Manalyze report for 15efb954beb68ed3ef3af226011920af

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2022-Oct-03 15:05:57
Detected languages	English - United States German - Switzerland
CompanyName	Ghisler Software GmbH
FileDescription	Total Commander Installer
FileVersion	`10.52`
InternalName	INSTALL
LegalCopyright	Copyright © Ghisler Software GmbH 1993-2022
OriginalFilename	install.exe
ProductName	Total Commander Installer
ProductVersion	`10.52`

Plugin Output

Info	Matching compiler(s):	`Microsoft Visual C++ 6.0 - 8.0` `Microsoft Visual C++` `Microsoft Visual C++ v6.0` `Microsoft Visual C++ v5.0/v6.0 (MFC)`
Suspicious	Strings found in the binary may indicate undesirable behavior:	`Miscellaneous malware strings: CMD.EXE cmd.exe` `Contains domain names: ghisler.com https://www.ghisler.com https://www.ghisler.com/ www.ghisler.com`
Info	Cryptographic algorithms detected in the binary:	`Uses constants related to Blowfish`
Malicious	The PE contains functions mostly used by malware.	`[!] The program may be hiding some of its imports: LoadLibraryExW LoadLibraryExA LoadLibraryA GetProcAddress` `Functions which can be used for anti-debugging purposes: FindWindowA` `Can access the registry: RegCreateKeyExA RegCreateKeyExW RegCloseKey RegQueryValueExA RegOpenKeyExA RegQueryValueExW RegOpenKeyExW RegSetValueExA RegDeleteKeyA RegOpenKeyA RegCreateKeyA` `Possibly launches other programs: WinExec ShellExecuteW` `Functions related to the privilege level: AdjustTokenPrivileges OpenProcessToken` `Enumerates local disk drives: GetDriveTypeA` `Manipulates other processes: OpenProcess` `Can take screenshots: FindWindowA GetDC`
Info	The PE is digitally signed.	`Signer: Ghisler Software GmbH` `Issuer: Sectigo Public Code Signing CA R36`
Suspicious	VirusTotal score: 1/69 (Scanned on 2022-11-26 03:13:11)	`Malwarebytes: Malware.Heuristic.1004`

Hashes

MD5	`15efb954beb68ed3ef3af226011920af`
SHA1	`e7689327feeee7afa6685e5489257feeca3abc07`
SHA256	`b7a1454c9abcedf11a7581902557565bb0140245913382f18d6372e562590663`
SHA3	`fc788319836b4d136972a1e94c70c6221e3ac10743eeb3798abaefcd7ad7f1fc`
SSDeep	`196608:4iTXRU2EhkbyqQh+cMgE5sUqfKqyUQDusDShb+ls9jcSDUb:4ibvEybyj0cMgA6KJUgusDeb+lCcSU`
Imports Hash	`a2ebad51c550802538661116cc08c063`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0xe8`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`4`
TimeDateStamp	2022-Oct-03 15:05:57
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_32BIT_MACHINE` `IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LINE_NUMS_STRIPPED` `IMAGE_FILE_LOCAL_SYMS_STRIPPED` `IMAGE_FILE_RELOCS_STRIPPED`

Image Optional Header

Magic	`PE32`
LinkerVersion	`6.0`
SizeOfCode	`0x19000`
SizeOfInitializedData	`0xf000`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x000141F8 (Section: .text)`
BaseOfCode	`0x1000`
BaseOfData	`0x1a000`
ImageBase	`0x400000`
SectionAlignment	`0x1000`
FileAlignment	`0x1000`
OperatingSystemVersion	`4.0`
ImageVersion	`0.0`
SubsystemVersion	`4.0`
Win32VersionValue	`0`
SizeOfImage	`0x29000`
SizeOfHeaders	`0x1000`
Checksum	`0x8cba10`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`bd968f7e3c7af08b7ad59e18f9c1d770`
SHA1	`e8a3aec35f952820cec86697dae99c4817c9982a`
SHA256	`3fdd1ec04c47ba440efdf57c3477f0b6e49563d2ff679368b596d23be183a702`
SHA3	`fe04059f30d4a1f346b2cbd5ea848d68d160327d59e04421f876834c8a2f601b`
VirtualSize	`0x18990`
VirtualAddress	`0x1000`
SizeOfRawData	`0x19000`
PointerToRawData	`0x1000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.53771`

