Architecture |
IMAGE_FILE_MACHINE_AMD64
|
---|---|
Subsystem |
IMAGE_SUBSYSTEM_WINDOWS_GUI
|
Compilation Date | 2021-Oct-09 06:41:24 |
Detected languages |
English - United States
|
Debug artifacts |
c:\jenkins\workspace\Client\Client\Windows\release-64\Bin\X64\Release\Zoom.pdb
|
Comments | Zoom |
CompanyName | Zoom Video Communications, Inc. |
FileDescription | Zoom Meetings |
FileVersion | 5,8,1,1435 |
InternalName | Zoom |
LegalCopyright | © Zoom Video Communications, Inc. All rights reserved. |
LegalTrademarks | Zoom |
OriginalFilename | Zoom |
ProductName | Zoom |
ProductVersion | 5,8,1,1435 |
Info | Interesting strings found in the binary: |
Contains domain names:
|
Malicious | The PE contains functions mostly used by malware. |
[!] The program may be hiding some of its imports:
|
Info | The PE is digitally signed. |
Signer: Zoom Video Communications
Issuer: DigiCert EV Code Signing CA (SHA2) |
Safe | VirusTotal score: 0/66 (Scanned on 2021-10-13 12:36:27) | All the AVs think this file is safe. |
e_magic | MZ |
---|---|
e_cblp | 0x90 |
e_cp | 0x3 |
e_crlc | 0 |
e_cparhdr | 0x4 |
e_minalloc | 0 |
e_maxalloc | 0xffff |
e_ss | 0 |
e_sp | 0xb8 |
e_csum | 0 |
e_ip | 0 |
e_cs | 0 |
e_ovno | 0 |
e_oemid | 0 |
e_oeminfo | 0 |
e_lfanew | 0x128 |
Signature | PE |
---|---|
Machine |
IMAGE_FILE_MACHINE_AMD64
|
NumberofSections | 6 |
TimeDateStamp | 2021-Oct-09 06:41:24 |
PointerToSymbolTable | 0 |
NumberOfSymbols | 0 |
SizeOfOptionalHeader | 0xf0 |
Characteristics |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
|
Magic | PE32+ |
---|---|
LinkerVersion | 14.0 |
SizeOfCode | 0x12600 |
SizeOfInitializedData | 0x31400 |
SizeOfUninitializedData | 0 |
AddressOfEntryPoint | 0x00000000000111B0 (Section: .text) |
BaseOfCode | 0x1000 |
ImageBase | 0x140000000 |
SectionAlignment | 0x1000 |
FileAlignment | 0x200 |
OperatingSystemVersion | 5.2 |
ImageVersion | 0.0 |
SubsystemVersion | 5.2 |
Win32VersionValue | 0 |
SizeOfImage | 0x47000 |
SizeOfHeaders | 0x400 |
Checksum | 0x4896a |
Subsystem |
IMAGE_SUBSYSTEM_WINDOWS_GUI
|
DllCharacteristics |
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
|
SizeofStackReserve | 0x100000 |
SizeofStackCommit | 0x1000 |
SizeofHeapReserve | 0x100000 |
SizeofHeapCommit | 0x1000 |
LoaderFlags | 0 |
NumberOfRvaAndSizes | 16 |
DllSafeCheck64.dll |
HackCheck
|
---|---|
PSAPI.DLL |
GetModuleInformation
GetModuleFileNameExW EnumProcessModules |
zCrashReport64.dll |
#7
#9 |
Cmmlib.dll |
?Now@Time@Cmm@@SA?AV12@XZ
