P-190BHE[.]rar

Resubmissions

07/10/2022, 07:04

221007-hvxv3sbgg8 7

Sharing

Copy URL Twitter E-mail

General

Target

P-190BHE.rar
Size

41.0MB
MD5

2a6535dcd937abe0c8523e3bbd3ea71a
SHA1

bb162d38a03f00da4f54dab9e92c4bc3bd5433d2
SHA256

d4810963e0a3ddd6ab2207c1c8d9335988ef713bbe65dae7937ff20c217f5cf8
SHA512

b6eda8d42bb32a45fb8d990ed0c277fb45da75e63cf4dff2d3a91fa6fa1f08cc263d0d30a1085a42d6819c78b8fe367945d04d24be3db42a2e403b821c7a2540
SSDEEP

786432:ufTwbhfHkWbz/SifzUSJ3O2pFpciVFIUDELaujJaIfGqWjSetdu6NuKVbJo:7bzbxfe2pTRFIPbJDijSe7u8VbJo

Score

1^/10

Malware Config

Signatures

NSIS installer 1 IoCs

installer

resource	yara_rule
static1/unpack001/Browser History Examiner 1.9.0/Browser History Examiner.exe	nsis_installer_2

Files

P-190BHE.rar
.rar
Browser History Examiner 1.9.0/Browser History Examiner.exe
.exe windows x86

7fa974366048f9c551ef45714595665e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
GetWindowsDirectoryA
SetFileTime
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
CreateFileA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetTempPathA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 32KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 147KB - Virtual size: 147KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Browser History Examiner 1.9.0/Data/Browser History Examiner/Awesomium.Core.XML
.xml
Browser History Examiner 1.9.0/Data/Browser History Examiner/Awesomium.Core.dll
.dll windows x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

2e:17:09:ca:1b:92:03:75:b3:bf:ae:4b:d5:b5:29:75
Certificate

Issuer

CN=COMODO Code Signing CA 2,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

29/03/2013, 00:00

Not After

29/03/2015, 23:59

Subject

CN=Awesomium Technologies LLC,O=Awesomium Technologies LLC,POSTALCODE=77095,STREET=\#4+STREET=15822 Jamie Lee Dr.,L=Houston,ST=TX,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

8c:a5:c3:36:68:34:2c:e0:f1:d6:51:ef:54:27:70:91:33:7e:0c:95
Signer

Actual PE Digest

8c:a5:c3:36:68:34:2c:e0:f1:d6:51:ef:54:27:70:91:33:7e:0c:95

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Awesomium Technologies LLC,O=Awesomium Technologies LLC,POSTALCODE=77095,STREET=\#4+STREET=15822 Jamie Lee Dr.,L=Houston,ST=TX,C=US

31/03/2014, 05:13
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorDllMain

Sections

.text
Size: 953KB - Virtual size: 952KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 488B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Browser History Examiner 1.9.0/Data/Browser History Examiner/Awesomium.Windows.Controls.XML
.xml
Browser History Examiner 1.9.0/Data/Browser History Examiner/Awesomium.Windows.Controls.dll
.dll windows x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

2e:17:09:ca:1b:92:03:75:b3:bf:ae:4b:d5:b5:29:75
Certificate

Issuer

CN=COMODO Code Signing CA 2,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

29/03/2013, 00:00

Not After

29/03/2015, 23:59

Subject

CN=Awesomium Technologies LLC,O=Awesomium Technologies LLC,POSTALCODE=77095,STREET=\#4+STREET=15822 Jamie Lee Dr.,L=Houston,ST=TX,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

e1:e4:70:4d:61:ed:b3:c0:ea:ca:66:f6:eb:d7:8d:7e:e7:c7:4d:81
Signer

Actual PE Digest

e1:e4:70:4d:61:ed:b3:c0:ea:ca:66:f6:eb:d7:8d:7e:e7:c7:4d:81

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Awesomium Technologies LLC,O=Awesomium Technologies LLC,POSTALCODE=77095,STREET=\#4+STREET=15822 Jamie Lee Dr.,L=Houston,ST=TX,C=US

31/03/2014, 05:13
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorDllMain

Sections

.text
Size: 528KB - Virtual size: 527KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 488B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Browser History Examiner 1.9.0/Data/Browser History Examiner/Awesomium.Windows.Forms.XML
.xml
Browser History Examiner 1.9.0/Data/Browser History Examiner/Awesomium.Windows.Forms.dll
.dll windows x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

2e:17:09:ca:1b:92:03:75:b3:bf:ae:4b:d5:b5:29:75
Certificate

Issuer

CN=COMODO Code Signing CA 2,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

29/03/2013, 00:00

Not After

29/03/2015, 23:59

Subject

CN=Awesomium Technologies LLC,O=Awesomium Technologies LLC,POSTALCODE=77095,STREET=\#4+STREET=15822 Jamie Lee Dr.,L=Houston,ST=TX,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:7b:94:1a:b6:7e:f8:a4:68:76:38:05:48:21:52:0f:5e:9e:ef:b7
Signer

Actual PE Digest

61:7b:94:1a:b6:7e:f8:a4:68:76:38:05:48:21:52:0f:5e:9e:ef:b7

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Awesomium Technologies LLC,O=Awesomium Technologies LLC,POSTALCODE=77095,STREET=\#4+STREET=15822 Jamie Lee Dr.,L=Houston,ST=TX,C=US

31/03/2014, 05:13
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorDllMain

Sections

.text
Size: 288KB - Virtual size: 288KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 488B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Browser History Examiner 1.9.0/Data/Browser History Examiner/Browser History Capturer.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

b6:89:2a:7d:7c:80:55:fc:83:cd:e9:cc:37:80:8b:7f
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

14/02/2019, 00:00

Not After

14/02/2020, 23:59

Subject

CN=Foxton Software Ltd,O=Foxton Software Ltd,POSTALCODE=B49 5BX,STREET=Bulls Head Yard+STREET=Grafton House,L=Alcester,ST=Warwickshire,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/11/2018, 00:00

Not After

31/12/2030, 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

4e:b0:87:8f:cc:24:35:36:b2:d8:c9:f7:bf:39:55:77
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

31/12/2015, 00:00

Not After

09/07/2019, 18:40

Subject

CN=COMODO SHA-256 Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

b6:d7:75:d2:00:c4:9d:72:ca:ea:b2:d8:b3:1c:3b:db:41:47:fa:77:c4:ba:2d:9b:06:f3:34:ea:aa:d2:1c:d7
Signer

Actual PE Digest

b6:d7:75:d2:00:c4:9d:72:ca:ea:b2:d8:b3:1c:3b:db:41:47:fa:77:c4:ba:2d:9b:06:f3:34:ea:aa:d2:1c:d7

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

true

Verification

Signing Certificate

CN=Foxton Software Ltd,O=Foxton Software Ltd,POSTALCODE=B49 5BX,STREET=Bulls Head Yard+STREET=Grafton House,L=Alcester,ST=Warwickshire,C=GB

14/02/2019, 11:11
Valid: true

Chain 1

CN=Foxton Software Ltd,O=Foxton Software Ltd,POSTALCODE=B49 5BX,STREET=Bulls Head Yard+STREET=Grafton House,L=Alcester,ST=Warwickshire,C=GB

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 113KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Browser History Examiner 1.9.0/Data/Browser History Examiner/Browser History Examiner.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 13.8MB - Virtual size: 13.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 147KB - Virtual size: 147KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Browser History Examiner 1.9.0/Data/Browser History Examiner/Browser History Examiner.exe.config
Browser History Examiner 1.9.0/Data/Browser History Examiner/Help/Help.html
Browser History Examiner 1.9.0/Data/Browser History Examiner/Help/Help.ico
Browser History Examiner 1.9.0/Data/Browser History Examiner/Help/Licence.rtf
.rtf
Browser History Examiner 1.9.0/Data/Browser History Examiner/avcodec-53.dll
.dll windows x86

551233820b1333b70b87efde91f004ff

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

09/07/1999, 18:31

Not After

09/07/2019, 18:40

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

10:70:9d:4f:f5:54:08:d7:30:60:01:d8:ea:91:75:bb
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

24/08/2011, 00:00

Not After

30/05/2020, 10:48

Subject

CN=COMODO Code Signing CA 2,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

2e:17:09:ca:1b:92:03:75:b3:bf:ae:4b:d5:b5:29:75
Certificate

Issuer

CN=COMODO Code Signing CA 2,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

29/03/2013, 00:00

Not After

29/03/2015, 23:59

Subject

CN=Awesomium Technologies LLC,O=Awesomium Technologies LLC,POSTALCODE=77095,STREET=\#4+STREET=15822 Jamie Lee Dr.,L=Houston,ST=TX,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

17:fb:de:82:2a:ac:f8:f0:9d:15:e7:e8:bd:46:84:0c:41:f3:7f:21
Signer

Actual PE Digest

17:fb:de:82:2a:ac:f8:f0:9d:15:e7:e8:bd:46:84:0c:41:f3:7f:21

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Awesomium Technologies LLC,O=Awesomium Technologies LLC,POSTALCODE=77095,STREET=\#4+STREET=15822 Jamie Lee Dr.,L=Houston,ST=TX,C=US

28/03/2014, 20:59
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CloseHandle
CreateEventA
CreateSemaphoreA
DeleteCriticalSection
DuplicateHandle
EnterCriticalSection
FreeLibrary
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetLastError
GetModuleHandleA
GetProcAddress
GetProcessAffinityMask
GetThreadContext
GetThreadPriority
InitializeCriticalSection
InterlockedDecrement
InterlockedExchange
InterlockedExchangeAdd
IsDBCSLeadByteEx
LeaveCriticalSection
LoadLibraryA
MultiByteToWideChar
OpenProcess
ReleaseSemaphore
ResetEvent
ResumeThread
SetEvent
SetLastError
SetThreadContext
SetThreadPriority
Sleep
SuspendThread
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte

msvcrt

__dllonexit
__lc_codepage
__mb_cur_max
_assert
_beginthreadex
_endthreadex
_errno
_ftime
_iob
_isctype
_pctype
_setjmp
_winmajor
abort
atan
calloc
ceil
cos
exit
exp
fflush
floor
fputc
free
fwrite
getenv
ldexp
localeconv
longjmp
malloc
memcmp
memcpy
memset
qsort
sin
sqrt
strcmp
strlen
toupper
vfprintf
wcslen

ws2_32

WSAGetLastError
WSASetLastError

avutil-51

av_dict_copy
av_dict_free
av_free
av_freep
av_gcd
av_get_bytes_per_sample
av_get_channel_layout
av_get_channel_layout_nb_channels
av_get_channel_layout_string
av_get_cpu_flags
av_get_picture_type_char
av_get_pix_fmt_name
av_get_sample_fmt
av_get_sample_fmt_name
av_get_sample_fmt_string
av_image_alloc
av_image_check_size
av_image_copy
av_image_copy_plane
av_image_fill_linesizes
av_image_fill_pointers
av_log
av_log_get_level
av_malloc
av_mallocz
av_opt_find
av_opt_free
av_opt_set_defaults
av_opt_set_defaults2
av_opt_set_dict
av_pix_fmt_descriptors
av_realloc
av_reduce
av_reverse
av_set_string3
av_strdup
av_strlcat
av_vlog
ff_set_systematic_pal2

