Manalyze report for dd17533dd65295fa663947c58fd84577059ec74f074f28f7462aee633b0d72b0

Summary

Architecture	`IMAGE_FILE_MACHINE_AMD64`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2023-May-24 13:39:32
Detected languages	English - United States
TLS Callbacks	1 callback(s) detected.
Debug artifacts	CrashReportClient.pdb
CompanyName	Sharkmob
LegalCopyright	(C) 2017-2021 - Sharkmob AB
ProductName	CrashReportClient
ProductVersion	`++UE4+Sharkmob-4.26-CL-302965`
FileDescription	CrashReportClient
InternalName	UnrealEngine
OriginalFilename	CrashReportClient.exe

Plugin Output

Suspicious	Strings found in the binary may indicate undesirable behavior:	`Contains references to system / monitoring tools: RUNDLL32.EXE` `Contains domain names: curl.haxx.se example.com google.com http://msdl.microsoft.com http://msdl.microsoft.com/download/symbols http://www.google.com http://www.unicode.org http://www.unicode.org/copyright.html https://curl.haxx.se https://curl.haxx.se/docs/http-cookies.html microsoft.com msdl.microsoft.com unicode.org www.google.com www.unicode.org`
Info	Cryptographic algorithms detected in the binary:	`Uses constants related to CRC32` `Uses constants related to MD5` `Uses constants related to SHA1` `Uses constants related to SHA256` `Uses constants related to SHA512` `Uses constants related to AES` `Uses constants related to Blowfish` `Uses known Diffie-Helman primes` `Microsoft's Cryptography API`
Suspicious	The PE is possibly packed.	`Unusual section name found: .uedbg`
Malicious	The PE contains functions mostly used by malware.	`[!] The program may be hiding some of its imports: LoadLibraryExA GetProcAddress LoadLibraryW LoadLibraryA` `Functions which can be used for anti-debugging purposes: CreateToolhelp32Snapshot SwitchToThread` `Can access the registry: RegSetValueExW RegQueryValueExW RegOpenKeyExW RegEnumValueW RegEnumKeyExW RegDeleteValueW RegCreateKeyExW RegDeleteKeyExW RegCloseKey RegisterHotKey` `Possibly launches other programs: CreateProcessW ShellExecuteW` `Uses Windows's Native API: ntohl ntohs` `Uses Microsoft's cryptographic API: CryptGetProvParam CryptEnumProvidersW CryptSignHashW CryptDestroyHash CryptCreateHash CryptDecrypt CryptExportKey CryptGetUserKey CryptSetHashParam CryptDestroyKey CryptReleaseContext CryptAcquireContextW` `Can create temporary files: GetTempPathW CreateFileW` `Uses functions commonly found in keyloggers: GetForegroundWindow MapVirtualKeyW GetAsyncKeyState` `Memory manipulation functions often used by packers: VirtualAlloc VirtualProtect` `Has Internet access capabilities: WinHttpGetDefaultProxyConfiguration WinHttpGetIEProxyConfigForCurrentUser` `Leverages the raw socket API to access the Internet: accept bind closesocket connect ioctlsocket getpeername getsockname getsockopt htonl htons listen ntohl ntohs recv recvfrom select send sendto setsockopt shutdown socket gethostname WSAStartup WSACleanup WSAGetLastError getaddrinfo freeaddrinfo getnameinfo inet_pton WSAIoctl __WSAFDIsSet WSASetLastError` `Functions related to the privilege level: AdjustTokenPrivileges OpenProcessToken` `Manipulates other processes: Process32NextW Process32FirstW OpenProcess` `Can take screenshots: GetDC CreateCompatibleDC` `Reads the contents of the clipboard: GetClipboardData` `Interacts with the certificate store: CertOpenStore CertOpenSystemStoreW`
Safe	VirusTotal score: 0/35 (Scanned on 2023-10-26 05:11:56)	`All the AVs think this file is safe.`

Hashes

MD5	`7b0ce3a2af77d49c0eea3856f00dc835`
SHA1	`66db7c013f920a2756f6d36887031522ef51acc8`
SHA256	`dd17533dd65295fa663947c58fd84577059ec74f074f28f7462aee633b0d72b0`
SHA3	`d2370b636398c48742d5114f325e2456401a83e3a27192b5b7449749cb8c6ead`
SSDeep	`393216:sHjkO1OBngowPIjDLNw0IFlUM+p47e2GyqVTS:sHSPq`
Imports Hash	`514e7dda206fc7aae88388001d8d566c`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x198`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_AMD64`
NumberofSections	`8`
TimeDateStamp	2023-May-24 13:39:32
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xf0`
Characteristics	`IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LARGE_ADDRESS_AWARE`

Image Optional Header

Magic	`PE32+`
LinkerVersion	`14.0`
SizeOfCode	`0xb9e000`
SizeOfInitializedData	`0x6f5200`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x0000000000B4E1EC (Section: .text)`
BaseOfCode	`0x1000`
ImageBase	`0x140000000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`6.0`
ImageVersion	`0.0`
SubsystemVersion	`6.0`
Win32VersionValue	`0`
SizeOfImage	`0x1297000`
SizeOfHeaders	`0x400`
Checksum	`0x119d065`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0xb71b00`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`7aaefd53a95dc84e9e408232af534d1f`
SHA1	`f7c5bbfa157f1cfdcf0675b23c65c9080bb9b39b`
SHA256	`1403bdaffe3cab2d2c1e0e52ccc4c83993a6a8857c4dc8cbbfa1a50ef1367efa`
SHA3	`6885c1cb723add7c1377a675fb6821db19bdc5d89e08a5d90e7917362225dc62`
VirtualSize	`0xb7ec37`
VirtualAddress	`0x1000`
SizeOfRawData	`0xb7ee00`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.407`

.uedbg

MD5	`0a79d3a4c356190bd026659cbae60aaf`
SHA1	`20a53b5af5cf16e2ad266e5aa560a6b513248d7f`
SHA256	`d0f91fdc95229a1ed58975ea17c8c09ffe6ffd97ec1e0a71bcebe5247aa22229`
SHA3	`f317d04ae4dfe8392ffbcb2dad33dd7b0f2609a9e47d146ad605f015e8f8088a`
VirtualSize	`0x1f160`
VirtualAddress	`0xb80000`
SizeOfRawData	`0x1f200`
PointerToRawData	`0xb7f200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.10515`

.rdata

MD5	`d78e4c98128be49c08edcd8a40076e96`
SHA1	`a8947f36f27847835f34e37167d52d5b7d1cd007`
SHA256	`b8d1310a08201fc4e7054ac89f47c3c22559b23d38c3ead71d2e5226f4aeedc5`
SHA3	`40ff6ea59f03eb74ba82e3c997d368e195d131d183d337eea8d04b02e9412b11`
VirtualSize	`0x3d1742`
VirtualAddress	`0xba0000`
SizeOfRawData	`0x3d1800`
PointerToRawData	`0xb9e400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`5.78393`

