Architecture |
IMAGE_FILE_MACHINE_AMD64
|
---|---|
Subsystem |
IMAGE_SUBSYSTEM_WINDOWS_GUI
|
Compilation Date | 2014-Oct-29 00:52:10 |
Detected languages |
English - United States
|
Debug artifacts |
explorer.pdb
|
CompanyName | Microsoft Corporation |
FileDescription | Windows Explorer |
FileVersion | 6.3.9600.17415 (winblue_r4.141028-1500) |
InternalName | explorer |
LegalCopyright | © Microsoft Corporation. All rights reserved. |
OriginalFilename | EXPLORER.EXE |
ProductName | Microsoft® Windows® Operating System |
ProductVersion | 6.3.9600.17415 |
Suspicious | Strings found in the binary may indicate undesirable behavior: |
Contains references to system / monitoring tools:
|
Info | Cryptographic algorithms detected in the binary: | Uses constants related to CRC32 |
Suspicious | The PE is possibly packed. | Unusual section name found: .imrsiv |
Malicious | The PE contains functions mostly used by malware. |
[!] The program may be hiding some of its imports:
|
Info | The PE is digitally signed. |
Signer: Microsoft Windows
Issuer: Microsoft Windows Production PCA 2011 |
Safe | VirusTotal score: 0/61 (Scanned on 2022-07-10 14:13:00) | All the AVs think this file is safe. |
e_magic | MZ |
---|---|
e_cblp | 0x90 |
e_cp | 0x3 |
e_crlc | 0 |
e_cparhdr | 0x4 |
e_minalloc | 0 |
e_maxalloc | 0xffff |
e_ss | 0 |
e_sp | 0xb8 |
e_csum | 0 |
e_ip | 0 |
e_cs | 0 |
e_ovno | 0 |
e_oemid | 0 |
e_oeminfo | 0 |
e_lfanew | 0xf0 |
Signature | PE |
---|---|
Machine |
IMAGE_FILE_MACHINE_AMD64
|
NumberofSections | 8 |
TimeDateStamp | 2014-Oct-29 00:52:10 |
PointerToSymbolTable | 0 |
NumberOfSymbols | 0 |
SizeOfOptionalHeader | 0xf0 |
Characteristics |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
|
Magic | PE32+ |
---|---|
LinkerVersion | 11.3 |
SizeOfCode | 0x16e400 |
SizeOfInitializedData | 0xed000 |
SizeOfUninitializedData | 0x200 |
AddressOfEntryPoint | 0x0000000000050CF0 (Section: .text) |
BaseOfCode | 0x1000 |
ImageBase | 0x140000000 |
SectionAlignment | 0x1000 |
FileAlignment | 0x200 |
OperatingSystemVersion | 6.3 |
ImageVersion | 6.3 |
SubsystemVersion | 6.3 |
Win32VersionValue | 0 |
SizeOfImage | 0x261000 |
SizeOfHeaders | 0x400 |
Checksum | 0x27264e |
Subsystem |
IMAGE_SUBSYSTEM_WINDOWS_GUI
|
DllCharacteristics |
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_FORCE_INTEGRITY
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
|
SizeofStackReserve | 0x80000 |
SizeofStackCommit | 0xe000 |
SizeofHeapReserve | 0x100000 |
SizeofHeapCommit | 0x1000 |
LoaderFlags | 0 |
NumberOfRvaAndSizes | 16 |
msvcrt.dll |
_wtoi
wcsrchr strchr wcschr memset memcpy memcmp _wcsicmp bsearch memcpy_s wcsncpy_s _vsnwprintf _errno ??1type_info@@UEAA@XZ _CxxThrowException ceil cosf sqrt __CxxFrameHandler3 _onexit _snwprintf_s _vsnwprintf_s __dllonexit _unlock _lock ?terminate@@YAXXZ _commode _fmode _wcmdln __C_specific_handler _initterm __setusermatherr _cexit _exit exit __set_app_type __wgetmainargs _amsg_exit _XcptFilter memmove malloc realloc wcsstr free wcscmp |
