| filename | IPHLPAPI.DLL | |
|---|---|---|
| size | 195592 (0x2fc08) | |
| md5 | 94f67d3703c30de2cf08aecdb3132645 | |
| type | PE32+ executable (DLL) (console) x86-64, for MS Windows | |
| mimetype | application/x-dosexec | |
| clamav | scan pending | |
| virustotal | → scan with virustotal.com | |
| histogram | ||
MZ Header
| signature | MZ |
| bytes_in_last_block | 0x90 |
| blocks_in_file | 3 |
| num_relocs | 0 |
| header_paragraphs | 4 |
| min_extra_paragraphs | 0 |
| max_extra_paragraphs | 0xffff |
| ss | 0 |
| sp | 0xb8 |
| checksum | 0 |
| ip | 0 |
| cs | 0 |
| reloc_table_offset | 0x40 |
| overlay_number | 0 |
| reserved0 | 0 |
| oem_id | 0 |
| oem_info | 0 |
| reserved2 | 0 |
| reserved3 | 0 |
| reserved4 | 0 |
| reserved5 | 0 |
| reserved6 | 0 |
| lfanew | 0xe8 |
Rich Header
| lib id | version | times used |
|---|---|---|
| 257 | 30795 | 2 |
| 259 | 30795 | 3 |
| 260 | 30795 | 14 |
| 147 | 30729 | 47 |
| 1 | 0 | 156 |
| 256 | 30795 | 1 |
| 269 | 30795 | 35 |
| 255 | 30795 | 1 |
| 258 | 30795 | 1 |
DOS stub
00000000: 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 |........!..L.!Th| 00000010: 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f |is program canno| 00000020: 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 |t be run in DOS | 00000030: 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 |mode....$.......|
PE Header
Sections
Data Directory
| module_name | hint | ord | function_name |
|---|---|---|---|
| api-ms-win-core-crt-l1-1-0.dll | 87 | wcscpy_s | |
| api-ms-win-core-crt-l1-1-0.dll | 24 | _vsnwprintf_s | |
| api-ms-win-core-crt-l1-1-0.dll | 23 | _vsnprintf_s | |
| api-ms-win-core-crt-l1-1-0.dll | 25 | _wcsicmp | |
| api-ms-win-core-crt-l1-1-0.dll | 27 | _wcsnicmp | |
| api-ms-win-core-crt-l1-1-0.dll | 58 | qsort_s | |
| api-ms-win-core-crt-l1-1-0.dll | __C_specific_handler | ||
| api-ms-win-core-crt-l1-1-0.dll | 47 | iswdigit | |
| api-ms-win-core-crt-l1-1-0.dll | 85 | wcschr | |
| api-ms-win-core-crt-l1-1-0.dll | 32 | _wtoi | |
| api-ms-win-core-crt-l1-1-0.dll | 91 | wcsncmp | |
| api-ms-win-core-crt-l1-1-0.dll | 53 | memcpy | |
| api-ms-win-core-crt-l1-1-0.dll | 52 | memcmp | |
| api-ms-win-core-crt-l1-1-0.dll | 57 | memset | |
| api-ms-win-core-crt-l2-1-0.dll | 7 | _initterm_e | |
| api-ms-win-core-crt-l2-1-0.dll | 16 | time | |
| api-ms-win-core-crt-l2-1-0.dll | 6 | _initterm | |
| ntdll.dll | 284 | NtCreateFile | |
| ntdll.dll | 1137 | RtlIdnToAscii | |
| ntdll.dll | 1218 | RtlIpv6StringToAddressExW | |
| ntdll.dll | 339 | NtDeviceIoControlFile | |