.data

MD5	`4ce2dc57915842176d1af6bc4c9177d1`
SHA1	`aa39afb7305aa6da9563bca1fe5eea9e981bcf89`
SHA256	`ef5fd5dd0dff0d33fa43f9479e75099201bf27070285972eb4c5ddc67d656b47`
SHA3	`28033808b40f2facb893e831b370848f0d60d35053b47c07b58c868a9495ea1b`
VirtualSize	`0x264ec0`
VirtualAddress	`0xf72000`
SizeOfRawData	`0x165e00`
PointerToRawData	`0xf6fc00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`5.44434`

.pdata

MD5	`81cf58e6f561be8339bba3c574f33d90`
SHA1	`ce2ea5fda09d8b548cf7346d480fa99f6b91699e`
SHA256	`70550635c175db109b5fa419d290ce6fd265953852cc499eb80be6ba8dfc87ce`
SHA3	`6fb2fbe55932f7fbad851f80c2edde858671c810d5288367361973d359f7f266`
VirtualSize	`0x8fc94`
VirtualAddress	`0x11d7000`
SizeOfRawData	`0x8fe00`
PointerToRawData	`0x10d5a00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`6.51276`

_RDATA

MD5	`da375b1e728e885e8dc1b4097420571e`
SHA1	`aabbbf4317bf533ca15caa0551aa92c171458262`
SHA256	`4c789442fefac42305c7957e429836e4b18558e1057abe94f56fb3dfec98d9f9`
SHA3	`6f8904c50b3bebec462c287984ccaddaaa736133d6be4f996a5f7931793010ee`
VirtualSize	`0x2308`
VirtualAddress	`0x1267000`
SizeOfRawData	`0x2400`
PointerToRawData	`0x1165800`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`6.05025`

.rsrc

MD5	`b3941960dd489fcecede04ce027e7881`
SHA1	`37ac7168fbb272e6b08b4115de63d5c56d6a550f`
SHA256	`ce8e1f81991fa2a538bd11f2ddb04c7e4c3c4ae60390869c0938e07fee23e4d5`
SHA3	`16608fc303bebb21012b5205651b1f0d6c3b62e9c90f9840e8bc08c74dff4f5f`
VirtualSize	`0x11a00`
VirtualAddress	`0x126a000`
SizeOfRawData	`0x11a00`
PointerToRawData	`0x1167c00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`6.56883`

.reloc

MD5	`f516afba341b6b9e7613c60ed52bbd95`
SHA1	`b909ef656be9feab226a8abcc0c2fafe0aafa9cb`
SHA256	`745cdeab61e40086b7e3c5a91efb08e6564d83d11678a4cd71bae8b04f3aebee`
SHA3	`3252b64e944d7001607874e2ef8910b608d2a2d4b1f88197e14bca3e82d1127b`
VirtualSize	`0x1ad30`
VirtualAddress	`0x127c000`
SizeOfRawData	`0x1ae00`
PointerToRawData	`0x1179600`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`5.4669`