---|---|
OLEAUT32.dll |
SysFreeString
SysAllocString SysAllocStringLen VarUI4FromStr VariantInit SysAllocStringByteLen |
api-ms-win-core-com-l1-1-1.dll |
CoTaskMemFree
CoCreateInstance CoRegisterClassObject CoRevokeClassObject CoSetProxyBlanket CoGetApartmentType CoTaskMemRealloc CoInitializeEx PropVariantClear CoUninitialize RoGetAgileReference StringFromGUID2 CoFreeUnusedLibraries CoWaitForMultipleHandles CreateStreamOnHGlobal CoEnableCallCancellation CoCancelCall CoDisableCallCancellation CoMarshalInterThreadInterfaceInStream CoReleaseMarshalData CoGetInterfaceAndReleaseStream CLSIDFromString CoTaskMemAlloc CoGetMalloc CoCreateFreeThreadedMarshaler |
api-ms-win-core-registry-l1-1-0.dll |
RegQueryValueExW
RegSetValueExW RegDeleteValueW RegEnumKeyExW RegGetValueW RegEnumValueW RegOpenCurrentUser RegOpenKeyExW RegCloseKey RegCreateKeyExW RegQueryInfoKeyW |
api-ms-win-eventing-provider-l1-1-0.dll |
EventUnregister
EventRegister EventEnabled EventWrite |
api-ms-win-core-processthreads-l1-1-2.dll |
GetThreadPriority
GetCurrentProcess GetCurrentThread TlsGetValue TlsFree SetThreadPriority ExitProcess ResumeThread GetExitCodeProcess GetPriorityClass SetProcessShutdownParameters TerminateThread GetStartupInfoW GetCurrentThreadId TerminateProcess TlsAlloc CreateProcessW GetCurrentProcessId SetThreadPriorityBoost OpenThread OpenThreadToken OpenProcess SetPriorityClass GetProcessId OpenProcessToken QueueUserAPC TlsSetValue CreateThread FlushInstructionCache |
api-ms-win-core-handle-l1-1-0.dll |
DuplicateHandle
CloseHandle |
api-ms-win-core-errorhandling-l1-1-1.dll |
UnhandledExceptionFilter
SetLastError GetLastError RaiseException SetErrorMode SetUnhandledExceptionFilter |
api-ms-win-core-synch-l1-2-0.dll |
InitializeSRWLock
ReleaseMutex WaitForMultipleObjectsEx SetEvent AcquireSRWLockShared EnterCriticalSection SleepEx LeaveCriticalSection CreateEventW ReleaseSRWLockShared ReleaseSemaphore CreateMutexW InitializeCriticalSection Sleep ReleaseSRWLockExclusive OpenEventW OpenMutexW DeleteCriticalSection AcquireSRWLockExclusive CreateEventExW OpenSemaphoreW WaitForSingleObject InitOnceExecuteOnce WaitForSingleObjectEx ResetEvent InitializeCriticalSectionEx |
api-ms-win-core-string-l2-1-0.dll |
IsCharAlphaNumericW
CharNextW CharLowerW CharUpperW CharPrevW |
api-ms-win-core-heap-l1-2-0.dll |
HeapFree
HeapAlloc GetProcessHeap HeapDestroy |
api-ms-win-core-string-l1-1-0.dll |
MultiByteToWideChar
WideCharToMultiByte CompareStringW CompareStringOrdinal |
api-ms-win-core-winrt-string-l1-1-0.dll |
WindowsCreateString
WindowsCreateStringReference WindowsDeleteString WindowsGetStringRawBuffer |
api-ms-win-core-libraryloader-l1-2-0.dll |
GetModuleHandleA
GetModuleHandleExW LoadStringW GetProcAddress FreeLibraryAndExitThread FreeLibrary GetModuleHandleW LoadResource SizeofResource LockResource GetModuleFileNameW LoadLibraryExA LoadLibraryExW FindResourceExW |
api-ms-win-core-threadpool-l1-2-0.dll |
WaitForThreadpoolTimerCallbacks
