-
Notifications
You must be signed in to change notification settings - Fork 114
/
log14
1410 lines (1410 loc) · 61.8 KB
/
log14
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
DLL Loaded: 00007FFB28290000 C:\Windows\System32\cryptbase.dll
DLL Loaded: 00007FFB27D10000 C:\Windows\System32\dpapi.dll
Thread 140C created, Entry: <synawudfbiousb.$LN9_1>
Thread 968 created, Entry: <synawudfbiousb.StartAddress>
readFromPipe
INT3 breakpoint at synawudfbiousb.00007FFB0BFFCAC0 (00007FFB0BFFCAC0)!
readFromPipe
Thread 840 created, Entry: ntdll.00007FFB2C3D2DC0
INT3 breakpoint at synawudfbiousb.00007FFB0BFFCAC0 (00007FFB0BFFCAC0)!
Thread 808 created, Entry: <synawudfbiousb.sub_7FFB0BEF9534>
readFromPipe
INT3 breakpoint at synawudfbiousb.00007FFB0BFFCAC0 (00007FFB0BFFCAC0)!
readFromPipe
INT3 breakpoint at synawudfbiousb.00007FFB0BFFCAC0 (00007FFB0BFFCAC0)!
readFromPipe
INT3 breakpoint at synawudfbiousb.00007FFB0BFFCAC0 (00007FFB0BFFCAC0)!
readFromPipe
INT3 breakpoint at synawudfbiousb.00007FFB0BFFCAC0 (00007FFB0BFFCAC0)!
readFromPipe
INT3 breakpoint at synawudfbiousb.00007FFB0BFFCAC0 (00007FFB0BFFCAC0)!
Thread FAC created, Entry: ntdll.00007FFB2C3D2DC0
CryptCreateHash alg: 800C
BCryptOpenAlgorithmProvider Algo: L"SHA256" Ptr: 0000000000000000
CryptHashData 00000226778AA120 00007FFB27CD4870
0000 00
CryptGetHashParam type : 4 ptr: 00000226778AA120 00007FFB27CD4870
DumpGot
0000 20 00 00 00
CryptGetHashParam type : 2 ptr: 00000226778AA120 00007FFB27CD4870
DumpGot
0000 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
CryptCreateHash alg: 800C
CryptHashData 00000226778AA120 00007FFB27CD4870
0000 02 65 4c 1a dd a3 57 65 13 84 c7 98 38 4e 5e d9
0010 c7 33 5c ed 15 55 3c f5 f4 de 14 a0 f2 59 68 00
0020 a2 a0 98 58 c2 06 67 d5 c1 06 e3 bf e6 6a ec 6a
0030 c0 2d b2 d8 77 d9 0e c4 12 e3 ab 48 ab aa b4 b9
0040 56 75 30 69 9d 0a c3 d9 bb ff de 42 11 bd 34 03
0050 21 cf a2 8d 3c 1b e4 ba f0 1f f4 40 69 6f b4 78
0060 18 f3 2d 6b 22 80 86 64 31 14 34 2a 81 2c cc d7
0070 c6 62 f3 9e 5f 78 a6 39 d3 db 57 c3 30 d4 dd 12
0080 8f 12 90 7e 4b 95 09 0e fa a2 e3 17 07 e9 74 d8
0090 33 a2 42 20 00 9a 33 ca 70 1c b9 3f 02 6e 78 a2
00a0 ca
CryptGetHashParam type : 4 ptr: 00000226778AA120 00007FFB27CD4870
DumpGot
0000 20 00 00 00
CryptGetHashParam type : 2 ptr: 00000226778AA120 00007FFB27CD4870
DumpGot
0000 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
CryptCreateHash alg: 800C
CryptHashData 00000226778AA120 00007FFB27CD4870
0000 17 00 00 00 20 00 00 00 ab 9d fd ba 74 25 29 93
0010 9d 2d 5d f4 77 ec 90 2e 13 b8 21 1a 19 70 1e 50
0020 2f f5 6e 6e 25 ae 8c 00 00 00 00 00 00 00 00 00
0030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0040 00 00 00 00 00 00 00 00 00 00 00 00 dd f4 04 74
0050 f0 7a e4 e0 79 d1 f1 9f ae bd a8 ef 1e fa 18 c2
0060 6a 76 ae a5 aa bf c3 4f 12 94 8c 8f 00 00 00 00
0070 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0080 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0090 00 00 00 00 00 00 00 00 a5 58 ed 0f 31 33 45 63
00a0 c8 8a d5 53 d9 e4 6e 20 5d 54 3b 83 99 cf 9b ef
00b0 9e a8 aa c5 eb fb 20 a2
CryptGetHashParam type : 4 ptr: 00000226778AA120 00007FFB27CD4870
DumpGot
0000 20 00 00 00
CryptGetHashParam type : 2 ptr: 00000226778AA120 00007FFB27CD4870
DumpGot
0000 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
CryptCreateHash alg: 800C
CryptHashData 00000226778AA120 00007FFB27CD4870
0000 17 00 00 00 00 01 00 00 01 00 00 00 fc ff ff ff
0010 ff ff ff ff ff ff ff ff 00 00 00 00 00 00 00 00
0020 00 00 00 00 01 00 00 00 ff ff ff ff 00 00 00 00
0030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0040 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0050 4b 60 d2 27 3e 3c ce 3b f6 b0 53 cc b0 06 1d 65
0060 bc 86 98 76 55 bd eb b3 e7 93 3a aa d8 35 c6 5a
0070 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0080 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0090 00 00 00 00 96 c2 98 d8 45 39 a1 f4 a0 33 eb 2d
00a0 81 7d 03 77 f2 40 a4 63 e5 e6 bc f8 47 42 2c e1
00b0 f2 d1 17 6b 00 00 00 00 00 00 00 00 00 00 00 00
00c0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00d0 00 00 00 00 00 00 00 00 f5 51 bf 37 68 40 b6 cb
00e0 ce 5e 31 6b 57 33 ce 2b 16 9e 0f 7c 4a eb e7 8e
00f0 9b 7f 1a fe e2 42 e3 4f 00 00 00 00 00 00 00 00
0100 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0110 00 00 00 00 00 00 00 00 00 00 00 00 51 25 63 fc
0120 c2 ca b9 f3 84 9e 17 a7 ad fa e6 bc ff ff ff ff
0130 ff ff ff ff 00 00 00 00 ff ff ff ff 00 00 00 00
0140 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0150 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0160 ff ff ff ff ff ff ff ff ff ff ff ff 00 00 00 00
0170 00 00 00 00 00 00 00 00 01 00 00 00 ff ff ff ff
0180 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0190 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
01a0 00 00 00 00
CryptGetHashParam type : 4 ptr: 00000226778AA120 00007FFB27CD4870
DumpGot
0000 20 00 00 00
CryptGetHashParam type : 2 ptr: 00000226778AA120 00007FFB27CD4870
DumpGot
0000 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
CryptCreateHash alg: 800C
CryptHashData 00000226778AA120 00007FFB27CD4870
0000 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0020 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0040 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0050 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0060 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0070 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0080 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0090 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00a0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00b0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00c0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00d0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00f0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
CryptGetHashParam type : 4 ptr: 00000226778AA120 00007FFB27CD4870
DumpGot
0000 20 00 00 00
CryptGetHashParam type : 2 ptr: 00000226778AA120 00007FFB27CD4870
DumpGot
0000 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
CryptCreateHash alg: 800C
CryptHashData 00000226778AA120 00007FFB27CD4870