Exports

Exports

MPV_common_init_mmx
_get_output_format
_nm__av_pix_fmt_descriptors
_nm__av_reverse
align_put_bits
audio_resample
audio_resample_close
av_audio_convert
av_audio_convert_alloc
av_audio_convert_free
av_audio_resample_init
av_bitstream_filter_close
av_bitstream_filter_filter
av_bitstream_filter_init
av_bitstream_filter_next
av_codec_next
av_destruct_packet
av_destruct_packet_nofree
av_dup_packet
av_fast_malloc
av_fast_realloc
av_fft_calc
av_fft_end
av_fft_init
av_fft_permute
av_free_packet
av_get_bits_per_sample
av_get_bits_per_sample_format
av_get_codec_tag_string
av_get_pict_type_char
av_get_profile_name
av_grow_packet
av_hwaccel_next
av_imdct_calc
av_imdct_half
av_init_packet
av_lockmgr_register
av_log_ask_for_sample
av_log_missing_feature
av_mdct_calc
av_mdct_end
av_mdct_init
av_new_packet
av_packet_get_side_data
av_packet_merge_side_data
av_packet_new_side_data
av_packet_split_side_data
av_parser_change
av_parser_close
av_parser_init
av_parser_next
av_parser_parse2
av_picture_copy
av_picture_crop
av_picture_pad
av_rdft_calc
av_rdft_end
av_rdft_init
av_register_bitstream_filter
av_register_codec_parser
av_register_hwaccel
av_resample
av_resample_close
av_resample_compensate
av_resample_init
av_shrink_packet
av_xiphlacing
avcodec_align_dimensions
avcodec_align_dimensions2
avcodec_alloc_context
avcodec_alloc_context2
avcodec_alloc_context3
avcodec_alloc_frame
avcodec_channel_layout_num_channels
avcodec_close
avcodec_configuration
avcodec_copy_context
avcodec_decode_audio3
avcodec_decode_subtitle2
avcodec_decode_video2
avcodec_default_execute
avcodec_default_execute2
avcodec_default_free_buffers
avcodec_default_get_buffer
avcodec_default_get_format
avcodec_default_reget_buffer
avcodec_default_release_buffer
avcodec_encode_audio
avcodec_encode_subtitle
avcodec_encode_video
avcodec_find_best_pix_fmt
avcodec_find_decoder
avcodec_find_decoder_by_name
avcodec_find_encoder
avcodec_find_encoder_by_name
avcodec_flush_buffers
avcodec_get_channel_layout
avcodec_get_channel_layout_string
avcodec_get_chroma_sub_sample
avcodec_get_context_defaults
avcodec_get_context_defaults2
avcodec_get_context_defaults3
avcodec_get_edge_width
avcodec_get_frame_defaults
avcodec_get_pix_fmt_loss
avcodec_get_pix_fmt_name
avcodec_get_sample_fmt
avcodec_get_sample_fmt_name
avcodec_guess_channel_layout
avcodec_init
avcodec_license
avcodec_open
avcodec_open2
avcodec_pix_fmt_to_codec_tag
avcodec_register
avcodec_register_all
avcodec_sample_fmt_string
avcodec_set_dimensions
avcodec_string
avcodec_thread_init
avcodec_version
avpicture_alloc
avpicture_deinterlace
avpicture_fill
avpicture_free
avpicture_get_size
avpicture_layout
avsubtitle_free
dsputil_init
dsputil_init_mmx
dsputil_init_pix_mmx
dsputil_static_init
ff_add_hfyu_left_prediction_sse4
ff_add_hfyu_left_prediction_ssse3
ff_add_hfyu_median_prediction_mmx2
ff_add_pixels_clamped_c
ff_add_pixels_clamped_mmx
ff_alternate_horizontal_scan
ff_alternate_vertical_scan
ff_apply_window_int16_mmxext
ff_apply_window_int16_mmxext_ba
ff_apply_window_int16_sse2
ff_apply_window_int16_sse2_ba
ff_apply_window_int16_ssse3
ff_apply_window_int16_ssse3_atom
ff_avg_cavs_qpel16_mc00_mmx2
ff_avg_cavs_qpel8_mc00_mmx2
ff_avg_h264_chroma_mc2_10_mmxext
ff_avg_h264_chroma_mc2_mmx2
ff_avg_h264_chroma_mc4_10_mmxext
ff_avg_h264_chroma_mc4_3dnow
ff_avg_h264_chroma_mc4_mmx2
ff_avg_h264_chroma_mc4_ssse3
ff_avg_h264_chroma_mc8_10_avx
ff_avg_h264_chroma_mc8_10_sse2
ff_avg_h264_chroma_mc8_3dnow_rnd
ff_avg_h264_chroma_mc8_mmx2_rnd
ff_avg_h264_chroma_mc8_ssse3_rnd
ff_avg_h264_qpel16_mc00_10_mmxext
ff_avg_h264_qpel16_mc00_10_sse2
ff_avg_h264_qpel16_mc01_10_mmxext
ff_avg_h264_qpel16_mc01_10_sse2
ff_avg_h264_qpel16_mc02_10_mmxext
ff_avg_h264_qpel16_mc02_10_sse2
ff_avg_h264_qpel16_mc03_10_mmxext
ff_avg_h264_qpel16_mc03_10_sse2
ff_avg_h264_qpel16_mc10_10_mmxext
ff_avg_h264_qpel16_mc10_10_sse2
ff_avg_h264_qpel16_mc10_10_sse2_cache64
ff_avg_h264_qpel16_mc10_10_ssse3_cache64
ff_avg_h264_qpel16_mc11_10_mmxext
ff_avg_h264_qpel16_mc11_10_sse2
ff_avg_h264_qpel16_mc12_10_mmxext
ff_avg_h264_qpel16_mc12_10_sse2
ff_avg_h264_qpel16_mc13_10_mmxext
ff_avg_h264_qpel16_mc13_10_sse2
ff_avg_h264_qpel16_mc20_10_mmxext
ff_avg_h264_qpel16_mc20_10_sse2
ff_avg_h264_qpel16_mc20_10_sse2_cache64
ff_avg_h264_qpel16_mc20_10_ssse3_cache64
ff_avg_h264_qpel16_mc21_10_mmxext
ff_avg_h264_qpel16_mc21_10_sse2
ff_avg_h264_qpel16_mc22_10_mmxext
ff_avg_h264_qpel16_mc22_10_sse2
ff_avg_h264_qpel16_mc23_10_mmxext
ff_avg_h264_qpel16_mc23_10_sse2
ff_avg_h264_qpel16_mc30_10_mmxext
ff_avg_h264_qpel16_mc30_10_sse2
ff_avg_h264_qpel16_mc30_10_sse2_cache64
ff_avg_h264_qpel16_mc30_10_ssse3_cache64
ff_avg_h264_qpel16_mc31_10_mmxext
ff_avg_h264_qpel16_mc31_10_sse2
ff_avg_h264_qpel16_mc32_10_mmxext
ff_avg_h264_qpel16_mc32_10_sse2
ff_avg_h264_qpel16_mc33_10_mmxext
ff_avg_h264_qpel16_mc33_10_sse2
ff_avg_h264_qpel4_mc00_10_mmxext
ff_avg_h264_qpel4_mc01_10_mmxext
ff_avg_h264_qpel4_mc02_10_mmxext
ff_avg_h264_qpel4_mc03_10_mmxext
ff_avg_h264_qpel4_mc10_10_mmxext
ff_avg_h264_qpel4_mc11_10_mmxext
ff_avg_h264_qpel4_mc12_10_mmxext
ff_avg_h264_qpel4_mc13_10_mmxext
ff_avg_h264_qpel4_mc20_10_mmxext
ff_avg_h264_qpel4_mc21_10_mmxext
ff_avg_h264_qpel4_mc22_10_mmxext
ff_avg_h264_qpel4_mc23_10_mmxext
ff_avg_h264_qpel4_mc30_10_mmxext
ff_avg_h264_qpel4_mc31_10_mmxext
ff_avg_h264_qpel4_mc32_10_mmxext
ff_avg_h264_qpel4_mc33_10_mmxext
ff_avg_h264_qpel8_mc00_10_mmxext
ff_avg_h264_qpel8_mc00_10_sse2
ff_avg_h264_qpel8_mc01_10_mmxext
ff_avg_h264_qpel8_mc01_10_sse2
ff_avg_h264_qpel8_mc02_10_mmxext
ff_avg_h264_qpel8_mc02_10_sse2
ff_avg_h264_qpel8_mc03_10_mmxext
ff_avg_h264_qpel8_mc03_10_sse2
ff_avg_h264_qpel8_mc10_10_mmxext
ff_avg_h264_qpel8_mc10_10_sse2
ff_avg_h264_qpel8_mc10_10_sse2_cache64
ff_avg_h264_qpel8_mc10_10_ssse3_cache64
ff_avg_h264_qpel8_mc11_10_mmxext
ff_avg_h264_qpel8_mc11_10_sse2
ff_avg_h264_qpel8_mc12_10_mmxext
ff_avg_h264_qpel8_mc12_10_sse2
ff_avg_h264_qpel8_mc13_10_mmxext
ff_avg_h264_qpel8_mc13_10_sse2
ff_avg_h264_qpel8_mc20_10_mmxext
ff_avg_h264_qpel8_mc20_10_sse2
ff_avg_h264_qpel8_mc20_10_sse2_cache64
ff_avg_h264_qpel8_mc20_10_ssse3_cache64
ff_avg_h264_qpel8_mc21_10_mmxext
ff_avg_h264_qpel8_mc21_10_sse2
ff_avg_h264_qpel8_mc22_10_mmxext
ff_avg_h264_qpel8_mc22_10_sse2
ff_avg_h264_qpel8_mc23_10_mmxext
ff_avg_h264_qpel8_mc23_10_sse2
ff_avg_h264_qpel8_mc30_10_mmxext
ff_avg_h264_qpel8_mc30_10_sse2
ff_avg_h264_qpel8_mc30_10_sse2_cache64
ff_avg_h264_qpel8_mc30_10_ssse3_cache64
ff_avg_h264_qpel8_mc31_10_mmxext
ff_avg_h264_qpel8_mc31_10_sse2
ff_avg_h264_qpel8_mc32_10_mmxext
ff_avg_h264_qpel8_mc32_10_sse2
ff_avg_h264_qpel8_mc33_10_mmxext
ff_avg_h264_qpel8_mc33_10_sse2
ff_avg_pixels16x16_10_c
ff_avg_pixels16x16_8_c
ff_avg_pixels16x16_9_c
ff_avg_pixels8x8_10_c
ff_avg_pixels8x8_8_c
ff_avg_pixels8x8_9_c
ff_avg_qpel16_mc11_old_c
ff_avg_qpel16_mc12_old_c
ff_avg_qpel16_mc13_old_c
ff_avg_qpel16_mc31_old_c
ff_avg_qpel16_mc32_old_c
ff_avg_qpel16_mc33_old_c
ff_avg_qpel8_mc11_old_c
ff_avg_qpel8_mc12_old_c
ff_avg_qpel8_mc13_old_c
ff_avg_qpel8_mc31_old_c
ff_avg_qpel8_mc32_old_c
ff_avg_qpel8_mc33_old_c
ff_avg_rv40_chroma_mc4_3dnow
ff_avg_rv40_chroma_mc4_mmx2
ff_avg_rv40_chroma_mc8_3dnow
ff_avg_rv40_chroma_mc8_mmx2
ff_avg_vc1_chroma_mc8_3dnow_nornd
ff_avg_vc1_chroma_mc8_mmx2_nornd
ff_avg_vc1_chroma_mc8_ssse3_nornd
ff_avg_vc1_mspel_mc00_mmx2
ff_block_permute
ff_bone
ff_check_alignment
ff_combine_frame
ff_copy_bits
ff_copy_pce_data
ff_cos_1024
ff_cos_1024_fixed
ff_cos_128
ff_cos_128_fixed
ff_cos_16
ff_cos_16384
ff_cos_16384_fixed
ff_cos_16_fixed
ff_cos_2048
ff_cos_2048_fixed
ff_cos_256
ff_cos_256_fixed
ff_cos_32
ff_cos_32768
ff_cos_32768_fixed
ff_cos_32_fixed
ff_cos_4096
ff_cos_4096_fixed
ff_cos_512
ff_cos_512_fixed
ff_cos_64
ff_cos_64_fixed
ff_cos_65536
ff_cos_65536_fixed
ff_cos_8192
ff_cos_8192_fixed
ff_cos_tabs
ff_cos_tabs_fixed
ff_cropTbl
ff_deinterlace_line_inplace_mmx
ff_deinterlace_line_mmx
ff_dirac_parse_sequence_header
ff_dnxhd_init_mmx
ff_emu_edge_core_mmx
ff_emu_edge_core_sse
ff_emulated_edge_mc_10
ff_emulated_edge_mc_8
ff_emulated_edge_mc_9
ff_faanidct
ff_faanidct_add
ff_faanidct_put
ff_fdct_mmx
ff_fdct_mmx2
ff_fdct_sse2
ff_fetch_timestamp
ff_fft_calc_avx
ff_fft_calc_sse
ff_fft_dispatch_3dn
ff_fft_dispatch_3dn2
ff_fft_dispatch_avx
ff_fft_dispatch_interleave_3dn
ff_fft_dispatch_interleave_3dn2
ff_fft_dispatch_interleave_avx
ff_fft_dispatch_interleave_sse
ff_fft_dispatch_sse
ff_fft_end
ff_fft_end_fixed
ff_fft_init
ff_fft_init_fixed
ff_fft_init_mmx
ff_fft_permute_sse
ff_find_pix_fmt
ff_float_interleave2_mmx
ff_float_interleave2_sse
ff_float_interleave6_mmx
ff_float_interleave6_sse
ff_float_interleave_c
ff_float_to_int16_interleave6_3dn2
ff_float_to_int16_interleave6_3dnow
ff_float_to_int16_interleave6_sse
ff_fmt_convert_init
ff_fmt_convert_init_x86
ff_frame_rate_tab
ff_gmc_c
ff_golomb_vlc_len
ff_h264_pred_init
ff_h264_pred_init_x86
ff_idct_xvid_mmx
ff_idct_xvid_mmx2
ff_idct_xvid_sse2
ff_idct_xvid_sse2_add
ff_idct_xvid_sse2_put
ff_imdct_calc_c
ff_imdct_calc_c_fixed
ff_imdct_calc_sse
ff_imdct_half_avx
ff_imdct_half_c
ff_imdct_half_c_fixed
ff_imdct_half_sse
ff_init_ff_cos_tabs
ff_init_ff_cos_tabs_fixed
ff_init_scantable
ff_interleaved_dirac_golomb_vlc_code
ff_interleaved_golomb_vlc_len
ff_interleaved_se_golomb_vlc_code
ff_interleaved_ue_golomb_vlc_code
ff_inverse
ff_is_hwaccel_pix_fmt
ff_log2_run
ff_match_2uint16
ff_mdct_calc_c
ff_mdct_calc_c_fixed
ff_mdct_calcw_c
ff_mdct_end
ff_mdct_end_fixed
ff_mdct_init
ff_mdct_init_fixed
ff_mpa_alloc_tables
ff_mpa_bitrate_tab
ff_mpa_enwindow
ff_mpa_freq_tab
ff_mpa_quant_bits
ff_mpa_quant_steps
ff_mpa_sblimit_table
ff_mpeg12_mbAddrIncrTable
ff_mpeg12_mbMotionVectorTable
ff_mpeg12_mbPatTable
ff_mpeg12_vlc_dc_chroma_bits
ff_mpeg12_vlc_dc_chroma_code
ff_mpeg12_vlc_dc_lum_bits
ff_mpeg12_vlc_dc_lum_code
ff_mpeg1_aspect
ff_mpeg1_default_intra_matrix
ff_mpeg1_default_non_intra_matrix
ff_mpeg2_aspect
ff_mpeg4audio_channels
ff_mpeg4audio_get_config
ff_mpeg4audio_sample_rates
ff_mpeg4video_split
ff_parse1_close
ff_parse_close
ff_pb_0
ff_pb_1
ff_pb_1F
ff_pb_3
ff_pb_3F
ff_pb_4
ff_pb_7
ff_pb_80
ff_pb_81
ff_pb_A1
ff_pb_F8
ff_pb_FC
ff_pb_FE
ff_pd_1
ff_pd_2
ff_pdw_80000000
ff_pred16x16_dc_mmxext
ff_pred16x16_dc_sse2
ff_pred16x16_dc_ssse3
ff_pred16x16_horizontal_10_mmxext
ff_pred16x16_horizontal_10_sse2
ff_pred16x16_horizontal_mmx
ff_pred16x16_horizontal_mmxext
ff_pred16x16_horizontal_ssse3
ff_pred16x16_plane_h264_mmx
ff_pred16x16_plane_h264_mmx2
ff_pred16x16_plane_h264_sse2
ff_pred16x16_plane_h264_ssse3
ff_pred16x16_plane_rv40_mmx
ff_pred16x16_plane_rv40_mmx2
ff_pred16x16_plane_rv40_sse2
ff_pred16x16_plane_rv40_ssse3
ff_pred16x16_plane_svq3_mmx
ff_pred16x16_plane_svq3_mmx2
ff_pred16x16_plane_svq3_sse2
ff_pred16x16_plane_svq3_ssse3
ff_pred16x16_tm_vp8_mmx
ff_pred16x16_tm_vp8_mmxext
ff_pred16x16_tm_vp8_sse2
ff_pred16x16_vertical_10_mmxext
ff_pred16x16_vertical_10_sse2
ff_pred16x16_vertical_mmx
ff_pred16x16_vertical_sse
ff_pred4x4_dc_10_mmxext
ff_pred4x4_dc_mmxext
ff_pred4x4_down_left_10_avx
ff_pred4x4_down_left_10_sse2
ff_pred4x4_down_left_mmxext
ff_pred4x4_down_right_10_avx
ff_pred4x4_down_right_10_sse2
ff_pred4x4_down_right_10_ssse3
ff_pred4x4_down_right_mmxext
ff_pred4x4_horizontal_down_10_avx
ff_pred4x4_horizontal_down_10_sse2
ff_pred4x4_horizontal_down_10_ssse3
ff_pred4x4_horizontal_down_mmxext
ff_pred4x4_horizontal_up_10_mmxext
ff_pred4x4_horizontal_up_mmxext
ff_pred4x4_tm_vp8_mmx
ff_pred4x4_tm_vp8_mmxext
ff_pred4x4_tm_vp8_ssse3
ff_pred4x4_vertical_left_10_avx
ff_pred4x4_vertical_left_10_sse2
ff_pred4x4_vertical_left_mmxext
ff_pred4x4_vertical_right_10_avx
ff_pred4x4_vertical_right_10_sse2
ff_pred4x4_vertical_right_10_ssse3
ff_pred4x4_vertical_right_mmxext
ff_pred4x4_vertical_vp8_mmxext
ff_pred8x8_dc_10_mmxext
ff_pred8x8_dc_10_sse2
ff_pred8x8_dc_mmxext
ff_pred8x8_dc_rv40_mmxext
ff_pred8x8_horizontal_10_sse2
ff_pred8x8_horizontal_mmx
ff_pred8x8_horizontal_mmxext
ff_pred8x8_horizontal_ssse3
ff_pred8x8_plane_mmx
ff_pred8x8_plane_mmx2
ff_pred8x8_plane_sse2
ff_pred8x8_plane_ssse3
ff_pred8x8_tm_vp8_mmx
ff_pred8x8_tm_vp8_mmxext
ff_pred8x8_tm_vp8_sse2
ff_pred8x8_tm_vp8_ssse3
ff_pred8x8_top_dc_10_mmxext
ff_pred8x8_top_dc_10_sse2

Sections

.text
Size: 892KB - Virtual size: 891KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 111KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 420B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rodata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

/4
Size: 512B - Virtual size: 288B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 647KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Browser History Examiner 1.9.0/Data/Browser History Examiner/avformat-53.dll
.dll windows x86

cda9a24d0ec183721b985f721181e560

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

09/07/1999, 18:31

Not After

09/07/2019, 18:40

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

10:70:9d:4f:f5:54:08:d7:30:60:01:d8:ea:91:75:bb
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

24/08/2011, 00:00

Not After

30/05/2020, 10:48

Subject

CN=COMODO Code Signing CA 2,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

2e:17:09:ca:1b:92:03:75:b3:bf:ae:4b:d5:b5:29:75
Certificate

Issuer

CN=COMODO Code Signing CA 2,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

29/03/2013, 00:00

Not After

29/03/2015, 23:59

Subject

CN=Awesomium Technologies LLC,O=Awesomium Technologies LLC,POSTALCODE=77095,STREET=\#4+STREET=15822 Jamie Lee Dr.,L=Houston,ST=TX,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

f6:d5:e7:a5:50:27:92:93:70:c3:94:34:ac:05:e9:af:0d:85:99:23
Signer

Actual PE Digest

f6:d5:e7:a5:50:27:92:93:70:c3:94:34:ac:05:e9:af:0d:85:99:23

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Awesomium Technologies LLC,O=Awesomium Technologies LLC,POSTALCODE=77095,STREET=\#4+STREET=15822 Jamie Lee Dr.,L=Houston,ST=TX,C=US

28/03/2014, 20:59
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
FreeLibrary
GetLastError
GetModuleHandleA
GetProcAddress
GetSystemTimeAsFileTime
InitializeCriticalSection
InterlockedExchange
IsDBCSLeadByteEx
LeaveCriticalSection
LoadLibraryA
MultiByteToWideChar
Sleep
TlsGetValue
VirtualProtect
VirtualQuery
WideCharToMultiByte

msvcrt

_open
__dllonexit
__lc_codepage
__mb_cur_max
_assert
_errno
_iob
_isctype
_pctype
_stricmp
_strnicmp
_winmajor
_wopen
abort
atoi
calloc
fflush
fputc
free
fwrite
getenv
localeconv
malloc
memchr
memcpy
memmove
memset
sscanf
strchr
strcmp
strcpy
strlen
strncmp
strrchr
strspn
strstr
strtol
toupper
vfprintf
wcslen

avcodec-53

av_destruct_packet
av_dup_packet
av_fast_malloc
av_fast_realloc
av_free_packet
av_get_bits_per_sample
av_get_codec_tag_string
av_grow_packet
av_init_packet
av_log_ask_for_sample
av_new_packet
av_packet_merge_side_data
av_parser_close
av_parser_init
av_parser_parse2
av_shrink_packet
av_xiphlacing
avcodec_alloc_context3
avcodec_close
avcodec_decode_audio3
avcodec_decode_video2
avcodec_find_decoder
avcodec_get_frame_defaults
avcodec_open2
avcodec_pix_fmt_to_codec_tag
avcodec_register_all
avcodec_set_dimensions
avcodec_string
ff_find_pix_fmt
ff_mpa_freq_tab
ff_mpeg4audio_get_config
ff_mpeg4audio_sample_rates
ff_raw_pix_fmt_tags
ff_toupper4

avutil-51

av_compare_mod
av_compare_ts
av_crc
av_crc_get_table
av_d2q
av_dict_copy
av_dict_free
av_dict_get
av_dict_set
av_dynarray_add
av_find_info_tag
av_free
av_freep
av_gcd
av_get_pix_fmt_name
av_int2dbl
av_int2flt
av_log
av_malloc
av_mallocz
av_opt_find
av_opt_free
av_opt_set_defaults
av_opt_set_dict
av_parse_time
av_realloc
av_reduce
av_rescale
av_rescale_q
av_rescale_rnd
av_strdup
av_strlcat
av_strlcatf
av_strlcpy
av_strstart
ff_log2_tab