.rdata

MD5	`8c9863a82259001fdd8abbfa346f7122`
SHA1	`b85f7693c0e5c85721e8aa0ecb3f8ada3926e972`
SHA256	`5fa6c0b7d54ebfd7b2670bc1b393d3900dad22c48cc75a71ae4abf8104bcaf66`
SHA3	`6c8b5fbffb9ddfc1cf90b7b779abfa43f260f2dee796a609117df5de38071a28`
VirtualSize	`0x1bd8`
VirtualAddress	`0x1a000`
SizeOfRawData	`0x2000`
PointerToRawData	`0x1a000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`5.23855`

.data

MD5	`998ed4f600e2465311c8eed6a4c86a86`
SHA1	`14ab69fb35987b5b333dcd37c8817a1bb78de826`
SHA256	`802c4956be9e3584d14d3daf55a2bb63af1a0ff01f755ff2510cb56dfd03c6de`
SHA3	`c4b9baa4afa52d260f7fa03d346ec2b9b734e6f9be06d9a5ebddb92e521025cc`
VirtualSize	`0x9c9c`
VirtualAddress	`0x1c000`
SizeOfRawData	`0x5000`
PointerToRawData	`0x1c000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`3.08037`

.rsrc

MD5	`f0154ab826f6fe759b3d48a2f5bef4a9`
SHA1	`e8b83e0d432daa8ad6d3665e58b98dc971594883`
SHA256	`4a9972a504e8c19da9f034c6139a54ad97029023c705d46a6048302ab6a6a3c3`
SHA3	`533676d2f51f5f63e5ac55b6cda3b1f4231168d69392a0b88ef6804594401637`
VirtualSize	`0x27b0`
VirtualAddress	`0x26000`
SizeOfRawData	`0x3000`
PointerToRawData	`0x21000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`3.81096`