?GetZoomAccountManager@Cmm@@YAPEAVIZoomAccountManager@zoom_data@@XZ ?GetZoomClientData@Cmm@@YAPEAVIZoomClientData@zoom_data@@XZ ?GetZoomAppPropData@Cmm@@YAPEAVIZoomAppPropData@zoom_data@@XZ CmmMQ_GetService ?CreateAppContext@Cmm@@YAPEAVISSBAppContext@1@AEBV?$CStringT@_W@1@HH@Z ?NotifyClientDataTermed@Cmm@@YAXXZ ?IsPTProcess@Cmm@@YAHXZ ?GetSwitchValueASCII@CommandLine@Cmm@@QEBA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AEBV34@@Z ?ForCurrentProcess@CommandLine@Cmm@@SAPEAV12@XZ ?DestroyDefaultMessageLoop@ZoomWorkerFactory@Cmm@@SAXXZ ?GetSpecialDirectory@CFileName@Cmm@@QEAAXW4SpecialFolder@12@H@Z ?SetProcessType@Cmm@@YAXW4PROCESS_TYPE@@@Z ?DestroyAppContext@Cmm@@YAXPEAVISSBAppContext@1@@Z ?Empty@?$CStringT@D@Cmm@@QEAAXXZ ?empty@?$CStringT@D@Cmm@@QEBA_NXZ ??0?$CStringT@D@Cmm@@QEAA@XZ ??0?$CStringT@D@Cmm@@QEAA@PEB_W@Z ??0?$CStringT@D@Cmm@@QEAA@AEBV?$CStringT@_W@1@@Z ??1?$CStringT@D@Cmm@@UEAA@XZ ??4?$CStringT@D@Cmm@@QEAAAEAV01@PEBD@Z ??4?$CStringT@D@Cmm@@QEAAAEAV01@AEBV01@@Z ?c_str@?$CStringT@D@Cmm@@QEBAPEBDXZ ?empty@?$CStringT@_W@Cmm@@QEBA_NXZ ??0?$CStringT@_W@Cmm@@QEAA@XZ ??0?$CStringT@_W@Cmm@@QEAA@PEB_W@Z ??0?$CStringT@_W@Cmm@@QEAA@PEBD@Z ??1?$CStringT@_W@Cmm@@UEAA@XZ ??4?$CStringT@_W@Cmm@@QEAAAEAV01@PEB_W@Z ??4?$CStringT@_W@Cmm@@QEAAAEAV01@AEBV01@@Z ??Y?$CStringT@_W@Cmm@@QEAAAEAV01@PEB_W@Z ??Y?$CStringT@_W@Cmm@@QEAAAEAV01@AEBV01@@Z ?c_str@?$CStringT@_W@Cmm@@QEBAPEB_WXZ ?GetBuffer@?$CStringT@_W@Cmm@@QEAAPEA_W_K@Z ?IsEmpty@?$CStringT@_W@Cmm@@QEBAHXZ ?SetLength@?$CStringT@_W@Cmm@@QEAAX_K@Z ??1CFileName@Cmm@@UEAA@XZ ?GetModuleFileNameW@CFileName@Cmm@@QEAAXPEAUHINSTANCE__@@@Z ?GetName@CFileName@Cmm@@QEBAPEB_WXZ ??0CFileName@Cmm@@QEAA@XZ ??B?$CStringT@_W@Cmm@@QEBAPEB_WXZ ??Y?$CStringT@_W@Cmm@@QEAAAEAV01@PEBD@Z ??8?$CStringT@_W@Cmm@@QEBA_NAEBV01@@Z ?GetModuleLoader@Cmm@@YAPEAVICmmModuleLoader@1@XZ ?GetModuleRegistry@Cmm@@YAPEAVICmmModuleRegistry@1@XZ ??1CCmmArchiveObjHelper@Cmm@@QEAA@XZ ??0CCmmArchiveObjHelper@Cmm@@QEAA@PEBD@Z ?FreeMsg@CCmmMessageHelper@Cmm@@YAXPEAVCmmMQ_Msg@2@@Z ?FlatternToMsg@CCmmMessageHelper@Cmm@@YAPEAVCmmMQ_Msg@2@PEAVCCmmArchiveObjHelper@2@H@Z ??1CSBMBMessage_NotifyNetworkStateChanged@@UEAA@XZ ?Set_Flag@CSBMBMessage_NotifyNetworkStateChanged@@QEAAXAEBI@Z ?Set_State@CSBMBMessage_NotifyNetworkStateChanged@@QEAAXAEBI@Z ??0CSBMBMessage_NotifyNetworkStateChanged@@QEAA@XZ ??1CSBMBMessage_NotifyAppInActive@@UEAA@XZ ?Set_Reason@CSBMBMessage_NotifyAppInActive@@QEAAXAEBV?$CStringT@D@Cmm@@@Z ??0CSBMBMessage_NotifyAppInActive@@QEAA@XZ ??1CSBMBMessage_NotifyAppActive@@UEAA@XZ ?Set_Reason@CSBMBMessage_NotifyAppActive@@QEAAXAEBV?$CStringT@D@Cmm@@@Z ??0CSBMBMessage_NotifyAppActive@@QEAA@XZ ?cmm_str_convert@@YA_KHPEAD_KPEB_W1@Z ?SetMinLogLevel@logging@@YAXH@Z ?BaseInitLoggingImpl_built_with_NDEBUG@logging@@YA_NPEB_WW4LoggingDestination@1@W4LogLockingState@1@W4OldFileDeletionState@1@W4LogEncryptPolicy@1@@Z ??_7CFileName@Cmm@@6B@ ??_7?