler
GetModuleFileNameW
DeviceIoControl
CancelIo
MoveFileW
SetFileAttributesW
GetFileTime
FindClose
RemoveDirectoryW
FindNextFileW
FindFirstFileW
GetFileInformationByHandle
GetLocalTime
ReleaseMutex
SetEvent
GetCurrentProcess
lstrcmpiW
GetModuleHandleA
GetVersion
lstrlenW
lstrcmpW
LocalAlloc
GetSystemDirectoryW
GetShortPathNameW
OpenMutexW
lstrlenA
lstrcmpA
InitializeSListHead
InterlockedPushEntrySList
InterlockedPopEntrySList
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
LocalFree
LockFile
LockFileEx
MapViewOfFile
MultiByteToWideChar
QueryPerformanceCounter
ReadFile
SetEndOfFile
SetFilePointer
Sleep
SystemTimeToFileTime
UnlockFile
UnlockFileEx
UnmapViewOfFile
WideCharToMultiByte
WriteFile
WaitForSingleObject
WaitForSingleObjectEx
OutputDebugStringA
OutputDebugStringW
GetProcessHeap
FlushViewOfFile
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetModuleHandleW
GetProcAddress
GetLastError
TryEnterCriticalSection
CloseHandle
SetLastError
CreateSemaphoreW
ReleaseSemaphore
WaitForMultipleObjects
ResetEvent
GetStdHandle
WriteConsoleW
GetFileSizeEx

advapi32

RegDeleteKeyW
EnumServicesStatusW
LockServiceDatabase
UnlockServiceDatabase
QueryServiceConfigW
RegOpenKeyA
RegQueryValueExA
RegOpenKeyW
AllocateAndInitializeSid
SetEntriesInAclW
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
FreeSid
ConvertStringSecurityDescriptorToSecurityDescriptorW
ControlService
StartServiceW
DeleteService
CreateServiceW
RegCreateKeyExW
QueryServiceStatus
OpenSCManagerW
OpenServiceW
ChangeServiceConfigW
CloseServiceHandle
RegOpenKeyExW
RegQueryValueExW
RegDeleteValueW
RegSetValueExW
RegCloseKey
RegEnumKeyExW

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

msvcrt

memcmp
memmove
strncmp
_beginthreadex
_endthreadex
strcspn
fabs
strspn
strrchr
_lrotr
_lrotl
wcscmp
__CxxFrameHandler
??3@YAXPEAX@Z
??2@YAPEAX_K@Z
_wcsicmp
wcsncat
wcsrchr
_vsnprintf
memcpy
wcsstr
?_set_se_translator@@YAP6AXIPEAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
_CxxThrowException
swprintf
_wmakepath
_wsplitpath
wprintf
wcschr
_wcsupr
_initterm
??1type_info@@UEAA@XZ
__dllonexit
_onexit
?terminate@@YAXXZ
localtime
memset
wcslen
_vsnwprintf
strlen
realloc
free
_msize
malloc
wcsncmp
strcmp

user32

PostMessageW
IsWindow

Exports

Exports

MeDExtFinalize
MeDExtGet
MeDExtInitialize
MeDExtSet

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 158KB - Virtual size: 158KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 50KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
medvpdrv.sys
.sys windows:6 windows x64 arch:x64

46e91ec97746b99076f9ac8385d31df2

Code Sign

33:00:00:00:68:64:82:c2:f9:11:1a:c8:76:00:00:00:00:00:68
Certificate

Issuer

CN=Microsoft Windows Third Party Component CA 2014,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

11/01/2024, 20:09

Not After

10/01/2025, 20:09

Subject

CN=Microsoft Windows Hardware Compatibility Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

33:00:00:00:0d:69:0d:5d:78:93:d0:76:df:00:00:00:00:00:0d
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

15/10/2014, 20:31

Not After

15/10/2029, 20:41

Subject

CN=Microsoft Windows Third Party Component CA 2014,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:7b:2e:10:a0:d9:6c:4d:53:bd:1e:49:42:fc:ca:c9
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

24/06/2024, 00:00

Not After

22/06/2025, 23:59

Subject

SERIALNUMBER=110111-1138985,CN=AhnLab\, Inc.,O=AhnLab\, Inc.,L=Seongnam-si,ST=Gyeonggi-do,C=KR,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.1=#130b53656f6e676e616d2d7369,1.3.6.1.4.1.311.60.2.1.2=#130b4779656f6e6767692d646f,1.3.6.1.4.1.311.60.2.1.3=#13024b52

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0b:ae:66:bc:5a:ba:7f:95:87:c6:f9:e9:04:e3:33:04
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

26/09/2024, 00:00

Not After

25/11/2035, 23:59

Subject

CN=DigiCert Timestamp 2024,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

50:df:a1:63:77:ea:e6:1f:6c:b4:41:6d:4d:ce:2f:b0:65:2f:b9:8f:0c:39:9d:34:3d:17:a4:4c:a5:0b:42:f7
Signer

Actual PE Digest

50:df:a1:63:77:ea:e6:1f:6c:b4:41:6d:4d:ce:2f:b0:65:2f:b9:8f:0c:39:9d:34:3d:17:a4:4c:a5:0b:42:f7

Digest Algorithm

sha256

PE Digest Matches

true

50:df:a1:63:77:ea:e6:1f:6c:b4:41:6d:4d:ce:2f:b0:65:2f:b9:8f:0c:39:9d:34:3d:17:a4:4c:a5:0b:42:f7
Signer

Actual PE Digest

50:df:a1:63:77:ea:e6:1f:6c:b4:41:6d:4d:ce:2f:b0:65:2f:b9:8f:0c:39:9d:34:3d:17:a4:4c:a5:0b:42:f7

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_FORCE_INTEGRITY

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

c:\build\project\medicine\engine\2.0_maintrunk\building\build\project\medicine\engine\2.0\trunk\src\medvpdrv\amd64\MeDVpDrv.pdb

Imports

ntoskrnl.exe

ExInitializeNPagedLookasideList
_stricmp
KeDelayExecutionThread
KeInitializeEvent
RtlFreeUnicodeString
ObReferenceObjectByHandle
ObOpenObjectByPointer
_wcsicmp
ObQueryNameString
VerSetConditionMask
KeWaitForSingleObject
IoFileObjectType
ZwCreateFile
PsGetCurrentThreadId
ExAcquireResourceExclusiveLite
PsGetCurrentProcessId
wcsrchr
wcsstr
DbgPrint
_strnicmp
MmIsAddressValid
KeStackAttachProcess
PsLookupProcessByProcessId
RtlTimeToTimeFields
ZwQuerySystemInformation
ObfDereferenceObject
ExDeleteNPagedLookasideList
ExAllocatePoolWithTag
MmMapLockedPagesSpecifyCache
IoGetDeviceObjectPointer
ZwEnumerateKey
ZwQuerySymbolicLinkObject
wcsncat
ExSystemTimeToLocalTime
PsProcessType
KeReleaseSpinLock
ZwQueryValueKey
PsGetVersion
RtlLengthSid
_wcsnicmp
ZwOpenThreadToken
ExInitializeResourceLite
PsThreadType
ExAllocatePool
ZwCreateEvent
ZwReadFile
ExpInterlockedPopEntrySList
wcsncmp
IofCallDriver
RtlCompareUnicodeString
IoBuildDeviceIoControlRequest
ZwOpenProcessToken
wcstombs
ZwOpenKey
ExAcquireResourceSharedLite
RtlEqualUnicodeString
ExFreePoolWithTag
IoGetCurrentProcess
ZwOpenProcess
KeAcquireSpinLockRaiseToDpc
IoGetRelatedDeviceObject
ZwOpenSymbolicLinkObject
KeResetEvent
RtlInitUnicodeString
KeInitializeTimerEx
ExReleaseResourceLite
KeSetEvent
KeUnstackDetachProcess
ZwQueryInformationToken
KeReadStateEvent
wcsncpy
RtlVerifyVersionInfo
ZwQueryInformationProcess
ZwQueryInformationFile
ZwClose
KeEnterCriticalRegion
KeInitializeMutex
strrchr
ExpInterlockedPushEntrySList
KeLeaveCriticalRegion
ZwSetInformationFile
ExDeleteResourceLite
RtlAnsiStringToUnicodeString
IoCreateSynchronizationEvent
ExQueryDepthSList
MmGetSystemRoutineAddress
IofCompleteRequest
IoCreateSymbolicLink
IoCreateDevice
IoDeleteSymbolicLink
IoDeleteDevice
KeInitializeApc
PsLookupThreadByThreadId
ExGetPreviousMode
KeInsertQueueApc
PsSetCreateThreadNotifyRoutine
RtlWalkFrameChain
MmHighestUserAddress
ExReleaseFastMutex
PsSetCreateProcessNotifyRoutine
ObfReferenceObject
ExAcquireFastMutex
PsSetLoadImageNotifyRoutine
RtlCopyLuid
RtlCompareMemory
IoReadPartitionTable
IoBuildSynchronousFsdRequest
IoGetAttachedDeviceReference
PsIsThreadTerminating
ExInitializePagedLookasideList
ProbeForRead
ExDeletePagedLookasideList
RtlCopyUnicodeString
IoQueueWorkItem
strchr
IoFreeWorkItem
ExInterlockedInsertTailList
IoAllocateWorkItem
_wcslwr
KeCancelTimer
KeWaitForMultipleObjects
KeSetTimerEx
PsCreateSystemThread
PsTerminateSystemThread
RtlDowncaseUnicodeString
strncmp
KeDetachProcess
KeAttachProcess
toupper
IoGetStackLimits
RtlUpcaseUnicodeString
FsRtlIsNameInExpression
FsRtlIsNtstatusExpected
RtlIsNameLegalDOS8Dot3
RtlUpcaseUnicodeChar
RtlAppendUnicodeStringToString
PsInitialSystemProcess
RtlSubAuthoritySid
KeReleaseInStackQueuedSpinLock
KeAcquireInStackQueuedSpinLock
ZwQueryDirectoryFile
ZwDeleteFile
ZwWriteFile
RtlInsertUnicodePrefix
RtlRemoveUnicodePrefix
RtlInitializeUnicodePrefix
RtlNextUnicodePrefix
RtlFindUnicodePrefix
KeBugCheckEx
KeReleaseMutex
KeQueryTimeIncrement
wcschr
RtlAnsiCharToUnicodeChar
RtlUnicodeToMultiByteN
MmUserProbeAddress
ZwFreeVirtualMemory
ZwDuplicateObject
ZwAllocateVirtualMemory
ZwQuerySecurityObject
PsGetProcessExitProcessCalled
ZwSetSecurityObject
PsGetProcessPeb
strstr
_strupr
ZwLoadDriver
__C_specific_handler

fltmgr.sys

FltRegisterFilter
FltUnregisterFilter

Sections

.text
Size: 650KB - Virtual size: 650KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 145KB - Virtual size: 247KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 944B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
medvphkd.sys
.sys windows:5 windows x64 arch:x64

3cebe7836df9cae5363bf60a6fc7da1a

Code Sign

33:00:00:00:68:64:82:c2:f9:11:1a:c8:76:00:00:00:00:00:68
Certificate

Issuer

CN=Microsoft Windows Third Party Component CA 2014,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

11/01/2024, 20:09

Not After

10/01/2025, 20:09

Subject

CN=Microsoft Windows Hardware Compatibility Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

33:00:00:00:0d:69:0d:5d:78:93:d0:76:df:00:00:00:00:00:0d
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

15/10/2014, 20:31

Not After

15/10/2029, 20:41

Subject

CN=Microsoft Windows Third Party Component CA 2014,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:eb:98:08:f9:4a:36:6f:2c:44:5d:4a:d6:62:85:1b
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

24/06/2024, 00:00

Not After

22/06/2025, 23:59

Subject

SERIALNUMBER=110111-1138985,CN=AhnLab\, Inc.,O=AhnLab\, Inc.,L=Seongnam-si,ST=Gyeonggi-do,C=KR,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.1=#130b53656f6e676e616d2d7369,1.3.6.1.4.1.311.60.2.1.2=#130b4779656f6e6767692d646f,1.3.6.1.4.1.311.60.2.1.3=#13024b52

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0b:ae:66:bc:5a:ba:7f:95:87:c6:f9:e9:04:e3:33:04
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

26/09/2024, 00:00

Not After

25/11/2035, 23:59

Subject

CN=DigiCert Timestamp 2024,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

a9:32:53:9f:70:7e:3c:6c:ef:6e:93:17:85:9b:9f:fb:f0:92:79:35:64:2f:3b:92:50:9d:2f:d9:6e:5a:6e:9e
Signer

Actual PE Digest

a9:32:53:9f:70:7e:3c:6c:ef:6e:93:17:85:9b:9f:fb:f0:92:79:35:64:2f:3b:92:50:9d:2f:d9:6e:5a:6e:9e

Digest Algorithm

sha256

PE Digest Matches

true

a9:32:53:9f:70:7e:3c:6c:ef:6e:93:17:85:9b:9f:fb:f0:92:79:35:64:2f:3b:92:50:9d:2f:d9:6e:5a:6e:9e
Signer

Actual PE Digest

a9:32:53:9f:70:7e:3c:6c:ef:6e:93:17:85:9b:9f:fb:f0:92:79:35:64:2f:3b:92:50:9d:2f:d9:6e:5a:6e:9e

Digest Algorithm

sha256

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

c:\build\project\medicine\engine\2.0_maintrunk\building\build\project\medicine\engine\2.0\trunk\src\medvphkd\amd64\MeDVpHkD.pdb

Imports

ntoskrnl.exe

KeBugCheckEx

Sections

.text
Size: 1024B - Virtual size: 704B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 512B - Virtual size: 198B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 86B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
medvphku.dll
.dll windows:4 windows x64 arch:x64

2205a2d50eb7c925a548ffaba2df4816

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:eb:98:08:f9:4a:36:6f:2c:44:5d:4a:d6:62:85:1b
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

24/06/2024, 00:00

Not After

22/06/2025, 23:59

Subject

SERIALNUMBER=110111-1138985,CN=AhnLab\, Inc.,O=AhnLab\, Inc.,L=Seongnam-si,ST=Gyeonggi-do,C=KR,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.1=#130b53656f6e676e616d2d7369,1.3.6.1.4.1.311.60.2.1.2=#130b4779656f6e6767692d646f,1.3.6.1.4.1.311.60.2.1.3=#13024b52

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0b:ae:66:bc:5a:ba:7f:95:87:c6:f9:e9:04:e3:33:04
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

26/09/2024, 00:00

Not After

25/11/2035, 23:59

Subject

CN=DigiCert Timestamp 2024,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

ce:1d:49:3f:e7:d3:78:2c:da:4e:7c:3a:8b:77:0d:7c:86:44:25:d4:52:a3:4a:e6:4f:b6:6e:32:2c:39:6e:00
Signer

Actual PE Digest

ce:1d:49:3f:e7:d3:78:2c:da:4e:7c:3a:8b:77:0d:7c:86:44:25:d4:52:a3:4a:e6:4f:b6:6e:32:2c:39:6e:00

Digest Algorithm

sha256

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Build\Project\Medicine\Engine\2.0_MainTrunk\building\build\Project\Medicine\Engine\2.0\Trunk\Build\AMD64\Free\MeDVpHkU.pdb

Imports

kernel32

FileTimeToSystemTime
SystemTimeToFileTime
GetSystemTime
VirtualQuery
LeaveCriticalSection
EnterCriticalSection
GetCurrentProcess
__C_specific_handler
DuplicateHandle
GetProcessId
GetProcAddress
GetModuleHandleA
VirtualAlloc
CompareStringW
GetThreadLocale
GlobalGetAtomNameW
GetModuleFileNameW
CompareStringA
GlobalGetAtomNameA
GetThreadContext
CloseHandle
OpenProcess
GetSystemWindowsDirectoryW
GetTempPathW
GetFileAttributesW
LocalFree
GetCommandLineW
GetFileSize
GetSystemTimeAsFileTime
GetFileInformationByHandle
CreateFileW
Sleep
DeviceIoControl
CreateEventW
CancelIo
ReadFile
WriteFile
SetFilePointer
SetEndOfFile
DeleteFileW
SetSystemTime
SetFileAttributesW
GetFileTime
WaitForSingleObject
FindClose
RemoveDirectoryW
FindNextFileW
FindFirstFileW
OutputDebugStringW
OutputDebugStringA
GetLocalTime
WideCharToMultiByte
ReleaseMutex
SetEvent
CreateMutexW
LoadLibraryA
FreeLibrary
InitializeCriticalSection
DeleteCriticalSection
VirtualFree
SetNamedPipeHandleState
WaitNamedPipeW
VirtualProtectEx
InitializeCriticalSectionAndSpinCount
GetComputerNameA
VerSetConditionMask
HeapFree
HeapAlloc
GetProcessHeap
GetCurrentDirectoryW
QueryPerformanceCounter
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
FlushFileBuffers
GetTickCount
MultiByteToWideChar
SetLastError
GetModuleHandleW
GetEnvironmentVariableW
GetLastError
TlsGetValue
TlsFree
TlsAlloc
TlsSetValue
GetCurrentProcessId
MoveFileW
GetCurrentThreadId
GetSystemInfo
SetStdHandle
IsBadCodePtr
IsBadWritePtr
IsBadReadPtr
RtlPcToFileHeader
GetOEMCP
GetACP
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
GetCPInfo
LCMapStringW
LCMapStringA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
VirtualProtect
ResumeThread
FlushInstructionCache
SetThreadContext
SuspendThread
GetCurrentThread
VirtualQueryEx
LoadLibraryExW
LoadLibraryExA
RtlUnwindEx
GetCommandLineA
GetVersionExA
HeapSetInformation
HeapCreate
HeapDestroy
RaiseException
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA

psapi

GetModuleFileNameExW
GetModuleInformation
EnumProcessModules

advapi32

SetSecurityDescriptorSacl
AllocateAndInitializeSid
SetEntriesInAclW
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
FreeSid
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
IsTextUnicode
GetSecurityDescriptorSacl

user32

GetWindowThreadProcessId
ToUnicode
GetSystemMetrics

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

ws2_32

WSASetLastError
htons
getsockopt
inet_ntoa

oleaut32

SysAllocString
SysFreeString

shell32

CommandLineToArgvW

ole32

StringFromGUID2
CoTaskMemFree
StringFromCLSID

shlwapi

PathIsNetworkPathW

Exports

Exports

1

Sections

.text
Size: 312KB - Virtual size: 311KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 43KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.detourc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.detourd
Size: 512B - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.UPX0
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
medvphkuw6.dll
.dll windows:4 windows x86 arch:x86

577b7298b422298c03c83e7269517b5c

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:eb:98:08:f9:4a:36:6f:2c:44:5d:4a:d6:62:85:1b
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

24/06/2024, 00:00

Not After

22/06/2025, 23:59

Subject

SERIALNUMBER=110111-1138985,CN=AhnLab\, Inc.,O=AhnLab\, Inc.,L=Seongnam-si,ST=Gyeonggi-do,C=KR,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.1=#130b53656f6e676e616d2d7369,1.3.6.1.4.1.311.60.2.1.2=#130b4779656f6e6767692d646f,1.3.6.1.4.1.311.60.2.1.3=#13024b52

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0b:ae:66:bc:5a:ba:7f:95:87:c6:f9:e9:04:e3:33:04
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

26/09/2024, 00:00

Not After

25/11/2035, 23:59

Subject

CN=DigiCert Timestamp 2024,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

e1:1c:b5:1a:24:f0:d4:80:c7:35:3c:f0:a4:3f:97:31:e6:1c:ce:cb:97:9d:fd:6c:25:4e:88:be:d6:7f:2f:bb
Signer

Actual PE Digest

e1:1c:b5:1a:24:f0:d4:80:c7:35:3c:f0:a4:3f:97:31:e6:1c:ce:cb:97:9d:fd:6c:25:4e:88:be:d6:7f:2f:bb

Digest Algorithm

sha256

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetSystemTime
FileTimeToSystemTime
SystemTimeToFileTime
GetSystemTime
VirtualQuery
LeaveCriticalSection
EnterCriticalSection
GetCurrentProcess
DuplicateHandle
GetProcessId
GetProcAddress
GetModuleHandleA
VirtualAlloc
CompareStringW
GetThreadLocale
GlobalGetAtomNameW
GetModuleFileNameW
CompareStringA
GlobalGetAtomNameA
InterlockedExchange
GetThreadContext
CloseHandle
OpenProcess
GetSystemWindowsDirectoryW
GetTempPathW
GetFileAttributesW
LocalFree
GetCommandLineW
GetFileSize
GetSystemTimeAsFileTime
GetFileInformationByHandle
CreateFileW
Sleep
DeviceIoControl
CreateEventW
CancelIo
ReadFile
WriteFile
SetFilePointer
InterlockedIncrement
DeleteFileW
MoveFileW
SetFileAttributesW
GetFileTime
WaitForSingleObject
FindClose
RemoveDirectoryW
FindNextFileW
FindFirstFileW
OutputDebugStringW
OutputDebugStringA
GetLocalTime
WideCharToMultiByte
ReleaseMutex
SetEvent
InterlockedDecrement
CreateMutexW
LoadLibraryA
InterlockedCompareExchange
FreeLibrary
InitializeCriticalSection
DeleteCriticalSection
VirtualFree
SetNamedPipeHandleState
WaitNamedPipeW
VirtualProtectEx
InitializeCriticalSectionAndSpinCount
GetComputerNameA
VerSetConditionMask
HeapFree
HeapAlloc
GetProcessHeap
GetCurrentDirectoryW
FlushFileBuffers
GetCurrentThreadId
GetTickCount
MultiByteToWideChar
SetLastError
GetModuleHandleW
GetEnvironmentVariableW
GetLastError
TlsGetValue
TlsFree
TlsAlloc
TlsSetValue
GetCurrentProcessId
SetEndOfFile
GetStringTypeW
GetStringTypeA
SetStdHandle
GetOEMCP
GetACP
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
LCMapStringW
LCMapStringA
GetCPInfo
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
TerminateProcess
VirtualProtect
ResumeThread
FlushInstructionCache
SetThreadContext
SuspendThread
GetCurrentThread
VirtualQueryEx
LoadLibraryExW
LoadLibraryExA
RtlUnwind
GetCommandLineA
GetVersion
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
HeapReAlloc
IsBadWritePtr
ExitProcess

psapi

GetModuleFileNameExW
EnumProcessModules
GetModuleInformation

advapi32

IsTextUnicode
GetSecurityDescriptorSacl
SetSecurityDescriptorSacl
AllocateAndInitializeSid
SetEntriesInAclW
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
FreeSid
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey

user32

GetWindowThreadProcessId
GetSystemMetrics
ToUnicode

ws2_32

inet_ntoa
getsockopt
WSASetLastError
htons

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

oleaut32

SysFreeString
SysAllocString

shell32

CommandLineToArgvW

ole32

StringFromGUID2
CoTaskMemFree
StringFromCLSID

shlwapi

PathIsNetworkPathW

Exports

Exports

1

Sections

.text
Size: 231KB - Virtual size: 231KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 91KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.detourc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.detourd
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.UPX0
Size: 659KB - Virtual size: 659KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
trueeyesu.dll
.dll windows:4 windows x64 arch:x64

58e506e763386acda97bb8881d7161a6

Code Sign

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

02:1f:6f:8b:67:7d:14:ec:96:27:bd:f0:14:75:b2:60
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

28/05/2021, 00:00

Not After

01/06/2022, 23:59

Subject

SERIALNUMBER=110111-1138985,CN=AhnLab\, Inc.,O=AhnLab\, Inc.,L=Seongnam-si,ST=Gyeonggi-do,C=KR,1.3.6.1.4.1.311.60.2.1.1=#130b53656f6e676e616d2d7369,1.3.6.1.4.1.311.60.2.1.2=#130b4779656f6e6767692d646f,1.3.6.1.4.1.311.60.2.1.3=#13024b52,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

53:94:2a:09:b5:d9:93:48:4b:b8:c3:a3:88:15:6a:bb:86:0d:31:b4:2b:22:a6:23:3e:ac:12:5c:b9:3e:ac:72
Signer

Actual PE Digest

53:94:2a:09:b5:d9:93:48:4b:b8:c3:a3:88:15:6a:bb:86:0d:31:b4:2b:22:a6:23:3e:ac:12:5c:b9:3e:ac:72

Digest Algorithm

sha256

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Build\Project\Medicine\Engine\TrueEyes_MainTrunk\building\build\Project\Medicine\Engine\Common\TrueEyes\Trunk\Build\AMD64\Free\TrueEyesU.pdb

Imports

ntdll

memset
RtlNtStatusToDosError
ZwClose
ZwQueryVirtualMemory
ZwOpenProcess
ZwAllocateVirtualMemory
ZwFreeVirtualMemory
ZwProtectVirtualMemory
memcpy
ZwFlushInstructionCache
LdrGetProcedureAddress
RtlInitAnsiString
ZwDuplicateObject
ZwQueryInformationThread
ZwGetContextThread
ZwDeviceIoControlFile
strncmp
memcmp
ZwReadVirtualMemory
__C_specific_handler
NtAllocateVirtualMemory
NtFreeVirtualMemory
NtProtectVirtualMemory
NtQueryVirtualMemory
NtFlushInstructionCache
NtResumeThread
NtGetContextThread
NtSetContextThread
RtlAllocateHeap
RtlFreeHeap

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 340B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.detourc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.detourd
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.UPX0
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$_0_/V3Medic.exe
.exe windows:5 windows x86 arch:x86

25ed4ce053872020aef1006182cbb182

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:7b:2e:10:a0:d9:6c:4d:53:bd:1e:49:42:fc:ca:c9
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

24/06/2024, 00:00

Not After

22/06/2025, 23:59

Subject

SERIALNUMBER=110111-1138985,CN=AhnLab\, Inc.,O=AhnLab\, Inc.,L=Seongnam-si,ST=Gyeonggi-do,C=KR,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.1=#130b53656f6e676e616d2d7369,1.3.6.1.4.1.311.60.2.1.2=#130b4779656f6e6767692d646f,1.3.6.1.4.1.311.60.2.1.3=#13024b52

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0b:ae:66:bc:5a:ba:7f:95:87:c6:f9:e9:04:e3:33:04
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

26/09/2024, 00:00

Not After

25/11/2035, 23:59

Subject

CN=DigiCert Timestamp 2024,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

b2:49:91:fe:ba:85:dd:d7:0b:3e:7b:5c:68:7c:d3:12:a6:c9:78:b1:19:13:5d:61:e4:57:64:d0:70:f5:67:3b
Signer

Actual PE Digest

b2:49:91:fe:ba:85:dd:d7:0b:3e:7b:5c:68:7c:d3:12:a6:c9:78:b1:19:13:5d:61:e4:57:64:d0:70:f5:67:3b

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegDeleteKeyW
RegCloseKey
RegEnumKeyW
RegEnumValueW
RegQueryValueExW
RegSetValueExW
RegDeleteValueW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
SetFileSecurityW
RegOpenKeyExW
RegCreateKeyExW

shell32

ShellExecuteExW
SHBrowseForFolderW
SHGetPathFromIDListW
SHGetFileInfoW
SHFileOperationW
SHGetSpecialFolderLocation

ole32

CoCreateInstance
OleUninitialize
OleInitialize
IIDFromString
CoTaskMemFree

comctl32

ord17
ImageList_Destroy
ImageList_AddMasked
ImageList_Create

user32

GetDlgItemTextW
SetDlgItemTextW
RegisterClassW
CreateWindowExW
GetClassInfoW
DialogBoxParamW
SetWindowPos
IsWindowEnabled
SetClassLongW
GetSystemMenu
EnableMenuItem
CreateDialogParamW
EndDialog
GetSystemMetrics
CreatePopupMenu
AppendMenuW
GetWindowRect
TrackPopupMenu
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
IsWindowVisible
CallWindowProcW
GetMessagePos
ScreenToClient
CheckDlgButton
LoadCursorW
MessageBoxIndirectW
GetWindowLongW
GetSysColor
CharNextW
ExitWindowsEx
DestroyWindow
SetWindowTextW
PostQuitMessage
SetForegroundWindow
ShowWindow
wsprintfW
SendMessageTimeoutW
FindWindowExW
IsWindow
GetDlgItem
SetWindowLongW
LoadImageW
GetDC
ReleaseDC
EnableWindow
InvalidateRect
SendMessageW
DefWindowProcW
BeginPaint
GetClientRect
FillRect
DrawTextW
EndPaint
CharNextA
CharPrevW
DispatchMessageW
wsprintfA
SetCursor
PeekMessageW
SystemParametersInfoW

gdi32

GetDeviceCaps
SetBkColor
SelectObject
DeleteObject
CreateBrushIndirect
CreateFontIndirectW
SetBkMode
SetTextColor

kernel32

CreateProcessW
lstrcmpiA
GetTempFileNameW
WriteFile
CreateDirectoryW
GetLastError
CreateThread
GlobalLock
GlobalUnlock
GetDiskFreeSpaceW
WideCharToMultiByte
lstrcpynW
lstrlenW
SetErrorMode
GetCommandLineW
GetTempPathW
GetWindowsDirectoryW
SetEnvironmentVariableW
ExitProcess
lstrcatW
GetCurrentProcess
GetVersion
GetModuleFileNameW
GetFileSize
CreateFileW
GetTickCount
Sleep
SetFileAttributesW
GetFileAttributesW
SetCurrentDirectoryW
MoveFileW
GetFullPathNameW
GetShortPathNameW
SearchPathW
CompareFileTime
SetFileTime
CloseHandle
lstrcmpiW
lstrcmpW
ExpandEnvironmentStringsW
GlobalAlloc
GlobalFree
GetModuleHandleW
LoadLibraryExW
FreeLibrary
WritePrivateProfileStringW
GetPrivateProfileStringW
lstrlenA
MultiByteToWideChar
ReadFile
SetFilePointer
FindClose
FindNextFileW
FindFirstFileW
DeleteFileW
MulDiv
GetSystemDirectoryW
GetProcAddress
GetModuleHandleA
GetExitCodeProcess
WaitForSingleObject
RemoveDirectoryW
lstrcpyA
MoveFileExW
CopyFileW

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 408KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/AI7z20.dll
.dll windows:4 windows x86 arch:x86

3b12557ea125fa3930fa1bab35b77533

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:eb:98:08:f9:4a:36:6f:2c:44:5d:4a:d6:62:85:1b
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

24/06/2024, 00:00

Not After

22/06/2025, 23:59

Subject

SERIALNUMBER=110111-1138985,CN=AhnLab\, Inc.,O=AhnLab\, Inc.,L=Seongnam-si,ST=Gyeonggi-do,C=KR,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.1=#130b53656f6e676e616d2d7369,1.3.6.1.4.1.311.60.2.1.2=#130b4779656f6e6767692d646f,1.3.6.1.4.1.311.60.2.1.3=#13024b52

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0b:ae:66:bc:5a:ba:7f:95:87:c6:f9:e9:04:e3:33:04
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

26/09/2024, 00:00

Not After

25/11/2035, 23:59

Subject

CN=DigiCert Timestamp 2024,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

9c:cd:95:a6:72:71:95:f8:f0:31:c9:cd:2d:23:cc:7b:12:6d:06:82:da:30:08:5b:f4:bf:96:c8:58:32:66:73
Signer

Actual PE Digest

9c:cd:95:a6:72:71:95:f8:f0:31:c9:cd:2d:23:cc:7b:12:6d:06:82:da:30:08:5b:f4:bf:96:c8:58:32:66:73

Digest Algorithm

sha256

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetEvent
DeleteFileW
SetFileAttributesW
ResetEvent
WaitForSingleObject
CloseHandle
CreateThread
CreateEventW
FileTimeToSystemTime
FileTimeToLocalFileTime
CreateDirectoryW
OutputDebugStringW
lstrcmpiW
SetConsoleCtrlHandler
lstrcatA
lstrlenA
VirtualAlloc
VirtualFree
CompareStringW
CompareStringA
MultiByteToWideChar
WideCharToMultiByte
FreeLibrary
LoadLibraryExW
LoadLibraryW
GetModuleFileNameW
LocalFree
FormatMessageW
GetWindowsDirectoryW
GetSystemDirectoryW
GetLastError
RemoveDirectoryW
GetShortPathNameW
lstrlenW
GetFullPathNameW
GetCurrentDirectoryW
SearchPathW
GetTempPathW
GetTempFileNameW
FindClose
FindFirstFileW
FindNextFileW
FindCloseChangeNotification
FindFirstChangeNotificationW
GetLogicalDriveStringsW
CreateFileW
GetFileSize
SetFilePointer
GetFileInformationByHandle
ReadFile
SetFileTime
WriteFile
SetEndOfFile
CompareFileTime
GetStdHandle
LeaveCriticalSection
EnterCriticalSection
WaitForMultipleObjects
DeleteCriticalSection
InitializeCriticalSection
AreFileApisANSI
OpenEventW
UnmapViewOfFile
MapViewOfFile
OpenFileMappingW
MoveFileW
GetProcAddress
SystemTimeToFileTime
GetSystemTime
SetCurrentDirectoryW
FileTimeToDosDateTime
GetDriveTypeW
SetEnvironmentVariableA
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
IsValidCodePage
IsValidLocale
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
Sleep
RtlUnwind
HeapFree
RaiseException
HeapAlloc
GetTimeZoneInformation
GetLocalTime
GetCommandLineA
GetVersion
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetCurrentThread
GetModuleHandleA
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
HeapReAlloc
IsBadWritePtr
ExitProcess
FatalAppExitA
TerminateProcess
GetCurrentProcess
HeapSize
SetUnhandledExceptionFilter
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
IsBadReadPtr
IsBadCodePtr
UnhandledExceptionFilter
InterlockedDecrement
InterlockedIncrement
FlushFileBuffers
SetStdHandle
CreateFileA
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA
GetLocaleInfoW

user32

CharUpperW
CharToOemW
CharNextA
CharUpperA
CharPrevExA

oleaut32

VariantCopy
VariantClear
SysAllocString
SysFreeString

Exports

Exports

AI7z_Extract
AI7z_ExtractEx

Sections

.text
Size: 320KB - Virtual size: 316KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/AIS_PageProgramMaintenance.ini
$PLUGINSDIR/AIS_PageUnConfirm.ini
$PLUGINSDIR/AhnI2t.dll
.dll windows:5 windows x86 arch:x86

8db99d5919d51490a6aba0c455b3d9b8

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:75:60:f5:9a:a0:ea:7c:1e:57:2b:49:4c:b5:c0:bd
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

01/09/2023, 00:00

Not After

31/08/2024, 00:00

Subject

SERIALNUMBER=110111-1138985,CN=AhnLab\, Inc.,O=AhnLab\, Inc.,L=Seongnam-si,ST=Gyeonggi-do,C=KR,2.5.4.15=#131450726976617465206f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.1=#130b53656f6e676e616d2d7369,1.3.6.1.4.1.311.60.2.1.2=#130b4779656f6e6767692d646f,1.3.6.1.4.1.311.60.2.1.3=#13024b52

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

ff:87:f0:85:99:4b:46:09:14:13:7a:be:d9:99:27:ab:ca:a4:e2:26:81:4e:78:cc:41:ba:4e:ac:e9:f1:d6:ce
Signer

Actual PE Digest

ff:87:f0:85:99:4b:46:09:14:13:7a:be:d9:99:27:ab:ca:a4:e2:26:81:4e:78:cc:41:ba:4e:ac:e9:f1:d6:ce

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\Build\ais\ahni2\master-61\build\git\ais\ahni2\Build\NT32Release.vc90\AhnI2t.pdb

Imports

kernel32

InterlockedExchange
GetCurrentProcessId
InterlockedIncrement
GetCurrentProcess
DeleteFileW
RemoveDirectoryW
GetModuleHandleW
FindFirstFileW
FindNextFileW
GetCurrentDirectoryA
GetFullPathNameA
GetModuleHandleA
FindFirstFileA
GetDriveTypeA
GetFileAttributesW
PeekNamedPipe
GetFileInformationByHandle
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
GetVersion
CreateFileW
WriteFile
CloseHandle
CreateDirectoryW
GetDateFormatW
lstrcmpiW
GetModuleFileNameW
GetLocalTime
GetSystemDirectoryW
LoadLibraryW
GetProcAddress
FreeLibrary
GetLastError
SetConsoleMode
ReadConsoleW
ReadConsoleA
ReadFile
GetFileSize
SetEndOfFile
SetFilePointer
EnterCriticalSection
LeaveCriticalSection
GetCurrentThreadId
SetLastError
GetSystemTimeAsFileTime
WaitForSingleObject
ReleaseMutex
CreateMutexW
GetWindowsDirectoryW
MoveFileW
GetTickCount
MultiByteToWideChar
WideCharToMultiByte
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
GetVersionExW
VirtualFree
VirtualAlloc
RtlUnwind
GetCommandLineA
HeapFree
HeapReAlloc
HeapAlloc
GetConsoleCP
GetConsoleMode
SetStdHandle
GetFileType
FlushFileBuffers
HeapSize
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedDecrement
Sleep
ExitProcess
SetHandleCount
GetStdHandle
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
HeapDestroy
QueryPerformanceCounter
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
CreateFileA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
RaiseException
SetConsoleCtrlHandler
LoadLibraryA
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetProcessHeap
GetTimeZoneInformation
CompareStringA
CompareStringW
SetEnvironmentVariableA
InterlockedCompareExchange
InterlockedExchangeAdd
FormatMessageA
GetSystemDirectoryA
GetEnvironmentVariableW

advapi32

RegDeleteKeyW
CryptDestroyHash
CryptGetHashParam
CryptHashData
CryptCreateHash
CryptAcquireContextW
RegOpenKeyExW
RegCreateKeyExW
RegSetValueExW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
DeregisterEventSource
ReportEventW
RegisterEventSourceW
CryptGenRandom
RegDeleteValueW
RegQueryInfoKeyW
CryptReleaseContext
RegCloseKey
RegQueryValueExW
RegEnumValueW

ws2_32

shutdown
send
recv
closesocket
setsockopt
connect
socket
select
ioctlsocket
WSACleanup
WSAStartup
getsockopt
getservbyport
gethostbyaddr
gethostbyname
WSAGetLastError
inet_addr
htons
getservbyname
htonl
WSASetLastError
ntohs
inet_ntoa

user32

MessageBoxW
GetProcessWindowStation
CharPrevA
CharNextA
GetUserObjectInformationW

Exports

Exports

AB7FC8EE888E4a9b8E35ECA228EC5A00
AI210F4C7D9
AI2189606B6
AI22570F53F
AI23795C1FF
AI23F75C85E
AI244B9D58C
AI264E8E65A
AI27533E519
AI280A6E132
AI29B2A45A0
AI2A0C12D74
AI2B225DE6D
AI2B59ED73B
AI2B5A29E3C
AI2B5E58553
AI2BAA2C0CD
AI2C0124906
AI2C477D343
AI2C4821643
AI2C69D3464
AI2CB8999E8
AI2CD92D838
AI2CEB8F5F0
AI2CFCF49D1
AI2D05A71A7
AI2D3B051E6
AI2D496A3BC
AI2D8E8DBBF
AI2DA5A542D
AI2E0A2B5D6
AI2E15457F4
AI2E18F4D40
AI2E5DE6421
AI2E8D56B09
AI2EB0BA897
AI2ED186BB0
AI2EFD4CAFB
AI2F1DF75F6
AI2F87F6EB6
AI2FE12C6B7
AhnInst2_AddUpdateProduct
AhnInst2_ConcealSerial
AhnInst2_DeleteUserInfo
AhnInst2_DeleteUserInfoEx
AhnInst2_EnDeSecData
AhnInst2_GetDaysLeft
AhnInst2_GetInstallVersion
AhnInst2_GetLastError
AhnInst2_GetSecProfileInt
AhnInst2_GetSecProfileString
AhnInst2_GetTDaysLeft
AhnInst2_GetTValidDuration
AhnInst2_GetUserInfo
AhnInst2_GetUserInfoEx
AhnInst2_GetUserInfoExBin
AhnInst2_GetUserInfoExBin2
AhnInst2_InvalidSerialNum
AhnInst2_IsT
AhnInst2_IsTOver
AhnInst2_OpUserInfo
AhnInst2_RebuildSerial
AhnInst2_RemoveUpdateProduct
AhnInst2_SecFree
AhnInst2_SecMalloc
AhnInst2_SetUserInfo
AhnInst2_SetUserInfoEx
AhnInst2_SetUserInfoExAny
AhnInst2_SetUserInfoExBin
AhnInst2_UpdateUserInfo
AhnInst2_WriteSecProfileInt
AhnInst2_WriteSecProfileString
B225DE6D05014699BAFC8CE606B98DBB
B59ED73BD6B741b4802B2CF74D935321
B5A29E3CDC2646d89725907A991873F1
B5E5855371F24b5c9B048AC3DE04E698
C0124906261A439dB786CAC5F06AB3C2
C477D3439BC941f495D4F5BC47031514
C482164330234317905C01E0DDA7C6D4
CD92D8388ED54b1eBA25CC8BBD3DAFA1
CFCF49D171E04332B1DB2C888E2BA493
D05A71A757FC4a899570684E653202A1
D3B051E6A9744f82AE52D94DBD9AE682
D496A3BCBEF64bb8B57FB799C904A8D4
D8E8DBBFC12A43e8AE414991B5BAFA0F
DA5A542DF4D4426c8D198DEC34B534BA
E0A2B5D66F2142818CC3AE1AE276F7E9
E15457F40FAF4a379EA42E30EDA8AD9A
E18F4D40197441579261E01089C9B46A
E5DE64217CAD44679A2915ED82C825B9
E8D56B09B05149da97647CDD469DBDB0
EB0BA897D99E4602A321FF11A517ACB2
ED186BB0295A4ca2A0E38BCDCE4AFEED
EFD4CAFBA52C417aB0655ECDB5540B2F
F1DF75F654DF4637A6AEEC64AC4D0F13
F87F6EB694AA4705AFF1B2333CA3E173
FE12C6B73FC44d31BD0635841EFB25A7

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 482KB - Virtual size: 481KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/AhnIEx.dll
.dll windows:5 windows x86 arch:x86

2b1df27ea84e0aac2a8f2a80715b3557

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:eb:98:08:f9:4a:36:6f:2c:44:5d:4a:d6:62:85:1b
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

24/06/2024, 00:00

Not After

22/06/2025, 23:59

Subject

SERIALNUMBER=110111-1138985,CN=AhnLab\, Inc.,O=AhnLab\, Inc.,L=Seongnam-si,ST=Gyeonggi-do,C=KR,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.1=#130b53656f6e676e616d2d7369,1.3.6.1.4.1.311.60.2.1.2=#130b4779656f6e6767692d646f,1.3.6.1.4.1.311.60.2.1.3=#13024b52

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0b:ae:66:bc:5a:ba:7f:95:87:c6:f9:e9:04:e3:33:04
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

26/09/2024, 00:00

Not After

25/11/2035, 23:59

Subject

CN=DigiCert Timestamp 2024,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

f8:64:b1:2d:ca:07:9e:e6:a4:d1:24:10:19:e1:7c:af:73:af:d6:c7:ef:58:75:ef:c1:af:cd:ab:4e:0a:77:1e
Signer

Actual PE Digest

f8:64:b1:2d:ca:07:9e:e6:a4:d1:24:10:19:e1:7c:af:73:af:d6:c7:ef:58:75:ef:c1:af:cd:ab:4e:0a:77:1e

Digest Algorithm

sha256

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\Build\Install\Common\Plugins\building\build\svn\AhnLab\Install\Common\Plugins\Trunk\Build\NT32Release\AhnIEx.pdb

