Manalyze report for 80b3f3c6e31d805f1baeb42daa2352613a3d10a4fe96b0f5bb2e95e9b75723c4

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2023-Jul-15 15:33:33
Detected languages	English - United States
Debug artifacts	e:\mozdev\obj-pm-x86-release\mozglue\build\mozglue.pdb
LegalCopyright	License: MPL 2.0
CompanyName	UXP Contributors
FileVersion	`6.2.0`
ProductVersion	`6.2.0`
LegalTrademarks	Goanna is (tm) Moonchild Productions
OriginalFilename	mozglue.dll
ProductName	UXP
BuildID	20230715144442

Plugin Output

Info	Matching compiler(s):	`Microsoft Visual C++ 6.0 - 8.0` `Microsoft Visual C++` `Microsoft Visual C++ v6.0`
Info	Interesting strings found in the binary:	`Contains domain names: http://www.mozilla.com http://www.mozilla.com/en-US/blocklist/ mozilla.com www.mozilla.com`
Info	Cryptographic algorithms detected in the binary:	`Uses constants related to SHA1`
Suspicious	The PE contains functions most legitimate programs don't use.	`[!] The program may be hiding some of its imports: GetProcAddress LoadLibraryExA` `Can access the registry: RegOpenKeyExW RegCloseKey RegQueryValueExW` `Memory manipulation functions often used by packers: VirtualAllocEx VirtualProtectEx VirtualAlloc VirtualProtect`
Malicious	The PE's digital signature is invalid.	`Signer: Mark Straver` `Issuer: Sectigo Public Code Signing CA R36` `The file was modified after it was signed.`
Malicious	VirusTotal score: 21/71 (Scanned on 2023-12-20 01:07:19)	`Alibaba: Trojan:Win32/Penguish.a56b03a4` `Bkav: W32.Common.BB42642F` `CAT-QuickHeal: Trojan.Penguish` `Cylance: unsafe` `DeepInstinct: MALICIOUS` `Fortinet: W32/PossibleThreat` `Google: Detected` `Ikarus: Trojan-Downloader.Win32.Rugmi` `Jiangmin: Trojan.Agent.esof` `Kaspersky: Trojan.Win32.Penguish.zi` `Lionic: Trojan.Win32.Penguish.4!c` `MaxSecure: Trojan.Malware.221488733.susgen` `McAfee: RDN/Generic.dx` `Microsoft: Trojan:Win32/Wacatac.B!ml` `Panda: Trj/Chgt.AD` `Rising: Trojan.Penguish!8.18A49 (CLOUD)` `Skyhigh: RDN/Generic.dx` `Sophos: Mal/Generic-S` `Symantec: Trojan.Gen.MBT` `TrendMicro-HouseCall: TROJ_GEN.R002H06LF23` `ZoneAlarm: Trojan.Win32.Penguish.zi`

Hashes

MD5	`ca0bc374205cd4397491385515c2552b`
SHA1	`93aeb499572efa3e3ee4bac0452effcb64addd5f`
SHA256	`80b3f3c6e31d805f1baeb42daa2352613a3d10a4fe96b0f5bb2e95e9b75723c4`
SHA3	`5ee181efc403fd080a73fcf7c8e96f9d62a5845048d0b3fbf584a48f2959f882`
SSDeep	`6144:O2IRQP+tRwQWlhAJRd6XcP4NJyFJNV34U646yBoGXKayZ2JJJMpqm1JK:O2IRQMmjKgsP4NkD3n6VyWGX6pqkK`
Imports Hash	`1140a91249385a64e0303a821509adae`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x118`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`5`
TimeDateStamp	2023-Jul-15 15:33:33
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_32BIT_MACHINE` `IMAGE_FILE_DLL` `IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LARGE_ADDRESS_AWARE`

Image Optional Header

Magic	`PE32`
LinkerVersion	`14.0`
SizeOfCode	`0x22200`
SizeOfInitializedData	`0xc800`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x00022985 (Section: .text)`
BaseOfCode	`0x1000`
BaseOfData	`0x24000`
ImageBase	`0x10000000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`6.1`
ImageVersion	`0.0`
SubsystemVersion	`6.1`
Win32VersionValue	`0`
SizeOfImage	`0x32000`
SizeOfHeaders	`0x400`
Checksum	`0x3ae9b`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`f123924d176c7e96795f3025b9607d43`
SHA1	`3cd5fab27f7aed90dcaeb551b9900f93d87be784`
SHA256	`364c57b2bcc032e5a1d28b18787d7cf0d415ebbeb8e7bce1599a18bf583e73dc`
SHA3	`94c5e3844f35f861c3de7926567ca3c3d5a2d1ee47fe38ecae95ee0d114c2fa9`
VirtualSize	`0x220e5`
VirtualAddress	`0x1000`
SizeOfRawData	`0x22200`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.62353`