$CStringT@_W@Cmm@@6B@ cmm_fs_rmdirs ?ToTimeT@Time@Cmm@@QEBA_JXZ ?IsExists@CFileName@Cmm@@QEBAHXZ ?Assign@?$CStringT@_W@Cmm@@QEAAXPEB_W_K@Z ?SetLength@?$CStringT@D@Cmm@@QEAAX_K@Z ?size@?$CStringT@D@Cmm@@QEBA_KXZ ??0?$CStringT@D@Cmm@@QEAA@PEBD@Z ??Y?$CStringT@D@Cmm@@QEAAAEAV01@PEBD@Z ?GetBuffer@?$CStringT@D@Cmm@@QEAAPEAD_K@Z ?begin@?$CStringT@_W@Cmm@@QEAA?AV?$_String_iterator@V?$_String_val@U?$_Simple_types@_W@std@@@std@@@std@@XZ ?erase@?$CStringT@_W@Cmm@@QEAA?AV?$_String_iterator@V?$_String_val@U?$_Simple_types@_W@std@@@std@@@std@@V34@@Z ?find@?$CStringT@_W@Cmm@@QEBA_KPEB_W_K@Z ?find@?$CStringT@_W@Cmm@@QEBA_K_W_K@Z ?find_last_of@?$CStringT@_W@Cmm@@QEBA_K_W_K@Z ?length@?$CStringT@_W@Cmm@@QEBA_KXZ ??0?$CStringT@_W@Cmm@@QEAA@AEBV01@@Z ??0?$CStringT@_W@Cmm@@QEAA@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z ??4?$CStringT@_W@Cmm@@QEAAAEAV01@AEBV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z ?Format@?$CStringT@_W@Cmm@@QEAAXPEB_WZZ ?Compare@?$CStringT@_W@Cmm@@QEBAHPEB_W@Z ?GetAt@?$CStringT@_W@Cmm@@QEBA_WH@Z ?Left@?$CStringT@_W@Cmm@@QEBA?AV?$CRangeT@PEB_W@2@_K@Z ?Right@?$CStringT@_W@Cmm@@QEBA?AV?$CRangeT@PEB_W@2@_K@Z ?Trim@?$CStringT@_W@Cmm@@QEAAXXZ ?MakeLower@?$CStringT@_W@Cmm@@QEAAXXZ ?GetSecond@CTime@Cmm@@QEBAHXZ ?GetMinute@CTime@Cmm@@QEBAHXZ ?GetHour@CTime@Cmm@@QEBAHXZ ?GetDay@CTime@Cmm@@QEBAHXZ ?GetMonth@CTime@Cmm@@QEBAHXZ ?GetYear@CTime@Cmm@@QEBAHXZ ?GetTickCount@CTime@Cmm@@SA?AV12@XZ ??_7CmmLogGC@Cmm@@6B@ ?ResetAppData@CmmLogGC@Cmm@@UEAAHH@Z ?Init@CommandLine@Cmm@@SAXHPEBQEBD@Z ??0?$CStringT@_W@Cmm@@QEAA@AEBV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z ??8?$CStringT@_W@Cmm@@QEBA_NAEBV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z CmmMQ_TermService CmmMQ_InitService ?GetCurrentVersion@Cmm@@YAXAEAV?$CStringT@D@1@@Z ?ClearAllPackageDefines@CCmmArchiveService@Cmm@@SAXXZ ?base64FreeDecodeBuffer@Cmm@@YAXAEAPEAE@Z ?IsNewerVersion@Cmm@@YAHAEBV?$CStringT@D@1@0@Z ?base64Decode@Cmm@@YAPEAEAEBV?$CStringT@_W@1@AEAI@Z ?assign@?$CStringT@_W@Cmm@@QEAAAEAV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@PEB_W@Z ?size@?$CStringT@_W@Cmm@@QEBA_KXZ ??H?$CStringT@_W@Cmm@@QEBA?AV01@PEB_W@Z ??Y?$CStringT@_W@Cmm@@QEAAAEAV01@AEBV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z ??9?$CStringT@_W@Cmm@@QEBA_NPEB_W@Z ??9?$CStringT@_W@Cmm@@QEBA_NAEBV01@@Z ??1PolicyContext_s@zpref@@QEAA@XZ ??1CSBMBMessage_NotifyAppEvent@@UEAA@XZ ?Set_Param@CSBMBMessage_NotifyAppEvent@@QEAAXAEBV?$CStringT@_W@Cmm@@@Z ?Set_EventID@CSBMBMessage_NotifyAppEvent@@QEAAXAEBI@Z ??0CSBMBMessage_NotifyAppEvent@@QEAA@XZ ??1CSBMBMessage_NotifyBeforeTerm@@UEAA@XZ ?Set_AppName@CSBMBMessage_NotifyBeforeTerm@@QEAAXAEBV?$CStringT@D@Cmm@@@Z ??0CSBMBMessage_NotifyBeforeTerm@@QEAA@XZ ??1CSBMBMessage_NotifyAfterInit@@UEAA@XZ ?Set_AppName@CSBMBMessage_NotifyAfterInit@@QEAAXAEBV?