Imports

XINPUT1_3.dll	`#3` `#2`
ADVAPI32.dll	`CryptGetProvParam` `RegDeleteTreeW` `RegSetValueExW` `DeregisterEventSource` `RegisterEventSourceW` `ReportEventW` `RegQueryValueExW` `GetUserNameW` `RegOpenKeyExW` `RegEnumValueW` `RegEnumKeyExW` `RegDeleteValueW` `RegCreateKeyExW` `CryptEnumProvidersW` `CryptSignHashW` `CryptDestroyHash` `CryptCreateHash` `CryptDecrypt` `CryptExportKey` `CryptGetUserKey` `CryptSetHashParam` `CryptDestroyKey` `CryptReleaseContext` `CryptAcquireContextW` `LookupPrivilegeValueA` `AdjustTokenPrivileges` `OpenProcessToken` `RegDeleteKeyExW` `RegCloseKey`
USER32.dll	`GetCursorPos` `GetClipCursor` `ClientToScreen` `WindowFromPoint` `SetCursor` `GetDlgItem` `SetDlgItemTextW` `GetSystemMetrics` `SetForegroundWindow` `SetWindowTextW` `ClipCursor` `MessageBoxW` `ScreenToClient` `GetTopWindow` `GetWindowThreadProcessId` `EnumDisplayDevicesW` `GetKeyboardLayout` `DisableProcessWindowsGhosting` `TranslateMessage` `DispatchMessageW` `GetRawInputDeviceList` `GetProcessWindowStation` `GetUserObjectInformationW` `SetCursorPos` `ShowCursor` `AdjustWindowRectEx` `GetClientRect` `SetWindowLongPtrW` `DefWindowProcW` `RegisterClassW` `UnregisterClassW` `CreateWindowExW` `IsWindow` `GetWindowLongPtrW` `ShowWindow` `SetLayeredWindowAttributes` `FlashWindowEx` `GetWindowPlacement` `SetWindowPlacement` `IsIconic` `SetWindowRgn` `ReleaseDC` `GetDC` `GetForegroundWindow` `SetActiveWindow` `RegisterRawInputDevices` `GetRawInputDeviceInfoA` `GetRawInputData` `UpdateWindow` `EnableMenuItem` `GetSystemMenu` `IsWindowEnabled` `EnableWindow` `IsZoomed` `OpenClipboard` `CloseClipboard` `SetClipboardData` `GetClipboardData` `GetWindowInfo` `EnumDisplayMonitors` `GetMonitorInfoW` `MonitorFromWindow` `MonitorFromRect` `MonitorFromPoint` `SystemParametersInfoW` `EnumDisplaySettingsW` `CreateIconIndirect` `LoadImageW` `LoadIconW` `LoadCursorFromFileW` `LoadCursorW` `SendMessageW` `RegisterClassExW` `MoveWindow` `MsgWaitForMultipleObjects` `DestroyWindow` `SetRect` `GetWindowLongW` `SetWindowLongW` `ReleaseCapture` `SetCapture` `GetCapture` `MapVirtualKeyW` `RegisterTouchWindow` `CloseTouchInputHandle` `GetTouchInputInfo` `GetAsyncKeyState` `GetKeyState` `GetFocus` `GetActiveWindow` `EndDialog` `DialogBoxParamW` `SetWindowPos` `PostQuitMessage` `UnregisterHotKey` `RegisterHotKey` `PeekMessageW` `SetFocus` `GetWindowRect` `EmptyClipboard`
GDI32.dll	`DeleteObject` `GetDeviceCaps` `PtInRegion` `SelectObject` `CreateCompatibleDC` `DeleteDC` `GetTextExtentPoint32W` `SwapBuffers` `SetPixelFormat` `ChoosePixelFormat` `GetTextMetricsW` `CreateFontW` `CreateBitmap` `CreateFontIndirectW` `CreateRectRgn` `CreateRoundRectRgn`
CRYPT32.dll	`CertGetNameStringW` `CertDuplicateCertificateContext` `CertFreeCertificateContext` `CertGetCertificateContextProperty` `CertFindCertificateInStore` `CertOpenStore` `CertCloseStore` `CertEnumCertificatesInStore` `CertOpenSystemStoreW`
WS2_32.dll	`accept` `bind` `closesocket` `connect` `ioctlsocket` `getpeername` `getsockname` `getsockopt` `htonl` `htons` `listen` `ntohl` `ntohs` `recv` `recvfrom` `select` `send` `sendto` `setsockopt` `shutdown` `socket` `gethostname` `WSAStartup` `WSACleanup` `WSAGetLastError` `getaddrinfo` `freeaddrinfo` `getnameinfo` `inet_pton` `WSAIoctl` `__WSAFDIsSet` `WSASetLastError`
WLDAP32.dll	`#27` `#301` `#200` `#30` `#79` `#35` `#33` `#32` `#143` `#26` `#22` `#41` `#50` `#60` `#211` `#46`
Normaliz.dll	`IdnToAscii`
d3d11.dll	`D3D11CreateDevice`
D3DCOMPILER_43.dll	`D3DCompile` `D3DReflect`
dbghelp.dll	`SymGetOptions` `SymSetOptions` `MiniDumpWriteDump` `StackWalk64` `SymGetModuleInfoW64` `SymGetModuleBase64` `SymGetLineFromAddr64` `SymInitializeW` `SymGetSymFromAddr64` `SymFunctionTableAccess64` `SymRefreshModuleList` `SymGetModuleInfo64`
WINMM.dll	`timeBeginPeriod`
KERNEL32.dll	`ReleaseSemaphore` `SetEvent` `QueryPerformanceFrequency` `PeekNamedPipe` `SetThreadErrorMode` `OutputDebugStringW` `GetTempPathW` `GetLongPathNameW` `GetCurrentDirectoryW` `SetCurrentDirectoryW` `GetEnvironmentVariableW` `VerSetConditionMask` `RtlCaptureStackBackTrace` `Sleep` `CreateToolhelp32Snapshot` `K32GetModuleFileNameExW` `K32EnumProcessModulesEx` `SystemTimeToFileTime` `FileTimeToSystemTime` `MoveFileW` `UnmapViewOfFile` `MapViewOfFile` `CreateFileMappingW` `GetProcessId` `SuspendThread` `OpenThread` `GetProcessTimes` `TerminateProcess` `GetExitCodeProcess` `SwitchToThread` `CreateThread` `GetCurrentThread` `SetThreadPriority` `CreateProcessW` `GlobalMemoryStatusEx` `GetSystemInfo` `GetSystemTime` `FreeLibrary` `GetModuleFileNameW` `GetCurrentProcessId` `LoadLibraryExA` `VirtualQuery` `CreateSemaphoreA` `LocalFree` `VerifyVersionInfoA` `GetModuleHandleA` `GetSystemDirectoryA` `ExpandEnvironmentStringsA` `WaitForMultipleObjects` `WaitForSingleObjectEx` `SleepEx` `InitializeCriticalSectionEx` `GetTickCount64` `FormatMessageA` `ReadConsoleW` `ReadConsoleA` `SetConsoleMode` `GetConsoleMode` `GetCurrentProcess` `ConvertFiberToThread` `WideCharToMultiByte` `MultiByteToWideChar` `CreateFiber` `DeleteFiber` `SwitchToFiber` `GetSystemTimeAsFileTime` `GetLocalTime` `InitializeCriticalSectionAndSpinCount` `GetDateFormatEx` `GetTimeFormatEx` `GetTimeZoneInformation` `SystemTimeToTzSpecificLocalTime` `ResolveLocaleName` `GetCurrencyFormatEx` `GetModuleHandleW` `GetVersionExW` `GetLogicalProcessorInformationEx` `GetNativeSystemInfo` `GetModuleHandleExW` `GetProcAddress` `LoadResource` `GetNumberFormatEx` `LocaleNameToLCID` `LCIDToLocaleName` `LockResource` `SizeofResource` `FindResourceW` `LoadLibraryW` `ConvertThreadToFiber` `RtlCaptureContext` `RtlLookupFunctionEntry` `RtlVirtualUnwind` `UnhandledExceptionFilter` `SetUnhandledExceptionFilter` `IsProcessorFeaturePresent` `InitializeSListHead` `IsDebuggerPresent` `VirtualAlloc` `VirtualProtect` `GetUserGeoID` `VirtualFree` `GetGeoInfoW` `GetThreadContext` `GetStartupInfoW` `GetDynamicTimeZoneInformation` `GetLocaleInfoEx` `GetACP` `GetEnvironmentVariableA` `LoadLibraryA` `VirtualUnlock` `GetLargePageMinimum` `FlsSetValue` `FlsAlloc` `GetModuleHandleExA` `SetErrorMode` `MulDiv` `SetConsoleWindowInfo` `SetConsoleTextAttribute` `SetConsoleScreenBufferSize` `GetConsoleScreenBufferInfo` `AttachConsole` `FreeConsole` `AllocConsole` `GlobalLock` `GlobalUnlock` `GlobalAlloc` `DebugBreak` `ResumeThread` `GetVersion` `GetProcessHandleCount` `CreateWaitableTimerW` `SetWaitableTimer` `Process32NextW` `Process32FirstW` `K32GetProcessMemoryInfo` `GetConsoleWindow` `SetConsoleCtrlHandler` `GetUserDefaultLocaleName` `GetUserPreferredUILanguages` `GetSystemPowerStatus` `VerifyVersionInfoW` `GetComputerNameW` `QueryFullProcessImageNameW` `FormatMessageW` `SetThreadAffinityMask` `InitializeCriticalSection` `SetCriticalSectionSpinCount` `EnterCriticalSection` `LeaveCriticalSection` `DeleteCriticalSection` `QueryPerformanceCounter` `GetCurrentThreadId` `GetStdHandle` `GetCommandLineW` `FindClose` `FindFirstFileW` `GetFileType` `OpenProcess` `WriteConsoleW` `TlsAlloc` `TlsGetValue` `TlsSetValue` `TlsFree` `InitializeSRWLock` `AcquireSRWLockShared` `ReleaseSRWLockShared` `AcquireSRWLockExclusive` `ReleaseSRWLockExclusive` `HeapSetInformation` `SetHandleInformation` `CreatePipe` `CreateDirectoryW` `CreateFileW` `DeleteFileW` `FindNextFileW` `FlushFileBuffers` `GetFileAttributesW` `GetFileAttributesExW` `GetFileSizeEx` `GetFinalPathNameByHandleW` `ReadFile` `RemoveDirectoryW` `SetEndOfFile` `SetFileAttributesW` `SetFilePointer` `SetFileTime` `WriteFile` `CloseHandle` `RaiseException` `GetLastError` `SetLastError` `GetOverlappedResult` `ResetEvent` `WaitForSingleObject` `CreateEventW` `SetProcessAffinityMask`