Imports

KERNEL32.dll	`GetFileSize` `IsValidCodePage` `SetLastError` `SetNamedPipeHandleState` `GetCurrentProcessId` `WideCharToMultiByte` `TransactNamedPipe` `LocalAlloc` `CreateNamedPipeW` `DisconnectNamedPipe` `WaitNamedPipeA` `DuplicateHandle` `RemoveDirectoryW` `CopyFileW` `ConnectNamedPipe` `CreateThread` `GetWindowsDirectoryW` `LoadLibraryExW` `GetSystemDirectoryW` `LoadLibraryExA` `FindNextFileW` `SetEnvironmentVariableA` `GetOEMCP` `GetACP` `GetSystemDirectoryA` `CompareStringA` `GetCPInfo` `GetStringTypeW` `GetStringTypeA` `GetFileType` `GetStdHandle` `SetHandleCount` `GetEnvironmentStringsW` `GetEnvironmentStrings` `FreeEnvironmentStringsW` `FreeEnvironmentStringsA` `UnhandledExceptionFilter` `LCMapStringW` `LCMapStringA` `HeapReAlloc` `VirtualAlloc` `VirtualFree` `HeapCreate` `HeapDestroy` `GetVersion` `GetStartupInfoA` `TerminateProcess` `ExitProcess` `HeapAlloc` `HeapFree` `RtlUnwind` `FindFirstFileW` `GetDriveTypeA` `GetVersionExA` `SetErrorMode` `GetCommandLineA` `GetCommandLineW` `GetModuleFileNameW` `GetModuleFileNameA` `GlobalAlloc` `LoadLibraryA` `GlobalFree` `LocalFree` `GetUserDefaultLCID` `WinExec` `CopyFileA` `GetPrivateProfileStringA` `GetWindowsDirectoryA` `GetEnvironmentVariableW` `GetEnvironmentVariableA` `DosDateTimeToFileTime` `LocalFileTimeToFileTime` `CreateFileA` `CreateFileW` `SetFilePointer` `ReadFile` `WriteFile` `DeleteFileA` `SetFileTime` `WritePrivateProfileStringA` `CreateDirectoryW` `CreateDirectoryA` `GetTickCount` `Sleep` `GetCurrentProcess` `OpenProcess` `GetModuleHandleA` `CloseHandle` `GetProcAddress` `GetLastError` `FindFirstFileA` `FindNextFileA` `FindClose` `MultiByteToWideChar` `GetFileAttributesA` `CompareStringW` `SetFileAttributesA`
USER32.dll	`OemToCharA` `CharPrevW` `LoadIconA` `RegisterClassA` `CreateWindowExA` `GetMessageA` `FindWindowA` `GetUserObjectSecurity` `CharLowerA` `BeginPaint` `EndPaint` `PostQuitMessage` `DefWindowProcA` `GetSystemMetrics` `DrawTextW` `BringWindowToTop` `SetForegroundWindow` `LoadCursorA` `IsWindowUnicode` `CharPrevA` `MessageBoxA` `UpdateWindow` `CharUpperA` `PostMessageA` `MessageBoxW` `EnumWindows` `GetClassNameA` `GetWindowTextA` `GetClassLongA` `GetDlgItemTextW` `EnableWindow` `CheckRadioButton` `GetKeyState` `IsDlgButtonChecked` `CheckDlgButton` `SetFocus` `DialogBoxParamW` `SetCursor` `DialogBoxParamA` `MessageBeep` `SendDlgItemMessageW` `EndDialog` `SendMessageW` `SendMessageA` `GetDlgItemTextA` `DestroyWindow` `CreateDialogParamW` `CreateDialogParamA` `GetDlgItem` `ShowWindow` `GetSystemMenu` `DeleteMenu` `IsIconic` `GetDC` `GetClientRect` `FillRect` `wsprintfA` `GetSysColor` `DrawTextA` `ReleaseDC` `SendDlgItemMessageA` `SetWindowTextA` `SetDlgItemTextW` `SetDlgItemTextA` `GetWindowRect` `GetParent` `MoveWindow` `PeekMessageA` `IsDialogMessageA` `TranslateMessage` `DispatchMessageA` `GetWindowThreadProcessId`
GDI32.dll	`CreateFontA` `SelectObject` `GetStockObject` `DeleteObject` `IntersectClipRect` `SetTextColor` `SetBkMode` `CreateSolidBrush` `SetBkColor`
ADVAPI32.dll	`RegCreateKeyExA` `AddAccessAllowedAce` `RegCreateKeyExW` `InitializeSecurityDescriptor` `SetSecurityDescriptorOwner` `SetSecurityDescriptorDacl` `IsValidSecurityDescriptor` `GetLengthSid` `RegCloseKey` `RegQueryValueExA` `RegOpenKeyExA` `GetUserNameA` `AdjustTokenPrivileges` `LookupPrivilegeValueA` `OpenProcessToken` `RegQueryValueExW` `RegOpenKeyExW` `LookupAccountNameW` `RegSetValueExA` `RegDeleteKeyA` `RegOpenKeyA` `GetSecurityDescriptorOwner` `RegCreateKeyA` `FreeSid` `LookupAccountSidW` `EqualSid` `GetAce` `AllocateAndInitializeSid` `DeleteAce` `LookupAccountSidA` `GetTokenInformation` `GetUserNameW` `InitializeAcl`
SHELL32.dll	`ShellExecuteW`
COMCTL32.dll	`#17`

Delayed Imports

1

Type	`RT_ICON`
Language	German - Switzerland
Codepage	UNKNOWN
Size	`0x2e8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.48525`
MD5	`aeea23c50ecff2121b294566e5c50451`
SHA1	`7fbd3e48c3fc7b3e3b9daac516622260b44c4bb5`
SHA256	`09bd2deb8c1007dcec070cb5e2c93923729e9e51d3acc866c4252ee856d24984`
SHA3	`6fdab00564f78c1217aa7b5b33e9c43633532853d137064ffa960f80cc54657b`

2

Type	`RT_ICON`
Language	German - Switzerland
Codepage	UNKNOWN
Size	`0x128`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.43362`
MD5	`d890f1c0ccefd8c9efd98d257bb62843`
SHA1	`ab76f48d0920f8b604c876cfa0176ce154e22e61`
SHA256	`68d3dc62775c5b9180b8cfca367841dd7b339ae163e9ee46b6002afe7c19c2ea`
SHA3	`8518b8716b08020d8d6e227863f6cbab464599b0354871b18e55763e6009214d`

3

Type	`RT_ICON`
Language	German - Switzerland
Codepage	UNKNOWN
Size	`0x568`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.16448`
MD5	`6b6048caea93269d65dd0ca2a61119b8`
SHA1	`563ba89c69440dea58dedce9c0920b50d1d2b512`
SHA256	`e7b46da9e9598ca1fa7339e91b385783e49fb762a8532fbb1a5cb2476e692f4e`
SHA3	`4297fd78e141bc5db9eb58cbf3303409de46de1bf4d2b184b7d6b9f6980615ad`