$CStringT@D@Cmm@@@Z ??0CSBMBMessage_NotifyAfterInit@@QEAA@XZ ??1CSBMBMessage_TermThread@@UEAA@XZ ?Set_AppName@CSBMBMessage_TermThread@@QEAAXAEBV?$CStringT@D@Cmm@@@Z ??0CSBMBMessage_TermThread@@QEAA@XZ ??1CSBMBMessage_InitThread@@UEAA@XZ ?Set_AppName@CSBMBMessage_InitThread@@QEAAXAEBV?$CStringT@D@Cmm@@@Z ??0CSBMBMessage_InitThread@@QEAA@XZ ??0PolicyContext_s@zpref@@QEAA@XZ ?GetModuleFilePath@CFileName@Cmm@@QEAAXPEAUHINSTANCE__@@@Z ?CreatePolicyProvider@zpref@@YAPEAVIPolicyProvider@1@AEBUPolicyContext_s@1@@Z ?DestoryPolicyProvider@zpref@@YAXXZ ?cmm_str_convert@@YA_KHPEA_W_KPEBD1@Z ?GetAppContext@Cmm@@YAPEAVISSBAppContext@1@XZ |
DuiLib.dll |
?UnInitHdpi@CHighDpi@DuiLib@@SAXXZ
?InitHdpi@CHighDpi@DuiLib@@SAHXZ ?SetSupportHighContrast@CHighContrast@DuiLib@@QEAAX_N@Z ?Instance@CHighContrast@DuiLib@@SAPEAV12@XZ ?SetAwarenessMode@CHighDpi@DuiLib@@SA_NW4DPIAwareMode@CDpiAwarenessMode@2@@Z |
MSAALIB.dll |
ZAccTermModule
ZAccInitModule |
util.dll |
mlog_unreg
destroy_mlog_mgr enable_logger util_init ?update_log_destination@mem_log_file@ssb@@QEAAHI@Z ?destroy@mem_log_file@ssb@@SAXXZ ??1thread_mutex_recursive@ssb@@QEAA@XZ ?instance@mem_log_file@ssb@@SAPEAV12@I@Z mlog_reg util_uninit ??0thread_mutex_recursive@ssb@@QEAA@XZ |
libcrypto-1_1-x64.dll |
RAND_bytes
|
KERNEL32.dll |
ResetEvent
WaitForSingleObjectEx RtlCaptureContext RtlLookupFunctionEntry UnhandledExceptionFilter SetUnhandledExceptionFilter IsProcessorFeaturePresent IsDebuggerPresent GetStartupInfoW QueryPerformanceCounter GetCurrentThreadId HeapFree CreateFileW GetFileAttributesW OpenProcess GetLastError CloseHandle HeapAlloc GetProcAddress VerSetConditionMask GetProcessHeap VerifyVersionInfoW LoadLibraryExW InitializeCriticalSectionEx CreateDirectoryW SetErrorMode GetPrivateProfileStringW DeleteFileW GetTempFileNameW GetModuleHandleA VirtualProtect EnterCriticalSection GetCurrentProcess ReleaseSemaphore RtlVirtualUnwind TerminateProcess GetModuleFileNameW WaitForMultipleObjects LeaveCriticalSection InitializeCriticalSection SetFilePointer ResumeThread CreateToolhelp32Snapshot CreateEventW Process32NextW CreateFileA SetEvent Process32FirstW CreateThread GetWindowsDirectoryW DeleteCriticalSection GetCurrentProcessId GetModuleHandleW CreateSemaphoreW FlushInstructionCache CreateDirectoryA SetDllDirectoryW VirtualQuery FlushFileBuffers CreateProcessW FindFirstFileW SetLastError FindNextFileW ExpandEnvironmentStringsW DeviceIoControl FindClose OutputDebugStringW GetTempPathW MoveFileExW FreeLibrary MoveFileW GetSystemTimeAsFileTime InitializeSListHead InitializeCriticalSectionAndSpinCount WriteFile |
USER32.dll |
FindWindowW