Imports

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

ws2_32

shutdown
send
recv
closesocket
setsockopt
connect
socket
select
WSACleanup
WSAStartup
getsockopt
getservbyport
gethostbyaddr
gethostbyname
WSAGetLastError
inet_addr
htons
getservbyname
htonl
WSASetLastError
ntohs
inet_ntoa
ioctlsocket

kernel32

DeleteFileW
GetTickCount
FindClose
FindFirstFileW
DeviceIoControl
CreateFileW
Sleep
RemoveDirectoryW
SetFileAttributesW
GetShortPathNameW
CompareFileTime
FindNextFileW
HeapFree
HeapAlloc
GetProcessHeap
GetFileInformationByHandle
ExpandEnvironmentStringsW
GetDriveTypeW
QueryDosDeviceW
MoveFileW
CreateDirectoryW
CopyFileW
GetFileAttributesW
HeapReAlloc
HeapSize
GetCommandLineW
GetTempPathW
GetSystemDirectoryW
GetTimeFormatW
GetDateFormatW
EnumResourceLanguagesW
GetLocaleInfoW
MoveFileExW
ReadFile
GetFileSize
lstrlenW
GetWindowsDirectoryW
GetCurrentProcess
GetExitCodeProcess
CreateProcessW
OpenMutexW
CreateMutexW
GetCurrentThread
LocalFree
GetCurrentDirectoryW
CreatePipe
WaitForSingleObject
TerminateProcess
WriteFile
GetVersionExW
GetDiskFreeSpaceW
FreeResource
LoadResource
FindResourceExW
GlobalAddAtomW
MultiByteToWideChar
SizeofResource
LockResource
GetModuleHandleW
WideCharToMultiByte
lstrcmpA
InterlockedCompareExchange
VirtualAlloc
VirtualFree
InitializeCriticalSectionAndSpinCount
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetCurrentThreadId
InterlockedExchangeAdd
FormatMessageA
LoadLibraryA
GetSystemDirectoryA
GetVersion
GetFileType
GetStdHandle
GetACP
GetEnvironmentVariableW
GetSystemTimeAsFileTime
QueryPerformanceCounter
ReadConsoleA
ReadConsoleW
GetConsoleMode
SetConsoleMode
HeapDestroy
HeapCreate
InterlockedDecrement
InterlockedIncrement
FindFirstFileA
GetDriveTypeA
SetConsoleCtrlHandler
ExitProcess
PeekNamedPipe
FileTimeToLocalFileTime
FileTimeToSystemTime
GetCommandLineA
RaiseException
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlUnwind
SetFilePointer
SetEndOfFile
FlushFileBuffers
ReleaseMutex
GetModuleFileNameA
GetModuleHandleA
GetCPInfo
GlobalAlloc
GlobalFree
OpenProcess
CloseHandle
lstrcmpiW
GetCurrentProcessId
lstrcmpW
GlobalGetAtomNameW
GlobalDeleteAtom
LoadLibraryW
GetProcAddress
FreeLibrary
GetLocalTime
GetPrivateProfileStringW
GetPrivateProfileIntW
WritePrivateProfileStringW
GetLastError
GetModuleFileNameW
SetLastError
GetOEMCP
IsValidCodePage
SetHandleCount
GetStartupInfoA
GetConsoleCP
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetStdHandle
GetTimeZoneInformation
LCMapStringA
LCMapStringW
GetFullPathNameA
CreateFileA
GetCurrentDirectoryA
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringA
CompareStringW
SetEnvironmentVariableA
FindResourceW
InitializeCriticalSection

user32

MessageBoxW
IsWindowVisible
IsWindow
GetProcessWindowStation
GetUserObjectInformationW
SetWindowTextW
ExitWindowsEx
GetSystemMetrics
CharNextW
IsCharUpperW
CharLowerW
CharPrevW
PeekMessageW
MsgWaitForMultipleObjects
DispatchMessageW
PostQuitMessage
SendMessageW
FindWindowExW
GetDlgItem
GetWindowTextW
IsCharAlphaW
RegisterWindowMessageW
GetClassInfoExW
RegisterClassExW
CreateWindowExW
DestroyWindow
DefWindowProcW

advapi32

ReportEventW
DeleteAce
LookupAccountNameW
GetFileSecurityW
GetSecurityDescriptorDacl
GetAclInformation
GetLengthSid
InitializeAcl
GetAce
AddAce
AddAccessAllowedAce
GetSecurityDescriptorControl
SetFileSecurityW
OpenThreadToken
RegDeleteKeyW
RegEnumValueW
RegCreateKeyExW
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
DeleteService
ControlService
StartServiceW
QueryServiceStatus
CreateServiceW
OpenSCManagerW
OpenServiceW
CloseServiceHandle
CryptCreateHash
CryptHashData
CryptGetHashParam
CryptDestroyHash
CryptReleaseContext
CryptAcquireContextW
LookupPrivilegeValueW
AdjustTokenPrivileges
RegQueryInfoKeyW
RegEnumKeyExW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
RegDeleteValueW
RegSetValueExW
CreateProcessAsUserW
OpenProcessToken
GetTokenInformation
AllocateAndInitializeSid
EqualSid
FreeSid
RegisterEventSourceW
CryptGenRandom
DeregisterEventSource

shell32

SHGetMalloc
SHFileOperationW
ShellExecuteW
FindExecutableW
SHGetPathFromIDListW
SHGetSpecialFolderLocation

ole32

CoCreateInstance
CoTaskMemFree

shlwapi

PathAppendW
PathFileExistsW

Exports

Exports

AI_AddAccessRightsToDir
AI_AddArchivedFile
AI_AddArchivedFile2
AI_AddUpdateProduct
AI_CheckComponentState
AI_CheckError
AI_CheckMultiOsAc
AI_CheckMultiOsLn
AI_CheckReboot
AI_CheckSystemRebootFlag
AI_ClearError
AI_CompareFileVersion
AI_CopyFile
AI_CopyFile2
AI_CopyFiles
AI_CreateArchivedFileList
AI_CreateChildSetup
AI_CreateDir
AI_CreateDir2
AI_CreateService2
AI_CreateShortcut
AI_CutBackslash
AI_DeleteAc
AI_DeleteDirAndFiles
AI_DeleteFile
AI_DeleteService
AI_DeleteUserInfo
AI_DeleteUserInfoEx
AI_DetailPrint
AI_DetailPrintErr
AI_EnableDetailPrint
AI_EnableMsgBox
AI_EnableWow64FsRedirection
AI_EnableWow64RegRedirection
AI_Exec
AI_Exec2
AI_ExecAsAdmin
AI_ExecCloneOfUninstaller
AI_ExecWait
AI_ExecWebLink
AI_ExitWindows
AI_ExpandRelatedPath
AI_ExtractFile
AI_ExtractFile2
AI_ExtractSubString
AI_ExtractWithList
AI_Free
AI_GenClientId
AI_GetComponentFlag
AI_GetComponentInfo
AI_GetCtrlText
AI_GetDateTimeFormat
AI_GetDefComponentState
AI_GetDiskFreeSpace
AI_GetFileVersionInfo
AI_GetLicenseVersion
AI_GetMode
AI_GetOS
AI_GetOS2
AI_GetParentProcess
AI_GetProfileInt
AI_GetProfileStr
AI_GetSecProfileInt
AI_GetSecProfileStringEx
AI_GetUserInfoEx
AI_Init
AI_InitEx
AI_InitExtraComponentInfo
AI_Is
AI_IsAdmin
AI_IsAnotherInstanceRunning
AI_IsDir
AI_IsFileExist
AI_IsFileRunning
AI_IsLocalSystem
AI_IsProcessorAMD64
AI_IsProcessorARM64
AI_IsProcessorIA64
AI_IsRegKeyExist
AI_IsServiceInstalled
AI_IsSupportSHA256
AI_IsT
AI_IsWin
AI_IsWin2
AI_IsWin3
AI_IsWinNT
AI_IsWinNTOrLater
AI_IsWinNTOrLater2
AI_IsWinNTOrLater3
AI_IsWinOrLater
AI_IsWinsockLater
AI_IsWorkstation
AI_IsWow64Process
AI_Ln2Ac
AI_LoadAc
AI_LoadClientId
AI_LoadUserInfo
AI_LogAction
AI_LogComment
AI_LogDbg
AI_LogEnter
AI_LogErr
AI_LogFlush
AI_LogHeader
AI_LogLeave
AI_LogLeaveAll
AI_LogWarn
AI_MsgBox
AI_OnShowLicense
AI_OnShowPage
AI_PBCallbackControl
AI_PBCallbackSetPos
AI_PBCallbackSetRange
AI_PBInit
AI_PickFileVer
AI_RegDeleteKey
AI_RegDeleteValue
AI_RegEnumKey
AI_RegEnumValue
AI_RegGetDWord
AI_RegGetString
AI_RegSetDWord
AI_RegSetString
AI_RegSetVolatileDWord
AI_RegSetVolatileString
AI_RegisterRebootMsgForAPC
AI_RemoveUpdateProduct
AI_RemoveUserInfo
AI_RenameDirToCreateFileWithSameName
AI_RenameFileToCreateDirWithSameName
AI_ReplaceFileOnReboot
AI_SaveAc
AI_SaveUserInfo
AI_SetArchiveFile
AI_SetCatalog
AI_SetComponentFlag
AI_SetCopyFlag
AI_SetCurrentArchivedFileList
AI_SetDeleteFlag
AI_SetError
AI_SetLanguage
AI_SetLogFile
AI_SetLogFlag
AI_SetLogLevel
AI_SetMode
AI_SetOutPath
AI_SetReboot
AI_SetSharedCount
AI_SetSystemRebootFlag
AI_SetSystemRebootFlag2
AI_SetUserInfo
AI_SetUserInfoEx
AI_SplitPath
AI_StartService
AI_StopService
AI_StrAdd
AI_StrFormat
AI_StrGet
AI_StrReplace
AI_StrTrace
AI_System64
AI_Un_CheckComponentState
AI_Un_GetComponentInfo
AI_UpdateUserInfo
AI_VerifyArgument
AI_VerifyComponentFlag
AI_VerifyDirectory
AI_VerifyIEVersion
AI_VerifyLn
AI_VerifyParent
AI_VerifyStartMenu
AI_VerifyUserInfo
AI_VerifyWinSuite
AI_WriteComponentInfo
AI_WriteUninstallInfo
AI_vf
AhnIEx_AddAccessRightsToDir
AhnIEx_AddAccessRightsToFile
AhnIEx_AddArchivedFile
AhnIEx_AddArchivedFile2
AhnIEx_AddUpdateProduct
AhnIEx_CheckError
AhnIEx_CheckReboot
AhnIEx_CheckSystemRebootFlag
AhnIEx_ClearError
AhnIEx_CompareFileVersion
AhnIEx_ConcealSerial
AhnIEx_CopyFile
AhnIEx_CopyFile2
AhnIEx_CopyFiles
AhnIEx_CreateArchivedFileList
AhnIEx_CreateDir
AhnIEx_CreateDir2
AhnIEx_CreateService
AhnIEx_CreateService2
AhnIEx_CreateShortcut
AhnIEx_CutBackslash
AhnIEx_DeleteDirAndFiles
AhnIEx_DeleteFile
AhnIEx_DeleteService
AhnIEx_DeleteUserInfo
AhnIEx_DetailPrint
AhnIEx_DetailPrintErr
AhnIEx_EnableMsgBox
AhnIEx_EnableWow64FsRedirection
AhnIEx_EnableWow64RegRedirection
AhnIEx_Exec
AhnIEx_Exec2
AhnIEx_ExecAsAdmin
AhnIEx_ExecWait
AhnIEx_ExecWebLink
AhnIEx_ExitWindows
AhnIEx_ExpandRelatedPath
AhnIEx_ExtractFile
AhnIEx_ExtractFile2
AhnIEx_ExtractSubString
AhnIEx_ExtractWithList
AhnIEx_Free
AhnIEx_GetDateTimeFormat
AhnIEx_GetDiskFreeSpace
AhnIEx_GetFileVersionInfo
AhnIEx_GetMode
AhnIEx_GetOS
AhnIEx_GetOS2
AhnIEx_GetParentProcess
AhnIEx_GetProfileInt
AhnIEx_GetProfileStr
AhnIEx_GetSecProfileInt
AhnIEx_GetSecProfileString
AhnIEx_GetSecProfileStringEx
AhnIEx_GetSpecialFolder
AhnIEx_GetUserInfo
AhnIEx_Init
AhnIEx_InitEx
AhnIEx_InvalidSerialNum
AhnIEx_InvalidSerialNum2
AhnIEx_Is
AhnIEx_IsAdmin
AhnIEx_IsDir
AhnIEx_IsEvaluationExpired
AhnIEx_IsFileExist
AhnIEx_IsFileRunning
AhnIEx_IsLocalSystem
AhnIEx_IsProcessorAMD64
AhnIEx_IsProcessorARM64
AhnIEx_IsProcessorIA64
AhnIEx_IsRegKeyExist
AhnIEx_IsServiceInstalled
AhnIEx_IsSupportSHA256
AhnIEx_IsWin
AhnIEx_IsWin2
AhnIEx_IsWin3
AhnIEx_IsWinNT
AhnIEx_IsWinNTOrLater
AhnIEx_IsWinNTOrLater2
AhnIEx_IsWinNTOrLater3
AhnIEx_IsWinOrLater
AhnIEx_IsWinsockLater
AhnIEx_IsWorkstation
AhnIEx_IsWow64Process
AhnIEx_LoadString
AhnIEx_LogAction
AhnIEx_LogActionf
AhnIEx_LogComment
AhnIEx_LogCommentf
AhnIEx_LogContinue
AhnIEx_LogDbg
AhnIEx_LogDbgf
AhnIEx_LogEnter
AhnIEx_LogErr
AhnIEx_LogErrf
AhnIEx_LogFlush
AhnIEx_LogHeader
AhnIEx_LogLeave
AhnIEx_LogLeaveAll
AhnIEx_LogPause
AhnIEx_LogWarn
AhnIEx_LogWarnf
AhnIEx_MsgBox
AhnIEx_PBCallbackSetPos
AhnIEx_PBCallbackSetRange
AhnIEx_PickFileVer
AhnIEx_RebuildSerial
AhnIEx_RegDeleteKey
AhnIEx_RegDeleteValue
AhnIEx_RegEnumKey
AhnIEx_RegEnumValue
AhnIEx_RegGetBinary
AhnIEx_RegGetDWord
AhnIEx_RegGetString
AhnIEx_RegSetBinary
AhnIEx_RegSetDWord
AhnIEx_RegSetString
AhnIEx_RegSetVolatileBinary
AhnIEx_RegSetVolatileDWord
AhnIEx_RegSetVolatileString
AhnIEx_RegisterRebootMsgForAPC
AhnIEx_RemoveUpdateProduct
AhnIEx_RenameDirToCreateFileWithSameName
AhnIEx_RenameFileToCreateDirWithSameName
AhnIEx_ReplaceFileOnReboot
AhnIEx_SetArchiveFile
AhnIEx_SetCatalog
AhnIEx_SetCopyFlag
AhnIEx_SetCurrentArchivedFileList
AhnIEx_SetDeleteFlag
AhnIEx_SetError
AhnIEx_SetLanguage
AhnIEx_SetLogFile
AhnIEx_SetLogLevel
AhnIEx_SetMode
AhnIEx_SetOutPath
AhnIEx_SetReboot
AhnIEx_SetSharedCount
AhnIEx_SetSystemRebootFlag
AhnIEx_SetUserInfo
AhnIEx_SplitPath
AhnIEx_StartService
AhnIEx_StopService
AhnIEx_StrAdd
AhnIEx_StrCatF
AhnIEx_StrCatN
AhnIEx_StrCpyF
AhnIEx_StrFormat
AhnIEx_StrGet
AhnIEx_StrReplace
AhnIEx_StrStrI
AhnIEx_StrTrace
AhnIEx_VerifyArgument
AhnIEx_VerifyDirectory
AhnIEx_VerifyIEVersion
AhnIEx_VerifyParent
AhnIEx_VerifyStartMenu
AhnIEx_VerifyWinSuite
AhnIEx_WriteComponentInfo
AhnIEx_WriteUninstallInfo
AhnIEx_snprintf
AhnIEx_vf

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 532KB - Virtual size: 531KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 95KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/InstallOptions.dll
.dll windows:5 windows x86 arch:x86

68b9567920a9614cd482756088778c4e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
SetEndOfFile
WriteFile
SetFilePointer
MultiByteToWideChar
GlobalLock
GetFileSize
CreateFileW
lstrcmpiW
GetModuleHandleW
GlobalUnlock
GetCurrentDirectoryW
SetCurrentDirectoryW
GetPrivateProfileIntW
GetPrivateProfileStringW
lstrcatW
WritePrivateProfileStringW
lstrcpynW
lstrlenW
lstrcpyW
GlobalFree
ReadFile
GlobalAlloc

user32

GetClipboardData
OpenClipboard
DestroyIcon
DestroyWindow
DispatchMessageW
TranslateMessage
GetMessageW
IsDialogMessageW
ShowWindow
SetWindowLongW
GetClientRect
SetWindowRgn
LoadIconW
LoadImageW
CreateWindowExW
MapDialogRect
SetCursor
GetWindowRect
CreateDialogParamW
EnableMenuItem
GetSystemMenu
EnableWindow
GetDlgItem
DrawTextW
GetWindowLongW
DrawFocusRect
CallWindowProcW
PostMessageW
wsprintfW
CharNextW
MessageBoxW
GetWindowTextW
GetDlgCtrlID
MapWindowPoints
PtInRect
SetWindowPos
LoadCursorW
GetSysColor
SetWindowTextW
SendMessageW
CloseClipboard

gdi32

SelectObject
CreateRectRgn
GetObjectW
CombineRgn
DeleteObject
CreateCompatibleDC
GetDIBits
SetTextColor

shell32

SHBrowseForFolderW
SHGetPathFromIDListW
ShellExecuteW
SHGetDesktopFolder

comdlg32

GetOpenFileNameW
CommDlgExtendedError
GetSaveFileNameW

ole32

CoTaskMemFree

Exports

Exports

dialog
initDialog
make_unicode
show

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/NSIS.cat
$PLUGINSDIR/SysARM64.exe
$PLUGINSDIR/SysX64.exe
.exe windows:4 windows x64 arch:x64

264087efc26f57783a2f7ec9304a40a0

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:eb:98:08:f9:4a:36:6f:2c:44:5d:4a:d6:62:85:1b
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

24/06/2024, 00:00

Not After

22/06/2025, 23:59

Subject

SERIALNUMBER=110111-1138985,CN=AhnLab\, Inc.,O=AhnLab\, Inc.,L=Seongnam-si,ST=Gyeonggi-do,C=KR,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.1=#130b53656f6e676e616d2d7369,1.3.6.1.4.1.311.60.2.1.2=#130b4779656f6e6767692d646f,1.3.6.1.4.1.311.60.2.1.3=#13024b52

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0b:ae:66:bc:5a:ba:7f:95:87:c6:f9:e9:04:e3:33:04
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

26/09/2024, 00:00

Not After

25/11/2035, 23:59

Subject

CN=DigiCert Timestamp 2024,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

c3:4a:4b:ad:1c:8f:63:8a:51:6a:2c:9f:07:47:3c:f8:4a:5b:47:aa:5e:b5:78:00:d0:24:2b:72:02:79:b5:d0
Signer

Actual PE Digest

c3:4a:4b:ad:1c:8f:63:8a:51:6a:2c:9f:07:47:3c:f8:4a:5b:47:aa:5e:b5:78:00:d0:24:2b:72:02:79:b5:d0

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\Build\Install\Common\Plugins\building\build\svn\AhnLab\Install\Common\Plugins\Trunk\Build\NT32Release\SysX64.pdb

Imports

kernel32

FreeLibrary
LoadLibraryW
GetModuleHandleW
GetModuleFileNameW
VirtualQuery
GetProcAddress
GetLastError
FlushFileBuffers
WideCharToMultiByte
MultiByteToWideChar
WriteFile
GetStdHandle
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
EnterCriticalSection
LeaveCriticalSection
RaiseException
RtlPcToFileHeader
RtlUnwindEx
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
DeleteCriticalSection
SetHandleCount
GetFileType
GetStartupInfoA
Sleep
ExitProcess
GetModuleHandleA
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
SetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
HeapSetInformation
HeapCreate
SetFilePointer
InitializeCriticalSection
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
GetACP
GetOEMCP
GetCPInfo
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
GetLocaleInfoA
LoadLibraryA
CloseHandle
VirtualProtect
VirtualAlloc
GetSystemInfo
ReadFile

user32

CharNextW
CharPrevW

Sections

.text
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:5 windows x86 arch:x86

44dec599b7c15b3419d2bae8c1d68fff

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
lstrcpynW
lstrcpyW
GetProcAddress
WideCharToMultiByte
VirtualFree
lstrlenW
LoadLibraryW
GetModuleHandleW
MultiByteToWideChar
VirtualAlloc
VirtualProtect
GetLastError
FreeLibrary

user32

wsprintfW

ole32

CLSIDFromString
StringFromGUID2

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 915B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 68B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 638B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/VistaLib.dll
.dll windows:4 windows x86 arch:x86

6b00ed171c8d5971a93ef6ea3461d23d

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:eb:98:08:f9:4a:36:6f:2c:44:5d:4a:d6:62:85:1b
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

24/06/2024, 00:00

Not After

22/06/2025, 23:59

Subject

SERIALNUMBER=110111-1138985,CN=AhnLab\, Inc.,O=AhnLab\, Inc.,L=Seongnam-si,ST=Gyeonggi-do,C=KR,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.1=#130b53656f6e676e616d2d7369,1.3.6.1.4.1.311.60.2.1.2=#130b4779656f6e6767692d646f,1.3.6.1.4.1.311.60.2.1.3=#13024b52

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0b:ae:66:bc:5a:ba:7f:95:87:c6:f9:e9:04:e3:33:04
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

26/09/2024, 00:00

Not After

25/11/2035, 23:59

Subject

CN=DigiCert Timestamp 2024,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

ef:fb:20:33:02:ae:0a:dd:e9:12:7c:b8:69:a4:f3:fe:b8:b8:42:b3:57:d7:cb:1a:17:3c:9e:14:1d:86:e6:f9
Signer

Actual PE Digest

ef:fb:20:33:02:ae:0a:dd:e9:12:7c:b8:69:a4:f3:fe:b8:b8:42:b3:57:d7:cb:1a:17:3c:9e:14:1d:86:e6:f9

Digest Algorithm

sha256

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LocalAlloc
GlobalFree
LocalFree
lstrcpynW
GlobalAlloc
OpenProcess
GetProcessHeap
GetLastError
HeapAlloc
HeapFree
SetLastError
lstrlenW
GetCurrentProcessId
ProcessIdToSessionId
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
lstrcpyW
CloseHandle
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
GetCurrentThread
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
WriteFile
SetFilePointer
EnterCriticalSection
LeaveCriticalSection
InterlockedDecrement
InterlockedIncrement
MultiByteToWideChar
InitializeCriticalSection
FatalAppExitA
UnhandledExceptionFilter
GetCPInfo
GetACP
GetOEMCP
VirtualAlloc
HeapReAlloc
IsBadWritePtr
GetProcAddress
LoadLibraryA
SetStdHandle
RtlUnwind
Sleep
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
FlushFileBuffers
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
GetTimeZoneInformation
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA

advapi32

RegOpenKeyW
RegDeleteValueW
RegCreateKeyW
RegSetValueExW
RegCloseKey
LookupAccountSidW
OpenProcessToken
GetTokenInformation
IsValidSid
GetSidIdentifierAuthority
GetSidSubAuthorityCount
GetSidSubAuthority
GetUserNameW

Exports

Exports

VL_AddRunOnce
VL_ConvertTempDir
VL_DelRunOnce
VL_GetSID
VL_GetUserName

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 992B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ambassmt.dll
.dll windows:5 windows x86 arch:x86

3313d5536f10c33aec593c4797d9407b

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:7b:2e:10:a0:d9:6c:4d:53:bd:1e:49:42:fc:ca:c9
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

24/06/2024, 00:00

Not After

22/06/2025, 23:59

Subject

SERIALNUMBER=110111-1138985,CN=AhnLab\, Inc.,O=AhnLab\, Inc.,L=Seongnam-si,ST=Gyeonggi-do,C=KR,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.1=#130b53656f6e676e616d2d7369,1.3.6.1.4.1.311.60.2.1.2=#130b4779656f6e6767692d646f,1.3.6.1.4.1.311.60.2.1.3=#13024b52

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

dd:ea:25:4c:88:4e:72:0e:f4:ec:a7:17:14:49:51:a2:70:e1:1b:69:fc:51:11:b5:4d:39:c8:5d:73:af:63:3b
Signer

Actual PE Digest

dd:ea:25:4c:88:4e:72:0e:f4:ec:a7:17:14:49:51:a2:70:e1:1b:69:fc:51:11:b5:4d:39:c8:5d:73:af:63:3b

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

U:\Ambass\ambass\projects\msvc9\Release DLL MT\ambassmt.pdb

Imports

crypt32

CertGetIntendedKeyUsage
CertOpenStore
CertEnumCertificatesInStore
CryptBinaryToStringA
CertCloseStore
CertFreeCertificateContext
CertOpenSystemStoreA
CertGetEnhancedKeyUsage

kernel32

GetProcAddress
LoadLibraryA
VerifyVersionInfoW
VerSetConditionMask
MultiByteToWideChar
LoadLibraryW
GetSystemDirectoryW
WideCharToMultiByte
GetTickCount
CreateMutexA
CopyFileA
UnlockFileEx
LockFileEx
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
QueryPerformanceCounter
SetLastError
FormatMessageW
CreateEventA
SetEvent
QueryPerformanceFrequency
GetModuleHandleA
GetSystemDirectoryA
GetCurrentThread
SleepEx
CompareFileTime
GetSystemTimeAsFileTime
GetEnvironmentVariableA
PeekNamedPipe
WaitForMultipleObjects
GetFileType
GetStdHandle
MoveFileExA
InitializeCriticalSectionAndSpinCount
InterlockedCompareExchange
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetCurrentThreadId
InterlockedExchangeAdd
FormatMessageA
VirtualAlloc
VirtualFree
GetACP
GetEnvironmentVariableW
GetModuleHandleW
GetVersion
ReadConsoleA
ReadConsoleW
GetConsoleMode
SetConsoleMode
FindNextFileW
FindFirstFileW
FindClose
FreeLibrary
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetExitCodeThread
DeleteFileW
CreateDirectoryW
Sleep
FlushFileBuffers
SetEndOfFile
SetFilePointer
WriteFile
ReadFile
GetFileSize
CreateFileW
GetSystemTime
SystemTimeToFileTime
GetCurrentProcessId
lstrlenA
lstrlenW
CreateMutexW
GetLastError
WaitForSingleObject
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
HeapSize
GetProcessHeap
SetStdHandle
GetConsoleCP
LCMapStringW
LCMapStringA
DeleteFileA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
SetHandleCount
GetCurrentDirectoryA
GetFullPathNameA
VirtualQuery
RtlUnwind
IsValidCodePage
GetOEMCP
InterlockedDecrement
InterlockedIncrement
GetCPInfo
GetTimeZoneInformation
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetModuleFileNameA
HeapDestroy
HeapCreate
SetConsoleCtrlHandler
ExitProcess
GetFileInformationByHandle
CreateFileA
GetCommandLineA
HeapReAlloc
FindFirstFileA
GetDriveTypeA
FileTimeToLocalFileTime
FileTimeToSystemTime
CreateThread
ExitThread
GetFileAttributesA
GetFileAttributesW
GetDateFormatA
GetTimeFormatA
HeapAlloc
HeapFree
ReleaseMutex
CloseHandle

user32

GetUserObjectInformationW
GetProcessWindowStation
MessageBoxW

advapi32

CryptDestroyHash
InitializeSecurityDescriptor
CloseServiceHandle
ControlService
OpenServiceW
OpenSCManagerW
CryptAcquireContextW
CryptReleaseContext
RegisterEventSourceW
ReportEventW
DeregisterEventSource
CryptGetHashParam
SetSecurityDescriptorDacl
CryptHashData
CryptCreateHash
CryptAcquireContextA
OpenThreadToken
CryptGenRandom

ole32

CoCreateInstance
CoSetProxyBlanket
CoUninitialize
CoInitializeEx
CoTaskMemFree
CoCreateGuid
CoInitializeSecurity

oleaut32

SysAllocString
VariantClear
SysFreeString

ws2_32

gethostname
ioctlsocket
select
__WSAFDIsSet
recvfrom
sendto
htonl
inet_ntoa
accept
getaddrinfo
freeaddrinfo
getpeername
connect
htons
bind
WSAIoctl
getsockname
recv
setsockopt
socket
ntohs
WSACloseEvent
WSASetEvent
getsockopt
WSAEventSelect
WSAWaitForMultipleEvents
WSAEnumNetworkEvents
WSAResetEvent
WSACreateEvent
WSAStartup
WSACleanup
WSAGetLastError
send
closesocket
getservbyname
inet_addr
gethostbyname
gethostbyaddr
getservbyport
shutdown
listen
WSASetLastError

wldap32

ord45
ord30
ord200
ord32
ord60
ord301
ord35
ord79
ord41
ord46
ord22
ord211
ord217
ord143
ord50
ord26
ord33
ord27

Sections

.text
Size: 2.9MB - Virtual size: 2.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 533KB - Virtual size: 532KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 138KB - Virtual size: 163KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 120KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ioSpecial.ini
$PLUGINSDIR/modern-header.bmp
$PLUGINSDIR/modern-wizard.bmp
$_0_/_Setup/ASTX_ARM64.nz
.7z
AhnI2/x86/AhnI2.dll
.dll windows:5 windows x86 arch:x86

30b7be5188b478babb1b2f1c3d858671

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:75:60:f5:9a:a0:ea:7c:1e:57:2b:49:4c:b5:c0:bd
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

01/09/2023, 00:00

Not After

31/08/2024, 00:00

Subject

SERIALNUMBER=110111-1138985,CN=AhnLab\, Inc.,O=AhnLab\, Inc.,L=Seongnam-si,ST=Gyeonggi-do,C=KR,2.5.4.15=#131450726976617465206f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.1=#130b53656f6e676e616d2d7369,1.3.6.1.4.1.311.60.2.1.2=#130b4779656f6e6767692d646f,1.3.6.1.4.1.311.60.2.1.3=#13024b52

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

9c:72:6c:17:68:6f:e6:14:87:3d:a1:10:8b:37:f7:f7:5a:fe:dc:85:2c:2f:65:35:5f:68:30:99:05:90:6c:23
Signer

Actual PE Digest

9c:72:6c:17:68:6f:e6:14:87:3d:a1:10:8b:37:f7:f7:5a:fe:dc:85:2c:2f:65:35:5f:68:30:99:05:90:6c:23

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\Build\ais\ahni2\master-52\build\git\AIS\ahni2\Build\NT32Release.vc90\AhnI2.pdb

Imports

kernel32

InterlockedExchange
InterlockedIncrement
GetCurrentProcess
DeleteFileW
RemoveDirectoryW
GetModuleHandleW
FindFirstFileW
FindNextFileW
FindClose
GetVersion
CreateFileW
WriteFile
CloseHandle
CreateDirectoryW
GetDateFormatW
lstrcmpiW
GetModuleFileNameW
GetLocalTime
GetSystemDirectoryW
LoadLibraryW
GetProcAddress
FreeLibrary
GetCurrentProcessId
GetLastError
SetConsoleMode
GetConsoleMode
ReadConsoleW
ReadConsoleA
GetEnvironmentVariableW
GetACP
GetStdHandle
GetFileType
GetSystemDirectoryA
LoadLibraryA
FormatMessageA
InterlockedExchangeAdd
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
InterlockedCompareExchange
Sleep
VirtualAlloc
VirtualFree
GetVersionExW
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetTickCount
MoveFileW
GetWindowsDirectoryW
CreateMutexW
ReleaseMutex
WaitForSingleObject
GetSystemTimeAsFileTime
GetCurrentThreadId
LeaveCriticalSection
EnterCriticalSection
WideCharToMultiByte
MultiByteToWideChar
SetLastError
SetFilePointer
SetEndOfFile
GetFileSize
ReadFile

advapi32

CryptReleaseContext
CryptGetHashParam
CryptHashData
CryptCreateHash
CryptAcquireContextW
RegOpenKeyExW
RegCreateKeyExW
RegSetValueExW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
DeregisterEventSource
ReportEventW
RegisterEventSourceW
CryptGenRandom
RegDeleteValueW
RegQueryInfoKeyW
RegDeleteKeyW
RegCloseKey
RegQueryValueExW
RegEnumValueW
CryptDestroyHash

msvcr90

wcsncmp
fprintf
fputs
isdigit
tolower
wcscpy
_lrotr
_stat64i32
getenv
_gmtime64_s
strspn
strcspn
raise
_exit
wcsstr
fopen
sprintf_s
strncpy_s
strtoul
strcpy_s
strcat_s
sscanf
isspace
__iob_func
strncmp
strtol
__clean_type_info_names_internal
_except_handler4_common
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?terminate@@YAXXZ
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_encoded_null
_malloc_crt
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
_commit
_get_osfhandle
_write
_read
_lseek
_close
?_wsopen@@YAHPB_WHHH@Z
_msize
_time64
malloc
wcschr
_ismbblead
_wtoi
strpbrk
_mbspbrk
strerror_s
strcpy
fgets
_setmode
setvbuf
fflush
strchr
_mbschr
_strnicmp
_mbsnbicmp
realloc
free
_errno
_vsnprintf
signal
??3@YAXPAX@Z
memcpy
_vsnwprintf
wcsrchr
memset
__CxxFrameHandler3
wcslen
calloc
memcmp
atoi
strlen
strcmp
fseek
fread
fclose
_wfopen
_gmtime64
ferror
feof
fwrite
ftell
strncpy
strrchr
_fileno
_waccess_s
_ftelli64
_fseeki64
_lrotl
strstr
_strupr_s
memmove
qsort
memchr

ws2_32

inet_ntoa
ntohs
WSASetLastError
htonl
getservbyname
htons
inet_addr
WSAGetLastError
gethostbyname
gethostbyaddr
getservbyport
getsockopt
WSAStartup
WSACleanup
ioctlsocket
shutdown
send
recv
closesocket
setsockopt
connect
socket
select

user32

MessageBoxW
GetProcessWindowStation
GetUserObjectInformationW
CharNextA
CharPrevA

Exports

Exports

AB7FC8EE888E4a9b8E35ECA228EC5A00
AI210F4C7D9
AI2189606B6
AI22570F53F
AI23795C1FF
AI23F75C85E
AI244B9D58C
AI264E8E65A
AI27533E519
AI280A6E132
AI29B2A45A0
AI2A0C12D74
AI2B225DE6D
AI2B59ED73B
AI2B5A29E3C
AI2B5E58553
AI2BAA2C0CD
AI2C0124906
AI2C477D343
AI2C4821643
AI2C69D3464
AI2CB8999E8
AI2CD92D838
AI2CEB8F5F0
AI2CFCF49D1
AI2D05A71A7
AI2D3B051E6
AI2D496A3BC
AI2D8E8DBBF
AI2DA5A542D
AI2E0A2B5D6
AI2E15457F4
AI2E18F4D40
AI2E5DE6421
AI2E8D56B09
AI2EB0BA897
AI2ED186BB0
AI2EFD4CAFB
AI2F1DF75F6
AI2F87F6EB6
AI2FE12C6B7
AhnInst2_AddUpdateProduct
AhnInst2_ConcealSerial
AhnInst2_DeleteUserInfo
AhnInst2_DeleteUserInfoEx
AhnInst2_EnDeSecData
AhnInst2_GetDaysLeft
AhnInst2_GetInstallVersion
AhnInst2_GetLastError
AhnInst2_GetSecProfileInt
AhnInst2_GetSecProfileString
AhnInst2_GetTDaysLeft
AhnInst2_GetTValidDuration
AhnInst2_GetUserInfo
AhnInst2_GetUserInfoEx
AhnInst2_GetUserInfoExBin
AhnInst2_GetUserInfoExBin2
AhnInst2_InvalidSerialNum
AhnInst2_IsT
AhnInst2_IsTOver
AhnInst2_OpUserInfo
AhnInst2_RebuildSerial
AhnInst2_RemoveUpdateProduct
AhnInst2_SecFree
AhnInst2_SecMalloc
AhnInst2_SetUserInfo
AhnInst2_SetUserInfoEx
AhnInst2_SetUserInfoExAny
AhnInst2_SetUserInfoExBin
AhnInst2_UpdateUserInfo
AhnInst2_WriteSecProfileInt
AhnInst2_WriteSecProfileString
B225DE6D05014699BAFC8CE606B98DBB
B59ED73BD6B741b4802B2CF74D935321
B5A29E3CDC2646d89725907A991873F1
B5E5855371F24b5c9B048AC3DE04E698
C0124906261A439dB786CAC5F06AB3C2
C477D3439BC941f495D4F5BC47031514
C482164330234317905C01E0DDA7C6D4
CD92D8388ED54b1eBA25CC8BBD3DAFA1
CFCF49D171E04332B1DB2C888E2BA493
D05A71A757FC4a899570684E653202A1
D3B051E6A9744f82AE52D94DBD9AE682
D496A3BCBEF64bb8B57FB799C904A8D4
D8E8DBBFC12A43e8AE414991B5BAFA0F
DA5A542DF4D4426c8D198DEC34B534BA
E0A2B5D66F2142818CC3AE1AE276F7E9
E15457F40FAF4a379EA42E30EDA8AD9A
E18F4D40197441579261E01089C9B46A
E5DE64217CAD44679A2915ED82C825B9
E8D56B09B05149da97647CDD469DBDB0
EB0BA897D99E4602A321FF11A517ACB2
ED186BB0295A4ca2A0E38BCDCE4AFEED
EFD4CAFBA52C417aB0655ECDB5540B2F
F1DF75F654DF4637A6AEEC64AC4D0F13
F87F6EB694AA4705AFF1B2333CA3E173
FE12C6B73FC44d31BD0635841EFB25A7

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 473KB - Virtual size: 473KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HsbCtl.dll
HsbCtl32.dll
.dll windows:5 windows x86 arch:x86

af68e629356f0ae19eb9d02675386878

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:eb:98:08:f9:4a:36:6f:2c:44:5d:4a:d6:62:85:1b
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

24/06/2024, 00:00

Not After

22/06/2025, 23:59

Subject

SERIALNUMBER=110111-1138985,CN=AhnLab\, Inc.,O=AhnLab\, Inc.,L=Seongnam-si,ST=Gyeonggi-do,C=KR,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.1=#130b53656f6e676e616d2d7369,1.3.6.1.4.1.311.60.2.1.2=#130b4779656f6e6767692d646f,1.3.6.1.4.1.311.60.2.1.3=#13024b52

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0b:ae:66:bc:5a:ba:7f:95:87:c6:f9:e9:04:e3:33:04
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

26/09/2024, 00:00

Not After

25/11/2035, 23:59

Subject

CN=DigiCert Timestamp 2024,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

d7:56:2e:11:b6:ea:43:dd:e9:b3:c2:14:3d:8d:3b:25:96:f6:d0:ca:aa:95:db:0d:31:fc:8f:76:e3:54:be:56
Signer

Actual PE Digest

d7:56:2e:11:b6:ea:43:dd:e9:b3:c2:14:3d:8d:3b:25:96:f6:d0:ca:aa:95:db:0d:31:fc:8f:76:e3:54:be:56

Digest Algorithm

sha256

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

u:\Product\AOS\SafeTransaction\1.0\Trunk\Build\X64Release32On64\HsbCtl32.pdb

Imports

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

psapi

EnumProcesses
GetModuleFileNameExA

kernel32

WriteFile
SetFilePointer
ReadFile
CreateFileW
MoveFileExW
GetFileAttributesW
DeleteFileW
GetFileAttributesA
OpenMutexW
CreateMutexW
GetModuleHandleW
GetSystemDirectoryW
GetFullPathNameW
GetFullPathNameA
GetFileSize
FindFirstFileW
InterlockedDecrement
GetWindowsDirectoryA
LoadLibraryExA
Sleep
DeviceIoControl
InterlockedExchange
CreateThread
CreateEventA
WriteProcessMemory
ReadProcessMemory
SetEvent
OpenEventA
GetFileSizeEx
InterlockedCompareExchange
HeapSize
lstrcmpiA
GetUserDefaultLangID
VerSetConditionMask
VerifyVersionInfoA
GetSystemInfo
MultiByteToWideChar
IsBadReadPtr
GetProcessHeap
HeapAlloc
HeapFree
SetFileAttributesA
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
CreateFileA
DeleteCriticalSection
GetLocalTime
GetCurrentThreadId
LocalAlloc
OutputDebugStringA
LocalFree
GetTickCount
GetLongPathNameA
GetTempPathA
GetEnvironmentVariableA
lstrlenW
SetLastError
GetSystemDirectoryA
GetModuleFileNameA
lstrlenA
OpenMutexA
CreateMutexA
OpenFileMappingA
CreateFileMappingA
MapViewOfFile
WaitForSingleObject
UnmapViewOfFile
ReleaseMutex
GetSystemTimeAsFileTime
WideCharToMultiByte
MoveFileExA
DeleteFileA
FindFirstFileA
FindClose
LoadLibraryA
FreeLibrary
GetModuleHandleA
GetProcAddress
GetCurrentProcess
FindResourceExA
FindResourceA
LoadResource
LockResource
SizeofResource
GetCurrentProcessId
GetVersionExA
GetLastError
HeapReAlloc
HeapDestroy
RaiseException
OpenProcess
CloseHandle
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
QueryPerformanceCounter
InterlockedIncrement

user32

GetSystemMetrics

advapi32

GetSecurityDescriptorDacl
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegEnumValueA
RegQueryInfoKeyA
LookupAccountNameA
LookupPrivilegeValueA
AdjustTokenPrivileges
AllocateAndInitializeSid
FreeSid
ControlService
StartServiceA
QueryServiceStatus
DeleteService
CreateServiceA
OpenSCManagerA
OpenServiceA
ChangeServiceConfigA
CloseServiceHandle
GetFileSecurityA
SetFileSecurityA
LookupAccountNameW
GetFileSecurityW
GetSecurityDescriptorControl
SetFileSecurityW
RegOpenKeyExW
RegQueryValueExW
RegOpenKeyA
LookupAccountSidA
InitializeAcl
AddAccessDeniedAce
AddAccessAllowedAce
GetAclInformation
EqualSid
InitializeSecurityDescriptor
GetAce
AddAce
SetSecurityDescriptorGroup
GetUserNameA
SetSecurityDescriptorOwner
SetSecurityDescriptorSacl
SetSecurityDescriptorDacl
GetSidSubAuthorityCount
GetSidSubAuthority
GetSecurityInfo
IsValidAcl
GetSecurityDescriptorSacl
SetSecurityInfo
OpenProcessToken
GetTokenInformation
GetLengthSid
CopySid
IsValidSid
RegCloseKey

shell32

SHGetFolderPathA

ole32

CoTaskMemFree

msvcr90

__CxxFrameHandler3
??_V@YAXPAX@Z
??_U@YAPAXI@Z
_purecall
_mbsrchr
_vscprintf
vsprintf_s
_mbsicmp
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
_vsnprintf_s
strcpy_s
fclose
fwrite
_fsopen
_stat64i32
_snprintf_s
_makepath_s
_splitpath_s
_mbsnbcpy
_mbslen
??1exception@std@@UAE@XZ
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@XZ
??0exception@std@@QAE@ABV01@@Z
_invalid_parameter_noinfo
??2@YAPAXI@Z
memmove
_mbsnbcmp
_mbsnbicmp
sscanf_s
_mbsinc
_ismbcspace
atoi
strrchr
_mbsstr
_time64
_vsnwprintf
memcpy
rand
srand
_wcslwr_s
_strlwr_s
strlen
wcslen
_wcsicmp
strcmp
strncmp
sprintf
memcmp
_stricmp
_strnicmp
_recalloc
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
_except_handler4_common
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
__clean_type_info_names_internal
strnlen
_snprintf
memmove_s
memcpy_s
_CxxThrowException
wcsrchr
_mbsnbcpy_s
memset
_vsnprintf
malloc
realloc
free
_mbstok
??3@YAXPAX@Z

msvcp90

?swap@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXAAV12@@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

crypt32

CryptMsgGetParam
CertFindCertificateInStore
CertFreeCertificateContext
CertCloseStore
CryptMsgClose
CryptQueryObject
CertGetNameStringA

Exports

Exports

HsbCtlWrapper_GetObject

Sections

.text
Size: 159KB - Virtual size: 159KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HsbDrv64.sys
IAccessible2Proxy32.dll
.dll regsvr32 windows:5 windows x86 arch:x86

703a488d47cb94638d862da2ecd4edec

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:75:60:f5:9a:a0:ea:7c:1e:57:2b:49:4c:b5:c0:bd
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

01/09/2023, 00:00

Not After

31/08/2024, 00:00

Subject

SERIALNUMBER=110111-1138985,CN=AhnLab\, Inc.,O=AhnLab\, Inc.,L=Seongnam-si,ST=Gyeonggi-do,C=KR,2.5.4.15=#131450726976617465206f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.1=#130b53656f6e676e616d2d7369,1.3.6.1.4.1.311.60.2.1.2=#130b4779656f6e6767692d646f,1.3.6.1.4.1.311.60.2.1.3=#13024b52

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

cd:3d:f3:e1:3e:fb:61:9e:0a:25:6b:92:75:be:6e:f1:36:0b:cd:46:02:ea:79:d6:e0:05:19:77:3b:50:59:d2
Signer

Actual PE Digest

cd:3d:f3:e1:3e:fb:61:9e:0a:25:6b:92:75:be:6e:f1:36:0b:cd:46:02:ea:79:d6:e0:05:19:77:3b:50:59:d2

Digest Algorithm

sha256

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

u:\scm\bmf\bmf1.0.git\Build\NT32Release.vc90\IAccessible2Proxy.pdb

Imports

rpcrt4

CStdStubBuffer_Disconnect
NdrDllCanUnloadNow
NdrCStdStubBuffer_Release
NdrCStdStubBuffer2_Release
NdrDllRegisterProxy
NdrOleAllocate
NdrOleFree
IUnknown_QueryInterface_Proxy
IUnknown_AddRef_Proxy
IUnknown_Release_Proxy
CStdStubBuffer_QueryInterface
CStdStubBuffer_AddRef
CStdStubBuffer_Connect
NdrDllGetClassObject
CStdStubBuffer_Invoke
CStdStubBuffer_IsIIDSupported
CStdStubBuffer_CountRefs
CStdStubBuffer_DebugServerQueryInterface
CStdStubBuffer_DebugServerRelease
NdrStubForwardingFunction
NdrStubCall2
NdrDllUnregisterProxy

kernel32

IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
InterlockedCompareExchange
Sleep
InterlockedExchange
DisableThreadLibraryCalls

ole32

HWND_UserUnmarshal
HWND_UserMarshal
HWND_UserSize
HWND_UserFree

oleaut32

BSTR_UserFree
BSTR_UserUnmarshal
BSTR_UserMarshal
BSTR_UserSize
VARIANT_UserMarshal
VARIANT_UserUnmarshal
VARIANT_UserFree
VARIANT_UserSize

msvcr90

_onexit
_lock
__dllonexit
_unlock
__clean_type_info_names_internal
__CppXcptFilter
_adjust_fdiv
_crt_debugger_hook
_except_handler4_common
_amsg_exit
_initterm_e
_initterm
_decode_pointer
_encoded_null
_malloc_crt
_encode_pointer
memcmp
free