| ntdll.dll | 2420 | qsort | |
| ntdll.dll | 1523 | RtlStringFromGUID | |
| ntdll.dll | 750 | RtlAppendUnicodeStringToString | |
| ntdll.dll | 426 | NtOpenFile | |
| ntdll.dll | 1540 | RtlTimeToSecondsSince1970 | |
| ntdll.dll | 740 | RtlAllocateHeap | |
| ntdll.dll | 257 | NtClose | |
| ntdll.dll | 1210 | RtlIpv4StringToAddressExW | |
| ntdll.dll | 1614 | RtlVirtualUnwind | |
| ntdll.dll | 1103 | RtlGetPersistedStateLocation | |
| ntdll.dll | 1289 | RtlLookupFunctionEntry | |
| ntdll.dll | 773 | RtlCaptureContext | |
| ntdll.dll | 1584 | RtlUnsubscribeWnfNotificationWaitForCompletion | |
| ntdll.dll | 669 | NtWaitForSingleObject | |
| ntdll.dll | 525 | NtQueryWnfStateData | |
| ntdll.dll | 1529 | RtlSubscribeWnfStateChangeNotification | |
| ntdll.dll | 1148 | RtlInitAnsiString | |
| ntdll.dll | 1563 | RtlUnicodeStringToAnsiString | |
| ntdll.dll | 746 | RtlAnsiStringToUnicodeString | |
| ntdll.dll | 1878 | ZwClose | |
| ntdll.dll | 1905 | ZwCreateFile | |
| ntdll.dll | 1960 | ZwDeviceIoControlFile | |
| ntdll.dll | 2289 | ZwWaitForSingleObject | |
| ntdll.dll | 1310 | RtlNtStatusToDosError | |
| ntdll.dll | 1047 | RtlGUIDFromString | |
| ntdll.dll | 1161 | RtlInitUnicodeString | |
| ntdll.dll | 1204 | RtlIpv4AddressToStringA | |
| ntdll.dll | 1037 | RtlFreeHeap | |
| ntdll.dll | 488 | NtQueryInformationProcess | |
| ntdll.dll | 1044 | RtlFreeUnicodeString | |
| api-ms-win-core-processthreads-l1-1-0.dll | 17 | GetCurrentThreadId | |
| api-ms-win-core-processthreads-l1-1-0.dll | 16 | GetCurrentThread | |
| api-ms-win-core-processthreads-l1-1-0.dll | 13 | GetCurrentProcessId | |
| api-ms-win-core-processthreads-l1-1-0.dll | 58 | QueueUserAPC | |
| api-ms-win-core-processthreads-l1-1-0.dll | 52 | OpenProcessToken | |
| api-ms-win-core-processthreads-l1-1-0.dll | 12 | GetCurrentProcess | |
| api-ms-win-core-processthreads-l1-1-0.dll | 85 | TerminateProcess | |
| api-ms-win-security-base-l1-1-0.dll | 21 | AdjustTokenPrivileges | |
| api-ms-win-core-handle-l1-1-0.dll | CloseHandle | ||
| api-ms-win-core-handle-l1-1-0.dll | 2 | DuplicateHandle | |
| api-ms-win-core-processthreads-l1-1-1.dll | 51 | OpenProcess | |
| api-ms-win-core-errorhandling-l1-1-0.dll | 5 | GetLastError | |
| api-ms-win-core-errorhandling-l1-1-0.dll | 15 | SetUnhandledExceptionFilter | |
| api-ms-win-core-errorhandling-l1-1-0.dll | 17 | UnhandledExceptionFilter | |
| api-ms-win-core-errorhandling-l1-1-0.dll | 13 | SetLastError | |
| api-ms-win-core-sysinfo-l1-1-0.dll | 15 | GetSystemDirectoryW | |