DefWindowProcW DestroyWindow CreateWindowExW UnregisterClassW ShowWindow MessageBoxW GetClassInfoW RegisterClassW SetFocus UpdateWindow PostMessageW SendMessageW IsWindow GetUserObjectInformationA GetProcessWindowStation |
ADVAPI32.dll |
CheckTokenMembership
FreeSid OpenProcessToken AllocateAndInitializeSid GetTokenInformation RegQueryValueExW RegOpenKeyExW RegEnumKeyExW RegCloseKey GetUserNameW DuplicateToken |
SHELL32.dll |
SHGetSpecialFolderPathW
SHGetSpecialFolderPathA SHFileOperationW SHGetFolderPathA ShellExecuteW |
ole32.dll |
CoUninitialize
CoInitialize |
SHLWAPI.dll |
PathIsRelativeW
PathAppendW PathRemoveFileSpecW PathAddBackslashW PathRemoveBackslashW |
WINTRUST.dll |
WTHelperGetProvSignerFromChain
WTHelperProvDataFromStateData WTHelperGetProvCertFromChain WinVerifyTrust |
CRYPT32.dll |
CertGetNameStringW
|
MSVCP140.dll |
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ ?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ ?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXH@Z ??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ ??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ ?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ ?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z ?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ ?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z ?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z ?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ ?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ ??1?$basic_iostream@_WU?$char_traits@_W@std@@@std@@UEAA@XZ ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@K@Z ??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UEAA@XZ ?imbue@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAXAEBVlocale@2@@Z ?sync@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAHXZ ?setbuf@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAPEAV12@PEA_W_J@Z ?xsputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JPEB_W_J@Z ?xsgetn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JPEA_W_J@Z ?uflow@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAGXZ ??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z ??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ ?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z ?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ ?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z ?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z ?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z ?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ ?uncaught_exception@std@@YA_NXZ ?_Xlength_error@std@@YAXPEBD@Z ?sputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAA_JPEB_W_J@Z ?