SetThreadpoolTimer CloseThreadpoolTimer CallbackMayRunLong FreeLibraryWhenCallbackReturns CreateThreadpoolWork SetThreadpoolWait TrySubmitThreadpoolCallback CreateThreadpoolWait CreateThreadpoolTimer SubmitThreadpoolWork |
api-ms-win-core-sysinfo-l1-2-1.dll |
GetLocalTime
GetProductInfo GetSystemTimeAsFileTime GetTickCount GetWindowsDirectoryW GetSystemDirectoryW GetTickCount64 GetVersionExW GetOsSafeBootMode GetSystemTime |
api-ms-win-eventing-classicprovider-l1-1-0.dll |
RegisterTraceGuidsW
GetTraceEnableFlags UnregisterTraceGuids GetTraceEnableLevel TraceMessage GetTraceLoggerHandle |
api-ms-win-core-processenvironment-l1-2-0.dll |
GetCurrentDirectoryW
GetCommandLineW ExpandEnvironmentStringsW SearchPathW |
api-ms-win-security-base-l1-2-0.dll |
CreateWellKnownSid
CopySid IsValidSid GetTokenInformation GetLengthSid CheckTokenMembership |
api-ms-win-power-base-l1-1-0.dll |
GetPwrCapabilities
PowerDeterminePlatformRoleEx CallNtPowerInformation |
api-ms-win-core-timezone-l1-1-0.dll |
SystemTimeToFileTime
GetTimeZoneInformation GetDynamicTimeZoneInformation |
api-ms-win-core-file-l1-2-1.dll |
FindFirstFileW
CompareFileTime GetFileAttributesW WriteFile FindFirstFileExW RemoveDirectoryW GetLongPathNameW FindClose FindNextFileW DeleteFileW CreateDirectoryW SetFileTime CreateFileW |
api-ms-win-core-datetime-l1-1-1.dll |
GetTimeFormatEx
GetDateFormatEx GetDateFormatW |
api-ms-win-core-psapi-l1-1-0.dll |
QueryFullProcessImageNameW
|
api-ms-win-core-util-l1-1-0.dll |
EncodePointer
DecodePointer |
api-ms-win-core-memory-l1-1-2.dll |
VirtualFree
VirtualAlloc CreateFileMappingW MapViewOfFile UnmapViewOfFile |
api-ms-win-core-interlocked-l1-2-0.dll |
InterlockedPopEntrySList
InterlockedPushEntrySList |
api-ms-win-core-rtlsupport-l1-2-0.dll |
RtlCaptureContext
RtlVirtualUnwind RtlLookupFunctionEntry |
api-ms-win-core-profile-l1-1-0.dll |
QueryPerformanceCounter
|
ntdll.dll |
NtQueryInformationProcess
NtQueryWnfStateData NtOpenProcessToken NtClose NtOpenThreadToken NtQueryInformationToken RtlNtStatusToDosError RtlFlushHeaps WinSqmEventEnabled WinSqmAddToStream NtSetSystemInformation RtlUnsubscribeWnfNotificationWaitForCompletion RtlSubscribeWnfStateChangeNotification RtlQueryWnfStateData WinSqmAddToStreamEx WinSqmSetString WinSqmSetDWORD WinSqmIsOptedIn NtSetInformationProcess |
api-ms-win-core-shlwapi-obsolete-l1-1-0.dll |
StrStrIW
StrRChrW StrCmpNICW QISearch StrRStrIW StrChrIW StrToIntW StrChrW StrCmpICW StrCmpNIW StrCmpIW SHLoadIndirectString StrCmpW StrCmpICA |
api-ms-win-core-heap-obsolete-l1-1-0.dll |
LocalReAlloc
LocalAlloc GlobalLock GlobalFree GlobalUnlock LocalFree GlobalAlloc |
api-ms-win-core-localization-obsolete-l1-2-0.dll |
GetUserDefaultUILanguage
|
api-ms-win-core-atoms-l1-1-0.dll |
GlobalGetAtomNameW
|
api-ms-win-core-string-obsolete-l1-1-0.dll |
lstrlenW
lstrcmpiW |
api-ms-win-core-job-l2-1-0.dll |
AssignProcessToJobObject
SetInformationJobObject CreateJobObjectW QueryInformationJobObject |
api-ms-win-core-registryuserspecific-l1-1-0.dll |
SHRegGetUSValueW