CREATELNKDLG

Type	`RT_DIALOG`
Language	German - Switzerland
Codepage	UNKNOWN
Size	`0x292`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.50578`
MD5	`b5f079dc2ba3388264100a45e9683f6c`
SHA1	`061141ba74e20ed02f97033616014acce70fa794`
SHA256	`ccbc8e935b74d8dfb1215b56f0d170cf8b739b29f2ea59987a2e279148621882`
SHA3	`9d7dd27e3cb23bf4aa9b5c0e454bcfb991ec66e4cd6aa478f6ac5bc60da3da1d`

DLG2FILEACTIONMIN

Type	`RT_DIALOG`
Language	German - Switzerland
Codepage	UNKNOWN
Size	`0xca`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.96201`
MD5	`43e2bc0a1149a5470c089bac35dedf04`
SHA1	`6442f6f1a919fa819d75004693a96f2445b834f7`
SHA256	`9a7c6d3399b1b5c081a4410f2fbbca0eeb9846c8b6e3306d37305b3a831ac54e`
SHA3	`c102a5d41a716f7165c2f4a4295383e5ebcbc86b8785c30b95144cd57782ad5f`

INILOCATION

Type	`RT_DIALOG`
Language	German - Switzerland
Codepage	UNKNOWN
Size	`0x482`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.58674`
MD5	`7ecb6eac9a14a0565c44f227fbc08d2a`
SHA1	`0c9d340ef2fe5e6d6bb39fea85585d59a6fdfeb9`
SHA256	`2570c781cae8404572aaa4f283eb6d20f09db03d37a500d512632f1aee2124b0`
SHA3	`8dccf12cc71f771ad3485bde9873edf84a43a77db647cb0b7455205d459ae00d`

LANGUAGEDIALOG

Type	`RT_DIALOG`
Language	German - Switzerland
Codepage	UNKNOWN
Size	`0x1fa`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.428`
MD5	`7cd9c5eb6126b8136df91b3a9da0ddcb`
SHA1	`4a83fa1dcd8f8412b3c735f0f9cbf7950bbfe2f9`
SHA256	`a90d86def534e245ae42d06fa2c99948648679a8865409eb0fb976d3235cd929`
SHA3	`52c38619e5a8ed552b81bbc355a3ec71f62196b14edf94879be73758f36fdc38`

MESSAGEBOXDLG

Type	`RT_DIALOG`
Language	German - Switzerland
Codepage	UNKNOWN
Size	`0x16a`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.14063`
MD5	`bbe400e3817a2f17ebcae013c7298779`
SHA1	`58e64332992799166f0d72f869bed6758430b6f6`
SHA256	`b59abc54c5ed74b3f98a10f671d5dd2487ffca16382d75778a44f03e85492a1b`
SHA3	`9e64c3b4749c1a99c7bbd26ec0b0ffce2b52ee5c70b076104f46301cbb6a8e0d`

MYINPUTDIALOG

Type	`RT_DIALOG`
Language	German - Switzerland
Codepage	UNKNOWN
Size	`0x156`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.09404`
MD5	`7eee2462e9835983bc7020d1b8953f3f`
SHA1	`7e6fe995dbe5d2d9e01eefcead128421cfd61d75`
SHA256	`0fc6118386e3386e590ac0c645c43f8ca27df690a86cd32212bf7aacc4f2e853`
SHA3	`c4022db463adcde437ee8b6deb8a5ed500d1a02f84ecfcea772e03990166dec8`

TEXTBOXDLG

Type	`RT_DIALOG`
Language	German - Switzerland
Codepage	UNKNOWN
Size	`0x6e`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.05155`
MD5	`fe6f9094062b961062d060e95c002932`
SHA1	`f43ef66d475a4410de6b7eb514ed0b9cbd88ff8a`
SHA256	`49a54640dda68c2599a904a5845bd7a25be6323e233bc35bdd6106605c0c2082`
SHA3	`f81a7ac5720f268000ec0b8fe045af47f84d924c8e6fc2a9562f4e2e8d17fde4`