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.orpc
Size: 512B - Virtual size: 373B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Mkd2Nadr.sys
Mkd2bthf.sys
Mkd2i2cf.sys
NzBrcom.dll
NzBrcom32.dll
.dll windows:5 windows x86 arch:x86

843396494cff1b6f8edd7c74208004d2

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:7b:2e:10:a0:d9:6c:4d:53:bd:1e:49:42:fc:ca:c9
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

24/06/2024, 00:00

Not After

22/06/2025, 23:59

Subject

SERIALNUMBER=110111-1138985,CN=AhnLab\, Inc.,O=AhnLab\, Inc.,L=Seongnam-si,ST=Gyeonggi-do,C=KR,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.1=#130b53656f6e676e616d2d7369,1.3.6.1.4.1.311.60.2.1.2=#130b4779656f6e6767692d646f,1.3.6.1.4.1.311.60.2.1.3=#13024b52

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0b:ae:66:bc:5a:ba:7f:95:87:c6:f9:e9:04:e3:33:04
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

26/09/2024, 00:00

Not After

25/11/2035, 23:59

Subject

CN=DigiCert Timestamp 2024,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

81:27:0b:0b:5f:eb:b4:96:82:61:68:85:f9:56:b7:b5:55:fe:de:7d:d8:71:29:16:de:33:d5:a7:33:19:e4:e9
Signer

Actual PE Digest

81:27:0b:0b:5f:eb:b4:96:82:61:68:85:f9:56:b7:b5:55:fe:de:7d:d8:71:29:16:de:33:d5:a7:33:19:e4:e9

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

u:\Product\AOS\SafeTransaction\1.0\Trunk\Build\X64Release\NzBrcom32.pdb

Imports

oleacc

AccessibleObjectFromWindow
AccessibleObjectFromEvent
AccessibleChildren
ObjectFromLresult

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

mfc90u

ord1248
ord799
ord782
ord580
ord4448
ord4423
ord6801
ord4173
ord6803
ord4747
ord2251
ord2206
ord946
ord942
ord311
ord316
ord265
ord261
ord6811
ord6137
ord3658
ord1651
ord1243
ord5767
ord1707
ord2677
ord6514
ord6170
ord6013
ord2478
ord1329
ord1211
ord2676
ord6171
ord814
ord1604
ord3589
ord1599
ord1603
ord813
ord4490
ord2479
ord2694
ord811
ord3729
ord3220
ord285
ord1607
ord938
ord2537
ord822
ord943
ord601
ord310
ord300
ord818
ord4405
ord5979
ord6699
ord6693
ord6166
ord335
ord612
ord2539
ord262
ord4406
ord6035
ord4179
ord1048
ord5548
ord6741
ord5830
ord4213
ord2087
ord3217
ord5674
ord5676
ord4347
ord4996
ord5680
ord5663
ord6018
ord2771
ord2983
ord3112
ord4728
ord2966
ord3115
ord2774
ord2893
ord2764
ord4080
ord4081
ord4071
ord446
ord698
ord810
ord4476
ord5918
ord904
ord6822
ord5778
ord266
ord258
ord935
ord2571
ord6014
ord4520
ord6700
ord6696
ord6702
ord2481
ord2891
ord4348
ord4905
ord4681
ord3670
ord2447
ord1137
ord4211
ord605
ord1274
ord321
ord1241
ord1239
ord1264
ord1180
ord1233
ord2084
ord391
ord1152
ord1273
ord1271
ord1145
ord1076
ord322
ord802
ord949
ord1088
ord4442
ord286
ord296
ord2702
ord5851
ord280
ord1250
ord1254
ord600
ord794
ord589
ord4043
ord801
ord2480
ord6164
ord936
ord2703
ord5854
ord2326
ord933
ord4251
ord899
ord6697
ord4518
ord6692
ord3322
ord1314
ord940
ord6691
ord821
ord5941
ord6165

msvcr90

wcscmp
_gmtime64
_waccess_s
_ftelli64
_fseeki64
_lrotl
strstr
_strupr_s
qsort
memchr
fflush
setvbuf
_setmode
fgets
_exit
raise
_lrotr
strcat_s
strcpy_s
strtoul
strncpy_s
sprintf_s
strtol
strcpy
strcspn
strspn
strncmp
strerror_s
__iob_func
isspace
sscanf
_gmtime64_s
getenv
wcscpy
fprintf
signal
_localtime64_s
_CxxThrowException
wcsspn
wcscspn
_vscwprintf
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
?terminate@@YAXXZ
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_except_handler4_common
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__clean_type_info_names_internal
_swprintf
_wcsupr
strncpy
tolower
isdigit
_ui64toa
atoi
fputs
fopen
strcmp
_stat64i32
_stricmp
fread
ftell
_wfopen
_commit
_get_osfhandle
_write
_lseek
_close
?_wsopen@@YAHPB_WHHH@Z
calloc
wcschr
memset
memcpy
_mbschr
__CxxFrameHandler3
strrchr
srand
rand
_wcslwr_s
_strlwr_s
fwrite
fseek
_wfsopen
fclose
_wstat64i32
_vsnprintf
atol
_time64
memmove_s
strchr
wcsncmp
_wmakepath_s
_snwprintf_s
wcscpy_s
memcpy_s
wcsstr
_wcsdup
wcsrchr
_vsnwprintf_s
_waccess
swscanf_s
vswprintf_s
_wtoi
_wsplitpath_s
_wcsicmp
?what@exception@std@@UBEPBDXZ
realloc
malloc
wcsncpy_s
memmove
__CxxFrameHandler
_invalid_parameter_noinfo
??0exception@std@@QAE@ABV01@@Z
??0exception@std@@QAE@XZ
??1exception@std@@UAE@XZ
??0exception@std@@QAE@ABQBD@Z
_purecall
_recalloc
_wcsnicmp
free
_endthreadex
_beginthreadex
_vsnwprintf
wcsftime
memcmp
_fileno
strlen
feof
ferror
wcslen
toupper
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
_errno

kernel32

GetSystemDirectoryA
FindFirstFileA
OpenMutexW
GetModuleHandleA
CreateMutexA
DeleteFileA
GetFileAttributesA
TerminateThread
ExitProcess
SetEndOfFile
GetSystemTimeAsFileTime
VirtualFree
MoveFileExA
GetFileSize
GetFullPathNameA
CreateFileA
OpenEventW
VirtualAlloc
MoveFileW
VirtualProtect
CreateFileMappingW
MapViewOfFile
HeapDestroy
HeapReAlloc
HeapSize
DeviceIoControl
HeapCreate
InterlockedPopEntrySList
InterlockedFlushSList
UnmapViewOfFile
InterlockedIncrement
InterlockedDecrement
SetEvent
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
InterlockedExchange
ExpandEnvironmentStringsW
WriteConsoleW
FileTimeToSystemTime
SystemTimeToFileTime
GetUserDefaultUILanguage
CompareStringW
GetSystemWindowsDirectoryW
GetExitCodeProcess
SetConsoleMode
GetConsoleMode
ReadConsoleW
ReadConsoleA
GetACP
FormatMessageA
InterlockedExchangeAdd
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetStdHandle
GetFileType
GetVersion
SetThreadContext
InterlockedCompareExchange
FlushInstructionCache
DuplicateHandle
Thread32Next
Thread32First
VirtualProtectEx
VirtualQuery
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
LoadLibraryA
ResumeThread
GetThreadContext
SuspendThread
GetCurrentThread
ConnectNamedPipe
CreateNamedPipeW
DisconnectNamedPipe
GetFullPathNameW
QueryPerformanceCounter
GetCurrentThreadId
SetFilePointer
CreateProcessW
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
WaitForMultipleObjects
ResetEvent
CreateEventW
ReleaseMutex
CreateMutexW
ReleaseSemaphore
CreateSemaphoreW
InitializeCriticalSectionAndSpinCount
WaitForSingleObject
GetWindowsDirectoryW
VerifyVersionInfoW
VerSetConditionMask
lstrcmpiW
GetVersionExW
GetSystemInfo
OutputDebugStringW
GetThreadTimes
OpenThread
Module32NextW
Module32FirstW
ProcessIdToSessionId
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
WaitNamedPipeW
ReadFile
WriteFile
SetNamedPipeHandleState
Sleep
GetTickCount
GetEnvironmentVariableW
lstrlenW
GetSystemDirectoryW
CreateDirectoryW
FlushFileBuffers
FindNextFileW
GetFileAttributesW
FindClose
FindFirstFileW
DeleteFileW
MoveFileExW
GetLongPathNameW
IsBadReadPtr
GetProcessHeap
HeapFree
HeapAlloc
LocalAlloc
SetLastError
CreateFileW
LocalFree
GetProcAddress
FreeLibrary
LoadLibraryW
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
DeleteCriticalSection
RaiseException
CloseHandle
GetProcessTimes
OpenProcess
CompareFileTime
GetCurrentProcess
GetModuleHandleW
LoadLibraryExW
GetLastError
GetCurrentProcessId
GetLocalTime
GetModuleFileNameW

user32

CopyRect
GetDesktopWindow
DefWindowProcW
RegisterClassExW
UnregisterClassW
CreateWindowExW
GetMessageW
TranslateMessage
DispatchMessageW
RegisterWindowMessageA
RegisterWindowMessageW
GetWindowThreadProcessId
GetClassNameW
SetWindowsHookExW
CallNextHookEx
UnhookWindowsHookEx
SetWinEventHook
UnhookWinEvent
GetParent
IsWindow
GetWindowLongW
GetWindow
GetSystemMetrics
FindWindowExW
IsWindowVisible
SendMessageW
MessageBoxW
CharPrevA
CharNextA
SendMessageTimeoutW
GetFocus
MsgWaitForMultipleObjectsEx
PeekMessageW
GetForegroundWindow
AttachThreadInput
GetClassLongW
SetWindowLongW
GetWindowLongA
GetClassLongA
FindWindowW
PostMessageW
keybd_event
GetKeyboardLayout
GetKeyState
GetAncestor
GetAsyncKeyState
MapVirtualKeyExW
MapVirtualKeyW
ToAsciiEx
ToAscii
GetKeyboardLayoutList
GetKeyboardState
SetKeyboardState
EnumWindows
GetUserObjectInformationW
GetProcessWindowStation
GetMonitorInfoW
MonitorFromWindow
GetWindowRect
GetShellWindow

gdi32

GetStockObject

advapi32

CreateProcessAsUserW
RegOpenKeyExA
LookupAccountNameW
GetLengthSid
GetAclInformation
GetAce
EqualSid
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
SetFileSecurityW
SetFileSecurityA
GetFileSecurityA
GetSecurityDescriptorDacl
CryptReleaseContext
CryptDestroyHash
CryptGetHashParam
CryptHashData
CryptCreateHash
CryptAcquireContextW
OpenSCManagerW
OpenServiceW
GetFileSecurityW
InitializeAcl
AddAce
AddAccessDeniedAce
AddAccessAllowedAce
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
LookupAccountNameA
GetSecurityDescriptorControl
RegQueryValueExA
AllocateAndInitializeSid
CheckTokenMembership
FreeSid
QueryServiceStatus
CryptGenRandom
RegisterEventSourceW
ReportEventW
DeregisterEventSource
CloseServiceHandle

shell32

SHGetSpecialFolderPathW
ShellExecuteExW

shlwapi

PathAppendW
PathRemoveBackslashW

ole32

CoGetCallerTID
CLSIDFromString
CoUninitialize
CoInitialize

oleaut32

SystemTimeToVariantTime
VarUdateFromDate
VariantInit
VariantClear
SysStringLen
SysFreeString
SysAllocString
SysAllocStringByteLen
SysStringByteLen
VarBstrCmp
VariantTimeToSystemTime

ws2_32

closesocket
send
connect
socket
select
ioctlsocket
WSACleanup
WSAStartup
getsockopt
gethostbyaddr
gethostbyname
WSAGetLastError
inet_addr
htons
getservbyname
htonl
WSASetLastError
ntohs
inet_ntoa
shutdown
getservbyport
recv
setsockopt

msvcp90

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z

crypt32

CertOpenSystemStoreW
CryptQueryObject
CertGetNameStringW
CertFreeCertificateContext
CertFindCertificateInStore
CertCloseStore
CryptMsgGetParam
CertNameToStrW
CryptMsgClose
CertVerifySubjectCertificateContext
CryptBinaryToStringW
CryptStringToBinaryW
CertCreateCertificateContext

psapi

GetModuleFileNameExW
EnumProcessModules
GetModuleInformation
GetModuleBaseNameW

imagehlp

SymFunctionTableAccess
SymGetModuleBase
StackWalk
ImageDirectoryEntryToData

winmm

timeSetEvent
timeKillEvent
timeGetDevCaps

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetConversionStatus
ImmGetContext

Exports

Exports

NzBrco_GetInstance

Sections

.text
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 662KB - Virtual size: 661KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.BrcoSha
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 129KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
NzInst32.dll
.dll windows:5 windows x86 arch:x86

b456dbbe130704334f2b3c6851fe728b

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:7b:2e:10:a0:d9:6c:4d:53:bd:1e:49:42:fc:ca:c9
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

24/06/2024, 00:00

Not After

22/06/2025, 23:59

Subject

SERIALNUMBER=110111-1138985,CN=AhnLab\, Inc.,O=AhnLab\, Inc.,L=Seongnam-si,ST=Gyeonggi-do,C=KR,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.1=#130b53656f6e676e616d2d7369,1.3.6.1.4.1.311.60.2.1.2=#130b4779656f6e6767692d646f,1.3.6.1.4.1.311.60.2.1.3=#13024b52

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0b:ae:66:bc:5a:ba:7f:95:87:c6:f9:e9:04:e3:33:04
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

26/09/2024, 00:00

Not After

25/11/2035, 23:59

Subject

CN=DigiCert Timestamp 2024,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

e2:e9:ae:8a:a0:7b:e5:05:e5:ed:72:f1:a4:3a:a4:5c:ad:bf:d2:61:e0:2a:2a:d1:3b:2c:91:5c:ce:38:44:bd
Signer

Actual PE Digest

e2:e9:ae:8a:a0:7b:e5:05:e5:ed:72:f1:a4:3a:a4:5c:ad:bf:d2:61:e0:2a:2a:d1:3b:2c:91:5c:ce:38:44:bd

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

u:\Product\AOS\SafeTransaction\1.0\Trunk\Build\X64Release\NzInst32.pdb

Imports

mfc90u

ord3729
ord811
ord813
ord6171
ord799
ord2676
ord6698
ord1599
ord3589
ord1707
ord265
ord5767
ord1243
ord6811
ord2571
ord266
ord5778
ord6822
ord782
ord5851
ord663
ord2694
ord286
ord5535
ord3187
ord5770
ord1552
ord6693
ord6699
ord2702
ord938
ord2537
ord600
ord296
ord1248
ord1250
ord1254
ord801
ord404
ord580

msvcr90

memset
_vswprintf_c_l
vswprintf_s
_localtime64_s
_vscwprintf
memcpy_s
_time64
strrchr
srand
rand
_wcslwr_s
_strlwr_s
memmove
wcsstr
_swprintf
fwrite
fclose
memcmp
_errno
_wmakepath_s
wcscpy_s
_vsnprintf
?what@exception@std@@UBEPBDXZ
wcspbrk
iswspace
tolower
isspace
wcschr
_invalid_parameter_noinfo
??0exception@std@@QAE@ABV01@@Z
??0exception@std@@QAE@XZ
??1exception@std@@UAE@XZ
??0exception@std@@QAE@ABQBD@Z
wcsrchr
_wtoi
_vsnwprintf_s
_wcsnicmp
_waccess
swscanf_s
wcsncmp
_snwprintf_s
_wcsupr_s
_wcsdup
calloc
_wcsicmp
_beginthreadex
iswdigit
_wsplitpath_s
memmove_s
_vsnwprintf
free
malloc
memcpy
strlen
_wcsupr
wcslen
_wcslwr
__CxxFrameHandler3
_wfsopen
_wstat64i32
_purecall
_CxxThrowException
wcsspn
wcscspn
wcscmp
_mbschr
strchr
?_wsopen@@YAHPB_WHHH@Z
__clean_type_info_names_internal
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
_except_handler4_common
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_encoded_null
_malloc_crt
?terminate@@YAXXZ
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
_close
_get_osfhandle
_write
_lseek
_commit

kernel32

WriteConsoleW
GetFileSizeEx
GetDriveTypeW
GetUserDefaultUILanguage
CompareStringW
GetSystemWindowsDirectoryW
PulseEvent
ExpandEnvironmentStringsW
GetSystemTimeAsFileTime
InterlockedExchange
InterlockedCompareExchange
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
QueryPerformanceCounter
RaiseException
HeapReAlloc
HeapSize
GetStdHandle
InitializeCriticalSectionAndSpinCount
HeapDestroy
CreateSemaphoreW
ReleaseSemaphore
WaitForMultipleObjects
ResetEvent
SetEvent
CreateEventW
InitializeCriticalSection
InterlockedDecrement
LocalAlloc
LocalFree
SystemTimeToFileTime
FileTimeToSystemTime
MoveFileW
SetEndOfFile
LockResource
SizeofResource
LoadResource
FindResourceW
FindResourceExW
lstrlenA
DeleteFileA
GetCurrentProcessId
ReleaseMutex
GetCurrentThreadId
DeleteCriticalSection
CreateMutexA
GetModuleHandleA
EnterCriticalSection
FindFirstFileA
GetSystemDirectoryA
GetFileAttributesA
LeaveCriticalSection
GetProcessHeap
HeapFree
HeapAlloc
MoveFileExA
CreateFileA
GetFullPathNameA
GetFullPathNameW
GetWindowsDirectoryW
GetSystemInfo
GetCurrentProcess
OutputDebugStringW
lstrcpynW
WideCharToMultiByte
MultiByteToWideChar
WriteFile
GetTempPathW
GetEnvironmentVariableW
GetLogicalDriveStringsW
CreateDirectoryW
RemoveDirectoryW
FindNextFileW
SetFileAttributesW
FindClose
FindFirstFileW
MoveFileExW
GetModuleFileNameW
GetSystemDirectoryW
VerifyVersionInfoW
VerSetConditionMask
GetLocalTime
DeleteFileW
LoadLibraryExW
GetVersionExW
GetFileAttributesW
GetFileSize
SetFilePointer
ReadFile
CreateFileW
FreeLibrary
LoadLibraryW
SetLastError
Sleep
OpenEventW
CopyFileW
Process32NextW
TerminateProcess
OpenProcess
Process32FirstW
CreateToolhelp32Snapshot
OpenMutexW
GetTickCount
GetModuleHandleW
CloseHandle
GetExitCodeProcess
WaitForSingleObject
CreateProcessW
GetProcAddress
GetLastError
lstrlenW
lstrcmpiW
CreateMutexW

user32

GetDesktopWindow
SetWindowLongW
CallWindowProcW
GetClassNameW
RegisterWindowMessageA
PostQuitMessage
CharPrevA
MsgWaitForMultipleObjects
DispatchMessageW
TranslateMessage
PeekMessageW
IsWindow
GetSystemMetrics
GetMonitorInfoW
MonitorFromWindow
GetWindowRect
GetForegroundWindow
GetShellWindow
CopyRect
IsCharAlphaW
CharNextA
PostMessageW

advapi32

GetFileSecurityW
InitializeSecurityDescriptor
RegQueryValueExA
EqualSid
GetSecurityDescriptorControl
SetServiceObjectSecurity
ConvertStringSecurityDescriptorToSecurityDescriptorW
GetSecurityDescriptorSacl
GetAclInformation
LookupAccountNameA
RegQueryInfoKeyW
CreateProcessAsUserW
RegQueryValueExW
QueryServiceStatusEx
CloseServiceHandle
OpenServiceW
OpenSCManagerW
RegEnumKeyExW
RegDeleteKeyW
RegOpenKeyExW
RegSetValueExW
RegCreateKeyExW
RegCloseKey
LookupAccountNameW
SetSecurityDescriptorDacl
GetAce
RegOpenKeyExA
SetFileSecurityW
InitializeAcl
AddAccessAllowedAce
AddAce
SetFileSecurityA
GetFileSecurityA
GetLengthSid
GetSecurityDescriptorDacl
ChangeServiceConfigW
FreeSid
AllocateAndInitializeSid
CreateServiceW
DeleteService
ControlService
QueryServiceStatus
StartServiceW
CheckTokenMembership
EnumServicesStatusExW
UnlockServiceDatabase
GetSecurityDescriptorGroup
GetSecurityDescriptorOwner
MakeSelfRelativeSD
GetSecurityDescriptorLength
QueryServiceObjectSecurity
ConvertSecurityDescriptorToStringSecurityDescriptorW
ChangeServiceConfig2W
QueryServiceConfig2W
LockServiceDatabase

shell32

SHGetFileInfoW
ShellExecuteExW
SHGetFolderPathW
SHCreateDirectoryExW

shlwapi

StrStrIW
PathAppendW
PathRemoveBackslashW
PathFileExistsW
SHStrDupW

ole32

CoInitializeSecurity
CoSetProxyBlanket
PropVariantClear
CoTaskMemFree
CoCreateInstance
CoInitializeEx
CoUninitialize
CoInitialize

oleaut32

VariantClear
SysAllocString
SysFreeString

msvcp90

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

winmm

PlaySoundW

setupapi

CM_Get_Device_ID_Size
SetupDiDestroyDeviceInfoList
SetupDiGetDeviceInstanceIdW
SetupDiGetDeviceRegistryPropertyW
SetupDiEnumDeviceInfo
SetupDiGetClassDevsW
SetupDiSetDeviceRegistryPropertyW
SetupDiOpenDeviceInfoW
SetupDiCreateDeviceInfoList
SetupDiCallClassInstaller
SetupDiSetClassInstallParamsW
CM_Get_DevNode_Registry_PropertyW
CM_Get_Device_IDW
SetupDiGetDeviceInstallParamsW
CM_Set_DevNode_Registry_PropertyW
CM_Get_Child
CM_Get_Sibling
CM_Locate_DevNodeW

rpcrt4

UuidFromStringW

Exports

Exports

A779215D9EAC4901BAA891941639DA11
B5E4F093C3EB4449A3ED113402032EB7
BDD4FB334146498997A41C5EDF3AC90B
C276F5DB994A46A3BD79B9E083CBC4A7
C91E93D095D44c7b9200B48E17A95B2F
CB668BD7AA50440eB243AFB1A3C19212
CBD7D3FEAEF243b790AE693DE3C4AB91
CCA4E2ED704148668BC7E0A59DEE7E05
CF926062D3F9467a995230C8BA9940DE
D49B9E488747484A93226C23ADFA4DB8
E60F297D373A4bc393469C3D185FC14C
E7232ED35CB543EAAFDC2BC62A066AD6
E9501A18875B4952827B2246C4E70CBF
F0335BD46CA043a0AC03F9D6B81A2B99
F0D7CCEFA0F54F148EAA0E3A538C266F
F66A22100B7E49cd92ED05A096CB01B1
F8A800516BE542b58E4E50370D1B975E
F9190EC17683410182BF44B9E88E10FF
FC7EFA41BFF043d2B5C811953E549BF8

Sections

.text
Size: 204KB - Virtual size: 203KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 111KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 379KB - Virtual size: 379KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
NzPlugin.dll
PdCfg.dll
SDK/AK/mkd25.dll
.dll windows:5 windows x86 arch:x86

70c17033c481b1459ad6a8ab8fe305d9

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:7b:2e:10:a0:d9:6c:4d:53:bd:1e:49:42:fc:ca:c9
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

24/06/2024, 00:00

Not After

22/06/2025, 23:59

Subject

SERIALNUMBER=110111-1138985,CN=AhnLab\, Inc.,O=AhnLab\, Inc.,L=Seongnam-si,ST=Gyeonggi-do,C=KR,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.1=#130b53656f6e676e616d2d7369,1.3.6.1.4.1.311.60.2.1.2=#130b4779656f6e6767692d646f,1.3.6.1.4.1.311.60.2.1.3=#13024b52

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0b:ae:66:bc:5a:ba:7f:95:87:c6:f9:e9:04:e3:33:04
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

26/09/2024, 00:00

Not After

25/11/2035, 23:59

Subject

CN=DigiCert Timestamp 2024,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

73:19:81:42:1f:9f:9c:13:8b:cf:8c:9b:cb:51:bf:fa:19:90:5c:c4:f8:a4:12:39:9b:cb:99:64:53:9c:66:a1
Signer

Actual PE Digest

73:19:81:42:1f:9f:9c:13:8b:cf:8c:9b:cb:51:bf:fa:19:90:5c:c4:f8:a4:12:39:9b:cb:99:64:53:9c:66:a1

Digest Algorithm

sha256

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\Build\Product\AOS\SafeTransaction\1.0\building\build\Product\AOS\SafeTransaction\1.0\Trunk\Src\AkSdk\Trunk\Build\Release64\mkd25.pdb

Imports

cfgmgr32

CM_Locate_DevNodeW
CM_Get_Sibling
CM_Get_Child
CM_Set_DevNode_Registry_PropertyW
CM_Get_Device_ID_Size
CM_Get_Device_IDW
CM_Get_DevNode_Registry_PropertyW

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

kernel32

CloseHandle
Process32Next
Process32First
CreateToolhelp32Snapshot
GetExitCodeThread
WaitForSingleObject
GetFileAttributesA
LoadLibraryExA
CreateMutexA
ReleaseMutex
CopyFileA
SetFileAttributesA
MoveFileExA
GetCurrentThreadId
TerminateThread
SetEvent
CreateEventA
WinExec
DeviceIoControl
OpenMutexW
CreateMutexW
CreateFileW
GetVersionExW
GetModuleHandleW
OutputDebugStringW
CreateEventW
ResetEvent
WaitForMultipleObjects
ReleaseSemaphore
CreateSemaphoreW
HeapCreate
HeapDestroy
InterlockedPopEntrySList
InterlockedFlushSList
FormatMessageA
SystemTimeToFileTime
FileTimeToSystemTime
FileTimeToLocalFileTime
LocalFileTimeToFileTime
CreateFileA
GetFileSize
SetFilePointer
lstrcpynA
SetEndOfFile
GetTickCount
LockFile
SetFileTime
WriteFile
ReadFile
FlushFileBuffers
FindFirstFileA
FindClose
MoveFileA
GetFileTime
DuplicateHandle
DeleteFileA
GetFullPathNameA
GetVolumeInformationA
GetStringTypeExA
GetShortPathNameA
GetThreadLocale
FreeLibrary
SetLastError
InterlockedDecrement
GetSystemTimeAsFileTime
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
InterlockedCompareExchange
InterlockedExchange
DisableThreadLibraryCalls
IsBadStringPtrA
CreateDirectoryA
SetThreadLocale
OpenMutexA
Sleep
lstrcpyA
LocalAlloc
LocalFree
IsBadReadPtr
GetProcessHeap
HeapAlloc
HeapFree
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
LoadLibraryA
InterlockedIncrement
GetProcAddress
GetModuleFileNameA
lstrlenA
GetLastError
GetSystemDirectoryA
GetModuleHandleA
GetCurrentProcess
MultiByteToWideChar
OutputDebugStringA
lstrlenW
UnlockFile
QueryPerformanceFrequency
GetLocalTime
GetCurrentProcessId
QueryPerformanceCounter
WideCharToMultiByte
GetLongPathNameA
GetTempPathA
GetWindowsDirectoryA
GetUserDefaultLangID
VerSetConditionMask
VerifyVersionInfoA
GetVersionExA
lstrcmpiA
GetSystemInfo
DeleteCriticalSection

user32

GetMessageA
DefWindowProcA
SetWindowLongA
PostMessageA
GetSystemMetrics
SetCursor
GetKeyboardLayoutList
GetKeyboardLayout
GetKeyboardState
SetKeyboardState
GetKeyState
PostQuitMessage
MsgWaitForMultipleObjectsEx
ShowWindow
CreateWindowExA
RegisterClassA
LoadIconA
CharToOemA
OemToCharA
CharUpperA
IsWindow
CloseWindow
LoadImageA
LoadCursorA
RegisterWindowMessageA
UpdateWindow
ToAsciiEx
ToAscii
MapVirtualKeyExA
MapVirtualKeyA
LoadStringA
TranslateMessage
DispatchMessageA
PeekMessageA

gdi32

DeleteObject
GetStockObject

comdlg32

GetFileTitleA

advapi32

RegOpenKeyExW
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RegOpenKeyA
RegEnumValueA
RegDeleteValueA
RegCreateKeyExA
StartServiceW
ControlService
DeleteService
CreateServiceW
RegOpenKeyW
RegSetValueExW
AllocateAndInitializeSid
GetLengthSid
InitializeAcl
AddAccessDeniedAce
AddAccessAllowedAce
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
FreeSid
QueryServiceStatus
RegQueryValueExW
OpenSCManagerW
OpenServiceW
ChangeServiceConfigW
RegQueryValueA
OpenSCManagerA
OpenServiceA
CloseServiceHandle
RegCloseKey

shell32

ShellExecuteA
SHGetFolderPathA
SHGetSpecialFolderPathA

ole32

CoTaskMemFree
CLSIDFromString
CoSetProxyBlanket
CoCreateInstance
CoInitializeSecurity
CoInitializeEx
CoUninitialize

oleaut32

SysReAllocStringLen
VariantClear
SysAllocString
SysAllocStringLen
SysFreeString
VariantChangeType
VariantInit
GetErrorInfo
CreateErrorInfo
SetErrorInfo

msvcr90

_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_except_handler4_common
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
__clean_type_info_names_internal
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
__CxxFrameHandler
printf
_encoded_null
_malloc_crt
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
vsprintf_s
_access
_swprintf
_mbstok
calloc
sprintf
sscanf
_splitpath
_mbsnbcpy
__doserrno
_time64
strftime
_ismbblead
_localtime64_s
??3@YAXPAX@Z
_mbslen
_CxxThrowException
_vsnprintf
_purecall
__CxxFrameHandler3
memset
free
realloc
malloc
memmove
_mbsrchr
_mbsnbcmp
_mbsnbicmp
sscanf_s
atoi
??_U@YAPAXI@Z
memcpy
??_V@YAXPAX@Z
rand
_mbsicmp
_vsnwprintf
fseek
fclose
_stat64i32
_fsopen
fwrite
_mbschr
_snprintf
_mbsstr
_mbslwr_s
_endthreadex
_beginthreadex
??2@YAPAXI@Z
_mbsnbcat
swscanf
memcmp
strlen
wcsstr
_wcsupr
_wcsicmp
wcslen
_wcslwr
wcsrchr
_wcsnicmp
_wfsopen
_wstat64i32
_mbspbrk
_snprintf_s
_vsnprintf_s
_mbsrev
_mbsicoll
_ismbcspace
_mbscoll
_mbsspn
_mbclen
_ismbcdigit
_mbsupr_s
_mbsinc
_mbscmp
_mbscspn
_mktime64
_gmtime64_s

crypt32

CertFreeCertificateContext
CryptQueryObject
CertGetNameStringA
CryptMsgClose
CertCloseStore
CertFindCertificateInStore
CryptMsgGetParam

wintrust

WinVerifyTrust

setupapi

SetupDiGetDeviceInstanceIdW
SetupDiGetDeviceRegistryPropertyW
SetupDiEnumDeviceInfo
SetupDiGetDeviceInstallParamsW
SetupDiSetClassInstallParamsW
SetupDiCallClassInstaller
SetupDiCreateDeviceInfoList
SetupDiOpenDeviceInfoW
SetupDiSetDeviceRegistryPropertyW
SetupDiGetClassDevsW
SetupDiDestroyDeviceInfoList

rpcrt4

UuidFromStringW

Exports

Exports

Mkd20_GetObject
Mkd20_IsRunning

Sections

.text
Size: 331KB - Virtual size: 331KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 58KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SDK/AK/x64/mfc140u.dll
SDK/AK/x64/mkd2564.dll
SDK/AK/x64/mkd25def64.dll
SDK/AK/x64/mkd25sdk64.dll
SDK/AK/x64/msvcp140.dll
SDK/AK/x64/vcruntime140.dll
ScrMon32.dll
.dll windows:5 windows x86 arch:x86

d68f8b6210f3f9900a58d9ac869b703c

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:7b:2e:10:a0:d9:6c:4d:53:bd:1e:49:42:fc:ca:c9
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

24/06/2024, 00:00

Not After

22/06/2025, 23:59

Subject

SERIALNUMBER=110111-1138985,CN=AhnLab\, Inc.,O=AhnLab\, Inc.,L=Seongnam-si,ST=Gyeonggi-do,C=KR,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.1=#130b53656f6e676e616d2d7369,1.3.6.1.4.1.311.60.2.1.2=#130b4779656f6e6767692d646f,1.3.6.1.4.1.311.60.2.1.3=#13024b52

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0b:ae:66:bc:5a:ba:7f:95:87:c6:f9:e9:04:e3:33:04
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

26/09/2024, 00:00

Not After

25/11/2035, 23:59

Subject

CN=DigiCert Timestamp 2024,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

ef:0d:8f:85:c1:de:88:20:48:c4:10:20:72:83:61:d1:3b:e8:9c:81:fc:6b:b0:6a:52:56:b1:15:d0:67:ea:70
Signer

Actual PE Digest

ef:0d:8f:85:c1:de:88:20:48:c4:10:20:72:83:61:d1:3b:e8:9c:81:fc:6b:b0:6a:52:56:b1:15:d0:67:ea:70

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

u:\Product\AOS\SafeTransaction\1.0\Trunk\Build\X64Release\ScrMon32.pdb

Imports

mfc90u

ord266
ord6171
ord6801
ord4173
ord6803
ord4747
ord2251
ord2206
ord6035
ord4179
ord1048
ord5548
ord6741
ord5830
ord4213
ord2087
ord3217
ord5674
ord5676
ord4347
ord4996
ord5680
ord5663
ord6018
ord2771
ord2983
ord3112
ord4728
ord2966
ord3115
ord2774
ord2893
ord2764
ord4080
ord4081
ord4071
ord2891
ord4348
ord4905
ord4681
ord3670
ord6137
ord3658
ord265
ord2447
ord4211
ord782
ord580
ord794
ord589
ord4043
ord813
ord1254
ord1250
ord2537
ord600
ord280
ord799
ord4405
ord6514
ord6170
ord6013
ord6693
ord6699
ord2694
ord811
ord296
ord1248
ord286
ord2478
ord1603
ord4448
ord5851
ord4423
ord605
ord1274
ord321
ord1241
ord1239
ord1264
ord1180
ord1233
ord2084
ord391
ord1152
ord1273
ord1271
ord1145
ord1076
ord1137
ord322
ord802
ord1088
ord801

msvcr90

_onexit
_lock
_encode_pointer
__dllonexit
_unlock
_commit
_get_osfhandle
_write
_lseek
_close
_errno
?_wsopen@@YAHPB_WHHH@Z
strchr
memcmp
memcpy
_mbschr
_vscwprintf
wcscmp
wcscspn
wcsspn
_localtime64_s
wcslen
wcschr
__CxxFrameHandler3
memset
_time64
strrchr
srand
rand
_wcslwr_s
_decode_pointer
wcsncmp
_wmakepath_s
wcscpy_s
_vsnprintf
wcsstr
wcsrchr
_vsnwprintf_s
_waccess
swscanf_s
vswprintf_s
_wtoi
_wsplitpath_s
realloc
memmove
memmove_s
_snwprintf_s
malloc
_vsnwprintf
calloc
memcpy_s
free
_wcsnicmp
_purecall
_wcsicmp
_stricmp
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_except_handler4_common
?terminate@@YAXXZ
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_strlwr_s
__clean_type_info_names_internal

kernel32

HeapReAlloc
MoveFileExW
HeapDestroy
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
InterlockedExchange
SuspendThread
GetThreadContext
SetThreadContext
ResumeThread
InterlockedCompareExchange
VirtualAlloc
FlushInstructionCache
VirtualProtect
VirtualQuery
GetSystemTimeAsFileTime
MoveFileW
SetEndOfFile
ExpandEnvironmentStringsW
GetStdHandle
WriteConsoleW
FindResourceExW
LoadResource
LockResource
SizeofResource
FindResourceW
FileTimeToSystemTime
SystemTimeToFileTime
GetUserDefaultUILanguage
CompareStringW
GetSystemWindowsDirectoryW
GetExitCodeProcess
DeleteFileA
GetCurrentThreadId
CreateMutexA
GetLocalTime
OpenMutexW
FindFirstFileA
MultiByteToWideChar
GetSystemDirectoryA
GetFileAttributesA
MoveFileExA
GetFileSize
CreateFileA
GetFullPathNameA
GetFullPathNameW
LoadLibraryA
GetModuleHandleA
GetCurrentThread
VerifyVersionInfoW
VerSetConditionMask
GetVersionExW
GetSystemInfo
GetCurrentProcess
OutputDebugStringW
WideCharToMultiByte
HeapFree
GetProcessHeap
HeapAlloc
IsBadReadPtr
WaitNamedPipeW
WriteFile
SetNamedPipeHandleState
Sleep
GetSystemDirectoryW
QueryDosDeviceW
GetLogicalDriveStringsW
CreateDirectoryW
GetFileAttributesW
HeapSize
LocalAlloc
OpenProcess
InitializeCriticalSection
RaiseException
DeleteFileW
SetFilePointer
ReadFile
CreateFileW
GetWindowsDirectoryW
FindClose
FindFirstFileW
GetModuleHandleW
CreateProcessW
LoadLibraryExW
LocalFree
lstrlenW
ReleaseMutex
CreateMutexW
InitializeCriticalSectionAndSpinCount
GetLastError
WaitForSingleObject
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
CloseHandle
GetModuleFileNameW
GetCurrentProcessId
GetTickCount
GetProcAddress
FreeLibrary
LoadLibraryW
SetLastError

user32

CharNextA
CharPrevA
CopyRect
GetDesktopWindow
GetShellWindow
GetForegroundWindow
GetWindowRect
MonitorFromWindow
GetMonitorInfoW
WindowFromDC
GetDC
GetWindowThreadProcessId
CallNextHookEx
UnhookWindowsHookEx
PostMessageW
SetWindowsHookExW
IsWindow
GetSystemMetrics

advapi32

RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
LookupAccountNameW
GetLengthSid
OpenSCManagerW
CloseServiceHandle
AllocateAndInitializeSid
CheckTokenMembership
FreeSid
CreateProcessAsUserW
GetSecurityDescriptorDacl
GetFileSecurityA
SetFileSecurityA
SetFileSecurityW
RegOpenKeyExA
GetFileSecurityW
RegQueryValueExA
GetSecurityDescriptorControl
LookupAccountNameA
RegCloseKey
AddAccessAllowedAce
AddAce
InitializeAcl
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
EqualSid
GetAce
GetAclInformation

shell32

ShellExecuteExW

shlwapi

PathRemoveBackslashW
PathAppendW

crypt32

CertGetNameStringW
CryptQueryObject
CryptMsgGetParam
CertFindCertificateInStore
CertFreeCertificateContext
CertCloseStore
CryptMsgClose

psapi

GetModuleBaseNameW
GetModuleFileNameExW

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

Exports

Exports

ScrMon_Activate
ScrMon_Deactivate
ScrMon_IsActivated
ScrMon_SetExtraOption

Sections

.text
Size: 135KB - Virtual size: 134KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ScrmonS
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
StCli.exe
StCtInst.dll
StCtl.dll
StCtl32.dll
.dll windows:5 windows x86 arch:x86

8620708bc0e4b2c280952effc573514e

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:eb:98:08:f9:4a:36:6f:2c:44:5d:4a:d6:62:85:1b
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

24/06/2024, 00:00

Not After

22/06/2025, 23:59

Subject

SERIALNUMBER=110111-1138985,CN=AhnLab\, Inc.,O=AhnLab\, Inc.,L=Seongnam-si,ST=Gyeonggi-do,C=KR,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.1=#130b53656f6e676e616d2d7369,1.3.6.1.4.1.311.60.2.1.2=#130b4779656f6e6767692d646f,1.3.6.1.4.1.311.60.2.1.3=#13024b52

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0b:ae:66:bc:5a:ba:7f:95:87:c6:f9:e9:04:e3:33:04
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

26/09/2024, 00:00

Not After

25/11/2035, 23:59

Subject

CN=DigiCert Timestamp 2024,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

b3:88:d2:d1:22:82:b3:81:bc:e8:2b:4a:f0:80:5a:d7:f0:4a:85:59:46:bb:26:31:20:0a:97:73:29:0b:90:48
Signer

Actual PE Digest

b3:88:d2:d1:22:82:b3:81:bc:e8:2b:4a:f0:80:5a:d7:f0:4a:85:59:46:bb:26:31:20:0a:97:73:29:0b:90:48