Exports

Exports

_get_output_format
_nm__ff_log2_tab
_nm__ff_mpa_freq_tab
_nm__ff_mpeg4audio_sample_rates
_nm__ff_raw_pix_fmt_tags
av_add_index_entry
av_alloc_put_byte
av_append_packet
av_close_input_file
av_close_input_stream
av_codec_get_id
av_codec_get_tag
av_demuxer_open
av_dump_format
av_filename_number_test
av_find_best_stream
av_find_default_stream_index
av_find_input_format
av_find_stream_info
av_gen_search
av_get_frame_filename
av_get_output_timestamp
av_get_packet
av_gettime
av_guess_codec
av_guess_format
av_hex_dump
av_hex_dump_log
av_iformat_next
av_index_search_timestamp
av_interleave_packet_per_dts
av_interleaved_write_frame
av_match_ext
av_metadata_conv
av_metadata_copy
av_metadata_free
av_metadata_get
av_metadata_set2
av_new_program
av_new_stream
av_oformat_next
av_open_input_file
av_open_input_stream
av_pkt_dump
av_pkt_dump2
av_pkt_dump_log
av_pkt_dump_log2
av_probe_input_buffer
av_probe_input_format
av_probe_input_format2
av_probe_input_format3
av_protocol_next
av_read_frame
av_read_packet
av_read_pause
av_read_play
av_register_all
av_register_input_format
av_register_output_format
av_register_protocol2
av_sdp_create
av_seek_frame
av_seek_frame_binary
av_set_parameters
av_set_pts_info
av_update_cur_dts
av_url_read_fpause
av_url_read_fseek
av_url_read_pause
av_url_read_seek
av_url_split
av_write_frame
av_write_header
av_write_trailer
avf_sdp_create
avformat_alloc_context
avformat_alloc_output_context
avformat_alloc_output_context2
avformat_configuration
avformat_find_stream_info
avformat_free_context
avformat_license
avformat_open_input
avformat_seek_file
avformat_version
avformat_write_header
avio_alloc_context
avio_check
avio_close
avio_close_dyn_buf
avio_enum_protocols
avio_flush
avio_get_str
avio_get_str16be
avio_get_str16le
avio_open
avio_open_dyn_buf
avio_pause
avio_printf
avio_put_str
avio_put_str16le
avio_r8
avio_rb16
avio_rb24
avio_rb32
avio_rb64
avio_read
avio_rl16
avio_rl24
avio_rl32
avio_rl64
avio_seek
avio_seek_time
avio_set_interrupt_cb
avio_size
avio_skip
avio_w8
avio_wb16
avio_wb24
avio_wb32
avio_wb64
avio_wl16
avio_wl24
avio_wl32
avio_wl64
avio_write
brktimegm
codec_movaudio_tags
codec_movvideo_tags
dump_format
ff_add_index_entry
ff_celt_codec
ff_codec_bmp_tags
ff_codec_get_id
ff_codec_get_tag
ff_codec_guid_get_id
ff_codec_movsubtitle_tags
ff_codec_wav_guids
ff_codec_wav_tags
ff_crc04C11DB7_update
ff_data_to_hex
ff_find_stream_index
ff_free_parser_state
ff_gen_syncpoint_search
ff_get_bmp_header
ff_get_guid
ff_get_line
ff_get_v_length
ff_get_wav_header
ff_hex_to_data
ff_id3v1_genre_str
ff_id3v1_read
ff_id3v2_2_metadata_conv
ff_id3v2_34_metadata_conv
ff_id3v2_3_tags
ff_id3v2_4_metadata_conv
ff_id3v2_4_tags
ff_id3v2_match
ff_id3v2_read
ff_id3v2_tag_len
ff_id3v2_tags
ff_index_search_timestamp
ff_interleave_add_packet
ff_make_absolute_url
ff_metadata_conv
ff_metadata_conv_ctx
ff_mkv_codec_tags
ff_mkv_metadata_conv
ff_mkv_mime_tags
ff_mov_iso639_to_lang
ff_mov_lang_to_iso639
ff_mov_read_chan
ff_mov_write_chan
ff_mp4_obj_type
ff_mp4_read_dec_config_descr
ff_mp4_read_descr
ff_mp4_read_descr_len
ff_new_chapter
ff_ntp_time
ff_ogm_audio_codec
ff_ogm_old_codec
ff_ogm_text_codec
ff_ogm_video_codec
ff_parse_key_value
ff_parse_specific_params
ff_program_add_stream_index
ff_put_v
ff_read_frame_flush
ff_reduce_index
ff_restore_parser_state
ff_rm_alloc_rmstream
ff_rm_codec_tags
ff_rm_free_rmstream
ff_rm_metadata
ff_rm_parse_packet
ff_rm_read_mdpr_codecdata
ff_rm_reorder_sipr_data
ff_rm_retrieve_cache
ff_sdp_write_media
ff_sipr_subpk_size
ff_skeleton_codec
ff_store_parser_state
ff_theora_codec
ff_url_join
ff_vorbis_codec
ff_vorbis_comment
ff_vorbiscomment_length
ff_vorbiscomment_metadata_conv
ff_vorbiscomment_write
ff_wav_codec_get_id
ff_win32_open
ff_write_chained
ffio_fdopen
ffio_fill
ffio_get_checksum
ffio_init_checksum
ffio_init_context
ffio_open_dyn_packet_buf
ffio_read_partial
ffio_read_varlen
ffio_rewind_with_probe_data
ffio_set_buf_size
ffurl_alloc
ffurl_close
ffurl_connect
ffurl_get_file_handle
ffurl_open
ffurl_read
ffurl_read_complete
ffurl_register_protocol
ffurl_seek
ffurl_size
ffurl_write
find_info_tag
first_protocol
get_be16
get_be24
get_be32
get_be64
get_buffer
get_byte
get_checksum
get_le16
get_le24
get_le32
get_le64
get_partial_buffer
get_strz
init_checksum
init_put_byte
matroska_video_stereo_mode
matroska_video_stereo_plane
parse_date
pcm_read_seek
put_be16
put_be24
put_be32
put_be64
put_buffer
put_byte
put_flush_packet
put_le16
put_le24
put_le32
put_le64
put_nbyte
put_strz
put_tag
url_alloc
url_close
url_close_buf
url_close_dyn_buf
url_connect
url_exist
url_fclose
url_fdopen
url_feof
url_ferror
url_fget_max_packet_size
url_fgetc
url_fgets
url_fileno
url_filesize
url_fopen
url_fprintf
url_fseek
url_fsize
url_fskip
url_ftell
url_get_file_handle
url_get_filename
url_get_max_packet_size
url_interrupt_cb
url_open
url_open_buf
url_open_dyn_buf
url_open_dyn_packet_buf
url_open_protocol
url_read
url_read_complete
url_seek
url_set_interrupt_cb
url_setbufsize
url_write

Sections

.text
Size: 135KB - Virtual size: 135KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

/4
Size: 512B - Virtual size: 368B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Browser History Examiner 1.9.0/Data/Browser History Examiner/avutil-51.dll
.dll windows x86

348455ac79d3a5ef49002e19f2d2acef

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

09/07/1999, 18:31

Not After

09/07/2019, 18:40

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

10:70:9d:4f:f5:54:08:d7:30:60:01:d8:ea:91:75:bb
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

24/08/2011, 00:00

Not After

30/05/2020, 10:48

Subject

CN=COMODO Code Signing CA 2,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

2e:17:09:ca:1b:92:03:75:b3:bf:ae:4b:d5:b5:29:75
Certificate

Issuer

CN=COMODO Code Signing CA 2,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

29/03/2013, 00:00

Not After

29/03/2015, 23:59

Subject

CN=Awesomium Technologies LLC,O=Awesomium Technologies LLC,POSTALCODE=77095,STREET=\#4+STREET=15822 Jamie Lee Dr.,L=Houston,ST=TX,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

fc:02:44:82:ee:02:70:74:f1:fc:6d:17:dc:f0:e3:94:d9:ea:5f:f9
Signer

Actual PE Digest

fc:02:44:82:ee:02:70:74:f1:fc:6d:17:dc:f0:e3:94:d9:ea:5f:f9

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Awesomium Technologies LLC,O=Awesomium Technologies LLC,POSTALCODE=77095,STREET=\#4+STREET=15822 Jamie Lee Dr.,L=Houston,ST=TX,C=US

28/03/2014, 20:59
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CloseHandle
CreateFileMappingA
DeleteCriticalSection
EnterCriticalSection
FreeLibrary
GetConsoleScreenBufferInfo
GetLastError
GetModuleHandleA
GetProcAddress
GetStdHandle
InitializeCriticalSection
InterlockedExchange
IsDBCSLeadByteEx
LeaveCriticalSection
LoadLibraryA
MapViewOfFile
MultiByteToWideChar
SetConsoleTextAttribute
Sleep
TlsGetValue
UnmapViewOfFile
VirtualProtect
VirtualQuery
WideCharToMultiByte

msvcrt

_close
_fstat
_isatty
_open
_read
__dllonexit
__lc_codepage
__mb_cur_max
_errno
_get_osfhandle
_iob
_isctype
_pctype
_stricmp
_strnicmp
_winmajor
abort
acos
asin
atan
bsearch
calloc
ceil
clock
cos
cosh
exp
fflush
floor
fputc
fputs
free
frexp
fwrite
getenv
gmtime
ldexp
localeconv
localtime
log
malloc
memcpy
memset
mktime
pow
realloc
sin
sinh
sqrt
strchr
strcmp
strcpy
strlen
strspn
strtol
strtoul
tan
tanh
time
toupper
vfprintf
wcslen

Exports

Exports

av_add_q
av_adler32_update
av_aes_crypt
av_aes_init
av_aes_size
av_base64_decode
av_base64_encode
av_bmg_get
av_compare_mod
av_compare_ts
av_crc
av_crc_get_table
av_crc_init
av_d2q
av_d2str
av_dbl2ext
av_dbl2int
av_default_item_name
av_des_crypt
av_des_init
av_dict_copy
av_dict_free
av_dict_get
av_dict_set
av_div_q
av_dynarray_add
av_eval_expr
av_evaluate_lls
av_expr_eval
av_expr_free
av_expr_parse
av_expr_parse_and_eval
av_ext2dbl
av_fifo_alloc
av_fifo_drain
av_fifo_free
av_fifo_generic_read
av_fifo_generic_write
av_fifo_realloc2
av_fifo_reset
av_fifo_size
av_fifo_space
av_file_map
av_file_unmap
av_find_info_tag
av_find_nearest_q_idx
av_find_opt
av_flt2int
av_force_cpu_flags
av_free
av_free_expr
av_freep
av_gcd
av_get_bits_per_pixel
av_get_bits_per_sample_fmt
av_get_bytes_per_sample
av_get_channel_layout
av_get_channel_layout_nb_channels
av_get_channel_layout_string
av_get_cpu_flags
av_get_double
av_get_int
av_get_picture_type_char
av_get_pix_fmt
av_get_pix_fmt_name
av_get_pix_fmt_string
av_get_q
av_get_random_seed
av_get_sample_fmt
av_get_sample_fmt_name
av_get_sample_fmt_string
av_get_string
av_get_token
av_image_alloc
av_image_check_size
av_image_copy
av_image_copy_plane
av_image_fill_linesizes
av_image_fill_max_pixsteps
av_image_fill_pointers
av_image_get_linesize
av_init_lls
av_int2dbl
av_int2flt
av_lfg_init
av_log
av_log_default_callback
av_log_get_level
av_log_set_callback
av_log_set_flags
av_log_set_level
av_lzo1x_decode
av_malloc
av_mallocz
av_md5_final
av_md5_init
av_md5_size
av_md5_sum
av_md5_update
av_memcpy_backptr
av_mul_q
av_nearer_q
av_next_option
av_opt_find
av_opt_flag_is_set
av_opt_free
av_opt_set_defaults
av_opt_set_defaults2
av_opt_set_dict
av_opt_show2
av_parse_and_eval_expr
av_parse_color
av_parse_expr
av_parse_time
av_parse_video_rate
av_parse_video_size
av_pix_fmt_descriptors
av_rc4_crypt
av_rc4_init
av_read_image_line
av_realloc
av_reduce
av_rescale
av_rescale_q
av_rescale_rnd
av_reverse
av_samples_alloc
av_samples_fill_arrays
av_set_double
av_set_int
av_set_options_string
av_set_q
av_set_string3
av_sha_final
av_sha_init
av_sha_size
av_sha_update
av_solve_lls
av_strdup
av_strerror
av_stristart
av_stristr
av_strlcat
av_strlcatf
av_strlcpy
av_strstart
av_strtod
av_sub_q
av_tree_destroy
av_tree_enumerate
av_tree_find
av_tree_insert
av_tree_node_size
av_update_lls
av_vlog
av_write_image_line
avutil_configuration
avutil_license
avutil_version
ff_get_cpu_flags_x86
ff_inverse
ff_log2_tab
ff_set_systematic_pal2
ff_sqrt_tab

Sections

.text
Size: 86KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/4
Size: 512B - Virtual size: 368B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 17KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Browser History Examiner 1.9.0/Data/Browser History Examiner/awesomium.dll
.dll windows x86

08a6e16b3ae7d696a8c706ca62865319

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

09/07/1999, 18:31

Not After

09/07/2019, 18:40

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

10:70:9d:4f:f5:54:08:d7:30:60:01:d8:ea:91:75:bb
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

24/08/2011, 00:00

Not After

30/05/2020, 10:48

Subject

CN=COMODO Code Signing CA 2,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

2e:17:09:ca:1b:92:03:75:b3:bf:ae:4b:d5:b5:29:75
Certificate

Issuer

CN=COMODO Code Signing CA 2,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

29/03/2013, 00:00

Not After

29/03/2015, 23:59

Subject

CN=Awesomium Technologies LLC,O=Awesomium Technologies LLC,POSTALCODE=77095,STREET=\#4+STREET=15822 Jamie Lee Dr.,L=Houston,ST=TX,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

b1:c9:9d:62:30:12:8b:4f:f9:60:d4:08:15:f3:74:37:8c:15:c5:ed
Signer

Actual PE Digest

b1:c9:9d:62:30:12:8b:4f:f9:60:d4:08:15:f3:74:37:8c:15:c5:ed

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Awesomium Technologies LLC,O=Awesomium Technologies LLC,POSTALCODE=77095,STREET=\#4+STREET=15822 Jamie Lee Dr.,L=Houston,ST=TX,C=US

28/03/2014, 20:59
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

kernel32

InterlockedCompareExchange
InterlockedExchangeAdd
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
DecodePointer
TerminateProcess
GetCurrentProcess
EnterCriticalSection
LeaveCriticalSection
GetCurrentThreadId
GetCommandLineA
IsProcessorFeaturePresent
WriteFile
GetStdHandle
GetModuleFileNameW
GetLocaleInfoW
GetLastError
InterlockedIncrement
InterlockedDecrement
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
SetLastError
GetCurrentThread
GetProcAddress
ExitProcess
CompareStringW
SetEnvironmentVariableW
SetFileAttributesA
FindFirstFileExA
ExitThread
InterlockedPopEntrySList
GetProcessHeap
InterlockedPushEntrySList
lstrcmpiA
RaiseException
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
Sleep
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
FlushFileBuffers
ReadFile
SetFilePointer
CloseHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LoadLibraryW
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
FreeLibrary
InterlockedExchange
MultiByteToWideChar
RtlUnwind
WriteConsoleW
SetStdHandle
LCMapStringW
GetStringTypeW
CreateFileW
GetUserDefaultLCID
FindFirstFileExW
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
LocalAlloc
LocalFree
LoadLibraryA
lstrlenW
lstrcmpiW
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
CreateEventW
FlushInstructionCache
GetProcessId
DuplicateHandle
GetExitCodeProcess
SetThreadExecutionState
DeviceIoControl
DefineDosDeviceW
QueryDosDeviceW
GetSystemDirectoryW
GetLongPathNameW
ResumeThread
VirtualAllocEx
SetErrorMode
GetUserDefaultLangID
GetModuleHandleA
InitializeCriticalSection
GetHandleInformation
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalSize
HeapSetInformation
HeapCreate
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetEnvironmentVariableA
VirtualFree
VirtualAlloc
GetSystemInfo
SwitchToThread
VirtualProtect
VirtualQuery
FindClose
GetVersionExW
CreateToolhelp32Snapshot
Module32Next
Module32First
SetEndOfFile
CreateFileA
TryEnterCriticalSection
WaitForSingleObject
ReleaseMutex
DeleteFileW
CreateProcessW
CreateMutexW
OutputDebugStringA
FormatMessageA
GetCommandLineW
CreateThread
SetThreadPriority
FileTimeToSystemTime
FileTimeToLocalFileTime
UnmapViewOfFile
MoveFileExW
ReplaceFileW
CopyFileW
GetFileAttributesW
GetFileAttributesExW
SetCurrentDirectoryW
RemoveDirectoryW
GetTempFileNameW
CreateDirectoryW
FindNextFileW
FindFirstFileW
GetTempPathW
GetCurrentDirectoryW
MapViewOfFile
CreateFileMappingW
GetLogicalDriveStringsW
GetFileSize
QueryPerformanceFrequency
SystemTimeToFileTime
TzSpecificLocalTimeToSystemTime
SystemTimeToTzSpecificLocalTime
OpenProcess
SetInformationJobObject
SetPriorityClass
AssignProcessToJobObject
SetHandleInformation
GetProcessTimes
GetNativeSystemInfo
ResetEvent
SetEvent
WaitForMultipleObjects
ExpandEnvironmentStringsW
GetDiskFreeSpaceExW
GlobalMemoryStatusEx
SetFilePointerEx
SetFileTime
GetFileInformationByHandle
QueueUserWorkItem
PeekNamedPipe
ConnectNamedPipe
CreateNamedPipeW
GetUserDefaultUILanguage
GetWindowsDirectoryW
GetSystemPowerStatus
GetQueuedCompletionStatus
PostQueuedCompletionStatus
CreateIoCompletionPort
RtlCaptureStackBackTrace
UnregisterWaitEx
RegisterWaitForSingleObject
GetDateFormatW
GetTimeFormatW
GetTimeZoneInformation
GetNumberFormatW
GetCurrencyFormatW
GetThreadLocale
GetModuleHandleExW
FormatMessageW
CancelIo
GetFileSizeEx
CreateSemaphoreA
SuspendThread
ReleaseSemaphore
DeleteFileA
GetDriveTypeA
GetFullPathNameA
MoveFileA
CreateDirectoryA
LockFile
UnlockFile
GetSystemTime
CreateFileMappingA
DebugBreak
SetEnvironmentVariableA
GetDiskFreeSpaceA
GetVolumeInformationA
GetComputerNameA
GetLogicalDrives
GlobalMemoryStatus
AreFileApisANSI
LockFileEx
UnlockFileEx
GetFileAttributesA
GetTempPathA
GetFullPathNameW
GetDiskFreeSpaceW
GetSystemDirectoryA
GetThreadTimes
GetTempFileNameA
IsBadWritePtr
OpenThread
GetThreadContext
CreateSemaphoreW
TerminateJobObject
WriteProcessMemory
VirtualProtectEx
SignalObjectAndWait
GetProcessHandleCount
VirtualFreeEx
CreateJobObjectW
OpenEventW
SearchPathW
ReadProcessMemory
GlobalAddAtomW
GlobalDeleteAtom
GetDriveTypeW

ole32

CoTaskMemAlloc
CoInitialize
PropVariantClear
StringFromGUID2
CoTaskMemRealloc
CoInitializeEx
CoUninitialize
OleUninitialize
OleInitialize
CoCreateGuid
CoCreateInstance
CoTaskMemFree

oleaut32

SysAllocString
LoadTypeLi
VariantClear
VariantInit
VarUI4FromStr
LoadRegTypeLi
SysStringLen
SysFreeString

xinput9_1_0

XInputGetCapabilities
XInputGetState

userenv

DestroyEnvironmentBlock
CreateEnvironmentBlock

urlmon

CoInternetCreateSecurityManager

rpcrt4

UuidToStringW
RpcStringFreeW
UuidCreateSequential

winhttp

WinHttpCloseHandle
WinHttpGetIEProxyConfigForCurrentUser
WinHttpOpen
WinHttpSetTimeouts
WinHttpGetProxyForUrl

dhcpcsvc

DhcpRequestParams
DhcpCApiInitialize

setupapi

SetupDiEnumDriverInfoW
SetupDiDestroyDriverInfoList
SetupDiSetDeviceInstallParamsW
SetupDiGetDeviceInstallParamsW
SetupDiGetClassDevsW
SetupDiEnumDeviceInterfaces
SetupDiBuildDriverInfoList
SetupDiGetDeviceInterfaceDetailW

msimg32

AlphaBlend

ws2_32

socket
closesocket
gethostname
getnameinfo
ioctlsocket
freeaddrinfo
WSAGetLastError
htonl
htons
ntohl
ntohs
WSACloseEvent
recv
getsockname
setsockopt
WSAIoctl
WSASocketW
bind
shutdown
connect
WSAEventSelect
WSACreateEvent
WSARecv
WSASend
WSAGetOverlappedResult
WSAEnumNetworkEvents
accept
listen
WSALookupServiceEnd
WSALookupServiceNextW
WSALookupServiceBeginW
getaddrinfo
getpeername
WSARecvFrom
WSASendTo
getsockopt
gethostbyname
gethostbyaddr
__WSAFDIsSet
select
send
sendto
recvfrom
inet_addr
inet_ntoa
getservbyname
getservbyport
WSASetLastError
WSASetEvent
WSAWaitForMultipleEvents
WSAStartup
WSAResetEvent