SHRegGetBoolUSValueW |
api-ms-win-core-com-private-l1-1-0.dll |
CoRevokeInitializeSpy
CoRegisterInitializeSpy CoRegisterMessageFilter |
api-ms-win-core-shlwapi-legacy-l1-1-0.dll |
PathGetArgsW
PathQuoteSpacesW PathFindExtensionW PathCombineW PathParseIconLocationW PathRemoveFileSpecW PathIsFileSpecW PathStripPathW PathFindFileNameW PathRemoveBlanksW PathFileExistsW SHExpandEnvironmentStringsW PathCommonPrefixW PathRemoveExtensionW PathGetDriveNumberW |
api-ms-win-core-threadpool-legacy-l1-1-0.dll |
UnregisterWaitEx
ChangeTimerQueueTimer CreateTimerQueueTimer DeleteTimerQueueTimer |
api-ms-win-core-kernel32-legacy-l1-1-1.dll |
PowerSetRequest
PowerCreateRequest MoveFileW RaiseFailFastException MulDiv LoadLibraryW RegisterWaitForSingleObject CopyFileW CreateSemaphoreW |
api-ms-win-core-registry-l2-1-0.dll |
RegCreateKeyW
RegDeleteKeyW |
KERNEL32.dll |
RegisterApplicationRestart
SetTermsrvAppInstallMode SetThreadExecutionState |
USER32.dll |
MsgWaitForMultipleObjects
RegisterClassExW SetWindowLongPtrW GetWindowLongPtrW LoadImageW GetDlgItem EnableWindow GetDlgItemInt SetDlgItemInt IsDlgButtonChecked CheckDlgButton IsWindowEnabled CallWindowProcW SetCapture ReleaseCapture DrawTextW AdjustWindowRect CalculatePopupWindowPosition GetMessageExtraInfo GetCapture SetGestureConfig DrawIconEx RemoveMenu SetMenuDefaultItem LoadMenuW GetSubMenu AllowSetForegroundWindow GetSysColorBrush GetPropW GetClassNameW InSendMessage GetCursorInfo GetPhysicalCursorPos WindowFromPhysicalPoint #2005 FindWindowExW CreateIconIndirect RemovePropW ReplyMessage SetCoalescableTimer GetLastInputInfo SetForegroundWindow GetWindowPlacement KillTimer GetWindowRgnBox SetWindowRgn SendMessageTimeoutW SendNotifyMessageW OffsetRect InvalidateRect EndDeferWindowPos DeferWindowPos BeginDeferWindowPos GetCursorPos RedrawWindow SubtractRect TrackPopupMenuEx MapWindowPoints GetClientRect GetWindowTextW UpdateWindow #2530 TranslateAcceleratorW IsWindow GetParent EnumWindows IsWindowVisible IntersectRect SetWindowCompositionAttribute ChangeWindowMessageFilterEx LoadAcceleratorsW SetTimer ShowWindow InflateRect EnumDisplayMonitors SetRectEmpty IsRectEmpty SetWindowPlacement CopyRect SetRect GetWindowBand GetForegroundWindow SetPropW MonitorFromRect MonitorFromPoint GetMonitorInfoW RegisterWindowMessageW SetWindowPos EqualRect PostQuitMessage SetCursor LoadCursorW UnhookWinEvent SetWinEventHook EnableMouseInPointer RegisterClassW DefWindowProcW DestroyWindow CloseDesktop GetUserObjectInformationW GetThreadDesktop FindWindowW SystemParametersInfoW DestroyMenu GetMenuDefaultItem CreatePopupMenu PeekMessageW DrawFocusRect GetSysColor ValidateRect NotifyWinEvent SetWindowTextW UnregisterPowerSettingNotification RegisterPowerSettingNotification GetAncestor GetCurrentInputMessageSource CopyIcon LockWorkStation TileWindows CascadeWindows GetWindowThreadProcessId HungWindowFromGhostWindow IsHungAppWindow GetWindowRgn WindowFromPoint ModifyMenuW CheckMenuItem DeleteMenu MsgWaitForMultipleObjectsEx ReleaseDC