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

u:\Product\AOS\SafeTransaction\1.0\Trunk\Build\X64Release\StCtl32.pdb

Imports

ws2_32

inet_ntoa
inet_addr
WSAGetLastError
gethostbyname
gethostbyaddr
getservbyport
getsockopt
WSAStartup
WSACleanup
ioctlsocket
select
socket
connect
setsockopt
closesocket
recv
send
shutdown
getservbyname
htonl
WSASetLastError
ntohs
htons

mfc90u

ord6574
ord6566
ord6572
ord6372
ord6091
ord1354
ord1353
ord2758
ord3543
ord2106
ord1183
ord3486
ord636
ord367
ord971
ord2615
ord2635
ord2619
ord2625
ord2623
ord2621
ord2638
ord2633
ord2617
ord2640
ord2628
ord2610
ord2612
ord2630
ord2375
ord2368
ord1641
ord6802
ord4174
ord6804
ord3682
ord5404
ord6376
ord3226
ord1442
ord5625
ord2139
ord1792
ord1791
ord1727
ord5650
ord3140
ord4910
ord3627
ord595
ord750
ord3537
ord4044
ord524
ord744
ord6096
ord3741
ord4131
ord1333
ord6187
ord3637
ord6088
ord6547
ord4527
ord3513
ord6174
ord6418
ord5850
ord5863
ord6040
ord6699
ord6693
ord1552
ord5770
ord3187
ord613
ord2597
ord337
ord1599
ord3729
ord814
ord811
ord6813
ord5535
ord400
ord3534
ord2953
ord2955
ord5943
ord663
ord404
ord1211
ord2470
ord1603
ord1553
ord3018
ord4322
ord2501
ord2490
ord665
ord406
ord813
ord6697
ord4448
ord4423
ord6801
ord4173
ord6803
ord4747
ord2251
ord2206
ord6035
ord4179
ord1048
ord5548
ord6741
ord5830
ord4213
ord2087
ord3217
ord5674
ord5676
ord4347
ord4996
ord5680
ord5663
ord6018
ord2771
ord2983
ord3112
ord4728
ord2966
ord3115
ord2774
ord2893
ord2764
ord4080
ord4081
ord4071
ord2891
ord4348
ord4905
ord4681
ord3670
ord3589
ord5767
ord1243
ord6811
ord5778
ord6822
ord5974
ord6101
ord6183
ord6569
ord4579
ord6060
ord6063
ord1137
ord1868
ord3794
ord374
ord639
ord2593
ord1779
ord3488
ord3622
ord1938
ord4000
ord1486
ord6095
ord1708
ord3355
ord2447
ord6604
ord2536
ord2537
ord2702
ord589
ord794
ord4043
ord4442
ord286
ord5851
ord2694
ord280
ord600
ord296
ord799
ord266
ord1248
ord265
ord1250
ord1254
ord1088
ord321
ord801
ord6411
ord1754
ord1751
ord4345
ord1493
ord4664
ord5602
ord2074
ord5512
ord6800
ord4603
ord5664
ord3743
ord5154
ord4702
ord4541
ord4410
ord6311
ord5008
ord4543
ord2592
ord2143
ord2097
ord4774
ord2069
ord4682
ord5653
ord1492
ord6408
ord3353
ord1675
ord1809
ord1810
ord2208
ord1728
ord6466
ord5685
ord5683
ord960
ord965
ord969
ord5324
ord5167
ord4631
ord5632
ord967
ord605
ord1274
ord1241
ord1239
ord1264
ord1180
ord1233
ord2084
ord391
ord1152
ord1273
ord1271
ord1145
ord1076
ord322
ord802

msvcr90

malloc
_vsnwprintf
wcsftime
_wtoi
_wcsicmp
realloc
memmove
_wsplitpath_s
_purecall
_waccess
srand
rand
_recalloc
calloc
sscanf_s
strchr
fopen_s
fread
strcpy_s
fclose
_vsnprintf
fseek
fwrite
_strlwr_s
_wcslwr_s
wcsrchr
strrchr
_time64
_vscwprintf
vswprintf_s
_wcsdup
_wcsupr_s
_snwprintf_s
memmove_s
swscanf_s
_wcsnicmp
_vsnwprintf_s
??0exception@std@@QAE@ABQBD@Z
??1exception@std@@UAE@XZ
??0exception@std@@QAE@XZ
??0exception@std@@QAE@ABV01@@Z
_invalid_parameter_noinfo
wcschr
isspace
tolower
iswspace
wcspbrk
?what@exception@std@@UBEPBDXZ
wcsstr
memcpy_s
_wmakepath_s
wcsncmp
atoi
wcslen
__CxxFrameHandler3
_CxxThrowException
memset
_localtime64_s
wcsspn
wcscspn
wcscmp
memcpy
memcmp
_mbschr
?_wsopen@@YAHPB_WHHH@Z
_errno
_close
_lseek
_write
_get_osfhandle
_commit
ferror
feof
strlen
ftell
_wfopen
strncpy
_fileno
strcmp
_gmtime64
_waccess_s
_ftelli64
_fseeki64
_lrotl
strstr
_strupr_s
qsort
memchr
fflush
setvbuf
_setmode
fgets
strcpy
strerror_s
strtol
strncmp
__iob_func
sscanf
strcat_s
strtoul
strncpy_s
sprintf_s
fopen
_exit
raise
strcspn
strspn
_gmtime64_s
getenv
_stat64i32
_lrotr
wcscpy
isdigit
fputs
fprintf
signal
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_except_handler4_common
?terminate@@YAXXZ
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__clean_type_info_names_internal
free
wcscpy_s

kernel32

HeapFree
MoveFileExW
HeapAlloc
MoveFileExA
FindFirstFileW
GetFileSize
CreateFileA
GetFullPathNameA
GetFullPathNameW
QueryPerformanceCounter
GetCurrentThreadId
TerminateProcess
GetExitCodeProcess
CreateProcessW
WaitForSingleObject
WideCharToMultiByte
RemoveDirectoryW
DeleteFileW
GetTempPathW
SetFilePointer
GetPrivateProfileStringW
lstrlenA
ReadFile
CreateFileW
MultiByteToWideChar
CreateEventW
ReleaseMutex
CreateMutexW
Sleep
GetTickCount
GetCurrentProcessId
GetLocalTime
FreeLibrary
LoadLibraryExW
GetLastError
GetModuleFileNameW
lstrlenW
GetProcAddress
DeleteCriticalSection
InitializeCriticalSection
CloseHandle
EnterCriticalSection
HeapDestroy
HeapReAlloc
HeapSize
RaiseException
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
InterlockedExchange
SetConsoleMode
GetConsoleMode
ReadConsoleW
ReadConsoleA
GetACP
GetFileType
GetVersion
LoadLibraryA
FormatMessageA
InterlockedExchangeAdd
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
VirtualFree
InterlockedCompareExchange
GetSystemTimeAsFileTime
DuplicateHandle
SetEndOfFile
GetFileSizeEx
GetDriveTypeW
WaitForMultipleObjects
ResetEvent
PulseEvent
ReleaseSemaphore
CreateSemaphoreW
InitializeCriticalSectionAndSpinCount
lstrcmpA
GetSystemTime
FileTimeToSystemTime
SystemTimeToFileTime
CompareStringW
ExpandEnvironmentStringsW
GetSystemWindowsDirectoryW
GetStdHandle
WriteConsoleW
MulDiv
VerifyVersionInfoW
VerSetConditionMask
GetVersionExW
GetSystemInfo
GetCurrentProcess
OutputDebugStringW
ProcessIdToSessionId
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
GetEnvironmentVariableW
GetLogicalDriveStringsW
FindNextFileW
OpenProcess
LocalFree
LocalAlloc
IsBadReadPtr
LockResource
MoveFileW
SizeofResource
LoadResource
FindResourceW
FindResourceExW
lstrcpynW
CreateDirectoryW
SetFileAttributesW
GetComputerNameW
GetWindowsDirectoryW
CopyFileW
GetUserDefaultUILanguage
GetVolumeInformationW
OpenEventW
SetEvent
LoadLibraryW
DeleteFileA
CreateMutexA
GetModuleHandleA
FindClose
SetLastError
OpenMutexW
FindFirstFileA
GetSystemDirectoryA
GetFileAttributesW
GetFileAttributesA
GetSystemDirectoryW
WriteFile
GetProcessHeap
GetModuleHandleW
LeaveCriticalSection

user32

FillRect
EnableWindow
GetClientRect
GetParent
GetWindowThreadProcessId
GetDesktopWindow
FindWindowW
MessageBoxW
GetClassLongW
WindowFromDC
IsWindow
RegisterWindowMessageW
SendMessageW
TranslateMessage
PeekMessageW
GetSysColor
GetUserObjectInformationW
DrawEdge
CharNextA
CharPrevA
IsCharAlphaW
MsgWaitForMultipleObjects
GetUserObjectSecurity
SetUserObjectSecurity
GetProcessWindowStation
OpenWindowStationW
SetProcessWindowStation
OpenDesktopW
CloseWindowStation
CloseDesktop
GetShellWindow
GetWindowRect
MonitorFromWindow
GetMonitorInfoW
PostMessageW
GetDC
LoadBitmapW
CopyRect
BringWindowToTop
SetForegroundWindow
AttachThreadInput
GetForegroundWindow
SetClassLongW
GetSystemMetrics
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
RedrawWindow
KillTimer
SetTimer
DispatchMessageW

gdi32

RectVisible
PtVisible
CreateFontIndirectW
GetObjectW
ExtTextOutW
TextOutW
GetTextExtentPoint32W
BitBlt
GetBkColor
DPtoLP
GetViewportExtEx
GetWindowExtEx
Escape
GetDeviceCaps
CreateSolidBrush
SelectObject
EnumFontFamiliesW
DeleteObject
CreateRectRgn
GetMapMode
CreateCompatibleBitmap
LPtoDP
CreateCompatibleDC

advapi32

ConvertStringSecurityDescriptorToSecurityDescriptorW
AddAccessAllowedAce
AddAce
SetFileSecurityA
GetFileSecurityA
GetLengthSid
RegSetValueExW
RegCreateKeyExW
CreateProcessAsUserW
OpenProcessToken
GetTokenInformation
RegEnumKeyExW
RegQueryInfoKeyW
CloseServiceHandle
EnumServicesStatusExW
OpenSCManagerW
OpenServiceW
QueryServiceStatus
CreateServiceW
StartServiceW
ControlService
DeleteService
UnlockServiceDatabase
ChangeServiceConfigW
LockServiceDatabase
SetServiceObjectSecurity
QueryServiceObjectSecurity
ConvertSecurityDescriptorToStringSecurityDescriptorW
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
GetSecurityDescriptorOwner
GetSecurityDescriptorGroup
GetSecurityDescriptorDacl
SetSecurityDescriptorDacl
GetSecurityDescriptorSacl
MakeSelfRelativeSD
GetSecurityDescriptorLength
GetSecurityDescriptorControl
MakeAbsoluteSD
InitializeSecurityDescriptor
LookupAccountNameA
GetAclInformation
EqualSid
RegQueryValueExA
GetFileSecurityW
LookupAccountNameW
GetAce
RegOpenKeyExA
SetFileSecurityW
CryptAcquireContextW
CryptGenRandom
CryptReleaseContext
RegisterEventSourceW
ReportEventW
DeregisterEventSource
LookupAccountSidW
LookupPrivilegeValueW
AdjustTokenPrivileges
CopySid
ImpersonateLoggedOnUser
RevertToSelf
DuplicateTokenEx
SetTokenInformation
LogonUserW
AllocateAndInitializeSid
CheckTokenMembership
FreeSid
QueryServiceStatusEx
QueryServiceConfig2W
ChangeServiceConfig2W
InitializeAcl

shell32

SHGetFileInfoW
SHGetFolderPathW
SHCreateDirectoryExW
ShellExecuteExW

shlwapi

PathAppendW
StrStrIW
PathRemoveBackslashW

oleaut32

VarUdateFromDate
SystemTimeToVariantTime
VariantTimeToSystemTime

msvcp90

??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

wininet

InternetOpenW
InternetConnectW
HttpOpenRequestW
HttpSendRequestW
InternetCloseHandle
InternetErrorDlg
HttpQueryInfoW
InternetReadFile

crypt32

CryptMsgGetParam
CertCloseStore
CertFindCertificateInStore
CertFreeCertificateContext
CertGetNameStringW
CryptQueryObject
CryptMsgClose

Exports

Exports

STCTL_Function1
STCTL_Function2
STCTL_GetObject

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 550KB - Virtual size: 550KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 51KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
StSdk.dll
StSdk32.dll
.dll windows:5 windows x86 arch:x86

7b49ef68a1513c5cb41255678f43e720

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:7b:2e:10:a0:d9:6c:4d:53:bd:1e:49:42:fc:ca:c9
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

24/06/2024, 00:00

Not After

22/06/2025, 23:59

Subject

SERIALNUMBER=110111-1138985,CN=AhnLab\, Inc.,O=AhnLab\, Inc.,L=Seongnam-si,ST=Gyeonggi-do,C=KR,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.1=#130b53656f6e676e616d2d7369,1.3.6.1.4.1.311.60.2.1.2=#130b4779656f6e6767692d646f,1.3.6.1.4.1.311.60.2.1.3=#13024b52

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0b:ae:66:bc:5a:ba:7f:95:87:c6:f9:e9:04:e3:33:04
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

26/09/2024, 00:00

Not After

25/11/2035, 23:59

Subject

CN=DigiCert Timestamp 2024,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:1d:4b:a2:d0:72:4d:c0:79:b9:f2:58:42:6d:36:47:de:ca:c2:99:7e:f8:93:5f:e8:5a:4f:6a:ae:40:5c:ef
Signer

Actual PE Digest

0e:1d:4b:a2:d0:72:4d:c0:79:b9:f2:58:42:6d:36:47:de:ca:c2:99:7e:f8:93:5f:e8:5a:4f:6a:ae:40:5c:ef

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

u:\Product\AOS\SafeTransaction\1.0\Trunk\Build\X64Release\StSdk32.pdb

Imports

ws2_32

recv
send
shutdown
closesocket
connect
socket
getsockopt
getservbyport
gethostbyaddr
WSAStartup
ntohs
gethostbyname
WSAGetLastError
setsockopt
WSACleanup
inet_addr
htons
getservbyname
select
htonl
WSASetLastError
inet_ntoa
ioctlsocket

mfc90u

ord935
ord5939
ord3729
ord266
ord2478
ord6013
ord4405
ord6170
ord6699
ord6693
ord933
ord6697
ord290
ord938
ord1607
ord285
ord3220
ord2694
ord814
ord1603
ord2479
ord4490
ord6137
ord3658
ord782
ord6822
ord5778
ord6811
ord1243
ord5767
ord3589
ord6514
ord2326
ord4251
ord899
ord2676
ord265
ord6166
ord6698
ord6171
ord601
ord310
ord1651
ord2571
ord261
ord258
ord1707
ord580
ord2537
ord813
ord1248
ord1599
ord811
ord799
ord4448
ord4423
ord6801
ord4173
ord6803
ord4747
ord2251
ord2206
ord6035
ord4179
ord1048
ord5548
ord6741
ord5830
ord4213
ord2087
ord3217
ord5674
ord5676
ord4347
ord4996
ord5680
ord5663
ord6018
ord2771
ord2983
ord3112
ord4728
ord2966
ord3115
ord2774
ord2893
ord2764
ord4080
ord4081
ord4071
ord2891
ord4348
ord4905
ord4681
ord3670
ord1088
ord321
ord2447
ord4211
ord1137
ord296
ord2702
ord5851
ord4442
ord286
ord909
ord589
ord4043
ord794
ord280
ord1250
ord1254
ord600
ord801
ord1102
ord6687
ord404
ord663
ord5535
ord6813
ord1552
ord3187
ord5770
ord4518
ord2539
ord1043
ord581
ord783
ord2485
ord1600
ord3221
ord305
ord1608
ord4494
ord6690
ord306
ord316
ord5852
ord2696
ord335
ord612
ord815
ord6164
ord4519
ord6692
ord605
ord1274
ord1241
ord1239
ord1264
ord1180
ord1233
ord2084
ord391
ord1152
ord1273
ord1271
ord1145
ord1076
ord322
ord802
ord5979

msvcr90

signal
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
?terminate@@YAXXZ
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_except_handler4_common
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__clean_type_info_names_internal
_vscwprintf
srand
rand
_strlwr_s
wcsncpy
printf
_time64
_localtime64_s
strchr
_vswprintf
wcsncmp
_wmakepath_s
_snwprintf_s
??1bad_cast@std@@UAE@XZ
??0bad_cast@std@@QAE@ABV01@@Z
??0bad_cast@std@@QAE@PBD@Z
wcspbrk
iswspace
fprintf
wcschr
tolower
_wcsdup
_vsnwprintf_s
_wcsnicmp
_wcslwr_s
toupper
strrchr
wcsstr
vswprintf_s
_recalloc
calloc
swscanf_s
memcpy_s
_wcsicmp
_wsplitpath_s
wcscat_s
__RTDynamicCast
wcscpy_s
realloc
malloc
free
memmove
_vsnprintf
_wtoi
wcsrchr
_purecall
atoi
_vsnwprintf
?what@exception@std@@UBEPBDXZ
_endthreadex
_beginthreadex
_invalid_parameter_noinfo
??0exception@std@@QAE@ABV01@@Z
??0exception@std@@QAE@XZ
memmove_s
??1exception@std@@UAE@XZ
??0exception@std@@QAE@ABQBD@Z
wcsftime
fputs
isdigit
wcscpy
_lrotr
_stat64i32
getenv
_gmtime64_s
strspn
strcspn
raise
_exit
fopen
sprintf_s
strncpy_s
strtoul
strcpy_s
strcat_s
sscanf
__iob_func
strncmp
strtol
strerror_s
strcpy
fgets
_setmode
setvbuf
fflush
memchr
qsort
_strupr_s
strstr
_lrotl
_fseeki64
_ftelli64
_waccess_s
_gmtime64
strcmp
_stricmp
_fileno
strncpy
_wfopen
fclose
fseek
ftell
fread
strlen
fwrite
feof
fgetc
ferror
_commit
_get_osfhandle
_write
_lseek
_close
_errno
?_wsopen@@YAHPB_WHHH@Z
memcmp
_mbschr
wcscmp
wcscspn
wcsspn
_CxxThrowException
wcslen
__CxxFrameHandler3
memset
isspace
memcpy
abort
exit

kernel32

GetTempPathW
SetNamedPipeHandleState
WriteFile
ReadFile
WaitNamedPipeW
DisconnectNamedPipe
CreateNamedPipeW
ConnectNamedPipe
ProcessIdToSessionId
GetProcessTimes
TerminateProcess
OutputDebugStringW
CreateProcessW
GetExitCodeProcess
lstrcmpiW
GetSystemInfo
VerSetConditionMask
VerifyVersionInfoW
GetWindowsDirectoryW
GetCurrentThread
DeviceIoControl
VirtualQuery
VirtualProtect
GetUserDefaultUILanguage
RaiseException
QueryPerformanceCounter
ReleaseMutex
GetCurrentThreadId
CreateFileA
QueryDosDeviceW
InterlockedDecrement
Thread32First
Thread32Next
GetFullPathNameW
GetFullPathNameA
MoveFileExA
GetFileAttributesA
GetSystemDirectoryA
FindFirstFileA
GetModuleHandleA
CreateMutexA
DeleteFileA
SystemTimeToFileTime
GetSystemTime
lstrcmpA
InitializeCriticalSectionAndSpinCount
CreateSemaphoreW
ReleaseSemaphore
PulseEvent
GetSystemWindowsDirectoryW
CompareStringW
FileTimeToSystemTime
WriteConsoleW
GetStdHandle
ExpandEnvironmentStringsW
SetEndOfFile
MoveFileW
GetSystemTimeAsFileTime
InterlockedCompareExchange
VirtualFree
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedExchangeAdd
GetEnvironmentVariableW
SetFilePointer
GetSystemDirectoryW
FormatMessageA
LoadLibraryA
GetVersion
HeapDestroy
HeapReAlloc
HeapSize
FlushFileBuffers
IsBadReadPtr
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
InterlockedExchange
SetConsoleMode
GetConsoleMode
ReadConsoleW
ReadConsoleA
GetACP
GetLogicalDriveStringsW
CreateDirectoryW
FindNextFileW
GetFileAttributesW
FindClose
FindFirstFileW
DeleteFileW
MoveFileExW
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
GetVersionExW
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
GetFileSize
GetProcessHeap
HeapFree
HeapAlloc
LocalAlloc
CreateFileW
OpenProcess
LocalFree
SetLastError
LoadLibraryW
GetCurrentProcess
GetModuleHandleW
GetProcAddress
FreeLibrary
LoadLibraryExW
Sleep
GetPrivateProfileStringW
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
lstrlenW
OpenEventW
OpenMutexW
GetComputerNameW
GetTickCount
WaitForMultipleObjects
WaitForSingleObject
TerminateThread
ResetEvent
LeaveCriticalSection
SetEvent
EnterCriticalSection
DeleteCriticalSection
CreateEventW
InitializeCriticalSection
GetFileType
CreateMutexW
GetModuleFileNameW
GetCurrentProcessId
GetLocalTime
CloseHandle
GetLastError

user32

GetSystemMetrics
wsprintfW
MsgWaitForMultipleObjects
GetMonitorInfoW
MonitorFromWindow
GetWindowRect
GetForegroundWindow
GetShellWindow
IsWindow
PostMessageW
CharPrevA
CharNextA
GetUserObjectInformationW
GetProcessWindowStation
MessageBoxW
RegisterWindowMessageA
PeekMessageW
PostQuitMessage
TranslateMessage
DispatchMessageW
GetDesktopWindow
DestroyWindow
CreateWindowExW
CopyRect
UnregisterClassW
SetTimer
KillTimer
DefWindowProcW
LoadIconW
RegisterClassW
LoadCursorW

gdi32

GetStockObject

advapi32

CryptAcquireContextW
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
LookupAccountNameW
OpenProcessToken
GetTokenInformation
GetLengthSid
CryptGenRandom
CryptReleaseContext
RegisterEventSourceW
ReportEventW
DeregisterEventSource
QueryServiceStatusEx
QueryServiceConfig2W
ChangeServiceConfig2W
ConvertSecurityDescriptorToStringSecurityDescriptorW
QueryServiceObjectSecurity
ConvertStringSecurityDescriptorToSecurityDescriptorW
SetServiceObjectSecurity
GetSecurityDescriptorSacl
GetAclInformation
GetAce
EqualSid
GetSidSubAuthority
GetSidSubAuthorityCount
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
InitializeAcl
AddAce
AddAccessAllowedAce
RegCreateKeyExW
RegSetValueExW
AllocateAndInitializeSid
FreeSid
OpenThreadToken
GetSecurityDescriptorOwner
GetSecurityDescriptorGroup
GetSecurityDescriptorDacl
MakeSelfRelativeSD
GetSecurityDescriptorLength
GetSecurityDescriptorControl
MakeAbsoluteSD
OpenSCManagerW
OpenServiceW
QueryServiceStatus
CloseServiceHandle
RegEnumKeyExW
LookupAccountNameA
RegQueryValueExA
GetFileSecurityW
RegOpenKeyExA
SetFileSecurityW
SetFileSecurityA
GetFileSecurityA
CreateProcessAsUserW
CheckTokenMembership
EnumServicesStatusExW
CreateServiceW
StartServiceW
ControlService
DeleteService
UnlockServiceDatabase
ChangeServiceConfigW
LockServiceDatabase

shell32

SHGetSpecialFolderPathW
SHCreateDirectoryExW
ShellExecuteExW
SHGetFolderPathW

shlwapi

PathAppendW
PathRemoveBackslashW

ole32

CoGetCallerTID
CoSetProxyBlanket
CoCreateInstance
CoCreateGuid
CLSIDFromString
CoUninitialize
CoInitialize
CoTaskMemFree
CoInitializeSecurity

oleaut32

VariantClear
VariantInit
SysFreeString
SysAllocString
VarUdateFromDate
SystemTimeToVariantTime
VariantTimeToSystemTime

msvcp90

??0locale@std@@QAE@XZ
?tolower@?$ctype@D@std@@QBEDD@Z
?tolower@?$ctype@D@std@@QBEPBDPADPBD@Z
?_Getcat@?$ctype@D@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ID@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
?begin@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AV?$_String_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
?deallocate@?$allocator@D@std@@QAEXPADI@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?end@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AV?$_String_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
?allocate@?$allocator@D@std@@QAEPADI@Z
?begin@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$_String_const_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
?end@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$_String_const_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
?transform@?$collate@D@std@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@PBD0@Z
?_Getcat@?$collate@D@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?id@?$collate@D@std@@2V0locale@2@A
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?_Xmem@tr1@std@@YAXXZ
?id@?$ctype@D@std@@2V0locale@2@A
?_Xbad@tr1@std@@YAXW4error_type@regex_constants@12@@Z
??Bid@locale@std@@QAEIXZ
?_Incref@facet@locale@std@@QAEXXZ
??1locale@std@@QAE@XZ
?_Getfacet@locale@std@@QBEPBVfacet@12@I@Z
??_D?$basic_ostringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXXZ
?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAEXH_N@Z
?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV12@XZ
??0?$basic_ostringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@H@Z
?str@?$basic_ostringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEG_W@Z
?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEXXZ
?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEXXZ
?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
?sputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEHPB_WH@Z
?uncaught_exception@std@@YA_NXZ
??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@H@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_Decref@facet@locale@std@@QAEPAV123@XZ

winmm

timeGetDevCaps
timeKillEvent
timeSetEvent

crypt32

CryptMsgClose
CryptQueryObject
CertGetNameStringW
CertFreeCertificateContext
CertFindCertificateInStore
CertCloseStore
CryptMsgGetParam
CryptBinaryToStringW

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

psapi

GetModuleBaseNameW
GetModuleFileNameExW

iphlpapi

GetAdaptersInfo
GetIpNetTable

Exports

Exports

StSdkSa_GetAkObjectA
StSdkSa_GetAkObjectW
StSdkSa_GetEnv2Object
StSdkSa_GetEnvObject
StSdkSa_GetFwObject
StSdkSa_GetMkd8ObjectA
StSdkSa_GetMkd8ObjectW
StSdkSa_GetPCScanObject
StSdkSa_GetPbObject
StSdkSa_GetPcLogObject
StSdkSa_GetVerifyObject
StSdk_GetAkObjectA
StSdk_GetAkObjectW
StSdk_GetEnvObject
StSdk_GetFwObject
StSdk_GetMkd8ObjectA
StSdk_GetMkd8ObjectW
StSdk_GetPbObject
StSdk_GetPcLogObject
StSdk_GetVerifyObject

Sections

.text
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 659KB - Virtual size: 659KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 121KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 129KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
StSess.exe
StSess32.exe
.exe windows:5 windows x86 arch:x86

c4bed1886281be75cca9dee545e740ba

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:eb:98:08:f9:4a:36:6f:2c:44:5d:4a:d6:62:85:1b
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

24/06/2024, 00:00

Not After

22/06/2025, 23:59

Subject

SERIALNUMBER=110111-1138985,CN=AhnLab\, Inc.,O=AhnLab\, Inc.,L=Seongnam-si,ST=Gyeonggi-do,C=KR,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.1=#130b53656f6e676e616d2d7369,1.3.6.1.4.1.311.60.2.1.2=#130b4779656f6e6767692d646f,1.3.6.1.4.1.311.60.2.1.3=#13024b52

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0b:ae:66:bc:5a:ba:7f:95:87:c6:f9:e9:04:e3:33:04
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

26/09/2024, 00:00

Not After

25/11/2035, 23:59

Subject

CN=DigiCert Timestamp 2024,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

b2:25:c6:4e:3f:38:15:54:c6:b4:9f:14:9c:11:b3:f0:c3:40:20:ad:3f:17:9e:7f:00:34:33:b8:d8:78:fd:99
Signer

Actual PE Digest

b2:25:c6:4e:3f:38:15:54:c6:b4:9f:14:9c:11:b3:f0:c3:40:20:ad:3f:17:9e:7f:00:34:33:b8:d8:78:fd:99

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

u:\Product\AOS\SafeTransaction\1.0\Trunk\Build\X64Release\StSess32.pdb

Imports

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

oleacc

ObjectFromLresult
AccessibleObjectFromWindow
AccessibleChildren
AccessibleObjectFromEvent

mfc90u

ord6170
ord6514
ord5979
ord4405
ord3589
ord1211
ord2326
ord935
ord285
ord3220
ord1607
ord813
ord2479
ord4490
ord1248
ord6171
ord6699
ord6693
ord1603
ord1599
ord811
ord266
ord265
ord4985
ord5354
ord2445
ord2079
ord2860
ord5447
ord5450
ord4730
ord4553
ord3232
ord5338
ord3229
ord6379
ord3230
ord6381
ord980
ord5803
ord3287
ord2651
ord2650
ord4429
ord1681
ord3355
ord6411
ord4344
ord1493
ord5598
ord5655
ord2369
ord1380
ord4697
ord6375
ord3225
ord4685
ord4763
ord5615
ord4720
ord670
ord415
ord4007
ord3819
ord5632
ord4631
ord5167
ord5324
ord5008
ord1810
ord1809
ord1675
ord3353
ord6013
ord1754
ord1751
ord4345
ord1492
ord4664
ord5602
ord2074
ord5512
ord6800
ord4603
ord5653
ord3743
ord5154
ord4702
ord1728
ord6466
ord2478
ord5683
ord960
ord965
ord969
ord967
ord971
ord2615
ord2635
ord2619
ord2625
ord2623
ord2621
ord2638
ord2633
ord2617
ord2640
ord2628
ord2610
ord2612
ord2630
ord2375
ord2368
ord1641
ord6802
ord4174
ord6804
ord3682
ord5404
ord6376
ord3226
ord1442
ord5625
ord2139
ord1792
ord1791
ord1727
ord5650
ord3140
ord4910
ord4682
ord3515
ord4448
ord4423
ord6801
ord4173
ord6803
ord4747
ord2251
ord2206
ord6035
ord4179
ord1048
ord5548
ord6741
ord5830
ord4213
ord2087
ord3217
ord5674
ord5676
ord4347
ord4996
ord5680
ord5663
ord6018
ord2771
ord2983
ord3112
ord4728
ord2966
ord3115
ord2774
ord2893
ord2764
ord4080
ord4081
ord4071
ord801
ord6408
ord2891
ord4348
ord4905
ord4681
ord3670
ord2208
ord4000
ord639
ord374
ord2676
ord1137
ord782
ord580
ord2537
ord2447
ord6604
ord6482
ord1098
ord1186
ord799
ord4211
ord4442
ord286
ord296
ord2694
ord2702
ord5851
ord280
ord600
ord1250
ord1254
ord794
ord589
ord4043
ord6822
ord5778
ord2571
ord6811
ord1243
ord5767
ord1707
ord1329
ord5685
ord1272

msvcr90

memcpy
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
_controlfp_s
_invoke_watson
?terminate@@YAXXZ
_except_handler4_common
_decode_pointer
_onexit
_lock
__dllonexit
_unlock
__set_app_type
_encode_pointer
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm
_wcmdln
exit
_XcptFilter
_exit
_cexit
__wgetmainargs
_amsg_exit
memcmp
malloc
free
wcsftime
wcstok_s
_endthreadex
_beginthreadex
memmove
realloc
_purecall
_wtoi
_wsplitpath_s
vswprintf_s
_wcsnicmp
_wcsicmp
strchr
_vsnwprintf
swscanf_s
_vsnwprintf_s
memmove_s
calloc
memcpy_s
_recalloc
rand
_snwprintf_s
??0exception@std@@QAE@ABQBD@Z
??1exception@std@@UAE@XZ
??0exception@std@@QAE@XZ
??0exception@std@@QAE@ABV01@@Z
_invalid_parameter_noinfo
?what@exception@std@@UBEPBDXZ
wcsrchr
wcsstr
_vsnprintf
wcscpy_s
_wmakepath_s
wcsncmp
_strlwr_s
_wcslwr_s
srand
strrchr
_time64
__CxxFrameHandler3
_errno
_mbschr
_initterm_e
memset
wcschr
?_wsopen@@YAHPB_WHHH@Z
_close
_lseek
_write
_get_osfhandle
_commit
wcslen
_localtime64_s
_CxxThrowException
wcsspn
wcscspn
wcscmp
_vscwprintf

kernel32

CreateMutexW
GetLastError
WaitForSingleObject
CreateEventW
SetEvent
CloseHandle
GetModuleFileNameW
LoadLibraryW
InitializeCriticalSectionAndSpinCount
ReleaseMutex
GetCurrentProcessId
ResetEvent
WaitForMultipleObjects
OpenProcess
GetModuleHandleW
GetCommandLineW
lstrlenW
WideCharToMultiByte
MultiByteToWideChar
MoveFileExW
DeleteFileW
FindFirstFileW
GetLocalTime
GetProcAddress
SetLastError
FreeLibrary
LoadLibraryExW
InitializeCriticalSection
LeaveCriticalSection
HeapDestroy
HeapReAlloc
HeapSize
FindClose
GetFileAttributesW
CreateDirectoryW
EnterCriticalSection
MoveFileExA
DeleteCriticalSection
CreateProcessW
GetCurrentThreadId
RaiseException
GetTickCount
SetFilePointer
ReadFile
CreateFileW
GetSystemDirectoryW
Sleep
SetNamedPipeHandleState
WriteFile
WaitNamedPipeW
FlushFileBuffers
DisconnectNamedPipe
CreateNamedPipeW
ConnectNamedPipe
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
ProcessIdToSessionId
GetProcessTimes
OpenThread
HeapAlloc
GetProcessHeap
HeapFree
CopyFileW
OutputDebugStringW
TerminateThread
ResumeThread
Thread32First
Thread32Next
GetCurrentProcess
GetFileSize
GetExitCodeProcess
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
SetUnhandledExceptionFilter
GetStartupInfoW
InterlockedCompareExchange
InterlockedExchange
ExpandEnvironmentStringsW
GetStdHandle
WriteConsoleW
FindResourceExW
LoadResource
LockResource
SizeofResource
FindResourceW
SystemTimeToFileTime
GetUserDefaultUILanguage
CompareStringW
GetSystemWindowsDirectoryW
MoveFileW
VirtualFreeEx
CreateRemoteThread
WriteProcessMemory
VirtualAllocEx
GetSystemTimeAsFileTime
SetEndOfFile
QueryPerformanceCounter
FileTimeToSystemTime
Wow64RevertWow64FsRedirection
GetSystemWow64DirectoryW
Wow64DisableWow64FsRedirection
ExitProcess
DeleteFileA
CreateMutexA
GetModuleHandleA
OpenMutexW
FindFirstFileA
GetSystemDirectoryA
GetFileAttributesA
LocalFree
CreateFileA
GetFullPathNameA
GetFullPathNameW
GetWindowsDirectoryW
VerifyVersionInfoW
VerSetConditionMask
GetVersionExW
GetSystemInfo

user32

GetParent
CallWindowProcW
GetWindowLongW
GetWindow
GetDesktopWindow
GetSystemMetrics
IsWindowVisible
EnumWindows
SetWinEventHook
PostMessageW
MsgWaitForMultipleObjectsEx
PeekMessageW
TranslateMessage
DispatchMessageW
UnhookWinEvent
MessageBoxW
RegisterWindowMessageW
EnumThreadWindows
FindWindowExW
CharPrevA
CharNextA
GetMonitorInfoW
MonitorFromWindow
GetWindowRect
CallNextHookEx
GetClassNameW
EnumChildWindows
UnhookWindowsHookEx
SetWindowsHookExW
GetWindowThreadProcessId
SetWindowLongW
SendMessageTimeoutW
IsWindow
RegisterClassW
GetClassInfoW
EnableWindow
SendMessageW
GetForegroundWindow
GetShellWindow
CopyRect
UpdateWindow

advapi32

RegCloseKey
RegQueryValueExW
RegSetValueExW
LookupAccountNameW
OpenProcessToken
GetTokenInformation
GetLengthSid
GetAclInformation
GetAce
EqualSid
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
InitializeAcl
AddAce
AddAccessAllowedAce
CreateProcessAsUserW
AllocateAndInitializeSid
FreeSid
LookupAccountNameA
GetSecurityDescriptorControl
RegQueryValueExA
GetFileSecurityW
RegOpenKeyExA
SetFileSecurityW
SetFileSecurityA
GetFileSecurityA
GetSecurityDescriptorDacl
CheckTokenMembership
CloseServiceHandle
OpenSCManagerW
RegOpenKeyExW

shell32

ShellExecuteExW
CommandLineToArgvW

comctl32

InitCommonControlsEx

shlwapi

PathAppendW
PathFileExistsW
PathRemoveBackslashW

ole32

CoUninitialize
CoInitialize

oleaut32

VarUdateFromDate
VariantClear
SystemTimeToVariantTime
VariantTimeToSystemTime
VariantInit
SysFreeString
SysAllocString

psapi

GetModuleBaseNameW
GetModuleFileNameExW

msvcp90

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

Sections

.text
Size: 259KB - Virtual size: 259KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 113KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 46KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 126KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
StSvr.dll
UpEx.dll
V3Cert.dll
WinFWMgr.dll
acm1.0/arm64.vc141/libacm.dll
acm1.0/x86.vc90/libacm.dll
.dll windows:5 windows x86 arch:x86

41b92a205ae839084e3124a96aaaabe8

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:75:60:f5:9a:a0:ea:7c:1e:57:2b:49:4c:b5:c0:bd
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

01/09/2023, 00:00

Not After

31/08/2024, 00:00

Subject

SERIALNUMBER=110111-1138985,CN=AhnLab\, Inc.,O=AhnLab\, Inc.,L=Seongnam-si,ST=Gyeonggi-do,C=KR,2.5.4.15=#131450726976617465206f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.1=#130b53656f6e676e616d2d7369,1.3.6.1.4.1.311.60.2.1.2=#130b4779656f6e6767692d646f,1.3.6.1.4.1.311.60.2.1.3=#13024b52

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

c7:5d:88:5c:60:7b:bb:5d:f7:25:b7:4d:2c:80:3a:86:8e:8f:5c:fc:4a:17:66:f2:98:60:eb:6d:0b:9d:14:93
Signer

Actual PE Digest

c7:5d:88:5c:60:7b:bb:5d:f7:25:b7:4d:2c:80:3a:86:8e:8f:5c:fc:4a:17:66:f2:98:60:eb:6d:0b:9d:14:93

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\build\KCMVP\ACM-99\1.0\Trunk\Build\libacm.dll\VC9.0\Win32Release\libacm.pdb

Imports

kernel32

GetModuleFileNameA
GetCurrentThreadId
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
GetCurrentProcessId

advapi32

CryptGenRandom
CryptAcquireContextW
CryptReleaseContext

ole32

CoCreateGuid

msvcr90

_encoded_null
_decode_pointer
_initterm
_initterm_e
_malloc_crt
_adjust_fdiv
__CppXcptFilter
_crt_debugger_hook
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
_encode_pointer
strncpy
malloc
free
fclose
fseek
ftell
fread
fopen
memset
_amsg_exit
memcpy

Sections

.text
Size: 144KB - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
akcm1.0/arm64/libakcm.sys
aostrust.dll
aostrust32.dll
.dll windows:5 windows x86 arch:x86

e1023395818ca54d848144cb4223c39b

Code Sign

47:c3:0f:fe:fc:22:bb:28:0f:96:fe:a7:52:51
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

16/03/2016, 00:00

Not After

16/03/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1e:87:7b:57:40:e5:87:c5:4e:31:d6:a9
Certificate

Issuer

CN=GlobalSign CodeSigning CA - G3,O=GlobalSign nv-sa,C=BE

Not Before

30/06/2020, 00:17

Not After

26/06/2022, 02:07

Subject

CN=AhnLab\, Inc.,O=AhnLab\, Inc.,L=Seongnam-si,ST=Gyeonggi-do,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

61:29:15:27:00:00:00:00:00:2a
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

15/04/2011, 19:55

Not After

15/04/2021, 20:05

Subject

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:20:4d:b4:00:00:00:00:00:27
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

15/04/2011, 19:45

Not After

15/04/2021, 19:55

Subject

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:ce:e8:00:65:36:a9:3f:59:c9:ec:74:3f:13:eb:d5
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

09/12/2020, 00:00

Not After

12/12/2021, 23:59

Subject

SERIALNUMBER=110111-1138985,CN=AhnLab\, Inc.,O=AhnLab\, Inc.,L=Seongnam-si,ST=Gyeonggi-do,C=KR,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.1=#130b53656f6e676e616d2d7369,1.3.6.1.4.1.311.60.2.1.2=#130b4779656f6e6767692d646f,1.3.6.1.4.1.311.60.2.1.3=#13024b52

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

e3:e4:e2:41:7e:32:3a:04:05:61:0e:bd:f1:4e:c1:21:06:4f:3a:d4:f4:2a:af:f1:ba:11:a4:f1:fc:0c:c7:90
Signer

Actual PE Digest

e3:e4:e2:41:7e:32:3a:04:05:61:0e:bd:f1:4e:c1:21:06:4f:3a:d4:f4:2a:af:f1:ba:11:a4:f1:fc:0c:c7:90

Digest Algorithm

sha256

PE Digest Matches

true

e6:3d:d0:ff:24:66:0d:8a:1b:92:09:3f:95:c2:ec:a5:98:0c:99:42
Signer

Actual PE Digest

e6:3d:d0:ff:24:66:0d:8a:1b:92:09:3f:95:c2:ec:a5:98:0c:99:42

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

u:\Product\AOS\2.1\Trunk\Src\Common\aostrust\Trunk\Build\X64Release\aostrust32.pdb

Imports

mfc90u

ord310
ord601
ord943
ord1603
ord2478
ord6693
ord6697
ord6698
ord6691
ord4519
ord6013
ord4405
ord5851
ord2537
ord3729
ord811
ord1248
ord2694
ord813
ord286
ord600
ord1250
ord296
ord266
ord265
ord4448
ord4423
ord6801
ord4173
ord6803
ord4747
ord2251
ord2206
ord6035
ord4179
ord1048
ord5548
ord6741
ord5830
ord4213
ord2087
ord3217
ord5674
ord5676
ord4347
ord4996
ord5680
ord5663
ord6018
ord2771
ord2983
ord3112
ord4728
ord2966
ord3115
ord2774
ord2893
ord799
ord2764
ord4080
ord4081
ord4071
ord2891
ord4348
ord4905
ord4681
ord3670
ord2447
ord4211
ord605
ord1274
ord321
ord1241
ord1239
ord1264
ord1180
ord1233
ord2084
ord391
ord1152
ord1273
ord1271
ord1145
ord1076
ord1137
ord322
ord802
ord1088
ord794
ord589
ord4043
ord801

msvcr90

memset
memcpy
__clean_type_info_names_internal
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_except_handler4_common
_crt_debugger_hook
?terminate@@YAXXZ
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_encoded_null
_malloc_crt
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
__CxxFrameHandler3
calloc
ftell
ferror
fgetc
_wfopen
feof
_CxxThrowException
fseek
memcpy_s
??0exception@std@@QAE@ABQBD@Z
??1exception@std@@UAE@XZ
??0exception@std@@QAE@XZ
free
??0exception@std@@QAE@ABV01@@Z
_invalid_parameter_noinfo
_vsnwprintf
malloc
_wtoi
_wfopen_s
fread
strncpy_s
fclose
?what@exception@std@@UBEPBDXZ

kernel32

TerminateProcess
QueryPerformanceCounter
CreateFileW
CreateFileMappingW
MapViewOfFile
CloseHandle
UnmapViewOfFile
GetFileSize
lstrlenA
MultiByteToWideChar
GetCurrentThreadId
GetSystemTimeAsFileTime
GetTickCount
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
QueryPerformanceFrequency
InterlockedCompareExchange
Sleep
InterlockedExchange
LocalAlloc
LocalFree
GetCurrentProcessId

msvcp90

??0?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@H@Z
?getline@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PADH@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??_D?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ

Exports

Exports

GetObjectImpl

Sections

.text
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
bmf.dat
bmf.sld
mfc140chs.dll
mfc140cht.dll
mfc140deu.dll
mfc140enu.dll
mfc140esn.dll
mfc140fra.dll
mfc140ita.dll
mfc140jpn.dll
mfc140kor.dll
mfc140rus.dll
mfc140u.dll
mkd3kfnt.sys
msvcp140.dll
powapi.dll
powapi32.dll
.dll windows:5 windows x86 arch:x86

700ed081c655d4bbb17a4f84941bb78f

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:eb:98:08:f9:4a:36:6f:2c:44:5d:4a:d6:62:85:1b
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

24/06/2024, 00:00

Not After

22/06/2025, 23:59

Subject

SERIALNUMBER=110111-1138985,CN=AhnLab\, Inc.,O=AhnLab\, Inc.,L=Seongnam-si,ST=Gyeonggi-do,C=KR,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.1=#130b53656f6e676e616d2d7369,1.3.6.1.4.1.311.60.2.1.2=#130b4779656f6e6767692d646f,1.3.6.1.4.1.311.60.2.1.3=#13024b52

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0b:ae:66:bc:5a:ba:7f:95:87:c6:f9:e9:04:e3:33:04
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

26/09/2024, 00:00

Not After

25/11/2035, 23:59

Subject

CN=DigiCert Timestamp 2024,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

d7:67:35:9a:4a:b0:eb:fd:f6:bc:97:3e:f3:4a:78:2c:70:d7:06:94:00:68:4c:ad:db:4c:80:90:16:9a:3d:ce
Signer

Actual PE Digest

d7:67:35:9a:4a:b0:eb:fd:f6:bc:97:3e:f3:4a:78:2c:70:d7:06:94:00:68:4c:ad:db:4c:80:90:16:9a:3d:ce

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

u:\Product\AOS\SafeTransaction\1.0\Trunk\Build\X64Release\powapi32.pdb

Imports

mfc90u

ord6013
ord899
ord1599
ord4251
ord933
ord6170
ord2326
ord6514
ord1248
ord782
ord6693
ord2478
ord580
ord1603
ord799
ord6699
ord6697
ord4448
ord4423
ord6801
ord4173
ord6803
ord4747
ord2251
ord2206
ord6035
ord4179
ord1048
ord5548
ord6741
ord5830
ord4213
ord2087
ord3217
ord5674
ord5676
ord4347
ord4996
ord5663
ord6018
ord2771
ord2983
ord3112
ord4728
ord2966
ord3115
ord2774
ord2893
ord2764
ord4080
ord4081
ord4071
ord2891
ord4348
ord4905
ord4681
ord3670
ord612
ord935
ord1254
ord6166
ord814
ord2676
ord589
ord335
ord280
ord3729
ord5851
ord2447
ord4211
ord2694
ord813
ord286
ord1183
ord4043
ord266
ord265
ord794
ord3285
ord4405
ord811
ord2537
ord600
ord296
ord287
ord3220
ord285
ord1607
ord4519
ord6698
ord5680
ord605
ord1274
ord321
ord1241
ord1239
ord1264
ord1180
ord1233
ord2084
ord391
ord1152
ord1273
ord1271
ord1145
ord1076
ord1137
ord322
ord802
ord949
ord1088
ord801

msvcr90

__CxxFrameHandler3
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
?terminate@@YAXXZ
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_except_handler4_common
__clean_type_info_names_internal
wcschr
wcsncmp
strchr
_wtoi
memcpy
_purecall
memmove
_wmakepath_s
_wsplitpath_s
wcscpy_s
_snwprintf_s
_waccess
realloc
malloc
_wcsdup
free
wcsrchr
_vsnwprintf
_time64
strrchr
srand
_vsnprintf
rand
_wcslwr_s
wcsstr
wcstol
_wcsnicmp
memset
_vsnwprintf_s

kernel32

GetVersionExW
GetSystemInfo
GetCurrentProcess
GetModuleHandleW
HeapFree
GetProcessHeap
HeapAlloc
GetFullPathNameW
Sleep
GetSystemTimeAsFileTime
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
InterlockedCompareExchange
InterlockedExchange
Module32NextW
Module32FirstW
ProcessIdToSessionId
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
DeleteFileA
ReleaseMutex
GetCurrentThreadId
GetModuleHandleA
GetLocalTime
OpenMutexW
FindFirstFileA
GetSystemDirectoryA
GetFileAttributesW
GetFileAttributesA
WaitForSingleObject
MoveFileExW
MoveFileExA
CreateMutexW
GetFileSize
CreateFileA
IsBadReadPtr
LocalAlloc
OpenProcess
LocalFree
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
DeleteCriticalSection
lstrlenA
WideCharToMultiByte
MultiByteToWideChar
OutputDebugStringW
DeleteFileW
SetFilePointer
SetFileAttributesW
GetCurrentProcessId
WaitNamedPipeW
ReadFile
WriteFile
CloseHandle
SetNamedPipeHandleState
CreateFileW
GetTickCount
FindClose
FindFirstFileW
GetSystemDirectoryW
SetLastError
LoadLibraryW
FreeLibrary
GetLastError
lstrlenW
GetProcAddress

user32

GetSystemMetrics

advapi32

RegOpenKeyExW
RegQueryValueExW
LookupAccountNameW
GetLengthSid
GetSecurityInfo
IsValidAcl
GetAclInformation
GetAce
EqualSid
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
GetSecurityDescriptorDacl
GetFileSecurityA
SetFileSecurityA
SetFileSecurityW
RegOpenKeyExA
GetFileSecurityW
RegQueryValueExA
GetSecurityDescriptorControl
LookupAccountNameA
RegCloseKey
AddAccessAllowedAce
AddAce
InitializeAcl

ws2_32

WSAStartup

crypt32

CertCloseStore
CertFreeCertificateContext
CertFindCertificateInStore
CryptMsgGetParam
CryptQueryObject
CertGetNameStringW
CryptMsgClose

psapi

EnumProcesses
GetModuleFileNameExW
EnumProcessModules

Exports

Exports

GetFunctions

Sections

.text
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
vcruntime140.dll
$_0_/_Setup/ASTX_Common.nz
.7z
External/AHC/X64/msvcp90.dll.ahc
.cab
msvcp90.dll.ahf
External/AHC/X64/msvcr90.dll.ahc
.cab
External/AHC/X86/msvcp90.dll.ahc
.cab
External/AHC/X86/msvcr90.dll.ahc
.cab
External/AHC/product.dat.ahc
.cab
External/DB/defcfg.db
External/DB/ipcntry.db
External/DB/nzcmncfg.db
External/DB/nzdefcfg.db
External/DefPly/extraopn_ply.ui
.cab
External/DefPly/netizen_ply_default.ui
.cab
External/DefPly/ply_ver.ui
.cab
External/DefPly/starter_ply.ui
.cab
External/Product.dat
External/V3Prtect.dat
External/aos.sld
External/drvinfo_astx.ini
External/mupdate2.cfg
External/oss_notice.txt
External/tnnipprt.rul
External/tnnipsig.rul
Lib/Cert/astx.inf
Lib/Cert/ca.der
Lib/Cert/ca2.der
Lib/Cert/certadm.dll
.dll regsvr32 windows:5 windows x86 arch:x86