| api-ms-win-core-sysinfo-l1-1-0.dll | 26 | GetTickCount | |
| api-ms-win-core-sysinfo-l1-1-0.dll | 22 | GetSystemTimeAsFileTime | |
| api-ms-win-core-libraryloader-l1-2-0.dll | 22 | GetProcAddress | |
| api-ms-win-core-libraryloader-l1-2-0.dll | 1 | DisableThreadLibraryCalls | |
| api-ms-win-core-libraryloader-l1-2-0.dll | 21 | GetModuleHandleW | |
| api-ms-win-core-heap-l2-1-0.dll | 8 | LocalAlloc | |
| api-ms-win-core-heap-l2-1-0.dll | 10 | LocalFree | |
| api-ms-win-eventing-classicprovider-l1-1-0.dll | 1 | GetTraceEnableLevel | |
| api-ms-win-eventing-classicprovider-l1-1-0.dll | 2 | GetTraceLoggerHandle | |
| api-ms-win-eventing-classicprovider-l1-1-0.dll | 5 | TraceMessage | |
| api-ms-win-eventing-classicprovider-l1-1-0.dll | GetTraceEnableFlags | ||
| api-ms-win-eventing-classicprovider-l1-1-0.dll | 3 | RegisterTraceGuidsW | |
| api-ms-win-eventing-classicprovider-l1-1-0.dll | 7 | UnregisterTraceGuids | |
| api-ms-win-core-synch-l1-1-0.dll | 15 | DeleteCriticalSection | |
| api-ms-win-core-synch-l1-1-0.dll | 6 | CreateEventW | |
| api-ms-win-core-synch-l1-1-0.dll | 24 | InitializeCriticalSection | |
| api-ms-win-core-synch-l1-1-0.dll | 17 | EnterCriticalSection | |
| api-ms-win-core-synch-l1-1-0.dll | 29 | LeaveCriticalSection | |
| api-ms-win-core-synch-l1-1-0.dll | 41 | SetEvent | |
| api-ms-win-core-heap-l1-1-0.dll | 6 | HeapFree | |
| api-ms-win-core-heap-l1-1-0.dll | 9 | HeapReAlloc | |
| api-ms-win-core-heap-l1-1-0.dll | GetProcessHeap | ||
| api-ms-win-core-heap-l1-1-0.dll | 2 | HeapAlloc | |
| api-ms-win-core-localization-l1-2-0.dll | 9 | FormatMessageW | |
| api-ms-win-core-string-l1-1-0.dll | 7 | WideCharToMultiByte | |
| api-ms-win-core-registry-l1-1-0.dll | 30 | RegOpenKeyExW | |
| api-ms-win-core-registry-l1-1-0.dll | 29 | RegOpenKeyExA | |
| api-ms-win-core-registry-l1-1-0.dll | RegCloseKey | ||
| api-ms-win-core-registry-l1-1-0.dll | 36 | RegQueryValueExA | |
| api-ms-win-core-registry-l1-1-0.dll | 37 | RegQueryValueExW | |
| api-ms-win-core-synch-l1-2-0.dll | 45 | Sleep | |
| api-ms-win-core-io-l1-1-0.dll | 4 | DeviceIoControl | |
| api-ms-win-core-threadpool-l1-2-0.dll | CallbackMayRunLong | ||
| api-ms-win-core-threadpool-l1-2-0.dll | 8 | CloseThreadpoolWork | |
| api-ms-win-core-threadpool-l1-2-0.dll | 14 | CreateThreadpoolWork | |
| api-ms-win-core-threadpool-l1-2-0.dll | 31 | SubmitThreadpoolWork | |
| api-ms-win-core-threadpool-l1-2-0.dll | 36 | WaitForThreadpoolWorkCallbacks | |
| api-ms-win-core-util-l1-1-0.dll | 4 | EncodePointer | |