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAAG_W@Z ??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAA@XZ ?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAXXZ ?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV12@XZ ?gbump@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAXH@Z ?_Pninc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAPEA_WXZ ?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEAAXH_N@Z ??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IEAA@XZ ??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z ??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAA@XZ ?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAAXXZ ?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAAXXZ ?showmanyc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JXZ ?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ |
tp.dll |
?release@net_adaptors_t@ssb@@SAXAEAPEAV12@@Z
?get_adaptor_mac_addr@net_adaptors_t@ssb@@QEAA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ ?enum_netadaptors@net_adaptors_t@ssb@@SAPEAV12@XZ |
gdiplus.dll |
GdiplusShutdown
GdiplusStartup |
VCRUNTIME140_1.dll |
__CxxFrameHandler4
|
VCRUNTIME140.dll |
memcmp
memcpy __std_terminate __std_exception_destroy memmove _CxxThrowException memset __current_exception_context __current_exception __C_specific_handler wcsstr _purecall __std_exception_copy |
api-ms-win-crt-string-l1-1-0.dll |
_strnicmp
wcscpy_s towupper strcat_s towlower _wcsicmp strnlen wcscat_s |
api-ms-win-crt-heap-l1-1-0.dll |
_set_new_mode
malloc _callnewh free |
api-ms-win-crt-filesystem-l1-1-0.dll |
_wstat64i32
|
api-ms-win-crt-runtime-l1-1-0.dll |
_initterm
_get_wide_winmain_command_line _initialize_wide_environment _invalid_parameter_noinfo_noreturn _configure_wide_argv _crt_atexit _exit _initterm_e signal _set_abort_behavior _set_app_type _seh_filter_exe terminate _c_exit _register_thread_local_exe_atexit_callback exit _initialize_onexit_table _register_onexit_function _cexit |
api-ms-win-crt-convert-l1-1-0.dll |
_itow_s
|
api-ms-win-crt-environment-l1-1-0.dll |
_putenv
getenv |
api-ms-win-crt-math-l1-1-0.dll |
__setusermatherr
|
api-ms-win-crt-stdio-l1-1-0.dll |
__p__commode
_set_fmode |
api-ms-win-crt-locale-l1-1-0.dll |
_configthreadlocale
|
Signature | 0xfeef04bd |
---|---|
StructVersion | 0x10000 |
FileVersion | 5.8.1.1435 |
ProductVersion | 5.8.1.1435 |
FileFlags | (EMPTY) |
FileOs |
VOS_DOS_WINDOWS32
VOS_NT_WINDOWS32
VOS__WINDOWS32
|
FileType |
VFT_APP
|
Language | English - United States |
Comments | Zoom |
CompanyName | Zoom Video Communications, Inc. |
FileDescription | Zoom Meetings |
FileVersion (#2) | 5,8,1,1435 |
InternalName | Zoom |
LegalCopyright | © Zoom Video Communications, Inc. All rights reserved. |
LegalTrademarks | Zoom |
OriginalFilename | Zoom |
ProductName | Zoom |
ProductVersion (#2) | 5,8,1,1435 |
Resource LangID | English - United States |
---|
Characteristics |
0
|
---|---|
TimeDateStamp | 2021-Oct-09 06:41:24 |
Version | 0.0 |
SizeofData | 103 |
AddressOfRawData | 0x1a03c |
PointerToRawData | 0x18a3c |
Referenced File | c:\jenkins\workspace\Client\Client\Windows\release-64\Bin\X64\Release\Zoom.pdb |
Characteristics |
0
|
---|---|
TimeDateStamp | 2021-Oct-09 06:41:24 |
Version | 0.0 |
SizeofData | 20 |
AddressOfRawData | 0x1a0a4 |
PointerToRawData | 0x18aa4 |
Characteristics |
0
|
---|---|
TimeDateStamp | 2021-Oct-09 06:41:24 |
Version | 0.0 |
SizeofData | 920 |
AddressOfRawData | 0x1a0b8 |
PointerToRawData | 0x18ab8 |
Characteristics |
0
|
---|---|
TimeDateStamp | 2021-Oct-09 06:41:24 |
Version | 0.0 |
SizeofData | 0 |
AddressOfRawData | 0 |
PointerToRawData | 0 |
StartAddressOfRawData | 0x14001a470 |
---|---|
EndAddressOfRawData | 0x14001a478 |
AddressOfIndex | 0x140023784 |
AddressOfCallbacks | 0x140014db0 |
SizeOfZeroFill | 0 |
Characteristics |
IMAGE_SCN_ALIGN_4BYTES
|
Callbacks | (EMPTY) |
Size | 0x130 |
---|---|
TimeDateStamp | 1970-Jan-01 00:00:00 |
Version | 0.0 |
GlobalFlagsClear | (EMPTY) |
GlobalFlagsSet | (EMPTY) |
CriticalSectionDefaultTimeout | 0 |
DeCommitFreeBlockThreshold | 0 |
DeCommitTotalFreeThreshold | 0 |
LockPrefixTable | 0 |
MaximumAllocationSize | 0 |
VirtualMemoryThreshold | 0 |
ProcessAffinityMask | 0 |
ProcessHeapFlags | (EMPTY) |
CSDVersion | 0 |
Reserved1 | 0 |
EditList | 0 |
SecurityCookie | 0x140021010 |
GuardCFCheckFunctionPointer | 5368794376 |
GuardCFDispatchFunctionPointer | 0 |
GuardCFFunctionTable | 0 |
GuardCFFunctionCount | 0 |
GuardFlags | (EMPTY) |
CodeIntegrity.Flags | 0 |
CodeIntegrity.Catalog | 0 |
CodeIntegrity.CatalogOffset | 0 |
CodeIntegrity.Reserved | 0 |
GuardAddressTakenIatEntryTable | 0 |
GuardAddressTakenIatEntryCount | 0 |
GuardLongJumpTargetTable | 0 |
GuardLongJumpTargetCount | 0 |
XOR Key | 0xd674170 |
---|---|
Unmarked objects | 0 |
Imports (VS2008 SP1 build 30729) | 18 |
Imports (VS 2015/2017/2019 runtime 28920) | 6 |
C++ objects (VS 2015/2017/2019 runtime 28920) | 32 |
C objects (VS 2015/2017/2019 runtime 28920) | 10 |
ASM objects (VS 2015/2017/2019 runtime 28920) | 4 |
C objects (26715) | 1 |
262 (26715) | 1 |
Imports (VS2019 Update 6 (16.6.0) compiler 28805) | 2 |
Imports (26715) | 24 |
Imports (VS2019 Update 7 (16.7.1) compiler 29111) | 15 |
Total imports | 490 |
264 (VS2019 Update 7 (16.7.1) compiler 29111) | 14 |
Resource objects (VS2019 Update 7 (16.7.1) compiler 29111) | 1 |
151 | 1 |
Linker (VS2019 Update 7 (16.7.1) compiler 29111) | 1 |