475373a28de2b34ec0aad2c6ceecdb9b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetUnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetModuleHandleA
GetProcAddress
WritePrivateProfileStringW
GetPrivateProfileStringW
FindFirstFileW
DeleteFileW
FindNextFileW
DisableThreadLibraryCalls
InitializeCriticalSection
VirtualFree
LocalAlloc
DeleteCriticalSection
LocalFree
GetModuleFileNameW
GetModuleHandleW
lstrcmpiW
GetCurrentProcess
InterlockedDecrement
InterlockedIncrement
GetCurrentThreadId
EnterCriticalSection
LeaveCriticalSection
GetLastError
lstrlenW
VirtualAlloc
GetVersionExW
SetLastError
CompareStringW
GetComputerNameExW
GetComputerNameW
Sleep
SystemTimeToFileTime
GetSystemTime
FindClose
FileTimeToSystemTime

msvcrt

_adjust_fdiv
_initterm
wcscat
wcscmp
_wtoi
wcschr
wcsrchr
wcstoul
_purecall
wcscpy
wcslen
??2@YAPAXI@Z
??3@YAXPAX@Z
free
malloc
_except_handler3
iswalpha
_wcsnicmp

atl

ord16
ord21
ord18
ord22
ord15
ord32

certcli

ord206
ord215
ord256
ord251
ord260
ord203
ord205
ord249
ord211
ord254
ord207

advapi32

RegEnumValueW
RegQueryInfoKeyW
RegConnectRegistryW
RegCreateKeyW
RegDeleteValueW
RegEnumKeyExW
RegDeleteKeyW
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey

user32

LoadStringW
wsprintfW

ole32

CoSetProxyBlanket
CoCreateInstanceEx
CoTaskMemAlloc
CoInitialize
CoInitializeEx
CoUninitialize
StringFromCLSID
CoTaskMemFree

oleaut32

SafeArrayPutElement
SafeArrayCreate
SafeArrayUnaccessData
SafeArrayAccessData
CreateErrorInfo
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayGetDim
SafeArrayGetLBound
SafeArrayGetUBound
SetErrorInfo
VariantInit
LoadRegTypeLi
VariantClear
SysStringByteLen
SysAllocStringByteLen
SysFreeString
SysAllocString

crypt32

CryptDecodeObjectEx

Exports

Exports

CertSrvBackupClose
CertSrvBackupEnd
CertSrvBackupFree
CertSrvBackupGetBackupLogsW
CertSrvBackupGetDatabaseNamesW
CertSrvBackupGetDynamicFileListW
CertSrvBackupOpenFileW
CertSrvBackupPrepareW
CertSrvBackupRead
CertSrvBackupTruncateLogs
CertSrvIsServerOnlineW
CertSrvRestoreEnd
CertSrvRestoreGetDatabaseLocationsW
CertSrvRestorePrepareW
CertSrvRestoreRegisterComplete
CertSrvRestoreRegisterThroughFile
CertSrvRestoreRegisterW
CertSrvServerControlW
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 62KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Lib/Cert/certutil_.exe
.exe windows:5 windows x86 arch:x86

af2f51620149dcae795d1a676646f834

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObject
CreateThread
SetConsoleMode
GetConsoleMode
GetFileType
GetStdHandle
SetLastError
GetProcAddress
GetModuleHandleW
lstrcmpiW
DeleteFileW
FormatMessageW
GetSystemDefaultLangID
DeleteCriticalSection
InitializeCriticalSection
GetLastError
LocalReAlloc
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
PulseEvent
OpenEventW
GetTickCount
GetTempFileNameW
GetEnvironmentVariableW
GetCurrentProcess
GetFileAttributesExW
ReadFile
SetFilePointer
GetFileSize
CreateFileW
GetComputerNameW
GetComputerNameExW
GetVersionExW
LeaveCriticalSection
SetConsoleCtrlHandler
EnterCriticalSection
GetModuleHandleA
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
TerminateProcess
GetExitCodeThread
GetProfileStringA
InterlockedDecrement
SetEvent
InterlockedIncrement
ResetEvent
CreateEventW
lstrlenW
GetWindowsDirectoryA
VirtualFree
VirtualAlloc
MultiByteToWideChar
WriteConsoleW
GetACP
WideCharToMultiByte
GetEnvironmentVariableA
FileTimeToLocalFileTime
CompareStringW
GetSystemInfo
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
GetCurrentThread
FoldStringW
CreateDirectoryW
RemoveDirectoryW
FindFirstFileW
FindNextFileW
FindClose
GetFullPathNameW
GetDateFormatW
GetTimeFormatW
LocalFileTimeToFileTime
FileTimeToSystemTime
LoadLibraryW
FreeLibrary
WriteFile
GetStartupInfoW
SetUnhandledExceptionFilter
CloseHandle
GetSystemTime
SystemTimeToFileTime
lstrcmpW
CompareFileTime
LocalAlloc
GetSystemTimeAsFileTime
LocalFree
LoadLibraryExW
GetFileAttributesW

msvcrt

_stricmp
exit
_wcmdln
__wgetmainargs
isdigit
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
_wtoi
swscanf
_strnicmp
iswdigit
_setmode
_wsetlocale
_except_handler3
wcscspn
_snwprintf
wcsstr
wcscmp
wcsspn
??3@YAXPAX@Z
sprintf
_wcsicmp
_iob
fflush
atol
strncmp
fclose
strcspn
wcslen
memmove
wcscat
wcscpy
wcschr
fseek
fputs
strstr
strchr
gmtime
_errno
vfwprintf
fwrite
ftell
fgetc
_wfopen
fgetws
free
malloc
fgets
fopen
_swab
qsort
_strlwr
fprintf
swprintf
wcsrchr
wcsncpy
_wcsnicmp
??2@YAPAXI@Z
_purecall
_ultow
_c_exit
_exit
_XcptFilter
_initterm
_cexit
_fgetwchar

advapi32

AddAce
InitializeAcl
GetAclInformation
GetAce
AddAccessAllowedAce
AddAccessDeniedAce
AddAccessAllowedObjectAce
AddAccessDeniedObjectAce
SetNamedSecurityInfoW
GetSecurityDescriptorDacl
LsaStorePrivateData
LsaRetrievePrivateData
RegConnectRegistryW
RegCreateKeyExW
IsValidSecurityDescriptor
GetSecurityDescriptorLength
LookupPrivilegeValueW
AdjustTokenPrivileges
CryptEnumProvidersA
CryptSignHashW
CryptSetProvParam
CryptDuplicateHash
CryptExportKey
LsaOpenPolicy
LsaFreeMemory
LsaClose
OpenThreadToken
LookupAccountNameW
CryptReleaseContext
RegOpenKeyW
RegEnumKeyExW
CryptVerifySignatureW
CryptGetDefaultProviderW
CryptGetKeyParam
CryptGetProvParam
RegDeleteValueW
RegDeleteKeyW
RegOpenKeyExW
RegCreateKeyW
RegEnumKeyW
RegEnumValueW
RegSetValueExW
RegQueryValueExW
RegCloseKey
OpenProcessToken
LookupAccountSidW
GetTokenInformation
GetLengthSid
CopySid
CryptSetKeyParam
CryptGenKey
CryptImportKey
CryptDecrypt
CryptDuplicateKey
CryptEncrypt
CryptHashData
CryptCreateHash
CryptGetHashParam
CryptDestroyHash
CryptGenRandom
CryptGetUserKey
CryptDestroyKey
ImpersonateSelf
RevertToSelf
CryptAcquireContextW

certadm

ord16
ord15
ord21
ord14
ord18
ord13
ord6
ord17
ord10
ord5
ord11
ord9
ord7
ord19
ord22
ord20
ord12
ord8

certcli

CAFindByCertType
ord256
ord218
CACountCertTypes
CAGetCAExpiration
CAGetCACertificate
CACountCAs
CAEnumFirstCA
ord217
CAUpdateCA
CASetCASecurity
CASetCACertificate
CASetCAFlags
CASetCAProperty
CACreateNewCA
ord247
ord210
ord203
ord260
ord215
ord205
ord253
ord255
ord252
ord208
ord211
ord246
ord223
ord225
ord254
ord207
ord242
CAAddCACertificateType
CARemoveCACertificateType
CAAccessCheck
CAFindByName
CAGetCAProperty
ord206
ord213
CACloseCertType
CAFreeCertTypeProperty
CAGetCertTypeProperty
CAFindCertTypeByName
ord258
CAFreeCertTypeExtensions
CAGetCertTypeExtensions
CAGetCertTypeExpiration
CAGetCertTypeKeySpec
CAGetCertTypePropertyEx
CAGetCertTypeFlagsEx
CAEnumNextCertType
CACertTypeAccessCheck
CAEnumCertTypes
CAEnumCertTypesForCA
CACloseCA
CAEnumNextCA
CAFreeCAProperty

comctl32

InitCommonControlsEx

comdlg32

CommDlgExtendedError
GetOpenFileNameW
GetSaveFileNameW

crypt32

CertDeleteCertificateFromStore
CertGetNameStringW
CertSaveStore
CertGetCertificateChain
CertFreeCertificateChain
CertCreateCTLContext
CertFreeCTLContext
CertDuplicateCertificateContext
CryptVerifyCertificateSignature
CertAddCertificateContextToStore
PFXIsPFXBlob
CryptMsgGetAndVerifySigner
CryptMsgControl
CryptMsgGetParam
CertGetCRLContextProperty
CryptHashPublicKeyInfo
CryptFindCertificateKeyProvInfo
CertAddEncodedCertificateToStore
CertEnumCertificatesInStore
CertGetPublicKeyLength
CryptAcquireCertificatePrivateKey
CryptFormatObject
CertCompareCertificateName
CryptDecodeObject
CertCreateCRLContext
CertEnumCTLsInStore
CertComparePublicKeyInfo
CryptExportPublicKeyInfo
CertGetCTLContextProperty
CertEnumCTLContextProperties
CertEnumCRLContextProperties
CertEnumCertificateContextProperties
CertAddCTLContextToStore
CertDeleteCRLFromStore
CertDuplicateCRLContext
CryptImportPublicKeyInfo
CertAddCRLContextToStore
CertVerifyRevocation
CertVerifyTimeValidity
CertVerifyCRLTimeValidity
CertVerifySubjectCertificateContext
CryptVerifyCertificateSignatureEx
CryptSignAndEncodeCertificate
CryptEncryptMessage
CryptFindOIDInfo
CryptDecryptMessage
PFXImportCertStore
CertStrToNameW
CertNameToStrW
CertGetEnhancedKeyUsage
CertVerifyCertificateChainPolicy
CertGetIntendedKeyUsage
CertAddCertificateLinkToStore
CertSetStoreProperty
PFXExportCertStore
PFXExportCertStoreEx
CryptMsgUpdate
CryptMsgOpenToDecode
CryptSignCertificate
CryptEncodeObjectEx
CryptDecodeObjectEx
CertEnumCRLsInStore
CertFreeCRLContext
CertFindCertificateInStore
CertSetCertificateContextProperty
CertOpenStore
CertCreateCertificateContext
CryptMsgClose
CertCloseStore
CertGetCertificateContextProperty
CertFreeCertificateContext
CertFindExtension
CertControlStore

cryptnet

CryptGetObjectUrl
CryptRetrieveObjectByUrlW

cryptui

CryptUIDlgViewCRLW
CryptUIDlgViewCertificateW
CryptUIDlgFreeCAContext
CryptUIDlgSelectCertificateW

gdi32

GetStockObject

netapi32

DsGetDcNameW
NetUserGetGroups
NetApiBufferFree

ntdll

_snprintf
isxdigit
__isascii
iswalpha
_wtol
iswxdigit
atoi
_alldiv
wcstoul
wcsncmp
sscanf
strspn
strpbrk
RtlTimeToSecondsSince1970
NtQuerySystemTime
_itoa
iswspace

ntdsapi

DsFreeNameResultW
DsUnBindW
DsCrackNamesW
DsBindW
DsGetDomainControllerInfoW
DsFreeDomainControllerInfoW

ole32

CoInitialize
CoCreateInstance
CoTaskMemFree
StringFromCLSID
CLSIDFromProgID
CoCreateInstanceEx
CoSetProxyBlanket
CoTaskMemAlloc
CoUninitialize

oleaut32

SysFreeString
SysStringByteLen
SysAllocStringByteLen
SysAllocString
VariantClear
SysAllocStringLen
VariantInit
SysStringLen
VariantTimeToSystemTime
SystemTimeToVariantTime
SetErrorInfo
CreateErrorInfo

rpcrt4

UuidCreate

secur32

GetComputerObjectNameW
TranslateNameW
GetUserNameExW

setupapi

SetupGetLineCountW
SetupGetIntField
SetupCloseInfFile
SetupGetStringFieldW
SetupGetFieldCount
SetupFindNextLine
SetupFindFirstLineW
SetupOpenInfFileW

user32

MessageBoxW
SendMessageW
LoadIconW
LoadCursorW
RegisterClassW
CreateWindowExW
EnableWindow
PostMessageW
GetMessageW
TranslateMessage
DispatchMessageW
DefWindowProcW
PostQuitMessage
wsprintfW
GetDlgItem
SetDlgItemTextW
SetCursor
SetDlgItemInt
CheckDlgButton
SendDlgItemMessageA
EndDialog
GetDlgItemInt
GetDlgItemTextW
IsDlgButtonChecked
DialogBoxParamW
CallWindowProcW
SetWindowTextW
UpdateWindow
GetWindowLongW
ShowWindow
SetWindowLongW
GetWindowTextW
SetFocus
LoadStringW

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

wininet

InternetCrackUrlW
InternetCreateUrlW
InternetCanonicalizeUrlW
InternetOpenW
InternetOpenUrlW
InternetCloseHandle
HttpQueryInfoW
FindNextUrlCacheEntryW
FindFirstUrlCacheEntryW
FindFirstUrlCacheGroup
DeleteUrlCacheGroup
FindNextUrlCacheGroup
FindCloseUrlCache
InternetQueryDataAvailable
InternetReadFile
GetUrlCacheEntryInfoW
DeleteUrlCacheEntryW

wldap32

ord113
ord224
ord140
ord79
ord142
ord167
ord147
ord127
ord41
ord27
ord26
ord36
ord210
ord155
ord65
ord208
ord73
ord14
ord145
ord13
ord203
ord12
ord18
ord16

winscard

SCardFreeMemory
SCardGetStatusChangeW
SCardListReadersW
SCardEstablishContext
SCardListCardsW
SCardGetCardTypeProviderNameW
SCardReleaseContext

Sections

.text
Size: 437KB - Virtual size: 436KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 97KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Lib/Cert/nss/certutil.exe
.exe windows:6 windows x86 arch:x86

e3a088f00827d99d5fe555c4e7139852

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

nssutil3

PORT_Free_Util
PORT_Strdup_Util
PORT_SetError_Util
PORT_GetError_Util
PORT_NewArena_Util
PORT_FreeArena_Util
PORT_ArenaAlloc_Util
PORT_ArenaZAlloc_Util
SECOID_AddEntry_Util
CERT_GenTime2FormattedAscii_Util
DER_GeneralizedTimeToTime_Util
DER_UTCTimeToTime_Util
ATOB_ConvertAsciiToItem_Util
NSS_Get_SEC_GeneralizedTimeTemplate_Util
SEC_QuickDERDecodeItem_Util
SECOID_FindOID_Util
SECITEM_ReallocItemV2
NSS_Get_SECOID_AlgorithmIDTemplate_Util
DER_GetInteger_Util
SEC_ASN1Decode_Util
ATOB_AsciiToData_Util
DER_AsciiToTime_Util
SEC_ASN1DecodeItem_Util
SECOID_GetAlgorithmTag_Util
SECOID_SetAlgorithmID_Util
SECOID_FindOIDTag_Util
BTOA_ConvertItemToAscii_Util
BTOA_DataToAscii_Util
SECITEM_ZfreeItem_Util
SECITEM_CompareItem_Util
SECITEM_AllocItem_Util
PORT_DestroyCheapArena
PORT_InitCheapArena
PORT_ZAlloc_Util
PORT_Realloc_Util
PORT_Alloc_Util
NSS_Get_SEC_IA5StringTemplate_Util
SEC_ASN1EncodeInteger_Util
SEC_ASN1EncodeItem_Util
SEC_StringToOID
SECOID_FindOIDByTag_Util
SECITEM_FreeItem_Util
SECITEM_CopyItem_Util
PORT_ArenaStrdup_Util
PORT_ArenaRelease_Util
PORT_ArenaMark_Util
PORT_ArenaGrow_Util
NSS_Get_SEC_ObjectIDTemplate_Util

ssl3

SSL_OptionSetDefault

smime3

CERT_DecodeCertFromPackage

nss3

PK11_ImportCert
PK11_ListCerts
PK11_ListCertsInSlot
PK11_GetSlotFromPrivateKey
PK11_ReadRawAttribute
PK11_GetLowLevelKeyIDForPrivateKey
CERT_CreateValidity
CERT_DestroyValidity
CERT_CreateCertificate
CERT_DestroyCertificate
CERT_CreateCertificateRequest
CERT_DestroyCertificateRequest
CERT_StartCertificateRequestAttributes
CERT_FinishCertificateRequestAttributes
CERT_GetCertificateRequestExtensions
CERT_GetCertKeyType
CERT_GetDefaultCertDB
CERT_FindCertByDERCert
CERT_EncodeUserNotice
CERT_FindCertByNicknameOrEmailAddrCX
CERT_VerifySignedDataWithPublicKeyInfo
CERT_VerifyCertificate
CERT_GetCertEmailAddress
CERT_GetCommonName
CERT_GetCountryName
CERT_GetStateName
CERT_GetOrgName
CERT_ChangeCertTrust
CERT_StartCertExtensions
CERT_FinishExtensions
CERT_MergeExtensions
CERT_CertChainFromCert
CERT_DestroyCertificateList
CERT_DecodeTrustString
CERT_SaveSMimeProfile
CERT_DestroyCertList
CERT_CreateSubjectCertList
SEC_DerSignDataWithAlgorithmID
SEC_GetSignatureAlgorithmOidTag
SEC_CreateSignatureAlgorithmParameters
SEC_DeletePermCertificate
NSS_Initialize
NSS_InitWithMerge
NSS_Shutdown
PK11_RandomUpdate
PK11_GenerateKeyPairWithOpFlags
PK11_GetCertFromPrivateKey
NSS_Get_SECKEY_RSAPSSParamsTemplate
SECKEY_CreateSubjectPublicKeyInfo
SEC_PKCS5IsAlgorithmPBEAlgTag
CERT_NameToAscii
CERT_GetOidString
CERT_Hexify
CERT_NewTempCertificate
CERT_GetCertTrust
CERT_DestroyOidSequence
CERT_DecodeBasicConstraintValue
CERT_DecodeAuthKeyID
CERT_DecodeCRLDistributionPoints
CERT_DecodeOidSequence
CERT_DecodeAltNameExtension
CERT_DecodeNameConstraintsExtension
CERT_DecodeAuthInfoAccessExtension
CERT_GetNextGeneralName
CERT_GetNextNameConstraint
PK11_GetFirstSafe
PK11_GetNextSafe
PK11_CheckUserPassword
PK11_ChangePW
PK11_ProtectedAuthenticationPath
PK11_IsFIPS
PK11_FindCertInSlot
PK11_HasAttributeSet
PK11_HashBuf
PK11_GetAllSlotsForCert
CERT_DestroyCertificatePoliciesExtension
CERT_DecodeUserNotice
CERT_DecodePrivKeyUsagePeriodExtension
CERT_DestroyUserNotice
CERT_EncodeInfoAccessExtension
PK11_FindCertsFromEmailAddress
PK11_FindCertFromNickname
PK11_ListPrivateKeysInSlot
PK11_ListPrivKeysInSlot
PK11_FindKeyByDERCert
PK11_FindKeyByKeyID
PK11_FindKeyByAnyCert
__PK11_SetCertificateNickname
PK11_GetPrivateKeyNickname
PK11_DeleteTokenCertAndKey
PK11_DeleteTokenPrivateKey
PK11_DestroyMergeLog
PK11_CreateMergeLog
PK11_MergeTokens
SECMOD_CloseUserDB
SECMOD_OpenUserDB
PK11_GetAllTokens
PK11_IsPresent
PK11_NeedUserInit
PK11_IsRemovable
PK11_IsFriendly
PK11_NeedLogin
PK11_GetSlotName
PK11_GetTokenURI
PK11_GetTokenName
PK11_IsInternal
PK11_FindSlotByName
PK11_Authenticate
PK11_ResetToken
PK11_SetPasswordFunc
PK11_InitPin
PK11_IsLoggedIn
PK11_GetInternalKeySlot
PK11_FreeSlot
PK11_FreeSlotList
SECKEY_DestroyPrivateKeyList
SECKEY_GetPrivateKeyType
SECKEY_DestroyPublicKey
SECKEY_DestroyPrivateKey
CERT_EncodePolicyMappingExtension
CERT_EncodeInhibitAnyExtension
CERT_EncodePolicyConstraintsExtension
CERT_GetGeneralNameTypeFromString
CERT_EncodeCRLDistributionPoints
CERT_EncodeAuthKeyID
CERT_EncodeBasicConstraintValue
CERT_EncodeAltNameExtension
CERT_EncodeAndAddBitStrExtension
CERT_AddExtensionByOID
CERT_AddExtension
CERT_EncodeSubjectKeyID
CERT_DestroyName
CERT_CopyName
CERT_CopyRDN
CERT_AsciiToName
SECKEY_ConvertToPublicKey
SECKEY_DestroySubjectPublicKeyInfo
NSS_Get_CERT_SignedDataTemplate
NSS_Get_CERT_CertificateTemplate
NSS_Get_CERT_CertificateRequestTemplate
CERT_EncodeNameConstraintsExtension
CERT_EncodeNoticeReference
SECKEY_ExtractPublicKey
CERT_EncodeCertPoliciesExtension
CERT_FindCertByNicknameOrEmailAddr

libnspr4

PR_GetOpenFileInfo
PR_Close
PR_snprintf
PR_StringToNetAddr
PR_GetError
PR_GetOSError
PR_ErrorToString
PR_Now
PR_ExplodeTime
PR_ImplodeTime
PR_GMTParameters
PR_GetSpecialFD
PR_IsNetAddrType
PR_NetAddrToString
PR_GetEnvSecure
PR_FormatTime
PR_ErrorToName
PR_GetErrorText
PR_GetErrorTextLength
PR_Open
PR_Read
PR_fprintf
PR_smprintf_free
PR_smprintf
PR_Cleanup
PR_Init
PR_Write

libplc4

PL_strfree
PL_strndup
PL_strncasecmp
PL_strlen
PL_strdup
PL_strcmp
PL_CreateLongOptState
PL_DestroyOptState
PL_GetNextOpt

libplds4

PL_ArenaFinish

kernel32

UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetModuleHandleW
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent

vcruntime140

__current_exception_context
strstr
strchr
memcpy
strrchr
_except_handler4_common
memset
__current_exception

api-ms-win-crt-stdio-l1-1-0

puts
__stdio_common_vfprintf
fclose
__stdio_common_vsprintf
_fileno
_isatty
__acrt_iob_func
__p__commode
fputs
getc
_set_fmode
fopen
fgets
fflush

api-ms-win-crt-string-l1-1-0

tolower
isprint
isspace
strpbrk
strncpy
strncmp

api-ms-win-crt-convert-l1-1-0

strtol

api-ms-win-crt-runtime-l1-1-0

_configure_narrow_argv
_set_app_type
__p___argv
_get_initial_narrow_environment
_exit
strerror
_c_exit
_register_thread_local_exe_atexit_callback
_errno
_initialize_narrow_environment
_initterm_e
exit
_initterm
_cexit
terminate
_seh_filter_exe
_controlfp_s
__p___argc
_crt_atexit
_initialize_onexit_table
_register_onexit_function

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

api-ms-win-crt-heap-l1-1-0

_set_new_mode

api-ms-win-crt-conio-l1-1-0

_getch

Sections

.text
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Lib/Cert/nss/freebl3.dll
.dll windows:5 windows x86 arch:x86

2eeccde7045497286a94c3da73129103

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

SystemFunction036

libnspr4

PR_DestroyLock
PR_Lock
PR_Unlock
PR_GetEnvSecure
PR_NewLock
PR_DestroyCondVar
PR_WaitCondVar
PR_NotifyCondVar
PR_NotifyAllCondVar
PR_CallOnce
PR_NewCondVar

nssutil3

PORT_Alloc_Util
PORT_Free_Util
PORT_ZFree_Util
PORT_SetError_Util
PORT_NewArena_Util
PORT_FreeArena_Util
PORT_ArenaZAlloc_Util
PORT_ZAlloc_Util
SECITEM_CompareItem_Util
PORT_ZAllocAlignedOffset_Util
NSS_SecureMemcmpZero
NSS_SecureMemcmp
SECOID_FindOIDTag_Util
PORT_ArenaAlloc_Util
SECITEM_ZfreeItem_Util
SECITEM_FreeItem_Util
PORT_GetError_Util
SECITEM_CopyItem_Util
SECITEM_AllocItem_Util

kernel32

IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsProcessorFeaturePresent
GetComputerNameA
GlobalMemoryStatus
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
QueryPerformanceCounter
GetVolumeInformationA
GetLogicalDrives
GetDiskFreeSpaceA

vcruntime140

memcpy
__std_type_info_destroy_list
_except_handler4_common
memset

api-ms-win-crt-heap-l1-1-0

malloc
calloc
free

api-ms-win-crt-string-l1-1-0

_strdup

api-ms-win-crt-runtime-l1-1-0

_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initialize_onexit_table
abort
_execute_onexit_table
_initialize_narrow_environment
_cexit
_initterm

api-ms-win-crt-utility-l1-1-0

rand

api-ms-win-crt-time-l1-1-0

_time64

Exports

Exports

FREEBL_GetVector

Sections

.text
Size: 405KB - Virtual size: 405KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 129KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Lib/Cert/nss/libnspr4.dll
.dll windows:6 windows x86 arch:x86

eaccc938d8fcf88d70d208c8ed4a50d4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

OpenProcessToken
AddAccessAllowedAce
AllocateAndInitializeSid
CopySid
FreeSid
GetLengthSid
GetTokenInformation
InitializeAcl
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner

ws2_32

__WSAFDIsSet
gethostname
socket
listen
getsockopt
getsockname
ioctlsocket
bind
accept
getprotobyname
getprotobynumber
gethostbyname
gethostbyaddr
ntohs
ntohl
htons
htonl
WSAGetLastError
closesocket
getpeername
recv
recvfrom
select
send
sendto
setsockopt
shutdown
WSAStartup
WSASetLastError
WSACleanup
connect

mswsock

AcceptEx
GetAcceptExSockaddrs
TransmitFile

winmm

timeGetTime

kernel32

InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
OpenFileMappingA
GetTickCount
QueryPerformanceCounter
OpenSemaphoreA
SetThreadAffinityMask
ConvertThreadToFiber
CreateFiber
SwitchToFiber
GetProcessAffinityMask
TlsFree
TlsAlloc
ResumeThread
SuspendThread
SetThreadPriority
GetCurrentThread
CreateEventA
SetLastError
RaiseException
DuplicateHandle
IsDebuggerPresent
MoveFileA
GetLogicalDriveStringsA
lstrlenA
DeleteFiber
WaitForMultipleObjects
Sleep
ResetEvent
CancelIo
GetOverlappedResult
PostQueuedCompletionStatus
ReadFile
GetLastError
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
DebugBreak
OutputDebugStringA
TlsGetValue
TlsSetValue
WideCharToMultiByte
FreeLibrary
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetProcAddress
LoadLibraryExW
MultiByteToWideChar
GetSystemInfo
GlobalMemoryStatusEx
CloseHandle
CreatePipe
GetStdHandle
TryEnterCriticalSection
GetEnvironmentStrings
FreeEnvironmentStringsA
FlushFileBuffers
WaitForSingleObject
TerminateProcess
GetExitCodeProcess
CreateProcessA
GetSystemTime
GetVersionExA
MapViewOfFile
FlushViewOfFile
UnmapViewOfFile
FormatMessageA
CreateFileMappingA
SystemTimeToFileTime
GetCurrentProcess
ReleaseSemaphore
CreateSemaphoreA
GetThreadContext
CreateDirectoryA
CreateFileA
DeleteFileA
FindClose
FindFirstFileA
FindNextFileA
GetDriveTypeA
GetFileAttributesExA
GetFileInformationByHandle
LockFileEx
RemoveDirectoryA
SetFilePointer
UnlockFileEx
WriteFile
GetVolumeInformationA
GetHandleInformation
SetHandleInformation
SetErrorMode
CreateIoCompletionPort
GetQueuedCompletionStatus

vcruntime140

memset
memcpy
__std_type_info_destroy_list
_except_handler4_common
memmove
strstr
strrchr
memchr
strchr

api-ms-win-crt-convert-l1-1-0

strtoul
strtol
atoi

api-ms-win-crt-runtime-l1-1-0

_initterm
exit
_initialize_onexit_table
__fpe_flt_rounds
_errno
strerror
_initialize_narrow_environment
_configure_narrow_argv
abort
_seh_filter_dll
_cexit
_initterm_e
_execute_onexit_table
_endthreadex
_beginthreadex
_exit

api-ms-win-crt-stdio-l1-1-0

setvbuf
fflush
__stdio_common_vsprintf
fclose
fwrite
fopen
__stdio_common_vfprintf
__acrt_iob_func
__stdio_common_vsscanf

api-ms-win-crt-heap-l1-1-0

free
realloc
calloc
malloc

api-ms-win-crt-string-l1-1-0

_stricmp
isspace
isdigit
_strdup
strncmp
strpbrk
isalpha
tolower

api-ms-win-crt-environment-l1-1-0

getenv
__p__environ
_putenv

api-ms-win-crt-time-l1-1-0

_mktime64
strftime
_time64
_localtime64_s

api-ms-win-crt-utility-l1-1-0

qsort

api-ms-win-crt-filesystem-l1-1-0

_stat64i32
_access

api-ms-win-crt-multibyte-l1-1-0

_mbsinc
_mbsdec

Exports

Exports

GetExecutionEnvironment
LL_MaxInt
LL_MaxUint
LL_MinInt
LL_Zero
PRP_DestroyNakedCondVar
PRP_NakedBroadcast
PRP_NakedNotify
PRP_NakedWait
PRP_NewNakedCondVar
PRP_TryLock
PR_Abort
PR_Accept
PR_AcceptRead
PR_Access
PR_AddToCounter
PR_AddWaitFileDesc
PR_AllocFileDesc
PR_Assert
PR_AssertCurrentThreadInMonitor
PR_AssertCurrentThreadOwnsLock
PR_AtomicAdd
PR_AtomicDecrement
PR_AtomicIncrement
PR_AtomicSet
PR_AttachSharedMemory
PR_AttachThread
PR_AttachThreadGCAble
PR_Available
PR_Available64
PR_Bind
PR_BlockClockInterrupts
PR_BlockInterrupt
PR_CEnterMonitor
PR_CExitMonitor
PR_CNotify
PR_CNotifyAll
PR_CSetOnMonitorRecycle
PR_CWait
PR_CallOnce
PR_CallOnceWithArg
PR_Calloc
PR_CancelJob
PR_CancelWaitFileDesc
PR_CancelWaitGroup
PR_CeilingLog2
PR_ChangeFileDescNativeHandle
PR_Cleanup
PR_ClearInterrupt
PR_ClearThreadGCAble
PR_Close
PR_CloseDir
PR_CloseFileMap
PR_CloseSemaphore
PR_CloseSharedMemory
PR_Connect
PR_ConnectContinue
PR_ConvertIPv4AddrToIPv6
PR_CreateAlarm
PR_CreateCounter
PR_CreateFileMap
PR_CreateIOLayer
PR_CreateIOLayerStub
PR_CreateMWaitEnumerator
PR_CreateOrderedLock
PR_CreatePipe
PR_CreateProcess
PR_CreateProcessDetached
PR_CreateSocketPollFd
PR_CreateStack
PR_CreateThread
PR_CreateThreadGCAble
PR_CreateThreadPool
PR_CreateTrace
PR_CreateWaitGroup
PR_DecrementCounter
PR_Delete
PR_DeleteSemaphore
PR_DeleteSharedMemory
PR_DestroyAlarm
PR_DestroyCondVar
PR_DestroyCounter
PR_DestroyLock
PR_DestroyMWaitEnumerator
PR_DestroyMonitor
PR_DestroyOrderedLock
PR_DestroyPollableEvent
PR_DestroyProcessAttr
PR_DestroyRWLock
PR_DestroySem
PR_DestroySocketPollFd
PR_DestroyStack
PR_DestroyTrace
PR_DestroyWaitGroup
PR_DetachProcess
PR_DetachSharedMemory
PR_DetachThread
PR_DisableClockInterrupts
PR_DuplicateEnvironment
PR_EmulateAcceptRead
PR_EmulateSendFile
PR_EnableClockInterrupts
PR_EnterMonitor
PR_EnumerateAddrInfo
PR_EnumerateHostEnt
PR_EnumerateThreads
PR_EnumerateWaitGroup
PR_ErrorInstallCallback
PR_ErrorInstallTable
PR_ErrorLanguages
PR_ErrorToName
PR_ErrorToString
PR_ExitMonitor
PR_ExplodeTime
PR_ExportFileMapAsString
PR_FD_CLR
PR_FD_ISSET
PR_FD_NCLR
PR_FD_NISSET
PR_FD_NSET
PR_FD_SET
PR_FD_ZERO
PR_FileDesc2NativeHandle
PR_FindFunctionSymbol
PR_FindFunctionSymbolAndLibrary
PR_FindNextCounterQname
PR_FindNextCounterRname
PR_FindNextTraceQname
PR_FindNextTraceRname
PR_FindSymbol
PR_FindSymbolAndLibrary
PR_FloorLog2
PR_FormatTime
PR_FormatTimeUSEnglish
PR_Free
PR_FreeAddrInfo
PR_FreeFileDesc
PR_FreeLibraryName
PR_GMTParameters
PR_GetAddrInfoByName
PR_GetCanonNameFromAddrInfo
PR_GetConnectStatus
PR_GetCounter
PR_GetCounterHandleFromName
PR_GetCounterNameFromHandle
PR_GetCurrentThread
PR_GetDefaultIOMethods
PR_GetDescType
PR_GetDirectorySeparator
PR_GetDirectorySepartor
PR_GetEnv
PR_GetEnvSecure
PR_GetError
PR_GetErrorText
PR_GetErrorTextLength
PR_GetFileInfo
PR_GetFileInfo64
PR_GetFileMethods
PR_GetGCRegisters
PR_GetHostByAddr
PR_GetHostByName
PR_GetIPNodeByName
PR_GetIdentitiesLayer
PR_GetInheritedFD
PR_GetInheritedFileMap
PR_GetLayersIdentity
PR_GetLibraryFilePathname
PR_GetLibraryName
PR_GetLibraryPath
PR_GetMemMapAlignment
PR_GetMonitorEntryCount
PR_GetNameForIdentity
PR_GetNumberOfProcessors
PR_GetOSError
PR_GetOpenFileInfo
PR_GetOpenFileInfo64
PR_GetPageShift
PR_GetPageSize
PR_GetPathSeparator
PR_GetPeerName
PR_GetPhysicalMemorySize
PR_GetPipeMethods
PR_GetPrefLoopbackAddrInfo
PR_GetProtoByName
PR_GetProtoByNumber
PR_GetRandomNoise
PR_GetSP
PR_GetSockName
PR_GetSocketOption
PR_GetSpecialFD
PR_GetStackSpaceLeft
PR_GetSysfdTableMax
PR_GetSystemInfo
PR_GetTCPMethods
PR_GetThreadAffinityMask
PR_GetThreadID
PR_GetThreadName
PR_GetThreadPriority
PR_GetThreadPrivate
PR_GetThreadScope
PR_GetThreadState
PR_GetThreadType
PR_GetTraceEntries
PR_GetTraceHandleFromName
PR_GetTraceNameFromHandle
PR_GetTraceOption
PR_GetUDPMethods
PR_GetUniqueIdentity
PR_GetVersion
PR_ImplodeTime
PR_ImportFile
PR_ImportFileMapFromString
PR_ImportPipe
PR_ImportTCPSocket
PR_ImportUDPSocket
PR_IncrementCounter
PR_Init
PR_Initialize
PR_InitializeNetAddr
PR_Initialized
PR_Interrupt
PR_IntervalNow
PR_IntervalToMicroseconds
PR_IntervalToMilliseconds
PR_IntervalToSeconds
PR_IsNetAddrType
PR_JoinJob
PR_JoinThread
PR_JoinThreadPool
PR_KillProcess
PR_Listen
PR_LoadLibrary
PR_LoadLibraryWithFlags
PR_LoadStaticLibrary
PR_LocalTimeParameters
PR_Lock
PR_LockFile
PR_LockOrderedLock
PR_LogFlush
PR_LogPrint
PR_MakeDir
PR_Malloc
PR_MemMap
PR_MemUnmap
PR_MicrosecondsToInterval
PR_MillisecondsToInterval
PR_MkDir
PR_NTFast_Accept
PR_NTFast_AcceptRead
PR_NTFast_AcceptRead_WithTimeoutCallback
PR_NTFast_UpdateAcceptContext
PR_NT_CancelIo
PR_NetAddrToString
PR_NewCondVar
PR_NewLock
PR_NewLogModule
PR_NewMonitor
PR_NewNamedMonitor
PR_NewPollableEvent
PR_NewProcessAttr
PR_NewRWLock
PR_NewSem
PR_NewTCPSocket
PR_NewTCPSocketPair
PR_NewThreadPrivateIndex
PR_NewUDPSocket
PR_NormalizeTime
PR_Notify
PR_NotifyAll
PR_NotifyAllCondVar
PR_NotifyCondVar
PR_Now
PR_Open
PR_OpenAnonFileMap
PR_OpenDir
PR_OpenFile
PR_OpenSemaphore
PR_OpenSharedMemory
PR_OpenTCPSocket
PR_OpenUDPSocket
PR_ParseTimeString
PR_ParseTimeStringToExplodedTime
PR_Poll
PR_PopIOLayer
PR_PostSem
PR_PostSemaphore
PR_ProcessAttrSetCurrentDirectory
PR_ProcessAttrSetInheritableFD
PR_ProcessAttrSetInheritableFileMap
PR_ProcessAttrSetStdioRedirect
PR_ProcessExit
PR_PushIOLayer
PR_QueueJob
PR_QueueJob_Accept
PR_QueueJob_Connect
PR_QueueJob_Read
PR_QueueJob_Timer
PR_QueueJob_Write
PR_RWLock_Rlock
PR_RWLock_Unlock
PR_RWLock_Wlock
PR_Read
PR_ReadDir
PR_Realloc
PR_RecordTraceEntries
PR_Recv
PR_RecvFrom
PR_Rename
PR_ResetAlarm
PR_ResetProcessAttr
PR_ResumeAll
PR_RmDir
PR_ScanStackPointers
PR_SecondsToInterval
PR_Seek
PR_Seek64
PR_Select
PR_Send
PR_SendFile
PR_SendTo
PR_SetAlarm
PR_SetCPUAffinityMask
PR_SetConcurrency
PR_SetCounter
PR_SetCurrentThreadName
PR_SetEnv
PR_SetError
PR_SetErrorText
PR_SetFDCacheSize
PR_SetFDInheritable
PR_SetLibraryPath
PR_SetLogBuffering
PR_SetLogFile
PR_SetNetAddr
PR_SetPollableEvent
PR_SetSocketOption
PR_SetStdioRedirect
PR_SetSysfdTableSize
PR_SetThreadAffinityMask
PR_SetThreadDumpProc
PR_SetThreadGCAble
PR_SetThreadPriority
PR_SetThreadPrivate
PR_SetThreadRecycleMode
PR_SetTraceOption
PR_ShowStatus
PR_Shutdown
PR_ShutdownThreadPool
PR_Sleep
PR_Socket
PR_StackPop
PR_StackPush
PR_Stat
PR_StringToNetAddr
PR_SubtractFromCounter
PR_SuspendAll
PR_Sync
PR_SyncMemMap
PR_TLockFile
PR_TestAndEnterMonitor
PR_TestAndLock
PR_ThreadScanStackPointers
PR_TicksPerSecond
PR_Trace
PR_TransmitFile
PR_USPacificTimeParameters
PR_UnblockClockInterrupts
PR_UnblockInterrupt
PR_UnloadLibrary
PR_Unlock
PR_UnlockFile
PR_UnlockOrderedLock
PR_VersionCheck
PR_Wait
PR_WaitCondVar
PR_WaitForPollableEvent
PR_WaitProcess
PR_WaitRecvReady
PR_WaitSem
PR_WaitSemaphore
PR_Write
PR_Writev
PR_Yield
PR_cnvtf
PR_dtoa
PR_fprintf
PR_htonl
PR_htonll
PR_htons
PR_ntohl
PR_ntohll
PR_ntohs
PR_smprintf
PR_smprintf_free
PR_snprintf
PR_sprintf_append
PR_sscanf
PR_strtod
PR_sxprintf
PR_vfprintf
PR_vsmprintf
PR_vsnprintf
PR_vsprintf_append
PR_vsxprintf
PT_FPrintStats
SetExecutionEnvironment
_PR_AddSleepQ
_PR_CreateThread
_PR_DelSleepQ
_PR_GetPrimordialCPU
_PR_NativeCreateThread
_pr_push_ipv6toipv4_layer
_pr_test_ipv6_socket
libVersionPoint

Sections

.text
Size: 158KB - Virtual size: 157KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 760B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Lib/Cert/nss/libplc4.dll
.dll windows:6 windows x86 arch:x86

ffcaaeb2ca285859220a06a68888322c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

libnspr4

PR_SetError
PR_Calloc
PR_ErrorToName
PR_GetOSError
PR_GetError
PR_fprintf
PR_GetSpecialFD
PR_Free
PR_Malloc

kernel32

IsProcessorFeaturePresent
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
TerminateProcess

vcruntime140

strchr
strstr
__std_type_info_destroy_list
memcpy
strrchr
memset
_except_handler4_common

api-ms-win-crt-heap-l1-1-0

malloc
free

api-ms-win-crt-string-l1-1-0

strncmp
strpbrk

api-ms-win-crt-runtime-l1-1-0

_cexit
_execute_onexit_table
_initterm
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm_e

Exports

Exports

PL_Base64Decode
PL_Base64Encode
PL_CreateLongOptState
PL_CreateOptState
PL_DestroyOptState
PL_FPrintError
PL_GetNextOpt
PL_PrintError
PL_strcasecmp
PL_strcaserstr
PL_strcasestr
PL_strcat
PL_strcatn
PL_strchr
PL_strcmp
PL_strcpy
PL_strdup
PL_strfree
PL_strlen
PL_strncasecmp
PL_strncaserstr
PL_strncasestr
PL_strncat
PL_strnchr
PL_strncmp
PL_strncpy
PL_strncpyz
PL_strndup
PL_strnlen
PL_strnpbrk
PL_strnprbrk
PL_strnrchr
PL_strnrstr
PL_strnstr
PL_strpbrk
PL_strprbrk
PL_strrchr
PL_strrstr
PL_strstr
PL_strtok_r
libVersionPoint

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 752B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 520B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Lib/Cert/nss/libplds4.dll
.dll windows:6 windows x86 arch:x86

668bf70d23e574e0a079effa6f3b2010

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

libnspr4

PR_CeilingLog2
PR_Free
PR_Malloc

kernel32

TerminateProcess
GetCurrentProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter

vcruntime140

_except_handler4_common
memcpy
__std_type_info_destroy_list
memset

api-ms-win-crt-runtime-l1-1-0

_cexit
_seh_filter_dll
_initterm
_initterm_e
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_execute_onexit_table

Exports

Exports

PL_ArenaAllocate
PL_ArenaFinish
PL_ArenaGrow
PL_ArenaRelease
PL_ClearArenaPool
PL_CompactArenaPool
PL_CompareStrings
PL_CompareValues
PL_FinishArenaPool
PL_FreeArenaPool
PL_HashString
PL_HashTableAdd
PL_HashTableDestroy
PL_HashTableDump
PL_HashTableEnumerateEntries
PL_HashTableLookup
PL_HashTableLookupConst
PL_HashTableRawAdd
PL_HashTableRawLookup
PL_HashTableRawLookupConst
PL_HashTableRawRemove
PL_HashTableRemove
PL_InitArenaPool
PL_NewHashTable
PL_SizeOfArenaPoolExcludingPool
libVersionPoint