usp10

ScriptXtoCP
ScriptGetFontProperties
ScriptFreeCache
ScriptShape
ScriptItemize
ScriptPlace
ScriptCPtoX
ScriptJustify

psapi

GetProcessMemoryInfo

winmm

waveOutPrepareHeader
waveOutGetNumDevs
waveInClose
waveInReset
waveOutUnprepareHeader
waveInStart
waveInUnprepareHeader
waveInAddBuffer
waveInMessage
waveInOpen
waveInGetDevCapsW
timeGetTime
timeBeginPeriod
timeEndPeriod
waveInPrepareHeader
waveOutPause
waveOutRestart
waveOutOpen
waveOutReset
waveOutClose
waveInGetNumDevs
waveOutWrite

shlwapi

SHGetValueA
PathFindFileNameW
PathGetCharTypeW

imm32

ImmGetOpenStatus
ImmCreateContext
ImmIsIME
ImmSetCandidateWindow
ImmReleaseContext
ImmGetContext
ImmNotifyIME
ImmAssociateContextEx
ImmGetCompositionStringW
ImmSetOpenStatus

oleacc

CreateStdAccessibleObject
LresultFromObject

secur32

QueryContextAttributesW
EncryptMessage
FreeContextBuffer
FreeCredentialsHandle
QuerySecurityPackageInfoW
InitializeSecurityContextW
AcquireCredentialsHandleW
CompleteAuthToken
AcquireCredentialsHandleA
DeleteSecurityContext
DecryptMessage
InitializeSecurityContextA

crypt32

CertAddSerializedElementToStore
CryptExportPublicKeyInfoEx
CryptSignAndEncodeCertificate
CertFreeCertificateChainEngine
CertFreeCertificateContext
CertFreeCertificateChain
CertOpenStore
CertDuplicateCertificateContext
CertCreateCertificateChainEngine
CryptAcquireCertificatePrivateKey
CertOpenSystemStoreW
CertFindChainInStore
CertGetIntendedKeyUsage
CertVerifyTimeValidity
CertGetCertificateContextProperty
CertSetCertificateContextProperty
CertAddEncodedCertificateToStore
CertGetCertificateChain
CertVerifyCertificateChainPolicy
CertRDNValueToStrA
CryptHashCertificate
CertAddCertificateContextToStore
CertSerializeCertificateStoreElement
CertCloseStore
CryptFindOIDInfo
CertGetPublicKeyLength
CertFindExtension
CryptDecodeObjectEx

iphlpapi

CancelIPChangeNotify
NotifyAddrChange
GetAdaptersAddresses

gdi32

GetDIBits
RemoveFontMemResourceEx
AddFontMemResourceEx
GetGlyphIndicesW
SetGraphicsMode
SetBkMode
EndPath
GetOutlineTextMetricsW
DeleteObject
GdiFlush
ExtTextOutW
SetWorldTransform
SetTextColor
SetTextAlign
GetFontUnicodeRanges
GetCharABCWidthsW
GetTextFaceW
GdiAlphaBlend
SetROP2
SetDCPenColor
GetStockObject
DeleteDC
CreateRectRgn
BitBlt
GetRegionData
SetICMMode
CreateCompatibleDC
GetDeviceCaps
StretchDIBits
SelectObject
CreateDIBSection
GetTextMetricsW
CreateFontIndirectW
EnumFontFamiliesExW
GetObjectW
GetWorldTransform
GetCurrentObject
GetGlyphOutlineW
ModifyWorldTransform
Rectangle
SetDIBits
GetCharWidthI
EnumFontFamiliesW
SwapBuffers
ChoosePixelFormat
SetPixelFormat
SaveDC
IntersectClipRect
RestoreDC
CreateSolidBrush
StretchBlt
CreateBitmap
GetObjectType
SetRectRgn
CombineRgn
SetDIBitsToDevice
CreateCompatibleBitmap
CreateFontW
CreateRectRgnIndirect
PathToRegion
SelectClipRgn
SetPolyFillMode
BeginPath
PolyBezier
AbortPath
SetDCBrushColor
SetStretchBltMode
SetBrushOrgEx
SetArcDirection
SetBkColor
GetFontData

advapi32

RegCloseKey
SetEntriesInAclW
RegOpenKeyExW
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
GetSecurityInfo
RegSetValueExW
RegQueryInfoKeyW
RegEnumKeyExW
RegQueryValueExW
GetTokenInformation
OpenProcessToken
CreateProcessAsUserW
RegNotifyChangeKeyValue
ConvertSidToStringSidW
GetTraceEnableLevel
GetTraceEnableFlags
GetTraceLoggerHandle
RegisterTraceGuidsW
UnregisterTraceGuids
TraceEvent
RegOpenKeyExA
RegQueryValueExA
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
CryptReleaseContext
CryptDestroyKey
CryptGenKey
CryptContextAddRef
CryptAcquireContextW
CryptImportKey
CryptExportKey
CryptDestroyHash
CryptGetHashParam
CryptHashData
CryptSetHashParam
CryptCreateHash
CopySid
GetLengthSid
CryptSignHashW
CryptGetKeyParam
CryptGetUserKey
RegDisablePredefinedCache
RevertToSelf
SetTokenInformation
ConvertStringSidToSidW
SetSecurityInfo
GetSecurityDescriptorSacl
ConvertStringSecurityDescriptorToSecurityDescriptorW
SetThreadToken
CreateRestrictedToken
DuplicateTokenEx
DuplicateToken
EqualSid
LookupPrivilegeValueW
CreateWellKnownSid