COMDLG32.dll	`ChooseFontW`
SHELL32.dll	`SHGetFolderPathW` `SHGetKnownFolderPath` `SHCreateItemFromParsingName` `ShellExecuteW` `ShellExecuteExW`
ole32.dll	`CoInitialize` `ReleaseStgMedium` `RevokeDragDrop` `RegisterDragDrop` `OleUninitialize` `OleInitialize` `CoTaskMemFree` `CoCreateGuid` `CoCreateInstance` `CoUninitialize`
OLEAUT32.dll	`SafeArrayPutElement` `SafeArrayCreateVector` `VariantCopy` `SysAllocString` `SysFreeString`
IPHLPAPI.DLL	`GetAdaptersAddresses`
SETUPAPI.dll	`SetupDiOpenDevRegKey` `CM_Get_Device_IDW` `SetupDiGetClassDevsExW` `SetupDiDestroyDeviceInfoList` `SetupDiEnumDeviceInfo`
dwmapi.dll	`DwmIsCompositionEnabled` `DwmSetWindowAttribute` `DwmExtendFrameIntoClientArea` `DwmGetCompositionTimingInfo`
IMM32.dll	`ImmReleaseContext` `ImmSetCandidateWindow` `ImmGetDescriptionW` `ImmGetIMEFileNameW` `ImmGetProperty` `ImmCreateContext` `ImmDestroyContext` `ImmGetContext` `ImmAssociateContext` `ImmGetCompositionStringW` `ImmNotifyIME` `ImmSetCompositionWindow`
UIAutomationCore.DLL	`UiaHostProviderFromHwnd` `UiaReturnRawElementProvider` `UiaRaiseAutomationEvent` `UiaClientsAreListening` `UiaRaiseAutomationPropertyChangedEvent`
WINHTTP.dll	`WinHttpGetDefaultProxyConfiguration` `WinHttpGetIEProxyConfigForCurrentUser`
OPENGL32.dll	`glScissor` `glStencilFunc` `glStencilMask` `glStencilOp` `glPolygonMode` `glTexImage2D` `glTexParameteri` `glPixelStorei` `glTexSubImage2D` `glGenTextures` `glEnable` `glViewport` `wglCreateContext` `wglDeleteContext` `wglGetProcAddress` `wglMakeCurrent` `glAlphaFunc` `glBindTexture` `glBlendFunc` `glDeleteTextures` `glTexEnvi` `glDisable`
MSVCP140.dll	`_Mtx_init_in_situ` `_Mtx_destroy_in_situ` `_Mtx_lock` `_Mtx_unlock` `_Cnd_init_in_situ` `_Cnd_destroy_in_situ` `_Cnd_wait` `_Cnd_broadcast` `?_Throw_C_error@std@@YAXH@Z` `?_Xlength_error@std@@YAXPEBD@Z` `?uncaught_exception@std@@YA_NXZ` `?_Xout_of_range@std@@YAXPEBD@Z` `??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ` `??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ` `?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z` `?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z` `?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ` `??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ` `?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z` `??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ` `?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ` `?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ` `??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z` `??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ` `?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ` `?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ` `?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z` `?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z` `?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ` `?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ` `?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ` `?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z` `?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z` `??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ` `??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z` `??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_K@Z` `??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z` `?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEBD_J@Z` `?seekp@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@V?$fpos@U_Mbstatet@@@2@@Z` `?tellp@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA?AV?$fpos@U_Mbstatet@@@2@XZ` `_Thrd_yield`
VERSION.dll	`GetFileVersionInfoSizeW` `VerQueryValueW` `GetFileVersionInfoW`
dbgeng.dll	`DebugCreate`
bcrypt.dll	`BCryptGenRandom`
VCRUNTIME140.dll	`__intrinsic_setjmp` `__current_exception_context` `__current_exception` `__RTDynamicCast` `__std_type_info_name` `__std_type_info_compare` `__RTtypeid` `__CxxFrameHandler3` `strchr` `_CxxThrowException` `__std_exception_destroy` `__std_exception_copy` `__std_terminate` `memchr` `_set_purecall_handler` `__C_specific_handler` `strstr` `wcschr` `wcsrchr` `_purecall` `memcpy` `longjmp` `memmove` `memset` `wcsstr` `memcmp` `strrchr`
VCRUNTIME140_1.dll	`__CxxFrameHandler4`
api-ms-win-crt-convert-l1-1-0.dll	`strtoul` `strtol` `_strtoi64` `strtod` `_wtoi64` `atof` `_wcstoi64` `_wcstoui64` `atoi` `wcstod` `wcstoul` `strtoll` `_wtoi` `_wtof`
api-ms-win-crt-utility-l1-1-0.dll	`rand` `srand` `qsort` `bsearch` `div`
api-ms-win-crt-stdio-l1-1-0.dll	`fread` `_set_fmode` `_fileno` `__acrt_iob_func` `__stdio_common_vfwprintf` `__stdio_common_vswprintf` `fflush` `_setmode` `_open` `__stdio_common_vsprintf` `_close` `_write` `setbuf` `clearerr` `_read` `__stdio_common_vfprintf` `feof` `fseek` `ftell` `__p__commode` `_lseeki64` `fputs` `__stdio_common_vsscanf` `_wfopen` `fopen` `fgets` `fwrite` `fclose` `fputc` `ferror`
api-ms-win-crt-string-l1-1-0.dll	`isalpha` `strpbrk` `iswdigit` `isalnum` `iswxdigit` `_strdup` `strspn` `strcspn` `iswpunct` `toupper` `_stricmp` `strncat` `isdigit` `isupper` `islower` `isgraph` `strncpy` `isspace` `strncmp` `wcsncmp` `tolower` `wcsncpy` `isprint` `iswalnum` `iswlower` `strcmp` `iswalpha` `isxdigit` `_strnicmp` `iswspace`
api-ms-win-crt-heap-l1-1-0.dll	`_aligned_malloc` `_aligned_free` `_heapchk` `calloc` `free` `malloc` `_set_new_mode` `_get_heap_handle` `realloc`
api-ms-win-crt-math-l1-1-0.dll	`truncf` `ceilf` `trunc` `logf` `floorf` `tan` `sqrt` `sin` `cos` `modf` `_isnan` `atan2` `atan` `asin` `frexp` `_finite` `cosf` `powf` `sinf` `round` `_dtest` `_dsign` `pow` `log` `fmod` `floor` `ceil` `__setusermatherr`
api-ms-win-crt-runtime-l1-1-0.dll	`_errno` `strerror_s` `_invalid_parameter_noinfo_noreturn` `_getpid` `_beginthreadex` `abort` `__sys_nerr` `signal` `_cexit` `raise` `_exit` `_register_thread_local_exe_atexit_callback` `_seh_filter_exe` `_set_app_type` `strerror` `_initterm_e` `terminate` `_register_onexit_function` `_initialize_onexit_table` `_initialize_narrow_environment` `_get_narrow_winmain_command_line` `exit` `_crt_atexit` `_c_exit` `_initterm` `_configure_narrow_argv`
api-ms-win-crt-environment-l1-1-0.dll	`getenv`
api-ms-win-crt-conio-l1-1-0.dll	`_cputs`
api-ms-win-crt-time-l1-1-0.dll	`_gmtime64` `_gmtime64_s` `_time64` `__timezone` `_tzset` `__tzname`
api-ms-win-crt-filesystem-l1-1-0.dll	`_fstat64i32` `_stat64i32` `_fstat64` `_stat64`
api-ms-win-crt-locale-l1-1-0.dll	`_configthreadlocale`
turbojpeg.dll (delay-loaded)	`tjDestroy` `tjCompress2` `tjInitDecompress` `tjDecompressHeader3` `tjDecompress2` `tjInitCompress`