GetDC PostMessageW DispatchMessageW TranslateMessage GetMessageW PostThreadMessageW GetWindow PtInRect GetWindowRect GetSystemMetrics SendMessageW EnumChildWindows GetWindowLongW IsIconic DestroyIcon LoadIconW GetKeyState ExitWindowsEx GetFocus EnableMenuItem GetSystemMenu EndPaint DrawEdge FillRect BeginPaint TrackMouseEvent GetDoubleClickTime ClientToScreen GetMessagePos SetCursorPos ChildWindowFromPoint GetAsyncKeyState GetDesktopWindow EndDialog SendDlgItemMessageW UnregisterClassA #2522 UpdateLayeredWindow CallNextHookEx UnhookWindowsHookEx SetWindowsHookExW GetUpdateRect GetLayeredWindowAttributes SetLayeredWindowAttributes UnionRect GetCaretBlinkTime EnumDisplayDevicesW CreateWindowInBand GetMenuStringW GetWindowInfo InternalGetWindowText SetScrollPos GetScrollInfo SetScrollInfo IsZoomed GetMenuState IsTopLevelWindow OpenInputDesktop EndTask SetThreadDesktop GhostWindowFromHungWindow GetShellWindow GetIconInfo SwitchToThisWindow GetLastActivePopup UnregisterHotKey RegisterHotKey MonitorFromWindow GetProcessWindowStation MoveWindow GetNextDlgTabItem GetNextDlgGroupItem GetGUIThreadInfo SetMenuItemInfoW CreateWindowExW GetClassInfoW GetClassLongPtrW GetClassInfoExW GetMenuItemCount GetMenuItemInfoW DefWindowProcA SendMessageCallbackW GetClassWord BringWindowToTop ShowWindowAsync WindowFromDC InsertMenuW GetDlgCtrlID ScreenToClient AdjustWindowRectEx AppendMenuW FrameRect UnregisterClassW IsWindowUnicode GetClassLongW IsChild RegisterClipboardFormatW IsProcessDPIAware GetWindowDC SetFocus |
GDI32.dll |
GetDeviceCaps
GetTextColor ExtCreateRegion GetRegionData GdiFlush Polyline GetTextExtentPoint32W GetDIBits GetObjectW GetStockObject ExtTextOutW GetTextMetricsW SetTextAlign GetRgnBox SetLayout GetLayout LPtoDP OffsetViewportOrgEx GdiAlphaBlend CreateRectRgnIndirect GetClipBox CreateRectRgn SetRectRgn OffsetRgn CombineRgn CreateSolidBrush DeleteObject CreateFontIndirectW CreatePen GetTextExtentPointW CreateCompatibleDC CreateDIBSection CreateCompatibleBitmap SelectObject OffsetWindowOrgEx DeleteDC SetBkColor SetTextColor BitBlt SetBkMode CreateBitmap PatBlt GetBkColor GetClipRgn IntersectClipRect GetViewportOrgEx SetViewportOrgEx SelectClipRgn StretchDIBits Rectangle |
SHCORE.dll |
#130
#145 #126 #162 #213 #120 SHQueryInfoKeyW SHCreateStreamOnFileW #183 IsOS SHStrDupW IUnknown_Set IUnknown_QueryService #200 SHAnsiToUnicode #186 #187 SHGetThreadRef SetProcessReference SHCreateThreadRef SHSetThreadRef IUnknown_SetSite SHRegGetValueW #190 SHGetValueW SHSetValueW SHDeleteValueW SHCreateThread SetCurrentProcessExplicitAppUserModelID #191 #122 #123 #121 SHOpenRegStream2W IStream_Reset #170 IStream_Read SHCreateMemStream SHQueryValueExW #193 #143 #142 #141 SHCreateStreamOnFileEx SHUnicodeToAnsi #184 IStream_Write SHDeleteKeyW GetDpiForMonitor SHEnumKeyExW |
SHLWAPI.dll |
#548
#172 #193 AssocCreate #236 #278 #24 #225 #178 #484 #509 AssocQueryKeyW ChrCmpIW PathRemoveArgsW #635 #163 #571 #467 AssocQueryStringW #433 #279 #413 #478 #204 #165 #197 #292 PathIsDirectoryW #479 #388 #164 |