| api-ms-win-core-util-l1-1-0.dll | 1 | DecodePointer | |
| api-ms-win-core-profile-l1-1-0.dll | QueryPerformanceCounter | ||
| api-ms-win-core-delayload-l1-1-1.dll | 1 | ResolveDelayLoadedAPI | |
| api-ms-win-core-delayload-l1-1-0.dll | DelayLoadFailureHook |
StringTable 040904B0
| CompanyName | Microsoft Corporation |
| FileDescription | IP Helper API |
| FileVersion | 10.0.22621.1 (WinBuild.160101.0800) |
| InternalName | iphlpapi.dll |
| LegalCopyright | © Microsoft Corporation. All rights reserved. |
| OriginalFilename | iphlpapi.dll |
| ProductName | Microsoft® Windows® Operating System |
| ProductVersion | 10.0.22621.1 |
VS_FIXEDFILEINFO
| FileVersion | 10.0.22621.1 |
| ProductVersion | 10.0.22621.1 |
| StrucVersion | 0x10000 |
| FileFlagsMask | 0x3f |
| FileFlags | 0 |
| FileOS | 0x40004 |
| FileType | 2 |
| FileSubtype | 0 |
Signers (1)
issuer: /C=US/ST=Washington/L=Redmond/O=Microsoft Corporation/CN=Microsoft Windows Production PCA 2011
serial: 330000033C89C66A7B45BB1FBD00000000033C
Certificates (2)
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:00:00:03:3c:89:c6:6a:7b:45:bb:1f:bd:00:00:00:00:03:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Windows Production PCA 2011
Validity
Not Before: Sep 2 18:23:41 2021 GMT
Not After : Sep 1 18:23:41 2022 GMT
Subject: C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Windows
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:d0:2d:5b:b3:f7:32:cf:5f:05:fe:c8:d5:c8:fb:
4c:25:b8:8f:0e:eb:f5:3a:7f:3c:22:c0:24:73:85:
cd:c0:20:92:53:64:e5:f8:87:70:8e:e2:6a:cf:c7:
f6:31:ad:49:03:89:a5:76:29:3e:97:9d:55:9a:a2:
ab:ea:ac:62:fe:e9:15:b5:ab:d1:a9:80:6b:f5:31:
6c:d1:68:e8:66:db:4b:be:18:91:96:b0:11:c1:f6:
d0:3c:e2:08:cd:90:b4:a6:ae:81:35:33:b5:6c:df:
a7:8d:60:70:d5:c3:47:f5:60:5c:5b:93:71:b9:a5:
79:c0:86:47:6c:c5:aa:bd:53:e6:9f:2d:31:73:f3:
11:a1:e8:38:15:db:86:fa:5b:ae:fd:88:e5:a1:12:
6c:dd:5e:a8:b7:31:a2:b0:58:72:fe:7e:a4:a7:aa:
0c:b8:05:92:55:a4:7b:9f:32:2f:1d:5a:8b:f7:d0:
3a:6e:26:b2:9e:d3:9f:2a:7b:89:36:eb:7c:1f:30:
9a:70:91:ac:fe:5d:0b:fc:f0:76:ae:12:04:27:51:
29:25:82:5a:41:76:fb:87:f6:6d:13:bf:db:79:ba:
24:75:69:e7:b2:1c:54:3a:f9:c6:02:d7:9a:08:b5:
5c:86:57:c8:52:be:9a:25:52:53:a0:d7:9e:1a:f8:
1e:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Extended Key Usage:
1.3.6.1.4.1.311.10.3.6, Code Signing
X509v3 Subject Key Identifier:
48:85:3A:43:12:E3:40:D4:AB:79:8F:78:D2:D2:89:F8:1D:32:79:38
X509v3 Subject Alternative Name:
DirName:/OU=Microsoft Ireland Operations Limited/serialNumber=229879\+467580
X509v3 Authority Key Identifier:
A9:29:02:39:8E:16:C4:97:78:CD:90:F9:9E:4F:9A:E1:7C:55:AF:53
X509v3 CRL Distribution Points:
Full Name:
URI:http://www.microsoft.com/pkiops/crl/MicWinProPCA2011_2011-10-19.crl
Authority Information Access:
CA Issuers - URI:http://www.microsoft.com/pkiops/certs/MicWinProPCA2011_2011-10-19.crt
X509v3 Basic Constraints: critical
CA:FALSE
Signature Algorithm: sha256WithRSAEncryption
Signature Value:
69:90:45:74:2c:40:38:12:de:1b:df:9e:a2:be:22:13:2e:82:
a7:c0:06:ab:27:8e:0c:9f:46:0b:d4:35:38:63:48:03:1a:6b:
5c:bd:f4:50:ae:5a:24:33:31:dc:b2:cc:7e:ac:e8:37:1c:f7:
1e:c3:5a:6f:66:31:47:bd:21:1e:a3:57:61:4e:6a:61:1e:ea:
cc:a6:48:6a:77:8d:4c:d7:88:10:6a:de:12:d6:62:55:74:e7:
a8:9e:ca:b4:eb:0b:b9:92:95:c4:98:dd:5f:56:56:80:a2:d2:
6b:f2:54:5e:72:7c:42:04:02:3c:48:d8:02:1b:60:8f:d9:01:
c6:fe:fd:16:ce:0c:3a:66:9f:b0:ce:75:8d:c6:71:f2:cd:d7:
43:4c:16:3f:9d:e9:45:3e:55:23:d9:4a:78:20:5c:82:8a:46:
15:e5:03:30:d9:f5:2a:8a:77:f7:68:3d:2b:61:ff:13:24:38:
2d:40:d3:10:01:c5:18:b5:6b:28:6f:bb:8c:75:4f:69:40:59:
0c:20:71:38:5e:d0:a9:38:7b:52:9c:06:bf:71:ff:f8:9c:74:
63:45:50:fc:33:1b:38:9d:55:86:96:ac:e0:57:87:14:4e:5a:
f5:3d:20:a7:5a:84:98:1b:f8:38:0d:da:c3:74:3f:40:7d:8f:
f2:7c:08:9e
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:07:76:56:00:00:00:00:00:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2010
Validity
Not Before: Oct 19 18:41:42 2011 GMT
Not After : Oct 19 18:51:42 2026 GMT
Subject: C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Windows Production PCA 2011
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:dd:0c:bb:a2:e4:2e:09:e3:e7:c5:f7:96:69:bc:
00:21:bd:69:33:33:ef:ad:04:cb:54:80:ee:06:83:
bb:c5:20:84:d9:f7:d2:8b:f3:38:b0:ab:a4:ad:2d:
7c:62:79:05:ff:e3:4a:3f:04:35:20:70:e3:c4:e7:
6b:e0:9c:c0:36:75:e9:8a:31:dd:8d:70:e5:dc:37:
b5:74:46:96:28:5b:87:60:23:2c:bf:dc:47:a5:67:
f7:51:27:9e:72:eb:07:a6:c9:b9:1e:3b:53:35:7c:
e5:d3:ec:27:b9:87:1c:fe:b9:c9:23:09:6f:a8:46:
91:c1:6e:96:3c:41:d3:cb:a3:3f:5d:02:6a:4d:ec:
69:1f:25:28:5c:36:ff:fd:43:15:0a:94:e0:19:b4:
cf:df:c2:12:e2:c2:5b:27:ee:27:78:30:8b:5b:2a:
09:6b:22:89:53:60:16:2c:c0:68:1d:53:ba:ec:49:
f3:9d:61:8c:85:68:09:73:44:5d:7d:a2:54:2b:dd:
79:f7:15:cf:35:5d:6c:1c:2b:5c:ce:bc:9c:23:8b:
6f:6e:b5:26:d9:36:13:c3:4f:d6:27:ae:b9:32:3b:
41:92:2c:e1:c7:cd:77:e8:aa:54:4e:f7:5c:0b:04:
87:65:b4:43:18:a8:b2:e0:6d:19:77:ec:5a:24:fa:
48:03
Exponent: 65537 (0x10001)
X509v3 extensions:
1.3.6.1.4.1.311.21.1:
...
X509v3 Subject Key Identifier:
A9:29:02:39:8E:16:C4:97:78:CD:90:F9:9E:4F:9A:E1:7C:55:AF:53
1.3.6.1.4.1.311.20.2:
.