Delayed Imports

Attributes	`0x1`
Name	`turbojpeg.dll`
ModuleHandle	`0x11d5f18`
DelayImportAddressTable	`0x10d7cc0`
DelayImportNameTable	`0xf6ab58`
BoundDelayImportTable	`0xf6abf8`
UnloadDelayImportTable	`0xf6ac30`
TimeStamp	`1970-Jan-01 00:00:00`

png_access_version_number

Ordinal	`1`
Address	`0xaf60`

png_benign_error

Ordinal	`2`
Address	`0xf410`

png_build_grayscale_palette

Ordinal	`3`
Address	`0x17680`

png_calloc

Ordinal	`4`
Address	`0x18660`

png_chunk_benign_error

Ordinal	`5`
Address	`0xf6a0`

png_chunk_error

Ordinal	`6`
Address	`0xf430`

png_chunk_warning

Ordinal	`7`
Address	`0xf610`

png_convert_from_struct_tm

Ordinal	`8`
Address	`0xdb20`

png_convert_from_time_t

Ordinal	`9`
Address	`0xdb50`

png_convert_to_rfc1123

Ordinal	`10`
Address	`0xada0`

png_create_info_struct

Ordinal	`11`
Address	`0xa740`

png_create_read_struct

Ordinal	`12`
Address	`0xf830`

png_create_read_struct_2

Ordinal	`13`
Address	`0xf850`

png_create_write_struct

Ordinal	`14`
Address	`0xdbc0`

png_create_write_struct_2

Ordinal	`15`
Address	`0xdbe0`

png_data_freer

Ordinal	`16`
Address	`0xa8f0`

png_destroy_info_struct

Ordinal	`17`
Address	`0xa7e0`

png_destroy_read_struct

Ordinal	`18`
Address	`0x10ae0`

png_destroy_write_struct

Ordinal	`19`
Address	`0xe300`

png_error

Ordinal	`20`
Address	`0xf260`

png_free

Ordinal	`21`
Address	`0x18760`

png_free_data

Ordinal	`22`
Address	`0xa930`

png_free_default

Ordinal	`23`
Address	`0x18790`

png_get_IHDR

Ordinal	`24`
Address	`0x1ad00`

png_get_PLTE

Ordinal	`25`
Address	`0x1b090`

png_get_bKGD

Ordinal	`26`
Address	`0x1a9a0`

png_get_bit_depth

Ordinal	`27`
Address	`0x1a3f0`

png_get_cHRM

Ordinal	`28`
Address	`0x1a9d0`

png_get_cHRM_fixed

Ordinal	`29`
Address	`0x1ab00`

png_get_channels

Ordinal	`30`
Address	`0x1a970`

png_get_chunk_cache_max

Ordinal	`31`
Address	`0x1b270`

png_get_chunk_malloc_max

Ordinal	`32`
Address	`0x1b280`

png_get_color_type

Ordinal	`33`
Address	`0x1a400`

png_get_compression_buffer_size

Ordinal	`34`
Address	`0x1b240`

png_get_compression_type

Ordinal	`35`
Address	`0x1a430`

png_get_copyright

Ordinal	`36`
Address	`0xaec0`

png_get_current_pass_number

Ordinal	`37`
Address	`0x182e0`

png_get_current_row_number

Ordinal	`38`
Address	`0x182c0`

png_get_error_ptr

Ordinal	`39`
Address	`0xf820`

png_get_filter_type

Ordinal	`40`
Address	`0x1a410`

png_get_gAMA

Ordinal	`41`
Address	`0x1abe0`

png_get_gAMA_fixed

Ordinal	`42`
Address	`0x1abb0`

png_get_hIST

Ordinal	`43`
Address	`0x1acd0`

png_get_header_ver

Ordinal	`44`
Address	`0xaed0`

png_get_header_version

Ordinal	`45`
Address	`0xaee0`

png_get_iCCP

Ordinal	`46`
Address	`0x1ac40`

png_get_image_height

Ordinal	`47`
Address	`0x1a3e0`

png_get_image_width

Ordinal	`48`
Address	`0x1a3d0`

png_get_int_32

Ordinal	`49`
Address	`0x245f0`

png_get_interlace_type

Ordinal	`50`
Address	`0x1a420`

png_get_io_chunk_name

Ordinal	`51`
Address	`0x1b2b0`

png_get_io_chunk_type

Ordinal	`52`
Address	`0x1b2a0`

png_get_io_ptr

Ordinal	`53`
Address	`0xad80`

png_get_io_state

Ordinal	`54`
Address	`0x1b290`

png_get_libpng_ver

Ordinal	`55`
Address	`0xaed0`

png_get_mem_ptr

Ordinal	`56`
Address	`0x18850`

png_get_oFFs

Ordinal	`57`
Address	`0x1adf0`

png_get_pCAL

Ordinal	`58`
Address	`0x1ae40`

png_get_pHYs

Ordinal	`59`
Address	`0x1b030`

png_get_pHYs_dpi

Ordinal	`60`
Address	`0x1a8c0`

png_get_pixel_aspect_ratio

Ordinal	`61`
Address	`0x1a4d0`

png_get_pixel_aspect_ratio_fixed

Ordinal	`62`
Address	`0x1a510`

png_get_pixels_per_inch

Ordinal	`63`
Address	`0x1a640`

png_get_pixels_per_meter

Ordinal	`64`
Address	`0x1a4a0`

png_get_rgb_to_gray_status

Ordinal	`65`
Address	`0x1b220`

png_get_rowbytes

Ordinal	`66`
Address	`0x1a390`

png_get_rows

Ordinal	`67`
Address	`0x1a3b0`

png_get_sBIT

Ordinal	`68`
Address	`0x1b0c0`

png_get_sCAL

Ordinal	`69`
Address	`0x1af80`

png_get_sCAL_fixed

Ordinal	`70`
Address	`0x1aef0`

png_get_sCAL_s

Ordinal	`71`
Address	`0x1aff0`

png_get_sPLT

Ordinal	`72`
Address	`0x1aca0`

png_get_sRGB

Ordinal	`73`
Address	`0x1ac10`

png_get_signature

Ordinal	`74`
Address	`0x1a980`

png_get_tIME

Ordinal	`75`
Address	`0x1b130`

png_get_tRNS

Ordinal	`76`
Address	`0x1b160`

png_get_text

Ordinal	`77`
Address	`0x1b0f0`

png_get_uint_16

Ordinal	`78`
Address	`0x24600`

png_get_uint_31

Ordinal	`79`
Address	`0x245d0`

png_get_uint_32