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

Exports

Exports

??0BitmapSurface@Awesomium@@QAE@ABV01@@Z
??0BitmapSurface@Awesomium@@QAE@HH@Z
??0BitmapSurfaceFactory@Awesomium@@QAE@ABV01@@Z
??0BitmapSurfaceFactory@Awesomium@@QAE@XZ
??0DataPakSource@Awesomium@@QAE@ABV01@@Z
??0DataPakSource@Awesomium@@QAE@ABVWebString@1@@Z
??0DataSource@Awesomium@@IAE@XZ
??0DataSource@Awesomium@@QAE@ABV01@@Z
??0Dialog@WebViewListener@Awesomium@@QAE@ABV012@@Z
??0Dialog@WebViewListener@Awesomium@@QAE@XZ
??0Download@WebViewListener@Awesomium@@QAE@ABV012@@Z
??0Download@WebViewListener@Awesomium@@QAE@XZ
??0InputMethodEditor@WebViewListener@Awesomium@@QAE@ABV012@@Z
??0InputMethodEditor@WebViewListener@Awesomium@@QAE@XZ
??0JSArray@Awesomium@@QAE@ABV01@@Z
??0JSArray@Awesomium@@QAE@I@Z
??0JSArray@Awesomium@@QAE@XZ
??0JSObject@Awesomium@@IAE@II@Z
??0JSObject@Awesomium@@QAE@ABV01@@Z
??0JSObject@Awesomium@@QAE@XZ
??0JSValue@Awesomium@@QAE@ABV01@@Z
??0JSValue@Awesomium@@QAE@ABVJSArray@1@@Z
??0JSValue@Awesomium@@QAE@ABVJSObject@1@@Z
??0JSValue@Awesomium@@QAE@ABVWebString@1@@Z
??0JSValue@Awesomium@@QAE@H@Z
??0JSValue@Awesomium@@QAE@N@Z
??0JSValue@Awesomium@@QAE@XZ
??0JSValue@Awesomium@@QAE@_N@Z
??0Load@WebViewListener@Awesomium@@QAE@ABV012@@Z
??0Load@WebViewListener@Awesomium@@QAE@XZ
??0Menu@WebViewListener@Awesomium@@QAE@ABV012@@Z
??0Menu@WebViewListener@Awesomium@@QAE@XZ
??0Print@WebViewListener@Awesomium@@QAE@ABV012@@Z
??0Print@WebViewListener@Awesomium@@QAE@XZ
??0PrintConfig@Awesomium@@QAE@XZ
??0Process@WebViewListener@Awesomium@@QAE@ABV012@@Z
??0Process@WebViewListener@Awesomium@@QAE@XZ
??0Rect@Awesomium@@QAE@HHHH@Z
??0Rect@Awesomium@@QAE@XZ
??0ResourceInterceptor@Awesomium@@QAE@ABV01@@Z
??0ResourceInterceptor@Awesomium@@QAE@XZ
??0ResourceRequest@Awesomium@@QAE@ABV01@@Z
??0ResourceRequest@Awesomium@@QAE@XZ
??0ResourceResponse@Awesomium@@IAE@ABVWebString@1@@Z
??0ResourceResponse@Awesomium@@IAE@IPAEABVWebString@1@@Z
??0ResourceResponse@Awesomium@@QAE@ABV01@@Z
??0Surface@Awesomium@@QAE@ABV01@@Z
??0Surface@Awesomium@@QAE@XZ
??0SurfaceFactory@Awesomium@@QAE@ABV01@@Z
??0SurfaceFactory@Awesomium@@QAE@XZ
??0UploadElement@Awesomium@@QAE@ABV01@@Z
??0UploadElement@Awesomium@@QAE@XZ
??0View@WebViewListener@Awesomium@@QAE@ABV012@@Z
??0View@WebViewListener@Awesomium@@QAE@XZ
??0WebConfig@Awesomium@@QAE@ABU01@@Z
??0WebConfig@Awesomium@@QAE@XZ
??0WebContextMenuInfo@Awesomium@@QAE@ABU01@@Z
??0WebContextMenuInfo@Awesomium@@QAE@XZ
??0WebCore@Awesomium@@QAE@ABV01@@Z
??0WebCore@Awesomium@@QAE@XZ
??0WebFileChooserInfo@Awesomium@@QAE@ABU01@@Z
??0WebFileChooserInfo@Awesomium@@QAE@XZ
??0WebKeyboardEvent@Awesomium@@QAE@IIJ@Z
??0WebKeyboardEvent@Awesomium@@QAE@XZ
??0WebLoginDialogInfo@Awesomium@@QAE@ABU01@@Z
??0WebLoginDialogInfo@Awesomium@@QAE@XZ
??0WebMenuItem@Awesomium@@QAE@ABU01@@Z
??0WebMenuItem@Awesomium@@QAE@XZ
??0WebMenuItemArray@Awesomium@@QAE@ABV01@@Z
??0WebMenuItemArray@Awesomium@@QAE@I@Z
??0WebMenuItemArray@Awesomium@@QAE@XZ
??0WebPageInfo@Awesomium@@QAE@ABU01@@Z
??0WebPageInfo@Awesomium@@QAE@XZ
??0WebPopupMenuInfo@Awesomium@@QAE@ABU01@@Z
??0WebPopupMenuInfo@Awesomium@@QAE@XZ
??0WebPreferences@Awesomium@@QAE@ABU01@@Z
??0WebPreferences@Awesomium@@QAE@XZ
??0WebSession@Awesomium@@QAE@ABV01@@Z
??0WebSession@Awesomium@@QAE@XZ
??0WebString@Awesomium@@AAE@PBX@Z
??0WebString@Awesomium@@QAE@ABV01@@Z
??0WebString@Awesomium@@QAE@ABV01@II@Z
??0WebString@Awesomium@@QAE@PBG@Z
??0WebString@Awesomium@@QAE@PBGI@Z
??0WebString@Awesomium@@QAE@XZ
??0WebStringArray@Awesomium@@QAE@ABV01@@Z
??0WebStringArray@Awesomium@@QAE@I@Z
??0WebStringArray@Awesomium@@QAE@XZ
??0WebTouchEvent@Awesomium@@QAE@XZ
??0WebTouchPoint@Awesomium@@QAE@XZ
??0WebURL@Awesomium@@AAE@PBX@Z
??0WebURL@Awesomium@@QAE@ABV01@@Z
??0WebURL@Awesomium@@QAE@ABVWebString@1@@Z
??0WebURL@Awesomium@@QAE@XZ
??0WebView@Awesomium@@QAE@ABV01@@Z
??0WebView@Awesomium@@QAE@XZ
??1BitmapSurface@Awesomium@@UAE@XZ
??1BitmapSurfaceFactory@Awesomium@@UAE@XZ
??1DataPakSource@Awesomium@@UAE@XZ
??1DataSource@Awesomium@@UAE@XZ
??1Dialog@WebViewListener@Awesomium@@MAE@XZ
??1Download@WebViewListener@Awesomium@@MAE@XZ
??1InputMethodEditor@WebViewListener@Awesomium@@MAE@XZ
??1JSArray@Awesomium@@QAE@XZ
??1JSObject@Awesomium@@QAE@XZ
??1JSValue@Awesomium@@QAE@XZ
??1Load@WebViewListener@Awesomium@@MAE@XZ
??1Menu@WebViewListener@Awesomium@@MAE@XZ
??1Print@WebViewListener@Awesomium@@MAE@XZ
??1Process@WebViewListener@Awesomium@@MAE@XZ
??1ResourceInterceptor@Awesomium@@UAE@XZ
??1ResourceRequest@Awesomium@@MAE@XZ
??1ResourceResponse@Awesomium@@IAE@XZ
??1Surface@Awesomium@@UAE@XZ
??1SurfaceFactory@Awesomium@@UAE@XZ
??1UploadElement@Awesomium@@MAE@XZ
??1View@WebViewListener@Awesomium@@MAE@XZ
??1WebConfig@Awesomium@@QAE@XZ
??1WebContextMenuInfo@Awesomium@@QAE@XZ
??1WebCore@Awesomium@@MAE@XZ
??1WebFileChooserInfo@Awesomium@@QAE@XZ
??1WebLoginDialogInfo@Awesomium@@QAE@XZ
??1WebMenuItem@Awesomium@@QAE@XZ
??1WebMenuItemArray@Awesomium@@QAE@XZ
??1WebPageInfo@Awesomium@@QAE@XZ
??1WebPopupMenuInfo@Awesomium@@QAE@XZ
??1WebPreferences@Awesomium@@QAE@XZ
??1WebSession@Awesomium@@MAE@XZ
??1WebString@Awesomium@@QAE@XZ
??1WebStringArray@Awesomium@@QAE@XZ
??1WebURL@Awesomium@@QAE@XZ
??1WebView@Awesomium@@MAE@XZ
??4BitmapSurface@Awesomium@@QAEAAV01@ABV01@@Z
??4BitmapSurfaceFactory@Awesomium@@QAEAAV01@ABV01@@Z
??4DataPakSource@Awesomium@@QAEAAV01@ABV01@@Z
??4DataSource@Awesomium@@QAEAAV01@ABV01@@Z
??4Dialog@WebViewListener@Awesomium@@QAEAAV012@ABV012@@Z
??4Download@WebViewListener@Awesomium@@QAEAAV012@ABV012@@Z
??4InputMethodEditor@WebViewListener@Awesomium@@QAEAAV012@ABV012@@Z
??4JSArray@Awesomium@@QAEAAV01@ABV01@@Z
??4JSObject@Awesomium@@QAEAAV01@ABV01@@Z
??4JSValue@Awesomium@@QAEAAV01@ABV01@@Z
??4Load@WebViewListener@Awesomium@@QAEAAV012@ABV012@@Z
??4Menu@WebViewListener@Awesomium@@QAEAAV012@ABV012@@Z
??4Print@WebViewListener@Awesomium@@QAEAAV012@ABV012@@Z
??4PrintConfig@Awesomium@@QAEAAU01@ABU01@@Z
??4Process@WebViewListener@Awesomium@@QAEAAV012@ABV012@@Z
??4Rect@Awesomium@@QAEAAU01@ABU01@@Z
??4ResourceInterceptor@Awesomium@@QAEAAV01@ABV01@@Z
??4ResourceRequest@Awesomium@@QAEAAV01@ABV01@@Z
??4ResourceResponse@Awesomium@@QAEAAV01@ABV01@@Z
??4Surface@Awesomium@@QAEAAV01@ABV01@@Z
??4SurfaceFactory@Awesomium@@QAEAAV01@ABV01@@Z
??4UploadElement@Awesomium@@QAEAAV01@ABV01@@Z
??4View@WebViewListener@Awesomium@@QAEAAV012@ABV012@@Z
??4WebConfig@Awesomium@@QAEAAU01@ABU01@@Z
??4WebContextMenuInfo@Awesomium@@QAEAAU01@ABU01@@Z
??4WebCore@Awesomium@@QAEAAV01@ABV01@@Z
??4WebFileChooserInfo@Awesomium@@QAEAAU01@ABU01@@Z
??4WebKeyboardEvent@Awesomium@@QAEAAV01@ABV01@@Z
??4WebLoginDialogInfo@Awesomium@@QAEAAU01@ABU01@@Z
??4WebMenuItem@Awesomium@@QAEAAU01@ABU01@@Z
??4WebMenuItemArray@Awesomium@@QAEAAV01@ABV01@@Z
??4WebPageInfo@Awesomium@@QAEAAU01@ABU01@@Z
??4WebPopupMenuInfo@Awesomium@@QAEAAU01@ABU01@@Z
??4WebPreferences@Awesomium@@QAEAAU01@ABU01@@Z
??4WebSession@Awesomium@@QAEAAV01@ABV01@@Z
??4WebString@Awesomium@@QAEAAV01@ABV01@@Z
??4WebStringArray@Awesomium@@QAEAAV01@ABV01@@Z
??4WebTouchEvent@Awesomium@@QAEAAU01@ABU01@@Z
??4WebTouchPoint@Awesomium@@QAEAAU01@ABU01@@Z
??4WebURL@Awesomium@@QAEAAV01@ABV01@@Z
??4WebView@Awesomium@@QAEAAV01@ABV01@@Z
??8WebString@Awesomium@@QBE_NABV01@@Z
??8WebURL@Awesomium@@QBE_NABV01@@Z
??9WebString@Awesomium@@QBE_NABV01@@Z
??9WebURL@Awesomium@@QBE_NABV01@@Z
??AJSArray@Awesomium@@QAEAAVJSValue@1@I@Z
??AJSArray@Awesomium@@QBEABVJSValue@1@I@Z
??AWebMenuItemArray@Awesomium@@QAEAAUWebMenuItem@1@I@Z
??AWebMenuItemArray@Awesomium@@QBEABUWebMenuItem@1@I@Z
??AWebStringArray@Awesomium@@QAEAAVWebString@1@I@Z
??AWebStringArray@Awesomium@@QBEABVWebString@1@I@Z
??MWebString@Awesomium@@QBE_NABV01@@Z
??MWebURL@Awesomium@@QBE_NABV01@@Z
??_7BitmapSurface@Awesomium@@6B@
??_7BitmapSurfaceFactory@Awesomium@@6B@
??_7DataPakSource@Awesomium@@6B@
??_7DataSource@Awesomium@@6B@
??_7Dialog@WebViewListener@Awesomium@@6B@
??_7Download@WebViewListener@Awesomium@@6B@
??_7InputMethodEditor@WebViewListener@Awesomium@@6B@
??_7Load@WebViewListener@Awesomium@@6B@
??_7Menu@WebViewListener@Awesomium@@6B@
??_7Print@WebViewListener@Awesomium@@6B@
??_7Process@WebViewListener@Awesomium@@6B@
??_7ResourceInterceptor@Awesomium@@6B@
??_7ResourceRequest@Awesomium@@6B@
??_7Surface@Awesomium@@6B@
??_7SurfaceFactory@Awesomium@@6B@
??_7UploadElement@Awesomium@@6B@
??_7View@WebViewListener@Awesomium@@6B@
??_7WebCore@Awesomium@@6B@
??_7WebSession@Awesomium@@6B@
??_7WebView@Awesomium@@6B@
?Append@WebString@Awesomium@@QAEAAV12@ABV12@@Z
?Assign@WebString@Awesomium@@QAEAAV12@ABV12@@Z
?Assign@WebString@Awesomium@@QAEAAV12@ABV12@II@Z
?Assign@WebString@Awesomium@@QAEAAV12@PBG@Z
?Assign@WebString@Awesomium@@QAEAAV12@PBGI@Z
?At@JSArray@Awesomium@@QAEAAVJSValue@2@I@Z
?At@JSArray@Awesomium@@QBEABVJSValue@2@I@Z
?At@WebMenuItemArray@Awesomium@@QAEAAUWebMenuItem@2@I@Z
?At@WebMenuItemArray@Awesomium@@QBEABUWebMenuItem@2@I@Z
?At@WebStringArray@Awesomium@@QAEAAVWebString@2@I@Z
?At@WebStringArray@Awesomium@@QBEABVWebString@2@I@Z
?ChildProcessMain@Awesomium@@YAHPAUHINSTANCE__@@@Z
?Clear@JSArray@Awesomium@@QAEXXZ
?Clear@WebString@Awesomium@@QAEXXZ
?Compare@WebString@Awesomium@@QBEHABV12@@Z
?CopyBuffers@Awesomium@@YAXHHPAEH0HH_N1@Z
?CopyTo@BitmapSurface@Awesomium@@QBEXPAEHH_N1@Z
?Create@ResourceResponse@Awesomium@@SAPAV12@ABVWebString@2@@Z
?Create@ResourceResponse@Awesomium@@SAPAV12@IPAEABVWebString@2@@Z
?CreateFromUTF8@WebString@Awesomium@@SA?AV12@PBDI@Z
?CreateSurface@BitmapSurfaceFactory@Awesomium@@UAEPAVSurface@2@PAVWebView@2@HH@Z
?DestroySurface@BitmapSurfaceFactory@Awesomium@@UAEXPAVSurface@2@@Z
?Erase@JSArray@Awesomium@@QAEXI@Z
?GetAlphaAtPoint@BitmapSurface@Awesomium@@QBEEHH@Z
?GetBridge@JSObject@Awesomium@@IBEPAVJSObjectBridge@2@I@Z
?GetKeyIdentifierFromVirtualKeyCode@Awesomium@@YAXHPAPAD@Z
?GetMethodNames@JSObject@Awesomium@@QBE?AVJSArray@2@XZ
?GetProperty@JSObject@Awesomium@@QBE?AVJSValue@2@ABVWebString@2@@Z
?GetPropertyNames@JSObject@Awesomium@@QBE?AVJSArray@2@XZ
?HasMethod@JSObject@Awesomium@@QBE_NABVWebString@2@@Z
?HasProperty@JSObject@Awesomium@@QBE_NABVWebString@2@@Z
?Initialize@WebCore@Awesomium@@SAPAV12@ABUWebConfig@2@@Z
?Insert@JSArray@Awesomium@@QAEXABVJSValue@2@I@Z
?Invoke@JSObject@Awesomium@@QAE?AVJSValue@2@ABVWebString@2@ABVJSArray@2@@Z
?InvokeAsync@JSObject@Awesomium@@QAEXABVWebString@2@ABVJSArray@2@@Z
?IsArray@JSValue@Awesomium@@QBE_NXZ
?IsBoolean@JSValue@Awesomium@@QBE_NXZ
?IsChildProcess@Awesomium@@YA_NPAUHINSTANCE__@@@Z
?IsDouble@JSValue@Awesomium@@QBE_NXZ
?IsEmpty@Rect@Awesomium@@QBE_NXZ
?IsEmpty@WebString@Awesomium@@QBE_NXZ
?IsEmpty@WebURL@Awesomium@@QBE_NXZ
?IsInteger@JSValue@Awesomium@@QBE_NXZ
?IsNull@JSValue@Awesomium@@QBE_NXZ
?IsNumber@JSValue@Awesomium@@QBE_NXZ
?IsObject@JSValue@Awesomium@@QBE_NXZ
?IsString@JSValue@Awesomium@@QBE_NXZ
?IsUndefined@JSValue@Awesomium@@QBE_NXZ
?IsValid@WebURL@Awesomium@@QBE_NXZ
?Null@JSValue@Awesomium@@SAABV12@XZ
?OnFilterNavigation@ResourceInterceptor@Awesomium@@UAE_NHHABVWebString@2@ABVWebURL@2@_N@Z
?OnRequest@DataPakSource@Awesomium@@UAEXHABVResourceRequest@2@ABVWebString@2@@Z
?OnRequest@ResourceInterceptor@Awesomium@@UAEPAVResourceResponse@2@PAVResourceRequest@2@@Z
?OnWillDownload@ResourceInterceptor@Awesomium@@UAEXHHABVWebURL@2@@Z
?Paint@BitmapSurface@Awesomium@@UAEXPAEHABURect@2@1@Z
?Pop@JSArray@Awesomium@@QAEXXZ
?Push@JSArray@Awesomium@@QAEXABVJSValue@2@@Z
?Push@WebMenuItemArray@Awesomium@@QAEXABUWebMenuItem@2@@Z
?Push@WebStringArray@Awesomium@@QAEXABVWebString@2@@Z
?RemoveProperty@JSObject@Awesomium@@QAEXABVWebString@2@@Z
?SaveToJPEG@BitmapSurface@Awesomium@@QBE_NABVWebString@2@H@Z
?SaveToPNG@BitmapSurface@Awesomium@@QBE_NABVWebString@2@_N@Z
?Scroll@BitmapSurface@Awesomium@@UAEXHHABURect@2@@Z
?SendResponse@DataSource@Awesomium@@QAEXHIPAEABVWebString@2@@Z
?SetCustomMethod@JSObject@Awesomium@@QAEXABVWebString@2@_N@Z
?SetProperty@JSObject@Awesomium@@QAEXABVWebString@2@ABVJSValue@2@@Z
?SetPropertyAsync@JSObject@Awesomium@@QAEXABVWebString@2@ABVJSValue@2@@Z
?Shutdown@WebCore@Awesomium@@SAXXZ
?Swap@WebString@Awesomium@@QAEXAAV12@@Z
?ToArray@JSValue@Awesomium@@QAEAAVJSArray@2@XZ
?ToArray@JSValue@Awesomium@@QBEABVJSArray@2@XZ
?ToBoolean@JSValue@Awesomium@@QBE_NXZ
?ToDouble@JSValue@Awesomium@@QBENXZ
?ToInteger@JSValue@Awesomium@@QBEHXZ
?ToObject@JSValue@Awesomium@@QAEAAVJSObject@2@XZ
?ToObject@JSValue@Awesomium@@QBEABVJSObject@2@XZ
?ToString@JSObject@Awesomium@@QBE?AVWebString@2@XZ
?ToString@JSValue@Awesomium@@QBE?AVWebString@2@XZ
?ToUTF8@WebString@Awesomium@@QBEIPADI@Z
?TranslateError@JSObject@Awesomium@@IBEXPAVJSObjectBridge@2@_N@Z
?Undefined@JSValue@Awesomium@@SAABV12@XZ
?WriteDataPak@Awesomium@@YA_NABVWebString@1@00AAG@Z
?anchor@WebURL@Awesomium@@QBE?AVWebString@2@XZ
?buffer@BitmapSurface@Awesomium@@QBEPBEXZ
?capacity@JSArray@Awesomium@@QBEIXZ
?data@WebString@Awesomium@@QBEPBGXZ
?filename@WebURL@Awesomium@@QBE?AVWebString@2@XZ
?height@BitmapSurface@Awesomium@@QBEHXZ
?host@WebURL@Awesomium@@QBE?AVWebString@2@XZ
?instance@WebCore@Awesomium@@SAPAV12@XZ
?instance_@WebCore@Awesomium@@0PAV12@A
?is_dirty@BitmapSurface@Awesomium@@QBE_NXZ
?last_error@JSObject@Awesomium@@QBE?AW4Error@2@XZ
?length@WebString@Awesomium@@QBEIXZ
?owner@JSObject@Awesomium@@QBEPAVWebView@2@XZ
?password@WebURL@Awesomium@@QBE?AVWebString@2@XZ
?path@WebURL@Awesomium@@QBE?AVWebString@2@XZ
?port@WebURL@Awesomium@@QBE?AVWebString@2@XZ
?query@WebURL@Awesomium@@QBE?AVWebString@2@XZ
?ref_count@JSObject@Awesomium@@QBEHXZ
?remote_id@JSObject@Awesomium@@QBEIXZ
?row_span@BitmapSurface@Awesomium@@QBEHXZ
?scheme@WebURL@Awesomium@@QBE?AVWebString@2@XZ
?set_is_dirty@BitmapSurface@Awesomium@@QAEX_N@Z
?set_session@DataSource@Awesomium@@IAEXPAVWebSession@2@H@Z
?size@JSArray@Awesomium@@QBEIXZ
?size@WebMenuItemArray@Awesomium@@QBEIXZ
?size@WebStringArray@Awesomium@@QBEIXZ
?spec@WebURL@Awesomium@@QBE?AVWebString@2@XZ
?type@JSObject@Awesomium@@QBE?AW4JSObjectType@2@XZ
?username@WebURL@Awesomium@@QBE?AVWebString@2@XZ
?width@BitmapSurface@Awesomium@@QBEHXZ
_Awe_BitmapSurfaceFactory_CreateSurface@16
_Awe_BitmapSurfaceFactory_DestroySurface@8
_Awe_BitmapSurfaceFactory_Upcast@4
_Awe_BitmapSurface_CopyTo@24
_Awe_BitmapSurface_GetAlphaAtPoint@12
_Awe_BitmapSurface_Paint@44
_Awe_BitmapSurface_PaintExplicitBitmapSurface@44
_Awe_BitmapSurface_SaveToJPEG_0@12
_Awe_BitmapSurface_SaveToJPEG_1@8
_Awe_BitmapSurface_SaveToPNG_0@12
_Awe_BitmapSurface_SaveToPNG_1@8
_Awe_BitmapSurface_Scroll@28
_Awe_BitmapSurface_ScrollExplicitBitmapSurface@28
_Awe_BitmapSurface_Upcast@4
_Awe_BitmapSurface_buffer@4
_Awe_BitmapSurface_director_connect@12
_Awe_BitmapSurface_height@4
_Awe_BitmapSurface_is_dirty@4
_Awe_BitmapSurface_row_span@4
_Awe_BitmapSurface_set_is_dirty@8
_Awe_BitmapSurface_width@4
_Awe_ChildProcessMain@4
_Awe_CopyBuffers@36
_Awe_DataPakSource_OnRequest@16
_Awe_DataPakSource_OnRequestExplicitDataPakSource@16
_Awe_DataPakSource_Upcast@4
_Awe_DataPakSource_director_connect@8
_Awe_DataSource_OnRequest@16
_Awe_DataSource_SendResponse@20
_Awe_DataSource_director_connect@8
_Awe_Dialog_OnShowCertificateErrorDialog@20
_Awe_Dialog_OnShowFileChooser@12
_Awe_Dialog_OnShowLoginDialog@12
_Awe_Dialog_OnShowPageInfoDialog@12
_Awe_Dialog_director_connect@20
_Awe_Download_OnFinishDownload@20
_Awe_Download_OnRequestDownload@24
_Awe_Download_OnUpdateDownload@36
_Awe_Download_director_connect@16
_Awe_GetKeyIdentifierFromVirtualKeyCode@8
_Awe_InputMethodEditor_OnCancelIME@8
_Awe_InputMethodEditor_OnChangeIMERange@16
_Awe_InputMethodEditor_OnUpdateIME@20
_Awe_InputMethodEditor_director_connect@16
_Awe_IsChildProcess@4
_Awe_JSArray_At_0@8
_Awe_JSArray_Clear@4
_Awe_JSArray_Erase@8
_Awe_JSArray_Insert@12
_Awe_JSArray_Pop@4
_Awe_JSArray_Push@8
_Awe_JSArray_capacity@4
_Awe_JSArray_size@4
_Awe_JSMethodHandler_OnMethodCall@20
_Awe_JSMethodHandler_OnMethodCallWithReturnValue@20
_Awe_JSMethodHandler_director_connect@12
_Awe_JSObject_GetMethodNames@4
_Awe_JSObject_GetProperty@8
_Awe_JSObject_GetPropertyNames@4
_Awe_JSObject_HasMethod@8
_Awe_JSObject_HasProperty@8
_Awe_JSObject_Invoke@12
_Awe_JSObject_InvokeAsync@12
_Awe_JSObject_RemoveProperty@8
_Awe_JSObject_SetCustomMethod@12
_Awe_JSObject_SetProperty@12
_Awe_JSObject_SetPropertyAsync@12
_Awe_JSObject_ToString@4
_Awe_JSObject_last_error@4
_Awe_JSObject_owner@4
_Awe_JSObject_ref_count@4
_Awe_JSObject_remote_id@4
_Awe_JSObject_type@4
_Awe_JSValue_IsArray@4
_Awe_JSValue_IsBoolean@4
_Awe_JSValue_IsDouble@4
_Awe_JSValue_IsInteger@4
_Awe_JSValue_IsNull@4
_Awe_JSValue_IsNumber@4
_Awe_JSValue_IsObject@4
_Awe_JSValue_IsString@4
_Awe_JSValue_IsUndefined@4
_Awe_JSValue_Null@0
_Awe_JSValue_ToArray_0@4
_Awe_JSValue_ToBoolean@4
_Awe_JSValue_ToDouble@4
_Awe_JSValue_ToInteger@4
_Awe_JSValue_ToObject_0@4
_Awe_JSValue_ToString@4
_Awe_JSValue_Undefined@0
_Awe_Load_OnBeginLoadingFrame@28
_Awe_Load_OnDocumentReady@12
_Awe_Load_OnFailLoadingFrame@32
_Awe_Load_OnFinishLoadingFrame@24
_Awe_Load_director_connect@20
_Awe_Menu_OnShowContextMenu@12
_Awe_Menu_OnShowPopupMenu@12
_Awe_Menu_director_connect@12
_Awe_Print_OnFailPrint@12
_Awe_Print_OnFinishPrint@16
_Awe_Print_OnRequestPrint@8
_Awe_Print_director_connect@16
_Awe_Process_OnCrashed@12
_Awe_Process_OnResponsive@8
_Awe_Process_OnUnresponsive@8
_Awe_Process_director_connect@16
_Awe_RegisterStringCallback@4
_Awe_ResourceInterceptor_OnFilterNavigation@24
_Awe_ResourceInterceptor_OnFilterNavigationExplicitResourceInterceptor@24
_Awe_ResourceInterceptor_OnRequest@8
_Awe_ResourceInterceptor_OnRequestExplicitResourceInterceptor@8
_Awe_ResourceInterceptor_OnWillDownload@16
_Awe_ResourceInterceptor_OnWillDownloadExplicitResourceInterceptor@16
_Awe_ResourceInterceptor_director_connect@16
_Awe_ResourceRequest_AppendExtraHeader@12
_Awe_ResourceRequest_AppendUploadBytes@12
_Awe_ResourceRequest_AppendUploadFilePath@8
_Awe_ResourceRequest_Cancel@4
_Awe_ResourceRequest_ClearUploadElements@4
_Awe_ResourceRequest_GetUploadElement@8
_Awe_ResourceRequest_extra_headers@4
_Awe_ResourceRequest_method@4
_Awe_ResourceRequest_num_upload_elements@4
_Awe_ResourceRequest_origin_process_id@4
_Awe_ResourceRequest_origin_routing_id@4
_Awe_ResourceRequest_referrer@4
_Awe_ResourceRequest_set_extra_headers@8
_Awe_ResourceRequest_set_method@8
_Awe_ResourceRequest_set_referrer@8
_Awe_ResourceRequest_url@4
_Awe_ResourceResponse_Create_0@12
_Awe_ResourceResponse_Create_1@4
_Awe_SurfaceFactory_CreateSurface@16
_Awe_SurfaceFactory_DestroySurface@8
_Awe_SurfaceFactory_director_connect@12
_Awe_Surface_Paint@44
_Awe_Surface_Scroll@28
_Awe_Surface_director_connect@12
_Awe_UploadElement_IsBytes@4
_Awe_UploadElement_IsFilePath@4
_Awe_UploadElement_bytes@4
_Awe_UploadElement_file_path@4
_Awe_UploadElement_num_bytes@4
_Awe_View_OnAddConsoleMessage@20
_Awe_View_OnChangeAddressBar@12
_Awe_View_OnChangeCursor@12
_Awe_View_OnChangeFocus@12
_Awe_View_OnChangeTargetURL@12
_Awe_View_OnChangeTitle@12
_Awe_View_OnChangeTooltip@12
_Awe_View_OnShowCreatedWebView@40
_Awe_View_director_connect@36
_Awe_WebConfig_additional_options_get@4
_Awe_WebConfig_additional_options_set@8
_Awe_WebConfig_asset_protocol_get@4
_Awe_WebConfig_asset_protocol_set@8
_Awe_WebConfig_child_process_path_get@4
_Awe_WebConfig_child_process_path_set@8
_Awe_WebConfig_log_level_get@4
_Awe_WebConfig_log_level_set@8
_Awe_WebConfig_log_path_get@4
_Awe_WebConfig_log_path_set@8
_Awe_WebConfig_package_path_get@4
_Awe_WebConfig_package_path_set@8
_Awe_WebConfig_plugin_path_get@4
_Awe_WebConfig_plugin_path_set@8
_Awe_WebConfig_reduce_memory_usage_on_navigation_get@4
_Awe_WebConfig_reduce_memory_usage_on_navigation_set@8
_Awe_WebConfig_remote_debugging_host_get@4
_Awe_WebConfig_remote_debugging_host_set@8
_Awe_WebConfig_remote_debugging_port_get@4
_Awe_WebConfig_remote_debugging_port_set@8
_Awe_WebConfig_user_agent_get@4
_Awe_WebConfig_user_agent_set@8
_Awe_WebConfig_user_script_get@4
_Awe_WebConfig_user_script_set@8
_Awe_WebContextMenuInfo_edit_flags_get@4
_Awe_WebContextMenuInfo_edit_flags_set@8
_Awe_WebContextMenuInfo_frame_id_get@4
_Awe_WebContextMenuInfo_frame_id_set@12
_Awe_WebContextMenuInfo_frame_url_get@4
_Awe_WebContextMenuInfo_frame_url_set@8
_Awe_WebContextMenuInfo_is_editable_get@4

Sections

.text
Size: 18.2MB - Virtual size: 18.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3.1MB - Virtual size: 3.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 168KB - Virtual size: 430KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.unwante
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 911KB - Virtual size: 910KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Browser History Examiner 1.9.0/Data/Browser History Examiner/awesomium_process
.exe windows x86

3e23a87136c45cfd410f1805b6182c6a

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

09/07/1999, 18:31

Not After

09/07/2019, 18:40

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

10:70:9d:4f:f5:54:08:d7:30:60:01:d8:ea:91:75:bb
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

24/08/2011, 00:00

Not After

30/05/2020, 10:48

Subject

CN=COMODO Code Signing CA 2,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

2e:17:09:ca:1b:92:03:75:b3:bf:ae:4b:d5:b5:29:75
Certificate

Issuer

CN=COMODO Code Signing CA 2,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

29/03/2013, 00:00

Not After

29/03/2015, 23:59

Subject

CN=Awesomium Technologies LLC,O=Awesomium Technologies LLC,POSTALCODE=77095,STREET=\#4+STREET=15822 Jamie Lee Dr.,L=Houston,ST=TX,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

ae:48:56:85:b4:20:d3:7e:9a:b5:01:a0:ef:cf:d7:20:12:e7:5c:3d
Signer

Actual PE Digest

ae:48:56:85:b4:20:d3:7e:9a:b5:01:a0:ef:cf:d7:20:12:e7:5c:3d

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Awesomium Technologies LLC,O=Awesomium Technologies LLC,POSTALCODE=77095,STREET=\#4+STREET=15822 Jamie Lee Dr.,L=Houston,ST=TX,C=US

28/03/2014, 20:59
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
MultiByteToWideChar
LCMapStringW
GetCommandLineW
HeapSetInformation
GetStartupInfoW
RtlUnwind
SetUnhandledExceptionFilter
GetProcAddress
GetModuleHandleW
DecodePointer
WriteFile
GetStdHandle
GetModuleFileNameW
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
GetLastError
InterlockedDecrement
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
IsDebuggerPresent
LeaveCriticalSection
EnterCriticalSection
LoadLibraryW
HeapFree
Sleep
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
WideCharToMultiByte
HeapSize
HeapAlloc
HeapReAlloc
IsProcessorFeaturePresent
GetStringTypeW

awesomium

?ChildProcessMain@Awesomium@@YAHPAUHINSTANCE__@@@Z

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Browser History Examiner 1.9.0/Data/Browser History Examiner/icudt.dll
.dll windows x86

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

09/07/1999, 18:31

Not After

09/07/2019, 18:40

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

10:70:9d:4f:f5:54:08:d7:30:60:01:d8:ea:91:75:bb
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

24/08/2011, 00:00

Not After

30/05/2020, 10:48

Subject

CN=COMODO Code Signing CA 2,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

2e:17:09:ca:1b:92:03:75:b3:bf:ae:4b:d5:b5:29:75
Certificate

Issuer

CN=COMODO Code Signing CA 2,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

29/03/2013, 00:00

Not After

29/03/2015, 23:59

Subject

CN=Awesomium Technologies LLC,O=Awesomium Technologies LLC,POSTALCODE=77095,STREET=\#4+STREET=15822 Jamie Lee Dr.,L=Houston,ST=TX,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

30:dd:da:d8:79:d3:20:14:9a:8e:cf:64:73:f6:94:f2:a9:1f:8a:3c
Signer

Actual PE Digest

30:dd:da:d8:79:d3:20:14:9a:8e:cf:64:73:f6:94:f2:a9:1f:8a:3c

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Awesomium Technologies LLC,O=Awesomium Technologies LLC,POSTALCODE=77095,STREET=\#4+STREET=15822 Jamie Lee Dr.,L=Houston,ST=TX,C=US

28/03/2014, 20:59
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

icudt46_dat

Sections

.rdata
Size: 9.5MB - Virtual size: 9.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Browser History Examiner 1.9.0/Data/Browser History Examiner/inspector.pak
.js
Browser History Examiner 1.9.0/Data/Browser History Examiner/libEGL.dll
.dll windows x86

710733cb2e6f746a635638eb8ffc24e8

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

09/07/1999, 18:31

Not After

09/07/2019, 18:40

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

10:70:9d:4f:f5:54:08:d7:30:60:01:d8:ea:91:75:bb
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

24/08/2011, 00:00

Not After

30/05/2020, 10:48

Subject

CN=COMODO Code Signing CA 2,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

2e:17:09:ca:1b:92:03:75:b3:bf:ae:4b:d5:b5:29:75
Certificate

Issuer

CN=COMODO Code Signing CA 2,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

29/03/2013, 00:00

Not After

29/03/2015, 23:59

Subject

CN=Awesomium Technologies LLC,O=Awesomium Technologies LLC,POSTALCODE=77095,STREET=\#4+STREET=15822 Jamie Lee Dr.,L=Houston,ST=TX,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

cf:1a:5a:31:eb:21:cb:8c:da:28:a2:dd:59:a2:fa:f2:e6:e2:bb:be
Signer

Actual PE Digest

cf:1a:5a:31:eb:21:cb:8c:da:28:a2:dd:59:a2:fa:f2:e6:e2:bb:be

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Awesomium Technologies LLC,O=Awesomium Technologies LLC,POSTALCODE=77095,STREET=\#4+STREET=15822 Jamie Lee Dr.,L=Houston,ST=TX,C=US

28/03/2014, 20:59
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

d3d9

D3DPERF_BeginEvent
D3DPERF_SetMarker
D3DPERF_EndEvent
D3DPERF_GetStatus
Direct3DCreate9

kernel32

FlushFileBuffers
CloseHandle
TlsFree
LocalFree
TlsGetValue
TlsSetValue
LocalAlloc
TlsAlloc
Sleep
GetModuleHandleW
GetProcAddress
GetVersion
GetCurrentProcessId
GetLastError
GetCurrentThreadId
CreateFileW
WriteConsoleW
SetStdHandle
GetStringTypeW
MultiByteToWideChar
LCMapStringW
GetConsoleMode
GetConsoleCP
SetFilePointer
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
SetLastError
GetCurrentProcess
LoadLibraryW
HeapReAlloc
EnterCriticalSection
LeaveCriticalSection
GetModuleFileNameW
FreeLibrary
InterlockedExchange
LoadLibraryA
RaiseException
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
DecodePointer
TerminateProcess
RtlUnwind
GetCommandLineA
HeapFree
IsProcessorFeaturePresent
HeapAlloc
HeapSize
ExitProcess
InterlockedIncrement
InterlockedDecrement
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
WriteFile

user32

GetDC
RemovePropW
SetWindowLongW
GetPropW
InvalidateRect
ReleaseDC
DestroyWindow
IsWindow
SetPropW
CallWindowProcW
GetClientRect
GetWindowThreadProcessId
CreateWindowExW

gdi32

GetDeviceCaps

libglesv2

ord145
ord146
ord147
ord158
ord148
ord144

Exports

Exports

eglBindAPI
eglBindTexImage
eglChooseConfig
eglCopyBuffers
eglCreateContext
eglCreatePbufferFromClientBuffer
eglCreatePbufferSurface
eglCreatePixmapSurface
eglCreateWindowSurface
eglDestroyContext
eglDestroySurface
eglGetConfigAttrib
eglGetConfigs
eglGetCurrentContext
eglGetCurrentDisplay
eglGetCurrentSurface
eglGetDisplay
eglGetError
eglGetProcAddress
eglInitialize
eglMakeCurrent
eglQueryAPI
eglQueryContext
eglQueryString
eglQuerySurface
eglReleaseTexImage
eglReleaseThread
eglSurfaceAttrib
eglSwapBuffers
eglSwapInterval
eglTerminate
eglWaitClient
eglWaitGL
eglWaitNative

Sections

.text
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Browser History Examiner 1.9.0/Data/Browser History Examiner/libGLESv2.dll
.dll windows x86

a964ed88cf48455659ebe0b43ae36979

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

09/07/1999, 18:31

Not After

09/07/2019, 18:40

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

10:70:9d:4f:f5:54:08:d7:30:60:01:d8:ea:91:75:bb
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

24/08/2011, 00:00

Not After

30/05/2020, 10:48

Subject

CN=COMODO Code Signing CA 2,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

2e:17:09:ca:1b:92:03:75:b3:bf:ae:4b:d5:b5:29:75
Certificate

Issuer

CN=COMODO Code Signing CA 2,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

29/03/2013, 00:00

Not After

29/03/2015, 23:59

Subject

CN=Awesomium Technologies LLC,O=Awesomium Technologies LLC,POSTALCODE=77095,STREET=\#4+STREET=15822 Jamie Lee Dr.,L=Houston,ST=TX,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

35:7a:4d:1a:eb:b7:14:a3:cc:a6:7c:47:e5:b5:22:15:65:a9:2e:6f
Signer

Actual PE Digest

35:7a:4d:1a:eb:b7:14:a3:cc:a6:7c:47:e5:b5:22:15:65:a9:2e:6f

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Awesomium Technologies LLC,O=Awesomium Technologies LLC,POSTALCODE=77095,STREET=\#4+STREET=15822 Jamie Lee Dr.,L=Houston,ST=TX,C=US

28/03/2014, 20:59
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

d3d9

D3DPERF_EndEvent
D3DPERF_SetMarker
D3DPERF_BeginEvent
D3DPERF_GetStatus

d3dx9_43

D3DXLoadSurfaceFromSurface
D3DXCompileShader
D3DXFloat16To32Array
D3DXGetShaderConstantTable

d3dcompiler_43

D3DCompile

kernel32

CreateFileW
ReadFile
CreateFileA
SetEndOfFile
FlushFileBuffers
SetStdHandle
SetFilePointer
HeapSize
WriteConsoleW
ExitProcess
TlsFree
LocalFree
TlsGetValue
TlsSetValue
LocalAlloc
TlsAlloc
GetTempFileNameA
GetTempPathA
Sleep
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
InterlockedExchange
MultiByteToWideChar
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
EncodePointer
DecodePointer
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
RtlUnwind
GetCurrentThreadId
GetCommandLineA
GetLastError
HeapFree
HeapReAlloc
HeapAlloc
GetProcAddress
GetModuleHandleW
GetProcessHeap
RaiseException
LCMapStringW
GetCPInfo
WriteFile
GetStdHandle
GetModuleFileNameW
GetLocaleInfoW
IsProcessorFeaturePresent
SetLastError
CloseHandle
GetConsoleCP
GetConsoleMode
InitializeCriticalSectionAndSpinCount
SetHandleCount
GetFileType
GetStartupInfoW
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
HeapDestroy
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetACP
GetOEMCP
IsValidCodePage
LoadLibraryW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeW

Exports

Exports

glActiveTexture
glAttachShader
glBindAttribLocation
glBindBuffer
glBindFramebuffer
glBindRenderbuffer
glBindTexture
glBlendColor
glBlendEquation
glBlendEquationSeparate
glBlendFunc
glBlendFuncSeparate
glBlitFramebufferANGLE
glBufferData
glBufferSubData
glCheckFramebufferStatus
glClear
glClearColor
glClearDepthf
glClearStencil
glColorMask
glCompileShader
glCompressedTexImage2D
glCompressedTexSubImage2D
glCopyTexImage2D
glCopyTexSubImage2D
glCreateProgram
glCreateShader
glCullFace
glDeleteBuffers
glDeleteFencesNV
glDeleteFramebuffers
glDeleteProgram
glDeleteRenderbuffers
glDeleteShader
glDeleteTextures
glDepthFunc
glDepthMask
glDepthRangef
glDetachShader
glDisable
glDisableVertexAttribArray
glDrawArrays
glDrawElements
glEnable
glEnableVertexAttribArray
glFinish
glFinishFenceNV
glFlush
glFramebufferRenderbuffer
glFramebufferTexture2D
glFrontFace
glGenBuffers
glGenFencesNV
glGenFramebuffers
glGenRenderbuffers
glGenTextures
glGenerateMipmap
glGetActiveAttrib
glGetActiveUniform
glGetAttachedShaders
glGetAttribLocation
glGetBooleanv
glGetBufferParameteriv
glGetError
glGetFenceivNV
glGetFloatv
glGetFramebufferAttachmentParameteriv
glGetGraphicsResetStatusEXT
glGetIntegerv
glGetProgramInfoLog
glGetProgramiv
glGetRenderbufferParameteriv
glGetShaderInfoLog
glGetShaderPrecisionFormat
glGetShaderSource
glGetShaderiv
glGetString
glGetTexParameterfv
glGetTexParameteriv
glGetTranslatedShaderSourceANGLE
glGetUniformLocation
glGetUniformfv
glGetUniformiv
glGetVertexAttribPointerv
glGetVertexAttribfv
glGetVertexAttribiv
glGetnUniformfvEXT
glGetnUniformivEXT
glHint
glIsBuffer
glIsEnabled
glIsFenceNV
glIsFramebuffer
glIsProgram
glIsRenderbuffer
glIsShader
glIsTexture
glLineWidth
glLinkProgram
glPixelStorei
glPolygonOffset
glReadPixels
glReadnPixelsEXT
glReleaseShaderCompiler
glRenderbufferStorage
glRenderbufferStorageMultisampleANGLE
glSampleCoverage
glScissor
glSetFenceNV
glShaderBinary
glShaderSource
glStencilFunc
glStencilFuncSeparate
glStencilMask
glStencilMaskSeparate
glStencilOp
glStencilOpSeparate
glTestFenceNV
glTexImage2D
glTexImage3DOES
glTexParameterf
glTexParameterfv
glTexParameteri
glTexParameteriv
glTexStorage2DEXT
glTexSubImage2D
glUniform1f
glUniform1fv
glUniform1i
glUniform1iv
glUniform2f
glUniform2fv
glUniform2i
glUniform2iv
glUniform3f
glUniform3fv
glUniform3i
glUniform3iv
glUniform4f
glUniform4fv
glUniform4i
glUniform4iv
glUniformMatrix2fv
glUniformMatrix3fv
glUniformMatrix4fv
glUseProgram
glValidateProgram
glVertexAttrib1f
glVertexAttrib1fv
glVertexAttrib2f
glVertexAttrib2fv
glVertexAttrib3f
glVertexAttrib3fv
glVertexAttrib4f
glVertexAttrib4fv
glVertexAttribPointer
glViewport

Sections

.text
Size: 466KB - Virtual size: 465KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Browser History Examiner 1.9.0/Data/Browser History Examiner/wkhtmltopdf.exe
.exe windows x86

dcdaa39d938f2fd5447d95ed0bc51abe

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDateFormatW
GetTimeFormatW
GetCurrencyFormatW
GetUserDefaultUILanguage
FindFirstFileExW
FindCloseChangeNotification
FindFirstChangeNotificationW
FindNextChangeNotification
GetFileType
OutputDebugStringW
ResetEvent
WaitForMultipleObjects
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
ResumeThread
TerminateThread
GetThreadPriority
SetThreadPriority
GetCurrentThreadId
CreateThread
SwitchToThread
PeekNamedPipe
FileTimeToLocalFileTime
GetStringTypeW
LCMapStringW
WriteConsoleW
CreateEventW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetModuleFileNameA
GetProcessHeap
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
TerminateProcess
InitializeCriticalSectionAndSpinCount
FileTimeToSystemTime
UnhandledExceptionFilter
SetConsoleMode
ReadConsoleInputA
SetConsoleCtrlHandler
SetFileAttributesW
SetStdHandle
GetConsoleCP
ReadConsoleW
GetConsoleMode
ExitThread
GetTimeZoneInformation
IsProcessorFeaturePresent
HeapSize
HeapReAlloc
HeapAlloc
HeapFree
GetCommandLineA
GetModuleHandleExW
DecodePointer
EncodePointer
RtlUnwind
RaiseException
FlushConsoleInputBuffer
LoadLibraryA
GlobalMemoryStatus
GetVersionExA
GetStdHandle
SetLastError
lstrlenA
ExitProcess
SetEvent
DuplicateHandle
CreateSemaphoreW
WaitForSingleObject
ReleaseSemaphore
GetLocalTime
VerifyVersionInfoW
SystemTimeToTzSpecificLocalTime
MoveFileW
CopyFileW
GetLogicalDrives
DeviceIoControl
RemoveDirectoryW
GetFileInformationByHandle
CreateDirectoryW
SetFilePointerEx
SetUnhandledExceptionFilter
VerSetConditionMask
GetUserDefaultLCID
CompareStringW
LoadLibraryW
GlobalSize
GetDriveTypeW
GetLongPathNameW
IsValidLocale
IsValidLanguageGroup
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GetProfileStringW
GetUserDefaultLangID
OpenProcess
CheckRemoteDebuggerPresent
GetModuleHandleW
GetStartupInfoW
CreateProcessW
GetVolumeInformationW
GetLocaleInfoW
SetErrorMode
WideCharToMultiByte
MultiByteToWideChar
AreFileApisANSI
GetTempPathA
FormatMessageW
FormatMessageA
IsDebuggerPresent
LocalFree
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
GetSystemTimeAsFileTime
GetSystemTime
GetCurrentProcessId
Sleep
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetLastError
GetTempPathW
WriteFile
UnlockFileEx
UnlockFile
SetFilePointer
SetEndOfFile
LockFileEx
LockFile
GetFullPathNameW
GetFullPathNameA
GetFileSize
GetFileAttributesW
GetFileAttributesA
GetDiskFreeSpaceW
GetDiskFreeSpaceA
FlushFileBuffers
DeleteFileW
DeleteFileA
CreateFileA
VirtualProtect
CloseHandle
ReadFile
GetFileAttributesExW
CreateFileW
GetModuleFileNameW
GetSystemDirectoryW
FindNextFileW
FindFirstFileW
FindClose
ExpandEnvironmentStringsW
LoadLibraryExW
GetCurrentDirectoryW
SetCurrentDirectoryW
GetThreadTimes
GetCurrentThread
GetSystemInfo
GetTickCount
QueryPerformanceFrequency
QueryPerformanceCounter
FreeLibrary
GetProcAddress
GetModuleHandleA
GetVersionExW
GetCurrentProcess
VirtualFree
VirtualAlloc
SetEnvironmentVariableW

user32

ReleaseCapture
UpdateWindow
SetWindowRgn
InvalidateRect
SetPropW
GetPropW
GetClientRect
SetWindowLongA
LoadCursorW
SetCursorPos
GetCursorPos
CreateCursor
DestroyCursor
LoadImageW
CreateIconIndirect
GetActiveWindow
PeekMessageW
PostMessageW
GetDoubleClickTime
SetDoubleClickTime
UnregisterClassW
GetClassInfoW
FlashWindowEx
SetWindowPos
GetSystemMetrics
GetDC
IsIconic
GetKeyState
BeginPaint
EndPaint
ReleaseDC
GetWindowLongW
SetWindowLongW
SetCapture
SendMessageW
DefWindowProcA
DefWindowProcW
CallWindowProcW
RegisterClassExW
CreateWindowExW
IsChild
DestroyWindow
GetFocus
SetFocus
GetProcessWindowStation
GetUserObjectInformationW
KillTimer
SetTimer
MsgWaitForMultipleObjectsEx
GetQueueStatus
RegisterClassW
DispatchMessageW
CharNextExA
LoadIconW
GetClipboardFormatNameW
GetAsyncKeyState
RegisterClipboardFormatW
SetMenuItemInfoW
TrackPopupMenuEx
GetMenu
MapVirtualKeyW
ToUnicode
ToAscii
GetKeyboardState
GetKeyboardLayout
SetCaretPos
MessageBoxA
MoveWindow
GetLastInputInfo
DestroyIcon
GetUpdateRect
GetWindowRgn
InvalidateRgn
MessageBeep
HideCaret
DestroyCaret
CreateCaret
TranslateMessage
RegisterWindowMessageW
GetKeyboardLayoutList
GetIconInfo
DrawIconEx
GetWindowThreadProcessId
ChangeClipboardChain
SetClipboardViewer
SetCursor
CallNextHookEx
ClipCursor
GetCaretBlinkTime
SetCaretBlinkTime
ClientToScreen
ScreenToClient
WindowFromPoint
GetSysColor
GetSysColorBrush
GetParent
SystemParametersInfoW
UnhookWindowsHookEx
SetWindowsHookExW
SetParent
GetDesktopWindow
AdjustWindowRectEx
GetWindowRect
SetWindowTextW
ScrollWindowEx
ValidateRgn
SetForegroundWindow
IsZoomed
IsWindowVisible
SetWindowPlacement
GetWindowPlacement
EnableMenuItem
GetSystemMenu
ShowWindow

shell32

Shell_NotifyIconW
SHGetFileInfoW
ShellExecuteW

ole32

CoCreateGuid
OleInitialize
OleUninitialize
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
OleSetClipboard
OleGetClipboard
OleFlushClipboard
OleIsCurrentClipboard
CoInitialize
CoCreateInstance
CoTaskMemFree
DoDragDrop
ReleaseStgMedium
CoGetMalloc
CoUninitialize
StringFromGUID2

advapi32

CryptDestroyHash
CryptCreateHash
CryptDecrypt
CryptSetHashParam
CryptDestroyKey
ReportEventA
RegisterEventSourceA
DeregisterEventSource
CryptSignHashA
RegCloseKey
RegEnumKeyExW
RegOpenKeyExW
RegQueryValueExW
CryptAcquireContextW
CryptReleaseContext
CryptGenRandom
OpenProcessToken
CopySid
RegSetValueExW
RegQueryInfoKeyW
RegFlushKey
RegEnumValueW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
GetTokenInformation
GetLengthSid
FreeSid

ws2_32

recv
send
shutdown
WSASetLastError
htonl
inet_addr
ntohl
gethostbyaddr
gethostbyname
WSANtohl
getsockopt
__WSAFDIsSet
bind
closesocket
getpeername
getsockname
listen
select
setsockopt
WSAStartup
WSACleanup
WSAAccept
WSAConnect
WSAHtonl
WSAHtons
WSAIoctl
WSAAsyncSelect
WSASocketW
WSASendTo
WSASend
WSARecvFrom
WSARecv
WSANtohs
WSAGetLastError

gdi32

CreateFontIndirectW
EnumFontFamiliesExW
GetFontData
GetTextMetricsW
GetTextFaceW
GetCharABCWidthsW
GetCharABCWidthsFloatW
GetGlyphOutlineW
GetOutlineTextMetricsW
GetTextExtentPoint32W
GetCharABCWidthsI
SetBkMode
GetStockObject
SetTextAlign
ExtTextOutW
CreateDCW
CreatePen
CreateSolidBrush
GetBkMode
LineTo
RestoreDC
ResetDCW
GetDIBits
SelectClipRgn
SetPolyFillMode
StretchBlt
StartDocW
EndDoc
StartPage
EndPage
AbortDoc
BeginPath
CloseFigure
EndPath
FillPath
SelectClipPath
StrokePath
ExtCreatePen
MoveToEx
PolyBezierTo
CreatePalette
GetPaletteEntries
GdiFlush
CreateCompatibleBitmap
PtInRegion
RealizePalette
SelectPalette
CombineRgn
CreateEllipticRgn
GetRegionData
OffsetRgn
BitBlt
SaveDC
CreateBitmap
CreateCompatibleDC
GetDeviceCaps
GetRgnBox
CreateRectRgn
GetObjectW
CreateDIBSection
SetWorldTransform
SetGraphicsMode
SelectObject
GetCurrentObject
DeleteObject
DeleteDC
SetTextColor

shlwapi

PathCombineW
PathRemoveFileSpecW
SHGetValueW

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

comdlg32

GetOpenFileNameW

imm32

ImmNotifyIME
ImmGetContext
ImmReleaseContext
ImmAssociateContext
ImmGetCompositionStringW
ImmSetCompositionFontW
ImmSetCompositionWindow
ImmSetCandidateWindow
ImmGetDefaultIMEWnd

winmm

timeBeginPeriod
timeEndPeriod

winspool.drv

OpenPrinterW
DeviceCapabilitiesW
GetPrinterW
ClosePrinter
EnumFormsW
EnumPrintersW

crypt32

CertFreeCertificateContext

Exports

Exports

??0Converter@wkhtmltopdf@@QAE@XZ
??0CropSettings@settings@wkhtmltopdf@@QAE@XZ
??0HeaderFooter@settings@wkhtmltopdf@@QAE@ABU012@@Z
??0HeaderFooter@settings@wkhtmltopdf@@QAE@XZ
??0ImageConverter@wkhtmltopdf@@QAE@AAUImageGlobal@settings@1@PBVQString@@@Z
??0ImageGlobal@settings@wkhtmltopdf@@QAE@ABU012@@Z
??0ImageGlobal@settings@wkhtmltopdf@@QAE@XZ
??0JSString@JSC@@AAE@W4VPtrStealingHackType@JSCell@1@@Z
??0JSString@JSC@@QAE@PAVExecState@1@VJSValue@1@11@Z
??0JSString@JSC@@QAE@PAVJSGlobalData@1@ABVUString@1@11@Z
??0JSString@JSC@@QAE@PAVJSGlobalData@1@ABVUString@1@1@Z
??0JSString@JSC@@QAE@PAVJSGlobalData@1@ABVUString@1@@Z
??0JSString@JSC@@QAE@PAVJSGlobalData@1@ABVUString@1@W4HasOtherOwnerType@01@@Z
??0JSString@JSC@@QAE@PAVJSGlobalData@1@IABVUString@1@PAV01@@Z
??0JSString@JSC@@QAE@PAVJSGlobalData@1@IPAV01@1@Z
??0JSString@JSC@@QAE@PAVJSGlobalData@1@IPAV01@ABVUString@1@@Z
??0JSString@JSC@@QAE@PAVJSGlobalData@1@V?$PassRefPtr@VRopeImpl@JSC@@@WTF@@@Z
??0JSString@JSC@@QAE@PAVJSGlobalData@1@V?$PassRefPtr@VStringImpl@WTF@@@WTF@@W4HasOtherOwnerType@01@@Z
??0LoadGlobal@settings@wkhtmltopdf@@QAE@ABU012@@Z
??0LoadGlobal@settings@wkhtmltopdf@@QAE@XZ
??0LoadPage@settings@wkhtmltopdf@@QAE@ABU012@@Z
??0LoadPage@settings@wkhtmltopdf@@QAE@XZ
??0Margin@settings@wkhtmltopdf@@QAE@XZ
??0MyLooksStyle@@QAE@XZ
??0PdfConverter@wkhtmltopdf@@QAE@AAUPdfGlobal@settings@1@@Z
??0PdfGlobal@settings@wkhtmltopdf@@QAE@ABU012@@Z
??0PdfGlobal@settings@wkhtmltopdf@@QAE@XZ
??0PdfObject@settings@wkhtmltopdf@@QAE@ABU012@@Z
??0PdfObject@settings@wkhtmltopdf@@QAE@XZ
??0PostItem@settings@wkhtmltopdf@@QAE@ABU012@@Z
??0PostItem@settings@wkhtmltopdf@@QAE@XZ
??0Proxy@settings@wkhtmltopdf@@QAE@ABU012@@Z
??0Proxy@settings@wkhtmltopdf@@QAE@XZ
??0Size@settings@wkhtmltopdf@@QAE@XZ
??0TableOfContent@settings@wkhtmltopdf@@QAE@ABU012@@Z
??0TableOfContent@settings@wkhtmltopdf@@QAE@XZ
??0Web@settings@wkhtmltopdf@@QAE@ABU012@@Z
??0Web@settings@wkhtmltopdf@@QAE@XZ
??1Converter@wkhtmltopdf@@UAE@XZ
??1HeaderFooter@settings@wkhtmltopdf@@QAE@XZ
??1ImageConverter@wkhtmltopdf@@UAE@XZ
??1ImageGlobal@settings@wkhtmltopdf@@QAE@XZ
??1JSString@JSC@@UAE@XZ
??1LoadGlobal@settings@wkhtmltopdf@@QAE@XZ
??1LoadPage@settings@wkhtmltopdf@@QAE@XZ
??1MyLooksStyle@@UAE@XZ
??1PdfConverter@wkhtmltopdf@@UAE@XZ
??1PdfGlobal@settings@wkhtmltopdf@@QAE@XZ
??1PdfObject@settings@wkhtmltopdf@@QAE@XZ
??1PostItem@settings@wkhtmltopdf@@QAE@XZ
??1Proxy@settings@wkhtmltopdf@@QAE@XZ
??1TableOfContent@settings@wkhtmltopdf@@QAE@XZ
??1Web@settings@wkhtmltopdf@@QAE@XZ
??4CropSettings@settings@wkhtmltopdf@@QAEAAU012@ABU012@@Z
??4HeaderFooter@settings@wkhtmltopdf@@QAEAAU012@ABU012@@Z
??4ImageGlobal@settings@wkhtmltopdf@@QAEAAU012@ABU012@@Z
??4LoadGlobal@settings@wkhtmltopdf@@QAEAAU012@ABU012@@Z
??4LoadPage@settings@wkhtmltopdf@@QAEAAU012@ABU012@@Z
??4Margin@settings@wkhtmltopdf@@QAEAAU012@ABU012@@Z
??4PdfGlobal@settings@wkhtmltopdf@@QAEAAU012@ABU012@@Z
??4PdfObject@settings@wkhtmltopdf@@QAEAAU012@ABU012@@Z
??4PostItem@settings@wkhtmltopdf@@QAEAAU012@ABU012@@Z
??4Proxy@settings@wkhtmltopdf@@QAEAAU012@ABU012@@Z
??4Size@settings@wkhtmltopdf@@QAEAAU012@ABU012@@Z
??4TableOfContent@settings@wkhtmltopdf@@QAEAAU012@ABU012@@Z
??4Web@settings@wkhtmltopdf@@QAEAAU012@ABU012@@Z
??_7Converter@wkhtmltopdf@@6B@
??_7ImageConverter@wkhtmltopdf@@6B@
??_7JSString@JSC@@6B@
??_7MyLooksStyle@@6B@
??_7PdfConverter@wkhtmltopdf@@6B@
?addResource@PdfConverter@wkhtmltopdf@@QAEXABUPdfObject@settings@2@PBVQString@@@Z
?appendStringInConstruct@JSString@JSC@@AAEXAAIABVUString@2@@Z
?appendStringInConstruct@JSString@JSC@@AAEXAAIPAV12@@Z
?appendValueInConstructAndIncrementLength@JSString@JSC@@AAEXPAVExecState@2@AAIVJSValue@2@@Z
?beginConvertion@Converter@wkhtmltopdf@@QAEXXZ
?canGetIndex@JSString@JSC@@QAE_NI@Z
?cancel@Converter@wkhtmltopdf@@QAEXXZ
?checkbox@MyLooksStyle@@2PAVQSvgRenderer@@A
?checkboxCheckedSvgChanged@Converter@wkhtmltopdf@@IAEXABVQString@@@Z
?checkboxSvgChanged@Converter@wkhtmltopdf@@IAEXABVQString@@@Z
?checkbox_checked@MyLooksStyle@@2PAVQSvgRenderer@@A
?colorModeToStr@settings@wkhtmltopdf@@YA?AVQString@@W4ColorMode@QPrinter@@@Z
?commentAtom@WTF@@3VAtomicString@1@B
?convert@Converter@wkhtmltopdf@@QAE_NXZ
?createStructure@JSString@JSC@@SAPAVStructure@2@AAVJSGlobalData@2@VJSValue@2@@Z
?currentPhase@Converter@wkhtmltopdf@@QAEHXZ
?drawPrimitive@MyLooksStyle@@UBEXW4PrimitiveElement@QStyle@@PBVQStyleOption@@PAVQPainter@@PBVQWidget@@@Z
?dumpDefaultTOCStyleSheet@wkhtmltopdf@@YAXAAVQTextStream@@AAUTableOfContent@settings@1@@Z
?emitCheckboxSvgs@Converter@wkhtmltopdf@@IAEXABULoadPage@settings@2@@Z
?emptyAtom@WTF@@3VAtomicString@1@B
?error@Converter@wkhtmltopdf@@IAEXABVQString@@@Z
?fiberCount@JSString@JSC@@AAEIXZ
?finished@Converter@wkhtmltopdf@@IAEX_N@Z
?get@ImageGlobal@settings@wkhtmltopdf@@QAE?AVQString@@PBD@Z
?get@PdfGlobal@settings@wkhtmltopdf@@QAE?AVQString@@PBD@Z
?get@PdfObject@settings@wkhtmltopdf@@QAE?AVQString@@PBD@Z
?getIndex@JSString@JSC@@QAEPAV12@PAVExecState@2@I@Z
?getIndexSlowCase@JSString@JSC@@QAEPAV12@PAVExecState@2@I@Z
?getOwnPropertyDescriptor@JSString@JSC@@EAE_NPAVExecState@2@ABVIdentifier@2@AAVPropertyDescriptor@2@@Z
?getOwnPropertySlot@JSString@JSC@@EAE_NPAVExecState@2@ABVIdentifier@2@AAVPropertySlot@2@@Z
?getOwnPropertySlot@JSString@JSC@@EAE_NPAVExecState@2@IAAVPropertySlot@2@@Z
?getPrimitiveNumber@JSString@JSC@@EAE_NPAVExecState@2@AANAAVJSValue@2@@Z
?getStringPropertyDescriptor@JSString@JSC@@QAE_NPAVExecState@2@ABVIdentifier@2@AAVPropertyDescriptor@2@@Z
?getStringPropertySlot@JSString@JSC@@QAE_NPAVExecState@2@ABVIdentifier@2@AAVPropertySlot@2@@Z
?getStringPropertySlot@JSString@JSC@@QAE_NPAVExecState@2@IAAVPropertySlot@2@@Z
?globalSettings@PdfConverter@wkhtmltopdf@@QBEABUPdfGlobal@settings@2@XZ
?handleError@@YAH_NH@Z
?httpErrorCode@Converter@wkhtmltopdf@@QAEHXZ
?isRope@JSString@JSC@@ABE_NXZ
?jsArrayVPtr@JSGlobalData@JSC@@2PAXA
?jsByteArrayVPtr@JSGlobalData@JSC@@2PAXA
?jsFunctionVPtr@JSGlobalData@JSC@@2PAXA
?jsStringVPtr@JSGlobalData@JSC@@2PAXA
?length@JSString@JSC@@QAEIXZ
?loadErrorHandlingToStr@settings@wkhtmltopdf@@YA?AVQString@@W4LoadErrorHandling@LoadPage@12@@Z
?mediaFilesExtensions@LoadPage@settings@wkhtmltopdf@@2V?$QList@VQString@@@@A
?metaObject@Converter@wkhtmltopdf@@UBEPBUQMetaObject@@XZ
?metaObject@ImageConverter@wkhtmltopdf@@UBEPBUQMetaObject@@XZ
?metaObject@MyLooksStyle@@UBEPBUQMetaObject@@XZ
?metaObject@PdfConverter@wkhtmltopdf@@UBEPBUQMetaObject@@XZ
?millimeterToPointMultiplier@PdfConverter@wkhtmltopdf@@2NB
?nullAtom@WTF@@3VAtomicString@1@B
?orientationToStr@settings@wkhtmltopdf@@YA?AVQString@@W4Orientation@QPrinter@@@Z
?outOfMemory@JSString@JSC@@ABEXPAVExecState@2@@Z
?output@ImageConverter@wkhtmltopdf@@QAEABVQByteArray@@XZ
?output@PdfConverter@wkhtmltopdf@@QAEABVQByteArray@@XZ
?pageSizeToStr@settings@wkhtmltopdf@@YA?AVQString@@W4PageSize@QPrinter@@@Z
?phaseChanged@Converter@wkhtmltopdf@@IAEXXZ
?phaseCount@Converter@wkhtmltopdf@@QAEHXZ
?phaseDescription@Converter@wkhtmltopdf@@QAE?AVQString@@H@Z
?printerModeToStr@settings@wkhtmltopdf@@YA?AVQString@@W4PrinterMode@QPrinter@@@Z
?priv@ImageConverter@wkhtmltopdf@@EAEAAVConverterPrivate@2@XZ
?priv@PdfConverter@wkhtmltopdf@@EAEAAVConverterPrivate@2@XZ
?producingForms@MyLooksStyle@@QAEX_N@Z
?producingForms@PdfConverter@wkhtmltopdf@@IAEX_N@Z
?progressChanged@Converter@wkhtmltopdf@@IAEXH@Z
?progressString@Converter@wkhtmltopdf@@QAE?AVQString@@XZ
?proxyToStr@settings@wkhtmltopdf@@YA?AVQString@@ABUProxy@12@@Z
?qt_metacall@Converter@wkhtmltopdf@@UAEHW4Call@QMetaObject@@HPAPAX@Z
?qt_metacall@ImageConverter@wkhtmltopdf@@UAEHW4Call@QMetaObject@@HPAPAX@Z
?qt_metacall@MyLooksStyle@@UAEHW4Call@QMetaObject@@HPAPAX@Z
?qt_metacall@PdfConverter@wkhtmltopdf@@UAEHW4Call@QMetaObject@@HPAPAX@Z
?qt_metacast@Converter@wkhtmltopdf@@UAEPAXPBD@Z
?qt_metacast@ImageConverter@wkhtmltopdf@@UAEPAXPBD@Z
?qt_metacast@MyLooksStyle@@UAEPAXPBD@Z
?qt_metacast@PdfConverter@wkhtmltopdf@@UAEPAXPBD@Z
?qt_static_metacall@Converter@wkhtmltopdf@@CAXPAVQObject@@W4Call@QMetaObject@@HPAPAX@Z
?qt_static_metacall@ImageConverter@wkhtmltopdf@@CAXPAVQObject@@W4Call@QMetaObject@@HPAPAX@Z
?qt_static_metacall@MyLooksStyle@@CAXPAVQObject@@W4Call@QMetaObject@@HPAPAX@Z
?qt_static_metacall@PdfConverter@wkhtmltopdf@@CAXPAVQObject@@W4Call@QMetaObject@@HPAPAX@Z
?radiobutton@MyLooksStyle@@2PAVQSvgRenderer@@A
?radiobuttonCheckedSvgChanged@Converter@wkhtmltopdf@@IAEXABVQString@@@Z
?radiobuttonSvgChanged@Converter@wkhtmltopdf@@IAEXABVQString@@@Z
?radiobutton_checked@MyLooksStyle@@2PAVQSvgRenderer@@A
?replaceCharacter@JSString@JSC@@QAE?AVJSValue@2@PAVExecState@2@GABVUString@2@@Z
?resolveRope@JSString@JSC@@ABEXPAVExecState@2@@Z
?resolveRopeSlowCase@JSString@JSC@@ABEXPAVExecState@2@PAG@Z
?s_info@DateInstance@JSC@@2UClassInfo@2@B
?s_info@InternalFunction@JSC@@2UClassInfo@2@B
?s_info@JSArray@JSC@@2UClassInfo@2@B
?s_info@JSFunction@JSC@@2UClassInfo@2@B
?s_info@JSObject@JSC@@2UClassInfo@2@B
?s_info@JSString@JSC@@0UClassInfo@2@B
?s_info@RegExpObject@JSC@@2UClassInfo@2@B
?s_info@StringObject@JSC@@2UClassInfo@2@B
?s_info@Structure@JSC@@0UClassInfo@2@B
?s_maxInternalRopeLength@JSString@JSC@@0IB
?set@ImageGlobal@settings@wkhtmltopdf@@QAE_NPBDABVQString@@@Z
?set@PdfGlobal@settings@wkhtmltopdf@@QAE_NPBDABVQString@@@Z
?set@PdfObject@settings@wkhtmltopdf@@QAE_NPBDABVQString@@@Z
?setCheckboxCheckedSvg@MyLooksStyle@@QAEXABVQString@@@Z
?setCheckboxSvg@MyLooksStyle@@QAEXABVQString@@@Z
?setRadioButtonCheckedSvg@MyLooksStyle@@QAEXABVQString@@@Z
?setRadioButtonSvg@MyLooksStyle@@QAEXABVQString@@@Z
?starAtom@WTF@@3VAtomicString@1@B
?staticData@WTFThreadData@WTF@@0PAV?$ThreadSpecific@VWTFThreadData@WTF@@@2@A
?staticMetaObject@Converter@wkhtmltopdf@@2UQMetaObject@@B
?staticMetaObject@ImageConverter@wkhtmltopdf@@2UQMetaObject@@B
?staticMetaObject@MyLooksStyle@@2UQMetaObject@@B
?staticMetaObject@PdfConverter@wkhtmltopdf@@2UQMetaObject@@B
?staticMetaObjectExtraData@Converter@wkhtmltopdf@@0UQMetaObjectExtraData@@B
?staticMetaObjectExtraData@ImageConverter@wkhtmltopdf@@0UQMetaObjectExtraData@@B
?staticMetaObjectExtraData@MyLooksStyle@@0UQMetaObjectExtraData@@B
?staticMetaObjectExtraData@PdfConverter@wkhtmltopdf@@0UQMetaObjectExtraData@@B
?strToColorMode@settings@wkhtmltopdf@@YA?AW4ColorMode@QPrinter@@PBDPA_N@Z
?strToLoadErrorHandling@settings@wkhtmltopdf@@YA?AW4LoadErrorHandling@LoadPage@12@PBDPA_N@Z
?strToOrientation@settings@wkhtmltopdf@@YA?AW4Orientation@QPrinter@@PBDPA_N@Z
?strToPageSize@settings@wkhtmltopdf@@YA?AW4PageSize@QPrinter@@PBDPA_N@Z
?strToPrinterMode@settings@wkhtmltopdf@@YA?AW4PrinterMode@QPrinter@@PBDPA_N@Z
?strToProxy@settings@wkhtmltopdf@@YA?AUProxy@12@PBDPA_N@Z
?strToUnitReal@settings@wkhtmltopdf@@YA?AU?$QPair@NW4Unit@QPrinter@@@@PBDPA_N@Z
?string@JSString@JSC@@AAEAAVUString@2@XZ
?substringFromRope@JSString@JSC@@AAEPAV12@PAVExecState@2@II@Z
?textAtom@WTF@@3VAtomicString@1@B
?toBoolean@JSString@JSC@@EBE_NPAVExecState@2@@Z
?toNumber@JSString@JSC@@EBENPAVExecState@2@@Z
?toObject@JSString@JSC@@EBEPAVJSObject@2@PAVExecState@2@PAVJSGlobalObject@2@@Z
?toPrimitive@JSString@JSC@@EBE?AVJSValue@2@PAVExecState@2@W4PreferredPrimitiveType@2@@Z
?toString@JSString@JSC@@EBE?AVUString@2@PAVExecState@2@@Z
?toThisObject@JSString@JSC@@EBEPAVJSObject@2@PAVExecState@2@@Z
?tr@Converter@wkhtmltopdf@@SA?AVQString@@PBD0@Z
?tr@Converter@wkhtmltopdf@@SA?AVQString@@PBD0H@Z
?tr@ImageConverter@wkhtmltopdf@@SA?AVQString@@PBD0@Z
?tr@ImageConverter@wkhtmltopdf@@SA?AVQString@@PBD0H@Z
?tr@MyLooksStyle@@SA?AVQString@@PBD0@Z
?tr@MyLooksStyle@@SA?AVQString@@PBD0H@Z
?tr@PdfConverter@wkhtmltopdf@@SA?AVQString@@PBD0@Z
?tr@PdfConverter@wkhtmltopdf@@SA?AVQString@@PBD0H@Z
?trUtf8@Converter@wkhtmltopdf@@SA?AVQString@@PBD0@Z
?trUtf8@Converter@wkhtmltopdf@@SA?AVQString@@PBD0H@Z
?trUtf8@ImageConverter@wkhtmltopdf@@SA?AVQString@@PBD0@Z
?trUtf8@ImageConverter@wkhtmltopdf@@SA?AVQString@@PBD0H@Z
?trUtf8@MyLooksStyle@@SA?AVQString@@PBD0@Z
?trUtf8@MyLooksStyle@@SA?AVQString@@PBD0H@Z
?trUtf8@PdfConverter@wkhtmltopdf@@SA?AVQString@@PBD0@Z
?trUtf8@PdfConverter@wkhtmltopdf@@SA?AVQString@@PBD0H@Z
?tryGetValue@JSString@JSC@@QBEABVUString@2@XZ
?unitRealToStr@settings@wkhtmltopdf@@YA?AVQString@@ABU?$QPair@NW4Unit@QPrinter@@@@PA_N@Z
?value@JSString@JSC@@QBEABVUString@2@PAVExecState@2@@Z
?warning@Converter@wkhtmltopdf@@IAEXABVQString@@@Z
?xmlAtom@WTF@@3VAtomicString@1@B
?xmlnsAtom@WTF@@3VAtomicString@1@B
JSClassCreate
JSClassRelease
JSClassRetain
JSObjectCallAsConstructor
JSObjectCallAsFunction
JSObjectCopyPropertyNames
JSObjectDeletePrivateProperty
JSObjectDeleteProperty
JSObjectGetPrivate
JSObjectGetPrivateProperty
JSObjectGetProperty
JSObjectGetPropertyAtIndex
JSObjectGetPrototype
JSObjectHasProperty
JSObjectIsConstructor
JSObjectIsFunction
JSObjectMake
JSObjectMakeArray
JSObjectMakeConstructor
JSObjectMakeDate
JSObjectMakeError
JSObjectMakeFunction
JSObjectMakeFunctionWithCallback
JSObjectMakeRegExp
JSObjectSetPrivate
JSObjectSetPrivateProperty
JSObjectSetProperty
JSObjectSetPropertyAtIndex
JSObjectSetPrototype
JSPropertyNameAccumulatorAddName
JSPropertyNameArrayGetCount
JSPropertyNameArrayGetNameAtIndex
JSPropertyNameArrayRelease
JSPropertyNameArrayRetain
JSStringCreateWithCharacters
JSStringCreateWithUTF8CString
JSStringGetCharactersPtr
JSStringGetLength
JSStringGetMaximumUTF8CStringSize
JSStringGetUTF8CString
JSStringIsEqual
JSStringIsEqualToUTF8CString
JSStringRelease
JSStringRetain
JSValueCreateJSONString
JSValueGetType
JSValueIsBoolean
JSValueIsEqual
JSValueIsInstanceOfConstructor
JSValueIsNull
JSValueIsNumber
JSValueIsObject
JSValueIsObjectOfClass
JSValueIsStrictEqual
JSValueIsString
JSValueIsUndefined
JSValueMakeBoolean
JSValueMakeFromJSONString
JSValueMakeNull
JSValueMakeNumber
JSValueMakeString
JSValueMakeUndefined
JSValueProtect
JSValueToBoolean
JSValueToNumber
JSValueToObject
JSValueToStringCopy
JSValueUnprotect
_wkhtmltoimage_convert@4
_wkhtmltoimage_create_converter@8
_wkhtmltoimage_create_global_settings@0
_wkhtmltoimage_current_phase@4
_wkhtmltoimage_deinit@0
_wkhtmltoimage_destroy_converter@4
_wkhtmltoimage_extended_qt@0
_wkhtmltoimage_get_global_setting@16
_wkhtmltoimage_get_output@8
_wkhtmltoimage_http_error_code@4
_wkhtmltoimage_init@4
_wkhtmltoimage_phase_count@4
_wkhtmltoimage_phase_description@8
_wkhtmltoimage_progress_string@4
_wkhtmltoimage_set_error_callback@8
_wkhtmltoimage_set_finished_callback@8
_wkhtmltoimage_set_global_setting@12
_wkhtmltoimage_set_phase_changed_callback@8
_wkhtmltoimage_set_progress_changed_callback@8
_wkhtmltoimage_set_warning_callback@8
_wkhtmltoimage_version@0
_wkhtmltopdf_add_object@12
_wkhtmltopdf_convert@4
_wkhtmltopdf_create_converter@4
_wkhtmltopdf_create_global_settings@0
_wkhtmltopdf_create_object_settings@0
_wkhtmltopdf_current_phase@4
_wkhtmltopdf_deinit@0
_wkhtmltopdf_destroy_converter@4
_wkhtmltopdf_destroy_global_settings@4
_wkhtmltopdf_destroy_object_settings@4
_wkhtmltopdf_extended_qt@0
_wkhtmltopdf_get_global_setting@16
_wkhtmltopdf_get_object_setting@16
_wkhtmltopdf_get_output@8
_wkhtmltopdf_http_error_code@4
_wkhtmltopdf_init@4
_wkhtmltopdf_phase_count@4
_wkhtmltopdf_phase_description@8
_wkhtmltopdf_progress_string@4
_wkhtmltopdf_set_error_callback@8
_wkhtmltopdf_set_finished_callback@8
_wkhtmltopdf_set_global_setting@12
_wkhtmltopdf_set_object_setting@12
_wkhtmltopdf_set_phase_changed_callback@8
_wkhtmltopdf_set_progress_changed_callback@8
_wkhtmltopdf_set_warning_callback@8
_wkhtmltopdf_version@0
kJSClassDefinitionEmpty

Sections

.text
Size: 16.1MB - Virtual size: 16.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4.6MB - Virtual size: 4.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 303KB - Virtual size: 362KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.unwante
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 292B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 608B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 972KB - Virtual size: 971KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Browser History Examiner 1.9.0/Data/Browser History Examiner/xinput9_1_0.dll
.dll windows x86

286430b343ed2faba4ceb6c16c83cd3a

Code Sign

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

04/12/2003, 00:00

Not After

03/12/2008, 23:59

Subject

CN=VeriSign Time Stamping Services Signer,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

6a:0b:99:4f:c0:00:0c:ab:11:d8:22:ef:7d:6c:79:7e
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

23/05/2002, 08:00

Not After

25/09/2011, 08:00

Subject

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

61:05:87:58:00:03:00:00:00:5a
Certificate

Issuer

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

05/01/2005, 23:20

Not After

05/04/2006, 23:30

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

74:b5:f5:07:88:7b:ad:78:29:83:d0:95:5a:ef:97:cf:b2:3b:c1:e7
Signer

Actual PE Digest

74:b5:f5:07:88:7b:ad:78:29:83:d0:95:5a:ef:97:cf:b2:3b:c1:e7

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

06/10/2022, 18:38
Valid: false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

RtlUnwind

kernel32

LocalAlloc
LoadLibraryW
FreeLibrary
GetProcAddress
GetLastError
CreateFileW
DeviceIoControl
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
ExitProcess
GetModuleHandleA
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
HeapDestroy
HeapCreate
GetCurrentProcess
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
DuplicateHandle
GetEnvironmentStringsW
WriteFile
InterlockedExchange
VirtualQuery
Sleep
GetACP
GetOEMCP
GetCPInfo
VirtualAlloc
HeapReAlloc
IsBadWritePtr
LoadLibraryA
RaiseException
IsBadReadPtr
IsBadCodePtr
SetFilePointer
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetStdHandle
GetLocaleInfoA
VirtualProtect
GetSystemInfo
FlushFileBuffers
LocalFree
CloseHandle
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
VirtualFree
WideCharToMultiByte

advapi32

TraceMessage
GetTraceLoggerHandle
GetTraceEnableLevel
GetTraceEnableFlags
RegCreateKeyExW
RegSetValueExW
RegCloseKey
UnregisterTraceGuids
RegisterTraceGuidsW

setupapi

SetupDiDestroyDeviceInfoList
SetupDiGetClassDevsW
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailW

Exports

Exports

DllMain
XInputGetCapabilities
XInputGetDSoundAudioDeviceGuids
XInputGetState
XInputSetState

Sections

.text
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 992B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Browser History Examiner 1.9.0/Data/Browser History Examiner/xsandbox.bin
Browser History Examiner 1.9.0/FC Portables.url
.url

Resubmissions

Sharing

General

Malware Config

Signatures

Files

7fa974366048f9c551ef45714595665e

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 23KB - Virtual size: 22KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 151KB

.ndata Size: - Virtual size: 32KB

.rsrc Size: 147KB - Virtual size: 147KB

dae02f32a21e03ce65412f6e56942daa

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate

Extended Key Usages

Key Usages

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate

Extended Key Usages

Key Usages

2e:17:09:ca:1b:92:03:75:b3:bf:ae:4b:d5:b5:29:75Certificate

Extended Key Usages

Key Usages

8c:a5:c3:36:68:34:2c:e0:f1:d6:51:ef:54:27:70:91:33:7e:0c:95Signer

Signature Validations

Verification

31/03/2014, 05:13 Valid: false

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 953KB - Virtual size: 952KB

.sdata Size: 512B - Virtual size: 488B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate

Extended Key Usages

Key Usages

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate

Extended Key Usages

Key Usages

2e:17:09:ca:1b:92:03:75:b3:bf:ae:4b:d5:b5:29:75Certificate

Extended Key Usages

Key Usages

e1:e4:70:4d:61:ed:b3:c0:ea:ca:66:f6:eb:d7:8d:7e:e7:c7:4d:81Signer

Signature Validations

Verification

31/03/2014, 05:13 Valid: false

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 528KB - Virtual size: 527KB

.sdata Size: 512B - Virtual size: 488B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate

Extended Key Usages

Key Usages

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate

.text
Size: 23KB - Virtual size: 22KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 151KB

.ndata
Size: - Virtual size: 32KB

.rsrc
Size: 147KB - Virtual size: 147KB

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

2e:17:09:ca:1b:92:03:75:b3:bf:ae:4b:d5:b5:29:75
Certificate

8c:a5:c3:36:68:34:2c:e0:f1:d6:51:ef:54:27:70:91:33:7e:0c:95
Signer

31/03/2014, 05:13
Valid: false

.text
Size: 953KB - Virtual size: 952KB

.sdata
Size: 512B - Virtual size: 488B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

2e:17:09:ca:1b:92:03:75:b3:bf:ae:4b:d5:b5:29:75
Certificate

e1:e4:70:4d:61:ed:b3:c0:ea:ca:66:f6:eb:d7:8d:7e:e7:c7:4d:81
Signer

31/03/2014, 05:13
Valid: false

.text
Size: 528KB - Virtual size: 527KB

.sdata
Size: 512B - Virtual size: 488B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

2e:17:09:ca:1b:92:03:75:b3:bf:ae:4b:d5:b5:29:75
Certificate

61:7b:94:1a:b6:7e:f8:a4:68:76:38:05:48:21:52:0f:5e:9e:ef:b7
Signer

31/03/2014, 05:13
Valid: false

.text
Size: 288KB - Virtual size: 288KB

.sdata
Size: 512B - Virtual size: 488B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

b6:89:2a:7d:7c:80:55:fc:83:cd:e9:cc:37:80:8b:7f
Certificate

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

4e:b0:87:8f:cc:24:35:36:b2:d8:c9:f7:bf:39:55:77
Certificate

b6:d7:75:d2:00:c4:9d:72:ca:ea:b2:d8:b3:1c:3b:db:41:47:fa:77:c4:ba:2d:9b:06:f3:34:ea:aa:d2:1c:d7
Signer

14/02/2019, 11:11
Valid: true

.text
Size: 1.4MB - Virtual size: 1.4MB

.reloc
Size: 512B - Virtual size: 12B

.rsrc
Size: 113KB - Virtual size: 112KB

.text
Size: 13.8MB - Virtual size: 13.8MB

.rsrc
Size: 147KB - Virtual size: 147KB

.reloc
Size: 512B - Virtual size: 12B

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

10:70:9d:4f:f5:54:08:d7:30:60:01:d8:ea:91:75:bb
Certificate

2e:17:09:ca:1b:92:03:75:b3:bf:ae:4b:d5:b5:29:75
Certificate