SHELL32.dll |
SHCreateItemWithParent
SHEvaluateSystemCommandTemplate SHOpenWithDialog #137 ExtractIconExW Shell_NotifyIconGetRect Shell_NotifyIconW SHAddToRecentDocs #893 SHCreateItemFromIDList #132 #91 ShellExecuteW #254 #54 SHEnableServiceObject #61 #64 #896 #60 SHUpdateRecycleBinIcon #2 SHGetKnownFolderIDList SHGetFolderPathEx SHFileOperationW #244 #711 #4 #731 SHGetPathFromIDListW SHGetNameFromIDList #644 #753 #733 #21 #25 #17 #16 #19 SHChangeNotifyRegisterThread #67 SHGetIDListFromObject SHCreateItemInKnownFolder SHCreateShellItem #892 #206 #201 #904 #188 #899 DragQueryFileW SHGetKnownFolderPath ShellExecuteExW #68 #200 #245 #89 SHBindToObject SHGetSpecialFolderPathW #723 SHGetFolderLocation #190 #155 SHParseDisplayName #18 #85 #100 #905 #526 #23 #134 #22 SHGetKnownFolderItem #764 SHChangeNotify #727 #850 #95 SHBindToFolderIDListParentEx SHBindToFolderIDListParent SHBindToParent #152 #840 #680 SHCreateItemFromParsingName #165 #885 SHCreateDataObject SHGetLocalizedName #787 #193 #88 #895 Shell_GetCachedImageIndexW #74 #792 #790 SHCreateAssociationRegistration #906 #181 SHGetPropertyStoreForWindow #894 #162 SHAppBarMessage #645 |
UxTheme.dll |
GetCurrentThemeName
#122 IsThemePartDefined GetThemeColor GetThemeFont IsThemeActive BufferedPaintUnInit BufferedPaintInit GetThemeMargins EndBufferedPaint DrawThemeTextEx BeginBufferedPaint SetWindowTheme GetThemeBackgroundContentRect GetThemeBackgroundRegion DrawThemeParentBackground GetThemeBackgroundExtent DrawThemeText GetThemeTextExtent #86 OpenThemeData DrawThemeBackground CloseThemeData GetThemeMetric #106 #104 #121 #120 #118 #98 IsCompositionActive IsAppThemed GetThemeRect GetThemeBool BufferedPaintClear GetWindowTheme GetThemePartSize GetBufferedPaintBits |
dwmapi.dll |
#138
#141 #113 DwmEnableBlurBehindWindow DwmSetWindowAttribute DwmIsCompositionEnabled DwmRegisterThumbnail #127 #114 DwmUnregisterThumbnail DwmUpdateThumbnailProperties #124 DwmQueryThumbnailSourceSize #140 |
TWINAPI.dll |
#9
|
d3d11.dll |
D3D11CreateDevice
|
dcomp.dll |
#1017
|
api-ms-win-core-localization-l1-2-1.dll |
GetLocaleInfoW
GetUserPreferredUILanguages FormatMessageW IsValidLocaleName GetThreadUILanguage |
api-ms-win-core-path-l1-1-0.dll |
PathCchCombine
PathCchAppend PathCchAddExtension |
SspiCli.dll |
GetUserNameExW
|
api-ms-win-core-io-l1-1-1.dll |
CreateIoCompletionPort
GetQueuedCompletionStatus |
api-ms-win-eventing-controller-l1-1-0.dll |
EnableTraceEx2
StartTraceW StopTraceW |
api-ms-win-service-management-l2-1-0.dll |
QueryServiceConfigW
NotifyServiceStatusChangeW |
USERENV.dll |
GetProfileType
|
api-ms-win-core-debug-l1-1-1.dll |
OutputDebugStringA
|
api-ms-win-core-sidebyside-l1-1-0.dll |
CreateActCtxW
ReleaseActCtx DeactivateActCtx ActivateActCtx |
api-ms-win-core-delayload-l1-1-1.dll |
DelayLoadFailureHook
ResolveDelayLoadedAPI |
PROPSYS.dll |
PSPropertyBag_WriteDWORD
PropVariantToString InitVariantFromResource PropVariantToBoolean PSCreateMemoryPropertyStore PropVariantToUInt32 PropVariantToStringAlloc |
api-ms-win-core-winrt-l1-1-0.dll |
RoGetActivationFactory
|
RPCRT4.dll |
RpcStringFreeW
RpcBindingFree NdrClientCall3 RpcBindingSetAuthInfoExW RpcStringBindingComposeW RpcBindingFromStringBindingW I_RpcExceptionFilter |
SLC.dll |
SLUnregisterWindowsEvent
SLRegisterWindowsEvent |
profapi.dll |
#104
|
api-ms-win-security-lsalookup-l1-1-1.dll |
EnumerateIdentityProviders
ReleaseIdentityProviderEnumContext GetIdentityProviderInfoByGUID GetDefaultIdentityProvider |
netutils.dll (delay-loaded) |
NetApiBufferFree
|
Attributes | 0x1 |
---|---|
Name | netutils.dll |
ModuleHandle | 0x172510 |
DelayImportAddressTable | 0x190000 |
DelayImportNameTable | 0x160830 |
BoundDelayImportTable | 0 |
UnloadDelayImportTable | 0 |
TimeStamp | 1970-Jan-01 00:00:00 |
Signature | 0xfeef04bd |
---|---|
StructVersion | 0x10000 |
FileVersion | 6.3.9600.17415 |
ProductVersion | 6.3.9600.17415 |
FileFlags | (EMPTY) |
FileOs |
VOS_DOS_WINDOWS32
VOS_NT
VOS_NT_WINDOWS32
VOS_WINCE
VOS__WINDOWS32
|
FileType |
VFT_APP
|
Language | English - United States |
CompanyName | Microsoft Corporation |
FileDescription | Windows Explorer |
FileVersion (#2) | 6.3.9600.17415 (winblue_r4.141028-1500) |
InternalName | explorer |
LegalCopyright | © Microsoft Corporation. All rights reserved. |
OriginalFilename | EXPLORER.EXE |
ProductName | Microsoft® Windows® Operating System |
ProductVersion (#2) | 6.3.9600.17415 |
Resource LangID | English - United States |
---|
Characteristics |
0
|
---|---|
TimeDateStamp | 2014-Oct-29 00:52:10 |
Version | 0.0 |
SizeofData | 37 |
AddressOfRawData | 0x160fd0 |
PointerToRawData | 0x1603d0 |
Referenced File | explorer.pdb |
Characteristics |
0
|
---|---|
TimeDateStamp | 2014-Oct-29 00:52:10 |
Version | 566.30117 |
SizeofData | 8 |
AddressOfRawData | 0x160fc8 |
PointerToRawData | 0x1603c8 |
Size | 0x94 |
---|---|
TimeDateStamp | 1970-Jan-01 00:00:00 |
Version | 0.0 |
GlobalFlagsClear | (EMPTY) |
GlobalFlagsSet | (EMPTY) |
CriticalSectionDefaultTimeout | 0 |
DeCommitFreeBlockThreshold | 0 |
DeCommitTotalFreeThreshold | 0 |
LockPrefixTable | 0 |
MaximumAllocationSize | 0 |
VirtualMemoryThreshold | 0 |
ProcessAffinityMask | 0 |
ProcessHeapFlags | (EMPTY) |
CSDVersion | 0 |
Reserved1 | 0 |
EditList | 0 |
SecurityCookie | 0x140172508 |
GuardCFCheckFunctionPointer | 5370318496 |
GuardCFDispatchFunctionPointer | 0 |
GuardCFFunctionTable | 0 |
GuardCFFunctionCount | 0 |
GuardFlags | (EMPTY) |
CodeIntegrity.Flags | 0 |
CodeIntegrity.Catalog | 0 |
CodeIntegrity.CatalogOffset | 0 |
CodeIntegrity.Reserved | 0 |
GuardAddressTakenIatEntryTable | 0 |
GuardAddressTakenIatEntryCount | 0 |
GuardLongJumpTargetTable | 0 |
GuardLongJumpTargetCount | 0 |
XOR Key | 0x92c82e03 |
---|---|
Unmarked objects | 0 |
Imports (VS2008 SP1 build 30729) | 120 |
ASM objects (65501) | 2 |
C++ objects (65501) | 87 |
Total imports | 1297 |
Imports (65501) | 35 |
216 (65501) | 177 |
C objects (65501) | 35 |
Resource objects (65501) | 1 |
Linker (65501) | 1 |