UPDATEDLG

Type	`RT_DIALOG`
Language	German - Switzerland
Codepage	UNKNOWN
Size	`0x122`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.10441`
MD5	`395f9bf3c4252800b5c21c447b6b6557`
SHA1	`d7312e45f6e88770411bbd311f7f16efd425fb51`
SHA256	`f09f457c85cd7359a7a38cd937bc75dd1853ff6a605ba2130a3e39c81fa06b33`
SHA3	`983fd2e0fae9d140d0edf7e881a75326f95524b5d3fcc76a2c0d95c0ff0e6147`

WANTSETLOCATION

Type	`RT_DIALOG`
Language	German - Switzerland
Codepage	UNKNOWN
Size	`0x136`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.01734`
MD5	`cc77169ed0759a97940a502a7a313768`
SHA1	`8dc03370c7b1c221884d87537221b6cdd7f4c521`
SHA256	`5d19cadf7e4a01c58c4cd40bb8459877929a95e65aa07f10da858b24db2290dc`
SHA3	`4e74325889b2456da01ab43c0ede279980711eb026ad7ddfedcad95ba9fdcc54`

WINDOWSCMD

Type	`RT_GROUP_ICON`
Language	German - Switzerland
Codepage	UNKNOWN
Size	`0x30`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.60452`
Detected Filetype	Icon file
MD5	`2de65306a4cb3c6764ad726658975c02`
SHA1	`a1d3febac52b59318de5b74ddced416c69758a31`
SHA256	`0cf55c35654d27f8a2c69bb677879fa2414f394489877d1cc4ec3d28fefa17f9`
SHA3	`938b3a173587e984d832c5870556b9ed2134e3bc9c908e9246f92b12124a7547`

1 (#2)

Type	`RT_VERSION`
Language	German - Switzerland
Codepage	UNKNOWN
Size	`0x3a0`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.40504`
MD5	`49b52b50fd534accd823acff1a8d3f96`
SHA1	`e9942efcd78419fcb8af3be5531c08f6953ab760`
SHA256	`1b006e552a393b2613bded06077d5628816bbcc09758659706dd0e0171c56125`
SHA3	`1fb3b5ebda3b6f8350653487043254e1687bc48bd8560c8cdc7267a11b7df8c6`

1 (#3)

Type	`RT_MANIFEST`
Language	German - Switzerland
Codepage	UNKNOWN
Size	`0x66e`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.16857`
MD5	`a49e6e7ccd5918d8f89a7b95fffdcfa9`
SHA1	`819ffde2a1005127c8c65b786412867a9d133291`
SHA256	`fb8814db338476db7eaf8a63da3f6f3fc90afb84fd46877a6b826c56abfc1943`
SHA3	`bd24af3fa355190f9a40ceac0e5242c040942bcce993d1619334e2d3e0849378`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	10.52.0.0
ProductVersion	10.52.0.0
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT` `VOS_NT_WINDOWS32` `VOS_WINCE` `VOS__WINDOWS32`
FileType	`VFT_APP`
Language	English - United States
CompanyName	Ghisler Software GmbH
FileDescription	Total Commander Installer
FileVersion (#2)	10.52
InternalName	INSTALL
LegalCopyright	Copyright © Ghisler Software GmbH 1993-2022
OriginalFilename	install.exe
ProductName	Total Commander Installer
ProductVersion (#2)	10.52

Resource LangID	German - Switzerland

TLS Callbacks

Load Configuration

RICH Header

XOR Key	`0x3cddb040`
Unmarked objects	`0`
12 (7291)	`5`
C++ objects (VS98 SP6 build 8804)	`1`
14 (7299)	`21`
Unmarked objects (#2)	`27`
19 (8034)	`11`
Total imports	`216`
C objects (VS98 SP6 build 8804)	`78`
Resource objects (VS98 SP6 cvtres build 1736)	`1`

15efb954beb68ed3ef3af226011920af

Summary

Plugin Output

Hashes

DOS Header

PE Header

Image Optional Header

.text

.rdata

.data

.rsrc

Imports

Delayed Imports

1

2

3

CREATELNKDLG

DLG2FILEACTIONMIN

INILOCATION

LANGUAGEDIALOG

MESSAGEBOXDLG

MYINPUTDIALOG

TEXTBOXDLG

UPDATEDLG

WANTSETLOCATION

WINDOWSCMD

1 (#2)

1 (#3)

Version Info

TLS Callbacks

Load Configuration

RICH Header

Errors