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 992B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 760B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 392B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Lib/Cert/nss/nss3.dll
.dll windows:5 windows x86 arch:x86

2175058d14060be7ee377c7ec2c8f1d4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
GetCurrentProcess
TerminateProcess

vcruntime140

__std_type_info_destroy_list
memset
_except_handler4_common
strrchr
memmove
strstr
strchr
memcpy

api-ms-win-crt-runtime-l1-1-0

_cexit
_execute_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initterm
_initialize_onexit_table

api-ms-win-crt-string-l1-1-0

tolower
strncpy
isspace
strncmp
isdigit

api-ms-win-crt-convert-l1-1-0

strtol
atoi

api-ms-win-crt-stdio-l1-1-0

fflush
fclose
__acrt_iob_func
__stdio_common_vfprintf
fopen

api-ms-win-crt-utility-l1-1-0

qsort

libnspr4

PR_CallOnce
PR_smprintf
PR_smprintf_free
PR_NewLock
PR_DestroyLock
PR_Lock
PR_Unlock
PR_NewCondVar
PR_WaitCondVar
PR_NotifyCondVar
PR_NotifyAllCondVar
PR_Now
PR_TicksPerSecond
PR_SecondsToInterval
PR_Close
PR_Write
PR_NewTCPSocket
PR_Connect
PR_Recv
PR_snprintf
PR_StringToNetAddr
PR_GetHostByName
PR_EnumerateHostEnt
PR_InitializeNetAddr
PR_NewMonitor
PR_DestroyMonitor
PR_EnterMonitor
PR_ExitMonitor
PR_IntervalNow
PR_GetEnvSecure
PR_CallOnceWithArg
PR_Sleep
PR_SetErrorText
PR_htonll
PR_SetEnv
PR_IntervalToSeconds
PR_IntervalToMilliseconds
PR_IntervalToMicroseconds
PR_LoadLibrary
PR_LoadLibraryWithFlags
PR_UnloadLibrary
PR_FindSymbol
PR_NewLogModule
PR_LogPrint
PR_NetAddrToString
PR_ConvertIPv4AddrToIPv6
PR_htonl
PR_DestroyCondVar
PR_GetCurrentThread
PR_NewThreadPrivateIndex
PR_SetThreadPrivate
PR_GetThreadPrivate
PR_Calloc
PR_Free

libplc4

PL_strncasecmp
PL_Base64Encode
PL_strncpyz
PL_strcatn
PL_strlen
PL_strcasecmp

libplds4

PL_NewHashTable
PL_HashTableDestroy
PL_HashTableAdd
PL_HashTableRemove
PL_HashTableLookup
PL_CompareValues
PL_HashTableEnumerateEntries
PL_InitArenaPool
PL_FinishArenaPool
PL_ArenaAllocate
PL_ArenaRelease
PL_HashString
PL_CompareStrings

nssutil3

PORT_Alloc_Util
PORT_Realloc_Util
PORT_ZAlloc_Util
PORT_Free_Util
PORT_ZFree_Util
PORT_Strdup_Util
PORT_SetError_Util
PORT_GetError_Util
PORT_NewArena_Util
PORT_FreeArena_Util
PORT_ArenaAlloc_Util
PORT_ArenaZAlloc_Util
PORT_ArenaGrow_Util
PORT_ArenaMark_Util
PORT_ArenaRelease_Util
PORT_ArenaUnmark_Util
PORT_ArenaStrdup_Util
PORT_SetUCS4_UTF8ConversionFunction_Util
PORT_SetUCS2_ASCIIConversionFunction_Util
PORT_UCS2_ASCIIConversion_Util
PORT_SetUCS2_UTF8ConversionFunction_Util
PORT_UCS2_UTF8Conversion_Util
NSS_PutEnv_Util
SECITEM_AllocItem_Util
SECITEM_CompareItem_Util
SECITEM_ItemsAreEqual_Util
SECITEM_CopyItem_Util
SECITEM_DupItem_Util
SECITEM_ArenaDupItem_Util
SECITEM_FreeItem_Util
SECITEM_ZfreeItem_Util
SECOID_FindOID_Util
SECOID_FindOIDTag_Util
SECOID_FindOIDByTag_Util
SECOID_SetAlgorithmID_Util
SECOID_CopyAlgorithmID_Util
SECOID_GetAlgorithmTag_Util
SECOID_DestroyAlgorithmID_Util
SECOID_CompareAlgorithmID_Util
SECOID_FindOIDTagDescription_Util
SECOID_AddEntry_Util
SGN_CreateDigestInfo_Util
SGN_DestroyDigestInfo_Util
SGN_CopyDigestInfo_Util
SGN_CompareDigestInfo_Util
DER_Encode_Util
DER_Lengths_Util
DER_GetInteger_Util
DER_TimeToUTCTime_Util
DER_AsciiToTime_Util
DER_UTCTimeToTime_Util
DER_UTCTimeToAscii_Util
DER_UTCDayToAscii_Util
DER_GeneralizedDayToAscii_Util
DER_TimeChoiceDayToAscii_Util
DER_TimeToGeneralizedTime_Util
DER_TimeToGeneralizedTimeArena_Util
DER_GeneralizedTimeToTime_Util
CERT_GenTime2FormattedAscii_Util
DER_DecodeTimeChoice_Util
DER_EncodeTimeChoice_Util
SEC_ASN1DecoderStart_Util
SEC_ASN1DecoderUpdate_Util
SEC_ASN1DecoderFinish_Util
SEC_ASN1DecoderAbort_Util
SEC_ASN1DecoderSetFilterProc_Util
SEC_ASN1DecoderClearFilterProc_Util
SEC_ASN1DecoderSetNotifyProc_Util
SEC_ASN1DecoderClearNotifyProc_Util
SEC_ASN1Decode_Util
SEC_ASN1DecodeItem_Util
SEC_QuickDERDecodeItem_Util
SEC_ASN1EncoderStart_Util
SEC_ASN1EncoderUpdate_Util
SEC_ASN1EncoderFinish_Util
SEC_ASN1EncoderAbort_Util
SEC_ASN1EncoderSetNotifyProc_Util
SEC_ASN1EncoderClearNotifyProc_Util
SEC_ASN1EncoderSetStreaming_Util
SEC_ASN1EncoderClearStreaming_Util
SEC_ASN1EncoderSetTakeFromBuf_Util
SEC_ASN1EncoderClearTakeFromBuf_Util
SEC_ASN1Encode_Util
SEC_ASN1EncodeItem_Util
SEC_ASN1EncodeInteger_Util
SEC_ASN1EncodeUnsignedInteger_Util
SEC_ASN1DecodeInteger_Util
SEC_ASN1LengthLength_Util
BTOA_DataToAscii_Util
ATOB_AsciiToData_Util
ATOB_ConvertAsciiToItem_Util
BTOA_ConvertItemToAscii_Util
NSSBase64Decoder_Create_Util
NSSBase64Encoder_Create_Util
NSSBase64Decoder_Update_Util
NSSBase64Encoder_Update_Util
NSSBase64Decoder_Destroy_Util
NSSBase64Encoder_Destroy_Util
NSSBase64_DecodeBuffer_Util
NSSBase64_EncodeItem_Util
NSSRWLock_New_Util
NSSRWLock_Destroy_Util
NSSRWLock_LockRead_Util
NSSRWLock_LockWrite_Util
NSSRWLock_UnlockRead_Util
NSSRWLock_UnlockWrite_Util
NSSRWLock_HaveWriteLock_Util
SECOID_Init
SECOID_Shutdown
NSS_InitializePRErrorTable
NSSUTIL_DoubleEscape
NSS_IsPolicyLocked
NSS_Get_SEC_PointerToAnyTemplate_Util
NSS_Get_SEC_PointerToEnumeratedTemplate
NSS_Get_SEC_SequenceOfAnyTemplate
NSS_Get_SEC_PointerToGeneralizedTimeTemplate
NSS_Get_SECOID_AlgorithmIDTemplate_Util
NSS_Get_SEC_AnyTemplate_Util
NSS_Get_SEC_IntegerTemplate_Util
NSS_Get_SEC_NullTemplate_Util
NSS_Get_SEC_OctetStringTemplate_Util
NSS_Get_SEC_SequenceOfObjectIDTemplate
PORT_InitCheapArena
PORT_DestroyCheapArena
NSS_GetAlgorithmPolicy
DER_SetUInteger
NSS_Get_SEC_BitStringTemplate_Util
NSS_Get_SEC_GeneralizedTimeTemplate_Util
NSS_Get_SEC_EnumeratedTemplate
NSS_Get_SEC_ObjectIDTemplate_Util
_SGN_VerifyPKCS1DigestInfo
SGN_DecodeDigestInfo
SECOID_FindOIDByMechanism
PK11URI_ParseURI
PK11URI_DestroyURI
PK11URI_GetPathAttribute
PK11URI_CreateURI
PK11URI_FormatURI
SECITEM_MakeItem
NSS_SetAlgorithmPolicy
NSS_LockPolicy
NSSUTIL_ArgFetchValue
NSSUTIL_ArgStrip
NSSUTIL_ArgGetParamValue
NSSUTIL_ArgSkipParameter
NSSUTIL_ArgGetLabel
NSSUTIL_ArgDecodeNumber
NSSUTIL_ArgIsBlank
NSSUTIL_ArgHasFlag
NSSUTIL_ArgReadLong
NSSUTIL_EscapeSize
NSSUTIL_Escape
NSSUTIL_DoubleEscapeSize
NSSUTIL_ArgParseSlotInfo
NSSUTIL_MkSlotString
NSSUTIL_ArgParseModuleSpecEx
NSSUTIL_MkModuleSpec
NSSUTIL_AddNSSFlagToModuleSpec
NSSUTIL_ArgParseCipherFlags
NSSUTIL_MkNSSString
PORT_LoadLibraryFromOrigin
_NSSUTIL_UTF8ToWide
NSS_Get_SEC_SkipTemplate
SECITEM_Hash
SECITEM_HashCompare
PORT_RegExpValid
PORT_RegExpCaseSearch
SECOID_KnownCertExtenOID
PORT_UCS4_UTF8Conversion
PORT_ISO88591_UTF8Conversion
NSS_Get_SEC_BMPStringTemplate_Util
NSS_Get_SEC_IA5StringTemplate_Util
NSS_Get_SEC_UTF8StringTemplate_Util
NSS_Get_SEC_UniversalStringTemplate
NSS_Get_SEC_PrintableStringTemplate
NSS_Get_SEC_T61StringTemplate
DER_StoreHeader
DER_LengthLength
SEC_StringToOID
DER_GetUInteger

Exports

Exports

ATOB_AsciiToData
ATOB_ConvertAsciiToItem
BTOA_ConvertItemToAscii
BTOA_DataToAscii
CERT_AddCertToListHead
CERT_AddCertToListHeadWithData
CERT_AddCertToListSorted
CERT_AddCertToListTail
CERT_AddCertToListTailWithData
CERT_AddExtension
CERT_AddExtensionByOID
CERT_AddOCSPAcceptableResponses
CERT_AddOKDomainName
CERT_AddRDN
CERT_AllocCERTRevocationFlags
CERT_AsciiToName
CERT_CRLCacheRefreshIssuer
CERT_CacheCRL
CERT_CacheOCSPResponseFromSideChannel
CERT_CertChainFromCert
CERT_CertListFromCert
CERT_CertTimesValid
CERT_ChangeCertTrust
CERT_CheckCertUsage
CERT_CheckCertValidTimes
CERT_CheckNameSpace
CERT_CheckOCSPStatus
CERT_ClearOCSPCache
CERT_CompareAVA
CERT_CompareCerts
CERT_CompareName
CERT_CompareValidityTimes
CERT_CompleteCRLDecodeEntries
CERT_CopyName
CERT_CopyRDN
CERT_CreateAVA
CERT_CreateCertificate
CERT_CreateCertificateRequest
CERT_CreateEncodedOCSPErrorResponse
CERT_CreateEncodedOCSPSuccessResponse
CERT_CreateName
CERT_CreateOCSPCertID
CERT_CreateOCSPRequest
CERT_CreateOCSPSingleResponseGood
CERT_CreateOCSPSingleResponseRevoked
CERT_CreateOCSPSingleResponseUnknown
CERT_CreateRDN
CERT_CreateSubjectCertList
CERT_CreateValidity
CERT_DecodeAVAValue
CERT_DecodeAltNameExtension
CERT_DecodeAuthInfoAccessExtension
CERT_DecodeAuthKeyID
CERT_DecodeBasicConstraintValue
CERT_DecodeCRLDistributionPoints
CERT_DecodeCertificatePoliciesExtension
CERT_DecodeDERCrl
CERT_DecodeDERCrlWithFlags
CERT_DecodeGeneralName
CERT_DecodeNameConstraintsExtension
CERT_DecodeOCSPRequest
CERT_DecodeOCSPResponse
CERT_DecodeOidSequence
CERT_DecodePrivKeyUsagePeriodExtension
CERT_DecodeTrustString
CERT_DecodeUserNotice
CERT_DerNameToAscii
CERT_DestroyCERTRevocationFlags
CERT_DestroyCertArray
CERT_DestroyCertList
CERT_DestroyCertificate
CERT_DestroyCertificateList
CERT_DestroyCertificatePoliciesExtension
CERT_DestroyCertificateRequest
CERT_DestroyName
CERT_DestroyOCSPCertID
CERT_DestroyOCSPRequest
CERT_DestroyOCSPResponse
CERT_DestroyOidSequence
CERT_DestroyUserNotice
CERT_DestroyValidity
CERT_DisableOCSPChecking
CERT_DisableOCSPDefaultResponder
CERT_DistNamesFromCertList
CERT_DupCertList
CERT_DupCertificate
CERT_DupDistNames
CERT_EnableOCSPChecking
CERT_EnableOCSPDefaultResponder
CERT_EncodeAltNameExtension
CERT_EncodeAndAddBitStrExtension
CERT_EncodeAuthKeyID
CERT_EncodeBasicConstraintValue
CERT_EncodeCRLDistributionPoints
CERT_EncodeCertPoliciesExtension
CERT_EncodeGeneralName
CERT_EncodeInfoAccessExtension
CERT_EncodeInhibitAnyExtension
CERT_EncodeNameConstraintsExtension
CERT_EncodeNoticeReference
CERT_EncodeOCSPRequest
CERT_EncodePolicyConstraintsExtension
CERT_EncodePolicyMappingExtension
CERT_EncodeSubjectKeyID
CERT_EncodeUserNotice
CERT_ExtractPublicKey
CERT_FilterCertListByCANames
CERT_FilterCertListByCertList
CERT_FilterCertListByNickname
CERT_FilterCertListByUsage
CERT_FilterCertListForUserCerts
CERT_FindCRLEntryReasonExten
CERT_FindCRLNumberExten
CERT_FindCertByDERCert
CERT_FindCertByIssuerAndSN
CERT_FindCertByIssuerAndSNCX
CERT_FindCertByName
CERT_FindCertByNickname
CERT_FindCertByNicknameOrEmailAddr
CERT_FindCertByNicknameOrEmailAddrCX
CERT_FindCertByNicknameOrEmailAddrForUsage
CERT_FindCertByNicknameOrEmailAddrForUsageCX
CERT_FindCertBySubjectKeyID
CERT_FindCertExtension
CERT_FindCertIssuer
CERT_FindKeyUsageExtension
CERT_FindNameConstraintsExten
CERT_FindSMimeProfile
CERT_FindSubjectKeyIDExtension
CERT_FindUserCertByUsage
CERT_FindUserCertsByUsage
CERT_FinishCertificateRequestAttributes
CERT_FinishExtensions
CERT_ForcePostMethodForOCSP
CERT_FormatName
CERT_FreeDistNames
CERT_FreeNicknames
CERT_GenTime2FormattedAscii
CERT_GetAVATag
CERT_GetCertChainFromCert
CERT_GetCertEmailAddress
CERT_GetCertIsPerm
CERT_GetCertIsTemp
CERT_GetCertIssuerAndSN
CERT_GetCertKeyType
CERT_GetCertNicknames
CERT_GetCertTimes
CERT_GetCertTrust
CERT_GetCertUid
CERT_GetCertificateDer
CERT_GetCertificateNames
CERT_GetCertificateRequestExtensions
CERT_GetClassicOCSPDisabledPolicy
CERT_GetClassicOCSPEnabledHardFailurePolicy
CERT_GetClassicOCSPEnabledSoftFailurePolicy
CERT_GetCommonName
CERT_GetConstrainedCertificateNames
CERT_GetCountryName
CERT_GetDBContentVersion
CERT_GetDefaultCertDB
CERT_GetDomainComponentName
CERT_GetEncodedOCSPResponse
CERT_GetFirstEmailAddress
CERT_GetGeneralNameTypeFromString
CERT_GetImposedNameConstraints
CERT_GetLocalityName
CERT_GetNextEmailAddress
CERT_GetNextGeneralName
CERT_GetNextNameConstraint
CERT_GetOCSPAuthorityInfoAccessLocation
CERT_GetOCSPResponseStatus
CERT_GetOCSPStatusForCertID
CERT_GetOidString
CERT_GetOrgName
CERT_GetOrgUnitName
CERT_GetPKIXVerifyNistRevocationPolicy
CERT_GetPrevGeneralName
CERT_GetPrevNameConstraint
CERT_GetSSLCACerts
CERT_GetSlopTime
CERT_GetStateName
CERT_GetSubjectNameDigest
CERT_GetSubjectPublicKeyDigest
CERT_GetUsePKIXForValidation
CERT_GetValidDNSPatternsFromCert
CERT_Hexify
CERT_ImportCAChain
CERT_ImportCAChainTrusted
CERT_ImportCRL
CERT_ImportCerts
CERT_IsCACert
CERT_IsCADERCert
CERT_IsInList
CERT_IsRootDERCert
CERT_IsUserCert
CERT_KeyFromDERCrl
CERT_MakeCANickname
CERT_MergeExtensions
CERT_NameToAscii
CERT_NameToAsciiInvertible
CERT_NewCertList
CERT_NewTempCertificate
CERT_NicknameStringsFromCertList
CERT_OCSPCacheSettings
CERT_OpenCertDBFilename
CERT_PKIXVerifyCert
CERT_PostOCSPRequest
CERT_RFC1485_EscapeAndQuote
CERT_RegisterAlternateOCSPAIAInfoCallBack
CERT_RemoveCertListNode
CERT_SaveSMimeProfile
CERT_SetOCSPDefaultResponder
CERT_SetOCSPFailureMode
CERT_SetOCSPTimeout
CERT_SetSlopTime
CERT_SetUsePKIXForValidation
CERT_StartCRLEntryExtensions
CERT_StartCRLExtensions
CERT_StartCertExtensions
CERT_StartCertificateRequestAttributes
CERT_UncacheCRL
CERT_VerifyCACertForUsage
CERT_VerifyCert
CERT_VerifyCertName
CERT_VerifyCertNow
CERT_VerifyCertificate
CERT_VerifyCertificateNow
CERT_VerifyOCSPResponseSignature
CERT_VerifySignedData
CERT_VerifySignedDataWithPublicKey
CERT_VerifySignedDataWithPublicKeyInfo
DER_AsciiToTime
DER_DecodeTimeChoice
DER_Encode
DER_EncodeTimeChoice
DER_GeneralizedDayToAscii
DER_GeneralizedTimeToTime
DER_GetInteger
DER_Lengths
DER_TimeChoiceDayToAscii
DER_TimeToGeneralizedTime
DER_TimeToGeneralizedTimeArena
DER_TimeToUTCTime
DER_UTCDayToAscii
DER_UTCTimeToAscii
DER_UTCTimeToTime
DSAU_DecodeDerSig
DSAU_DecodeDerSigToLen
DSAU_EncodeDerSig
DSAU_EncodeDerSigWithLen
HASH_Begin
HASH_Clone
HASH_Create
HASH_Destroy
HASH_End
HASH_GetHMACOidTagByHashOidTag
HASH_GetHashObject
HASH_GetHashObjectByOidTag
HASH_GetHashOidTagByHashType
HASH_GetHashTypeByOidTag
HASH_GetType
HASH_HashBuf
HASH_ResultLen
HASH_ResultLenByOidTag
HASH_ResultLenContext
HASH_Update
NSSBase64Decoder_Create
NSSBase64Decoder_Destroy
NSSBase64Decoder_Update
NSSBase64Encoder_Create
NSSBase64Encoder_Destroy
NSSBase64Encoder_Update
NSSBase64_DecodeBuffer
NSSBase64_EncodeItem
NSSRWLock_Destroy
NSSRWLock_HaveWriteLock
NSSRWLock_LockRead
NSSRWLock_LockWrite
NSSRWLock_New
NSSRWLock_UnlockRead
NSSRWLock_UnlockWrite
NSS_GetVersion
NSS_Get_CERT_CertificateRequestTemplate
NSS_Get_CERT_CertificateTemplate
NSS_Get_CERT_CrlTemplate
NSS_Get_CERT_IssuerAndSNTemplate
NSS_Get_CERT_NameTemplate
NSS_Get_CERT_SequenceOfCertExtensionTemplate
NSS_Get_CERT_SetOfSignedCrlTemplate
NSS_Get_CERT_SignedCrlTemplate
NSS_Get_CERT_SignedDataTemplate
NSS_Get_CERT_SubjectPublicKeyInfoTemplate
NSS_Get_CERT_TimeChoiceTemplate
NSS_Get_SECKEY_DSAPublicKeyTemplate
NSS_Get_SECKEY_EncryptedPrivateKeyInfoTemplate
NSS_Get_SECKEY_PointerToEncryptedPrivateKeyInfoTemplate
NSS_Get_SECKEY_PointerToPrivateKeyInfoTemplate
NSS_Get_SECKEY_PrivateKeyInfoTemplate
NSS_Get_SECKEY_RSAPSSParamsTemplate
NSS_Get_SECKEY_RSAPublicKeyTemplate
NSS_Get_SECOID_AlgorithmIDTemplate
NSS_Get_SEC_AnyTemplate
NSS_Get_SEC_BMPStringTemplate
NSS_Get_SEC_BitStringTemplate
NSS_Get_SEC_BooleanTemplate
NSS_Get_SEC_GeneralizedTimeTemplate
NSS_Get_SEC_IA5StringTemplate
NSS_Get_SEC_IntegerTemplate
NSS_Get_SEC_NullTemplate
NSS_Get_SEC_ObjectIDTemplate
NSS_Get_SEC_OctetStringTemplate
NSS_Get_SEC_PointerToAnyTemplate
NSS_Get_SEC_PointerToOctetStringTemplate
NSS_Get_SEC_SetOfAnyTemplate
NSS_Get_SEC_SignedCertificateTemplate
NSS_Get_SEC_UTCTimeTemplate
NSS_Get_SEC_UTF8StringTemplate
NSS_Get_sgn_DigestInfoTemplate
NSS_Init
NSS_InitContext
NSS_InitReadWrite
NSS_InitWithMerge
NSS_Initialize
NSS_IsInitialized
NSS_NoDB_Init
NSS_OptionGet
NSS_OptionSet
NSS_PutEnv
NSS_RegisterShutdown
NSS_Shutdown
NSS_ShutdownContext
NSS_UnregisterShutdown
NSS_VersionCheck
PBE_CreateContext
PBE_DestroyContext
PBE_GenerateBits
PK11SDR_Decrypt
PK11SDR_Encrypt
PK11_AEADOp
PK11_AEADRawOp
PK11_AlgtagToMechanism
PK11_Authenticate
PK11_BlockData
PK11_ChangePW
PK11_CheckSSOPassword
PK11_CheckUserPassword
PK11_CipherOp
PK11_CloneContext
PK11_ConfigurePKCS11
PK11_ContextGetFIPSStatus
PK11_ConvertSessionPrivKeyToTokenPrivKey
PK11_ConvertSessionSymKeyToTokenSymKey
PK11_CopySymKeyForSigning
PK11_CopyTokenPrivKeyToSessionPrivKey
PK11_CreateContextByPrivKey
PK11_CreateContextByPubKey
PK11_CreateContextBySymKey
PK11_CreateDigestContext
PK11_CreateGenericObject
PK11_CreateManagedGenericObject
PK11_CreateMergeLog
PK11_CreatePBEAlgorithmID
PK11_CreatePBEParams
PK11_CreatePBEV2AlgorithmID
PK11_DEREncodePublicKey
PK11_Decrypt
PK11_DeleteTokenCertAndKey
PK11_DeleteTokenPrivateKey
PK11_DeleteTokenPublicKey
PK11_DeleteTokenSymKey
PK11_Derive
PK11_DeriveWithFlags
PK11_DeriveWithFlagsPerm
PK11_DeriveWithTemplate
PK11_DestroyContext
PK11_DestroyGenericObject
PK11_DestroyGenericObjects
PK11_DestroyMergeLog
PK11_DestroyObject
PK11_DestroyPBEParams
PK11_DestroyTokenObject
PK11_DigestBegin
PK11_DigestFinal
PK11_DigestKey
PK11_DigestOp
PK11_DoesMechanism
PK11_Encrypt
PK11_ExportDERPrivateKeyInfo
PK11_ExportEncryptedPrivKeyInfo
PK11_ExportEncryptedPrivKeyInfoV2
PK11_ExportEncryptedPrivateKeyInfo
PK11_ExportEncryptedPrivateKeyInfoV2
PK11_ExportPrivKeyInfo
PK11_ExportPrivateKeyInfo
PK11_ExtractKeyValue
PK11_Finalize
PK11_FindBestKEAMatch
PK11_FindCertAndKeyByRecipientList
PK11_FindCertAndKeyByRecipientListNew
PK11_FindCertByIssuerAndSN
PK11_FindCertFromDERCert
PK11_FindCertFromDERCertItem
PK11_FindCertFromNickname
PK11_FindCertFromURI
PK11_FindCertInSlot
PK11_FindCertsFromEmailAddress
PK11_FindCertsFromNickname
PK11_FindCertsFromURI
PK11_FindEncodedCertInSlot
PK11_FindFixedKey
PK11_FindGenericObjects
PK11_FindKeyByAnyCert
PK11_FindKeyByDERCert
PK11_FindKeyByKeyID
PK11_FindObjectForCert
PK11_FindPrivateKeyFromCert
PK11_FindRawCertsWithSubject
PK11_FindSlotByName
PK11_FindSlotsByNames
PK11_FortezzaHasKEA
PK11_FortezzaMapSig
PK11_FreeSlot
PK11_FreeSlotList
PK11_FreeSlotListElement
PK11_FreeSymKey
PK11_GenerateFortezzaIV
PK11_GenerateKeyPair
PK11_GenerateKeyPairWithFlags
PK11_GenerateKeyPairWithOpFlags
PK11_GenerateNewParam
PK11_GenerateRandom
PK11_GenerateRandomOnSlot
PK11_GetAllSlotsForCert
PK11_GetAllTokens
PK11_GetBestKeyLength
PK11_GetBestSlot
PK11_GetBestSlotMultiple
PK11_GetBestSlotMultipleWithAttributes
PK11_GetBestSlotWithAttributes
PK11_GetBestWrapMechanism
PK11_GetBlockSize
PK11_GetCertFromPrivateKey
PK11_GetCertsMatchingPrivateKey
PK11_GetCurrentWrapIndex
PK11_GetDefaultArray
PK11_GetDefaultFlags
PK11_GetDisabledReason
PK11_GetFirstSafe
PK11_GetIVLength
PK11_GetInternalKeySlot
PK11_GetInternalSlot
PK11_GetKeyData
PK11_GetKeyGen
PK11_GetKeyLength
PK11_GetKeyStrength
PK11_GetKeyType
PK11_GetLowLevelKeyIDForCert
PK11_GetLowLevelKeyIDForPrivateKey
PK11_GetMechanism
PK11_GetMinimumPwdLength
PK11_GetModInfo
PK11_GetModule
PK11_GetModuleID
PK11_GetModuleURI
PK11_GetNextGenericObject
PK11_GetNextSafe
PK11_GetNextSymKey
PK11_GetObjectHandle
PK11_GetPBECryptoMechanism
PK11_GetPBEIV
PK11_GetPQGParamsFromPrivateKey
PK11_GetPadMechanism
PK11_GetPrevGenericObject
PK11_GetPrivateKeyNickname
PK11_GetPrivateModulusLen
PK11_GetPublicKeyNickname
PK11_GetSlotFromKey
PK11_GetSlotFromPrivateKey
PK11_GetSlotID
PK11_GetSlotInfo
PK11_GetSlotName
PK11_GetSlotPWValues
PK11_GetSlotSeries
PK11_GetSymKeyHandle
PK11_GetSymKeyNickname
PK11_GetSymKeyType
PK11_GetSymKeyUserData
PK11_GetTokenInfo
PK11_GetTokenName
PK11_GetTokenURI
PK11_GetWindow
PK11_GetWrapKey
PK11_HPKE_Deserialize
PK11_HPKE_DestroyContext
PK11_HPKE_ExportContext
PK11_HPKE_ExportSecret
PK11_HPKE_GetEncapPubKey
PK11_HPKE_ImportContext
PK11_HPKE_NewContext
PK11_HPKE_Open

Sections

.text
Size: 361KB - Virtual size: 361KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Lib/Cert/nss/nssckbi.dll
.dll windows:5 windows x86 arch:x86

ab8a9df014dff33b69e5310f088156a3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
GetCurrentProcess
TerminateProcess

vcruntime140

memcpy
memset
memmove
__std_type_info_destroy_list
_except_handler4_common

api-ms-win-crt-runtime-l1-1-0

_initterm
_initterm_e
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_execute_onexit_table
_cexit

libnspr4

PR_NewLock
PR_DestroyLock
PR_Lock
PR_Unlock
PR_Calloc
PR_Free
PR_NewThreadPrivateIndex
PR_SetThreadPrivate
PR_GetThreadPrivate
PR_CallOnce

libplc4

PL_strlen

libplds4

PL_NewHashTable
PL_HashTableDestroy
PL_HashTableAdd
PL_HashTableRemove
PL_HashTableLookup
PL_HashTableEnumerateEntries
PL_CompareValues
PL_InitArenaPool
PL_FinishArenaPool
PL_ArenaAllocate

Exports

Exports

C_GetFunctionList

Sections

.text
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 249KB - Virtual size: 249KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Lib/Cert/nss/nssdbm3.dll
.dll windows:5 windows x86 arch:x86

cd90830193b973fea4de23b3828cab74

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
GetCurrentProcess
TerminateProcess
FlushFileBuffers

vcruntime140

memset
_except_handler4_common
memmove
__std_type_info_destroy_list
memcpy
strrchr

api-ms-win-crt-runtime-l1-1-0

_getpid
_execute_onexit_table
abort
_initialize_onexit_table
_initialize_narrow_environment
_errno
_initterm
_cexit
_configure_narrow_argv
_seh_filter_dll
_initterm_e

nssutil3

SECITEM_AllocItem_Util
NSSBase64_EncodeItem_Util
DER_DecodeTimeChoice_Util
NSS_Get_SEC_ObjectIDTemplate_Util
NSS_Get_SEC_BitStringTemplate_Util
NSS_Get_SEC_AnyTemplate_Util
NSS_Get_SEC_OctetStringTemplate_Util
DER_SetUInteger
PORT_ArenaUnmark_Util
PORT_ArenaRelease_Util
PORT_ArenaMark_Util
PORT_DestroyCheapArena
PORT_InitCheapArena
SECOID_GetAlgorithmTag_Util
SECOID_SetAlgorithmID_Util
SECOID_FindOIDByTag_Util
SECOID_FindOIDTag_Util
SEC_ASN1EncodeInteger_Util
SEC_ASN1EncodeItem_Util
SEC_QuickDERDecodeItem_Util
SECITEM_ZfreeItem_Util
SECITEM_CopyItem_Util
PORT_GetError_Util
NSS_Get_SECOID_AlgorithmIDTemplate_Util
SECITEM_FreeItem_Util
SECITEM_DupItem_Util
SECITEM_ItemsAreEqual_Util
SECITEM_CompareItem_Util
SECOID_Shutdown
SECOID_Init
SECITEM_HashCompare
PORT_Alloc_Util
NSSUTIL_MkNSSString
NSSUTIL_ArgParseCipherFlags
NSSUTIL_MkModuleSpec
NSSUTIL_ArgParseModuleSpec
NSSUTIL_MkSlotString
NSSUTIL_ArgParseSlotInfo
NSSUTIL_ArgParseSlotFlags
NSSUTIL_Quote
NSSUTIL_ArgReadLong
NSSUTIL_ArgHasFlag
NSSUTIL_ArgGetParamValue
PORT_ArenaStrdup_Util
PORT_ArenaZAlloc_Util
PORT_ArenaAlloc_Util
PORT_FreeArena_Util
PORT_NewArena_Util
PORT_SetError_Util
PORT_Strdup_Util
PORT_Free_Util
PORT_ZAlloc_Util
PORT_Realloc_Util

api-ms-win-crt-string-l1-1-0

_strdup
isdigit
tolower
strncmp

api-ms-win-crt-filesystem-l1-1-0

_unlink
_stat64i32

api-ms-win-crt-heap-l1-1-0

calloc
malloc
free

api-ms-win-crt-stdio-l1-1-0

_get_osfhandle
_read
fwrite
_close
_lseek
_open
__acrt_iob_func
_write

api-ms-win-crt-environment-l1-1-0

getenv

libnspr4

PR_GetEnvSecure
PR_Unlock
PR_Lock
PR_DestroyLock
PR_NewLock
PR_FindSymbol
PR_UnloadLibrary
PR_LoadLibrary
PR_smprintf_free
PR_smprintf
PR_NewMonitor
PR_DestroyMonitor
PR_EnterMonitor
PR_ExitMonitor
PR_Free
PR_GetDirectorySeparator
PR_htonl
PR_ntohl
PR_Now
PR_SetError
PR_GetError
PR_OpenFile
PR_Read
PR_Write
PR_Delete
PR_Access
PR_MkDir
PR_LoadLibraryWithFlags
PR_FindFunctionSymbol
PR_GetLibraryFilePathname
PR_CallOnce
PR_Close

libplds4

PL_NewHashTable
PL_HashTableDestroy
PL_CompareValues
PL_HashTableAdd
PL_HashTableRemove
PL_HashTableLookup
PL_HashTableEnumerateEntries

Exports

Exports

legacy_AddSecmodDB
legacy_DeleteSecmodDB
legacy_Open
legacy_ReadSecmodDB
legacy_ReleaseSecmodDBData
legacy_SetCryptFunctions
legacy_Shutdown

Sections

.text
Size: 90KB - Virtual size: 90KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1020B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Lib/Cert/nss/nssutil3.dll
.dll windows:5 windows x86 arch:x86

2361772421bbab85dfaf201b5b651497

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
GetCurrentProcess
TerminateProcess
SetEnvironmentVariableA
MultiByteToWideChar
MoveFileW
DeleteFileW

vcruntime140

_except_handler4_common
__std_type_info_destroy_list
memcpy
strchr
strrchr
strstr
memmove
memset

api-ms-win-crt-runtime-l1-1-0

_configure_narrow_argv
_cexit
_initterm
_execute_onexit_table
_initterm_e
_initialize_narrow_environment
_seh_filter_dll
_initialize_onexit_table

api-ms-win-crt-string-l1-1-0

isalpha
isalnum
toupper
tolower
strncpy
strncmp
strncat
isdigit
strcmp
isspace

api-ms-win-crt-convert-l1-1-0

atoi

api-ms-win-crt-stdio-l1-1-0

fclose
feof
fgets
fputs
fwrite
__stdio_common_vfprintf
_close
_wopen
_wfopen

api-ms-win-crt-math-l1-1-0

_fdopen

api-ms-win-crt-filesystem-l1-1-0

_wstat64i32
_waccess

libnspr4

PR_SetError
PR_Malloc
PR_Calloc
PR_Realloc
PR_Free
PR_ExplodeTime
PR_LocalTimeParameters
PR_GMTParameters
PR_FormatTime
PR_ImplodeTime
PR_NewLock
PR_DestroyLock
PR_Lock
PR_Unlock
PR_NewCondVar
PR_DestroyCondVar
PR_WaitCondVar
PR_NotifyCondVar
PR_NotifyAllCondVar
PR_GetCurrentThread
PR_smprintf
PR_smprintf_free
PR_GetEnvSecure
PR_ErrorInstallTable
PR_CallOnce
PR_GetError
PR_snprintf
PR_LoadLibraryWithFlags
PR_GetLibraryFilePathname
PR_GetDirectorySeparator

libplc4

PL_strncasecmp
PL_strpbrk
PL_strlen
PL_strcasecmp

libplds4

PL_NewHashTable
PL_HashTableDestroy
PL_HashTableAdd
PL_HashTableLookup
PL_HashTableLookupConst
PL_CompareValues
PL_InitArenaPool
PL_FreeArenaPool
PL_FinishArenaPool
PL_ArenaAllocate
PL_ArenaGrow
PL_ArenaRelease
PL_ClearArenaPool

Exports

Exports

ATOB_AsciiToData_Util
ATOB_ConvertAsciiToItem_Util
BTOA_ConvertItemToAscii_Util
BTOA_DataToAscii_Util
CERT_GenTime2FormattedAscii_Util
DER_AsciiToTime_Util
DER_DecodeTimeChoice_Util
DER_EncodeTimeChoice_Util
DER_Encode_Util
DER_GeneralizedDayToAscii_Util
DER_GeneralizedTimeToTime_Util
DER_GetInteger_Util
DER_GetUInteger
DER_LengthLength
DER_Lengths_Util
DER_SetUInteger
DER_StoreHeader
DER_TimeChoiceDayToAscii_Util
DER_TimeToGeneralizedTimeArena_Util
DER_TimeToGeneralizedTime_Util
DER_TimeToUTCTime_Util
DER_UTCDayToAscii_Util
DER_UTCTimeToAscii_Util
DER_UTCTimeToTime_Util
NSSBase64Decoder_Create_Util
NSSBase64Decoder_Destroy_Util
NSSBase64Decoder_Update_Util
NSSBase64Encoder_Create_Util
NSSBase64Encoder_Destroy_Util
NSSBase64Encoder_Update_Util
NSSBase64_DecodeBuffer_Util
NSSBase64_EncodeItem_Util
NSSRWLock_Destroy_Util
NSSRWLock_HaveWriteLock_Util
NSSRWLock_LockRead_Util
NSSRWLock_LockWrite_Util
NSSRWLock_New_Util
NSSRWLock_UnlockRead_Util
NSSRWLock_UnlockWrite_Util
NSSUTIL_AddNSSFlagToModuleSpec
NSSUTIL_ArgDecodeNumber
NSSUTIL_ArgFetchValue
NSSUTIL_ArgGetLabel
NSSUTIL_ArgGetParamValue
NSSUTIL_ArgHasFlag
NSSUTIL_ArgIsBlank
NSSUTIL_ArgParseCipherFlags
NSSUTIL_ArgParseModuleSpec
NSSUTIL_ArgParseModuleSpecEx
NSSUTIL_ArgParseSlotFlags
NSSUTIL_ArgParseSlotInfo
NSSUTIL_ArgReadLong
NSSUTIL_ArgSkipParameter
NSSUTIL_ArgStrip
NSSUTIL_DoModuleDBFunction
NSSUTIL_DoubleEscape
NSSUTIL_DoubleEscapeSize
NSSUTIL_Escape
NSSUTIL_EscapeSize
NSSUTIL_GetVersion
NSSUTIL_MkModuleSpec
NSSUTIL_MkNSSString
NSSUTIL_MkSlotString
NSSUTIL_Quote
NSSUTIL_QuoteSize
NSS_GetAlgorithmPolicy
NSS_Get_SECOID_AlgorithmIDTemplate_Util
NSS_Get_SEC_AnyTemplate_Util
NSS_Get_SEC_BMPStringTemplate_Util
NSS_Get_SEC_BitStringTemplate_Util
NSS_Get_SEC_BooleanTemplate_Util
NSS_Get_SEC_EnumeratedTemplate
NSS_Get_SEC_GeneralizedTimeTemplate_Util
NSS_Get_SEC_IA5StringTemplate_Util
NSS_Get_SEC_IntegerTemplate_Util
NSS_Get_SEC_NullTemplate_Util
NSS_Get_SEC_ObjectIDTemplate_Util
NSS_Get_SEC_OctetStringTemplate_Util
NSS_Get_SEC_PointerToAnyTemplate_Util
NSS_Get_SEC_PointerToEnumeratedTemplate
NSS_Get_SEC_PointerToGeneralizedTimeTemplate
NSS_Get_SEC_PointerToOctetStringTemplate_Util
NSS_Get_SEC_PrintableStringTemplate
NSS_Get_SEC_SequenceOfAnyTemplate
NSS_Get_SEC_SequenceOfObjectIDTemplate
NSS_Get_SEC_SetOfAnyTemplate_Util
NSS_Get_SEC_SkipTemplate
NSS_Get_SEC_T61StringTemplate
NSS_Get_SEC_UTF8StringTemplate_Util
NSS_Get_SEC_UniversalStringTemplate
NSS_Get_sgn_DigestInfoTemplate_Util
NSS_InitializePRErrorTable
NSS_IsPolicyLocked
NSS_LockPolicy
NSS_PutEnv_Util
NSS_SecureMemcmp
NSS_SecureMemcmpZero
NSS_SetAlgorithmPolicy
PK11URI_CreateURI
PK11URI_DestroyURI
PK11URI_FormatURI
PK11URI_GetPathAttribute
PK11URI_GetQueryAttribute
PK11URI_ParseURI
PORT_Alloc_Util
PORT_ArenaAlloc_Util
PORT_ArenaGrow_Util
PORT_ArenaMark_Util
PORT_ArenaRelease_Util
PORT_ArenaStrdup_Util
PORT_ArenaUnmark_Util
PORT_ArenaZAlloc_Util
PORT_DestroyCheapArena
PORT_FreeArena_Util
PORT_Free_Util
PORT_GetError_Util
PORT_ISO88591_UTF8Conversion
PORT_InitCheapArena
PORT_LoadLibraryFromOrigin
PORT_NewArena_Util
PORT_Realloc_Util
PORT_RegExpCaseSearch
PORT_RegExpSearch
PORT_RegExpValid
PORT_SetError_Util
PORT_SetUCS2_ASCIIConversionFunction_Util
PORT_SetUCS2_UTF8ConversionFunction_Util
PORT_SetUCS4_UTF8ConversionFunction_Util
PORT_Strdup_Util
PORT_UCS2_ASCIIConversion_Util
PORT_UCS2_UTF8Conversion_Util
PORT_UCS4_UTF8Conversion
PORT_ZAllocAlignedOffset_Util
PORT_ZAllocAligned_Util
PORT_ZAlloc_Util
PORT_ZFree_Util
SECITEM_AllocArray
SECITEM_AllocItem_Util
SECITEM_ArenaDupItem_Util
SECITEM_CompareItem_Util
SECITEM_CopyItem_Util
SECITEM_DupArray
SECITEM_DupItem_Util
SECITEM_FreeArray
SECITEM_FreeItem_Util
SECITEM_Hash
SECITEM_HashCompare
SECITEM_ItemsAreEqual_Util
SECITEM_MakeItem
SECITEM_ReallocItem
SECITEM_ReallocItemV2
SECITEM_ZfreeArray
SECITEM_ZfreeItem_Util
SECOID_AddEntry_Util
SECOID_CompareAlgorithmID_Util
SECOID_CopyAlgorithmID_Util
SECOID_DestroyAlgorithmID_Util
SECOID_FindOIDByMechanism
SECOID_FindOIDByTag_Util
SECOID_FindOIDTagDescription_Util
SECOID_FindOIDTag_Util
SECOID_FindOID_Util
SECOID_GetAlgorithmTag_Util
SECOID_Init
SECOID_KnownCertExtenOID
SECOID_SetAlgorithmID_Util
SECOID_Shutdown
SEC_ASN1DecodeInteger_Util
SEC_ASN1DecodeItem_Util
SEC_ASN1Decode_Util
SEC_ASN1DecoderAbort_Util
SEC_ASN1DecoderClearFilterProc_Util
SEC_ASN1DecoderClearNotifyProc_Util
SEC_ASN1DecoderFinish_Util
SEC_ASN1DecoderSetFilterProc_Util
SEC_ASN1DecoderSetMaximumElementSize
SEC_ASN1DecoderSetNotifyProc_Util
SEC_ASN1DecoderStart_Util
SEC_ASN1DecoderUpdate_Util
SEC_ASN1EncodeInteger_Util
SEC_ASN1EncodeItem_Util
SEC_ASN1EncodeUnsignedInteger_Util
SEC_ASN1Encode_Util
SEC_ASN1EncoderAbort_Util
SEC_ASN1EncoderClearNotifyProc_Util
SEC_ASN1EncoderClearStreaming_Util
SEC_ASN1EncoderClearTakeFromBuf_Util
SEC_ASN1EncoderFinish_Util
SEC_ASN1EncoderSetNotifyProc_Util
SEC_ASN1EncoderSetStreaming_Util
SEC_ASN1EncoderSetTakeFromBuf_Util
SEC_ASN1EncoderStart_Util
SEC_ASN1EncoderUpdate_Util
SEC_ASN1LengthLength_Util
SEC_QuickDERDecodeItem_Util
SEC_StringToOID
SGN_CompareDigestInfo_Util
SGN_CopyDigestInfo_Util
SGN_CreateDigestInfo_Util
SGN_DecodeDigestInfo
SGN_DestroyDigestInfo_Util
UTIL_SetForkState
_NSSUTIL_Access
_NSSUTIL_EvaluateConfigDir
_NSSUTIL_GetSecmodName
_NSSUTIL_UTF8ToWide
_SGN_VerifyPKCS1DigestInfo