0000 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0020 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0040 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0050 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0060 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0070 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0080 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0090 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00a0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00b0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00c0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00d0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00f0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
CryptGetHashParam type : 4 ptr: 00000226778AA120 00007FFB27CD4870
DumpGot
0000 20 00 00 00
CryptGetHashParam type : 2 ptr: 00000226778AA120 00007FFB27CD4870
DumpGot
0000 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
CryptCreateHash alg: 800C
CryptHashData 00000226778AA120 00007FFB27CD4870
0000 20 00 00 00 17 00 00 00 ce d6 b5 fe bc 99 3f 0c
0010 9b 05 fa 6e f0 9b 42 6f 18 98 f6 10 53 53 86 a3
0020 74 55 66 76 6f 17 71 5f 00 00 00 00 00 00 00 00
0030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0040 00 00 00 00 00 00 00 00 00 00 00 00 ca ce f4 5f
0050 49 fd cc d0 87 e3 50 1d 75 26 b8 65 81 67 bd ac
0060 68 4b 6f 4f b0 99 00 ab 91 55 61 3e 00 00 00 00
0070 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0080 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0090 48 00 00 00 30 46 02 21 00 92 a1 f8 3a d4 45 57
00a0 cb 82 0f 2f 07 0f af 87 e5 1c 82 9d 85 29 28 ab
00b0 9e aa 0d 23 31 9e a8 25 5e 02 21 00 8d 98 5c ba
00c0 0c 62 39 a5 31 cf 20 c0 14 a9 57 29 b7 62 d7 75
00d0 5a d6 8c f8 20 dd 93 f6 45 a0 59 53 00 00 00 00
00e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00f0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0100 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0110 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0120 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0130 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0140 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0150 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0160 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0170 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0180 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
CryptGetHashParam type : 4 ptr: 00000226778AA120 00007FFB27CD4870
DumpGot
0000 20 00 00 00
CryptGetHashParam type : 2 ptr: 00000226778AA120 00007FFB27CD4870
DumpGot
0000 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
CryptCreateHash alg: 800C
BCryptOpenAlgorithmProvider Algo: L"ECDH_P256" Ptr: 0000000000000000
BCryptOpenAlgorithmProvider Algo: L"ECDSA_P256" Ptr: 0000000000000000
CryptCreateHash alg: 800C
CryptHashData 00000226778AAE60 00007FFB27CD4870
0000 20 00 00 00 17 00 00 00 ce d6 b5 fe bc 99 3f 0c
0010 9b 05 fa 6e f0 9b 42 6f 18 98 f6 10 53 53 86 a3
0020 74 55 66 76 6f 17 71 5f 00 00 00 00 00 00 00 00
0030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0040 00 00 00 00 00 00 00 00 00 00 00 00 ca ce f4 5f
0050 49 fd cc d0 87 e3 50 1d 75 26 b8 65 81 67 bd ac
0060 68 4b 6f 4f b0 99 00 ab 91 55 61 3e 00 00 00 00
0070 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0080 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
CryptGetHashParam type : 4 ptr: 00000226778AAE60 00007FFB27CD4870
DumpGot
0000 20 00 00 00
CryptGetHashParam type : 2 ptr: 00000226778AAE60 00007FFB27CD4870
DumpGot
0000 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
BCryptOpenAlgorithmProvider Algo: L"ECDH_P256" Ptr: 0000000000000000
BCryptOpenAlgorithmProvider Algo: L"ECDSA_P256" Ptr: 0000000000000000
BCryptImportKeyPair \\\
Type: L"ECCPUBLICBLOB" \\\
Data len: 778AAE60hex
[rsp+28]
0000 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0020 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0040 00 00 00 00 00 00 00 00
CryptDecodeObject struct type ???
0000 30 46 02 21 00 92 a1 f8 3a d4 45 57 cb 82 0f 2f
0010 07 0f af 87 e5 1c 82 9d 85 29 28 ab 9e aa 0d 23
0020 31 9e a8 25 5e 02 21 00 8d 98 5c ba 0c 62 39 a5
0030 31 cf 20 c0 14 a9 57 29 b7 62 d7 75 5a d6 8c f8
0040 20 dd 93 f6 45 a0 59 53
Decoded
0000 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0020 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0040 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0050 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
CryptDecodeObject struct type ???
0000 30 46 02 21 00 92 a1 f8 3a d4 45 57 cb 82 0f 2f
0010 07 0f af 87 e5 1c 82 9d 85 29 28 ab 9e aa 0d 23
0020 31 9e a8 25 5e 02 21 00 8d 98 5c ba 0c 62 39 a5
0030 31 cf 20 c0 14 a9 57 29 b7 62 d7 75 5a d6 8c f8
0040 20 dd 93 f6 45 a0 59 53
Decoded
0000 20 00 00 00 00 00 00 00 80 e2 8a 77 26 02 00 00
0010 20 00 00 00 00 00 00 00 a0 e2 8a 77 26 02 00 00
0020 5e 25 a8 9e 31 23 0d aa 9e ab 28 29 85 9d 82 1c
0030 e5 87 af 0f 07 2f 0f 82 cb 57 45 d4 3a f8 a1 92
0040 53 59 a0 45 f6 93 dd 20 f8 8c d6 5a 75 d7 62 b7
0050 29 57 a9 14 c0 20 cf 31 a5 39 62 0c ba 5c 98 8d
BCryptVerfySignature
0000 5d 6c 0e 35 e8 3e 4d 4d 10 65 af d5 44 67 f7 c4
0010 f3 9f 7e 34 2b 58 a1 57 ec cf 68 18 ad 89 6c 2d
CryptImportKey
0000 08 02 00 00 02 66 00 00 20 00 00 00 71 7c d7 2d
0010 09 62 bc 4a 28 46 13 8d bb 2c 24 19 25 12 a7 64
0020 07 06 5f 38 38 46 13 9d 4b ec 20 33
BCryptOpenAlgorithmProvider Algo: L"RC2" Ptr: 0000000000000000
CryptCreateHash alg: 8009
CryptHashData 00000226778ACDC0 00007FFB27CD4870
0000 47 57 4b 56 69 72 74 75 61 6c 42 6f 78 00 30 00
CryptGetHashParam type : 2 ptr: 00000226778ACDC0 00007FFB27CD4870
DumpGot
CryptGetHashParam type : 2 ptr: 00000226778ACDC0 00007FFB27CD4870
DumpGot
0000 bc 41 9d fc 39 c9 ba 69 a7 4d 5d 60 0a c3 5b 7b
0010 1a fb 2b 52 e5 d2 4a 23 04 58 67 c8 3a 98 aa 9a
CryptImportKey
0000 08 02 00 00 02 66 00 00 20 00 00 00 71 7c d7 2d
0010 09 62 bc 4a 28 46 13 8d bb 2c 24 19 25 12 a7 64
0020 07 06 5f 38 38 46 13 9d 4b ec 20 33
CryptCreateHash alg: 8009
CryptHashData 00000226778ACDC0 00007FFB27CD4870
0000 bc 41 9d fc 39 c9 ba 69 a7 4d 5d 60 0a c3 5b 7b
0010 1a fb 2b 52 e5 d2 4a 23 04 58 67 c8 3a 98 aa 9a
0020 47 57 4b 56 69 72 74 75 61 6c 42 6f 78 00 30 00
CryptGetHashParam type : 2 ptr: 00000226778ACDC0 00007FFB27CD4870
DumpGot
CryptGetHashParam type : 2 ptr: 00000226778ACDC0 00007FFB27CD4870
DumpGot
0000 48 78 02 70 5e 5a c4 a9 93 1c 44 aa 4d 32 25 22
0010 39 e0 bf 8f 0c 85 4d de 49 0c cc f6 87 ef ad 9c
CryptImportKey
0000 08 02 00 00 02 66 00 00 20 00 00 00 48 78 02 70
0010 5e 5a c4 a9 93 1c 44 aa 4d 32 25 22 39 e0 bf 8f
0020 0c 85 4d de 49 0c cc f6 87 ef ad 9c
CryptCreateHash alg: 8009
CryptHashData 00000226778ACEE0 00007FFB27CD4870
0000 47 57 4b 5f 53 49 47 4e 3a 4c 76 b7 6a 97 98 1d
0010 12 74 24 7e 16 66 10 e7 7f 4d 9c 9d 07 d3 c7 28
0020 e5 32 91 6b dd 28 b4 54
CryptGetHashParam type : 2 ptr: 00000226778ACEE0 00007FFB27CD4870
DumpGot
CryptGetHashParam type : 2 ptr: 00000226778ACEE0 00007FFB27CD4870
DumpGot
0000 eb 1e 63 25 2c e0 c6 bb 08 38 88 5d 0d 1e 52 86
0010 4e 89 7f 7b 41 cb 8d e4 dd 34 17 16 09 ef db e5
CryptImportKey
0000 08 02 00 00 02 66 00 00 20 00 00 00 48 78 02 70
0010 5e 5a c4 a9 93 1c 44 aa 4d 32 25 22 39 e0 bf 8f
0020 0c 85 4d de 49 0c cc f6 87 ef ad 9c
CryptCreateHash alg: 8009
CryptHashData 00000226778ACEE0 00007FFB27CD4870
0000 eb 1e 63 25 2c e0 c6 bb 08 38 88 5d 0d 1e 52 86
0010 4e 89 7f 7b 41 cb 8d e4 dd 34 17 16 09 ef db e5
0020 47 57 4b 5f 53 49 47 4e 3a 4c 76 b7 6a 97 98 1d
0030 12 74 24 7e 16 66 10 e7 7f 4d 9c 9d 07 d3 c7 28
0040 e5 32 91 6b dd 28 b4 54
CryptGetHashParam type : 2 ptr: 00000226778ACEE0 00007FFB27CD4870
DumpGot
CryptGetHashParam type : 2 ptr: 00000226778ACEE0 00007FFB27CD4870
DumpGot
0000 b7 01 5b e1 65 8f 48 d0 d3 95 4b 2c 79 fe 66 b5
0010 45 47 38 bd f3 a9 d4 ec e6 2e cf 7d d0 dd ba ba
CryptImportKey
0000 08 02 00 00 02 66 00 00 20 00 00 00 b7 01 5b e1
0010 65 8f 48 d0 d3 95 4b 2c 79 fe 66 b5 45 47 38 bd
0020 f3 a9 d4 ec e6 2e cf 7d d0 dd ba ba
CryptCreateHash alg: 8009
CryptHashData 00000226778AAE60 00007FFB27CD4870
0000 65 4c 1a dd a3 57 65 13 84 c7 98 38 4e 5e d9 c7
0010 33 5c ed 15 55 3c f5 f4 de 14 a0 f2 59 68 00 a2
0020 a0 98 58 c2 06 67 d5 c1 06 e3 bf e6 6a ec 6a c0
0030 2d b2 d8 77 d9 0e c4 12 e3 ab 48 ab aa b4 b9 56
0040 75 30 69 9d 0a c3 d9 bb ff de 42 11 bd 34 03 21
0050 cf a2 8d 3c 1b e4 ba f0 1f f4 40 69 6f b4 78 18
0060 f3 2d 6b 22 80 86 64 31 14 34 2a 81 2c cc d7 c6
0070 62 f3 9e 5f 78 a6 39 d3 db 57 c3 30 d4 dd 12 8f
CryptGetHashParam type : 2 ptr: 00000226778AAE60 00007FFB27CD4870
DumpGot
CryptGetHashParam type : 2 ptr: 00000226778AAE60 00007FFB27CD4870
DumpGot
0000 12 90 7e 4b 95 09 0e fa a2 e3 17 07 e9 74 d8 33
0010 a2 42 20 00 9a 33 ca 70 1c b9 3f 02 6e 78 a2 ca
CryptImportKey
0000 08 02 00 00 10 66 00 00 20 00 00 00 48 78 02 70
0010 5e 5a c4 a9 93 1c 44 aa 4d 32 25 22 39 e0 bf 8f
0020 0c 85 4d de 49 0c cc f6 87 ef ad 9c
BCryptOpenAlgorithmProvider Algo: L"AES" Ptr: 0000000000000000
CryptDecrypt: len - 112
0000 33 5c ed 15 55 3c f5 f4 de 14 a0 f2 59 68 00 a2
0010 a0 98 58 c2 06 67 d5 c1 06 e3 bf e6 6a ec 6a c0
0020 2d b2 d8 77 d9 0e c4 12 e3 ab 48 ab aa b4 b9 56
0030 75 30 69 9d 0a c3 d9 bb ff de 42 11 bd 34 03 21
0040 cf a2 8d 3c 1b e4 ba f0 1f f4 40 69 6f b4 78 18
0050 f3 2d 6b 22 80 86 64 31 14 34 2a 81 2c cc d7 c6
0060 62 f3 9e 5f 78 a6 39 d3 db 57 c3 30 d4 dd 12 8f
Decrypted:
0000 ab 9d fd ba 74 25 29 93 9d 2d 5d f4 77 ec 90 2e
0010 13 b8 21 1a 19 70 1e 50 2f f5 6e 6e 25 ae 8c 00
0020 dd f4 04 74 f0 7a e4 e0 79 d1 f1 9f ae bd a8 ef
0030 1e fa 18 c2 6a 76 ae a5 aa bf c3 4f 12 94 8c 8f
0040 94 f5 52 49 8e de 72 ff fa 1f 04 b9 68 23 72 09
0050 20 6c 86 b7 2f f9 99 dc ce d1 2d b8 06 4c 87 d6
0060 10 10 10 10 10 10 10 10 10 10 10 10 10 10 10 10
CryptGenRandom 4
Generated
0000 5f 3a 22 af
CryptGenRandom 28
Generated
0000 5e 01 9c ef f8 9e 43 e7 79 57 5b fd 5b a2 75 ea
0010 97 91 d6 50 28 d9 62 17 c4 92 f1 a0
CryptHashData 00000226778AA120 00007FFB27CD4870
0000 01 00 00 3f 03 03 af 22 3a 5f 5e 01 9c ef f8 9e
0010 43 e7 79 57 5b fd 5b a2 75 ea 97 91 d6 50 28 d9
0020 62 17 c4 92 f1 a0 07 00 00 00 00 00 00 00 00 04
0030 c0 05 00 3d 00 00 0a 00 04 00 02 00 17 00 0b 00
0040 02 01 00
CryptGetHashParam type : 4 ptr: 00000226778AA120 00007FFB27CD4870
DumpGot
0000 20 00 00 00
CryptGetHashParam type : 2 ptr: 00000226778AA120 00007FFB27CD4870
DumpGot
0000 6c 5c e0 07 6d 1b d4 18 25 2b 2c 31 03 1b e4 92
0010 41 81 6f 09 ed 5a db df c5 05 f1 e9 22 06 65 7a
Thread 968 exit
Thread 808 exit
Thread 140C exit
DLL Unloaded: 00007FFB28810000 powrprof.dll
DLL Unloaded: 00007FFB28890000 shcore.dll
DLL Unloaded: 00007FFB29250000 windows.storage.dll
DLL Unloaded: 00007FFB2A720000 shell32.dll
DLL Unloaded: 00007FFB2A6C0000 shlwapi.dll
DLL Unloaded: 00007FFB28800000 msasn1.dll
DLL Unloaded: 00007FFB27D10000 dpapi.dll
DLL Unloaded: 00007FFB29030000 crypt32.dll
DLL Unloaded: 00007FFB2BF70000 setupapi.dll
Could not delete breakpoint 00007FFB15206154! (DeleteBPX)
DLL Unloaded: 00007FFB0BEE0000 synawudfbiousb.dll
DLL Unloaded: 00007FFB25250000 wudfx.dll
Thread 7E0 exit
Thread 288 exit
Thread 1368 exit
Thread 818 exit
Thread FAC exit
Thread 618 exit
Thread 840 exit
Process stopped with exit code 0x0
Saving database to C:\Users\Test\Desktop\release\x64\db\WUDFHost.exe.dd64 531ms
Debugging stopped!
Database file: C:\Users\Test\Desktop\release\x64\db\WUDFHost.exe.dd64
Process Started: 00007FF7A0630000 C:\Windows\System32\WUDFHost.exe
Loading database from C:\Users\Test\Desktop\release\x64\db\WUDFHost.exe.dd64 1062ms
DLL Loaded: 00007FFB2C3A0000 C:\Windows\System32\ntdll.dll
Thread 15D8 created, Entry: <ntdll.DbgUiRemoteBreakin>
DLL Loaded: 00007FFB29E00000 C:\Windows\System32\kernel32.dll
DLL Loaded: 00007FFB28C10000 C:\Windows\System32\KernelBase.dll
DLL Loaded: 00007FFB2A180000 C:\Windows\System32\rpcrt4.dll
DLL Loaded: 00007FFB29A90000 C:\Windows\System32\combase.dll
DLL Loaded: 00007FFB28A60000 C:\Windows\System32\ucrtbase.dll
DLL Loaded: 00007FFB28FC0000 C:\Windows\System32\bcryptprimitives.dll
DLL Loaded: 00007FFB2A2B0000 C:\Windows\System32\sechost.dll
DLL Loaded: 00007FFB27400000 C:\Windows\System32\devobj.dll
DLL Loaded: 00007FFB29200000 C:\Windows\System32\cfgmgr32.dll
DLL Loaded: 00007FFB26610000 C:\Windows\System32\WUDFPlatform.dll
DLL Loaded: 00007FFB2BEC0000 C:\Windows\System32\advapi32.dll
DLL Loaded: 00007FFB2BC40000 C:\Windows\System32\msvcrt.dll
DLL Loaded: 00007FFB28470000 C:\Windows\System32\sspicli.dll
Attach breakpoint reached!
Thread 15D8 exit
Thread C60 created, Entry: ntdll.00007FFB2C3D2DC0
DLL Loaded: 00007FFB28880000 C:\Windows\System32\kernel.appcore.dll
Thread BAC created, Entry: ntdll.00007FFB2C3D2DC0
Thread 81C created, Entry: ntdll.00007FFB2C3D2DC0
Thread 1714 created, Entry: ntdll.00007FFB2C3D2DC0
Thread 1204 created, Entry: ntdll.00007FFB2C3D2DC0
DLL Loaded: 00007FFB22650000 C:\Windows\System32\winusb.dll
MemRead failed on breakpoint address00007FFB10466154!
DLL Loaded: 00007FFB07140000 C:\Windows\System32\drivers\UMDF\synaWudfBioUsb.dll
DLL Loaded: 00007FFB2A580000 C:\Windows\System32\ole32.dll
DLL Loaded: 00007FFB2A4D0000 C:\Windows\System32\gdi32.dll
DLL Loaded: 00007FFB28E30000 C:\Windows\System32\gdi32full.dll
DLL Loaded: 00007FFB2BD50000 C:\Windows\System32\user32.dll
DLL Loaded: 00007FFB289E0000 C:\Windows\System32\win32u.dll
DLL Loaded: 00007FFB2A720000 C:\Windows\System32\shell32.dll
DLL Loaded: 00007FFB29250000 C:\Windows\System32\windows.storage.dll
DLL Loaded: 00007FFB28810000 C:\Windows\System32\powrprof.dll
DLL Loaded: 00007FFB2A6C0000 C:\Windows\System32\shlwapi.dll
DLL Loaded: 00007FFB28890000 C:\Windows\System32\SHCore.dll
DLL Loaded: 00007FFB28860000 C:\Windows\System32\profapi.dll
DLL Loaded: 00007FFB29030000 C:\Windows\System32\crypt32.dll
DLL Loaded: 00007FFB28800000 C:\Windows\System32\msasn1.dll
DLL Loaded: 00007FFB2BF70000 C:\Windows\System32\setupapi.dll
DLL Loaded: 00007FFB28740000 C:\Windows\System32\bcrypt.dll
DLL Loaded: 00007FFB25250000 C:\Windows\System32\WUDFx.dll
DLL Loaded: 00007FFB29930000 C:\Windows\System32\oleaut32.dll
DLL Loaded: 00007FFB28940000 C:\Windows\System32\msvcp_win.dll
DLL Loaded: 00007FFB28270000 C:\Windows\System32\cryptsp.dll
DLL Loaded: 00007FFB27CD0000 C:\Windows\System32\rsaenh.dll
DLL Loaded: 00007FFB27F50000 C:\Windows\System32\userenv.dll
BCryptOpenAlgorithmProvider Algo: ??? Ptr: 0000000000000000
DLL Loaded: 00007FFB28290000 C:\Windows\System32\cryptbase.dll
DLL Loaded: 00007FFB27D10000 C:\Windows\System32\dpapi.dll
Thread 9BC created, Entry: <synawudfbiousb.$LN9_1>
Thread DFC created, Entry: ntdll.00007FFB2C3D2DC0
Thread 1224 created, Entry: <synawudfbiousb.sub_7FFB07159534>
Thread 1684 created, Entry: <synawudfbiousb.StartAddress>
readFromPipe
INT3 breakpoint at synawudfbiousb.00007FFB0725CAC0 (00007FFB0725CAC0)!
0000 00 00 f0 b0 5e 54 a4 00 00 00 06 07 01 30 00 01
0010 00 00 26 85 88 42 45 3b 00 23 00 00 00 00 01 00
0020 00 00 00 00 00 07 ab ab ab ab ab ab ab ab ab ab
0030 ab ab ab ab ab ab ee fe ee fe ee fe ee fe ee fe
0040 00 00 00 00
$sarg4=0000024780B86CC0 (2506125503680d)
readFromPipe
INT3 breakpoint at synawudfbiousb.00007FFB0725CAC0 (00007FFB0725CAC0)!
readFromPipe
INT3 breakpoint at synawudfbiousb.00007FFB0725CAC0 (00007FFB0725CAC0)!
readFromPipe
INT3 breakpoint at synawudfbiousb.00007FFB0725CAC0 (00007FFB0725CAC0)!
readFromPipe
INT3 breakpoint at synawudfbiousb.00007FFB0725CAC0 (00007FFB0725CAC0)!
readFromPipe
INT3 breakpoint at synawudfbiousb.00007FFB0725CAC0 (00007FFB0725CAC0)!
readFromPipe
INT3 breakpoint at synawudfbiousb.00007FFB0725CAC0 (00007FFB0725CAC0)!
CryptCreateHash alg: 800C
BCryptOpenAlgorithmProvider Algo: L"SHA256" Ptr: 0000000000000000
CryptHashData 0000024780B88430 00007FFB27CD4870
0000 00
CryptGetHashParam type : 4 ptr: 0000024780B88430 00007FFB27CD4870
DumpGot
0000 20 00 00 00
CryptGetHashParam type : 2 ptr: 0000024780B88430 00007FFB27CD4870
DumpGot
0000 6e 34 0b 9c ff b3 7a 98 9c a5 44 e6 bb 78 0a 2c
0010 78 90 1d 3f b3 37 38 76 85 11 a3 06 17 af a0 1d
CryptCreateHash alg: 800C
CryptHashData 0000024780B88430 00007FFB27CD4870
0000 02 65 4c 1a dd a3 57 65 13 84 c7 98 38 4e 5e d9
0010 c7 33 5c ed 15 55 3c f5 f4 de 14 a0 f2 59 68 00
0020 a2 a0 98 58 c2 06 67 d5 c1 06 e3 bf e6 6a ec 6a
0030 c0 2d b2 d8 77 d9 0e c4 12 e3 ab 48 ab aa b4 b9
0040 56 75 30 69 9d 0a c3 d9 bb ff de 42 11 bd 34 03
0050 21 cf a2 8d 3c 1b e4 ba f0 1f f4 40 69 6f b4 78
0060 18 f3 2d 6b 22 80 86 64 31 14 34 2a 81 2c cc d7
0070 c6 62 f3 9e 5f 78 a6 39 d3 db 57 c3 30 d4 dd 12
0080 8f 12 90 7e 4b 95 09 0e fa a2 e3 17 07 e9 74 d8
0090 33 a2 42 20 00 9a 33 ca 70 1c b9 3f 02 6e 78 a2
00a0 ca
CryptGetHashParam type : 4 ptr: 0000024780B88430 00007FFB27CD4870
DumpGot
0000 20 00 00 00
CryptGetHashParam type : 2 ptr: 0000024780B88430 00007FFB27CD4870
DumpGot
0000 c8 38 d8 e1 db f5 04 53 04 1a c5 a7 b4 0b 2f 1e
0010 f2 7d 7e 1b fd 48 da a9 42 06 59 f3 3b 07 a7 e3
CryptCreateHash alg: 800C
CryptHashData 0000024780B88430 00007FFB27CD4870
0000 17 00 00 00 20 00 00 00 ab 9d fd ba 74 25 29 93
0010 9d 2d 5d f4 77 ec 90 2e 13 b8 21 1a 19 70 1e 50
0020 2f f5 6e 6e 25 ae 8c 00 00 00 00 00 00 00 00 00
0030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0040 00 00 00 00 00 00 00 00 00 00 00 00 dd f4 04 74
0050 f0 7a e4 e0 79 d1 f1 9f ae bd a8 ef 1e fa 18 c2
0060 6a 76 ae a5 aa bf c3 4f 12 94 8c 8f 00 00 00 00
0070 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0080 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0090 00 00 00 00 00 00 00 00 a5 58 ed 0f 31 33 45 63
00a0 c8 8a d5 53 d9 e4 6e 20 5d 54 3b 83 99 cf 9b ef
00b0 9e a8 aa c5 eb fb 20 a2
CryptGetHashParam type : 4 ptr: 0000024780B88430 00007FFB27CD4870
DumpGot
0000 20 00 00 00
CryptGetHashParam type : 2 ptr: 0000024780B88430 00007FFB27CD4870
DumpGot
0000 ed 52 bb 71 b3 d9 0c 00 86 ad 64 0d 45 76 c7 32
0010 b6 d5 d3 39 2d 89 5e 65 4b 60 6a 82 6a e5 bd 0c
CryptCreateHash alg: 800C
CryptHashData 0000024780B88430 00007FFB27CD4870
0000 17 00 00 00 00 01 00 00 01 00 00 00 fc ff ff ff
0010 ff ff ff ff ff ff ff ff 00 00 00 00 00 00 00 00
0020 00 00 00 00 01 00 00 00 ff ff ff ff 00 00 00 00
0030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0040 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0050 4b 60 d2 27 3e 3c ce 3b f6 b0 53 cc b0 06 1d 65
0060 bc 86 98 76 55 bd eb b3 e7 93 3a aa d8 35 c6 5a
0070 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0080 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0090 00 00 00 00 96 c2 98 d8 45 39 a1 f4 a0 33 eb 2d
00a0 81 7d 03 77 f2 40 a4 63 e5 e6 bc f8 47 42 2c e1
00b0 f2 d1 17 6b 00 00 00 00 00 00 00 00 00 00 00 00
00c0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00d0 00 00 00 00 00 00 00 00 f5 51 bf 37 68 40 b6 cb
00e0 ce 5e 31 6b 57 33 ce 2b 16 9e 0f 7c 4a eb e7 8e
00f0 9b 7f 1a fe e2 42 e3 4f 00 00 00 00 00 00 00 00
0100 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0110 00 00 00 00 00 00 00 00 00 00 00 00 51 25 63 fc
0120 c2 ca b9 f3 84 9e 17 a7 ad fa e6 bc ff ff ff ff
0130 ff ff ff ff 00 00 00 00 ff ff ff ff 00 00 00 00
0140 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0150 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0160 ff ff ff ff ff ff ff ff ff ff ff ff 00 00 00 00
0170 00 00 00 00 00 00 00 00 01 00 00 00 ff ff ff ff
0180 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0190 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
01a0 00 00 00 00
CryptGetHashParam type : 4 ptr: 0000024780B88430 00007FFB27CD4870
DumpGot
0000 20 00 00 00
CryptGetHashParam type : 2 ptr: 0000024780B88430 00007FFB27CD4870
DumpGot
0000 ec 5d 90 0e 5a 79 58 6d 2c db ee c6 22 40 c6 89
0010 9d 37 47 5e 0f 46 bb 9e fd 3f 5a 4f 32 e8 27 d2
CryptCreateHash alg: 800C
CryptHashData 0000024780B88430 00007FFB27CD4870
0000 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0020 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0040 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0050 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0060 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0070 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0080 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0090 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00a0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00b0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00c0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00d0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00f0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
CryptGetHashParam type : 4 ptr: 0000024780B88430 00007FFB27CD4870
DumpGot
0000 20 00 00 00
CryptGetHashParam type : 2 ptr: 0000024780B88430 00007FFB27CD4870
DumpGot
0000 53 41 e6 b2 64 69 79 a7 0e 57 65 30 07 a1 f3 10
0010 16 94 21 ec 9b dd 9f 1a 56 48 f7 5a de 00 5a f1
CryptCreateHash alg: 800C
CryptHashData 0000024780B88430 00007FFB27CD4870
0000 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0020 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0040 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0050 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0060 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0070 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0080 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0090 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00a0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00b0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00c0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00d0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00f0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
CryptGetHashParam type : 4 ptr: 0000024780B88430 00007FFB27CD4870
DumpGot
0000 20 00 00 00
CryptGetHashParam type : 2 ptr: 0000024780B88430 00007FFB27CD4870
DumpGot
0000 53 41 e6 b2 64 69 79 a7 0e 57 65 30 07 a1 f3 10
0010 16 94 21 ec 9b dd 9f 1a 56 48 f7 5a de 00 5a f1
CryptCreateHash alg: 800C
CryptHashData 0000024780B88430 00007FFB27CD4870
0000 20 00 00 00 17 00 00 00 ce d6 b5 fe bc 99 3f 0c
0010 9b 05 fa 6e f0 9b 42 6f 18 98 f6 10 53 53 86 a3
0020 74 55 66 76 6f 17 71 5f 00 00 00 00 00 00 00 00
0030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0040 00 00 00 00 00 00 00 00 00 00 00 00 ca ce f4 5f
0050 49 fd cc d0 87 e3 50 1d 75 26 b8 65 81 67 bd ac
0060 68 4b 6f 4f b0 99 00 ab 91 55 61 3e 00 00 00 00
0070 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0080 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0090 48 00 00 00 30 46 02 21 00 92 a1 f8 3a d4 45 57
00a0 cb 82 0f 2f 07 0f af 87 e5 1c 82 9d 85 29 28 ab
00b0 9e aa 0d 23 31 9e a8 25 5e 02 21 00 8d 98 5c ba
00c0 0c 62 39 a5 31 cf 20 c0 14 a9 57 29 b7 62 d7 75
00d0 5a d6 8c f8 20 dd 93 f6 45 a0 59 53 00 00 00 00
00e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00f0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0100 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0110 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0120 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0130 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0140 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0150 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0160 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0170 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0180 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
CryptGetHashParam type : 4 ptr: 0000024780B88430 00007FFB27CD4870
DumpGot
0000 20 00 00 00
CryptGetHashParam type : 2 ptr: 0000024780B88430 00007FFB27CD4870
DumpGot
0000 d7 b7 f6 53 2b f4 a3 4f 4f 41 90 fe ad 55 1c e6
0010 2a ba 54 08 e5 30 60 e6 36 1c 35 6a 77 1d c7 7b
CryptCreateHash alg: 800C
BCryptOpenAlgorithmProvider Algo: L"ECDH_P256" Ptr: 0000000000000000
BCryptOpenAlgorithmProvider Algo: L"ECDSA_P256" Ptr: 0000000000000000
CryptCreateHash alg: 800C
CryptHashData 0000024780B89170 00007FFB27CD4870
0000 20 00 00 00 17 00 00 00 ce d6 b5 fe bc 99 3f 0c
0010 9b 05 fa 6e f0 9b 42 6f 18 98 f6 10 53 53 86 a3
0020 74 55 66 76 6f 17 71 5f 00 00 00 00 00 00 00 00
0030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0040 00 00 00 00 00 00 00 00 00 00 00 00 ca ce f4 5f
0050 49 fd cc d0 87 e3 50 1d 75 26 b8 65 81 67 bd ac
0060 68 4b 6f 4f b0 99 00 ab 91 55 61 3e 00 00 00 00
0070 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0080 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
CryptGetHashParam type : 4 ptr: 0000024780B89170 00007FFB27CD4870
DumpGot
0000 20 00 00 00
CryptGetHashParam type : 2 ptr: 0000024780B89170 00007FFB27CD4870
DumpGot
0000 5d 6c 0e 35 e8 3e 4d 4d 10 65 af d5 44 67 f7 c4
0010 f3 9f 7e 34 2b 58 a1 57 ec cf 68 18 ad 89 6c 2d
BCryptOpenAlgorithmProvider Algo: L"ECDH_P256" Ptr: 0000000000000000
BCryptOpenAlgorithmProvider Algo: L"ECDSA_P256" Ptr: 0000000000000000
BCryptImportKeyPair \\\
Type: L"ECCPUBLICBLOB" \\\
Data len: 80B89170hex
[rsp+28]
0000 45 43 53 31 20 00 00 00 f7 27 65 3b 4e 16 ce 06
0010 65 a6 89 4d 7f 3a 30 d7 d0 a0 be 31 0d 12 92 a7
0020 43 67 1f df 69 f6 a8 d3 a8 55 38 f8 b6 be c5 0d
0030 6e ef 8b d5 f4 d0 7a 88 62 43 c5 8b 23 93 94 8d
0040 f7 61 a8 47 21 a6 ca 94
CryptDecodeObject struct type ???
0000 30 46 02 21 00 92 a1 f8 3a d4 45 57 cb 82 0f 2f
0010 07 0f af 87 e5 1c 82 9d 85 29 28 ab 9e aa 0d 23
0020 31 9e a8 25 5e 02 21 00 8d 98 5c ba 0c 62 39 a5
0030 31 cf 20 c0 14 a9 57 29 b7 62 d7 75 5a d6 8c f8
0040 20 dd 93 f6 45 a0 59 53
Decoded
0000 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0020 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0040 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0050 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
CryptDecodeObject struct type ???
0000 30 46 02 21 00 92 a1 f8 3a d4 45 57 cb 82 0f 2f
0010 07 0f af 87 e5 1c 82 9d 85 29 28 ab 9e aa 0d 23
0020 31 9e a8 25 5e 02 21 00 8d 98 5c ba 0c 62 39 a5
0030 31 cf 20 c0 14 a9 57 29 b7 62 d7 75 5a d6 8c f8
0040 20 dd 93 f6 45 a0 59 53
Decoded
0000 20 00 00 00 00 00 00 00 90 c5 b8 80 47 02 00 00
0010 20 00 00 00 00 00 00 00 b0 c5 b8 80 47 02 00 00
0020 5e 25 a8 9e 31 23 0d aa 9e ab 28 29 85 9d 82 1c
0030 e5 87 af 0f 07 2f 0f 82 cb 57 45 d4 3a f8 a1 92
0040 53 59 a0 45 f6 93 dd 20 f8 8c d6 5a 75 d7 62 b7
0050 29 57 a9 14 c0 20 cf 31 a5 39 62 0c ba 5c 98 8d
BCryptVerfySignature
0000 5d 6c 0e 35 e8 3e 4d 4d 10 65 af d5 44 67 f7 c4
0010 f3 9f 7e 34 2b 58 a1 57 ec cf 68 18 ad 89 6c 2d
CryptImportKey
0000 08 02 00 00 02 66 00 00 20 00 00 00 71 7c d7 2d
0010 09 62 bc 4a 28 46 13 8d bb 2c 24 19 25 12 a7 64
0020 07 06 5f 38 38 46 13 9d 4b ec 20 33
BCryptOpenAlgorithmProvider Algo: L"RC2" Ptr: 0000000000000000
CryptCreateHash alg: 8009
CryptHashData 0000024780B8B0D0 00007FFB27CD4870
0000 47 57 4b 56 69 72 74 75 61 6c 42 6f 78 00 30 00
CryptGetHashParam type : 2 ptr: 0000024780B8B0D0 00007FFB27CD4870
DumpGot
CryptGetHashParam type : 2 ptr: 0000024780B8B0D0 00007FFB27CD4870
DumpGot
0000 bc 41 9d fc 39 c9 ba 69 a7 4d 5d 60 0a c3 5b 7b
0010 1a fb 2b 52 e5 d2 4a 23 04 58 67 c8 3a 98 aa 9a
CryptImportKey
0000 08 02 00 00 02 66 00 00 20 00 00 00 71 7c d7 2d
0010 09 62 bc 4a 28 46 13 8d bb 2c 24 19 25 12 a7 64
0020 07 06 5f 38 38 46 13 9d 4b ec 20 33
CryptCreateHash alg: 8009
CryptHashData 0000024780B8B0D0 00007FFB27CD4870
0000 bc 41 9d fc 39 c9 ba 69 a7 4d 5d 60 0a c3 5b 7b
0010 1a fb 2b 52 e5 d2 4a 23 04 58 67 c8 3a 98 aa 9a
0020 47 57 4b 56 69 72 74 75 61 6c 42 6f 78 00 30 00
CryptGetHashParam type : 2 ptr: 0000024780B8B0D0 00007FFB27CD4870
DumpGot
CryptGetHashParam type : 2 ptr: 0000024780B8B0D0 00007FFB27CD4870
DumpGot
0000 48 78 02 70 5e 5a c4 a9 93 1c 44 aa 4d 32 25 22
0010 39 e0 bf 8f 0c 85 4d de 49 0c cc f6 87 ef ad 9c
CryptImportKey
0000 08 02 00 00 02 66 00 00 20 00 00 00 48 78 02 70
0010 5e 5a c4 a9 93 1c 44 aa 4d 32 25 22 39 e0 bf 8f
0020 0c 85 4d de 49 0c cc f6 87 ef ad 9c
CryptCreateHash alg: 8009
CryptHashData 0000024780B8B1F0 00007FFB27CD4870
0000 47 57 4b 5f 53 49 47 4e 3a 4c 76 b7 6a 97 98 1d
0010 12 74 24 7e 16 66 10 e7 7f 4d 9c 9d 07 d3 c7 28
0020 e5 32 91 6b dd 28 b4 54
CryptGetHashParam type : 2 ptr: 0000024780B8B1F0 00007FFB27CD4870
DumpGot
CryptGetHashParam type : 2 ptr: 0000024780B8B1F0 00007FFB27CD4870
DumpGot
0000 eb 1e 63 25 2c e0 c6 bb 08 38 88 5d 0d 1e 52 86
0010 4e 89 7f 7b 41 cb 8d e4 dd 34 17 16 09 ef db e5
CryptImportKey
0000 08 02 00 00 02 66 00 00 20 00 00 00 48 78 02 70
0010 5e 5a c4 a9 93 1c 44 aa 4d 32 25 22 39 e0 bf 8f
0020 0c 85 4d de 49 0c cc f6 87 ef ad 9c
CryptCreateHash alg: 8009
CryptHashData 0000024780B8B1F0 00007FFB27CD4870
0000 eb 1e 63 25 2c e0 c6 bb 08 38 88 5d 0d 1e 52 86
0010 4e 89 7f 7b 41 cb 8d e4 dd 34 17 16 09 ef db e5
0020 47 57 4b 5f 53 49 47 4e 3a 4c 76 b7 6a 97 98 1d
0030 12 74 24 7e 16 66 10 e7 7f 4d 9c 9d 07 d3 c7 28
0040 e5 32 91 6b dd 28 b4 54
CryptGetHashParam type : 2 ptr: 0000024780B8B1F0 00007FFB27CD4870
DumpGot
CryptGetHashParam type : 2 ptr: 0000024780B8B1F0 00007FFB27CD4870
DumpGot
0000 b7 01 5b e1 65 8f 48 d0 d3 95 4b 2c 79 fe 66 b5
0010 45 47 38 bd f3 a9 d4 ec e6 2e cf 7d d0 dd ba ba
CryptImportKey
0000 08 02 00 00 02 66 00 00 20 00 00 00 b7 01 5b e1
0010 65 8f 48 d0 d3 95 4b 2c 79 fe 66 b5 45 47 38 bd
0020 f3 a9 d4 ec e6 2e cf 7d d0 dd ba ba
CryptCreateHash alg: 8009
CryptHashData 0000024780B89170 00007FFB27CD4870
0000 65 4c 1a dd a3 57 65 13 84 c7 98 38 4e 5e d9 c7
0010 33 5c ed 15 55 3c f5 f4 de 14 a0 f2 59 68 00 a2
0020 a0 98 58 c2 06 67 d5 c1 06 e3 bf e6 6a ec 6a c0
0030 2d b2 d8 77 d9 0e c4 12 e3 ab 48 ab aa b4 b9 56
0040 75 30 69 9d 0a c3 d9 bb ff de 42 11 bd 34 03 21
0050 cf a2 8d 3c 1b e4 ba f0 1f f4 40 69 6f b4 78 18
0060 f3 2d 6b 22 80 86 64 31 14 34 2a 81 2c cc d7 c6
0070 62 f3 9e 5f 78 a6 39 d3 db 57 c3 30 d4 dd 12 8f
CryptGetHashParam type : 2 ptr: 0000024780B89170 00007FFB27CD4870
DumpGot
CryptGetHashParam type : 2 ptr: 0000024780B89170 00007FFB27CD4870
DumpGot
0000 12 90 7e 4b 95 09 0e fa a2 e3 17 07 e9 74 d8 33
0010 a2 42 20 00 9a 33 ca 70 1c b9 3f 02 6e 78 a2 ca
CryptImportKey
0000 08 02 00 00 10 66 00 00 20 00 00 00 48 78 02 70
0010 5e 5a c4 a9 93 1c 44 aa 4d 32 25 22 39 e0 bf 8f
0020 0c 85 4d de 49 0c cc f6 87 ef ad 9c
BCryptOpenAlgorithmProvider Algo: L"AES" Ptr: 0000000000000000
CryptDecrypt: len - 112
0000 33 5c ed 15 55 3c f5 f4 de 14 a0 f2 59 68 00 a2
0010 a0 98 58 c2 06 67 d5 c1 06 e3 bf e6 6a ec 6a c0
0020 2d b2 d8 77 d9 0e c4 12 e3 ab 48 ab aa b4 b9 56
0030 75 30 69 9d 0a c3 d9 bb ff de 42 11 bd 34 03 21
0040 cf a2 8d 3c 1b e4 ba f0 1f f4 40 69 6f b4 78 18
0050 f3 2d 6b 22 80 86 64 31 14 34 2a 81 2c cc d7 c6
0060 62 f3 9e 5f 78 a6 39 d3 db 57 c3 30 d4 dd 12 8f
Decrypted:
0000 ab 9d fd ba 74 25 29 93 9d 2d 5d f4 77 ec 90 2e
0010 13 b8 21 1a 19 70 1e 50 2f f5 6e 6e 25 ae 8c 00
0020 dd f4 04 74 f0 7a e4 e0 79 d1 f1 9f ae bd a8 ef
0030 1e fa 18 c2 6a 76 ae a5 aa bf c3 4f 12 94 8c 8f
0040 94 f5 52 49 8e de 72 ff fa 1f 04 b9 68 23 72 09
0050 20 6c 86 b7 2f f9 99 dc ce d1 2d b8 06 4c 87 d6
0060 10 10 10 10 10 10 10 10 10 10 10 10 10 10 10 10
CryptGenRandom 4
Generated
0000 43 9c 8f 07
CryptGenRandom 28
Generated
0000 52 a2 57 85 d7 38 fc cb 6b e8 3a 03 50 b9 13 40
0010 20 88 27 c5 9e b5 eb 8d 4a a8 09 91
CryptHashData 0000024780B88430 00007FFB27CD4870
0000 01 00 00 3f 03 03 07 8f 9c 43 52 a2 57 85 d7 38
0010 fc cb 6b e8 3a 03 50 b9 13 40 20 88 27 c5 9e b5
0020 eb 8d 4a a8 09 91 07 00 00 00 00 00 00 00 00 04
0030 c0 05 00 3d 00 00 0a 00 04 00 02 00 17 00 0b 00
0040 02 01 00
readFromPipe
INT3 breakpoint at synawudfbiousb.00007FFB0725CAC0 (00007FFB0725CAC0)!
CryptHashData 0000024780B88430 00007FFB27CD4870
0000 02 00 00 2d 03 03 01 80 41 dc 01 65 b5 a9 a6 5a
0010 68 fe 31 35 58 fd cc 37 85 08 60 c6 b2 f8 d7 de
0020 13 db 71 be 09 e9 07 54 4c 53 01 65 b5 a9 c0 05
0030 00
CryptHashData 0000024780B88430 00007FFB27CD4870
0000 0d 00 00 04 01 40 00 00
CryptHashData 0000024780B88430 00007FFB27CD4870
0000 0e 00 00 00
CryptHashData 0000024780B88430 00007FFB27CD4870
0000 0b 00 00 c0 00 00 b8 00 00 b8 52 a2 17 00 00 00
0010 20 00 00 00 ab 9d fd ba 74 25 29 93 9d 2d 5d f4
0020 77 ec 90 2e 13 b8 21 1a 19 70 1e 50 2f f5 6e 6e
0030 25 ae 8c 00 00 00 00 00 00 00 00 00 00 00 00 00
0040 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0050 00 00 00 00 00 00 00 00 dd f4 04 74 f0 7a e4 e0
0060 79 d1 f1 9f ae bd a8 ef 1e fa 18 c2 6a 76 ae a5
0070 aa bf c3 4f 12 94 8c 8f 00 00 00 00 00 00 00 00
0080 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0090 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00a0 00 00 00 00 a5 58 ed 0f 31 33 45 63 c8 8a d5 53
00b0 d9 e4 6e 20 5d 54 3b 83 99 cf 9b ef 9e a8 aa c5
00c0 eb fb 20 a2
BCryptGenerateKeyPair ptr: 5555555100000130
BCryptExportKey L"ECCPRIVATEBLOB"
len: D32BBFEE68
BCryptExportKey L"ECCPRIVATEBLOB"
Exported: len unknown
0000 45 43 4b 32 20 00 00 00 47 2e cb 88 ab 9b cd 7c
0010 20 9c c7 6c 40 31 d1 db d4 04 61 6a 69 1e 95 5a
0020 a1 5d 29 b0 45 a1 d1 20 23 bb 90 70 f1 e6 c9 1c
0030 cd 62 40 2f 19 71 dd 59 d6 07 48 7d 64 a6 d1 5a
0040 e6 4e 93 52 11 4e 26 14 94 7b d0 b0 92 70 28 72
0050 11 c7 5a 4d 50 94 97 a8 f1 21 27 06 fd c5 a5 8b
0060 62 47 79 90 e8 6a d1 9d
BCryptImportKeyPair \\\
Type: L"ECCPRIVATEBLOB" \\\
Data len: 80B8C780hex
[rsp+28]
0000 45 43 4b 32 20 00 00 00 47 2e cb 88 ab 9b cd 7c
0010 20 9c c7 6c 40 31 d1 db d4 04 61 6a 69 1e 95 5a
0020 a1 5d 29 b0 45 a1 d1 20 23 bb 90 70 f1 e6 c9 1c
0030 cd 62 40 2f 19 71 dd 59 d6 07 48 7d 64 a6 d1 5a
0040 e6 4e 93 52 11 4e 26 14 94 7b d0 b0 92 70 28 72
0050 11 c7 5a 4d 50 94 97 a8 f1 21 27 06 fd c5 a5 8b
0060 62 47 79 90 e8 6a d1 9d
BCryptImportKeyPair \\\
Type: L"ECCPUBLICBLOB" \\\
Data len: 80B8C5C0hex
[rsp+28]
0000 45 43 4b 31 20 00 00 00 5f 71 17 6f 76 66 55 74
0010 a3 86 53 53 10 f6 98 18 6f 42 9b f0 6e fa 05 9b
0020 0c 3f 99 bc fe b5 d6 ce 3e 61 55 91 ab 00 99 b0
0030 4f 6f 4b 68 ac bd 67 81 65 b8 26 75 1d 50 e3 87
0040 d0 cc fd 49 5f f4 ce ca
BCryptSecretAgreement
CryptHashData 0000024780B88430 00007FFB27CD4870
0000 10 00 00 41 04 47 2e cb 88 ab 9b cd 7c 20 9c c7
0010 6c 40 31 d1 db d4 04 61 6a 69 1e 95 5a a1 5d 29
0020 b0 45 a1 d1 20 23 bb 90 70 f1 e6 c9 1c cd 62 40
0030 2f 19 71 dd 59 d6 07 48 7d 64 a6 d1 5a e6 4e 93
0040 52 11 4e 26 14
BCryptDeriveKey kdf: L"TLS_PRF"
Derived:
0000 0f 29 77 b0 6a 86 20 b4 5d 63 9b 93 1c bd a3 34
0010 d0 2f 7a 9c 48 f6 45 d6 d5 de d9 40 3f 54 47 26
0020 d7 07 a3 4b e9 a6 4b 7e 8a 1b 8b 55 e4 85 49 02
CryptImportKey
0000 08 02 00 00 02 66 00 00 30 00 00 00 0f 29 77 b0
0010 6a 86 20 b4 5d 63 9b 93 1c bd a3 34 d0 2f 7a 9c
0020 48 f6 45 d6 d5 de d9 40 3f 54 47 26 d7 07 a3 4b
0030 e9 a6 4b 7e 8a 1b 8b 55 e4 85 49 02
CryptCreateHash alg: 8009
CryptHashData 0000024780B8C740 00007FFB27CD4870
0000 6b 65 79 20 65 78 70 61 6e 73 69 6f 6e 07 8f 9c
0010 43 52 a2 57 85 d7 38 fc cb 6b e8 3a 03 50 b9 13
0020 40 20 88 27 c5 9e b5 eb 8d 4a a8 09 91 01 80 41
0030 dc 01 65 b5 a9 a6 5a 68 fe 31 35 58 fd cc 37 85
0040 08 60 c6 b2 f8 d7 de 13 db 71 be 09 e9
CryptGetHashParam type : 2 ptr: 0000024780B8C740 00007FFB27CD4870
DumpGot
CryptGetHashParam type : 2 ptr: 0000024780B8C740 00007FFB27CD4870
DumpGot
0000 94 e9 c6 47 da ac d0 1f 53 12 5e 4a 5f 95 39 9f
0010 47 e0 71 96 4c a5 9b 75 c6 7f 13 57 f9 f5 18 0e
CryptImportKey
0000 08 02 00 00 02 66 00 00 30 00 00 00 0f 29 77 b0
0010 6a 86 20 b4 5d 63 9b 93 1c bd a3 34 d0 2f 7a 9c
0020 48 f6 45 d6 d5 de d9 40 3f 54 47 26 d7 07 a3 4b
0030 e9 a6 4b 7e 8a 1b 8b 55 e4 85 49 02
CryptCreateHash alg: 8009
CryptHashData 0000024780B8C740 00007FFB27CD4870
0000 94 e9 c6 47 da ac d0 1f 53 12 5e 4a 5f 95 39 9f
0010 47 e0 71 96 4c a5 9b 75 c6 7f 13 57 f9 f5 18 0e
0020 6b 65 79 20 65 78 70 61 6e 73 69 6f 6e 07 8f 9c
0030 43 52 a2 57 85 d7 38 fc cb 6b e8 3a 03 50 b9 13
0040 40 20 88 27 c5 9e b5 eb 8d 4a a8 09 91 01 80 41
0050 dc 01 65 b5 a9 a6 5a 68 fe 31 35 58 fd cc 37 85
0060 08 60 c6 b2 f8 d7 de 13 db 71 be 09 e9
CryptGetHashParam type : 2 ptr: 0000024780B8C740 00007FFB27CD4870
DumpGot
CryptGetHashParam type : 2 ptr: 0000024780B8C740 00007FFB27CD4870
DumpGot
0000 57 10 20 9f 6f 06 93 ae bd 72 48 58 6c d8 ea e4
0010 44 a6 77 e6 8a e9 e3 21 38 1d a4 6e 30 db 51 c8
CryptImportKey
0000 08 02 00 00 02 66 00 00 30 00 00 00 0f 29 77 b0
0010 6a 86 20 b4 5d 63 9b 93 1c bd a3 34 d0 2f 7a 9c
0020 48 f6 45 d6 d5 de d9 40 3f 54 47 26 d7 07 a3 4b
0030 e9 a6 4b 7e 8a 1b 8b 55 e4 85 49 02
CryptCreateHash alg: 8009
CryptHashData 0000024780B8C740 00007FFB27CD4870
0000 94 e9 c6 47 da ac d0 1f 53 12 5e 4a 5f 95 39 9f
0010 47 e0 71 96 4c a5 9b 75 c6 7f 13 57 f9 f5 18 0e
CryptGetHashParam type : 2 ptr: 0000024780B8C740 00007FFB27CD4870
DumpGot
CryptGetHashParam type : 2 ptr: 0000024780B8C740 00007FFB27CD4870
DumpGot
0000 47 71 0a af 81 09 42 15 62 70 ff 6a 77 b7 6e e1
0010 77 11 60 b5 35 08 33 4c c0 a2 ca 2d 17 9b 2b 91
CryptImportKey
0000 08 02 00 00 02 66 00 00 30 00 00 00 0f 29 77 b0
0010 6a 86 20 b4 5d 63 9b 93 1c bd a3 34 d0 2f 7a 9c
0020 48 f6 45 d6 d5 de d9 40 3f 54 47 26 d7 07 a3 4b
0030 e9 a6 4b 7e 8a 1b 8b 55 e4 85 49 02
CryptCreateHash alg: 8009
CryptHashData 0000024780B8C740 00007FFB27CD4870
0000 47 71 0a af 81 09 42 15 62 70 ff 6a 77 b7 6e e1
0010 77 11 60 b5 35 08 33 4c c0 a2 ca 2d 17 9b 2b 91
0020 6b 65 79 20 65 78 70 61 6e 73 69 6f 6e 07 8f 9c
0030 43 52 a2 57 85 d7 38 fc cb 6b e8 3a 03 50 b9 13
0040 40 20 88 27 c5 9e b5 eb 8d 4a a8 09 91 01 80 41
0050 dc 01 65 b5 a9 a6 5a 68 fe 31 35 58 fd cc 37 85
0060 08 60 c6 b2 f8 d7 de 13 db 71 be 09 e9
CryptGetHashParam type : 2 ptr: 0000024780B8C740 00007FFB27CD4870
DumpGot
CryptGetHashParam type : 2 ptr: 0000024780B8C740 00007FFB27CD4870
DumpGot
0000 3c 55 56 96 70 1c 6c 4e 96 72 16 9c d0 0e 05 c9
0010 31 72 14 d0 28 18 51 89 17 49 60 8d 2d dd b0 0c
CryptImportKey
0000 08 02 00 00 02 66 00 00 30 00 00 00 0f 29 77 b0
0010 6a 86 20 b4 5d 63 9b 93 1c bd a3 34 d0 2f 7a 9c
0020 48 f6 45 d6 d5 de d9 40 3f 54 47 26 d7 07 a3 4b
0030 e9 a6 4b 7e 8a 1b 8b 55 e4 85 49 02
CryptCreateHash alg: 8009
CryptHashData 0000024780B8C740 00007FFB27CD4870
0000 47 71 0a af 81 09 42 15 62 70 ff 6a 77 b7 6e e1
0010 77 11 60 b5 35 08 33 4c c0 a2 ca 2d 17 9b 2b 91
CryptGetHashParam type : 2 ptr: 0000024780B8C740 00007FFB27CD4870
DumpGot
CryptGetHashParam type : 2 ptr: 0000024780B8C740 00007FFB27CD4870
DumpGot
0000 d1 70 6a ce e6 0f 62 e7 33 ee 60 9d 51 1c 83 16
0010 e4 34 3a be e7 ed 8f 6f b7 a0 fa ca 36 3a 1d ab
CryptImportKey
0000 08 02 00 00 02 66 00 00 30 00 00 00 0f 29 77 b0
0010 6a 86 20 b4 5d 63 9b 93 1c bd a3 34 d0 2f 7a 9c
0020 48 f6 45 d6 d5 de d9 40 3f 54 47 26 d7 07 a3 4b
0030 e9 a6 4b 7e 8a 1b 8b 55 e4 85 49 02
CryptCreateHash alg: 8009
CryptHashData 0000024780B8C740 00007FFB27CD4870
0000 d1 70 6a ce e6 0f 62 e7 33 ee 60 9d 51 1c 83 16
0010 e4 34 3a be e7 ed 8f 6f b7 a0 fa ca 36 3a 1d ab
0020 6b 65 79 20 65 78 70 61 6e 73 69 6f 6e 07 8f 9c
0030 43 52 a2 57 85 d7 38 fc cb 6b e8 3a 03 50 b9 13
0040 40 20 88 27 c5 9e b5 eb 8d 4a a8 09 91 01 80 41
0050 dc 01 65 b5 a9 a6 5a 68 fe 31 35 58 fd cc 37 85
0060 08 60 c6 b2 f8 d7 de 13 db 71 be 09 e9
CryptGetHashParam type : 2 ptr: 0000024780B8C740 00007FFB27CD4870
DumpGot
CryptGetHashParam type : 2 ptr: 0000024780B8C740 00007FFB27CD4870