Ordinal	`80`
Address	`0x245f0`

png_get_unknown_chunks

Ordinal	`81`
Address	`0x1b1f0`

png_get_user_chunk_ptr

Ordinal	`82`
Address	`0x1b230`

png_get_user_height_max

Ordinal	`83`
Address	`0x1b260`

png_get_user_transform_ptr

Ordinal	`84`
Address	`0x182b0`

png_get_user_width_max

Ordinal	`85`
Address	`0x1b250`

png_get_valid

Ordinal	`86`
Address	`0x1a370`

png_get_x_offset_inches

Ordinal	`87`
Address	`0x1a840`

png_get_x_offset_inches_fixed

Ordinal	`88`
Address	`0x1a7c0`

png_get_x_offset_microns

Ordinal	`89`
Address	`0x1a580`

png_get_x_offset_pixels

Ordinal	`90`
Address	`0x1a5e0`

png_get_x_pixels_per_inch

Ordinal	`91`
Address	`0x1a6c0`

png_get_x_pixels_per_meter

Ordinal	`92`
Address	`0x1a440`

png_get_y_offset_inches

Ordinal	`93`
Address	`0x1a880`

png_get_y_offset_inches_fixed

Ordinal	`94`
Address	`0x1a800`

png_get_y_offset_microns

Ordinal	`95`
Address	`0x1a5b0`

png_get_y_offset_pixels

Ordinal	`96`
Address	`0x1a610`

png_get_y_pixels_per_inch

Ordinal	`97`
Address	`0x1a740`

png_get_y_pixels_per_meter

Ordinal	`98`
Address	`0x1a470`

png_handle_as_unknown

Ordinal	`99`
Address	`0xaef0`

png_info_init_3

Ordinal	`100`
Address	`0xa790`

png_init_io

Ordinal	`101`
Address	`0xad90`

png_longjmp

Ordinal	`102`
Address	`0xf7c0`

png_malloc

Ordinal	`103`
Address	`0x186e0`

png_malloc_default

Ordinal	`104`
Address	`0x18740`

png_malloc_warn

Ordinal	`105`
Address	`0x187b0`

png_permit_mng_features

Ordinal	`106`
Address	`0x1a060`

png_read_end

Ordinal	`107`
Address	`0x10630`

png_read_image

Ordinal	`108`
Address	`0x10540`

png_read_info

Ordinal	`109`
Address	`0xfbc0`

png_read_png

Ordinal	`110`
Address	`0x10f00`

png_read_row

Ordinal	`111`
Address	`0xffe0`

png_read_rows

Ordinal	`112`
Address	`0x10470`

png_read_update_info

Ordinal	`113`
Address	`0xff70`

png_reset_zstream

Ordinal	`114`
Address	`0xaf40`

png_save_int_32

Ordinal	`115`
Address	`0x1b2c0`

png_save_uint_16

Ordinal	`116`
Address	`0x1b2e0`

png_save_uint_32

Ordinal	`117`
Address	`0x1b2c0`

png_set_IHDR

Ordinal	`118`
Address	`0x18ce0`

png_set_PLTE

Ordinal	`119`
Address	`0x194a0`

png_set_add_alpha

Ordinal	`120`
Address	`0x17930`

png_set_bKGD

Ordinal	`121`
Address	`0x18860`

png_set_background

Ordinal	`122`
Address	`0x11330`

png_set_background_fixed

Ordinal	`123`
Address	`0x112c0`

png_set_benign_errors

Ordinal	`124`
Address	`0x1a340`

png_set_bgr

Ordinal	`125`
Address	`0x17820`

png_set_cHRM

Ordinal	`126`
Address	`0x18970`

png_set_cHRM_fixed

Ordinal	`127`
Address	`0x18890`

png_set_chunk_cache_max

Ordinal	`128`
Address	`0x1a320`

png_set_chunk_malloc_max

Ordinal	`129`
Address	`0x1a330`

png_set_compression_buffer_size

Ordinal	`130`
Address	`0x1a260`

png_set_compression_level

Ordinal	`131`
Address	`0xef70`

png_set_compression_mem_level

Ordinal	`132`
Address	`0xef90`

png_set_compression_method

Ordinal	`133`
Address	`0xf040`

png_set_compression_strategy

Ordinal	`134`
Address	`0xefb0`

png_set_compression_window_bits

Ordinal	`135`
Address	`0xefd0`

png_set_crc_action

Ordinal	`136`
Address	`0x111d0`

png_set_error_fn

Ordinal	`137`
Address	`0xf800`

png_set_expand

Ordinal	`138`
Address	`0x12080`

png_set_expand_16

Ordinal	`139`
Address	`0x120e0`

png_set_expand_gray_1_2_4_to_8

Ordinal	`140`
Address	`0x120a0`

png_set_filler

Ordinal	`141`
Address	`0x178d0`

png_set_filter

Ordinal	`142`
Address	`0xe5b0`

png_set_filter_heuristics

Ordinal	`143`
Address	`0xe7f0`

png_set_filter_heuristics_fixed

Ordinal	`144`
Address	`0xed40`

png_set_flush

Ordinal	`145`
Address	`0xe1f0`

png_set_gAMA

Ordinal	`146`
Address	`0x18ba0`

png_set_gAMA_fixed

Ordinal	`147`
Address	`0x18b70`

png_set_gamma

Ordinal	`148`
Address	`0x11fd0`

png_set_gamma_fixed

Ordinal	`149`
Address	`0x11f50`

png_set_gray_to_rgb

Ordinal	`150`
Address	`0x12110`

png_set_hIST

Ordinal	`151`
Address	`0x18bf0`

png_set_iCCP

Ordinal	`152`
Address	`0x19640`

png_set_interlace_handling

Ordinal	`153`
Address	`0x178b0`

png_set_invalid

Ordinal	`154`
Address	`0x1a2e0`

png_set_invert_alpha

Ordinal	`155`
Address	`0x179c0`

png_set_invert_mono

Ordinal	`156`
Address	`0x179d0`

png_set_keep_unknown_chunks

Ordinal	`157`
Address	`0x1a080`

png_set_longjmp_fn

Ordinal	`158`
Address	`0xf7a0`

png_set_mem_fn

Ordinal	`159`
Address	`0x18830`

png_set_oFFs

Ordinal	`160`
Address	`0x18de0`

png_set_pCAL

Ordinal	`161`
Address	`0x18e10`

png_set_pHYs

Ordinal	`162`
Address	`0x19470`

png_set_packing

Ordinal	`163`
Address	`0x17850`

png_set_packswap

Ordinal	`164`
Address	`0x17870`

png_set_palette_to_rgb

Ordinal	`165`
Address	`0x12080`

png_set_quantize

Ordinal	`166`
Address	`0x11400`

png_set_read_fn

Ordinal	`167`
Address	`0x18480`

png_set_read_status_fn

Ordinal	`168`
Address	`0x10ef0`

png_set_read_user_chunk_fn

Ordinal	`169`
Address	`0x1a1f0`

png_set_read_user_transform_fn

Ordinal	`170`
Address	`0x12340`

png_set_rgb_to_gray

Ordinal	`171`
Address	`0x12220`

png_set_rgb_to_gray_fixed

Ordinal	`172`
Address	`0x12130`

png_set_rows

Ordinal	`173`
Address	`0x1a210`

png_set_sBIT

Ordinal	`174`
Address	`0x19570`

png_set_sCAL

Ordinal	`175`
Address	`0x192a0`

png_set_sCAL_fixed

Ordinal	`176`
Address	`0x193a0`

png_set_sCAL_s

Ordinal	`177`
Address	`0x190e0`

png_set_sPLT

Ordinal	`178`
Address	`0x19c80`

png_set_sRGB

Ordinal	`179`
Address	`0x19590`

png_set_sRGB_gAMA_and_cHRM

Ordinal	`180`
Address	`0x195b0`

png_set_shift

Ordinal	`181`
Address	`0x17890`

png_set_sig_bytes

Ordinal	`182`
Address	`0xa5d0`

png_set_strip_16

Ordinal	`183`
Address	`0x113d0`

png_set_strip_alpha

Ordinal	`184`
Address	`0x113f0`

png_set_swap

Ordinal	`185`
Address	`0x17830`

png_set_swap_alpha

Ordinal	`186`
Address	`0x179b0`

png_set_tIME

Ordinal	`187`
Address	`0x19b50`

png_set_tRNS

Ordinal	`188`
Address	`0x19b70`

png_set_tRNS_to_alpha

Ordinal	`189`
Address	`0x120c0`

png_set_text

Ordinal	`190`
Address	`0x19790`

png_set_unknown_chunk_location

Ordinal	`191`
Address	`0x1a030`

png_set_unknown_chunks

Ordinal	`192`
Address	`0x19e80`

png_set_user_limits

Ordinal	`193`
Address	`0x1a300`

png_set_user_transform_info

Ordinal	`194`
Address	`0x18290`

png_set_write_fn

Ordinal	`195`
Address	`0x183a0`

png_set_write_status_fn

Ordinal	`196`
Address	`0xf080`

png_set_write_user_transform_fn

Ordinal	`197`
Address	`0xf090`

png_sig_cmp

Ordinal	`198`
Address	`0xa600`

png_start_read_image

Ordinal	`199`
Address	`0xffc0`

png_warning

Ordinal	`200`
Address	`0xf2f0`

png_write_chunk

Ordinal	`201`
Address	`0x1b370`

png_write_chunk_data

Ordinal	`202`
Address	`0x1b530`

png_write_chunk_end

Ordinal	`203`
Address	`0x1b580`

png_write_chunk_start

Ordinal	`204`
Address	`0x1b480`

png_write_end

Ordinal	`205`
Address	`0xd970`

png_write_flush

Ordinal	`206`
Address	`0xe210`

png_write_image

Ordinal	`207`
Address	`0xe180`

png_write_info

Ordinal	`208`
Address	`0xd570`

png_write_info_before_PLTE

Ordinal	`209`
Address	`0xd320`

png_write_png

Ordinal	`210`
Address	`0xf0b0`

png_write_row

Ordinal	`211`
Address	`0xdf00`

png_write_rows

Ordinal	`212`
Address	`0xdec0`

png_write_sig

Ordinal	`213`
Address	`0x1b2f0`

1

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.52386`
MD5	`0b4314a144f092589318cba02ea95888`
SHA1	`e7a3128aaf8c07164e10f69e75ca740e7b229f93`
SHA256	`6fefe4b9e2acc2d01f26f73b5f751f1a6fc387da46bc6972bb2f03377c2c10b0`
SHA3	`0af8aea6dfc297e3eb3145dad92caaedd6249e3571d82cf397e145693d88c4fa`

2

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x988`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.32621`
MD5	`a19c4eb6e7b1faa96b038d375fea54f3`
SHA1	`11da87665a11db070060945ba38e3cb6014b1471`
SHA256	`f7f2f69ea57422f6159e9f0cf9a784ad5488b8fdd6425459b69c9e02764b2d41`
SHA3	`bcfd651bd372dd3c975909a8f7c81045af1acd8e327d2cba3663b8dd2ad40a11`

3

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.31122`
MD5	`7fc890b810d61e68577cc127a40f4cd3`
SHA1	`da3b329adfc29860c2e9cfd2a1ff5aeed41a025f`
SHA256	`fce72164e97bcfd200f5b15c8a64fff9912443ea32ab4e3005656f0accec402a`
SHA3	`5de53c059f570051f9d6f9cf62c8199a99f9d623b7ee9f4abadcc51cd5f958d8`

4

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x1a68`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.98346`
MD5	`57aea54c58ee3d321b439a10465acfe7`
SHA1	`202a00eb4622c5600ebcfe08aa030cf36319f326`
SHA256	`ae01bfb1f63acbe1c5c719aa3f2ba177da06e93bb094ae32cf69d2715d77c6f8`
SHA3	`1634dcca13debce3335c27c32cf16ed6974c11de36cf4f617c0de908e25a3708`

5

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.8626`
MD5	`f0c155eafba2c2d26790b0f1fd558fdf`
SHA1	`20d8355a72f2446f841363f3b8be1792dfc25b23`
SHA256	`6aa0fe78eb5b810f3ef5aa5bdc0f72d39338d85304ccdc07ee99c8aa2ec3c5f8`
SHA3	`4312bc701c3c97df9c12d8b68b0f0330a2a65a6d8fde3f9a9c747f358cb802f6`

6

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x4228`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.65159`
MD5	`29f0d74f3fdeb6bd6b1beec1cf376e96`
SHA1	`2ba6b8bda42ee46a50e86755e066389e5505e82a`
SHA256	`bfa29d39bd2906b5b5c7bb265580de6ae93e18698587d989a3bf9f64f348ab80`
SHA3	`5f4d784e6664af81ea692821bfc7aec5e83b56bb6bf4ee267eef8608e50098ae`

7

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x6dba`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.96687`
Detected Filetype	PNG graphic file
MD5	`8059254f4a924ffe06540d79a8c07f28`
SHA1	`6421dbb12d7b3800661be808d6d7682c007bc3ff`
SHA256	`d29e6ce4975f3149e7c171782af13ab3ec8d49cd3a9ad8df6d2cf3228e0a7b36`
SHA3	`0b355a8b01f93b124b328ecb192f06ff50590f49a66f578ec6d5c01ac620294e`

123

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x68`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.86829`
Detected Filetype	Icon file
MD5	`377a924dac4dd315d5ed7bcece174ccf`
SHA1	`de007db68845ceaf787124b1c338836e7dfcd09a`
SHA256	`173129aa93a35076898aae0755064f7ff8d1c4ef18056c9fa97b7c1cf2448830`
SHA3	`1f34630dd6ecc4d5db9a6fe1a963b4a4329332fb55dcaf20687d1658c698c010`

1 (#2)

Type	`RT_VERSION`
Language	English - United States
Codepage	UNKNOWN
Size	`0x2ec`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.47828`
MD5	`b2ba7e90dac33806345a5db9640fa400`
SHA1	`da34f642cd07017b2bc6f0cb9598d6a51bf9d69d`
SHA256	`629fc04e99e373bf3301aadcbc68a24dfd067d88c0ce2b6dcfd02eda1f2f5473`
SHA3	`6a9acae4f76f58022c8f890d2ac2b0f2c416d050029e2bb55eae2a548ee56b29`

1 (#3)

Type	`RT_MANIFEST`
Language	English - United States
Codepage	UNKNOWN
Size	`0x5c7`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.31889`
MD5	`282697ea0ae41feb4b948f00e9cfda3f`
SHA1	`5bf0038fd44bd2522568125459acdf21dafa4ff8`
SHA256	`1a173902c6a37b2ef669698599b37eebf2da5df98111cf559d1a0603f52022ce`
SHA3	`cf45de6c80e6df215423d803bd73dd4d2c7efeb96529020a9a6db0da62fc554b`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	4.26.2.0
ProductVersion	4.26.2.0
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT_WINDOWS32` `VOS__WINDOWS32`
FileType	`VFT_DLL`
Language	English - United States
CompanyName	Sharkmob
LegalCopyright	(C) 2017-2021 - Sharkmob AB
ProductName	CrashReportClient
ProductVersion (#2)	++UE4+Sharkmob-4.26-CL-302965
FileDescription	CrashReportClient
InternalName	UnrealEngine
OriginalFilename	CrashReportClient.exe

Resource LangID	English - United States

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics	`0`
TimeDateStamp	2023-May-24 13:39:32
Version	`0.0`
SizeofData	`46`
AddressOfRawData	`0xec2504`
PointerToRawData	`0xec0904`
Referenced File	CrashReportClient.pdb

IMAGE_DEBUG_TYPE_VC_FEATURE

Characteristics	`0`
TimeDateStamp	2023-May-24 13:39:32
Version	`0.0`
SizeofData	`20`
AddressOfRawData	`0xec2534`
PointerToRawData	`0xec0934`

IMAGE_DEBUG_TYPE_POGO

Characteristics	`0`
TimeDateStamp	2023-May-24 13:39:32
Version	`0.0`
SizeofData	`1172`
AddressOfRawData	`0xec2548`
PointerToRawData	`0xec0948`

TLS Callbacks

StartAddressOfRawData	`0x140ec2a00`
EndAddressOfRawData	`0x140ec2a31`
AddressOfIndex	`0x1411d60d8`
AddressOfCallbacks	`0x140ba7b00`
SizeOfZeroFill	`0`
Characteristics	`IMAGE_SCN_ALIGN_8BYTES`
Callbacks	`0x0000000140B4DA70`

Load Configuration

Size	`0x138`
TimeDateStamp	`1970-Jan-01 00:00:00`
Version	`0.0`
GlobalFlagsClear	`(EMPTY)`
GlobalFlagsSet	`(EMPTY)`
CriticalSectionDefaultTimeout	`0`
DeCommitFreeBlockThreshold	`0`
DeCommitTotalFreeThreshold	`0`
LockPrefixTable	`0`
MaximumAllocationSize	`0`
VirtualMemoryThreshold	`0`
ProcessAffinityMask	`0`
ProcessHeapFlags	`(EMPTY)`
CSDVersion	`0`
Reserved1	`0`
EditList	`0`
SecurityCookie	`0x1410d0e68`

RICH Header

XOR Key	`0x73789ea2`
Unmarked objects	`0`
Imports (VS2008 SP1 build 30729)	`24`
C++ objects (VS2017 v14.15 compiler 26715)	`1`
253 (28518)	`7`
C objects (VS 2015/2017/2019 runtime 29804)	`10`
ASM objects (VS 2015/2017/2019 runtime 29804)	`12`
Imports (VS 2015/2017/2019 runtime 29804)	`6`
C objects (VS2017 v14.15 compiler 26715)	`5`
C objects (CVTCIL) (VS2017 v14.15 compiler 26715)	`4`
Imports (VS2017 v14.15 compiler 26715)	`40`
C++ objects (VS 2015/2017/2019 runtime 29804)	`33`
173 (VS2010 build 30319)	`1`
Imports (21202)	`4`
C++ objects (VS2017 v15.9.5-6 compiler 27026)	`73`
C objects (CVTCIL) (VS2015/2017 runtime 25711)	`1`
C objects (VS2017 v15.8.9 compiler 26732)	`6`
Imports (VS2015/2017 runtime 25711)	`14`
C objects (VS2015 UPD3.1 build 24215)	`112`
C objects (VS2017 v15.9.14-15 compiler 27032)	`564`
Imports (VS2010 build 30319)	`3`
Total imports	`873`
C++ objects (VS2015 UPD3.1 build 24215)	`344`
C++ objects (VS2017 v15.9.11 compiler 27030)	`11`
C++ objects (VS2017 v15.9.16-18 compiler 27034)	`5`
Unmarked objects (#2)	`24`
C++ objects (29912)	`67`
Exports (29912)	`1`
Resource objects (29912)	`1`
151	`1`
Linker (29912)	`1`

Errors

Leave a comment

No comments yet.