Sections

.text
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Lib/Cert/nss/smime3.dll
.dll windows:5 windows x86 arch:x86

8cc0328ae49d903f53bf6d12f4530763

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
GetCurrentProcess
TerminateProcess

vcruntime140

__std_type_info_destroy_list
memset
_except_handler4_common
memcpy
memmove
strchr

api-ms-win-crt-runtime-l1-1-0

_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_seh_filter_dll
_cexit
_initterm
_execute_onexit_table
_initterm_e

libnspr4

PR_NewLock
PR_DestroyLock
PR_Lock
PR_Unlock
PR_CallOnce
PR_Now

libplc4

PL_strncasecmp

libplds4

PL_HashTableDestroy
PL_HashTableAdd
PL_HashTableLookupConst
PL_CompareValues
PL_NewHashTable

nss3

NSS_Get_CERT_IssuerAndSNTemplate
PK11_GetKeyStrength
CERT_ExtractPublicKey
CERT_FindCertByIssuerAndSN
CERT_GetCertIssuerAndSN
CERT_FindSMimeProfile
SECKEY_PublicKeyStrengthInBits
SECKEY_DestroyPublicKey
SECKEY_GetPublicKeyType
NSS_VersionCheck
PK11_FreeSymKey
PK11_ReferenceSymKey
HASH_GetHashObjectByOidTag
PK11_CreatePBEAlgorithmID
SEC_PKCS5IsAlgorithmPBEAlgTag
PK11_FreeSlot
PK11_GetBestSlot
PK11_AlgtagToMechanism
PK11_KeyGen
PK11_FindCertAndKeyByRecipientListNew
PK11_SetPasswordFunc
CERT_DestroyCertificate
CERT_DupCertificate
CERT_FindSubjectKeyIDExtension
SECKEY_DestroySubjectPublicKeyInfo
SECKEY_CopyPrivateKey
SECKEY_CopyPublicKey
SECKEY_CreateSubjectPublicKeyInfo
SECKEY_DestroyPrivateKey
PK11_FindPrivateKeyFromCert
CERT_FindCertByDERCert
CERT_VerifyCert
CERT_CertChainFromCert
CERT_DestroyCertificateList
CERT_DestroyCertArray
CERT_ImportCerts
CERT_NewCertList
CERT_DestroyCertList
CERT_AddCertToListTail
CERT_FilterCertListByUsage
CERT_GetDefaultCertDB
CERT_FindCertBySubjectKeyID
CERT_GetCommonName
CERT_CertListFromCert
CERT_SaveSMimeProfile
SECKEY_GetPrivateKeyType
PK11_FindKeyByAnyCert
SEC_SignData
SGN_Digest
SEC_GetSignatureAlgorithmOidTag
VFY_VerifyDigestDirect
VFY_VerifyDigestWithAlgorithmID
VFY_VerifyDataDirect
VFY_VerifyDataWithAlgorithmID
NSS_RegisterShutdown
NSS_Get_CERT_SetOfSignedCrlTemplate
PK11_IsHW
PK11_GetBlockSize
PK11_ParamFromAlgid
PK11_GenerateNewParam
PK11_ParamToAlgid
PK11_GetSymKeyUserData
PK11_GetSlotFromKey
PK11_DestroyContext
PK11_CreateContextBySymKey
PK11_CipherOp
PK11_GetPBECryptoMechanism
SEC_PKCS5IsAlgorithmPBEAlg
SECKEY_PublicKeyStrength
PK11_PubWrapSymKey
PK11_PubUnwrapSymKey
NSS_Get_CERT_TimeChoiceTemplate
SECKEY_DestroyPrivateKeyInfo
SECKEY_DestroyEncryptedPrivateKeyInfo
SECKEY_CopyPrivateKeyInfo
SECKEY_CopyEncryptedPrivateKeyInfo
HASH_GetHMACOidTagByHashOidTag
PK11_ReferenceSlot
PK11_GetInternalKeySlot
PK11_GetInternalSlot
PK11_IsInternal
PK11_SetSymKeyUserData
PK11_ExportPrivateKeyInfo
PK11_ExportEncryptedPrivateKeyInfoV2
PK11_DigestBegin
PK11_DigestOp
PK11_DigestFinal
PK11_CreatePBEParams
PK11_DestroyPBEParams
PK11_PBEKeyGen
NSS_OptionGet
CERT_NewTempCertificate
__CERT_DecodeDERCertificate
CERT_IsCADERCert
CERT_IsRootDERCert
PK11_GetTokenName
PK11_ImportPublicKey
PK11_ImportPrivateKeyInfo
PK11_ImportEncryptedPrivateKeyInfo
PK11_FindKeyByDERCert
PK11_ImportDERCert
PK11_TraverseCertsForSubjectInSlot
PK11_ImportCertForKeyToSlot
PK11_TraverseCertsForNicknameInSlot
SEC_PKCS5GetCryptoAlgorithm
NSS_Get_SECKEY_PrivateKeyInfoTemplate
NSS_Get_SECKEY_PointerToEncryptedPrivateKeyInfoTemplate
PK11_GenerateRandom
PK11_HashBuf
NSS_Get_SECKEY_PointerToPrivateKeyInfoTemplate
PK11_CreatePBEV2AlgorithmID
PK11_FindCertAndKeyByRecipientList
HASH_ResultLen
HASH_GetHashTypeByOidTag

nssutil3

NSS_Get_SEC_OctetStringTemplate_Util
PORT_ZAlloc_Util
PORT_Free_Util
PORT_SetError_Util
PORT_NewArena_Util
PORT_FreeArena_Util
PORT_ArenaZAlloc_Util
SECITEM_FreeItem_Util
SECOID_FindOIDTag_Util
SECOID_FindOIDByTag_Util
SECOID_GetAlgorithmTag_Util
SEC_QuickDERDecodeItem_Util
SEC_ASN1EncodeItem_Util
SECITEM_AllocItem_Util
SECITEM_CopyItem_Util
SECOID_FindOID_Util
SECOID_SetAlgorithmID_Util
SECOID_CopyAlgorithmID_Util
SECITEM_ItemsAreEqual_Util
SECOID_CompareAlgorithmID_Util
PORT_Alloc_Util
PORT_GetError_Util
PORT_ArenaAlloc_Util
PORT_ArenaMark_Util
PORT_ArenaRelease_Util
PORT_ArenaUnmark_Util
SEC_ASN1DecoderStart_Util
SEC_ASN1DecoderUpdate_Util
SEC_ASN1DecoderFinish_Util
SEC_ASN1DecoderSetFilterProc_Util
SEC_ASN1DecoderClearFilterProc_Util
SEC_ASN1DecoderSetNotifyProc_Util
SECITEM_ArenaDupItem_Util
SEC_ASN1EncodeInteger_Util
PORT_ArenaGrow_Util
SEC_ASN1EncoderStart_Util
SEC_ASN1EncoderUpdate_Util
SEC_ASN1EncoderFinish_Util
SEC_ASN1EncoderSetNotifyProc_Util
SEC_ASN1EncoderClearNotifyProc_Util
SEC_ASN1EncoderSetStreaming_Util
SEC_ASN1EncoderClearStreaming_Util
SEC_ASN1EncoderSetTakeFromBuf_Util
SEC_ASN1EncoderClearTakeFromBuf_Util
SECOID_DestroyAlgorithmID_Util
SEC_ASN1DecodeInteger_Util
NSS_Get_SECOID_AlgorithmIDTemplate_Util
PORT_Strdup_Util
DER_DecodeTimeChoice_Util
DER_EncodeTimeChoice_Util
NSS_Get_SEC_PointerToOctetStringTemplate_Util
NSS_Get_SEC_BitStringTemplate_Util
NSS_Get_SEC_SetOfAnyTemplate_Util
NSS_Get_SEC_AnyTemplate_Util
NSS_Get_SEC_IA5StringTemplate_Util
NSS_Get_SEC_ObjectIDTemplate_Util
PORT_ArenaStrdup_Util
SECITEM_CompareItem_Util
SECITEM_ZfreeItem_Util
SGN_CreateDigestInfo_Util
SGN_DestroyDigestInfo_Util
SGN_CopyDigestInfo_Util
PORT_Realloc_Util
PORT_ZFree_Util
SECITEM_DupItem_Util
SEC_ASN1DecoderClearNotifyProc_Util
SEC_ASN1DecodeItem_Util
DER_GetInteger_Util
NSS_GetAlgorithmPolicy
NSS_SetAlgorithmPolicy
NSS_Get_sgn_DigestInfoTemplate_Util
PORT_UCS2_ASCIIConversion_Util
PORT_UCS2_UTF8Conversion_Util
NSS_Get_SEC_PointerToAnyTemplate_Util
NSS_Get_SEC_BMPStringTemplate_Util
ATOB_AsciiToData_Util
ATOB_ConvertAsciiToItem_Util
SEC_ASN1DecoderAbort_Util
SEC_ASN1EncoderAbort_Util
SEC_ASN1Encode_Util

Exports

Exports

CERT_ConvertAndDecodeCertificate
CERT_DecodeCertFromPackage
CERT_DecodeCertPackage
NSSSMIME_GetVersion
NSSSMIME_VersionCheck
NSS_CMSContentInfo_GetBulkKey
NSS_CMSContentInfo_GetBulkKeySize
NSS_CMSContentInfo_GetContent
NSS_CMSContentInfo_GetContentEncAlgTag
NSS_CMSContentInfo_GetContentTypeTag
NSS_CMSContentInfo_SetBulkKey
NSS_CMSContentInfo_SetContent
NSS_CMSContentInfo_SetContentEncAlg
NSS_CMSContentInfo_SetContent_Data
NSS_CMSContentInfo_SetContent_DigestedData
NSS_CMSContentInfo_SetContent_EncryptedData
NSS_CMSContentInfo_SetContent_EnvelopedData
NSS_CMSContentInfo_SetContent_SignedData
NSS_CMSContentInfo_SetDontStream
NSS_CMSDEREncode
NSS_CMSDecoder_Cancel
NSS_CMSDecoder_Finish
NSS_CMSDecoder_Start
NSS_CMSDecoder_Update
NSS_CMSDigestContext_Cancel
NSS_CMSDigestContext_FinishMultiple
NSS_CMSDigestContext_FinishSingle
NSS_CMSDigestContext_StartMultiple
NSS_CMSDigestContext_StartSingle
NSS_CMSDigestContext_Update
NSS_CMSDigestedData_Create
NSS_CMSDigestedData_Destroy
NSS_CMSDigestedData_GetContentInfo
NSS_CMSEncoder_Cancel
NSS_CMSEncoder_Finish
NSS_CMSEncoder_Start
NSS_CMSEncoder_Update
NSS_CMSEncryptedData_Create
NSS_CMSEncryptedData_Destroy
NSS_CMSEncryptedData_GetContentInfo
NSS_CMSEnvelopedData_AddRecipient
NSS_CMSEnvelopedData_Create
NSS_CMSEnvelopedData_Destroy
NSS_CMSEnvelopedData_GetContentInfo
NSS_CMSMessage_ContentLevel
NSS_CMSMessage_ContentLevelCount
NSS_CMSMessage_Copy
NSS_CMSMessage_Create
NSS_CMSMessage_CreateFromDER
NSS_CMSMessage_Destroy
NSS_CMSMessage_GetContent
NSS_CMSMessage_GetContentInfo
NSS_CMSMessage_IsEncrypted
NSS_CMSMessage_IsSigned
NSS_CMSRecipientInfo_Create
NSS_CMSRecipientInfo_CreateFromDER
NSS_CMSRecipientInfo_CreateNew
NSS_CMSRecipientInfo_CreateWithSubjKeyID
NSS_CMSRecipientInfo_CreateWithSubjKeyIDFromCert
NSS_CMSRecipientInfo_Destroy
NSS_CMSRecipientInfo_Encode
NSS_CMSRecipientInfo_GetCertAndKey
NSS_CMSRecipientInfo_UnwrapBulkKey
NSS_CMSRecipientInfo_WrapBulkKey
NSS_CMSSignedData_AddCertChain
NSS_CMSSignedData_AddCertList
NSS_CMSSignedData_AddCertificate
NSS_CMSSignedData_AddDigest
NSS_CMSSignedData_AddSignerInfo
NSS_CMSSignedData_Create
NSS_CMSSignedData_CreateCertsOnly
NSS_CMSSignedData_Destroy
NSS_CMSSignedData_GetContentInfo
NSS_CMSSignedData_GetDigestAlgs
NSS_CMSSignedData_GetSignerInfo
NSS_CMSSignedData_HasDigests
NSS_CMSSignedData_ImportCerts
NSS_CMSSignedData_SetDigestValue
NSS_CMSSignedData_SetDigests
NSS_CMSSignedData_SignerInfoCount
NSS_CMSSignedData_VerifyCertsOnly
NSS_CMSSignedData_VerifySignerInfo
NSS_CMSSignerInfo_AddMSSMIMEEncKeyPrefs
NSS_CMSSignerInfo_AddSMIMECaps
NSS_CMSSignerInfo_AddSMIMEEncKeyPrefs
NSS_CMSSignerInfo_AddSigningTime
NSS_CMSSignerInfo_Create
NSS_CMSSignerInfo_CreateWithSubjKeyID
NSS_CMSSignerInfo_Destroy
NSS_CMSSignerInfo_GetCertList
NSS_CMSSignerInfo_GetSignerCommonName
NSS_CMSSignerInfo_GetSignerEmailAddress
NSS_CMSSignerInfo_GetSigningCertificate
NSS_CMSSignerInfo_GetSigningTime
NSS_CMSSignerInfo_GetVerificationStatus
NSS_CMSSignerInfo_GetVersion
NSS_CMSSignerInfo_IncludeCerts
NSS_CMSSignerInfo_Verify
NSS_CMSType_RegisterContentType
NSS_CMSUtil_VerificationStatusToString
NSS_Get_NSSCMSGenericWrapperDataTemplate
NSS_Get_NSS_PointerToCMSGenericWrapperDataTemplate
NSS_SMIMESignerInfo_SaveSMIMEProfile
NSS_SMIMEUtil_CreateMSSMIMEEncKeyPrefs
NSS_SMIMEUtil_FindBulkAlgForRecipients
SECMIME_DecryptionAllowed
SEC_PKCS12AddCertAndKey
SEC_PKCS12AddCertOrChainAndKey
SEC_PKCS12AddPasswordIntegrity
SEC_PKCS12CreateExportContext
SEC_PKCS12CreatePasswordPrivSafe
SEC_PKCS12CreateUnencryptedSafe
SEC_PKCS12DecoderFinish
SEC_PKCS12DecoderGetCerts
SEC_PKCS12DecoderImportBags
SEC_PKCS12DecoderIterateInit
SEC_PKCS12DecoderIterateNext
SEC_PKCS12DecoderRenameCertNicknames
SEC_PKCS12DecoderSetTargetTokenCAs
SEC_PKCS12DecoderStart
SEC_PKCS12DecoderUpdate
SEC_PKCS12DecoderValidateBags
SEC_PKCS12DecoderVerify
SEC_PKCS12DecryptionAllowed
SEC_PKCS12DestroyExportContext
SEC_PKCS12EnableCipher
SEC_PKCS12Encode
SEC_PKCS12IsEncryptionAllowed
SEC_PKCS12SetPreferredCipher
SEC_PKCS7AddCertificate
SEC_PKCS7AddRecipient
SEC_PKCS7AddSigningTime
SEC_PKCS7ContainsCertsOrCrls
SEC_PKCS7ContentIsEncrypted
SEC_PKCS7ContentIsSigned
SEC_PKCS7ContentType
SEC_PKCS7CopyContentInfo
SEC_PKCS7CreateCertsOnly
SEC_PKCS7CreateData
SEC_PKCS7CreateEncryptedData
SEC_PKCS7CreateEnvelopedData
SEC_PKCS7CreateSignedData
SEC_PKCS7DecodeItem
SEC_PKCS7DecoderAbort
SEC_PKCS7DecoderFinish
SEC_PKCS7DecoderStart
SEC_PKCS7DecoderUpdate
SEC_PKCS7DecryptContents
SEC_PKCS7DestroyContentInfo
SEC_PKCS7Encode
SEC_PKCS7EncodeItem
SEC_PKCS7EncoderAbort
SEC_PKCS7EncoderFinish
SEC_PKCS7EncoderStart
SEC_PKCS7EncoderUpdate
SEC_PKCS7GetCertificateList
SEC_PKCS7GetContent
SEC_PKCS7GetEncryptionAlgorithm
SEC_PKCS7GetSignerCommonName
SEC_PKCS7GetSignerEmailAddress
SEC_PKCS7GetSigningTime
SEC_PKCS7IncludeCertChain
SEC_PKCS7IsContentEmpty
SEC_PKCS7SetContent
SEC_PKCS7VerifyDetachedSignature
SEC_PKCS7VerifyDetachedSignatureAtTime
SEC_PKCS7VerifySignature

Sections

.text
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Lib/Cert/nss/softokn3.dll
.dll windows:5 windows x86 arch:x86

288e33ab91afb297df654278c6d56d08

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
GetCurrentProcess
TerminateProcess
GetTempPathA
WideCharToMultiByte

vcruntime140

memset
_except_handler4_common
__std_type_info_destroy_list
strrchr
memcpy

api-ms-win-crt-runtime-l1-1-0

_cexit
_seh_filter_dll
_execute_onexit_table
_configure_narrow_argv
_initialize_onexit_table
_initterm_e
_initialize_narrow_environment
_initterm

nssutil3

NSSUTIL_ArgFetchValue
PORT_Alloc_Util
PORT_Realloc_Util
PORT_ZAlloc_Util
PORT_Free_Util
PORT_SetError_Util
PORT_GetError_Util
PORT_NewArena_Util
PORT_FreeArena_Util
PORT_ArenaAlloc_Util
PORT_ArenaZAlloc_Util
SECITEM_ZfreeItem_Util
SECITEM_HashCompare
DER_SetUInteger
SECOID_Init
SECOID_Shutdown
UTIL_SetForkState
NSSUTIL_DoModuleDBFunction
_NSSUTIL_GetSecmodName
SEC_QuickDERDecodeItem_Util
PORT_ArenaGrow_Util
_NSSUTIL_Access
DER_GetInteger_Util
SECOID_DestroyAlgorithmID_Util
SECITEM_CompareItem_Util
_NSSUTIL_UTF8ToWide
_NSSUTIL_EvaluateConfigDir
PORT_Strdup_Util
NSS_Get_SEC_ObjectIDTemplate_Util
NSS_Get_SEC_BitStringTemplate_Util
NSS_Get_SEC_AnyTemplate_Util
NSS_Get_SECOID_AlgorithmIDTemplate_Util
NSSUTIL_ArgHasFlag
NSSUTIL_ArgIsBlank
NSSUTIL_ArgDecodeNumber
NSSUTIL_ArgGetLabel
NSSUTIL_ArgSkipParameter
NSSUTIL_ArgStrip
SECITEM_ItemsAreEqual_Util
SECITEM_FreeItem_Util
SECITEM_AllocItem_Util
SEC_ASN1EncodeInteger_Util
SEC_ASN1EncodeItem_Util
SEC_ASN1DecodeItem_Util
SECOID_GetAlgorithmTag_Util
SECOID_CopyAlgorithmID_Util
SECOID_SetAlgorithmID_Util
SECOID_FindOIDByMechanism
SGN_DestroyDigestInfo_Util
SGN_CreateDigestInfo_Util
DER_Encode_Util
_SGN_VerifyPKCS1DigestInfo
SECITEM_DupItem_Util
SECITEM_CopyItem_Util
NSS_SecureMemcmp
PORT_ZFree_Util
NSS_Get_SEC_OctetStringTemplate_Util

sqlite3

sqlite3_close
sqlite3_exec
sqlite3_busy_timeout
sqlite3_mprintf
sqlite3_free
sqlite3_open_v2
sqlite3_bind_blob
sqlite3_file_control
sqlite3_reset
sqlite3_finalize
sqlite3_column_bytes
sqlite3_column_text
sqlite3_column_int
sqlite3_column_blob
sqlite3_step
sqlite3_bind_text
sqlite3_bind_int
sqlite3_prepare_v2

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf

api-ms-win-crt-string-l1-1-0

isupper
isdigit
islower

api-ms-win-crt-convert-l1-1-0

strtoul
atoi

api-ms-win-crt-environment-l1-1-0

getenv

api-ms-win-crt-heap-l1-1-0

realloc
free
malloc

api-ms-win-crt-utility-l1-1-0

qsort

api-ms-win-crt-filesystem-l1-1-0

_wchmod

libnspr4

PR_GetDirectorySeparator
PR_GetLibraryFilePathname
PR_FindFunctionSymbol
PR_UnloadLibrary
PR_LoadLibraryWithFlags
PR_smprintf
PR_Access
PR_GetEnvSecure
PR_snprintf
PR_GetEnv
PR_smprintf_free
PR_Sleep
PR_Unlock
PR_Lock
PR_DestroyLock
PR_NewLock
PR_SecondsToInterval
PR_MillisecondsToInterval
PR_IntervalNow
PR_GetCurrentThread
PR_Now
PR_NewMonitor
PR_DestroyMonitor
PR_Free
PR_SetError
PR_CallOnce
PR_EnterMonitor
PR_ExitMonitor

libplc4

PL_strncasecmp
PL_strcasecmp

libplds4

PL_HashTableDestroy
PL_NewHashTable
PL_HashTableEnumerateEntries
PL_HashTableRemove
PL_HashTableLookup
PL_HashTableLookupConst
PL_CompareValues
PL_HashTableAdd

Exports

Exports

C_GetFunctionList
C_GetInterface
C_GetInterfaceList
FC_GetFunctionList
FC_GetInterface
FC_GetInterfaceList
NSC_GetFunctionList
NSC_GetInterface
NSC_GetInterfaceList
NSC_ModuleDBFunc

Sections

.text
Size: 171KB - Virtual size: 170KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Lib/Cert/nss/sqlite3.dll
.dll windows:5 windows x86 arch:x86

1b5dd29fa5d117a8d6dfd79204d5034c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
GetCurrentProcess
TerminateProcess
DeleteCriticalSection
TryEnterCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
AreFileApisANSI
ReadFile
HeapCreate
HeapFree
GetFullPathNameW
WriteFile
GetDiskFreeSpaceW
OutputDebugStringA
LockFile
SetFilePointer
GetFullPathNameA
SetEndOfFile
UnlockFileEx
GetTempPathW
CreateMutexW
FlushFileBuffers
GetTickCount
MapViewOfFile
CreateFileMappingW
FormatMessageA
GetSystemTime
WideCharToMultiByte
FreeLibrary
SystemTimeToFileTime
GetProcessHeap
GetFileSize
LockFileEx
LocalFree
GetProcAddress
UnlockFile
HeapDestroy
HeapCompact
HeapAlloc
LoadLibraryW
GetSystemInfo
CloseHandle
HeapReAlloc
DeleteFileW
DeleteFileA
WaitForSingleObjectEx
LoadLibraryA
CreateFileA
FlushViewOfFile
OutputDebugStringW
GetFileAttributesExW
GetFileAttributesA
GetLastError
GetDiskFreeSpaceA
FormatMessageW
GetTempPathA
Sleep
MultiByteToWideChar
HeapSize
HeapValidate
UnmapViewOfFile
GetFileAttributesW
CreateFileW
WaitForSingleObject

vcruntime140

_except_handler4_common
memset
__std_type_info_destroy_list
strrchr
memcpy
memmove

api-ms-win-crt-runtime-l1-1-0

_initterm
_initterm_e
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_execute_onexit_table
_beginthreadex
_cexit
_endthreadex

api-ms-win-crt-heap-l1-1-0

_msize
malloc
realloc
free

api-ms-win-crt-string-l1-1-0

strncmp
strcspn

api-ms-win-crt-time-l1-1-0

_localtime64_s

Exports

Exports

sqlite3_aggregate_context
sqlite3_aggregate_count
sqlite3_auto_extension
sqlite3_bind_blob
sqlite3_bind_double
sqlite3_bind_int
sqlite3_bind_int64
sqlite3_bind_null
sqlite3_bind_parameter_count
sqlite3_bind_parameter_index
sqlite3_bind_parameter_name
sqlite3_bind_text
sqlite3_bind_text16
sqlite3_bind_value
sqlite3_busy_handler
sqlite3_busy_timeout
sqlite3_changes
sqlite3_clear_bindings
sqlite3_close
sqlite3_collation_needed
sqlite3_collation_needed16
sqlite3_column_blob
sqlite3_column_bytes
sqlite3_column_bytes16
sqlite3_column_count
sqlite3_column_decltype
sqlite3_column_decltype16
sqlite3_column_double
sqlite3_column_int
sqlite3_column_int64
sqlite3_column_name
sqlite3_column_name16
sqlite3_column_text
sqlite3_column_text16
sqlite3_column_type
sqlite3_column_value
sqlite3_commit_hook
sqlite3_complete
sqlite3_complete16
sqlite3_create_collation
sqlite3_create_collation16
sqlite3_create_function
sqlite3_create_function16
sqlite3_create_module
sqlite3_data_count
sqlite3_db_handle
sqlite3_declare_vtab
sqlite3_enable_load_extension
sqlite3_enable_shared_cache
sqlite3_errcode
sqlite3_errmsg
sqlite3_errmsg16
sqlite3_exec
sqlite3_expired
sqlite3_extended_result_codes
sqlite3_file_control
sqlite3_finalize
sqlite3_free
sqlite3_free_table
sqlite3_get_autocommit
sqlite3_get_auxdata
sqlite3_get_table
sqlite3_global_recover
sqlite3_interrupt
sqlite3_last_insert_rowid
sqlite3_libversion
sqlite3_libversion_number
sqlite3_load_extension
sqlite3_malloc
sqlite3_mprintf
sqlite3_open
sqlite3_open16
sqlite3_open_v2
sqlite3_overload_function
sqlite3_prepare
sqlite3_prepare16
sqlite3_prepare16_v2
sqlite3_prepare_v2
sqlite3_profile
sqlite3_progress_handler
sqlite3_realloc
sqlite3_reset
sqlite3_reset_auto_extension
sqlite3_result_blob
sqlite3_result_double
sqlite3_result_error
sqlite3_result_error16
sqlite3_result_int
sqlite3_result_int64
sqlite3_result_null
sqlite3_result_text
sqlite3_result_text16
sqlite3_result_text16be
sqlite3_result_text16le
sqlite3_result_value
sqlite3_rollback_hook
sqlite3_set_authorizer
sqlite3_set_auxdata
sqlite3_sleep
sqlite3_snprintf
sqlite3_step
sqlite3_thread_cleanup
sqlite3_total_changes
sqlite3_trace
sqlite3_transfer_bindings
sqlite3_update_hook
sqlite3_user_data
sqlite3_value_blob
sqlite3_value_bytes
sqlite3_value_bytes16
sqlite3_value_double
sqlite3_value_int
sqlite3_value_int64
sqlite3_value_numeric_type
sqlite3_value_text
sqlite3_value_text16
sqlite3_value_text16be
sqlite3_value_text16le
sqlite3_value_type
sqlite3_version
sqlite3_vmprintf
sqlite3_wal_checkpoint

Sections

.text
Size: 639KB - Virtual size: 638KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Lib/Cert/nss/ssl3.dll
.dll windows:5 windows x86 arch:x86

d76b44f38df269fd6b245e1225becb1f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
GetCurrentProcess
TerminateProcess
GetLastError
ReleaseMutex
WaitForSingleObject
CreateMutexA
CloseHandle

vcruntime140

memcpy
memmove
strstr
strchr
memchr
memset
__std_type_info_destroy_list
_except_handler4_common

api-ms-win-crt-runtime-l1-1-0

_cexit
_initterm
_execute_onexit_table
_initterm_e
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_getpid
_initialize_onexit_table

nss3

PK11_GetSlotSeries
PK11_GetCurrentWrapIndex
PK11_GetSlotID
PK11_GetModuleID
PK11_TokenExists
PK11_IsPresent
PK11_DoesMechanism
PK11_GetBestWrapMechanism
PK11_GetBestKeyLength
PK11_ReferenceSymKey
PK11_SymKeyFromHandle
PK11_GetWrapKey
PK11_SetWrapKey
PK11_GetMechanism
PK11_WrapSymKey
PK11_MoveSymKey
PK11_Derive
PK11_DeriveWithFlags
PK11_PubDerive
PK11_PubDeriveWithKDF
PK11_UnwrapSymKey
PK11_UnwrapSymKeyWithFlags
PK11_ExtractKeyValue
PK11_GetKeyData
PK11_GetSlotFromKey
PK11_DigestKey
PK11_VerifyKeyOK
PK11_FindObjectForCert
PK11_SignatureLen
PK11_GetSlotFromPrivateKey
PK11_SignWithMechanism
PK11_SignWithSymKey
PK11_VerifyWithMechanism
PK11_DestroyContext
PK11_CreateContextBySymKey
PK11_CreateDigestContext
PK11_DigestBegin
PK11_HashBuf
PK11_DigestOp
PK11_CipherOp
PK11_DigestFinal
PK11_SaveContextAlloc
PK11_NeedLogin
PK11_ContextGetFIPSStatus
SECMOD_LookupSlot
PK11_CloneContext
PK11_AEADOp
PK11_ImportDataKey
PK11_HPKE_ValidateParameters
PK11_HPKE_NewContext
PK11_HPKE_Deserialize
PK11_HPKE_GetEncapPubKey
PK11_HPKE_Open
PK11_HPKE_Seal
PK11_HPKE_Serialize
PK11_HPKE_SetupS
PK11_HPKE_SetupR
NSS_Get_SECKEY_RSAPublicKeyTemplate
NSS_Get_CERT_SubjectPublicKeyInfoTemplate
SECKEY_DestroySubjectPublicKeyInfo
SECKEY_CreateSubjectPublicKeyInfo
SECKEY_DecodeDERSubjectPublicKeyInfo
PK11_Encrypt
PK11_GetSymKeyHandle
PK11_SymKeysToSameSlot
PK11_HPKE_ExportContext
PK11_HPKE_ImportContext
PK11_Decrypt
CERT_DestroyCertificate
CERT_DupCertificate
CERT_GetDefaultCertDB
CERT_FreeDistNames
CERT_DupDistNames
SECKEY_BigIntegerBitLength
SECKEY_CopyPrivateKey
SECKEY_CopyPublicKey
SECKEY_DestroyPrivateKey
SECKEY_DestroyPublicKey
NSS_RegisterShutdown
NSS_OptionGet
PK11_PQG_ParamGenV2
PK11_PQG_VerifyParams
PK11_PQG_DestroyParams
PK11_PQG_DestroyVerify
PK11_GenerateRandom
NSS_VersionCheck
CERT_FindCertByName
CERT_ExtractPublicKey
CERT_GetSSLCACerts
CERT_CertChainFromCert
CERT_DupCertList
CERT_DestroyCertificateList
SECKEY_PublicKeyStrengthInBits
SECKEY_ExtractPublicKey
SECKEY_CacheStaticFlags
PK11_RestoreContext
SECKEY_GetPrivateKeyType
SECKEY_GetPublicKeyType
PK11_ReferenceSlot
PK11_FreeSlot
PK11_GetBestSlot
PK11_MapSignKeyType
PK11_CopyTokenPrivKeyToSessionPrivKey
NSS_Get_CERT_NameTemplate
CERT_NameToAscii
CERT_DestroyCertList
CERT_RemoveCertListNode
CERT_FilterCertListByUsage
CERT_FindUserCertsByUsage
CERT_FilterCertListByCANames
CERT_FilterCertListForUserCerts
CERT_FilterCertListByNickname
PK11_FindKeyByAnyCert
PK11_FindCertsFromNickname
CERT_DistNamesFromCertList
PK11_HPKE_DestroyContext
CERT_VerifyCertName
CERT_VerifyCert
PK11_IsLoggedIn
HASH_ResultLenByOidTag
VFY_VerifyDigestDirect
SGN_Digest
DSAU_DecodeDerSigToLen
DSAU_EncodeDerSigWithLen
SECKEY_CreateECPrivateKey
SECKEY_CreateDHPrivateKey
SECKEY_SignatureLen
SECKEY_UpdateCertPQG
NSS_Get_SECKEY_RSAPSSParamsTemplate
HASH_HashBuf
PK11_PubUnwrapSymKey
PK11_PubWrapSymKey
PK11_KeyGen
PK11_FreeSymKey
PK11_GetBestSlotMultiple
SECKEY_PublicKeyStrength
CERT_NewTempCertificate
CERT_CacheOCSPResponseFromSideChannel
CERT_AddCertToListTail
CERT_NewCertList

nssutil3

SECOID_FindOIDByTag_Util
SECOID_FindOID_Util
DER_DecodeTimeChoice_Util
SEC_ASN1EncodeInteger_Util
SEC_ASN1EncodeItem_Util
SECOID_SetAlgorithmID_Util
NSS_Get_SECOID_AlgorithmIDTemplate_Util
PORT_Realloc_Util
SECITEM_ZfreeItem_Util
SECOID_FindOIDByMechanism
SECITEM_MakeItem
NSS_SecureMemcmp
PORT_ArenaZAlloc_Util
PORT_DestroyCheapArena
PORT_InitCheapArena
SECITEM_DupItem_Util
ATOB_AsciiToData_Util
BTOA_DataToAscii_Util
SECITEM_Hash
NSS_PutEnv_Util
SECITEM_AllocArray
PORT_FreeArena_Util
PORT_NewArena_Util
SECOID_GetAlgorithmTag_Util
SEC_QuickDERDecodeItem_Util
SECITEM_DupArray
SECITEM_CompareItem_Util
NSSRWLock_UnlockWrite_Util
NSSRWLock_LockWrite_Util
NSSRWLock_Destroy_Util
NSSRWLock_New_Util
NSS_IsPolicyLocked
NSS_GetAlgorithmPolicy
SECITEM_FreeItem_Util
SECITEM_CopyItem_Util
SECITEM_ItemsAreEqual_Util
SECITEM_AllocItem_Util
PORT_ArenaAlloc_Util
PORT_GetError_Util
PORT_Strdup_Util
NSSRWLock_UnlockRead_Util
NSSRWLock_LockRead_Util
PORT_SetError_Util
PORT_ZFree_Util
PORT_Free_Util
PORT_ZAlloc_Util
PORT_Alloc_Util
SECITEM_FreeArray

api-ms-win-crt-stdio-l1-1-0

fopen
fputs
ftell
fflush
fwrite
fclose

libnspr4

PR_snprintf
PR_CloseFileMap
PR_MemUnmap
PR_MemMap
PR_RWLock_Unlock
PR_RWLock_Wlock
PR_DestroyRWLock
PR_NewRWLock
PR_htonll
PR_CallOnceWithArg
PR_ConvertIPv4AddrToIPv6
PR_CallOnce
PR_GetEnvSecure
PR_ExplodeTime
PR_SetError
PR_GetSocketOption
PR_Close
PR_RWLock_Rlock
PR_CreateIOLayerStub
PR_GetDefaultIOMethods
PR_GetIdentitiesLayer
PR_GetUniqueIdentity
PR_Now
PR_Unlock
PR_Lock
PR_DestroyLock
PR_NewLock
PR_DestroyMonitor
PR_NewMonitor
PR_EmulateAcceptRead
PR_EmulateSendFile
PR_ExitMonitor
PR_EnterMonitor
PR_MillisecondsToInterval
PR_IntervalNow
PR_smprintf_free
PR_OpenAnonFileMap
PR_ExportFileMapAsString
PR_GMTParameters
PR_ImportFileMapFromString
PR_Sleep
PR_GetMonitorEntryCount
PR_PushIOLayer
PR_FormatTime
PR_PopIOLayer
PR_StringToNetAddr
PR_ErrorInstallTable
PR_ntohl
PR_GetError
PR_GetCurrentThread
PR_smprintf

libplc4

PL_strdup

Exports

Exports

DTLS_GetHandshakeTimeout
DTLS_ImportFD
NSSSSL_GetVersion
NSSSSL_VersionCheck
NSS_CmpCertChainWCANames
NSS_FindCertKEAType
NSS_GetClientAuthData
NSS_SetDomesticPolicy
NSS_SetExportPolicy
NSS_SetFrancePolicy
SSL_AlertReceivedCallback
SSL_AlertSentCallback
SSL_AuthCertificate
SSL_AuthCertificateComplete
SSL_AuthCertificateHook
SSL_BadCertHook
SSL_CanBypass
SSL_CertDBHandleSet
SSL_CertIsUsable
SSL_CipherPolicyGet
SSL_CipherPolicySet
SSL_CipherPrefGet
SSL_CipherPrefGetDefault
SSL_CipherPrefSet
SSL_CipherPrefSetDefault
SSL_ClearSessionCache
SSL_ConfigMPServerSIDCache
SSL_ConfigSecureServer
SSL_ConfigSecureServerWithCertChain
SSL_ConfigServerCert
SSL_ConfigServerSessionIDCache
SSL_ConfigServerSessionIDCacheWithOpt
SSL_DHEGroupPrefSet
SSL_DataPending
SSL_EnableWeakDHEPrimeGroup
SSL_ExportEarlyKeyingMaterial
SSL_ExportKeyingMaterial
SSL_FilterClientCertListBySocket
SSL_ForceHandshake
SSL_ForceHandshakeWithTimeout
SSL_GetChannelInfo
SSL_GetCipherSuiteInfo
SSL_GetClientAuthDataHook
SSL_GetExperimentalAPI
SSL_GetImplementedCiphers
SSL_GetMaxServerCacheLocks
SSL_GetNegotiatedHostInfo
SSL_GetNextProto
SSL_GetNumImplementedCiphers
SSL_GetPreliminaryChannelInfo
SSL_GetSRTPCipher
SSL_GetSessionID
SSL_GetStatistics
SSL_HandshakeCallback
SSL_HandshakeNegotiatedExtension
SSL_ImplementedCiphers
SSL_ImportFD
SSL_InheritMPServerSIDCache
SSL_InvalidateSession
SSL_LocalCertificate
SSL_NamedGroupConfig
SSL_NumImplementedCiphers
SSL_OptionGet
SSL_OptionGetDefault
SSL_OptionSet
SSL_OptionSetDefault
SSL_PeerCertificate
SSL_PeerCertificateChain
SSL_PeerSignedCertTimestamps
SSL_PeerStapledOCSPResponses
SSL_PreencryptedFileToStream
SSL_PreencryptedStreamToFile
SSL_ReHandshake
SSL_ReHandshakeWithTimeout
SSL_RecommendedCanFalseStart
SSL_ReconfigFD
SSL_ResetHandshake
SSL_RestartHandshakeAfterCertReq
SSL_RestartHandshakeAfterServerCert
SSL_RevealCert
SSL_RevealPinArg
SSL_RevealURL
SSL_SNISocketConfigHook
SSL_SecurityStatus
SSL_SendAdditionalKeyShares
SSL_SetCanFalseStartCallback
SSL_SetDowngradeCheckVersion
SSL_SetMaxServerCacheLocks
SSL_SetNextProtoCallback
SSL_SetNextProtoNego
SSL_SetPKCS11PinArg
SSL_SetSRTPCiphers
SSL_SetSessionTicketKeyPair
SSL_SetSignedCertTimestamps
SSL_SetSockPeerID
SSL_SetStapledOCSPResponses
SSL_SetTrustAnchors
SSL_SetURL
SSL_ShutdownServerSessionIDCache
SSL_SignatureMaxCount
SSL_SignaturePrefGet
SSL_SignaturePrefSet
SSL_SignatureSchemePrefGet
SSL_SignatureSchemePrefSet
SSL_VersionRangeGet
SSL_VersionRangeGetDefault
SSL_VersionRangeGetSupported
SSL_VersionRangeSet
SSL_VersionRangeSetDefault

Sections

.text
Size: 221KB - Virtual size: 220KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Lib/Cert/nss/vcruntime140.dll
.dll windows:6 windows x86 arch:x86

2262054530b5f8bbeb0c4e3a111a37eb

Code Sign

33:00:00:00:e5:ce:9e:eb:de:4d:48:35:f4:00:00:00:00:00:e5
Certificate

Issuer

CN=Microsoft Windows Third Party Component CA 2013,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

02/02/2023, 22:33

Not After

31/01/2024, 22:33

Subject

CN=Microsoft Windows Software Compatibility Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

33:00:00:00:14:9d:fb:c3:1f:1f:63:c3:10:00:00:00:00:00:14
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

01/05/2013, 20:44

Not After

01/05/2028, 20:54

Subject

CN=Microsoft Windows Third Party Component CA 2013,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:03:3c:2b:0a:49:d9:d2:91:7e:ac:00:00:00:00:03:3c
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16/02/2023, 20:10

Not After

31/01/2024, 20:10

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

57:9f:e4:21:b8:c6:d8:b4:2f:67:93:16:5a:44:7a:0e:0f:92:3b:62:4e:44:d2:ff:e9:16:74:72:cf:19:2b:d4
Signer

Actual PE Digest

57:9f:e4:21:b8:c6:d8:b4:2f:67:93:16:5a:44:7a:0e:0f:92:3b:62:4e:44:d2:ff:e9:16:74:72:cf:19:2b:d4

Digest Algorithm

sha256

PE Digest Matches

true

57:9f:e4:21:b8:c6:d8:b4:2f:67:93:16:5a:44:7a:0e:0f:92:3b:62:4e:44:d2:ff:e9:16:74:72:cf:19:2b:d4
Signer

Actual PE Digest

57:9f:e4:21:b8:c6:d8:b4:2f:67:93:16:5a:44:7a:0e:0f:92:3b:62:4e:44:d2:ff:e9:16:74:72:cf:19:2b:d4

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\a\_work\1\s\binaries\x86ret\bin\i386\\vcruntime140.i386.pdb

Imports

api-ms-win-crt-runtime-l1-1-0

terminate
abort

api-ms-win-crt-heap-l1-1-0

calloc
malloc
free

api-ms-win-crt-string-l1-1-0

strcpy_s
strncmp
wcsncmp

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf
__stdio_common_vsprintf_s

api-ms-win-crt-convert-l1-1-0

atol

kernel32

LeaveCriticalSection
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
GetModuleHandleW
GetModuleFileNameW
LoadLibraryExW
GetProcAddress
FreeLibrary
TlsFree
RtlUnwind
VirtualQuery
EncodePointer
InterlockedPushEntrySList
InterlockedFlushSList
RaiseException
EnterCriticalSection
TlsGetValue
DeleteCriticalSection
GetLastError
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsSetValue

Exports

Exports

_CreateFrameInfo
_CxxThrowException
_EH_prolog
_FindAndUnlinkFrame
_IsExceptionObjectToBeDestroyed
_NLG_Dispatch2
_NLG_Return
_NLG_Return2
_SetWinRTOutOfMemoryExceptionCallback
__AdjustPointer
__BuildCatchObject
__BuildCatchObjectHelper
__CxxDetectRethrow
__CxxExceptionFilter
__CxxFrameHandler
__CxxFrameHandler2
__CxxFrameHandler3
__CxxLongjmpUnwind
__CxxQueryExceptionSize
__CxxRegisterExceptionObject
__CxxUnregisterExceptionObject
__DestructExceptionObject
__FrameUnwindFilter
__GetPlatformExceptionInfo
__RTCastToVoid
__RTDynamicCast
__RTtypeid
__TypeMatch
__current_exception
__current_exception_context
__intrinsic_setjmp
__processing_throw
__report_gsfailure
__std_exception_copy
__std_exception_destroy
__std_terminate
__std_type_info_compare
__std_type_info_destroy_list
__std_type_info_hash
__std_type_info_name
__telemetry_main_invoke_trigger
__telemetry_main_return_trigger
__unDName
__unDNameEx
__uncaught_exception
__uncaught_exceptions
__vcrt_GetModuleFileNameW
__vcrt_GetModuleHandleW
__vcrt_InitializeCriticalSectionEx
__vcrt_LoadLibraryExW
_chkesp
_except_handler2
_except_handler3
_except_handler4_common
_get_purecall_handler
_get_unexpected
_global_unwind2
_is_exception_typeof
_local_unwind2
_local_unwind4
_longjmpex
_purecall
_seh_longjmp_unwind
_seh_longjmp_unwind4
_set_purecall_handler
_set_se_translator
_setjmp3
longjmp
memchr
memcmp
memcpy
memmove
memset
set_unexpected
strchr
strrchr
strstr
unexpected
wcschr
wcsrchr
wcsstr

Sections

.text
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MFC90CHS.dll
.dll windows:5 windows x86 arch:x86

Code Sign

2e:ab:11:dc:50:ff:5c:9d:cb:c0
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

22/08/2007, 22:31

Not After

25/08/2012, 07:00

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:06:27:81:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/10/2008, 21:24

Not After

22/01/2010, 21:34

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:47:52:ba:00:00:00:00:00:04
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16/09/2006, 01:53

Not After

16/09/2011, 02:03

Subject

CN=Microsoft Timestamping Service,OU=nCipher DSE ESN:D8A9-CFCC-579C,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16/09/2006, 01:04

Not After

15/09/2019, 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:bc:6c:2d:72:bb:e6:e9:12:4e:3e:31:5d:44:48:09:b4:03:c6:23
Signer

Actual PE Digest

0a:bc:6c:2d:72:bb:e6:e9:12:4e:3e:31:5d:44:48:09:b4:03:c6:23

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
MFC90CHT.dll
.dll windows:5 windows x86 arch:x86