.rdata

MD5	`17ec25aced927f2e40509956bafeb7c5`
SHA1	`881fd953eedff2491c8219ac3c16a0efcf453f9b`
SHA256	`eb680a2e48cc2a41497037275c10725fbc9b38e91721deaaaa8efb3ab0c608fb`
SHA3	`7734b53af9468321c97272881d5f6d96a0d0e3ee2e3a271574f305c207db2ef6`
VirtualSize	`0x9ec4`
VirtualAddress	`0x24000`
SizeOfRawData	`0xa000`
PointerToRawData	`0x22600`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`6.4268`

.data

MD5	`8fd98545ab68366e65b27480d70c17a8`
SHA1	`b300170c65d9af79a795d243b0386e65b90c0be2`
SHA256	`8872f16a3134a6a31e7f2c4234c8e528a2984647911e8f68ec2022adc2ac9199`
SHA3	`e29c08b7cb6222394d948677ed4c8e9507b84e435963d26dc5edae1cc0287e06`
VirtualSize	`0x1308`
VirtualAddress	`0x2e000`
SizeOfRawData	`0x800`
PointerToRawData	`0x2c600`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`2.37891`

.rsrc

MD5	`41aa45a644a3cd62befe61012922b932`
SHA1	`b45b52e4674956704cfa132898ba39120144c8e1`
SHA256	`75175a0ea12f20dc9d5c3f02cf3db2a06ef5fa4d5594b935e582326f06e2e787`
SHA3	`e3331fb4cf3bdd65cd98a9d41a82a838cd522686441808c9862ba34e94767a82`
VirtualSize	`0x398`
VirtualAddress	`0x30000`
SizeOfRawData	`0x400`
PointerToRawData	`0x2ce00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`3.01056`

.reloc

MD5	`9ed9a01f77b23d0332fa54392ff846f7`
SHA1	`3526281058c380e5e69f0b102400a71776131aa7`
SHA256	`4357d8ad36d5d4b742acfdad3b29c82abea75ad54033cbbfd3ea2b7ee1466969`
SHA3	`773544317e7d2a954fa0289baf0bc7448f9bd17c5f8a961af8d229c2a8218694`
VirtualSize	`0xe5c`
VirtualAddress	`0x31000`
SizeOfRawData	`0x1000`
PointerToRawData	`0x2d200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`6.22416`

Imports

KERNEL32.dll	`IsDebuggerPresent` `OutputDebugStringA` `EncodePointer` `DecodePointer` `CloseHandle` `InitializeCriticalSection` `EnterCriticalSection` `LeaveCriticalSection` `GetCurrentProcess` `GetCurrentThreadId` `FlushInstructionCache` `GetSystemInfo` `VirtualAllocEx` `VirtualProtectEx` `CreateFileMappingW` `MapViewOfFile` `UnmapViewOfFile` `GetModuleHandleA` `GetModuleHandleW` `GetProcAddress` `LoadLibraryExA` `VerifyVersionInfoA` `TerminateProcess` `GetEnvironmentVariableA` `InitializeSRWLock` `ReleaseSRWLockExclusive` `AcquireSRWLockExclusive` `WriteFile` `TlsGetValue` `TlsSetValue` `VirtualAlloc` `VirtualFree` `DisableThreadLibraryCalls` `DuplicateHandle` `GetLastError` `SetEvent` `WaitForSingleObject` `CreateEventA` `SignalObjectAndWait` `GetCurrentThread` `SuspendThread` `ResumeThread` `GetThreadContext` `LocalFree` `FormatMessageA` `QueryPerformanceCounter` `QueryPerformanceFrequency` `InitializeCriticalSectionAndSpinCount` `DeleteCriticalSection` `GetProcessTimes` `GetSystemTime` `GetTickCount64` `GetSystemTimeAdjustment` `SystemTimeToFileTime` `GetSystemTimeAsFileTime` `CreateFileW` `SearchPathW` `TlsAlloc` `VerSetConditionMask` `GetCurrentProcessId` `SetUnhandledExceptionFilter` `UnhandledExceptionFilter` `IsProcessorFeaturePresent` `FreeLibrary` `VirtualQuery` `VirtualProtect` `RaiseException` `InitializeSListHead`
ADVAPI32.dll	`RegOpenKeyExW` `RegCloseKey` `RegQueryValueExW`
MSVCP140.dll	`??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ` `??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ` `??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z` `??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ` `??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_J@Z` `??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_K@Z` `?setprecision@std@@YA?AU?$_Smanip@_J@1@_J@Z` `?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z` `?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ` `?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z` `?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z` `??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ` `?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ` `?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ` `?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ` `?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ` `?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ` `?_Xlength_error@std@@YAXPBD@Z` `?_Raise_handler@std@@3P6AXABVexception@stdext@@@ZA` `??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ` `?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z`
VCRUNTIME140.dll	`_except_handler4_common` `memmove` `__std_type_info_destroy_list` `strchr` `_except_handler3` `memcpy` `memchr` `memset`
api-ms-win-crt-runtime-l1-1-0.dll	`_errno` `strerror` `_invoke_watson` `_seh_filter_dll` `_configure_narrow_argv` `_initialize_narrow_environment` `_beginthreadex` `_register_onexit_function` `_execute_onexit_table` `_crt_atexit` `_cexit` `_invalid_parameter_noinfo_noreturn` `_initterm` `_initterm_e` `_initialize_onexit_table`
api-ms-win-crt-string-l1-1-0.dll	`_strnicmp` `isxdigit` `strncpy` `wcsncpy` `_wcsnicmp` `wcstok_s` `_stricmp`
api-ms-win-crt-stdio-l1-1-0.dll	`_close` `_read` `_open` `__acrt_iob_func` `fclose` `__stdio_common_vfprintf` `__stdio_common_vsprintf` `fflush` `_write` `_wopen` `_lseeki64` `fputs` `_dup`
api-ms-win-crt-filesystem-l1-1-0.dll	`_wsplitpath_s`
api-ms-win-crt-convert-l1-1-0.dll	`_ltoa` `_strtoui64` `wcstombs`
api-ms-win-crt-math-l1-1-0.dll	`_fdopen` `ceil` `_dclass`
api-ms-win-crt-heap-l1-1-0.dll	`malloc` `free`
api-ms-win-crt-environment-l1-1-0.dll	`getenv`
USER32.dll (delay-loaded)	`PostThreadMessageA` `PeekMessageA` `GetMessageA`

Delayed Imports

Attributes	`0x1`
Name	`USER32.dll`
ModuleHandle	`0x2ef78`
DelayImportAddressTable	`0x2e6ec`
DelayImportNameTable	`0x2a77c`
BoundDelayImportTable	`0x2a908`
UnloadDelayImportTable	`0`
TimeStamp	`1970-Jan-01 00:00:00`

??0Decimal@blink@@QAE@ABV01@@Z

Ordinal	`1`
Address	`0x17330`

??0Decimal@blink@@QAE@ABVEncodedData@01@@Z

Ordinal	`2`
Address	`0x17330`

??0Decimal@blink@@QAE@H@Z

Ordinal	`3`
Address	`0x17350`

??0Decimal@blink@@QAE@W4Sign@01@H_K@Z

Ordinal	`4`
Address	`0x17380`

??0SHA1Sum@mozilla@@QAE@XZ

Ordinal	`5`
Address	`0x1afb0`

??0TimeStampValue@mozilla@@AAE@_K0_N@Z

Ordinal	`6`
Address	`0x13d40`

??4Decimal@blink@@QAEAAV01@ABV01@@Z

Ordinal	`7`
Address	`0x17330`

??8Decimal@blink@@QBE_NABV01@@Z

Ordinal	`8`
Address	`0x17650`

??9Decimal@blink@@QBE_NABV01@@Z

Ordinal	`9`
Address	`0x176e0`

??DDecimal@blink@@QBE?AV01@ABV01@@Z

Ordinal	`10`
Address	`0x17740`

??GDecimal@blink@@QBE?AV01@ABV01@@Z

Ordinal	`11`
Address	`0x178d0`

??GDecimal@blink@@QBE?AV01@XZ

Ordinal	`12`
Address	`0x17a40`

??GTimeStampValue@mozilla@@QBE_KABV01@@Z

Ordinal	`13`
Address	`0x13d70`

??HDecimal@blink@@QBE?AV01@ABV01@@Z

Ordinal	`14`
Address	`0x17a80`

??KDecimal@blink@@QBE?AV01@ABV01@@Z

Ordinal	`15`
Address	`0x17bf0`

??MDecimal@blink@@QBE_NABV01@@Z

Ordinal	`16`
Address	`0x17e30`

??NDecimal@blink@@QBE_NABV01@@Z

Ordinal	`17`
Address	`0x17e70`

??ODecimal@blink@@QBE_NABV01@@Z

Ordinal	`18`
Address	`0x17ed0`

??PDecimal@blink@@QBE_NABV01@@Z

Ordinal	`19`
Address	`0x17f10`

??XDecimal@blink@@QAEAAV01@ABV01@@Z

Ordinal	`20`
Address	`0x17f70`

??YDecimal@blink@@QAEAAV01@ABV01@@Z

Ordinal	`21`
Address	`0x17fa0`

??YTimeStampValue@mozilla@@QAEAAV01@_J@Z

Ordinal	`22`
Address	`0x13da0`

??ZDecimal@blink@@QAEAAV01@ABV01@@Z

Ordinal	`23`
Address	`0x17fd0`

??ZTimeStampValue@mozilla@@QAEAAV01@_J@Z

Ordinal	`24`
Address	`0x13dc0`

??_0Decimal@blink@@QAEAAV01@ABV01@@Z

Ordinal	`25`
Address	`0x18000`

??_FDecimal@blink@@QAEXXZ

Ordinal	`26`
Address	`0x18110`

?AcquireStackWalkWorkaroundLock@@YAXXZ

Ordinal	`27`
Address	`0x2420`

?CheckQPC@TimeStampValue@mozilla@@ABE_KABV12@@Z

Ordinal	`28`
Address	`0x13de0`

?ComputeProcessUptime@TimeStamp@mozilla@@CA_KXZ

Ordinal	`29`
Address	`0x13fb0`

?CreateDecimalRepresentation@DoubleToStringConverter@double_conversion@@ABEXPBDHHHPAVStringBuilder@2@@Z

Ordinal	`30`
Address	`0x1bee0`

?CreateExponentialRepresentation@DoubleToStringConverter@double_conversion@@ABEXPBDHHPAVStringBuilder@2@@Z

Ordinal	`31`
Address	`0x1c0a0`

?DllBlocklist_CheckStatus@@YA_NXZ

Ordinal	`32`
Address	`0x1c50`

?DllBlocklist_Initialize@@YAXXZ

Ordinal	`33`
Address	`0x1c70`

?DllBlocklist_SetInXPCOMLoadOnMainThread@@YAX_N@Z

Ordinal	`34`
Address	`0x1e00`

?DllBlocklist_WriteNotes@@YAXPAX@Z

Ordinal	`35`
Address	`0x1e30`

?DoubleToAscii@DoubleToStringConverter@double_conversion@@SAXNW4DtoaMode@12@HPADHPA_NPAH3@Z

Ordinal	`36`
Address	`0x1cb90`

?EcmaScriptConverter@DoubleToStringConverter@double_conversion@@SAABV12@XZ

Ordinal	`37`
Address	`0x1cd60`

?FramePointerStackWalk@mozilla@@YA_NP6AXIPAX00@ZII0PAPAX0@Z

Ordinal	`38`
Address	`0x13020`

?HandleSpecialValues@DoubleToStringConverter@double_conversion@@ABE_NNPAVStringBuilder@2@@Z

Ordinal	`39`
Address	`0x1de10`

?HashBytes@mozilla@@YAIPBXI@Z

Ordinal	`40`
Address	`0x1df00`

?IsFloat32Representable@mozilla@@YA_NN@Z

Ordinal	`41`
Address	`0x1e120`

?MozDescribeCodeAddress@@YA_NPAXPAUMozCodeAddressDetails@@@Z

Ordinal	`42`
Address	`0x130a0`

?MozFormatCodeAddress@@YAXPADIIPBXPBD2H2I@Z

Ordinal	`43`
Address	`0x131f0`

?MozFormatCodeAddressDetails@@YAXPADIIPAXPBUMozCodeAddressDetails@@@Z

Ordinal	`44`
Address	`0x13270`

?MozStackWalk@@YA_NP6AXIPAX00@ZII0I0@Z

Ordinal	`45`
Address	`0x132b0`

?Now@TimeStamp@mozilla@@CA?AV12@_N@Z

Ordinal	`46`
Address	`0x142f0`

?ProcessCreation@TimeStamp@mozilla@@SA?AV12@AA_N@Z

Ordinal	`47`
Address	`0x13a00`

?RecordProcessRestart@TimeStamp@mozilla@@SAXXZ

Ordinal	`48`
Address	`0x13d00`

?ReleaseStackWalkWorkaroundLock@@YAXXZ

Ordinal	`49`
Address	`0x2420`

?ResolutionInTicks@BaseTimeDurationPlatformUtils@mozilla@@SA_JXZ

Ordinal	`50`
Address	`0x14390`

?Shutdown@TimeStamp@mozilla@@SAXXZ

Ordinal	`51`
Address	`0x143a0`

?StackWalkInitCriticalAddress@@YAXXZ

Ordinal	`52`
Address	`0x135c0`

?Startup@TimeStamp@mozilla@@SAXXZ

Ordinal	`53`
Address	`0x143b0`

?TicksFromMilliseconds@BaseTimeDurationPlatformUtils@mozilla@@SA_JN@Z

Ordinal	`54`
Address	`0x14420`

?ToExponential@DoubleToStringConverter@double_conversion@@QBE_NNHPAVStringBuilder@2@@Z

Ordinal	`55`
Address	`0x1fb00`

?ToFixed@DoubleToStringConverter@double_conversion@@QBE_NNHPAVStringBuilder@2@@Z

Ordinal	`56`
Address	`0x1fc40`

?ToPrecision@DoubleToStringConverter@double_conversion@@QBE_NNHPA_NPAVStringBuilder@2@@Z

Ordinal	`57`
Address	`0x1fd40`

?ToSeconds@BaseTimeDurationPlatformUtils@mozilla@@SAN_J@Z

Ordinal	`58`
Address	`0x14480`

?ToSecondsSigDigits@BaseTimeDurationPlatformUtils@mozilla@@SAN_J@Z

Ordinal	`59`
Address	`0x144c0`

?ToShortestIeeeNumber@DoubleToStringConverter@double_conversion@@ABE_NNPAVStringBuilder@2@W4DtoaMode@12@@Z

Ordinal	`60`
Address	`0x1feb0`

?TryAcquireStackWalkWorkaroundLock@@YA_NXZ

Ordinal	`61`
Address	`0x13680`

?Unused@mozilla@@3Uunused_t@1@B

Ordinal	`62`
Address	`0x2eb60`

?abs@Decimal@blink@@QBE?AV12@XZ

Ordinal	`63`
Address	`0x181c0`

?alignOperands@Decimal@blink@@CA?AUAlignedOperands@12@ABV12@0@Z

Ordinal	`64`
Address	`0x181e0`

?avx2_enabled@sse_private@mozilla@@3_NA

Ordinal	`65`
Address	`0x2e73c`

?avx_enabled@sse_private@mozilla@@3_NA

Ordinal	`66`
Address	`0x2e73a`

?ceil@Decimal@blink@@QBE?AV12@XZ

Ordinal	`67`
Address	`0x18400`

?compareTo@Decimal@blink@@ABE?AV12@ABV12@@Z

Ordinal	`68`
Address	`0x184f0`

?compress@LZ4@Compression@mozilla@@SAIPBDIPAD@Z

Ordinal	`69`
Address	`0x14530`

?compressLimitedOutput@LZ4@Compression@mozilla@@SAIPBDIPADI@Z

Ordinal	`70`
Address	`0x14550`

?decompress@LZ4@Compression@mozilla@@SA_NPBDIPADIPAI@Z

Ordinal	`71`
Address	`0x14570`

?decompress@LZ4@Compression@mozilla@@SA_NPBDPADI@Z

Ordinal	`72`
Address	`0x145b0`

?decompressPartial@LZ4@Compression@mozilla@@SA_NPBDIPADIPAI@Z

Ordinal	`73`
Address	`0x145d0`

?finish@SHA1Sum@mozilla@@QAEXAAY0BE@E@Z

Ordinal	`74`
Address	`0x20180`

?floor@Decimal@blink@@QBE?AV12@XZ

Ordinal	`75`
Address	`0x18640`

?fromDouble@Decimal@blink@@SA?AV12@N@Z

Ordinal	`76`
Address	`0x18730`

?fromString@Decimal@blink@@SA?AV12@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z

Ordinal	`77`
Address	`0x18800`

?gChaosFeatures@detail@mozilla@@3W4ChaosFeature@2@A

Ordinal	`78`
Address	`0x2eb6c`

?gChaosModeCounter@detail@mozilla@@3V?$Atomic@I$01X@2@A

Ordinal	`79`
Address	`0x2eb68`

?gTwoCharEscapes@detail@mozilla@@3QBDB

Ordinal	`80`
Address	`0x28fd8`

?infinity@Decimal@blink@@SA?AV12@W4Sign@12@@Z

Ordinal	`81`
Address	`0x18c00`

?kBase10MaximalLength@DoubleToStringConverter@double_conversion@@2HB

Ordinal	`82`
Address	`0x28f48`

?mmx_enabled@sse_private@mozilla@@3_NA

Ordinal	`83`
Address	`0x2e73e`

?mozalloc_abort@@YAXQBD@Z

Ordinal	`84`
Address	`0xd190`

?mozalloc_handle_oom@@YAXI@Z

Ordinal	`85`
Address	`0xd1f0`

?mozalloc_set_oom_abort_handler@@YAXP6AXI@Z@Z

Ordinal	`86`
Address	`0xd270`

?nan@Decimal@blink@@SA?AV12@XZ

Ordinal	`87`
Address	`0x19050`

?remainder@Decimal@blink@@QBE?AV12@ABV12@@Z

Ordinal	`88`
Address	`0x19250`

?round@Decimal@blink@@QBE?AV12@XZ

Ordinal	`89`
Address	`0x192e0`

?sse3_enabled@sse_private@mozilla@@3_NA

Ordinal	`90`
Address	`0x2e73b`

?sse4_1_enabled@sse_private@mozilla@@3_NA

Ordinal	`91`
Address	`0x2e739`

?sse4_2_enabled@sse_private@mozilla@@3_NA

Ordinal	`92`
Address	`0x2e73d`

?sse4a_enabled@sse_private@mozilla@@3_NA

Ordinal	`93`
Address	`0x2e73f`

?ssse3_enabled@sse_private@mozilla@@3_NA

Ordinal	`94`
Address	`0x2e738`

?toDouble@Decimal@blink@@QBENXZ

Ordinal	`95`
Address	`0x19980`

?toString@Decimal@blink@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ

Ordinal	`96`
Address	`0x19a50`

?toString@Decimal@blink@@QBE_NPADI@Z

Ordinal	`97`
Address	`0x1a7e0`

?update@SHA1Sum@mozilla@@QAEXPBXI@Z

Ordinal	`98`
Address	`0x21690`

?zero@Decimal@blink@@SA?AV12@W4Sign@12@@Z

Ordinal	`99`
Address	`0x1a920`

_HeapAlloc@12

Ordinal	`100`
Address	`0xd100`

_HeapFree@12

Ordinal	`101`
Address	`0xd130`

_HeapReAlloc@16

Ordinal	`102`
Address	`0xd150`

MOZ_CrashOOL

Ordinal	`103`
Address	`0x21740`

MOZ_CrashPrintf

Ordinal	`104`
Address	`0x21760`

MOZ_Z_adler32

Ordinal	`105`
Address	`0x2cc0`

MOZ_Z_adler32_combine

Ordinal	`106`
Address	`0x2cd0`

MOZ_Z_compress

Ordinal	`107`
Address	`0x30a0`

MOZ_Z_compress2

Ordinal	`108`
Address	`0x30c0`

MOZ_Z_compressBound

Ordinal	`109`
Address	`0x3190`

MOZ_Z_crc32

Ordinal	`110`
Address	`0x31b0`

MOZ_Z_crc32_combine

Ordinal	`111`
Address	`0x31c0`

MOZ_Z_deflate

Ordinal	`112`
Address	`0x40a0`

MOZ_Z_deflateBound

Ordinal	`113`
Address	`0x49f0`

MOZ_Z_deflateCopy

Ordinal	`114`
Address	`0x4ae0`

MOZ_Z_deflateEnd

Ordinal	`115`
Address	`0x4c90`

MOZ_Z_deflateInit2_

Ordinal	`116`
Address	`0x4d40`

MOZ_Z_deflateInit_

Ordinal	`117`
Address	`0x4f80`

MOZ_Z_deflateParams

Ordinal	`118`
Address	`0x4fb0`

MOZ_Z_deflatePending

Ordinal	`119`
Address	`0x5110`

MOZ_Z_deflatePrime

Ordinal	`120`
Address	`0x5150`

MOZ_Z_deflateReset

Ordinal	`121`
Address	`0x51f0`

MOZ_Z_deflateResetKeep

Ordinal	`122`
Address	`0x5220`

MOZ_Z_deflateSetDictionary

Ordinal	`123`
Address	`0x52d0`

MOZ_Z_deflateSetHeader

Ordinal	`124`
Address	`0x5480`

MOZ_Z_deflateTune

Ordinal	`125`
Address	`0x5510`

MOZ_Z_get_crc_table

Ordinal	`126`
Address	`0x32d0`

MOZ_Z_gzbuffer

Ordinal	`127`
Address	`0x6380`

MOZ_Z_gzclearerr

Ordinal	`128`
Address	`0x63d0`

MOZ_Z_gzclose

Ordinal	`129`
Address	`0x5ef0`

MOZ_Z_gzclose_r

Ordinal	`130`
Address	`0x6e50`

MOZ_Z_gzclose_w

Ordinal	`131`
Address	`0x76a0`

MOZ_Z_gzdirect

Ordinal	`132`
Address	`0x6ed0`

MOZ_Z_gzdopen

Ordinal	`133`
Address	`0x6420`

MOZ_Z_gzeof

Ordinal	`134`
Address	`0x6470`

MOZ_Z_gzerror

Ordinal	`135`
Address	`0x6490`

MOZ_Z_gzflush

Ordinal	`136`
Address	`0x7760`

MOZ_Z_gzgetc_

Ordinal	`137`
Address	`0x6f10`

MOZ_Z_gzgets

Ordinal	`138`
Address	`0x6f20`

MOZ_Z_gzoffset

Ordinal	`139`
Address	`0x64e0`

MOZ_Z_gzoffset64

Ordinal	`140`
Address	`0x6510`

MOZ_Z_gzopen

Ordinal	`141`
Address	`0x6570`

MOZ_Z_gzopen64

Ordinal	`142`
Address	`0x6570`

MOZ_Z_gzopen_w

Ordinal	`143`
Address	`0x6590`

MOZ_Z_gzprintf

Ordinal	`144`
Address	`0x77d0`

MOZ_Z_gzputc

Ordinal	`145`
Address	`0x77f0`

MOZ_Z_gzputs

Ordinal	`146`
Address	`0x78a0`

MOZ_Z_gzread

Ordinal	`147`
Address	`0x7040`

MOZ_Z_gzrewind

Ordinal	`148`
Address	`0x65b0`

MOZ_Z_gzseek

Ordinal	`149`
Address	`0x6600`

MOZ_Z_gzseek64

Ordinal	`150`
Address	`0x6630`

MOZ_Z_gzsetparams

Ordinal	`151`
Address	`0x78f0`

MOZ_Z_gztell

Ordinal	`152`
Address	`0x67e0`

MOZ_Z_gztell64

Ordinal	`153`
Address	`0x6810`

MOZ_Z_gzungetc

Ordinal	`154`
Address	`0x70b0`

MOZ_Z_gzvprintf

Ordinal	`155`
Address	`0x7990`

MOZ_Z_gzwrite

Ordinal	`156`
Address	`0x7ac0`

MOZ_Z_inflate

Ordinal	`157`
Address	`0x8ee0`

MOZ_Z_inflateBack

Ordinal	`158`
Address	`0x7b80`

MOZ_Z_inflateBackEnd

Ordinal	`159`
Address	`0x8930`

MOZ_Z_inflateBackInit_

Ordinal	`160`
Address	`0x8970`

MOZ_Z_inflateCopy

Ordinal	`161`
Address	`0xa690`

MOZ_Z_inflateEnd

Ordinal	`162`
Address	`0xa7f0`

MOZ_Z_inflateGetDictionary

Ordinal	`163`
Address	`0xa840`

MOZ_Z_inflateGetHeader

Ordinal	`164`
Address	`0xa8b0`

MOZ_Z_inflateInit2_

Ordinal	`165`
Address	`0xa8f0`

MOZ_Z_inflateInit_

Ordinal	`166`
Address	`0xa9c0`

MOZ_Z_inflateMark

Ordinal	`167`
Address	`0xa9e0`

MOZ_Z_inflatePrime

Ordinal	`168`
Address	`0xaa50`

MOZ_Z_inflateReset

Ordinal	`169`
Address	`0xaab0`

MOZ_Z_inflateReset2

Ordinal	`170`
Address	`0xaaf0`

MOZ_Z_inflateResetKeep

Ordinal	`171`
Address	`0xab80`

MOZ_Z_inflateSetDictionary

Ordinal	`172`
Address	`0xac20`

MOZ_Z_inflateSync

Ordinal	`173`
Address	`0xad00`

MOZ_Z_inflateSyncPoint

Ordinal	`174`
Address	`0xae00`

MOZ_Z_inflateUndermine

Ordinal	`175`
Address	`0xae40`

MOZ_Z_uncompress

Ordinal	`176`
Address	`0xcf40`

MOZ_Z_uncompress2

Ordinal	`177`
Address	`0xcf60`

MOZ_Z_zError

Ordinal	`178`
Address	`0xd080`

MOZ_Z_zlibCompileFlags

Ordinal	`179`
Address	`0xd0e0`

MOZ_Z_zlibVersion

Ordinal	`180`
Address	`0xd0f0`

_aligned_free

Ordinal	`181`
Address	`0x12010`

_aligned_malloc

Ordinal	`182`
Address	`0xd360`

_expand

Ordinal	`183`
Address	`0xd530`

_malloc_message

Ordinal	`184`
Address	`0x2e654`

_malloc_options

Ordinal	`185`
Address	`0x2e650`

_msize

Ordinal	`186`
Address	`0xd5b0`

_recalloc

Ordinal	`187`
Address	`0xd5c0`

_strdup

Ordinal	`188`
Address	`0xd380`

_wcsdup

Ordinal	`189`
Address	`0xd3f0`

adler32_z

Ordinal	`190`
Address	`0x2e20`

calloc

Ordinal	`191`
Address	`0x11f60`

crc32_z

Ordinal	`192`
Address	`0x3580`

deflateGetDictionary

Ordinal	`193`
Address	`0x59d0`

free

Ordinal	`194`
Address	`0x12010`

frex

Ordinal	`195`
Address	`0x2420`

gMozCrashReason

Ordinal	`196`
Address	`0x2eb70`

gMozillaPoisonBase

Ordinal	`197`
Address	`0x2eb58`

gMozillaPoisonSize

Ordinal	`198`
Address	`0x2eb5c`

gMozillaPoisonValue

Ordinal	`199`
Address	`0x2eb54`

gzfread

Ordinal	`200`
Address	`0x71a0`

gzfwrite

Ordinal	`201`
Address	`0x7b10`

gzgetc

Ordinal	`202`
Address	`0x7210`

inflateCodesUsed

Ordinal	`203`
Address	`0xb010`

inflateValidate

Ordinal	`204`
Address	`0xb040`

jemalloc_free_dirty_pages

Ordinal	`205`
Address	`0x12430`

jemalloc_purge_freed_pages

Ordinal	`206`
Address	`0x2420`

jemalloc_stats

Ordinal	`207`
Address	`0x12480`

malloc

Ordinal	`208`
Address	`0x12040`

malloc_good_size

Ordinal	`209`
Address	`0x12080`

malloc_usable_size

Ordinal	`210`
Address	`0x12110`

mozPoisonValueInit

Ordinal	`211`
Address	`0x21850`

moz_malloc_size_of

Ordinal	`212`
Address	`0xd280`

moz_malloc_usable_size

Ordinal	`213`
Address	`0xd290`

moz_xcalloc

Ordinal	`214`
Address	`0xd2b0`

moz_xmalloc

Ordinal	`215`
Address	`0xd2e0`

moz_xrealloc

Ordinal	`216`
Address	`0xd310`

moz_xstrdup

Ordinal	`217`
Address	`0xd340`

posix_memalign

Ordinal	`218`
Address	`0x12330`

realloc

Ordinal	`219`
Address	`0x12370`

strdup

Ordinal	`220`
Address	`0xd380`

strndup

Ordinal	`221`
Address	`0xd3b0`

wcsdup

Ordinal	`222`
Address	`0xd3f0`

1

Type	`RT_VERSION`
Language	English - United States
Codepage	UNKNOWN
Size	`0x338`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.40832`
MD5	`b9c7b33bc5a23de16c326d7ca45007ba`
SHA1	`6f3aeaba7cb6ceb7d4cd4178410668f06e74a848`
SHA256	`0da4f5e43f6943c2e70f6ecb8e5851901d17c7d0730b7f0cc5b8f189b894cd7f`
SHA3	`6d23f0f999747332787b7f471e72f0ccb27fde8d5cf80f6e73c5f987ba8aa0bd`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	6.2.0.8596
ProductVersion	6.2.0.8596
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT_WINDOWS32` `VOS__WINDOWS32`
FileType	`VFT_DLL`
Language	UNKNOWN
LegalCopyright	License: MPL 2.0
CompanyName	UXP Contributors
FileVersion (#2)	6.2.0
ProductVersion (#2)	6.2.0
LegalTrademarks	Goanna is (tm) Moonchild Productions
OriginalFilename	mozglue.dll
ProductName	UXP
BuildID	20230715144442

Resource LangID	English - United States

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics	`0`
TimeDateStamp	2023-Jul-15 15:33:33
Version	`0.0`
SizeofData	`79`
AddressOfRawData	`0x2a29c`
PointerToRawData	`0x2889c`
Referenced File	e:\mozdev\obj-pm-x86-release\mozglue\build\mozglue.pdb

IMAGE_DEBUG_TYPE_VC_FEATURE

Characteristics	`0`
TimeDateStamp	2023-Jul-15 15:33:33
Version	`0.0`
SizeofData	`20`
AddressOfRawData	`0x2a2ec`
PointerToRawData	`0x288ec`

IMAGE_DEBUG_TYPE_POGO

Characteristics	`0`
TimeDateStamp	2023-Jul-15 15:33:33
Version	`0.0`
SizeofData	`852`
AddressOfRawData	`0x2a300`
PointerToRawData	`0x28900`

TLS Callbacks

StartAddressOfRawData	`0x1002a664`
EndAddressOfRawData	`0x1002a665`
AddressOfIndex	`0x1002efc4`
AddressOfCallbacks	`0x100242b8`
SizeOfZeroFill	`0`
Characteristics	`IMAGE_SCN_ALIGN_1BYTES`
Callbacks	`(EMPTY)`

Load Configuration

Size	`0xc0`
TimeDateStamp	`1970-Jan-01 00:00:00`
Version	`0.0`
GlobalFlagsClear	`(EMPTY)`
GlobalFlagsSet	`(EMPTY)`
CriticalSectionDefaultTimeout	`0`
DeCommitFreeBlockThreshold	`0`
DeCommitTotalFreeThreshold	`0`
LockPrefixTable	`0`
MaximumAllocationSize	`0`
VirtualMemoryThreshold	`0`
ProcessAffinityMask	`0`
ProcessHeapFlags	`(EMPTY)`
CSDVersion	`0`
Reserved1	`0`
EditList	`0`
SecurityCookie	`0x1002e6e0`
SEHandlerTable	`0x10029a98`
SEHandlerCount	`2`

RICH Header

XOR Key	`0xd5db36a7`
Unmarked objects	`0`
Imports (VS2008 SP1 build 30729)	`16`
Imports (VS2022 Update 3 (17.3.0) compiler 31616)	`4`
253 (VS2022 Update 3 (17.3.0) compiler 31616)	`6`
C objects (VS2022 Update 3 (17.3.0) compiler 31616)	`10`
ASM objects (VS2022 Update 3 (17.3.0) compiler 31616)	`13`
C++ objects (VS2022 Update 3 (17.3.0) compiler 31616)	`16`
Imports (30795)	`5`
Total imports	`174`
C objects (31631)	`17`
C++ objects (31631)	`11`
Exports (31631)	`1`
Resource objects (31631)	`1`
Linker (31631)	`1`

Errors

Leave a comment

No comments yet.