.S.u.b.C.A
X509v3 Key Usage:
Digital Signature, Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Authority Key Identifier:
D5:F6:56:CB:8F:E8:A2:5C:62:68:D1:3D:94:90:5B:D7:CE:9A:18:C4
X509v3 CRL Distribution Points:
Full Name:
URI:http://crl.microsoft.com/pki/crl/products/MicRooCerAut_2010-06-23.crl
Authority Information Access:
CA Issuers - URI:http://www.microsoft.com/pki/certs/MicRooCerAut_2010-06-23.crt
Signature Algorithm: sha256WithRSAEncryption
Signature Value:
14:fc:7c:71:51:a5:79:c2:6e:b2:ef:39:3e:bc:3c:52:0f:6e:
2b:3f:10:13:73:fe:a8:68:d0:48:a6:34:4d:8a:96:05:26:ee:
31:46:90:61:79:d6:ff:38:2e:45:6b:f4:c0:e5:28:b8:da:1d:
8f:8a:db:09:d7:1a:c7:4c:0a:36:66:6a:8c:ec:1b:d7:04:90:
a8:18:17:a4:9b:b9:e2:40:32:36:76:c4:c1:5a:c6:bf:e4:04:
c0:ea:16:d3:ac:c3:68:ef:62:ac:dd:54:6c:50:30:58:a6:eb:
7c:fe:94:a7:4e:8e:f4:ec:7c:86:73:57:c2:52:21:73:34:5a:
f3:a3:8a:56:c8:04:da:07:09:ed:f8:8b:e3:ce:f4:7e:8e:ae:
f0:f6:0b:8a:08:fb:3f:c9:1d:72:7f:53:b8:eb:be:63:e0:e3:
3d:31:65:b0:81:e5:f2:ac:cd:16:a4:9f:3d:a8:b1:9b:c2:42:
d0:90:84:5f:54:1d:ff:89:ea:ba:1d:47:90:6f:b0:73:4e:41:
9f:40:9f:5f:e5:a1:2a:b2:11:91:73:8a:21:28:f0:ce:de:73:
39:5f:3e:ab:5c:60:ec:df:03:10:a8:d3:09:e9:f4:f6:96:85:
b6:7f:51:88:66:47:19:8d:a2:b0:12:3d:81:2a:68:05:77:bb:
91:4c:62:7b:b6:c1:07:c7:ba:7a:87:34:03:0e:4b:62:7a:99:
e9:ca:fc:ce:4a:37:c9:2d:a4:57:7c:1c:fe:3d:dc:b8:0f:5a:
fa:d6:c4:b3:02:85:02:3a:ea:b3:d9:6e:e4:69:21:37:de:81:
d1:f6:75:19:05:67:d3:93:57:5e:29:1b:39:c8:ee:2d:e1:cd:
e4:45:73:5b:d0:d2:ce:7a:ab:16:19:82:46:58:d0:5e:9d:81:
b3:67:af:6c:35:f2:bc:e5:3f:24:e2:35:a2:0a:75:06:f6:18:
56:99:d4:78:2c:d1:05:1b:eb:d0:88:01:9d:aa:10:f1:05:df:
ba:7e:2c:63:b7:06:9b:23:21:c4:f9:78:6c:e2:58:17:06:36:
2b:91:12:03:cc:a4:d9:f2:2d:ba:f9:94:9d:40:ed:18:45:f1:
ce:8a:5c:6b:3e:ab:03:d3:70:18:2a:0a:6a:e0:5f:47:d1:d5:
63:0a:32:f2:af:d7:36:1f:2a:70:5a:e5:42:59:08:71:4b:57:
ba:7e:83:81:f0:21:3c:f4:1c:c1:c5:b9:90:93:0e:88:45:93:
86:e9:b1:20:99:be:98:cb:c5:95:a4:5d:62:d6:a0:63:08:20:
bd:75:10:77:7d:3d:f3:45:b9:9f:97:9f:cb:57:80:6f:33:a9:
04:cf:77:a4:62:1c:59:7e
undefined method `first' for #
 |
| Please donate some bucks to keep this site up and running: | |
| Ko-fi | |
|---|---|
| Yandex.Money | |
| Thank you! | |
everything is OK