Code Sign

2e:ab:11:dc:50:ff:5c:9d:cb:c0
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

22/08/2007, 22:31

Not After

25/08/2012, 07:00

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:06:27:81:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/10/2008, 21:24

Not After

22/01/2010, 21:34

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16/09/2006, 01:04

Not After

15/09/2019, 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:05:a2:30:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

25/07/2008, 19:01

Not After

25/07/2013, 19:11

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:85D3-305C-5BCF,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

4f:b8:76:b8:9b:6c:6c:d2:0d:31:56:6e:bb:e1:2b:8c:29:6b:bb:8c
Signer

Actual PE Digest

4f:b8:76:b8:9b:6c:6c:d2:0d:31:56:6e:bb:e1:2b:8c:29:6b:bb:8c

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
MFC90DEU.dll
.dll windows:5 windows x86 arch:x86

Code Sign

2e:ab:11:dc:50:ff:5c:9d:cb:c0
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

22/08/2007, 22:31

Not After

25/08/2012, 07:00

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:06:27:81:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/10/2008, 21:24

Not After

22/01/2010, 21:34

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:49:7c:ed:00:00:00:00:00:05
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16/09/2006, 01:55

Not After

16/09/2011, 02:05

Subject

CN=Microsoft Timestamping Service,OU=nCipher DSE ESN:10D8-5847-CBF8,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16/09/2006, 01:04

Not After

15/09/2019, 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

f2:2d:57:58:5d:09:aa:f3:52:4b:19:2c:61:e4:8e:6f:d9:68:9f:5a
Signer

Actual PE Digest

f2:2d:57:58:5d:09:aa:f3:52:4b:19:2c:61:e4:8e:6f:d9:68:9f:5a

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
MFC90ENU.dll
.dll windows:5 windows x86 arch:x86

Code Sign

2e:ab:11:dc:50:ff:5c:9d:cb:c0
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

22/08/2007, 22:31

Not After

25/08/2012, 07:00

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:06:27:81:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/10/2008, 21:24

Not After

22/01/2010, 21:34

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:49:7c:ed:00:00:00:00:00:05
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16/09/2006, 01:55

Not After

16/09/2011, 02:05

Subject

CN=Microsoft Timestamping Service,OU=nCipher DSE ESN:10D8-5847-CBF8,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16/09/2006, 01:04

Not After

15/09/2019, 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

2c:57:64:85:e4:d7:1a:aa:5d:ff:4f:f4:51:ef:bf:e4:25:9b:81:3d
Signer

Actual PE Digest

2c:57:64:85:e4:d7:1a:aa:5d:ff:4f:f4:51:ef:bf:e4:25:9b:81:3d

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
MFC90ESN.dll
.dll windows:5 windows x86 arch:x86

Code Sign

2e:ab:11:dc:50:ff:5c:9d:cb:c0
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

22/08/2007, 22:31

Not After

25/08/2012, 07:00

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:06:27:81:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/10/2008, 21:24

Not After

22/01/2010, 21:34

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16/09/2006, 01:04

Not After

15/09/2019, 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:06:94:2d:00:00:00:00:00:09
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

25/07/2008, 19:02

Not After

25/07/2013, 19:12

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:7A82-688A-9F92,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

87:3e:80:b5:75:3d:f8:06:c0:20:4b:46:8f:a1:4e:a3:98:95:5b:ae
Signer

Actual PE Digest

87:3e:80:b5:75:3d:f8:06:c0:20:4b:46:8f:a1:4e:a3:98:95:5b:ae

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
MFC90ESP.dll
.dll windows:5 windows x86 arch:x86

Code Sign

2e:ab:11:dc:50:ff:5c:9d:cb:c0
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

22/08/2007, 22:31

Not After

25/08/2012, 07:00

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:06:27:81:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/10/2008, 21:24

Not After

22/01/2010, 21:34

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:47:52:ba:00:00:00:00:00:04
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16/09/2006, 01:53

Not After

16/09/2011, 02:03

Subject

CN=Microsoft Timestamping Service,OU=nCipher DSE ESN:D8A9-CFCC-579C,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16/09/2006, 01:04

Not After

15/09/2019, 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

17:40:61:03:09:4a:86:72:7e:ce:61:90:63:ef:44:05:d7:03:03:2c
Signer

Actual PE Digest

17:40:61:03:09:4a:86:72:7e:ce:61:90:63:ef:44:05:d7:03:03:2c

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
MFC90FRA.dll
.dll windows:5 windows x86 arch:x86

Code Sign

2e:ab:11:dc:50:ff:5c:9d:cb:c0
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

22/08/2007, 22:31

Not After

25/08/2012, 07:00

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:06:27:81:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/10/2008, 21:24

Not After

22/01/2010, 21:34

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16/09/2006, 01:04

Not After

15/09/2019, 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:06:94:2d:00:00:00:00:00:09
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

25/07/2008, 19:02

Not After

25/07/2013, 19:12

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:7A82-688A-9F92,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

7c:ea:47:5d:d4:e4:ed:5e:7e:c8:0e:c6:a3:a7:d0:d3:82:23:9b:bf
Signer

Actual PE Digest

7c:ea:47:5d:d4:e4:ed:5e:7e:c8:0e:c6:a3:a7:d0:d3:82:23:9b:bf

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
MFC90ITA.dll
.dll windows:5 windows x86 arch:x86

Code Sign

2e:ab:11:dc:50:ff:5c:9d:cb:c0
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

22/08/2007, 22:31

Not After

25/08/2012, 07:00

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:06:27:81:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/10/2008, 21:24

Not After

22/01/2010, 21:34

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16/09/2006, 01:04

Not After

15/09/2019, 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:06:94:2d:00:00:00:00:00:09
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

25/07/2008, 19:02

Not After

25/07/2013, 19:12

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:7A82-688A-9F92,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

4d:bc:0d:af:f1:58:2c:e0:e8:ce:c9:a3:41:bd:79:d0:4a:90:c6:88
Signer

Actual PE Digest

4d:bc:0d:af:f1:58:2c:e0:e8:ce:c9:a3:41:bd:79:d0:4a:90:c6:88

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
MFC90JPN.dll
.dll windows:5 windows x86 arch:x86

Code Sign

2e:ab:11:dc:50:ff:5c:9d:cb:c0
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

22/08/2007, 22:31

Not After

25/08/2012, 07:00

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:06:27:81:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/10/2008, 21:24

Not After

22/01/2010, 21:34

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16/09/2006, 01:04

Not After

15/09/2019, 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:06:94:2d:00:00:00:00:00:09
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

25/07/2008, 19:02

Not After

25/07/2013, 19:12

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:7A82-688A-9F92,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

22:dd:77:9f:c7:d9:cb:17:de:0a:bf:16:63:6d:e1:24:34:b5:d3:4d
Signer

Actual PE Digest

22:dd:77:9f:c7:d9:cb:17:de:0a:bf:16:63:6d:e1:24:34:b5:d3:4d

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
MFC90KOR.dll
.dll windows:5 windows x86 arch:x86

Code Sign

2e:ab:11:dc:50:ff:5c:9d:cb:c0
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

22/08/2007, 22:31

Not After

25/08/2012, 07:00

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:06:27:81:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/10/2008, 21:24

Not After

22/01/2010, 21:34

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16/09/2006, 01:04

Not After

15/09/2019, 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:05:a2:30:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

25/07/2008, 19:01

Not After

25/07/2013, 19:11

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:85D3-305C-5BCF,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

3f:ad:21:52:a9:05:f4:06:99:c1:47:42:b9:9e:63:c4:6f:b8:c9:8e
Signer

Actual PE Digest

3f:ad:21:52:a9:05:f4:06:99:c1:47:42:b9:9e:63:c4:6f:b8:c9:8e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
SDK/AK/Microsoft.VC90.CRT.manifest
SDK/AK/aspinfo.ui
SDK/AK/mkd25def.dll
.dll windows:5 windows x86 arch:x86

d7c8107951daa74ce1c7c95cb32eb41a

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:75:60:f5:9a:a0:ea:7c:1e:57:2b:49:4c:b5:c0:bd
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

01/09/2023, 00:00

Not After

31/08/2024, 00:00

Subject

SERIALNUMBER=110111-1138985,CN=AhnLab\, Inc.,O=AhnLab\, Inc.,L=Seongnam-si,ST=Gyeonggi-do,C=KR,2.5.4.15=#131450726976617465206f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.1=#130b53656f6e676e616d2d7369,1.3.6.1.4.1.311.60.2.1.2=#130b4779656f6e6767692d646f,1.3.6.1.4.1.311.60.2.1.3=#13024b52

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

3b:55:c0:7c:66:6f:56:eb:b4:2d:61:fc:cf:1a:e3:a7:8d:ac:d3:0f:17:12:ed:0d:76:f4:38:f5:0a:30:b9:70
Signer

Actual PE Digest

3b:55:c0:7c:66:6f:56:eb:b4:2d:61:fc:cf:1a:e3:a7:8d:ac:d3:0f:17:12:ed:0d:76:f4:38:f5:0a:30:b9:70

Digest Algorithm

sha256

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\Build\Product\AOS\SafeTransaction\1.0\building\build\Product\AOS\SafeTransaction\1.0\Trunk\Src\AkSdk\Trunk\Build\Release\mkd25def.pdb

Imports

imm32

ImmGetDefaultIMEWnd
ImmGetContext
ImmGetCompositionStringA
ImmReleaseContext
ImmGetOpenStatus

kernel32

WideCharToMultiByte
QueryPerformanceCounter
GetTempPathA
GetCurrentProcessId
GetLocalTime
QueryPerformanceFrequency
OutputDebugStringA
lstrlenW
RaiseException
WaitForSingleObject
SetEvent
Sleep
GetTickCount
GetUserDefaultLangID
LocalFree
GlobalUnlock
GlobalLock
GetCurrentThreadId
CreateEventA
LocalAlloc
ResetEvent
IsDBCSLeadByte
SystemTimeToFileTime
GetSystemTime
FormatMessageA
MultiByteToWideChar
GetModuleHandleA
CreateDirectoryA
GetFileAttributesA
GlobalAlloc
GlobalFree
LoadLibraryExA
Module32First
HeapAlloc
LoadLibraryA
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
InterlockedDecrement
SetLastError
FreeLibrary
DeleteCriticalSection
GetSystemDirectoryA
GetModuleFileNameA
GetThreadLocale
GetProcAddress
GetStringTypeExA
GetVolumeInformationA
GetFullPathNameA
LocalFileTimeToFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
DuplicateHandle
GetFileTime
MoveFileA
FlushFileBuffers
ReadFile
SetFileTime
lstrlenA
GetExitCodeThread
GetLastError
TerminateThread
CloseHandle
LockFile
UnlockFile
lstrcpynA
GetSystemTimeAsFileTime
IsDebuggerPresent
CreateToolhelp32Snapshot
Process32First
Process32Next
HeapFree
GetProcessHeap
GetLongPathNameA
GetWindowsDirectoryA
VerSetConditionMask
VerifyVersionInfoA
GetVersionExA
lstrcmpiA
GetSystemInfo
GetCurrentProcess
IsBadStringPtrA
FindFirstFileA
FindClose
CreateFileA
GetFileSize
SetFilePointer
SetEndOfFile
WriteFile
GetComputerNameA
HeapCreate
HeapDestroy
SetFileAttributesA
GetShortPathNameA
InterlockedIncrement
DeleteFileA
InterlockedExchange
InterlockedCompareExchange
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter

user32

LoadStringA
OemToCharA
CharToOemA
SetWindowTextA
SendMessageA
GetWindowTextLengthA
GetWindowTextA
GetWindowLongA
PostThreadMessageA
IsWindow
keybd_event
CallWindowProcA
GetWindowThreadProcessId
FindWindowA
AttachThreadInput
CharUpperA
GetMessageA
SetWindowsHookExA
GetForegroundWindow
GetGUIThreadInfo
CallNextHookEx
GetFocus
GetKeyState
OpenClipboard
IsClipboardFormatAvailable
GetClipboardData
UnhookWindowsHookEx
PostMessageA
CloseClipboard
RegisterWindowMessageA
GetSystemMetrics
GetAsyncKeyState
SetWindowLongA

advapi32

RegCreateKeyExA
OpenSCManagerA
OpenServiceA
CloseServiceHandle
QueryServiceStatus
RegEnumValueA
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
RegOpenKeyA
GetUserNameA

oleaut32

SysFreeString
VariantClear
VariantInit
SysAllocString
SysReAllocStringLen
SysAllocStringLen
CreateErrorInfo
SetErrorInfo
VariantChangeType
GetErrorInfo

mkd25

Mkd20_GetObject

msvcr90

_mbsstr
atoi
_mbsnbcmp
_ismbcspace
_mbschr
_mbscoll
_mbsspn
_mbclen
_ismbcdigit
_mbsupr_s
_mbsinc
_mbscmp
_mbscspn
_mbsnbcpy
_splitpath
rand
_mbsnbicmp
sscanf_s
wcsstr
_wcslwr
sscanf
_snprintf
calloc
_mbstok
_access
vsprintf_s
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_except_handler4_common
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
__clean_type_info_names_internal
_mbsicoll
_mbsrev
_vsnprintf_s
_snprintf_s
_mbslwr_s
_mbspbrk
srand
_endthreadex
_beginthreadex
??2@YAPAXI@Z
_recalloc
fwrite
_fsopen
_stat64i32
fclose
fseek
_vsnwprintf
_mbsicmp
??_V@YAXPAX@Z
??_U@YAPAXI@Z
memmove
malloc
realloc
free
_purecall
_vsnprintf
_mbslen
memset
__CxxFrameHandler3
_CxxThrowException
_mbsrchr
??3@YAXPAX@Z
__doserrno
_mktime64
_gmtime64_s
_localtime64_s
_ismbblead
strftime
_time64
memcpy
printf

ws2_32

WSAStartup
WSACleanup

wtsapi32

WTSFreeMemory
WTSQuerySessionInformationA

iphlpapi

GetAdaptersInfo

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

comdlg32

GetFileTitleA

shell32

SHGetFolderPathA
SHGetSpecialFolderPathA

ole32

CLSIDFromString
CoCreateInstance
CoSetProxyBlanket
CoUninitialize
CoTaskMemFree
CoInitialize
CoInitializeSecurity

Exports

Exports

Mkd20def_GetObject

Sections

.text
Size: 266KB - Virtual size: 266KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 59KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 57KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SDK/AK/mkd25sdk.dll
.dll windows:5 windows x86 arch:x86

fa4d252009828507b9705887bb5f38f8

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:75:60:f5:9a:a0:ea:7c:1e:57:2b:49:4c:b5:c0:bd
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

01/09/2023, 00:00

Not After

31/08/2024, 00:00

Subject

SERIALNUMBER=110111-1138985,CN=AhnLab\, Inc.,O=AhnLab\, Inc.,L=Seongnam-si,ST=Gyeonggi-do,C=KR,2.5.4.15=#131450726976617465206f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.1=#130b53656f6e676e616d2d7369,1.3.6.1.4.1.311.60.2.1.2=#130b4779656f6e6767692d646f,1.3.6.1.4.1.311.60.2.1.3=#13024b52

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

6c:f2:74:26:26:cf:50:7c:73:07:45:cb:f6:51:e4:32:3a:1e:e5:45:3f:40:e8:f7:2c:25:d2:cd:7f:fe:d5:ac
Signer

Actual PE Digest

6c:f2:74:26:26:cf:50:7c:73:07:45:cb:f6:51:e4:32:3a:1e:e5:45:3f:40:e8:f7:2c:25:d2:cd:7f:fe:d5:ac

Digest Algorithm

sha256

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\Build\Product\AOS\SafeTransaction\1.0\building\build\Product\AOS\SafeTransaction\1.0\Trunk\Src\AkSdk\Trunk\Build\Release\mkd25sdk.pdb

Imports

kernel32

MultiByteToWideChar
LocalFree
GetModuleHandleA
InitializeCriticalSection
InterlockedDecrement
WideCharToMultiByte
EnterCriticalSection
DeleteCriticalSection
InterlockedIncrement
GetSystemDirectoryA
GetProcAddress
FormatMessageA
GetThreadLocale
lstrlenA
GetLastError
SetLastError
LeaveCriticalSection
GetModuleFileNameA
GetShortPathNameA
GetStringTypeExA
GetVolumeInformationA
GetFullPathNameA
LocalFileTimeToFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
DuplicateHandle
GetFileTime
MoveFileA
FlushFileBuffers
ReadFile
GetFileAttributesA
SetFileTime
LockFile
UnlockFile
lstrcpynA
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
SystemTimeToFileTime
DeleteFileA
SetFileAttributesA
WaitForSingleObject
lstrlenW
IsBadStringPtrA
CreateDirectoryA
LoadLibraryA
GetLongPathNameA
GetTempPathA
GetWindowsDirectoryA
GetUserDefaultLangID
VerSetConditionMask
VerifyVersionInfoA
GetVersionExA
lstrcmpiA
GetSystemInfo
GetCurrentProcess
WaitForMultipleObjects
ResetEvent
PulseEvent
SetEvent
CreateEventA
ReleaseMutex
CreateMutexA
ReleaseSemaphore
CreateSemaphoreA
GetCurrentProcessId
GetCurrentThreadId
GetLocalTime
OutputDebugStringA
FindFirstFileA
FindClose
CreateFileA
LocalAlloc
GetFileSize
SetFilePointer
SetEndOfFile
WriteFile
FreeLibrary
LoadLibraryExA
lstrcmpA
CloseHandle

user32

LoadStringA
OemToCharA
CharToOemA
RegisterWindowMessageA
CharUpperA
GetSystemMetrics
SetWindowTextW
EnumChildWindows
GetWindowTextLengthA
GetWindowTextA
GetClassNameA
GetWindowLongA
MsgWaitForMultipleObjects
SetWindowTextA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey
RegOpenKeyA
RegEnumValueA
RegSetValueExA

oleaut32

SysAllocStringLen
SysReAllocStringLen

msvcr90

_except_handler4_common
__clean_type_info_names_internal
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?terminate@@YAXXZ
_onexit
_lock
__dllonexit
_unlock
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_decode_pointer
_encoded_null
_malloc_crt
_encode_pointer
vsprintf_s
_access
_mbstok
sscanf
sscanf_s
_mbsnbicmp
memcpy
_mbsnbcpy
calloc
realloc
malloc
strncpy
free
_splitpath
_vsnprintf
_mbscspn
_mbscmp
_mbsinc
_mbsupr_s
_ismbcdigit
_mbclen
_mbsspn
_mbscoll
??_V@YAXPAX@Z
_mbschr
_ismbcspace
_mbsnbcmp
atoi
_mbsstr
_mbsicoll
_mbsrev
_vsnprintf_s
_snprintf_s
??_U@YAPAXI@Z
memmove
_mbsicmp
_mbslwr_s
_mbspbrk
memset
__CxxFrameHandler3
_CxxThrowException
_mbsrchr
_purecall
??3@YAXPAX@Z
_time64
strftime
_ismbblead
_localtime64_s
_gmtime64_s
_mktime64
__doserrno
??2@YAPAXI@Z
printf

comdlg32

GetFileTitleA

shell32

SHGetFolderPathA

ole32

CoTaskMemFree

Exports

Exports

Mkd25Sdk8_GetObjectA
Mkd25Sdk8_GetObjectW
SetOptionDWORD

Sections

.text
Size: 203KB - Virtual size: 202KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 57KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SDK/AK/msvcr90.dll
.dll windows:5 windows x86 arch:x86

0453db624ecaef7c4f3da938cd1d0fc5

Code Sign

2e:ab:11:dc:50:ff:5c:9d:cb:c0
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

22/08/2007, 22:31

Not After

25/08/2012, 07:00

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:06:27:81:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/10/2008, 21:24

Not After

22/01/2010, 21:34

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:49:7c:ed:00:00:00:00:00:05
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16/09/2006, 01:55

Not After

16/09/2011, 02:05

Subject

CN=Microsoft Timestamping Service,OU=nCipher DSE ESN:10D8-5847-CBF8,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16/09/2006, 01:04

Not After

15/09/2019, 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

96:53:64:bf:32:91:b5:c3:d5:61:69:64:22:32:1f:d4:15:86:5e:83
Signer

Actual PE Digest

96:53:64:bf:32:91:b5:c3:d5:61:69:64:22:32:1f:d4:15:86:5e:83

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

msvcr90.i386.pdb

Imports

kernel32

GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleW
Sleep
GetProcAddress
ExitProcess
WriteFile
GetStdHandle
GetSystemWindowsDirectoryW
GetSystemDirectoryW
GetLongPathNameW
GetCurrentThreadId
TlsGetValue
DebugBreak
OutputDebugStringA
GetCommandLineA
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
ExitThread
CloseHandle
GetLastError
ResumeThread
CreateThread
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
GetCurrentThread
FindNextFileA
FindFirstFileA
FindClose
FindNextFileW
FindFirstFileW
GetLogicalDrives
GetDiskFreeSpaceA
FileTimeToSystemTime
FileTimeToLocalFileTime
SetErrorMode
Beep
GetFileAttributesA
SetFileAttributesA
SetEnvironmentVariableA
GetCurrentDirectoryA
SetCurrentDirectoryA
GetFullPathNameA
GetDriveTypeA
GetCurrentProcessId
CreateDirectoryA
MoveFileA
RemoveDirectoryA
DeleteFileA
GetFileAttributesW
SetEnvironmentVariableW
GetCurrentDirectoryW
SetCurrentDirectoryW
SetFileAttributesW
GetFullPathNameW
CreateDirectoryW
MoveFileW
RemoveDirectoryW
GetDriveTypeW
DeleteFileW
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
LoadLibraryA
FreeLibrary
CreateProcessW
ReadFile
DuplicateHandle
GetCurrentProcess
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetLocalTime
WideCharToMultiByte
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
SetLocalTime
MultiByteToWideChar
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetTimeFormatA
GetDateFormatA
RtlUnwind
RaiseException
HeapFree
HeapAlloc
GetProcessHeap
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
HeapSize
HeapReAlloc
VirtualAlloc
HeapValidate
HeapCompact
HeapWalk
VirtualProtect
GetSystemInfo
VirtualQuery
SetHandleCount
GetFileType
GetStartupInfoA
GetFileInformationByHandle
PeekNamedPipe
CreateFileA
CreateFileW
SetFilePointer
GetConsoleCP
GetConsoleMode
FlushFileBuffers
CreatePipe
SetStdHandle
ReadConsoleInputA
SetConsoleMode
PeekConsoleInputA
GetNumberOfConsoleInputEvents
ReadConsoleInputW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
IsDBCSLeadByteEx
ReadConsoleA
ReadConsoleW
SetEndOfFile
InterlockedExchange
LockFile
UnlockFile
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetConsoleCtrlHandler
InitializeCriticalSectionAndSpinCount
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
FreeEnvironmentStringsA
GetEnvironmentStrings
QueryPerformanceCounter
GetTickCount
GetStringTypeW
GetStringTypeA
LCMapStringA
LCMapStringW
CompareStringA
CompareStringW
GetLocaleInfoW
GetLocaleInfoA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
LoadLibraryW
GetModuleHandleA

Exports

Exports

$I10_OUTPUT
??0__non_rtti_object@std@@QAE@ABV01@@Z
??0bad_cast@std@@QAE@ABV01@@Z
??0bad_cast@std@@QAE@PBD@Z
??0bad_typeid@std@@QAE@ABV01@@Z
??0bad_typeid@std@@QAE@PBD@Z
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@ABQBDH@Z
??0exception@std@@QAE@ABV01@@Z
??0exception@std@@QAE@XZ
??1__non_rtti_object@std@@UAE@XZ
??1bad_cast@std@@UAE@XZ
??1bad_typeid@std@@UAE@XZ
??1exception@std@@UAE@XZ
??1type_info@@UAE@XZ
??2@YAPAXI@Z
??2@YAPAXIHPBDH@Z
??3@YAXPAX@Z
??4__non_rtti_object@std@@QAEAAV01@ABV01@@Z
??4bad_cast@std@@QAEAAV01@ABV01@@Z
??4bad_typeid@std@@QAEAAV01@ABV01@@Z
??4exception@std@@QAEAAV01@ABV01@@Z
??8type_info@@QBE_NABV0@@Z
??9type_info@@QBE_NABV0@@Z
??_7__non_rtti_object@std@@6B@
??_7bad_cast@std@@6B@
??_7bad_typeid@std@@6B@
??_7exception@@6B@
??_7exception@std@@6B@
??_Fbad_cast@std@@QAEXXZ
??_Fbad_typeid@std@@QAEXXZ
??_U@YAPAXI@Z
??_U@YAPAXIHPBDH@Z
??_V@YAXPAX@Z
?_Name_base@type_info@@CAPBDPBV1@PAU__type_info_node@@@Z
?_Name_base_internal@type_info@@CAPBDPBV1@PAU__type_info_node@@@Z
?_Type_info_dtor@type_info@@CAXPAV1@@Z
?_Type_info_dtor_internal@type_info@@CAXPAV1@@Z
?_ValidateExecute@@YAHP6GHXZ@Z
?_ValidateRead@@YAHPBXI@Z
?_ValidateWrite@@YAHPAXI@Z
?_inconsistency@@YAXXZ
?_invalid_parameter@@YAXPBG00II@Z
?_is_exception_typeof@@YAHABVtype_info@@PAU_EXCEPTION_POINTERS@@@Z
?_name_internal_method@type_info@@QBEPBDPAU__type_info_node@@@Z
?_open@@YAHPBDHH@Z
?_query_new_handler@@YAP6AHI@ZXZ
?_query_new_mode@@YAHXZ
?_set_new_handler@@YAP6AHI@ZH@Z
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
?_set_new_mode@@YAHH@Z
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZH@Z
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
?_sopen@@YAHPBDHHH@Z
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?_wopen@@YAHPB_WHH@Z
?_wsopen@@YAHPB_WHHH@Z
?before@type_info@@QBEHABV1@@Z
?name@type_info@@QBEPBDPAU__type_info_node@@@Z
?raw_name@type_info@@QBEPBDXZ
?set_new_handler@@YAP6AXXZP6AXXZ@Z
?set_terminate@@YAP6AXXZH@Z
?set_terminate@@YAP6AXXZP6AXXZ@Z
?set_unexpected@@YAP6AXXZH@Z
?set_unexpected@@YAP6AXXZP6AXXZ@Z
?swprintf@@YAHPAGIPBGZZ
?swprintf@@YAHPA_WIPB_WZZ
?terminate@@YAXXZ
?unexpected@@YAXXZ
?vswprintf@@YAHPA_WIPB_WPAD@Z
?what@exception@std@@UBEPBDXZ
_CIacos
_CIasin
_CIatan
_CIatan2
_CIcos
_CIcosh
_CIexp
_CIfmod
_CIlog
_CIlog10
_CIpow
_CIsin
_CIsinh
_CIsqrt
_CItan
_CItanh
_CRT_RTC_INIT
_CRT_RTC_INITW
_CreateFrameInfo
_CxxThrowException
_EH_prolog
_FindAndUnlinkFrame
_Getdays
_Getmonths
_Gettnames
_HUGE
_IsExceptionObjectToBeDestroyed
_NLG_Dispatch2
_NLG_Return
_NLG_Return2
_Strftime
_XcptFilter
__AdjustPointer
__BuildCatchObject
__BuildCatchObjectHelper
__CppXcptFilter
__CxxCallUnwindDelDtor
__CxxCallUnwindDtor
__CxxCallUnwindStdDelDtor
__CxxCallUnwindVecDtor
__CxxDetectRethrow
__CxxExceptionFilter
__CxxFrameHandler
__CxxFrameHandler2
__CxxFrameHandler3
__CxxLongjmpUnwind
__CxxQueryExceptionSize
__CxxRegisterExceptionObject
__CxxUnregisterExceptionObject
__DestructExceptionObject
__FrameUnwindFilter
__RTCastToVoid
__RTDynamicCast
__RTtypeid
__STRINGTOLD
__STRINGTOLD_L
__TypeMatch
___fls_getvalue@4
___fls_setvalue@8
___lc_codepage_func
___lc_collate_cp_func
___lc_handle_func
___mb_cur_max_func
___mb_cur_max_l_func
___setlc_active_func
___unguarded_readlc_active_add_func
__argc
__argv
__badioinfo
__clean_type_info_names_internal
__control87_2
__create_locale
__crtCompareStringA
__crtCompareStringW
__crtGetLocaleInfoW
__crtGetStringTypeW
__crtLCMapStringA
__crtLCMapStringW
__daylight
__dllonexit
__doserrno
__dstbias
__fpecode
__free_locale
__get_app_type
__get_current_locale
__get_flsindex
__get_tlsindex
__getmainargs
__initenv
__iob_func
__isascii
__iscsym
__iscsymf
__iswcsym
__iswcsymf
__lc_clike
__lc_codepage
__lc_collate_cp
__lc_handle
__lconv
__lconv_init
__libm_sse2_acos
__libm_sse2_acosf
__libm_sse2_asin
__libm_sse2_asinf
__libm_sse2_atan
__libm_sse2_atan2
__libm_sse2_atanf
__libm_sse2_cos
__libm_sse2_cosf
__libm_sse2_exp
__libm_sse2_expf
__libm_sse2_log
__libm_sse2_log10
__libm_sse2_log10f
__libm_sse2_logf
__libm_sse2_pow
__libm_sse2_powf
__libm_sse2_sin
__libm_sse2_sinf
__libm_sse2_tan
__libm_sse2_tanf
__mb_cur_max
__p___argc
__p___argv
__p___initenv
__p___mb_cur_max
__p___wargv
__p___winitenv
__p__acmdln
__p__amblksiz
__p__commode
__p__daylight
__p__dstbias
__p__environ
__p__fmode
__p__iob
__p__mbcasemap
__p__mbctype
__p__pctype
__p__pgmptr
__p__pwctype
__p__timezone
__p__tzname
__p__wcmdln
__p__wenviron
__p__wpgmptr
__pctype_func
__pioinfo
__pwctype_func
__pxcptinfoptrs
__report_gsfailure
__set_app_type
__set_flsgetvalue
__setlc_active
__setusermatherr
__strncnt
__swprintf_l
__sys_errlist
__sys_nerr
__threadhandle
__threadid
__timezone
__toascii
__tzname
__unDName
__unDNameEx
__unDNameHelper
__uncaught_exception
__unguarded_readlc_active
__vswprintf_l
__wargv
__wcserror
__wcserror_s
__wcsncnt
__wgetmainargs
__winitenv
_abnormal_termination
_abs64
_access
_access_s
_acmdln
_adj_fdiv_m16i
_adj_fdiv_m32
_adj_fdiv_m32i
_adj_fdiv_m64
_adj_fdiv_r
_adj_fdivr_m16i
_adj_fdivr_m32
_adj_fdivr_m32i
_adj_fdivr_m64
_adj_fpatan
_adj_fprem
_adj_fprem1
_adj_fptan
_adjust_fdiv
_aexit_rtn
_aligned_free
_aligned_malloc
_aligned_msize
_aligned_offset_malloc
_aligned_offset_realloc
_aligned_offset_recalloc
_aligned_realloc
_aligned_recalloc
_amsg_exit
_assert
_atodbl
_atodbl_l
_atof_l
_atoflt
_atoflt_l
_atoi64
_atoi64_l
_atoi_l
_atol_l
_atoldbl
_atoldbl_l
_beep
_beginthread
_beginthreadex
_byteswap_uint64
_byteswap_ulong
_byteswap_ushort
_c_exit
_cabs
_callnewh
_calloc_crt
_cexit
_cgets
_cgets_s
_cgetws
_cgetws_s
_chdir
_chdrive
_chgsign
_chkesp
_chmod
_chsize
_chsize_s
_clearfp
_close
_commit
_commode
_configthreadlocale
_control87
_controlfp
_controlfp_s
_copysign
_cprintf
_cprintf_l
_cprintf_p
_cprintf_p_l
_cprintf_s
_cprintf_s_l
_cputs
_cputws
_creat
_create_locale
_crt_debugger_hook
_cscanf
_cscanf_l
_cscanf_s
_cscanf_s_l
_ctime32
_ctime32_s
_ctime64
_ctime64_s
_cwait
_cwprintf
_cwprintf_l
_cwprintf_p
_cwprintf_p_l
_cwprintf_s
_cwprintf_s_l
_cwscanf
_cwscanf_l
_cwscanf_s
_cwscanf_s_l
_daylight
_decode_pointer
_difftime32
_difftime64
_dosmaperr
_dstbias
_dup
_dup2
_dupenv_s
_ecvt
_ecvt_s
_encode_pointer
_encoded_null
_endthread
_endthreadex
_environ
_eof
_errno
_except_handler2
_except_handler3
_except_handler4_common
_execl
_execle
_execlp
_execlpe
_execv
_execve
_execvp
_execvpe
_exit
_expand
_fclose_nolock
_fcloseall
_fcvt
_fcvt_s
_fdopen
_fflush_nolock
_fgetchar
_fgetwc_nolock
_fgetwchar
_filbuf
_filelength
_filelengthi64
_fileno
_findclose
_findfirst32
_findfirst32i64
_findfirst64
_findfirst64i32
_findnext32
_findnext32i64
_findnext64
_findnext64i32
_finite
_flsbuf
_flushall
_fmode
_fpclass
_fpieee_flt
_fpreset
_fprintf_l
_fprintf_p
_fprintf_p_l
_fprintf_s_l
_fputchar
_fputwc_nolock
_fputwchar
_fread_nolock
_fread_nolock_s
_free_locale
_freea
_freea_s
_freefls
_fscanf_l
_fscanf_s_l
_fseek_nolock
_fseeki64
_fseeki64_nolock
_fsopen
_fstat32
_fstat32i64
_fstat64
_fstat64i32
_ftell_nolock
_ftelli64
_ftelli64_nolock
_ftime32
_ftime32_s
_ftime64
_ftime64_s
_ftol
_fullpath
_futime32
_futime64
_fwprintf_l
_fwprintf_p
_fwprintf_p_l
_fwprintf_s_l
_fwrite_nolock
_fwscanf_l
_fwscanf_s_l
_gcvt
_gcvt_s
_get_amblksiz
_get_current_locale
_get_daylight
_get_doserrno
_get_dstbias
_get_errno
_get_fmode
_get_heap_handle
_get_invalid_parameter_handler
_get_osfhandle
_get_output_format
_get_pgmptr
_get_printf_count_output
_get_purecall_handler
_get_sbh_threshold
_get_terminate
_get_timezone
_get_tzname
_get_unexpected
_get_wpgmptr
_getc_nolock
_getch
_getch_nolock
_getche
_getche_nolock
_getcwd
_getdcwd
_getdcwd_nolock
_getdiskfree
_getdllprocaddr
_getdrive
_getdrives
_getmaxstdio
_getmbcp
_getpid
_getptd
_getsystime
_getw
_getwch
_getwch_nolock
_getwche
_getwche_nolock
_getws
_getws_s
_global_unwind2
_gmtime32

Sections

.text
Size: 599KB - Virtual size: 598KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
V3Medic.exe
.exe windows:5 windows x86 arch:x86

25ed4ce053872020aef1006182cbb182

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:7b:2e:10:a0:d9:6c:4d:53:bd:1e:49:42:fc:ca:c9
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

24/06/2024, 00:00

Not After

22/06/2025, 23:59

Subject

SERIALNUMBER=110111-1138985,CN=AhnLab\, Inc.,O=AhnLab\, Inc.,L=Seongnam-si,ST=Gyeonggi-do,C=KR,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.1=#130b53656f6e676e616d2d7369,1.3.6.1.4.1.311.60.2.1.2=#130b4779656f6e6767692d646f,1.3.6.1.4.1.311.60.2.1.3=#13024b52

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0b:ae:66:bc:5a:ba:7f:95:87:c6:f9:e9:04:e3:33:04
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

26/09/2024, 00:00

Not After

25/11/2035, 23:59

Subject

CN=DigiCert Timestamp 2024,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0f:44:de:dd:00:7f:82:21:a5:12:4d:7e:8a:0f:5f:72:d0:74:04:56:fa:6c:be:49:22:77:e9:87:9a:bc:2a:77
Signer

Actual PE Digest

0f:44:de:dd:00:7f:82:21:a5:12:4d:7e:8a:0f:5f:72:d0:74:04:56:fa:6c:be:49:22:77:e9:87:9a:bc:2a:77

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegDeleteKeyW
RegCloseKey
RegEnumKeyW
RegEnumValueW
RegQueryValueExW
RegSetValueExW
RegDeleteValueW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
SetFileSecurityW
RegOpenKeyExW
RegCreateKeyExW

shell32

ShellExecuteExW
SHBrowseForFolderW
SHGetPathFromIDListW
SHGetFileInfoW
SHFileOperationW
SHGetSpecialFolderLocation

ole32

CoCreateInstance
OleUninitialize
OleInitialize
IIDFromString
CoTaskMemFree

comctl32

ord17
ImageList_Destroy
ImageList_AddMasked
ImageList_Create

user32

GetDlgItemTextW
SetDlgItemTextW
RegisterClassW
CreateWindowExW
GetClassInfoW
DialogBoxParamW
SetWindowPos
IsWindowEnabled
SetClassLongW
GetSystemMenu
EnableMenuItem
CreateDialogParamW
EndDialog
GetSystemMetrics
CreatePopupMenu
AppendMenuW
GetWindowRect
TrackPopupMenu
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
IsWindowVisible
CallWindowProcW
GetMessagePos
ScreenToClient
CheckDlgButton
LoadCursorW
MessageBoxIndirectW
GetWindowLongW
GetSysColor
CharNextW
ExitWindowsEx
DestroyWindow
SetWindowTextW
PostQuitMessage
SetForegroundWindow
ShowWindow
wsprintfW
SendMessageTimeoutW
FindWindowExW
IsWindow
GetDlgItem
SetWindowLongW
LoadImageW
GetDC
ReleaseDC
EnableWindow
InvalidateRect
SendMessageW
DefWindowProcW
BeginPaint
GetClientRect
FillRect
DrawTextW
EndPaint
CharNextA
CharPrevW
DispatchMessageW
wsprintfA
SetCursor
PeekMessageW
SystemParametersInfoW

gdi32

GetDeviceCaps
SetBkColor
SelectObject
DeleteObject
CreateBrushIndirect
CreateFontIndirectW
SetBkMode
SetTextColor

kernel32

CreateProcessW
lstrcmpiA
GetTempFileNameW
WriteFile
CreateDirectoryW
GetLastError
CreateThread
GlobalLock
GlobalUnlock
GetDiskFreeSpaceW
WideCharToMultiByte
lstrcpynW
lstrlenW
SetErrorMode
GetCommandLineW
GetTempPathW
GetWindowsDirectoryW
SetEnvironmentVariableW
ExitProcess
lstrcatW
GetCurrentProcess
GetVersion
GetModuleFileNameW
GetFileSize
CreateFileW
GetTickCount
Sleep
SetFileAttributesW
GetFileAttributesW
SetCurrentDirectoryW
MoveFileW
GetFullPathNameW
GetShortPathNameW
SearchPathW
CompareFileTime
SetFileTime
CloseHandle
lstrcmpiW
lstrcmpW
ExpandEnvironmentStringsW
GlobalAlloc
GlobalFree
GetModuleHandleW
LoadLibraryExW
FreeLibrary
WritePrivateProfileStringW
GetPrivateProfileStringW
lstrlenA
MultiByteToWideChar
ReadFile
SetFilePointer
FindClose
FindNextFileW
FindFirstFileW
DeleteFileW
MulDiv
GetSystemDirectoryW
GetProcAddress
GetModuleHandleA
GetExitCodeProcess
WaitForSingleObject
RemoveDirectoryW
lstrcpyA
MoveFileExW
CopyFileW

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 404KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$_0_/_Setup/ASTX_Install_ARM64.nz
.7z
$_0_/_Setup/ASTX_Install_NT32.nz
.7z
$_0_/_Setup/ASTX_Install_X64.nz
.7z
$_0_/_Setup/ASTX_NT32.nz
.7z
$_0_/_Setup/ASTX_Res.nz
.7z
$_0_/_Setup/ASTX_X64.nz
.7z
$_0_/_Setup/Av_ARM64.nz
.7z
$_0_/_Setup/Av_NT32.nz
.7z
$_0_/_Setup/Av_X64.nz
.7z
$_0_/_Setup/Core_ARM64.nz
.7z
$_0_/_Setup/Core_NT32.nz
.7z
$_0_/_Setup/Core_X64.nz
.7z
$_0_/_Setup/Fw_ARM64.nz
.7z
$_0_/_Setup/Fw_NT32.nz
.7z
$_0_/_Setup/Fw_X64.nz
.7z
$_0_/_Setup/Ips_ARM64.nz
.7z
$_0_/_Setup/Ips_NT32.nz
.7z
$_0_/_Setup/Ips_X64.nz
.7z
$_0_/_Setup/License_en_US.txt
$_0_/_Setup/License_ko_kr.txt
$_0_/_Setup/Mdp_ARM64.nz
.7z
$_0_/_Setup/Mdp_NT32.nz
.7z
$_0_/_Setup/Mdp_X64.nz
.7z
$_0_/_Setup/Update.nz
.7z
$_0_/_Setup/asdahc.nz
.7z
$_0_/_Setup/astxverify32.dac
.cab
$_0_/_Setup/astxverify64.dac
.cab
$_0_/_Setup/astxverifyarm64.dac
.cab
$_0_/_Setup/ckw_ARM64.nz
.7z
$_0_/_Setup/ckw_DATA.nz
.7z
$_0_/_Setup/ckw_NT32.nz
.7z
$_0_/_Setup/ckw_X64.nz
.7z

Sharing

General

Malware Config

Signatures

Files

25ed4ce053872020aef1006182cbb182

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

0c:7b:2e:10:a0:d9:6c:4d:53:bd:1e:49:42:fc:ca:c9Certificate

Extended Key Usages

Key Usages

0b:ae:66:bc:5a:ba:7f:95:87:c6:f9:e9:04:e3:33:04Certificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

fb:d4:69:3e:48:b0:19:c7:7a:bf:3f:1f:56:da:1d:8a:36:7a:d2:95:2d:af:2f:8f:21:35:b0:14:07:d4:ec:c4Signer

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

shell32

ole32

comctl32

user32

gdi32

kernel32

Sections

.text Size: 25KB - Virtual size: 24KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 512B - Virtual size: 127KB

.ndata Size: - Virtual size: 68KB

.rsrc Size: 104KB - Virtual size: 103KB

f31759abf103a0624fc5ba72c056dfe9

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

0d:dd:a3:fa:e1:5d:dc:b3:77:ef:dc:e3:aa:6b:c2:a5Certificate

Extended Key Usages

Key Usages

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9dCertificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

cf:9e:a0:7c:01:b2:2a:22:8c:08:66:99:04:53:6c:e3:25:3d:ee:9f:f3:e1:c7:a1:46:ca:8f:53:5f:7c:a7:eeSigner

Headers

File Characteristics

PDB Paths

Imports

version

ws2_32

kernel32

user32

advapi32

shell32

ole32

shlwapi

Exports

Exports

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.rdata Size: 354KB - Virtual size: 354KB

.data Size: 9KB - Virtual size: 49KB

.rsrc Size: 24KB - Virtual size: 23KB

.reloc Size: 56KB - Virtual size: 55KB

44dec599b7c15b3419d2bae8c1d68fff

Headers

DLL Characteristics

File Characteristics

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

0c:7b:2e:10:a0:d9:6c:4d:53:bd:1e:49:42:fc:ca:c9
Certificate

0b:ae:66:bc:5a:ba:7f:95:87:c6:f9:e9:04:e3:33:04
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

fb:d4:69:3e:48:b0:19:c7:7a:bf:3f:1f:56:da:1d:8a:36:7a:d2:95:2d:af:2f:8f:21:35:b0:14:07:d4:ec:c4
Signer

.text
Size: 25KB - Virtual size: 24KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 512B - Virtual size: 127KB

.ndata
Size: - Virtual size: 68KB

.rsrc
Size: 104KB - Virtual size: 103KB

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

0d:dd:a3:fa:e1:5d:dc:b3:77:ef:dc:e3:aa:6b:c2:a5
Certificate

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

cf:9e:a0:7c:01:b2:2a:22:8c:08:66:99:04:53:6c:e3:25:3d:ee:9f:f3:e1:c7:a1:46:ca:8f:53:5f:7c:a7:ee
Signer

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 354KB - Virtual size: 354KB

.data
Size: 9KB - Virtual size: 49KB

.rsrc
Size: 24KB - Virtual size: 23KB

.reloc
Size: 56KB - Virtual size: 55KB

.text
Size: 8KB - Virtual size: 7KB

.rdata
Size: 1024B - Virtual size: 915B

.data
Size: 512B - Virtual size: 68B

.reloc
Size: 1024B - Virtual size: 638B

.text
Size: 3KB - Virtual size: 3KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 424B

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

06:03:43:da:68:34:f4:51:3c:e9:a1:a5:80:9e:5e:a5
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

2a:ba:30:2c:a1:16:1d:41:37:7c:39:74:10:ae:c1:38:17:21:b1:6a:b0:fa:69:98:58:bd:d1:71:7c:b9:31:a7
Signer

.text
Size: 1.8MB - Virtual size: 1.8MB

.rdata
Size: 466KB - Virtual size: 465KB

.data
Size: 9KB - Virtual size: 21KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 84KB - Virtual size: 84KB

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

0c:7b:2e:10:a0:d9:6c:4d:53:bd:1e:49:42:fc:ca:c9
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate