vidar | ExpressVPN2022Premium[.]rar

Sharing

Copy URL Twitter E-mail

General

Target

ExpressVPN2022Premium.rar
Size

7.2MB
MD5

8c1b92f685b9c92e8a718917549c3574
SHA1

9757d345675c98902fd4c83c3be8784678920b41
SHA256

ba78243d4d378cac1bfb9730925d19e02e1838fdd9016f55aabc8aba36eca133
SHA512

454358b52d56886e8bb47bda5cf811f8a63e2e61d3171157009e460dfe968561299d67378dc7d88bd5be894c585333ecf6bc31b8583feee0e8b9a4f230078923
SSDEEP

196608:rE96ULp/Y7ycS9imhLnTIgr7Vox3pRT0CdH+Eir:r+lEmhz5nipRT0ck

Score

10^/10

vidar

Malware Config

Signatures

Vidar family
vidar

Files

ExpressVPN2022Premium.rar
.rar

Password: 1896
HwidProtector.dll
.dll windows x64

Password: 1896

c8820c92458429ac52b291ca51bad0e4

Code Sign

02:ac:5c:26:6a:0b:40:9b:8f:0b:79:f2:ae:46:25:77
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2031, 00:00

Subject

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

03:55:db:cf:a2:75:1e:85:ba:b8:2f:2a:ea:1c:f2:e8
Certificate

Issuer

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/04/2020, 00:00

Not After

16/06/2023, 12:00

Subject

SERIALNUMBER=1962832,CN=International Media Ltd,O=International Media Ltd,ST=Tortola,C=VG,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13025647

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

02:ac:5c:26:6a:0b:40:9b:8f:0b:79:f2:ae:46:25:77
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2031, 00:00

Subject

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

02:d6:da:1a:da:8f:d6:b3:69:a2:ea:e1:6a:07:31:ef
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/04/2020, 00:00

Not After

16/06/2023, 12:00

Subject

SERIALNUMBER=1962832,CN=International Media Ltd,O=International Media Ltd,ST=Tortola,C=VG,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13025647

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

24:c2:ef:fc:08:27:a1:fb:4b:f8:58:8b:3e:f5:7e:3c:b5:71:4e:26:20:7b:ed:13:a8:4a:0f:30:7b:4b:50:94
Signer

Actual PE Digest

24:c2:ef:fc:08:27:a1:fb:4b:f8:58:8b:3e:f5:7e:3c:b5:71:4e:26:20:7b:ed:13:a8:4a:0f:30:7b:4b:50:94

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

true

Verification

Signing Certificate

SERIALNUMBER=1962832,CN=International Media Ltd,O=International Media Ltd,ST=Tortola,C=VG,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13025647

14/03/2021, 05:27
Valid: true

Chain 1

SERIALNUMBER=1962832,CN=International Media Ltd,O=International Media Ltd,ST=Tortola,C=VG,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13025647

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

37:3f:c6:23:c3:cf:ff:ba:35:17:70:cb:48:f8:d5:ed:57:d9:b5:83
Signer

Actual PE Digest

37:3f:c6:23:c3:cf:ff:ba:35:17:70:cb:48:f8:d5:ed:57:d9:b5:83

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

SERIALNUMBER=1962832,CN=International Media Ltd,O=International Media Ltd,ST=Tortola,C=VG,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13025647

14/03/2021, 05:27
Valid: false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

EnterCriticalSection
RtlUnwindEx
GetACP
CloseHandle
LocalFree
TlsAlloc
GetTickCount
OpenFileMappingW
VirtualFree
GetStartupInfoW
ExitProcess
InitializeCriticalSection
VirtualAlloc
RtlUnwind
GetCPInfo
GetCommandLineW
GetSystemInfo
GetProcAddress
LeaveCriticalSection
EnumSystemLocalesW
GetStdHandle
GetVersionExW
VerifyVersionInfoW
GetModuleHandleW
FreeLibrary
GetDiskFreeSpaceW
VerSetConditionMask
GetUserDefaultUILanguage
FindFirstFileW
TlsFree
GetModuleFileNameW
GetLastError
lstrlenW
CompareStringA
CompareStringW
CreateThread
WideCharToMultiByte
MapViewOfFile
MultiByteToWideChar
FindClose
LoadLibraryW
LoadLibraryA
ResetEvent
SetEvent
GetLocaleInfoW
GetVersion
RaiseException
SwitchToThread
GetLocalTime
WaitForSingleObject
WriteFile
DeleteCriticalSection
TlsGetValue
IsValidLocale
TlsSetValue
LoadLibraryExW
GetSystemDefaultUILanguage
EnumCalendarInfoW
LocalAlloc
GetCurrentThreadId
UnhandledExceptionFilter
VirtualQuery
CreateEventW
GetThreadLocale
Sleep
SetThreadLocale

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

user32

CallNextHookEx
CharUpperBuffW
CharNextW
CharLowerBuffW
SetWindowsHookExW
UnhookWindowsHookEx
LoadStringW
CharUpperW
GetSystemMetrics
MessageBoxW

oleaut32

SysAllocStringLen
SysFreeString
SysReAllocStringLen

netapi32

NetWkstaGetInfo
NetApiBufferFree

advapi32

RegQueryValueExW
RegCloseKey
RegOpenKeyExW

Exports

Exports

StartHook
StopHook

Sections

.text
Size: 164KB - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 41KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didata
Size: 1024B - Virtual size: 608B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 153B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 69B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.pdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Qt5Gui.dll
.dll windows x86

Password: 1896

8f734ad2a2d1a7b5910aa87f16fd104e

Code Sign

e4:12:82:66:79:32:d8:54:6f:96:d4:d4:62:32:c0:6f
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09/09/2019, 00:00

Not After

08/09/2024, 23:59

Subject

CN=Artem Shevchenko,O=Artem Shevchenko,POSTALCODE=04050,STREET=Melnikova st. 15\, 5 apt.,L=Kiev,ST=Kiev,C=UA

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/11/2018, 00:00

Not After

31/12/2030, 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

2b:73:db:74:63:11:4c:5a:5b:32:4a:f2:30:57:72:49
Certificate

Issuer

CN=COMODO Time Stamping CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

02/05/2019, 00:00

Not After

30/05/2020, 10:48

Subject

CN=Sectigo SHA-1 Time Stamping Signer,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

62:5c:4d:90:8c:d5:42:fb:ab:2e:a5:73:3f:f1:54:19
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

27/04/2011, 00:00

Not After

30/05/2020, 10:48

Subject

CN=COMODO Time Stamping CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

42:1a:f2:94:09:84:19:1f:52:0a:4b:c6:24:26:a7:4b
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

07/06/2005, 08:09

Not After

30/05/2020, 10:48

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5e:15:e0:2a:05:a7:dc:0f:db:9c:69:e1:0b:c8:38:e3:6c:c3:a4:d0
Signer

Actual PE Digest

5e:15:e0:2a:05:a7:dc:0f:db:9c:69:e1:0b:c8:38:e3:6c:c3:a4:d0

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

true

Verification

Signing Certificate

CN=Artem Shevchenko,O=Artem Shevchenko,POSTALCODE=04050,STREET=Melnikova st. 15\, 5 apt.,L=Kiev,ST=Kiev,C=UA

09/09/2019, 06:55
Valid: true

Chain 1

CN=Artem Shevchenko,O=Artem Shevchenko,POSTALCODE=04050,STREET=Melnikova st. 15\, 5 apt.,L=Kiev,ST=Kiev,C=UA

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

CreateBitmap
CreateCompatibleDC
DeleteDC
DeleteObject
GetDIBits
SelectObject
CreateDIBSection
GetObjectW

ole32

StringFromGUID2
CoCreateGuid

user32

SystemParametersInfoW
GetIconInfo
CreateIconIndirect
DrawIconEx
ReleaseDC
GetDC
MessageBoxW

qt5core

??0QVariant@@QAE@ABVQString@@@Z
??0QVariant@@QAE@ABVQStringList@@@Z
??4QVariant@@QAEAAV0@ABV0@@Z
??0QSize@@QAE@HH@Z
?width@QSize@@QBEHXZ
?height@QSize@@QBEHXZ
??0QRect@@QAE@HHHH@Z
?x@QRect@@QBEHXZ
?y@QRect@@QBEHXZ
?topLeft@QRect@@QBE?AVQPoint@@XZ
?size@QRect@@QBE?AVQSize@@XZ
?width@QRect@@QBEHXZ
?height@QRect@@QBEHXZ
??6@YA?AVQDebug@@V0@ABVQRect@@@Z
??6QTextStream@@QAEAAV0@D@Z
??6QTextStream@@QAEAAV0@PBX@Z
?dec@@YAAAVQTextStream@@AAV1@@Z
?hex@@YAAAVQTextStream@@AAV1@@Z
??1QDebug@@QAE@XZ
?maybeSpace@QDebug@@QAEAAV1@XZ
??6QDebug@@QAEAAV0@D@Z
??6QDebug@@QAEAAV0@H@Z
??6QDebug@@QAEAAV0@I@Z
??6QDebug@@QAEAAV0@PBD@Z
??6QDebug@@QAEAAV0@ABVQString@@@Z
??6QDebug@@QAEAAV0@P6AAAVQTextStream@@AAV1@@Z@Z
??0QDebugStateSaver@@QAE@AAVQDebug@@@Z
??1QDebugStateSaver@@QAE@XZ
??1QTextBoundaryFinder@@QAE@XZ
??0QTextBoundaryFinder@@QAE@W4BoundaryType@0@ABVQString@@@Z
?position@QTextBoundaryFinder@@QBEHXZ
?setPosition@QTextBoundaryFinder@@QAEXH@Z
?toNextBoundary@QTextBoundaryFinder@@QAEHXZ
?toPreviousBoundary@QTextBoundaryFinder@@QAEHXZ
?boundaryReasons@QTextBoundaryFinder@@QBE?AV?$QFlags@W4BoundaryReason@QTextBoundaryFinder@@@@XZ
?valueToKey@QMetaEnum@@QBEPBDH@Z
??0QFactoryLoader@@QAE@PBDABVQString@@W4CaseSensitivity@Qt@@@Z
??1QFactoryLoader@@UAE@XZ
?instance@QFactoryLoader@@QBEPAVQObject@@H@Z
?indexOf@QFactoryLoader@@QBEHABVQString@@@Z
?childEvent@QObject@@MAEXPAVQChildEvent@@@Z
?connectNotify@QObject@@MAEXABVQMetaMethod@@@Z
?customEvent@QObject@@MAEXPAVQEvent@@@Z
?disconnectNotify@QObject@@MAEXABVQMetaMethod@@@Z
?event@QObject@@UAE_NPAVQEvent@@@Z
?eventFilter@QObject@@UAE_NPAV1@PAVQEvent@@@Z
?metaObject@QFactoryLoader@@UBEPBUQMetaObject@@XZ
?qt_metacall@QFactoryLoader@@UAEHW4Call@QMetaObject@@HPAPAX@Z
?qt_metacast@QFactoryLoader@@UAEPAXPBD@Z
?timerEvent@QObject@@MAEXPAVQTimerEvent@@@Z
?shared_null@QHashData@@2U1@B
??1Connection@QMetaObject@@QAE@XZ
?destroyed@QObject@@QAEXPAV1@@Z
?connectImpl@QObject@@CA?AVConnection@QMetaObject@@PBV1@PAPAX01PAVQSlotObjectBase@QtPrivate@@W4ConnectionType@Qt@@PBHPBU3@@Z
?freeNode@QHashData@@QAEXPAX@Z
?hasShrunk@QHashData@@QAEXXZ
?staticMetaObject@QObject@@2UQMetaObject@@B
?applicationName@QCoreApplication@@SA?AVQString@@XZ
?applicationFilePath@QCoreApplication@@SA?AVQString@@XZ
??0QRect@@QAE@XZ
?contains@QRect@@QBE_NHH@Z
?getAndRef@ExternalRefCountData@QtSharedPointer@@SAPAU12@PBVQObject@@@Z
?data@QArrayData@@QBEPBXXZ
?nextNode@QMapNodeBase@@QBEPBU1@XZ
?keyMap@QFactoryLoader@@QBE?AV?$QMultiMap@HVQString@@@@XZ
?toLower@QString@@QBE?AV1@XZ
?QStringList_contains@QtPrivate@@YA_NPBVQStringList@@ABVQString@@W4CaseSensitivity@Qt@@@Z
??0QMutex@@QAE@W4RecursionMode@0@@Z
??1QMutex@@QAE@XZ
?realloc@QListData@@QAEXH@Z
?erase@QListData@@QAEPAPAXPAPAX@Z
?remove@QListData@@QAEXH@Z
?thread@QObject@@QBEPAVQThread@@XZ
?isAccepted@QEvent@@QBE_NXZ
?sendEvent@QCoreApplication@@SA_NPAVQObject@@PAVQEvent@@@Z
??0QPoint@@QAE@XZ
??0QPoint@@QAE@HH@Z
?isNull@QPoint@@QBE_NXZ
?x@QPoint@@QBEHXZ
?y@QPoint@@QBEHXZ
??0QPointF@@QAE@XZ
??0QPointF@@QAE@ABVQPoint@@@Z
??0QPointF@@QAE@NN@Z
?x@QPointF@@QBENXZ
?y@QPointF@@QBENXZ
??6@YA?AVQDebug@@V0@ABVQPointF@@@Z
??0QSizeF@@QAE@NN@Z
??0QRect@@QAE@ABVQPoint@@0@Z
??0QRect@@QAE@ABVQPoint@@ABVQSize@@@Z
?bottomRight@QRect@@QBE?AVQPoint@@XZ
??0QRectF@@QAE@XZ
??0QRectF@@QAE@ABVQPointF@@ABVQSizeF@@@Z
?topLeft@QRectF@@QBE?AVQPointF@@XZ
?center@QRectF@@QBE?AVQPointF@@XZ
?size@QRectF@@QBE?AVQSizeF@@XZ
??6@YA?AVQDebug@@V0@ABVQRectF@@@Z
??4?$QVector@VQPointF@@@@QAEAAV0@$$QAV0@@Z
?append@?$QVector@VQPointF@@@@QAEXABVQPointF@@@Z
?begin@?$QVector@VQPointF@@@@QBEPBVQPointF@@XZ
?end@?$QVector@VQPointF@@@@QBEPBVQPointF@@XZ
??0QUrl@@QAE@ABV0@@Z
??1QUrl@@QAE@XZ
?fromLocalFile@QUrl@@SA?AV1@ABVQString@@@Z
?elapsed@QElapsedTimer@@QBE_JXZ
??0QWaitCondition@@QAE@XZ
??1QWaitCondition@@QAE@XZ
?wait@QWaitCondition@@QAE_NPAVQMutex@@K@Z
?wakeOne@QWaitCondition@@QAEXXZ
?currentThread@QThread@@SAPAV1@XZ
??6QDebug@@QAEAAV0@N@Z
?qgetenv@@YA?AVQByteArray@@PBD@Z
?isNull@QByteArray@@QBE_NXZ
??0QString@@QAE@$$QAV0@@Z
?split@QString@@QBE?AVQStringList@@VQChar@@W4SplitBehavior@1@W4CaseSensitivity@Qt@@@Z
?fromLocal8Bit@QString@@SA?AV1@ABVQByteArray@@@Z
??0QObject@@IAE@AAVQObjectPrivate@@PAV0@@Z
??0QLocale@@QAE@ABV0@@Z
??0QObjectPrivate@@QAE@H@Z
??1QObjectPrivate@@UAE@XZ
?warning@QMessageLogger@@QBAXPBDZZ
??4QString@@QAEAAV0@ABV0@@Z
?prepend@QListData@@QAEPAPAXXZ
??0QVariant@@QAE@XZ
?toBool@QVariant@@QBE_NXZ
??0QSharedData@@QAE@XZ
?data@?$QVector@VQPointF@@@@QAEPAVQPointF@@XZ
?qstrcmp@@YAHABVQByteArray@@PBD@Z
?isEmpty@QByteArray@@QBE_NXZ
??0QSizeF@@QAE@ABVQSize@@@Z
?width@QSizeF@@QBENXZ
?height@QSizeF@@QBENXZ
?contains@QRect@@QBE_NABVQPoint@@_N@Z
?size@QString@@QBEHXZ
?append@QString@@QAEAAV1@ABV1@@Z
??0QString@@QAE@HW4Initialization@Qt@@@Z
?append@QListData@@QAEPAPAXABU1@@Z
?addLibraryPath@QCoreApplication@@SAXABVQString@@@Z
?toNativeSeparators@QDir@@SA?AVQString@@ABV2@@Z
?qEnvironmentVariableIntValue@@YAHPBDPA_N@Z
??0QChar@@QAE@H@Z
?reserve@QByteArray@@QAEXH@Z
?endsWith@QByteArray@@QBE_ND@Z
?append@QByteArray@@QAEAAV1@D@Z
?append@QByteArray@@QAEAAV1@PBDH@Z
?normalizedType@QMetaObject@@SA?AVQByteArray@@PBD@Z
?registerNormalizedType@QMetaType@@SAHABVQByteArray@@P6AXPAX@ZP6APAX1PBX@ZHV?$QFlags@W4TypeFlag@QMetaType@@@@PBUQMetaObject@@@Z
?typeName@QMetaType@@SAPBDH@Z
?hasRegisteredConverterFunction@QMetaType@@SA_NHH@Z
?registerConverterFunction@QMetaType@@SA_NPBUAbstractConverterFunction@QtPrivate@@HH@Z
?unregisterConverterFunction@QMetaType@@SAXHH@Z
??0QVariant@@QAE@HPBXI@Z
??0QVariant@@QAE@VQChar@@@Z
?toInt@QVariant@@QBEHPA_N@Z
??4QString@@QAEAAV0@$$QAV0@@Z
?endsWith@QString@@QBE_NABV1@W4CaseSensitivity@Qt@@@Z
??YQString@@QAEAAV0@ABV0@@Z
?startTimer@QObject@@QAEHHW4TimerType@Qt@@@Z
??YQPoint@@QAEAAV0@ABV0@@Z
??ZQPoint@@QAEAAV0@ABV0@@Z
??0QSize@@QAE@XZ
?isEmpty@QSize@@QBE_NXZ
?expandedTo@QSize@@QBE?AV1@ABV1@@Z
?boundedTo@QSize@@QBE?AV1@ABV1@@Z
?isEmpty@QRect@@QBE_NXZ
?center@QRect@@QBE?AVQPoint@@XZ
?moveCenter@QRect@@QAEXABVQPoint@@@Z
?setWidth@QRect@@QAEXH@Z
?setHeight@QRect@@QAEXH@Z
?intersects@QRect@@QBE_NABV1@@Z
?isEmpty@QRectF@@QBE_NXZ
?get@QObjectPrivate@@SAPAV1@PAVQObject@@@Z
??0QObjectPrivate@@QAE@ABV0@@Z
??4QObjectPrivate@@QAEAAV0@ABV0@@Z
?setX@QPoint@@QAEXH@Z
?setY@QPoint@@QAEXH@Z
?toPoint@QPointF@@QBE?AVQPoint@@XZ
?metaObject@QObject@@UBEPBUQMetaObject@@XZ
?qt_metacall@QObject@@UAEHW4Call@QMetaObject@@HPAPAX@Z
?qt_metacast@QObject@@UAEPAXPBD@Z
?is_app_closing@QCoreApplicationPrivate@@2_NA
?shared_null@QMapDataBase@@2U1@B
?qInf@@YANXZ
?isWindowType@QObject@@QBE_NXZ
?installEventFilter@QObject@@QAEXPAV1@@Z
?removeEventFilter@QObject@@QAEXPAV1@@Z
??0QEvent@@QAE@ABV0@@Z
?type@QEvent@@QBE?AW4Type@1@XZ
?accept@QEvent@@QAEXXZ
??0QEventLoop@@QAE@PAVQObject@@@Z
??1QEventLoop@@UAE@XZ
?exec@QEventLoop@@QAEHV?$QFlags@W4ProcessEventsFlag@QEventLoop@@@@@Z
?exit@QEventLoop@@QAEXH@Z
?isRunning@QEventLoop@@QBE_NXZ
?postEvent@QCoreApplication@@SAXPAVQObject@@PAVQEvent@@H@Z
?event@QEventLoop@@UAE_NPAVQEvent@@@Z
?metaObject@QEventLoop@@UBEPBUQMetaObject@@XZ
?qt_metacall@QEventLoop@@UAEHW4Call@QMetaObject@@HPAPAX@Z
?qt_metacast@QEventLoop@@UAEPAXPBD@Z
??6QTextStream@@QAEAAV0@H@Z
?showbase@@YAAAVQTextStream@@AAV1@@Z
?resetFormat@QDebug@@QAEAAV1@XZ
?fatal@QMessageLogger@@QBAXPBDZZ
?critical@QMessageLogger@@QBE?AVQDebug@@XZ
?toUpper@QChar@@QBE?AV1@XZ
??0QByteArray@@QAE@PBDH@Z
??4QByteArray@@QAEAAV0@ABV0@@Z
??4QByteArray@@QAEAAV0@PBD@Z
??0QByteArray@@QAE@$$QAV0@@Z
?size@QByteArray@@QBEHXZ
?at@QByteArray@@QBEDH@Z
?indexOf@QByteArray@@QBEHDH@Z
?mid@QByteArray@@QBE?AV1@HH@Z
?split@QByteArray@@QBE?AV?$QList@VQByteArray@@@@D@Z
?toInt@QByteArray@@QBEHPA_NH@Z
?at@QString@@QBE?BVQChar@@H@Z
??AQString@@QAE?AVQCharRef@@H@Z
?arg@QString@@QBE?AV1@ABV1@HVQChar@@@Z
?arg@QString@@QBE?AV1@ABV1@0@Z
?utf16@QString@@QBEPBGXZ
?toUtf8@QString@@QBE?AVQByteArray@@XZ
?fromLocal8Bit@QString@@SA?AV1@PBDH@Z
?fromWCharArray@QString@@SA?AV1@PB_WH@Z
??8QString@@QBE_NVQLatin1String@@@Z
??4QCharRef@@QAEAAV0@VQChar@@@Z
?activate@QMetaObject@@SAXPAVQObject@@PBU1@HPAPAX@Z
?dynamicMetaObject@QObjectData@@QBEPAUQMetaObject@@XZ
?children@QObject@@QBEABV?$QList@PAVQObject@@@@XZ
?connect@QObject@@SA?AVConnection@QMetaObject@@PBV1@PBD01W4ConnectionType@Qt@@@Z
?disconnect@QObject@@SA_NPBV1@PBD01@Z
?setProperty@QObject@@QAE_NPBDABVQVariant@@@Z
??0QEvent@@QAE@W4Type@0@@Z
??1QEvent@@UAE@XZ
?spontaneous@QEvent@@QBE_NXZ
?qt_metacast@QCoreApplication@@UAEPAXPBD@Z
?qt_metacall@QCoreApplication@@UAEHW4Call@QMetaObject@@HPAPAX@Z
??1QCoreApplication@@UAE@XZ
?setAttribute@QCoreApplication@@SAXW4ApplicationAttribute@Qt@@_N@Z
?testAttribute@QCoreApplication@@SA_NW4ApplicationAttribute@Qt@@@Z
?exec@QCoreApplication@@SAHXZ
?processEvents@QCoreApplication@@SAXV?$QFlags@W4ProcessEventsFlag@QEventLoop@@@@@Z
?notify@QCoreApplication@@UAE_NPAVQObject@@PAVQEvent@@@Z
?startingUp@QCoreApplication@@SA_NXZ
?isQuitLockEnabled@QCoreApplication@@SA_NXZ
?setQuitLockEnabled@QCoreApplication@@SAX_N@Z
?event@QCoreApplication@@MAE_NPAVQEvent@@@Z
?compressEvent@QCoreApplication@@MAE_NPAVQEvent@@PAVQObject@@PAVQPostEventList@@@Z
??0QCoreApplication@@IAE@AAVQCoreApplicationPrivate@@@Z
?sendSpontaneousEvent@QCoreApplication@@CA_NPAVQObject@@PAVQEvent@@@Z
??0QVariant@@QAE@$$QAV0@@Z
?toReal@QVariant@@QBENPA_N@Z
?setWidth@QSize@@QAEXH@Z
?setHeight@QSize@@QAEXH@Z
?isNull@QRect@@QBE_NXZ
?left@QRect@@QBEHXZ
?top@QRect@@QBEHXZ
?right@QRect@@QBEHXZ
?bottom@QRect@@QBEHXZ
??0QRectF@@QAE@NNNN@Z
?moveCenter@QRectF@@QAEXABVQPointF@@@Z
?isEmpty@QUrl@@QBE_NXZ
??0QCoreApplicationPrivate@@QAE@AAHPAPADI@Z
??1QCoreApplicationPrivate@@UAE@XZ
?cleanupThreadData@QCoreApplicationPrivate@@QAEXXZ
?start@QElapsedTimer@@QAEXXZ
??6QDebug@@QAEAAV0@ABVQByteArray@@@Z
?isRelativePath@QDir@@SA_NABVQString@@@Z
?isDebugBuild@QLibraryInfo@@SA_NXZ
?platformPluginArguments@QLibraryInfo@@SA?AVQStringList@@ABVQString@@@Z
??0QLibrary@@QAE@ABVQString@@PAVQObject@@@Z
??1QLibrary@@UAE@XZ
?resolve@QLibrary@@QAEP6AXXZPBD@Z
?load@QLibrary@@QAE_NXZ
?errorString@QLibrary@@QBE?AVQString@@XZ
?staticMetaObject@QCoreApplication@@2UQMetaObject@@B
?eventDispatcher@QCoreApplicationPrivate@@2PAVQAbstractEventDispatcher@@A
?is_app_running@QCoreApplicationPrivate@@2_NA
?objectName@QObject@@QBE?AVQString@@XZ
?killTimer@QObject@@QAEXH@Z
?setParent@QObject@@QAEXPAV1@@Z
?property@QObject@@QBE?AVQVariant@@PBD@Z
?ignore@QEvent@@QAEXXZ
?timerId@QTimerEvent@@QBEHXZ
?removePostedEvents@QCoreApplication@@SAXPAVQObject@@H@Z
?userType@QVariant@@QBEHXZ
?constData@QVariant@@QBEPBXXZ
?convert@QVariant@@QBE_NHPAX@Z
??6@YA?AVQDebug@@V0@ABVQMargins@@@Z
?moveTopLeft@QRect@@QAEXABVQPoint@@@Z
?adjusted@QRect@@QBE?AV1@HHHH@Z
?setSize@QRect@@QAEXABVQSize@@@Z
?singleShot@QTimer@@SAXHPBVQObject@@PBD@Z
?maybeQuit@QCoreApplicationPrivate@@QAEXXZ
?forcesign@@YAAAVQTextStream@@AAV1@@Z
?noforcesign@@YAAAVQTextStream@@AAV1@@Z
?verbosity@QDebug@@QBEHXZ
??6QDebug@@QAEAAV0@PBX@Z
?qt_QMetaEnum_debugOperator@@YA?AVQDebug@@AAV1@HPBUQMetaObject@@PBD@Z
?qt_QMetaEnum_flagDebugOperator@@YA?AVQDebug@@AAV1@_KPBUQMetaObject@@PBD@Z
?staticQtMetaObject@QObject@@1UQMetaObject@@B
??4QString@@QAEAAV0@VQLatin1String@@@Z
?startsWith@QString@@QBE_NVQLatin1String@@W4CaseSensitivity@Qt@@@Z
?appendLatin1To@QAbstractConcatenable@@KAXPBDHPAVQChar@@@Z
?deleteLater@QObject@@QAEXXZ
?codecForMib@QTextCodec@@SAPAV1@H@Z
?codecForHtml@QTextCodec@@SAPAV1@ABVQByteArray@@PAV1@@Z
?codecForUtfText@QTextCodec@@SAPAV1@ABVQByteArray@@PAV1@@Z
?toUnicode@QTextCodec@@QBE?AVQString@@ABVQByteArray@@@Z
??0QMimeData@@QAE@XZ
??1QMimeData@@UAE@XZ
?text@QMimeData@@QBE?AVQString@@XZ
?setText@QMimeData@@QAEXABVQString@@@Z
?imageData@QMimeData@@QBE?AVQVariant@@XZ
?setImageData@QMimeData@@QAEXABVQVariant@@@Z
?data@QMimeData@@QBE?AVQByteArray@@ABVQString@@@Z
?formats@QMimeData@@UBE?AVQStringList@@XZ
?hasFormat@QMimeData@@UBE_NABVQString@@@Z
?metaObject@QMimeData@@UBEPBUQMetaObject@@XZ
?qt_metacall@QMimeData@@UAEHW4Call@QMetaObject@@HPAPAX@Z
?qt_metacast@QMimeData@@UAEPAXPBD@Z
?retrieveData@QMimeData@@MBE?AVQVariant@@ABVQString@@W4Type@2@@Z
??0QVariant@@QAE@HPBX@Z
??6@YAAAVQDataStream@@AAV0@ABVQPoint@@@Z
??5@YAAAVQDataStream@@AAV0@AAVQPoint@@@Z
?version@QDataStream@@QBEHXZ
??5QDataStream@@QAEAAV0@AAF@Z
??5QDataStream@@QAEAAV0@AA_N@Z
??6QDataStream@@QAEAAV0@F@Z
??6QDataStream@@QAEAAV0@_N@Z
?color@QMapNodeBase@@QBE?AW4Color@1@XZ
?setColor@QMapNodeBase@@QAEXW4Color@1@@Z
?setParent@QMapNodeBase@@QAEXPAU1@@Z
?freeNodeAndRebalance@QMapDataBase@@QAEXPAUQMapNodeBase@@@Z
?resize@QByteArray@@QAEXH@Z
??BQByteArray@@QBEPBDXZ
?data@QByteArray@@QAEPADXZ
?toLower@QByteArray@@QBE?AV1@XZ
?toUpper@QByteArray@@QBE?AV1@XZ
?fromLatin1@QString@@SA?AV1@ABVQByteArray@@@Z
?move@QListData@@QAEXHH@Z
?closingDown@QCoreApplication@@SA_NXZ
??4QVariant@@QAEAAV0@$$QAV0@@Z
?type@QVariant@@QBE?AW4Type@1@XZ
?isNull@QVariant@@QBE_NXZ
?toByteArray@QVariant@@QBE?AVQByteArray@@XZ
??0QBuffer@@QAE@PAVQByteArray@@PAVQObject@@@Z
??1QBuffer@@UAE@XZ
?open@QBuffer@@UAE_NV?$QFlags@W4OpenModeFlag@QIODevice@@@@@Z
?hasImage@QMimeData@@QBE_NXZ
?colorData@QMimeData@@QBE?AVQVariant@@XZ
?setData@QMimeData@@QAEXABVQString@@ABVQByteArray@@@Z
?clear@QMimeData@@QAEXXZ
?unicode@QChar@@QBEGXZ
?child@QChildEvent@@QBEPAVQObject@@XZ
?isValid@QVariant@@QBE_NXZ
??6@YA?AVQDebug@@V0@ABVQVariant@@@Z
??6@YA?AVQDebug@@V0@ABVQPoint@@@Z
??0QSizeF@@QAE@XZ
?x@QRectF@@QBENXZ
?y@QRectF@@QBENXZ
?width@QRectF@@QBENXZ
?height@QRectF@@QBENXZ
?toLocalFile@QUrl@@QBE?AVQString@@XZ
?setFileName@QFile@@QAEXABVQString@@@Z
?valueToKeys@QMetaEnum@@QBE?AVQByteArray@@H@Z
??6QTextStream@@QAEAAV0@_J@Z
??6QTextStream@@QAEAAV0@N@Z
?noshowbase@@YAAAVQTextStream@@AAV1@@Z
?noquote@QDebug@@QAEAAV1@XZ
??6QDebug@@QAEAAV0@G@Z
?staticMetaObject@QEvent@@2UQMetaObject@@B
??0QGenericArgument@@QAE@PBDPBX@Z
??0QGenericReturnArgument@@QAE@PBDPAX@Z
?invokeMethod@QMetaObject@@SA_NPAVQObject@@PBDW4ConnectionType@Qt@@VQGenericReturnArgument@@VQGenericArgument@@444444444@Z
?toRectF@QVariant@@QBE?AVQRectF@@XZ
??1QLocale@@QAE@XZ
??4QLocale@@QAEAAV0@ABV0@@Z
?c@QLocale@@SA?AV1@XZ
?isValid@QRectF@@QBE_NXZ
??0QChar@@QAE@G@Z
?unicode@QChar@@QAEAAGXZ
?isPrint@QChar@@QBE_NXZ
?requiresSurrogates@QChar@@SA_NI@Z
?highSurrogate@QChar@@SAGI@Z
?lowSurrogate@QChar@@SAGI@Z
??4QString@@QAEAAV0@VQChar@@@Z
?count@QString@@QBEHXZ
?truncate@QString@@QAEXH@Z
?arg@QString@@QBE?AV1@HHHVQChar@@@Z
?right@QString@@QBE?AV1@H@Z
?midRef@QString@@QBE?AVQStringRef@@HH@Z
?append@QString@@QAEAAV1@VQChar@@@Z
??YQString@@QAEAAV0@VQChar@@@Z
??YQString@@QAEAAV0@VQLatin1String@@@Z
?split@QString@@QBE?AVQStringList@@ABV1@W4SplitBehavior@1@W4CaseSensitivity@Qt@@@Z
?toInt@QString@@QBEHPA_NH@Z
??BQCharRef@@QBE?AVQChar@@XZ
?toUpper@QCharRef@@QBE?AVQChar@@XZ
??1QStringRef@@QAE@XZ
?length@QStringRef@@QBEHXZ
??8@YA_NABVQString@@ABVQStringRef@@@Z
?atEnd@QDataStream@@QBE_NXZ
??5QDataStream@@QAEAAV0@AAI@Z
??6QDataStream@@QAEAAV0@I@Z
??0QLocale@@QAE@XZ
?textDirection@QLocale@@QBE?AW4LayoutDirection@Qt@@XZ
?system@QLocale@@SA?AV1@XZ
?data_ptr@QVariant@@QBEABUPrivate@1@XZ
??8?$QVector@VQPointF@@@@QBE_NABV0@@Z
?isEmpty@?$QVector@VQPointF@@@@QBE_NXZ
??8?$QVector@VQPoint@@@@QBE_NABV0@@Z
?qcoreVariantHandler@@YAPBUHandler@QVariant@@XZ
?registerHandler@QVariantPrivate@@YAXHPBUHandler@QVariant@@@Z
?qMetaTypeGuiHelper@@3PBVQMetaTypeInterface@@B
??_5QRect@@QAEAAV0@ABV0@@Z
?insert@QListData@@QAEPAPAXH@Z
?toChar@QVariant@@QBE?AVQChar@@XZ
?qRemovePostRoutine@@YAXP6AXXZ@Z
?startsWith@QString@@QBE_NVQChar@@W4CaseSensitivity@Qt@@@Z
?remove@QString@@QAEAAV1@HH@Z
?number@QString@@SA?AV1@HH@Z
??0QRegExp@@QAE@ABVQString@@W4CaseSensitivity@Qt@@W4PatternSyntax@0@@Z
??1QRegExp@@QAE@XZ
?indexIn@QRegExp@@QBEHABVQString@@HW4CaretMode@1@@Z
?cap@QRegExp@@QAE?AVQString@@H@Z
??0QVariant@@QAE@I@Z
?toUInt@QVariant@@QBEIPA_N@Z
??0QSharedData@@QAE@ABV0@@Z
??0QUrl@@QAE@XZ
??4QUrl@@QAEAAV0@ABV0@@Z
?isLocalFile@QUrl@@QBE_NXZ
??0QSettings@@QAE@W4Scope@0@ABVQString@@1PAVQObject@@@Z
??1QSettings@@UAE@XZ
?setValue@QSettings@@QAEXABVQString@@ABVQVariant@@@Z
?value@QSettings@@QBE?AVQVariant@@ABVQString@@ABV2@@Z
?toString@QUrl@@QBE?AVQString@@V?$QUrlTwoFlags@W4UrlFormattingOption@QUrl@@W4ComponentFormattingOption@2@@@@Z
?setX@QRect@@QAEXH@Z
?qEnvironmentVariableIsSet@@YA_NPBD@Z
??0QMessageLogger@@QAE@PBDH00@Z
?debug@QMessageLogger@@QBE?AVQDebug@@XZ
?lastIndexOf@QByteArray@@QBEHDH@Z
?toDouble@QByteArray@@QBENPA_N@Z
?endl@@YAAAVQTextStream@@AAV1@@Z
??0QLoggingCategory@@QAE@PBD@Z
??1QLoggingCategory@@QAE@XZ
?isDebugEnabled@QLoggingCategory@@QBE_NXZ
?left@QByteArray@@QBE?AV1@H@Z
?startsWith@QByteArray@@QBE_NABV1@@Z
??0QByteArray@@QAE@UQByteArrayDataPtr@@@Z
?qHash@@YAIABVQByteArray@@I@Z
??0QThreadStorageData@@QAE@P6AXPAX@Z@Z
??1QThreadStorageData@@QAE@XZ
?get@QThreadStorageData@@QBEPAPAXXZ
?set@QThreadStorageData@@QAEPAPAXPAX@Z
?compare@QVersionNumber@@SAHABV1@0@Z
?fromRawData@QByteArray@@SA?AV1@PBDH@Z
?simplified@QString@@QBE?AV1@XZ
??M@YA_NABVQString@@0@Z
?isValid@QSize@@QBE_NXZ
?scale@QSize@@QAEXABV1@W4AspectRatioMode@Qt@@@Z
?rwidth@QSize@@QAEAAHXZ
?rheight@QSize@@QAEAAHXZ
??6@YA?AVQDebug@@V0@ABVQSize@@@Z
?toAlignedRect@QRectF@@QBE?AVQRect@@XZ
?device@QDataStream@@QBEPAVQIODevice@@XZ
??5QDataStream@@QAEAAV0@AAH@Z
??6QDataStream@@QAEAAV0@H@Z
??0QBuffer@@QAE@PAVQObject@@@Z
?setData@QBuffer@@QAEXABVQByteArray@@@Z
?qDetectCpuFeatures@@YAXXZ
?qt_cpu_features@@3PAV?$QBasicAtomicInteger@I@@A
?qEnvironmentVariableIsEmpty@@YA_NPBD@Z
?qstrcmp@@YAHABVQByteArray@@0@Z
?swap@QByteArray@@QAEXAAV1@@Z
?endsWith@QString@@QBE_NVQLatin1String@@W4CaseSensitivity@Qt@@@Z
?remove@QListData@@QAEXHH@Z
??0QVariant@@QAE@M@Z
??0QVariant@@QAE@ABVQByteArray@@@Z
??0QVariant@@QAE@ABVQSize@@@Z
??0QVariant@@QAE@ABVQRect@@@Z
?toFloat@QVariant@@QBEMPA_N@Z
?toString@QVariant@@QBE?AVQString@@XZ
?toSize@QVariant@@QBE?AVQSize@@XZ
?isValid@QRect@@QBE_NXZ
?isOpen@QIODevice@@QBE_NXZ
??0QFile@@QAE@ABVQString@@@Z
??1QFile@@UAE@XZ
?open@QFile@@UAE_NV?$QFlags@W4OpenModeFlag@QIODevice@@@@@Z
??0QFileInfo@@QAE@ABVQString@@@Z
??1QFileInfo@@QAE@XZ
?baseName@QFileInfo@@QBE?AVQString@@XZ
?suffix@QFileInfo@@QBE?AVQString@@XZ
?atEnd@QFileDevice@@UBE_NXZ
?bytesAvailable@QIODevice@@UBE_JXZ
?bytesToWrite@QIODevice@@UBE_JXZ
?canReadLine@QIODevice@@UBE_NXZ
?close@QFileDevice@@UAEXXZ
?fileName@QFile@@UBE?AVQString@@XZ
?isSequential@QFileDevice@@UBE_NXZ
?metaObject@QFile@@UBEPBUQMetaObject@@XZ
?permissions@QFile@@UBE?AV?$QFlags@W4Permission@QFileDevice@@@@XZ

msvcp120

?_Xlength_error@std@@YAXPBD@Z
?_Xout_of_range@std@@YAXPBD@Z
?_Syserror_map@std@@YAPBDH@Z
?_Winerror_map@std@@YAPBDH@Z
_Inf
?_Xbad_alloc@std@@YAXXZ

msvcr120

__CppXcptFilter
__CxxFrameHandler3
_except1
__crtTerminateProcess
__crtUnhandledException
_crt_debugger_hook
??1type_info@@UAE@XZ
_onexit
__dllonexit
_calloc_crt
_unlock
_lock
qsort
setlocale
getenv
strchr
bsearch
_libm_sse2_log_precise
_amsg_exit
_HUGE
_libm_sse2_log10_precise
calloc
_CIatan2
_libm_sse2_acos_precise
_libm_sse2_sqrt_precise
_libm_sse2_sin_precise
_libm_sse2_cos_precise
fwrite
fflush
fread
fprintf
__iob_func
_libm_sse2_pow_precise
_setjmp3
longjmp
sscanf_s
toupper
strstr
strcpy_s
isspace
printf
realloc
malloc
free
exit
isdigit
strncmp
floor
ceil
memset
memcpy
??_V@YAXPAX@Z
memmove
??3@YAXPAX@Z
??2@YAPAXI@Z
_purecall
_malloc_crt
_initterm
_initterm_e
_except_handler4_common
?terminate@@YAXXZ
__clean_type_info_names_internal
_libm_sse2_asin_precise
_strdup

kernel32

DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsDebuggerPresent
IsProcessorFeaturePresent
DecodePointer
EncodePointer
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetProcAddress
GetModuleHandleA
ExitProcess
GetConsoleWindow

Exports

Exports

??0ActivationObserver@QAccessible@@QAE@ABV01@@Z
??0ActivationObserver@QAccessible@@QAE@XZ
??0Binder@QOpenGLVertexArrayObject@@QAE@PAV1@@Z
??0Declaration@QCss@@QAE@ABU01@@Z
??0Declaration@QCss@@QAE@XZ
??0Gpu@QOpenGLConfig@@QAE@ABU01@@Z
??0Gpu@QOpenGLConfig@@QAE@XZ
??0Key@QPixmapCache@@QAE@$$QAV01@@Z
??0Key@QPixmapCache@@QAE@ABV01@@Z
??0Key@QPixmapCache@@QAE@XZ
??0LayoutData@QTextEngine@@QAE@ABU01@@Z
??0LayoutData@QTextEngine@@QAE@ABVQString@@PAPAXH@Z
??0LayoutData@QTextEngine@@QAE@XZ
??0Parser@QCss@@QAE@ABV01@@Z
??0Parser@QCss@@QAE@ABVQString@@_N@Z
??0Parser@QCss@@QAE@XZ
??0QAbstractLayoutStyleInfo@@QAE@ABV0@@Z
??0QAbstractLayoutStyleInfo@@QAE@XZ
??0QAbstractOpenGLFunctions@@IAE@XZ
??0QAbstractOpenGLFunctions@@QAE@ABV0@@Z
??0QAbstractTextDocumentLayout@@IAE@AAVQAbstractTextDocumentLayoutPrivate@@PAVQTextDocument@@@Z
??0QAbstractTextDocumentLayout@@QAE@PAVQTextDocument@@@Z
??0QAbstractTextDocumentLayoutPrivate@@QAE@ABV0@@Z
??0QAbstractTextDocumentLayoutPrivate@@QAE@XZ
??0QAbstractUndoItem@@QAE@ABV0@@Z
??0QAbstractUndoItem@@QAE@XZ
??0QAccessible@@AAE@XZ
??0QAccessibleActionInterface@@QAE@ABV0@@Z
??0QAccessibleActionInterface@@QAE@XZ
??0QAccessibleApplication@@QAE@XZ
??0QAccessibleBridgePlugin@@QAE@PAVQObject@@@Z
??0QAccessibleCache@@QAE@XZ
??0QAccessibleEditableTextInterface@@QAE@ABV0@@Z
??0QAccessibleEditableTextInterface@@QAE@XZ
??0QAccessibleEvent@@QAE@PAVQAccessibleInterface@@W4Event@QAccessible@@@Z
??0QAccessibleEvent@@QAE@PAVQObject@@W4Event@QAccessible@@@Z
??0QAccessibleImageInterface@@QAE@ABV0@@Z
??0QAccessibleImageInterface@@QAE@XZ
??0QAccessibleInterface@@QAE@ABV0@@Z
??0QAccessibleInterface@@QAE@XZ
??0QAccessibleObject@@QAE@PAVQObject@@@Z
??0QAccessiblePlugin@@QAE@PAVQObject@@@Z
??0QAccessibleStateChangeEvent@@QAE@PAVQAccessibleInterface@@UState@QAccessible@@@Z
??0QAccessibleStateChangeEvent@@QAE@PAVQObject@@UState@QAccessible@@@Z
??0QAccessibleTableCellInterface@@QAE@ABV0@@Z
??0QAccessibleTableCellInterface@@QAE@XZ
??0QAccessibleTableInterface@@QAE@ABV0@@Z
??0QAccessibleTableInterface@@QAE@XZ
??0QAccessibleTableModelChangeEvent@@QAE@PAVQAccessibleInterface@@W4ModelChangeType@0@@Z
??0QAccessibleTableModelChangeEvent@@QAE@PAVQObject@@W4ModelChangeType@0@@Z
??0QAccessibleTextCursorEvent@@QAE@PAVQAccessibleInterface@@H@Z
??0QAccessibleTextCursorEvent@@QAE@PAVQObject@@H@Z
??0QAccessibleTextInsertEvent@@QAE@PAVQAccessibleInterface@@HABVQString@@@Z
??0QAccessibleTextInsertEvent@@QAE@PAVQObject@@HABVQString@@@Z
??0QAccessibleTextInterface@@QAE@ABV0@@Z
??0QAccessibleTextInterface@@QAE@XZ
??0QAccessibleTextRemoveEvent@@QAE@PAVQAccessibleInterface@@HABVQString@@@Z
??0QAccessibleTextRemoveEvent@@QAE@PAVQObject@@HABVQString@@@Z
??0QAccessibleTextSelectionEvent@@QAE@PAVQAccessibleInterface@@HH@Z
??0QAccessibleTextSelectionEvent@@QAE@PAVQObject@@HH@Z
??0QAccessibleTextUpdateEvent@@QAE@PAVQAccessibleInterface@@HABVQString@@1@Z
??0QAccessibleTextUpdateEvent@@QAE@PAVQObject@@HABVQString@@1@Z
??0QAccessibleValueChangeEvent@@QAE@PAVQAccessibleInterface@@ABVQVariant@@@Z
??0QAccessibleValueChangeEvent@@QAE@PAVQObject@@ABVQVariant@@@Z
??0QAccessibleValueInterface@@QAE@ABV0@@Z
??0QAccessibleValueInterface@@QAE@XZ
??0QActionEvent@@QAE@ABV0@@Z
??0QActionEvent@@QAE@HPAVQAction@@0@Z
??0QApplicationStateChangeEvent@@QAE@ABV0@@Z
??0QApplicationStateChangeEvent@@QAE@W4ApplicationState@Qt@@@Z
??0QBackingStore@@QAE@PAVQWindow@@@Z
??0QBasicDrag@@IAE@XZ
??0QBitmap@@QAE@ABV0@@Z
??0QBitmap@@QAE@ABVQPixmap@@@Z
??0QBitmap@@QAE@ABVQSize@@@Z
??0QBitmap@@QAE@ABVQString@@PBD@Z
??0QBitmap@@QAE@HH@Z
??0QBitmap@@QAE@XZ
??0QBlittable@@QAE@ABV0@@Z
??0QBlittable@@QAE@ABVQSize@@V?$QFlags@W4Capability@QBlittable@@@@@Z
??0QBlittablePlatformPixmap@@QAE@XZ
??0QBlitterPaintEngine@@QAE@PAVQBlittablePlatformPixmap@@@Z
??0QBrush@@QAE@ABV0@@Z
??0QBrush@@QAE@ABVQColor@@ABVQPixmap@@@Z
??0QBrush@@QAE@ABVQColor@@W4BrushStyle@Qt@@@Z
??0QBrush@@QAE@ABVQGradient@@@Z
??0QBrush@@QAE@ABVQImage@@@Z
??0QBrush@@QAE@ABVQPixmap@@@Z
??0QBrush@@QAE@W4BrushStyle@Qt@@@Z
??0QBrush@@QAE@W4GlobalColor@Qt@@ABVQPixmap@@@Z
??0QBrush@@QAE@W4GlobalColor@Qt@@W4BrushStyle@2@@Z
??0QBrush@@QAE@XZ
??0QClipboard@@AAE@PAVQObject@@@Z
??0QCloseEvent@@QAE@ABV0@@Z
??0QCloseEvent@@QAE@XZ
??0QColor@@QAE@$$QAV0@@Z
??0QColor@@QAE@ABV0@@Z
??0QColor@@QAE@ABVQString@@@Z
??0QColor@@QAE@HHHH@Z
??0QColor@@QAE@I@Z
??0QColor@@QAE@PBD@Z
??0QColor@@QAE@VQRgba64@@@Z
??0QColor@@QAE@W4GlobalColor@Qt@@@Z
??0QColor@@QAE@W4Spec@0@@Z
??0QColor@@QAE@XZ
??0QColorDialogOptions@@QAE@ABV0@@Z
??0QColorDialogOptions@@QAE@XZ
??0QConicalGradient@@QAE@ABV0@@Z
??0QConicalGradient@@QAE@ABVQPointF@@N@Z
??0QConicalGradient@@QAE@NNN@Z
??0QConicalGradient@@QAE@XZ
??0QContextMenuEvent@@QAE@ABV0@@Z
??0QContextMenuEvent@@QAE@W4Reason@0@ABVQPoint@@1@Z
??0QContextMenuEvent@@QAE@W4Reason@0@ABVQPoint@@1V?$QFlags@W4KeyboardModifier@Qt@@@@@Z
??0QContextMenuEvent@@QAE@W4Reason@0@ABVQPoint@@@Z
??0QCursor@@QAE@$$QAV0@@Z
??0QCursor@@QAE@ABV0@@Z
??0QCursor@@QAE@ABVQBitmap@@0HH@Z
??0QCursor@@QAE@ABVQPixmap@@HH@Z
??0QCursor@@QAE@W4CursorShape@Qt@@@Z
??0QCursor@@QAE@XZ
??0QDashStroker@@QAE@PAVQStroker@@@Z
??0QDashedStrokeProcessor@@QAE@XZ
??0QDistanceField@@AAE@PAVQDistanceFieldData@@@Z
??0QDistanceField@@QAE@ABV0@@Z
??0QDistanceField@@QAE@ABVQPainterPath@@I_N@Z
??0QDistanceField@@QAE@ABVQRawFont@@I_N@Z
??0QDistanceField@@QAE@HH@Z
??0QDistanceField@@QAE@PAVQFontEngine@@I_N@Z
??0QDistanceField@@QAE@XZ
??0QDistanceFieldData@@QAE@ABV0@@Z
??0QDistanceFieldData@@QAE@XZ
??0QDoubleValidator@@QAE@NNHPAVQObject@@@Z
??0QDoubleValidator@@QAE@PAVQObject@@@Z
??0QDrag@@QAE@PAVQObject@@@Z
??0QDragEnterEvent@@QAE@ABV0@@Z
??0QDragEnterEvent@@QAE@ABVQPoint@@V?$QFlags@W4DropAction@Qt@@@@PBVQMimeData@@V?$QFlags@W4MouseButton@Qt@@@@V?$QFlags@W4KeyboardModifier@Qt@@@@@Z
??0QDragLeaveEvent@@QAE@ABV0@@Z
??0QDragLeaveEvent@@QAE@XZ
??0QDragManager@@QAE@XZ
??0QDragMoveEvent@@QAE@ABV0@@Z
??0QDragMoveEvent@@QAE@ABVQPoint@@V?$QFlags@W4DropAction@Qt@@@@PBVQMimeData@@V?$QFlags@W4MouseButton@Qt@@@@V?$QFlags@W4KeyboardModifier@Qt@@@@W4Type@QEvent@@@Z
??0QDropEvent@@QAE@ABV0@@Z
??0QDropEvent@@QAE@ABVQPointF@@V?$QFlags@W4DropAction@Qt@@@@PBVQMimeData@@V?$QFlags@W4MouseButton@Qt@@@@V?$QFlags@W4KeyboardModifier@Qt@@@@W4Type@QEvent@@@Z
??0QEnterEvent@@QAE@ABV0@@Z
??0QEnterEvent@@QAE@ABVQPointF@@00@Z
??0QExposeEvent@@QAE@ABV0@@Z
??0QExposeEvent@@QAE@ABVQRegion@@@Z
??0QFileDialogOptions@@QAE@ABV0@@Z
??0QFileDialogOptions@@QAE@XZ
??0QFileOpenEvent@@QAE@ABV0@@Z
??0QFileOpenEvent@@QAE@ABVQString@@@Z
??0QFileOpenEvent@@QAE@ABVQUrl@@@Z
??0QFocusEvent@@QAE@ABV0@@Z
??0QFocusEvent@@QAE@W4Type@QEvent@@W4FocusReason@Qt@@@Z
??0QFont@@AAE@PAVQFontPrivate@@@Z
??0QFont@@QAE@ABV0@@Z
??0QFont@@QAE@ABV0@PAVQPaintDevice@@@Z
??0QFont@@QAE@ABVQString@@HH_N@Z
??0QFont@@QAE@XZ
??0QFontDatabase@@QAE@XZ
??0QFontDialogOptions@@QAE@ABV0@@Z
??0QFontDialogOptions@@QAE@XZ
??0QFontEngine@@IAE@W4Type@0@@Z
??0QFontEngine@@QAE@ABV0@@Z
??0QFontEngineGlyphCache@@QAE@ABV0@@Z
??0QFontEngineGlyphCache@@QAE@W4GlyphFormat@QFontEngine@@ABVQTransform@@@Z
??0QFontEngineMulti@@QAE@ABV0@@Z
??0QFontEngineMulti@@QAE@PAVQFontEngine@@HABVQStringList@@@Z
??0QFontEngineQPF2@@QAE@ABUQFontDef@@ABVQByteArray@@@Z
??0QFontEngineQPF2@@QAE@ABV0@@Z
??0QFontInfo@@QAE@ABV0@@Z
??0QFontInfo@@QAE@ABVQFont@@@Z
??0QFontMetrics@@QAE@ABV0@@Z
??0QFontMetrics@@QAE@ABVQFont@@@Z
??0QFontMetrics@@QAE@ABVQFont@@PAVQPaintDevice@@@Z
??0QFontMetricsF@@QAE@ABV0@@Z
??0QFontMetricsF@@QAE@ABVQFont@@@Z
??0QFontMetricsF@@QAE@ABVQFont@@PAVQPaintDevice@@@Z
??0QFontMetricsF@@QAE@ABVQFontMetrics@@@Z
??0QFontPrivate@@QAE@ABV0@@Z
??0QFontPrivate@@QAE@XZ
??0QGenericPlugin@@QAE@PAVQObject@@@Z
??0QGlyphRun@@QAE@ABV0@@Z
??0QGlyphRun@@QAE@XZ
??0QGradient@@QAE@ABV0@@Z
??0QGradient@@QAE@XZ
??0QGridLayoutBox@@QAE@XZ
??0QGridLayoutEngine@@QAE@ABV0@@Z
??0QGridLayoutEngine@@QAE@V?$QFlags@W4AlignmentFlag@Qt@@@@_N@Z
??0QGridLayoutItem@@QAE@ABV0@@Z
??0QGridLayoutItem@@QAE@HHHHV?$QFlags@W4AlignmentFlag@Qt@@@@@Z
??0QGuiApplication@@IAE@AAVQGuiApplicationPrivate@@@Z
??0QGuiApplication@@QAE@AAHPAPADH@Z
??0QGuiApplicationPrivate@@QAE@AAHPAPADH@Z
??0QHelpEvent@@QAE@ABV0@@Z
??0QHelpEvent@@QAE@W4Type@QEvent@@ABVQPoint@@1@Z
??0QHideEvent@@QAE@ABV0@@Z
??0QHideEvent@@QAE@XZ
??0QHoverEvent@@QAE@ABV0@@Z
??0QHoverEvent@@QAE@W4Type@QEvent@@ABVQPointF@@1V?$QFlags@W4KeyboardModifier@Qt@@@@@Z
??0QIcon@@QAE@$$QAV0@@Z
??0QIcon@@QAE@ABV0@@Z
??0QIcon@@QAE@ABVQPixmap@@@Z
??0QIcon@@QAE@ABVQString@@@Z
??0QIcon@@QAE@PAVQIconEngine@@@Z
??0QIcon@@QAE@XZ
??0QIconDragEvent@@QAE@ABV0@@Z
??0QIconDragEvent@@QAE@XZ
??0QIconEngine@@QAE@ABV0@@Z
??0QIconEngine@@QAE@XZ
??0QIconEnginePlugin@@QAE@PAVQObject@@@Z
??0QIconLoader@@QAE@ABV0@@Z
??0QIconLoader@@QAE@XZ
??0QImage@@QAE@$$QAV0@@Z
??0QImage@@QAE@ABV0@@Z
??0QImage@@QAE@ABVQSize@@W4Format@0@@Z
??0QImage@@QAE@ABVQString@@PBD@Z
??0QImage@@QAE@HHW4Format@0@@Z
??0QImage@@QAE@PAEHHHW4Format@0@P6AXPAX@Z2@Z
??0QImage@@QAE@PAEHHW4Format@0@P6AXPAX@Z2@Z
??0QImage@@QAE@PBEHHHW4Format@0@P6AXPAX@Z2@Z
??0QImage@@QAE@PBEHHW4Format@0@P6AXPAX@Z2@Z
??0QImage@@QAE@QBQBD@Z
??0QImage@@QAE@XZ
??0QImageData@@QAE@ABU0@@Z
??0QImageData@@QAE@XZ
??0QImageIOHandler@@IAE@AAVQImageIOHandlerPrivate@@@Z
??0QImageIOHandler@@QAE@XZ
??0QImageIOPlugin@@QAE@PAVQObject@@@Z
??0QImagePixmapCleanupHooks@@QAE@ABV0@@Z
??0QImagePixmapCleanupHooks@@QAE@XZ
??0QImageReader@@QAE@ABVQString@@ABVQByteArray@@@Z
??0QImageReader@@QAE@PAVQIODevice@@ABVQByteArray@@@Z
??0QImageReader@@QAE@XZ
??0QImageTextureGlyphCache@@QAE@ABV0@@Z
??0QImageTextureGlyphCache@@QAE@W4GlyphFormat@QFontEngine@@ABVQTransform@@@Z
??0QImageWriter@@QAE@ABVQString@@ABVQByteArray@@@Z
??0QImageWriter@@QAE@PAVQIODevice@@ABVQByteArray@@@Z
??0QImageWriter@@QAE@XZ
??0QInputDeviceManager@@QAE@PAVQObject@@@Z
??0QInputDeviceManagerPrivate@@QAE@ABV0@@Z
??0QInputDeviceManagerPrivate@@QAE@XZ
??0QInputEvent@@QAE@ABV0@@Z
??0QInputEvent@@QAE@W4Type@QEvent@@V?$QFlags@W4KeyboardModifier@Qt@@@@@Z
??0QInputMethod@@AAE@XZ
??0QInputMethodEvent@@QAE@ABV0@@Z
??0QInputMethodEvent@@QAE@ABVQString@@ABV?$QList@VAttribute@QInputMethodEvent@@@@@Z
??0QInputMethodEvent@@QAE@XZ
??0QInputMethodQueryEvent@@QAE@ABV0@@Z
??0QInputMethodQueryEvent@@QAE@V?$QFlags@W4InputMethodQuery@Qt@@@@@Z
??0QIntValidator@@QAE@HHPAVQObject@@@Z
??0QIntValidator@@QAE@PAVQObject@@@Z
??0QInternalMimeData@@QAE@XZ
??0QKeyEvent@@QAE@ABV0@@Z
??0QKeyEvent@@QAE@W4Type@QEvent@@HV?$QFlags@W4KeyboardModifier@Qt@@@@ABVQString@@_NG@Z
??0QKeyEvent@@QAE@W4Type@QEvent@@HV?$QFlags@W4KeyboardModifier@Qt@@@@IIIABVQString@@_NG@Z
??0QKeyMapper@@QAE@XZ
??0QKeySequence@@QAE@ABV0@@Z
??0QKeySequence@@QAE@ABVQString@@W4SequenceFormat@0@@Z
??0QKeySequence@@QAE@HHHH@Z
??0QKeySequence@@QAE@W4StandardKey@0@@Z
??0QKeySequence@@QAE@XZ
??0QLayoutPolicy@@AAE@H@Z
??0QLayoutPolicy@@QAE@W4Policy@0@0W4ControlType@0@@Z
??0QLayoutPolicy@@QAE@XZ
??0QLinearGradient@@QAE@ABV0@@Z
??0QLinearGradient@@QAE@ABVQPointF@@0@Z
??0QLinearGradient@@QAE@NNNN@Z
??0QLinearGradient@@QAE@XZ
??0QMatrix4x4@@AAE@H@Z
??0QMatrix4x4@@QAE@ABVQMatrix@@@Z
??0QMatrix4x4@@QAE@ABVQTransform@@@Z
??0QMatrix4x4@@QAE@MMMMMMMMMMMMMMMM@Z
??0QMatrix4x4@@QAE@PBM@Z
??0QMatrix4x4@@QAE@PBMHH@Z
??0QMatrix4x4@@QAE@W4Initialization@Qt@@@Z
??0QMatrix4x4@@QAE@XZ
??0QMatrix@@AAE@NNNNNN_N@Z
??0QMatrix@@AAE@_N@Z
??0QMatrix@@QAE@ABV0@@Z
??0QMatrix@@QAE@NNNNNN@Z
??0QMatrix@@QAE@W4Initialization@Qt@@@Z
??0QMatrix@@QAE@XZ
??0QMessageDialogOptions@@QAE@ABV0@@Z
??0QMessageDialogOptions@@QAE@XZ
??0QMouseEvent@@QAE@ABV0@@Z
??0QMouseEvent@@QAE@W4Type@QEvent@@ABVQPointF@@11W4MouseButton@Qt@@V?$QFlags@W4MouseButton@Qt@@@@V?$QFlags@W4KeyboardModifier@Qt@@@@@Z
??0QMouseEvent@@QAE@W4Type@QEvent@@ABVQPointF@@11W4MouseButton@Qt@@V?$QFlags@W4MouseButton@Qt@@@@V?$QFlags@W4KeyboardModifier@Qt@@@@W4MouseEventSource@5@@Z
??0QMouseEvent@@QAE@W4Type@QEvent@@ABVQPointF@@1W4MouseButton@Qt@@V?$QFlags@W4MouseButton@Qt@@@@V?$QFlags@W4KeyboardModifier@Qt@@@@@Z
??0QMouseEvent@@QAE@W4Type@QEvent@@ABVQPointF@@W4MouseButton@Qt@@V?$QFlags@W4MouseButton@Qt@@@@V?$QFlags@W4KeyboardModifier@Qt@@@@@Z
??0QMoveEvent@@QAE@ABV0@@Z
??0QMoveEvent@@QAE@ABVQPoint@@0@Z
??0QMovie@@QAE@ABVQString@@ABVQByteArray@@PAVQObject@@@Z
??0QMovie@@QAE@PAVQIODevice@@ABVQByteArray@@PAVQObject@@@Z
??0QMovie@@QAE@PAVQObject@@@Z
??0QNativeGestureEvent@@QAE@ABV0@@Z
??0QNativeGestureEvent@@QAE@W4NativeGestureType@Qt@@ABVQPointF@@11NK_K@Z
??0QOffscreenSurface@@QAE@PAVQScreen@@@Z
??0QOffscreenSurfacePrivate@@QAE@ABV0@@Z
??0QOffscreenSurfacePrivate@@QAE@XZ
??0QOpenGL2PaintEngineEx@@QAE@XZ
??0QOpenGLBuffer@@QAE@ABV0@@Z
??0QOpenGLBuffer@@QAE@W4Type@0@@Z
??0QOpenGLBuffer@@QAE@XZ
??0QOpenGLContext@@QAE@PAVQObject@@@Z
??0QOpenGLContextGroup@@AAE@XZ
??0QOpenGLContextGroupPrivate@@QAE@XZ
??0QOpenGLContextPrivate@@QAE@ABV0@@Z
??0QOpenGLContextPrivate@@QAE@XZ
??0QOpenGLCustomShaderStage@@QAE@ABV0@@Z
??0QOpenGLCustomShaderStage@@QAE@XZ
??0QOpenGLDebugLogger@@QAE@PAVQObject@@@Z
??0QOpenGLDebugMessage@@QAE@ABV0@@Z
??0QOpenGLDebugMessage@@QAE@XZ
??0QOpenGLEngineShaderManager@@QAE@PAVQOpenGLContext@@@Z
??0QOpenGLEngineSharedShaders@@QAE@ABV0@@Z
??0QOpenGLEngineSharedShaders@@QAE@PAVQOpenGLContext@@@Z
??0QOpenGLExtensionMatcher@@QAE@ABV0@@Z
??0QOpenGLExtensionMatcher@@QAE@XZ
??0QOpenGLExtensions@@QAE@PAVQOpenGLContext@@@Z
??0QOpenGLExtensions@@QAE@XZ
??0QOpenGLExtraFunctions@@QAE@PAVQOpenGLContext@@@Z
??0QOpenGLExtraFunctions@@QAE@XZ
??0QOpenGLFramebufferObject@@QAE@ABVQSize@@ABVQOpenGLFramebufferObjectFormat@@@Z
??0QOpenGLFramebufferObject@@QAE@ABVQSize@@I@Z
??0QOpenGLFramebufferObject@@QAE@ABVQSize@@W4Attachment@0@II@Z
??0QOpenGLFramebufferObject@@QAE@HHABVQOpenGLFramebufferObjectFormat@@@Z
??0QOpenGLFramebufferObject@@QAE@HHI@Z
??0QOpenGLFramebufferObject@@QAE@HHW4Attachment@0@II@Z
??0QOpenGLFramebufferObjectFormat@@QAE@ABV0@@Z
??0QOpenGLFramebufferObjectFormat@@QAE@XZ
??0QOpenGLFunctions@@QAE@PAVQOpenGLContext@@@Z
??0QOpenGLFunctions@@QAE@XZ
??0QOpenGLFunctions_1_0@@QAE@ABV0@@Z
??0QOpenGLFunctions_1_0@@QAE@XZ
??0QOpenGLFunctions_1_1@@QAE@ABV0@@Z
??0QOpenGLFunctions_1_1@@QAE@XZ
??0QOpenGLFunctions_1_2@@QAE@ABV0@@Z
??0QOpenGLFunctions_1_2@@QAE@XZ
??0QOpenGLFunctions_1_3@@QAE@ABV0@@Z
??0QOpenGLFunctions_1_3@@QAE@XZ
??0QOpenGLFunctions_1_4@@QAE@ABV0@@Z
??0QOpenGLFunctions_1_4@@QAE@XZ
??0QOpenGLFunctions_1_5@@QAE@ABV0@@Z
??0QOpenGLFunctions_1_5@@QAE@XZ
??0QOpenGLFunctions_2_0@@QAE@ABV0@@Z
??0QOpenGLFunctions_2_0@@QAE@XZ
??0QOpenGLFunctions_2_1@@QAE@ABV0@@Z
??0QOpenGLFunctions_2_1@@QAE@XZ
??0QOpenGLFunctions_3_0@@QAE@ABV0@@Z
??0QOpenGLFunctions_3_0@@QAE@XZ
??0QOpenGLFunctions_3_1@@QAE@ABV0@@Z
??0QOpenGLFunctions_3_1@@QAE@XZ
??0QOpenGLFunctions_3_2_Compatibility@@QAE@ABV0@@Z
??0QOpenGLFunctions_3_2_Compatibility@@QAE@XZ
??0QOpenGLFunctions_3_2_Core@@QAE@ABV0@@Z
??0QOpenGLFunctions_3_2_Core@@QAE@XZ
??0QOpenGLFunctions_3_3_Compatibility@@QAE@ABV0@@Z
??0QOpenGLFunctions_3_3_Compatibility@@QAE@XZ
??0QOpenGLFunctions_3_3_Core@@QAE@ABV0@@Z
??0QOpenGLFunctions_3_3_Core@@QAE@XZ
??0QOpenGLFunctions_4_0_Compatibility@@QAE@ABV0@@Z
??0QOpenGLFunctions_4_0_Compatibility@@QAE@XZ
??0QOpenGLFunctions_4_0_Core@@QAE@ABV0@@Z
??0QOpenGLFunctions_4_0_Core@@QAE@XZ
??0QOpenGLFunctions_4_1_Compatibility@@QAE@ABV0@@Z
??0QOpenGLFunctions_4_1_Compatibility@@QAE@XZ
??0QOpenGLFunctions_4_1_Core@@QAE@ABV0@@Z
??0QOpenGLFunctions_4_1_Core@@QAE@XZ
??0QOpenGLFunctions_4_2_Compatibility@@QAE@ABV0@@Z
??0QOpenGLFunctions_4_2_Compatibility@@QAE@XZ
??0QOpenGLFunctions_4_2_Core@@QAE@ABV0@@Z
??0QOpenGLFunctions_4_2_Core@@QAE@XZ
??0QOpenGLFunctions_4_3_Compatibility@@QAE@ABV0@@Z
??0QOpenGLFunctions_4_3_Compatibility@@QAE@XZ
??0QOpenGLFunctions_4_3_Core@@QAE@ABV0@@Z
??0QOpenGLFunctions_4_3_Core@@QAE@XZ
??0QOpenGLFunctions_4_4_Compatibility@@QAE@ABV0@@Z
??0QOpenGLFunctions_4_4_Compatibility@@QAE@XZ
??0QOpenGLFunctions_4_4_Core@@QAE@ABV0@@Z
??0QOpenGLFunctions_4_4_Core@@QAE@XZ
??0QOpenGLFunctions_4_5_Compatibility@@QAE@ABV0@@Z
??0QOpenGLFunctions_4_5_Compatibility@@QAE@XZ
??0QOpenGLFunctions_4_5_Core@@QAE@ABV0@@Z
??0QOpenGLFunctions_4_5_Core@@QAE@XZ
??0QOpenGLMultiGroupSharedResource@@QAE@XZ
??0QOpenGLPaintDevice@@IAE@AAVQOpenGLPaintDevicePrivate@@@Z
??0QOpenGLPaintDevice@@QAE@ABVQSize@@@Z
??0QOpenGLPaintDevice@@QAE@HH@Z
??0QOpenGLPaintDevice@@QAE@XZ
??0QOpenGLPaintDevicePrivate@@QAE@ABV0@@Z
??0QOpenGLPaintDevicePrivate@@QAE@ABVQSize@@@Z
??0QOpenGLPixelTransferOptions@@QAE@ABV0@@Z
??0QOpenGLPixelTransferOptions@@QAE@XZ
??0QOpenGLShader@@QAE@V?$QFlags@W4ShaderTypeBit@QOpenGLShader@@@@PAVQObject@@@Z
??0QOpenGLShaderProgram@@QAE@PAVQObject@@@Z
??0QOpenGLSharedResource@@QAE@PAVQOpenGLContextGroup@@@Z
??0QOpenGLSharedResourceGuard@@QAE@PAVQOpenGLContext@@IP6AXPAVQOpenGLFunctions@@I@Z@Z
??0QOpenGLTexture@@QAE@ABVQImage@@W4MipMapGeneration@0@@Z
??0QOpenGLTexture@@QAE@W4Target@0@@Z
??0QOpenGLTextureBlitter@@QAE@XZ
??0QOpenGLTextureCache@@QAE@PAVQOpenGLContext@@@Z
??0QOpenGLTextureGlyphCache@@QAE@W4GlyphFormat@QFontEngine@@ABVQTransform@@@Z
??0QOpenGLTimeMonitor@@QAE@PAVQObject@@@Z
??0QOpenGLTimerQuery@@QAE@PAVQObject@@@Z
??0QOpenGLVersionProfile@@QAE@ABV0@@Z
??0QOpenGLVersionProfile@@QAE@ABVQSurfaceFormat@@@Z
??0QOpenGLVersionProfile@@QAE@XZ
??0QOpenGLVertexArrayObject@@AAE@AAVQOpenGLVertexArrayObjectPrivate@@@Z
??0QOpenGLVertexArrayObject@@QAE@PAVQObject@@@Z
??0QOpenGLWindow@@QAE@PAVQOpenGLContext@@W4UpdateBehavior@0@PAVQWindow@@@Z
??0QOpenGLWindow@@QAE@W4UpdateBehavior@0@PAVQWindow@@@Z
??0QPageLayout@@QAE@ABV0@@Z
??0QPageLayout@@QAE@ABVQPageSize@@W4Orientation@0@ABVQMarginsF@@W4Unit@0@2@Z
??0QPageLayout@@QAE@XZ
??0QPageSize@@AAE@AAVQPageSizePrivate@@@Z
??0QPageSize@@AAE@ABVQString@@ABVQSize@@0@Z
??0QPageSize@@AAE@HABVQSize@@ABVQString@@@Z
??0QPageSize@@QAE@ABV0@@Z
??0QPageSize@@QAE@ABVQSize@@ABVQString@@W4SizeMatchPolicy@0@@Z
??0QPageSize@@QAE@ABVQSizeF@@W4Unit@0@ABVQString@@W4SizeMatchPolicy@0@@Z
??0QPageSize@@QAE@W4PageSizeId@0@@Z
??0QPageSize@@QAE@XZ
??0QPagedPaintDevice@@IAE@PAVQPagedPaintDevicePrivate@@@Z
??0QPagedPaintDevice@@QAE@XZ
??0QPagedPaintDevicePrivate@@QAE@ABV0@@Z
??0QPagedPaintDevicePrivate@@QAE@XZ
??0QPaintDevice@@IAE@XZ
??0QPaintDeviceWindow@@IAE@AAVQPaintDeviceWindowPrivate@@PAVQWindow@@@Z
??0QPaintDeviceWindowPrivate@@QAE@ABV0@@Z
??0QPaintDeviceWindowPrivate@@QAE@XZ
??0QPaintEngine@@IAE@AAVQPaintEnginePrivate@@V?$QFlags@W4PaintEngineFeature@QPaintEngine@@@@@Z
??0QPaintEngine@@QAE@V?$QFlags@W4PaintEngineFeature@QPaintEngine@@@@@Z
??0QPaintEngineEx@@IAE@AAVQPaintEngineExPrivate@@@Z
??0QPaintEngineEx@@QAE@XZ
??0QPaintEngineExPrivate@@QAE@XZ
??0QPaintEnginePrivate@@QAE@ABV0@@Z
??0QPaintEnginePrivate@@QAE@XZ
??0QPaintEngineState@@QAE@XZ
??0QPaintEvent@@QAE@ABV0@@Z
??0QPaintEvent@@QAE@ABVQRect@@@Z
??0QPaintEvent@@QAE@ABVQRegion@@@Z
??0QPainter@@QAE@PAVQPaintDevice@@@Z
??0QPainter@@QAE@XZ
??0QPainterPath@@QAE@ABV0@@Z
??0QPainterPath@@QAE@ABVQPointF@@@Z
??0QPainterPath@@QAE@XZ
??0QPainterPathStroker@@QAE@ABVQPen@@@Z
??0QPainterPathStroker@@QAE@XZ
??0QPainterState@@QAE@ABV0@@Z
??0QPainterState@@QAE@PBV0@@Z
??0QPainterState@@QAE@XZ
??0QPalette@@QAE@$$QAV0@@Z
??0QPalette@@QAE@ABV0@@Z
??0QPalette@@QAE@ABVQBrush@@00000000@Z
??0QPalette@@QAE@ABVQColor@@000000@Z
??0QPalette@@QAE@ABVQColor@@0@Z
??0QPalette@@QAE@ABVQColor@@@Z
??0QPalette@@QAE@W4GlobalColor@Qt@@@Z
??0QPalette@@QAE@XZ
??0QPathClipper@@QAE@ABVQPainterPath@@0@Z
??0QPdfEngine@@QAE@AAVQPdfEnginePrivate@@@Z
??0QPdfEngine@@QAE@XZ
??0QPdfEnginePrivate@@QAE@XZ
??0QPdfWriter@@QAE@ABVQString@@@Z
??0QPdfWriter@@QAE@PAVQIODevice@@@Z
??0QPen@@QAE@$$QAV0@@Z
??0QPen@@QAE@ABV0@@Z
??0QPen@@QAE@ABVQBrush@@NW4PenStyle@Qt@@W4PenCapStyle@3@W4PenJoinStyle@3@@Z
??0QPen@@QAE@ABVQColor@@@Z
??0QPen@@QAE@W4PenStyle@Qt@@@Z
??0QPen@@QAE@XZ
??0QPicture@@IAE@AAVQPicturePrivate@@@Z
??0QPicture@@QAE@ABV0@@Z
??0QPicture@@QAE@H@Z
??0QPictureFormatPlugin@@QAE@PAVQObject@@@Z
??0QPictureIO@@QAE@ABVQString@@PBD@Z
??0QPictureIO@@QAE@PAVQIODevice@@PBD@Z
??0QPictureIO@@QAE@XZ
??0QPixmap@@AAE@ABVQSize@@H@Z
??0QPixmap@@QAE@ABV0@@Z
??0QPixmap@@QAE@ABVQSize@@@Z
??0QPixmap@@QAE@ABVQString@@PBDV?$QFlags@W4ImageConversionFlag@Qt@@@@@Z
??0QPixmap@@QAE@HH@Z
??0QPixmap@@QAE@PAVQPlatformPixmap@@@Z
??0QPixmap@@QAE@QBQBD@Z
??0QPixmap@@QAE@XZ
??0QPixmapIconEngine@@QAE@ABV0@@Z
??0QPixmapIconEngine@@QAE@XZ
??0QPlatformAccessibility@@QAE@ABV0@@Z
??0QPlatformAccessibility@@QAE@XZ
??0QPlatformBackingStore@@QAE@ABV0@@Z
??0QPlatformBackingStore@@QAE@PAVQWindow@@@Z
??0QPlatformClipboard@@QAE@ABV0@@Z
??0QPlatformClipboard@@QAE@XZ
??0QPlatformColorDialogHelper@@QAE@XZ
??0QPlatformCursor@@QAE@XZ
??0QPlatformCursorImage@@QAE@ABV0@@Z
??0QPlatformCursorImage@@QAE@PBE0HHHH@Z

Sections

.text
Size: 2.8MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 137KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Security.dll
.dll windows x86

Password: 1896

140ea1a2783378133a762a7bc41e492d

Code Sign

02:ac:5c:26:6a:0b:40:9b:8f:0b:79:f2:ae:46:25:77
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2031, 00:00

Subject

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

03:55:db:cf:a2:75:1e:85:ba:b8:2f:2a:ea:1c:f2:e8
Certificate

Issuer

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/04/2020, 00:00

Not After

16/06/2023, 12:00

Subject

SERIALNUMBER=1962832,CN=International Media Ltd,O=International Media Ltd,ST=Tortola,C=VG,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13025647

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

02:ac:5c:26:6a:0b:40:9b:8f:0b:79:f2:ae:46:25:77
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2031, 00:00

Subject

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

02:d6:da:1a:da:8f:d6:b3:69:a2:ea:e1:6a:07:31:ef
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/04/2020, 00:00

Not After

16/06/2023, 12:00

Subject

SERIALNUMBER=1962832,CN=International Media Ltd,O=International Media Ltd,ST=Tortola,C=VG,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13025647

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

b0:cc:3f:24:46:44:ec:82:4c:c8:ff:34:cb:ef:f9:20:7c:34:66:7b:41:c8:18:03:20:b8:d3:93:79:97:95:11
Signer

Actual PE Digest

b0:cc:3f:24:46:44:ec:82:4c:c8:ff:34:cb:ef:f9:20:7c:34:66:7b:41:c8:18:03:20:b8:d3:93:79:97:95:11

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

true

Verification

Signing Certificate

SERIALNUMBER=1962832,CN=International Media Ltd,O=International Media Ltd,ST=Tortola,C=VG,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13025647

14/03/2021, 05:27
Valid: true

Chain 1

SERIALNUMBER=1962832,CN=International Media Ltd,O=International Media Ltd,ST=Tortola,C=VG,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13025647

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

7e:40:70:c7:0f:a0:fd:b3:ad:e9:f6:20:8d:ff:a9:47:b6:2a:88:4e
Signer

Actual PE Digest

7e:40:70:c7:0f:a0:fd:b3:ad:e9:f6:20:8d:ff:a9:47:b6:2a:88:4e

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

SERIALNUMBER=1962832,CN=International Media Ltd,O=International Media Ltd,ST=Tortola,C=VG,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13025647

14/03/2021, 05:27
Valid: false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

EnterCriticalSection
GetACP
CloseHandle
LocalFree
TlsAlloc
GetTickCount
OpenFileMappingW
VirtualFree
GetStartupInfoW
ExitProcess
InitializeCriticalSection
VirtualAlloc
RtlUnwind
GetCPInfo
GetCommandLineW
GetSystemInfo
GetProcAddress
LeaveCriticalSection
EnumSystemLocalesW
GetStdHandle
GetVersionExW
VerifyVersionInfoW
GetModuleHandleW
FreeLibrary
GetDiskFreeSpaceW
VerSetConditionMask
GetUserDefaultUILanguage
FindFirstFileW
TlsFree
GetModuleFileNameW
GetLastError
lstrlenW
CompareStringA
CompareStringW
CreateThread
WideCharToMultiByte
MapViewOfFile
MultiByteToWideChar
FindClose
LoadLibraryW
LoadLibraryA
ResetEvent
SetEvent
GetLocaleInfoW
GetVersion
RaiseException
SwitchToThread
GetLocalTime
WaitForSingleObject
WriteFile
DeleteCriticalSection
TlsGetValue
IsValidLocale
TlsSetValue
LoadLibraryExW
GetSystemDefaultUILanguage
EnumCalendarInfoW
LocalAlloc
GetCurrentThreadId
UnhandledExceptionFilter
VirtualQuery
CreateEventW
GetThreadLocale
Sleep
SetThreadLocale

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

user32

CallNextHookEx
CharUpperBuffW
CharNextW
CharLowerBuffW
SetWindowsHookExW
UnhookWindowsHookEx
LoadStringW
CharUpperW
GetSystemMetrics
MessageBoxW

oleaut32

SysAllocStringLen
SysFreeString
SysReAllocStringLen

netapi32

NetWkstaGetInfo
NetApiBufferFree

advapi32

RegQueryValueExW
RegCloseKey
RegOpenKeyExW

Exports

Exports

StartHook
StopHook

Sections

.text
Size: 109KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 22KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didata
Size: 512B - Virtual size: 456B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 153B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 69B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Setup.exe
.exe windows x86

Password: 1896

255e9e102b4e4a72086a49f4437717ea

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetModuleHandleA
FreeConsole
GetCurrentThreadId
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlUnwind
RaiseException
GetCommandLineA
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetLastError
InterlockedDecrement
HeapFree
HeapAlloc
Sleep
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
HeapSize
LoadLibraryA
InitializeCriticalSectionAndSpinCount
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA

Sections

.text
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 302KB - Virtual size: 305KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
borlndmm.dll
.dll windows x86

Password: 1896

7028057a1895f8e9d0c743af27770b1a

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

42:17:85:f6:b6:bc:98:c1:4a:5f:0b:89:76:96:f8:a8
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

11/07/2013, 00:00

Not After

09/08/2016, 23:59

Subject

CN=Embarcadero Technologies Inc.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Embarcadero Technologies Inc.,L=San Francisco,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

89:b5:c2:26:95:c0:90:93:d5:fb:3e:bd:56:2c:a5:a9:e2:78:f9:54
Signer

Actual PE Digest

89:b5:c2:26:95:c0:90:93:d5:fb:3e:bd:56:2c:a5:a9:e2:78:f9:54

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Embarcadero Technologies Inc.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Embarcadero Technologies Inc.,L=San Francisco,ST=California,C=US

06/11/2014, 21:37
Valid: false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

user32

MessageBoxA
MessageBoxA

kernel32

Sleep
VirtualFree
VirtualAlloc
VirtualQuery
GetSystemInfo
GetVersion
SetThreadLocale
WideCharToMultiByte
GetACP
GetStartupInfoW
GetProcAddress
GetModuleHandleW
GetCommandLineW
FreeLibrary
UnhandledExceptionFilter
RtlUnwind
RaiseException
ExitProcess
GetCurrentThreadId
DeleteCriticalSection
InitializeCriticalSection
WriteFile
GetStdHandle
CloseHandle
GetProcAddress
RaiseException
LoadLibraryA
GetLastError
TlsSetValue
TlsGetValue
TlsFree
TlsAlloc
LocalFree
LocalAlloc
FreeLibrary
VirtualQuery
GetVersionExW
GetProcAddress
InterlockedIncrement
InterlockedDecrement
FreeLibrary
CloseHandle
Sleep
VirtualFree
VirtualAlloc

Exports

Exports

@Borlndmm@HeapAddRef$qqrv
@Borlndmm@HeapRelease$qqrv
@Borlndmm@SysAllocMem$qqri
@Borlndmm@SysFreeMem$qqrpv
@Borlndmm@SysGetMem$qqri
@Borlndmm@SysReallocMem$qqrpvi
@Borlndmm@SysRegisterExpectedMemoryLeak$qqrpi
@Borlndmm@SysUnregisterExpectedMemoryLeak$qqrpi
DumpBlocks
FreeMemory
GetAllocMemCount
GetAllocMemSize
GetHeapStatus
GetMemory
ReallocMemory

Sections

.text
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 512B - Virtual size: 260B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 19KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 553B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 69B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
cc32100mt.dll
.dll windows x86

Password: 1896

8c6b03eae8fd279390ca970d47f5e142

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

Beep
CloseHandle
CompareStringA
CompareStringW
CreateDirectoryA
CreateDirectoryW
CreateFileA
CreateFileMappingA
CreateFileW
CreatePipe
CreateProcessA
CreateProcessW
CreateThread
DeleteCriticalSection
DeleteFileA
DeleteFileW
DosDateTimeToFileTime
DuplicateHandle
EnterCriticalSection
ExitProcess
ExitThread
FileTimeToDosDateTime
FileTimeToLocalFileTime
FileTimeToSystemTime
FillConsoleOutputAttribute
FillConsoleOutputCharacterA
FindClose
FindFirstFileA
FindFirstFileW
FindNextFileA
FindNextFileW
FlushConsoleInputBuffer
FlushFileBuffers
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetConsoleMode
GetConsoleScreenBufferInfo
GetCurrentDirectoryA
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetDateFormatA
GetDiskFreeSpaceA
GetDriveTypeA
GetDriveTypeW
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
GetExitCodeProcess
GetFileAttributesA
GetFileAttributesW
GetFileInformationByHandle
GetFileSize
GetFileTime
GetFileType
GetFullPathNameA
GetFullPathNameW
GetLargestConsoleWindowSize
GetLastError
GetLocalTime
GetLocaleInfoA
GetLogicalDrives
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetNumberOfConsoleInputEvents
GetOEMCP
GetProcAddress
GetProcessHeap
GetShortPathNameA
GetShortPathNameW
GetStartupInfoA
GetStartupInfoW
GetStdHandle
GetStringTypeA
GetStringTypeW
GetSystemDefaultLangID
GetSystemDirectoryA
GetSystemInfo
GetSystemTimeAsFileTime
GetTickCount
GetTimeZoneInformation
GetUserDefaultLCID
GetVersion
GetVersionExA
GetVolumeInformationA
GetVolumeInformationW
GlobalAlloc
GlobalFree
GlobalLock
GlobalReAlloc
GlobalSize
GlobalUnlock
HeapAlloc
HeapFree
HeapReAlloc
InitializeCriticalSection
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsDBCSLeadByteEx
IsDebuggerPresent
IsValidLocale
LCMapStringA
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadLibraryW
LocalAlloc
LocalFileTimeToFileTime
LocalFree
LockFile
MapViewOfFile
MoveFileA
MoveFileW
MultiByteToWideChar
OpenFileMappingA
PeekConsoleInputA
RaiseException
ReadConsoleInputA
ReadConsoleOutputA
ReadFile
RemoveDirectoryA
RemoveDirectoryW
RtlUnwind
ScrollConsoleScreenBufferA
SetConsoleCtrlHandler
SetConsoleCursorInfo
SetConsoleCursorPosition
SetConsoleMode
SetConsoleScreenBufferSize
SetConsoleWindowInfo
SetCurrentDirectoryA
SetCurrentDirectoryW
SetEndOfFile
SetEnvironmentVariableA
SetEnvironmentVariableW
SetErrorMode
SetFileAttributesA
SetFileAttributesW
SetFilePointer
SetFileTime
SetHandleCount
SetLastError
SetLocalTime
SetStdHandle
SetThreadLocale
Sleep
SystemTimeToFileTime
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
UnlockFile
UnmapViewOfFile
VirtualAlloc
VirtualFree
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
WriteConsoleInputA
WriteConsoleOutputA
WriteFile
lstrcmpiA

user32

CharLowerW
CharUpperW
EnumThreadWindows
MessageBoxA
wsprintfA
wsprintfW

Exports

Exports

@$bdele$qpv
@$bdele$qpvrx13std@nothrow_t
@$bdele$qpvt1
@$bdla$qpv
@$bdla$qpvrx13std@nothrow_t
@$bdla$qpvt1
@$blsh$qr42std@%basic_ostream$c19std@%char_traits$c%%rx3bcd
@$bnew$qui
@$bnew$quirx13std@nothrow_t
@$bnwa$qui
@$bnwa$quirx13std@nothrow_t
@$brsh$qr42std@%basic_istream$c19std@%char_traits$c%%r3bcd
@%time_put$b48std@%ostreambuf_iterator$b19std@%char_traits$b%%%@$bdtr$qv
@%time_put$b48std@%ostreambuf_iterator$b19std@%char_traits$b%%%@do_put$xq48std@%ostreambuf_iterator$b19std@%char_traits$b%%r12std@ios_basebpx6std@tmcc
@%time_put$b48std@%ostreambuf_iterator$b19std@%char_traits$b%%%@id
@TRegexp@$bctr$qpxc
@TRegexp@$bctr$qrx7TRegexp
@TRegexp@$bdtr$qv
@TRegexp@copy_pattern$qrx7TRegexp
@TRegexp@find$xqpxcpuiui
@TRegexp@gen_pattern$qpxc
@TRegexp@maxpat
@_CatchCleanup$qv
@_FastMM_AllocMem
@_FastMM_BinMediumSequentialFeedRemainder
@_FastMM_FreeMem
@_FastMM_GetMem
@_FastMM_InsertMediumBlockIntoBin
@_FastMM_LockCmpxchg
@_FastMM_Move12
@_FastMM_Move20
@_FastMM_Move28
@_FastMM_Move36
@_FastMM_Move44
@_FastMM_Move52
@_FastMM_Move60
@_FastMM_Move68
@_FastMM_MoveX16L4
@_FastMM_MoveX8L4
@_FastMM_ReallocMem
@_FastMM_RemoveMediumFreeBlock
@_InitTermAndUnexPtrs$qv
@_ReThrowException$quipuc
@_ThrowExceptionLDTC$qpvt1t1t1uiuiuipuct1
@__DynamicCast$qpvt1t1t1i
@__DynamicCastVCLptr$qqrpvt1
@__DynamicCastVCLref$qqrpvt1
@__GetTypeInfo$qpvt1t1
@__GetTypeInfo$qpvt1t1t1
@__ThrowExceptionName$qv
@__ThrowFileName$qv
@__ThrowLineNumber$qv
@__getExceptVarRec$qv
@_cast_memptr$qpvt1uiuiui
@_internal_memmove
@_vcl_GetHeapStatus$qv
@_vector_apply_$qpvt1uiuiuit1
@_vector_vapply_$qpvt1uiuiuit1
@setExceptionFuncAddr$qpqp17_EXCEPTION_RECORDpp4tpid$pvppqqrp17_EXCEPTION_RECORD$v
@setRaiseListFuncAddr$qpvt1
@std@$badd$qpxbrx60std@%basic_string$b19std@%char_traits$b%17std@%allocator$b%%$60std@%basic_string$b19std@%char_traits$b%17std@%allocator$b%%
@std@$badd$qpxcrx60std@%basic_string$c19std@%char_traits$c%17std@%allocator$c%%$60std@%basic_string$c19std@%char_traits$c%17std@%allocator$c%%
@std@$badd$qrx60std@%basic_string$b19std@%char_traits$b%17std@%allocator$b%%pxb$60std@%basic_string$b19std@%char_traits$b%17std@%allocator$b%%
@std@$badd$qrx60std@%basic_string$b19std@%char_traits$b%17std@%allocator$b%%t1$60std@%basic_string$b19std@%char_traits$b%17std@%allocator$b%%
@std@$badd$qrx60std@%basic_string$b19std@%char_traits$b%17std@%allocator$b%%xb$60std@%basic_string$b19std@%char_traits$b%17std@%allocator$b%%
@std@$badd$qrx60std@%basic_string$c19std@%char_traits$c%17std@%allocator$c%%pxc$60std@%basic_string$c19std@%char_traits$c%17std@%allocator$c%%
@std@$badd$qrx60std@%basic_string$c19std@%char_traits$c%17std@%allocator$c%%t1$60std@%basic_string$c19std@%char_traits$c%17std@%allocator$c%%
@std@$badd$qrx60std@%basic_string$c19std@%char_traits$c%17std@%allocator$c%%xc$60std@%basic_string$c19std@%char_traits$c%17std@%allocator$c%%
@std@$badd$qxbrx60std@%basic_string$b19std@%char_traits$b%17std@%allocator$b%%$60std@%basic_string$b19std@%char_traits$b%17std@%allocator$b%%
@std@$badd$qxcrx60std@%basic_string$c19std@%char_traits$c%17std@%allocator$c%%$60std@%basic_string$c19std@%char_traits$c%17std@%allocator$c%%
@std@$beql$qpxbrx60std@%basic_string$b19std@%char_traits$b%17std@%allocator$b%%$o
@std@$beql$qpxcrx60std@%basic_string$c19std@%char_traits$c%17std@%allocator$c%%$o
@std@$beql$qrx60std@%basic_string$b19std@%char_traits$b%17std@%allocator$b%%pxb$o
@std@$beql$qrx60std@%basic_string$b19std@%char_traits$b%17std@%allocator$b%%t1$o
@std@$beql$qrx60std@%basic_string$c19std@%char_traits$c%17std@%allocator$c%%pxc$o
@std@$beql$qrx60std@%basic_string$c19std@%char_traits$c%17std@%allocator$c%%t1$o
@std@$bgeq$qpxbrx60std@%basic_string$b19std@%char_traits$b%17std@%allocator$b%%$o
@std@$bgeq$qpxcrx60std@%basic_string$c19std@%char_traits$c%17std@%allocator$c%%$o
@std@$bgeq$qrx60std@%basic_string$b19std@%char_traits$b%17std@%allocator$b%%pxb$o
@std@$bgeq$qrx60std@%basic_string$b19std@%char_traits$b%17std@%allocator$b%%t1$o
@std@$bgeq$qrx60std@%basic_string$c19std@%char_traits$c%17std@%allocator$c%%pxc$o
@std@$bgeq$qrx60std@%basic_string$c19std@%char_traits$c%17std@%allocator$c%%t1$o
@std@$bgtr$qpxbrx60std@%basic_string$b19std@%char_traits$b%17std@%allocator$b%%$o
@std@$bgtr$qpxcrx60std@%basic_string$c19std@%char_traits$c%17std@%allocator$c%%$o
@std@$bgtr$qrx60std@%basic_string$b19std@%char_traits$b%17std@%allocator$b%%pxb$o
@std@$bgtr$qrx60std@%basic_string$b19std@%char_traits$b%17std@%allocator$b%%t1$o
@std@$bgtr$qrx60std@%basic_string$c19std@%char_traits$c%17std@%allocator$c%%pxc$o
@std@$bgtr$qrx60std@%basic_string$c19std@%char_traits$c%17std@%allocator$c%%t1$o
@std@$bleq$qpxbrx60std@%basic_string$b19std@%char_traits$b%17std@%allocator$b%%$o
@std@$bleq$qpxcrx60std@%basic_string$c19std@%char_traits$c%17std@%allocator$c%%$o
@std@$bleq$qrx60std@%basic_string$b19std@%char_traits$b%17std@%allocator$b%%pxb$o
@std@$bleq$qrx60std@%basic_string$b19std@%char_traits$b%17std@%allocator$b%%t1$o
@std@$bleq$qrx60std@%basic_string$c19std@%char_traits$c%17std@%allocator$c%%pxc$o
@std@$bleq$qrx60std@%basic_string$c19std@%char_traits$c%17std@%allocator$c%%t1$o
@std@$blsh$qr42std@%basic_ostream$b19std@%char_traits$b%%b$r42std@%basic_ostream$b19std@%char_traits$b%%
@std@$blsh$qr42std@%basic_ostream$b19std@%char_traits$b%%pxb$r42std@%basic_ostream$b19std@%char_traits$b%%
@std@$blsh$qr42std@%basic_ostream$b19std@%char_traits$b%%rx60std@%basic_string$b19std@%char_traits$b%17std@%allocator$b%%$r42std@%basic_ostream$b19std@%char_traits$b%%
@std@$blsh$qr42std@%basic_ostream$c19std@%char_traits$c%%c$r42std@%basic_ostream$c19std@%char_traits$c%%
@std@$blsh$qr42std@%basic_ostream$c19std@%char_traits$c%%pxc$r42std@%basic_ostream$c19std@%char_traits$c%%
@std@$blsh$qr42std@%basic_ostream$c19std@%char_traits$c%%pxuc$r42std@%basic_ostream$c19std@%char_traits$c%%
@std@$blsh$qr42std@%basic_ostream$c19std@%char_traits$c%%pxzc$r42std@%basic_ostream$c19std@%char_traits$c%%
@std@$blsh$qr42std@%basic_ostream$c19std@%char_traits$c%%rx60std@%basic_string$c19std@%char_traits$c%17std@%allocator$c%%$r42std@%basic_ostream$c19std@%char_traits$c%%
@std@$blsh$qr42std@%basic_ostream$c19std@%char_traits$c%%uc$r42std@%basic_ostream$c19std@%char_traits$c%%
@std@$blsh$qr42std@%basic_ostream$c19std@%char_traits$c%%zc$r42std@%basic_ostream$c19std@%char_traits$c%%
@std@$blss$qpxbrx60std@%basic_string$b19std@%char_traits$b%17std@%allocator$b%%$o
@std@$blss$qpxcrx60std@%basic_string$c19std@%char_traits$c%17std@%allocator$c%%$o
@std@$blss$qrx60std@%basic_string$b19std@%char_traits$b%17std@%allocator$b%%pxb$o
@std@$blss$qrx60std@%basic_string$b19std@%char_traits$b%17std@%allocator$b%%t1$o
@std@$blss$qrx60std@%basic_string$c19std@%char_traits$c%17std@%allocator$c%%pxc$o
@std@$blss$qrx60std@%basic_string$c19std@%char_traits$c%17std@%allocator$c%%t1$o
@std@$bneq$qpxbrx60std@%basic_string$b19std@%char_traits$b%17std@%allocator$b%%$o
@std@$bneq$qpxcrx60std@%basic_string$c19std@%char_traits$c%17std@%allocator$c%%$o
@std@$bneq$qrx60std@%basic_string$b19std@%char_traits$b%17std@%allocator$b%%pxb$o
@std@$bneq$qrx60std@%basic_string$b19std@%char_traits$b%17std@%allocator$b%%t1$o
@std@$bneq$qrx60std@%basic_string$c19std@%char_traits$c%17std@%allocator$c%%pxc$o
@std@$bneq$qrx60std@%basic_string$c19std@%char_traits$c%17std@%allocator$c%%t1$o
@std@$brsh$qr42std@%basic_istream$b19std@%char_traits$b%%pb$r42std@%basic_istream$b19std@%char_traits$b%%
@std@$brsh$qr42std@%basic_istream$b19std@%char_traits$b%%r60std@%basic_string$b19std@%char_traits$b%17std@%allocator$b%%$r42std@%basic_istream$b19std@%char_traits$b%%
@std@$brsh$qr42std@%basic_istream$b19std@%char_traits$b%%rb$r42std@%basic_istream$b19std@%char_traits$b%%
@std@$brsh$qr42std@%basic_istream$c19std@%char_traits$c%%pc$r42std@%basic_istream$c19std@%char_traits$c%%
@std@$brsh$qr42std@%basic_istream$c19std@%char_traits$c%%puc$r42std@%basic_istream$c19std@%char_traits$c%%
@std@$brsh$qr42std@%basic_istream$c19std@%char_traits$c%%pzc$r42std@%basic_istream$c19std@%char_traits$c%%
@std@$brsh$qr42std@%basic_istream$c19std@%char_traits$c%%r60std@%basic_string$c19std@%char_traits$c%17std@%allocator$c%%$r42std@%basic_istream$c19std@%char_traits$c%%
@std@$brsh$qr42std@%basic_istream$c19std@%char_traits$c%%rc$r42std@%basic_istream$c19std@%char_traits$c%%
@std@$brsh$qr42std@%basic_istream$c19std@%char_traits$c%%ruc$r42std@%basic_istream$c19std@%char_traits$c%%
@std@$brsh$qr42std@%basic_istream$c19std@%char_traits$c%%rzc$r42std@%basic_istream$c19std@%char_traits$c%%
@std@%basic_string$c19std@%char_traits$c%17std@%allocator$c%%@npos
@std@%codecvt$bci%@$bdtr$qv
@std@%codecvt$bci%@do_always_noconv$xqv
@std@%codecvt$bci%@do_encoding$xqv
@std@%codecvt$bci%@do_in$xqripxct2rpxcpbt5rpb
@std@%codecvt$bci%@do_length$xqrxipxct2ui
@std@%codecvt$bci%@do_max_length$xqv
@std@%codecvt$bci%@do_out$xqripxbt2rpxbpct5rpc
@std@%codecvt$bci%@do_unshift$xqripct2rpc
@std@%codecvt$bci%@id
@std@%codecvt$cci%@id
@std@%collate$b%@id
@std@%collate$c%@id
@std@%ctype$b%@$bdtr$qv
@std@%ctype$b%@do_is$xqpxbt1ps
@std@%ctype$b%@do_is$xqsb
@std@%ctype$b%@do_narrow$xqbc
@std@%ctype$b%@do_narrow$xqpxbt1cpc
@std@%ctype$b%@do_scan_is$xqspxbt2
@std@%ctype$b%@do_scan_not$xqspxbt2
@std@%ctype$b%@do_tolower$xqb
@std@%ctype$b%@do_tolower$xqpbpxb
@std@%ctype$b%@do_toupper$xqb
@std@%ctype$b%@do_toupper$xqpbpxb
@std@%ctype$b%@do_widen$xqc
@std@%ctype$b%@do_widen$xqpxct1pb
@std@%ctype$b%@id
@std@%ctype$c%@$bdtr$qv
@std@%ctype$c%@do_narrow$xqcc
@std@%ctype$c%@do_narrow$xqpxct1cpc
@std@%ctype$c%@do_tolower$xqc
@std@%ctype$c%@do_tolower$xqpcpxc
@std@%ctype$c%@do_toupper$xqc
@std@%ctype$c%@do_toupper$xqpcpxc
@std@%ctype$c%@do_widen$xqc
@std@%ctype$c%@do_widen$xqpxct1pc
@std@%ctype$c%@id
@std@%ctype$c%@table_size
@std@%getline$b19std@%char_traits$b%17std@%allocator$b%%$qr42std@%basic_istream$b19std@%char_traits$b%%r60std@%basic_string$b19std@%char_traits$b%17std@%allocator$b%%$r42std@%basic_istream$b19std@%char_traits$b%%
@std@%getline$b19std@%char_traits$b%17std@%allocator$b%%$qr42std@%basic_istream$b19std@%char_traits$b%%r60std@%basic_string$b19std@%char_traits$b%17std@%allocator$b%%xb$r42std@%basic_istream$b19std@%char_traits$b%%
@std@%getline$c19std@%char_traits$c%17std@%allocator$c%%$qr42std@%basic_istream$c19std@%char_traits$c%%r60std@%basic_string$c19std@%char_traits$c%17std@%allocator$c%%$r42std@%basic_istream$c19std@%char_traits$c%%
@std@%getline$c19std@%char_traits$c%17std@%allocator$c%%$qr42std@%basic_istream$c19std@%char_traits$c%%r60std@%basic_string$c19std@%char_traits$c%17std@%allocator$c%%xc$r42std@%basic_istream$c19std@%char_traits$c%%
@std@%messages$b%@id
@std@%messages$c%@id
@std@%money_get$b48std@%istreambuf_iterator$b19std@%char_traits$b%%%@id
@std@%money_get$c48std@%istreambuf_iterator$c19std@%char_traits$c%%%@id
@std@%money_put$b48std@%ostreambuf_iterator$b19std@%char_traits$b%%%@id
@std@%money_put$c48std@%ostreambuf_iterator$c19std@%char_traits$c%%%@id
@std@%moneypunct$bo$i0$%@$bdtr$qv
@std@%moneypunct$bo$i0$%@id
@std@%moneypunct$bo$i0$%@intl
@std@%moneypunct$bo$i1$%@$bdtr$qv
@std@%moneypunct$bo$i1$%@id
@std@%moneypunct$bo$i1$%@intl
@std@%moneypunct$co$i0$%@$bdtr$qv
@std@%moneypunct$co$i0$%@id
@std@%moneypunct$co$i0$%@intl
@std@%moneypunct$co$i1$%@$bdtr$qv
@std@%moneypunct$co$i1$%@id
@std@%moneypunct$co$i1$%@intl
@std@%num_get$b48std@%istreambuf_iterator$b19std@%char_traits$b%%%@id
@std@%num_get$c48std@%istreambuf_iterator$c19std@%char_traits$c%%%@id
@std@%num_put$b48std@%ostreambuf_iterator$b19std@%char_traits$b%%%@id
@std@%num_put$c48std@%ostreambuf_iterator$c19std@%char_traits$c%%%@id
@std@%numeric_limits$b%@digits
@std@%numeric_limits$b%@digits10
@std@%numeric_limits$b%@is_signed
@std@%numeric_limits$c%@digits
@std@%numeric_limits$c%@digits10
@std@%numeric_limits$c%@is_signed
@std@%numeric_limits$d%@digits
@std@%numeric_limits$d%@digits10
@std@%numeric_limits$d%@max_exponent
@std@%numeric_limits$d%@max_exponent10
@std@%numeric_limits$d%@min_exponent
@std@%numeric_limits$d%@min_exponent10
@std@%numeric_limits$f%@digits
@std@%numeric_limits$f%@digits10
@std@%numeric_limits$f%@max_exponent
@std@%numeric_limits$f%@max_exponent10
@std@%numeric_limits$f%@min_exponent
@std@%numeric_limits$f%@min_exponent10
@std@%numeric_limits$g%@digits
@std@%numeric_limits$g%@digits10
@std@%numeric_limits$g%@max_exponent
@std@%numeric_limits$g%@max_exponent10
@std@%numeric_limits$g%@min_exponent
@std@%numeric_limits$g%@min_exponent10
@std@%numeric_limits$i%@digits
@std@%numeric_limits$i%@digits10
@std@%numeric_limits$i%@is_signed
@std@%numeric_limits$j%@digits
@std@%numeric_limits$j%@digits10
@std@%numeric_limits$j%@is_signed
@std@%numeric_limits$l%@digits
@std@%numeric_limits$l%@digits10
@std@%numeric_limits$l%@is_signed
@std@%numeric_limits$o%@digits
@std@%numeric_limits$o%@digits10
@std@%numeric_limits$o%@is_modulo
@std@%numeric_limits$o%@is_signed
@std@%numeric_limits$s%@digits
@std@%numeric_limits$s%@digits10
@std@%numeric_limits$s%@is_signed
@std@%numeric_limits$uc%@digits
@std@%numeric_limits$uc%@digits10
@std@%numeric_limits$uc%@is_signed
@std@%numeric_limits$ui%@digits
@std@%numeric_limits$ui%@digits10
@std@%numeric_limits$ui%@is_signed
@std@%numeric_limits$uj%@digits
@std@%numeric_limits$uj%@digits10
@std@%numeric_limits$uj%@is_signed
@std@%numeric_limits$ul%@digits
@std@%numeric_limits$ul%@digits10
@std@%numeric_limits$ul%@is_signed
@std@%numeric_limits$us%@digits
@std@%numeric_limits$us%@digits10
@std@%numeric_limits$us%@is_signed
@std@%numeric_limits$zc%@digits
@std@%numeric_limits$zc%@digits10
@std@%numeric_limits$zc%@is_signed
@std@%numpunct$b%@id
@std@%numpunct$c%@id
@std@%time_get$b48std@%istreambuf_iterator$b19std@%char_traits$b%%%@id
@std@%time_get$c48std@%istreambuf_iterator$c19std@%char_traits$c%%%@id
@std@%time_put$c48std@%ostreambuf_iterator$c19std@%char_traits$c%%%@id
@std@_BADOFF
@std@_Debug_message$qpxct1
@std@_Fiopen$qpxb23std@%_Iosb$i%@_Openmodei
@std@_Fiopen$qpxc23std@%_Iosb$i%@_Openmodei
@std@_Fpz
@std@_Ios_init
@std@_Locinfo@$bctr$qipxc
@std@_Locinfo@$bctr$qpxc
@std@_Locinfo@$bctr$qrx60std@%basic_string$c19std@%char_traits$c%17std@%allocator$c%%
@std@_Locinfo@$bdtr$qv
@std@_Locinfo@_Addcats$qipxc
@std@_Locinfo@_Getcoll$xqv
@std@_Locinfo@_Getctype$xqv
@std@_Locinfo@_Getcvt$xqv
@std@_Locinfo@_Gettnames$xqv
@std@_Lockit@$bdtr$qv
@std@_New_hand
@std@_Num_base@digits
@std@_Num_base@digits10
@std@_Num_base@has_denorm
@std@_Num_base@has_denorm_loss
@std@_Num_base@has_infinity
@std@_Num_base@has_quiet_NaN
@std@_Num_base@has_signaling_NaN
@std@_Num_base@is_bounded
@std@_Num_base@is_exact
@std@_Num_base@is_iec559
@std@_Num_base@is_integer
@std@_Num_base@is_modulo
@std@_Num_base@is_signed
@std@_Num_base@is_specialized
@std@_Num_base@max_exponent
@std@_Num_base@max_exponent10
@std@_Num_base@min_exponent
@std@_Num_base@min_exponent10
@std@_Num_base@radix
@std@_Num_base@round_style
@std@_Num_base@tinyness_before
@std@_Num_base@traps
@std@_Num_float_base@has_denorm
@std@_Num_float_base@has_denorm_loss
@std@_Num_float_base@has_infinity
@std@_Num_float_base@has_quiet_NaN
@std@_Num_float_base@has_signaling_NaN
@std@_Num_float_base@is_bounded
@std@_Num_float_base@is_exact
@std@_Num_float_base@is_iec559
@std@_Num_float_base@is_integer
@std@_Num_float_base@is_modulo
@std@_Num_float_base@is_signed
@std@_Num_float_base@is_specialized
@std@_Num_float_base@radix
@std@_Num_float_base@round_style
@std@_Num_float_base@tinyness_before
@std@_Num_float_base@traps
@std@_Num_int_base@is_bounded
@std@_Num_int_base@is_exact
@std@_Num_int_base@is_integer
@std@_Num_int_base@is_modulo
@std@_Num_int_base@is_specialized
@std@_Num_int_base@radix
@std@_Raise_handler
@std@_String_base@_Xlen$xqv
@std@_String_base@_Xran$xqv
@std@_Throw$qrx13std@exception
@std@_Winit@$bctr$qv
@std@_Winit@$bdtr$qv
@std@_Winit@_Init_cnt
@std@_Wios_init
@std@bad_exception@$bctr$qv
@std@bad_exception@$bdtr$qv
@std@cerr
@std@cin
@std@clog
@std@codecvt_base@$bdtr$qv
@std@codecvt_base@always_noconv$xqv
@std@codecvt_base@do_always_noconv$xqv
@std@codecvt_base@do_encoding$xqv
@std@codecvt_base@do_max_length$xqv
@std@cout
@std@ctype_base@$bdtr$qv
@std@exception@$bctr$qv
@std@exception@$bdtr$qv
@std@exception@_Set_raise_handler$qpqrx13std@exception$v
@std@exception@what$xqv
@std@ios_base@$bdtr$qv
@std@ios_base@Init@$bctr$qv
@std@ios_base@Init@$bdtr$qv
@std@ios_base@Init@_Init_cnt
@std@ios_base@_Addstd$qv
@std@ios_base@_Callfns$q18std@ios_base@event
@std@ios_base@_Findarr$qi
@std@ios_base@_Index
@std@ios_base@_Init$qv
@std@ios_base@_Sync
@std@ios_base@_Tidy$qv
@std@ios_base@clear$q22std@%_Iosb$i%@_Iostateo
@std@ios_base@copyfmt$qrx12std@ios_base
@std@ios_base@imbue$qrx10std@locale
@std@ios_base@register_callback$qpq18std@ios_base@eventr12std@ios_basei$vi
@std@istrstream@$bdtr$qv
@std@locale@$basg$qrx10std@locale
@std@locale@$bctr$qpxci
@std@locale@$bctr$qrx10std@locale
@std@locale@$bctr$qrx10std@localepxci
@std@locale@$bctr$qrx10std@localet1i
@std@locale@$bctr$qv
@std@locale@$bdtr$qv
@std@locale@$beql$xqrx10std@locale
@std@locale@_Addfac$qp16std@locale@facetuiui
@std@locale@_Getfacet$xqui
@std@locale@_Init$qv
@std@locale@_Locimp@$bctr$qo
@std@locale@_Locimp@$bctr$qrx18std@locale@_Locimp
@std@locale@_Locimp@$bdtr$qv
@std@locale@_Locimp@_Addfac$qp16std@locale@facetui
@std@locale@classic$qv
@std@locale@empty$qv
@std@locale@facet@$bdtr$qv
@std@locale@facet@_Register$qv
@std@locale@global$qrx10std@locale
@std@locale@id@_Id_cnt
@std@nothrow
@std@ostrstream@$bctr$qpci23std@%_Iosb$i%@_Openmode
@std@ostrstream@$bdtr$qv
@std@resetiosflags$q23std@%_Iosb$i%@_Fmtflags
@std@set_new_handler$qpqv$v
@std@set_terminate$qpqv$v
@std@set_unexpected$qpqv$v
@std@setbase$qi
@std@setiosflags$q23std@%_Iosb$i%@_Fmtflags
@std@setprecision$qi
@std@setw$qi
@std@strstream@$bctr$qpci23std@%_Iosb$i%@_Openmode
@std@strstream@$bdtr$qv
@std@strstreambuf@$bdtr$qv
@std@strstreambuf@_Init$qipct2i
@std@strstreambuf@_Tidy$qv
@std@strstreambuf@freeze$qo
@std@strstreambuf@overflow$qi
@std@strstreambuf@pbackfail$qi
@std@strstreambuf@seekoff$qj22std@%_Iosb$i%@_Seekdir23std@%_Iosb$i%@_Openmode
@std@strstreambuf@seekpos$q12std@%fpos$i%23std@%_Iosb$i%@_Openmode
@std@strstreambuf@underflow$qv
@std@swprintf$qpbuipxbe
@std@terminate$qv
@std@tr1@_MP_Add$qpujuj
@std@tr1@_MP_Get$qpuj
@std@tr1@_MP_Mul$qpujujuj
@std@tr1@_MP_Rem$qpujuj
@std@tr1@_Rng_abort$qpxc
@std@tr1@_XLgamma$qd
@std@tr1@_XLgamma$qf
@std@tr1@_XLgamma$qg
@std@tr1@_Xinvalid$qpxc
@std@type_info@$basg$qrx13std@type_info
@std@type_info@$bctr$qrx13std@type_info
@std@type_info@$bdtr$qv
@std@type_info@$beql$xqrx13std@type_info
@std@type_info@$bneq$xqrx13std@type_info
@std@type_info@_first_base$xqr24std@type_info@_base_info
@std@type_info@_first_vbase$xqr25std@type_info@_vbase_info
@std@type_info@_guid$xqv
@std@type_info@_internal_rtti_cast$xqpvpx13std@type_info
@std@type_info@_next_base$xqr24std@type_info@_base_info
@std@type_info@before$xqrx13std@type_info
@std@type_info@name$xqv
@std@unexpected$qv
@std@wcerr
@std@wcin
@std@wclog
@std@wcout
@xmsg@$basg$qrx4xmsg
@xmsg@$bctr$qrx4xmsg
@xmsg@$bctr$qrx60std@%basic_string$c19std@%char_traits$c%17std@%allocator$c%%
@xmsg@$bdtr$qv
@xmsg@raise$qv
@xmsg@what$xqv
__8087
__Atan
__Atexit
__Cosh
__CurrExcContext
__Denorm
__Dint
__Dnorm
__Dscale
__Dtest
__Dunscale
__Eps
__ErrorExit
__ErrorMessage
__Exp
__FAtan
__FCosh
__FDenorm
__FDint
__FDnorm
__FDscale
__FDtest
__FDunscale
__FEps
__FExp
__FInf
__FLog
__FNan
__FPow
__FRteps
__FSin
__FSinh
__FSnan
__FUnloadDelayLoadedDLL
__FXbig
__FZero
__Feraise
__Getctyptab
__Global_unwind
__Hugeval
__Inf
__InterlockedDecrement
__InterlockedIncrement
__LCosh
__LDenorm
__LDint
__LDnorm
__LDscale
__LDtest
__LDunscale
__LEps
__LExp
__LInf
__LNan
__LPoly
__LRteps
__LSin
__LSinh
__LSnan
__LXbig
__LZero
__Local_unwind
__Locksyslock
__Mtxdst
__Mtxinit
__Mtxlock
__Mtxunlock
__Nan
__Once

Sections

.text
Size: 904KB - Virtual size: 908KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 122KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 46KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
dbghelp.dll
.dll windows x86

Password: 1896

f7cb4432172d116632abc77471a1a600

Code Sign

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

61:06:bf:fe:00:00:00:00:00:14
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/06/2007, 21:56

Not After

22/09/2008, 22:06

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

61:14:2c:a7:00:00:00:00:00:06
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

12/06/2007, 23:54

Not After

13/06/2012, 00:04

Subject

CN=Microsoft Timestamping Service,OU=nCipher DSE ESN:27F4-D440-54F3,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

61:14:2c:a7:00:00:00:00:00:06
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

12/06/2007, 23:54

Not After

13/06/2012, 00:04

Subject

CN=Microsoft Timestamping Service,OU=nCipher DSE ESN:27F4-D440-54F3,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16/09/2006, 01:04

Not After

15/09/2019, 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:15:08:27:00:00:00:00:00:0c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

25/01/2006, 23:22

Not After

25/01/2017, 23:32

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

a1:03:2f:43:6a:f5:0c:26:23:9e:70:3c:b2:4f:25:d8:64:c5:09:6e
Signer

Actual PE Digest

a1:03:2f:43:6a:f5:0c:26:23:9e:70:3c:b2:4f:25:d8:64:c5:09:6e

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

27/09/2007, 22:47
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_write
_lseeki64
_fileno
_read
__pioinfo
__badioinfo
ferror
wctomb
_snprintf
isleadbyte
mbtowc
isdigit
_onexit
_lock
__dllonexit
_unlock
_ismbblead
_amsg_exit
_initterm
_XcptFilter
memmove
_iob
__mb_cur_max
strchr
_vsnwprintf
iswprint
atol
??3@YAXPAX@Z
__unDName
_CxxThrowException
bsearch
fread
fseek
_wfsopen
_fsopen
wcstol
_fullpath
_wfullpath
_wgetenv
_get_osfhandle
_chsize
_close
_open_osfhandle
ftell
_memicmp
_mbscmp
??1type_info@@UAE@XZ
_errno
__CxxFrameHandler
iswspace
calloc
_itoa
_wcsdup
towlower
tolower
_wcslwr
time
_wctime
_ltoa
_wcsnicmp
_purecall
ctime
malloc
strncmp
isspace
_isatty
fclose
_stricmp
_strlwr
free
wcsrchr
strstr
memcpy
_wcsicmp
qsort
wcschr
wcsstr
wcsncmp
iswxdigit
memset
??2@YAPAXI@Z
_wsopen
_sopen

kernel32

ExpandEnvironmentStringsA
InitializeCriticalSectionAndSpinCount
DeviceIoControl
DeleteFileA
CopyFileA
SetFileAttributesA
LCMapStringA
InterlockedIncrement
InterlockedDecrement
LocalFree
MapViewOfFileEx
FlushViewOfFile
GetFileType
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetTickCount
QueryPerformanceCounter
RtlUnwind
InterlockedCompareExchange
InterlockedExchange
GetThreadSelectorEntry
CreateThread
TerminateThread
VirtualQueryEx
GetPriorityClass
GetThreadPriority
GetThreadTimes
GetThreadContext
ResumeThread
SuspendThread
GetCurrentThreadId
GetSystemTimeAsFileTime
LoadLibraryA
Sleep
GetVersion
GetSystemInfo
ReadProcessMemory
GetProcessHeap
GetFileAttributesA
SetErrorMode
WriteFile
OutputDebugStringA
VirtualFree
OpenProcess
GetCurrentProcessId
CreateFileMappingA
MapViewOfFile
FindClose
LocalAlloc
SetLastError
LeaveCriticalSection
EnterCriticalSection
CloseHandle
ReadFile
GetFileSize
CreateFileA
GetLastError
TlsSetValue
TlsGetValue
TlsAlloc
TlsFree
DeleteCriticalSection
HeapDestroy
FreeLibrary
HeapCreate
InitializeCriticalSection
GetVersionExA
HeapReAlloc
HeapAlloc
HeapFree
IsDBCSLeadByte
SetFilePointer
GetCurrentProcess
UnmapViewOfFile
CreateDirectoryA
VirtualProtect
VirtualAlloc
DuplicateHandle
GetModuleHandleA

advapi32

CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
RegQueryValueExA
RegOpenKeyExA
RegCloseKey

rpcrt4

UuidCreate

Exports

Exports

DbgHelpCreateUserDump
DbgHelpCreateUserDumpW
EnumDirTree
EnumDirTreeW
EnumerateLoadedModules
EnumerateLoadedModules64
EnumerateLoadedModulesEx
EnumerateLoadedModulesExW
EnumerateLoadedModulesW64
ExtensionApiVersion
FindDebugInfoFile
FindDebugInfoFileEx
FindDebugInfoFileExW
FindExecutableImage
FindExecutableImageEx
FindExecutableImageExW
FindFileInPath
FindFileInSearchPath
GetTimestampForLoadedLibrary
ImageDirectoryEntryToData
ImageDirectoryEntryToDataEx
ImageNtHeader
ImageRvaToSection
ImageRvaToVa
ImagehlpApiVersion
ImagehlpApiVersionEx
MakeSureDirectoryPathExists
MapDebugInformation
MiniDumpReadDumpStream
MiniDumpWriteDump
SearchTreeForFile
SearchTreeForFileW
StackWalk
StackWalk64
SymAddSourceStream
SymAddSourceStreamA
SymAddSourceStreamW
SymAddSymbol
SymAddSymbolW
SymCleanup
SymDeleteSymbol
SymDeleteSymbolW
SymEnumLines
SymEnumLinesW
SymEnumProcesses
SymEnumSourceFileTokens
SymEnumSourceFiles
SymEnumSourceFilesW
SymEnumSourceLines
SymEnumSourceLinesW
SymEnumSym
SymEnumSymbols
SymEnumSymbolsForAddr
SymEnumSymbolsForAddrW
SymEnumSymbolsW
SymEnumTypes
SymEnumTypesByName
SymEnumTypesByNameW
SymEnumTypesW
SymEnumerateModules
SymEnumerateModules64
SymEnumerateModulesW64
SymEnumerateSymbols
SymEnumerateSymbols64
SymEnumerateSymbolsW
SymEnumerateSymbolsW64
SymFindDebugInfoFile
SymFindDebugInfoFileW
SymFindExecutableImage
SymFindExecutableImageW
SymFindFileInPath
SymFindFileInPathW
SymFromAddr
SymFromAddrW
SymFromIndex
SymFromIndexW
SymFromName
SymFromNameW
SymFromToken
SymFromTokenW
SymFunctionTableAccess
SymFunctionTableAccess64
SymGetFileLineOffsets64
SymGetHomeDirectory
SymGetHomeDirectoryW
SymGetLineFromAddr
SymGetLineFromAddr64
SymGetLineFromAddrW64
SymGetLineFromName
SymGetLineFromName64
SymGetLineFromNameW64
SymGetLineNext
SymGetLineNext64
SymGetLineNextW64
SymGetLinePrev
SymGetLinePrev64
SymGetLinePrevW64
SymGetModuleBase
SymGetModuleBase64
SymGetModuleInfo
SymGetModuleInfo64
SymGetModuleInfoW
SymGetModuleInfoW64
SymGetOmapBlockBase
SymGetOmaps
SymGetOptions
SymGetScope
SymGetScopeW
SymGetSearchPath
SymGetSearchPathW
SymGetSourceFile
SymGetSourceFileFromToken
SymGetSourceFileFromTokenW
SymGetSourceFileToken
SymGetSourceFileTokenW
SymGetSourceFileW
SymGetSourceVarFromToken
SymGetSourceVarFromTokenW
SymGetSymFromAddr
SymGetSymFromAddr64
SymGetSymFromName
SymGetSymFromName64
SymGetSymNext
SymGetSymNext64
SymGetSymPrev
SymGetSymPrev64
SymGetSymbolFile
SymGetSymbolFileW
SymGetTypeFromName
SymGetTypeFromNameW
SymGetTypeInfo
SymGetTypeInfoEx
SymGetUnwindInfo
SymInitialize
SymInitializeW
SymLoadModule
SymLoadModule64
SymLoadModuleEx
SymLoadModuleExW
SymMatchFileName
SymMatchFileNameW
SymMatchString
SymMatchStringA
SymMatchStringW
SymNext
SymNextW
SymPrev
SymPrevW
SymRefreshModuleList
SymRegisterCallback
SymRegisterCallback64
SymRegisterCallbackW64
SymRegisterFunctionEntryCallback
SymRegisterFunctionEntryCallback64
SymSearch
SymSearchW
SymSetContext
SymSetHomeDirectory
SymSetHomeDirectoryW
SymSetOptions
SymSetParentWindow
SymSetScopeFromAddr
SymSetScopeFromIndex
SymSetSearchPath
SymSetSearchPathW
SymSrvDeltaName
SymSrvDeltaNameW
SymSrvGetFileIndexInfo
SymSrvGetFileIndexInfoW
SymSrvGetFileIndexString
SymSrvGetFileIndexStringW
SymSrvGetFileIndexes
SymSrvGetFileIndexesW
SymSrvGetSupplement
SymSrvGetSupplementW
SymSrvIsStore
SymSrvIsStoreW
SymSrvStoreFile
SymSrvStoreFileW
SymSrvStoreSupplement
SymSrvStoreSupplementW
SymUnDName
SymUnDName64
SymUnloadModule
SymUnloadModule64
UnDecorateSymbolName
UnDecorateSymbolNameW
UnmapDebugInformation
WinDbgExtensionDllInit
block
chksym
dbghelp
dh
fptr
homedir
itoldyouso
lmi
lminfo
omap
srcfiles
stack_force_ebp
stackdbg
sym
symsrv
vc7fpo

Sections

.text
Size: 936KB - Virtual size: 935KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 992B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
libEGL.dll
.dll windows x86

Password: 1896

48c72c12b3685003a84e2caf235b2330

Code Sign

e4:12:82:66:79:32:d8:54:6f:96:d4:d4:62:32:c0:6f
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09/09/2019, 00:00

Not After

08/09/2024, 23:59

Subject

CN=Artem Shevchenko,O=Artem Shevchenko,POSTALCODE=04050,STREET=Melnikova st. 15\, 5 apt.,L=Kiev,ST=Kiev,C=UA

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/11/2018, 00:00

Not After

31/12/2030, 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

2b:73:db:74:63:11:4c:5a:5b:32:4a:f2:30:57:72:49
Certificate

Issuer

CN=COMODO Time Stamping CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

02/05/2019, 00:00

Not After

30/05/2020, 10:48

Subject

CN=Sectigo SHA-1 Time Stamping Signer,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

62:5c:4d:90:8c:d5:42:fb:ab:2e:a5:73:3f:f1:54:19
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

27/04/2011, 00:00

Not After

30/05/2020, 10:48

Subject

CN=COMODO Time Stamping CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

42:1a:f2:94:09:84:19:1f:52:0a:4b:c6:24:26:a7:4b
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

07/06/2005, 08:09

Not After

30/05/2020, 10:48

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

fd:86:6f:d5:3e:03:39:78:5d:dc:76:c5:2a:2b:ad:5d:d5:81:ff:08
Signer

Actual PE Digest

fd:86:6f:d5:3e:03:39:78:5d:dc:76:c5:2a:2b:ad:5d:d5:81:ff:08

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

true

Verification

Signing Certificate

CN=Artem Shevchenko,O=Artem Shevchenko,POSTALCODE=04050,STREET=Melnikova st. 15\, 5 apt.,L=Kiev,ST=Kiev,C=UA

09/09/2019, 06:53
Valid: true

Chain 1

CN=Artem Shevchenko,O=Artem Shevchenko,POSTALCODE=04050,STREET=Melnikova st. 15\, 5 apt.,L=Kiev,ST=Kiev,C=UA

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

libglesv2

?SwapInterval@egl@@YGIPAXH@Z
?BindAPI@egl@@YGII@Z
?QueryAPI@egl@@YGIXZ
?CreatePbufferFromClientBuffer@egl@@YGPAXPAXI00PBH@Z
?ReleaseThread@egl@@YGIXZ
?WaitClient@egl@@YGIXZ
?GetCurrentContext@egl@@YGPAXXZ
?CreateSync@egl@@YGPAXPAXIPBH@Z
?DestroySync@egl@@YGIPAX0@Z
?ClientWaitSync@egl@@YGHPAX0H_K@Z
?SurfaceAttrib@egl@@YGIPAX0HH@Z
?CreateImage@egl@@YGPAXPAX0I0PBH@Z
?DestroyImage@egl@@YGIPAX0@Z
?GetPlatformDisplay@egl@@YGPAXIPAXPBH@Z
?CreatePlatformWindowSurface@egl@@YGPAXPAX00PBH@Z
?CreatePlatformPixmapSurface@egl@@YGPAXPAX00PBH@Z
?WaitSync@egl@@YGIPAX0H@Z
?QuerySurfacePointerANGLE@egl@@YGIPAX0HPAPAX@Z
?PostSubBufferNV@egl@@YGIPAX0HHHH@Z
?GetPlatformDisplayEXT@egl@@YGPAXIPAXPBH@Z
?ReleaseTexImage@egl@@YGIPAX0H@Z
?BindTexImage@egl@@YGIPAX0H@Z
?WaitNative@egl@@YGIH@Z
?WaitGL@egl@@YGIXZ
?Terminate@egl@@YGIPAX@Z
?SwapBuffers@egl@@YGIPAX0@Z
?QuerySurface@egl@@YGIPAX0HPAH@Z
?QueryString@egl@@YGPBDPAXH@Z
?QueryContext@egl@@YGIPAX0HPAH@Z
?MakeCurrent@egl@@YGIPAX000@Z
?Initialize@egl@@YGIPAXPAH1@Z
?GetProcAddress@egl@@YGP6AXXZPBD@Z
?GetError@egl@@YGHXZ
?GetDisplay@egl@@YGPAXPAUHDC__@@@Z
?GetCurrentSurface@egl@@YGPAXH@Z
?GetConfigs@egl@@YGIPAXPAPAXHPAH@Z
?GetCurrentDisplay@egl@@YGPAXXZ
?GetConfigAttrib@egl@@YGIPAX0HPAH@Z
?DestroySurface@egl@@YGIPAX0@Z
?DestroyContext@egl@@YGIPAX0@Z
?CreateWindowSurface@egl@@YGPAXPAX0PAUHWND__@@PBH@Z
?CreatePixmapSurface@egl@@YGPAXPAX0PAUHBITMAP__@@PBH@Z
?CreatePbufferSurface@egl@@YGPAXPAX0PBH@Z
?CreateContext@egl@@YGPAXPAX00PBH@Z
?CopyBuffers@egl@@YGIPAX0PAUHBITMAP__@@@Z
?GetSyncAttrib@egl@@YGIPAX0HPAH@Z
?ChooseConfig@egl@@YGIPAXPBHPAPAXHPAH@Z

msvcr120

__crtTerminateProcess
_crt_debugger_hook
_except_handler4_common
__clean_type_info_names_internal
_onexit
__dllonexit
_calloc_crt
_unlock
_lock
_initterm_e
_initterm
_malloc_crt
free
_amsg_exit
__CppXcptFilter
__crtUnhandledException

kernel32

IsDebuggerPresent
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
DecodePointer
EncodePointer
IsProcessorFeaturePresent

Exports

Exports

eglBindAPI
eglBindTexImage
eglChooseConfig
eglClientWaitSync
eglCopyBuffers
eglCreateContext
eglCreateImage
eglCreatePbufferFromClientBuffer
eglCreatePbufferSurface
eglCreatePixmapSurface
eglCreatePlatformPixmapSurface
eglCreatePlatformWindowSurface
eglCreateSync
eglCreateWindowSurface
eglDestroyContext
eglDestroyImage
eglDestroySurface
eglDestroySync
eglGetConfigAttrib
eglGetConfigs
eglGetCurrentContext
eglGetCurrentDisplay
eglGetCurrentSurface
eglGetDisplay
eglGetError
eglGetPlatformDisplay
eglGetPlatformDisplayEXT
eglGetProcAddress
eglGetSyncAttrib
eglInitialize
eglMakeCurrent
eglPostSubBufferNV
eglQueryAPI
eglQueryContext
eglQueryString
eglQuerySurface
eglQuerySurfacePointerANGLE
eglReleaseTexImage
eglReleaseThread
eglSurfaceAttrib
eglSwapBuffers
eglSwapInterval
eglTerminate
eglWaitClient
eglWaitGL
eglWaitNative
eglWaitSync

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 852B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 388B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
newsocket.data
opengl32sw.dll
.dll windows x86

55466abe52f1bf0d8df45beaffd68bf3

Code Sign

e4:12:82:66:79:32:d8:54:6f:96:d4:d4:62:32:c0:6f
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09/09/2019, 00:00

Not After

08/09/2024, 23:59

Subject

CN=Artem Shevchenko,O=Artem Shevchenko,POSTALCODE=04050,STREET=Melnikova st. 15\, 5 apt.,L=Kiev,ST=Kiev,C=UA

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/11/2018, 00:00

Not After

31/12/2030, 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

2b:73:db:74:63:11:4c:5a:5b:32:4a:f2:30:57:72:49
Certificate

Issuer

CN=COMODO Time Stamping CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

02/05/2019, 00:00

Not After

30/05/2020, 10:48

Subject

CN=Sectigo SHA-1 Time Stamping Signer,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

62:5c:4d:90:8c:d5:42:fb:ab:2e:a5:73:3f:f1:54:19
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

27/04/2011, 00:00

Not After

30/05/2020, 10:48

Subject

CN=COMODO Time Stamping CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

42:1a:f2:94:09:84:19:1f:52:0a:4b:c6:24:26:a7:4b
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

07/06/2005, 08:09

Not After

30/05/2020, 10:48

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

b9:8c:ed:1b:1a:19:58:27:d0:c9:30:43:33:50:8d:a3:6a:eb:2b:84
Signer

Actual PE Digest

b9:8c:ed:1b:1a:19:58:27:d0:c9:30:43:33:50:8d:a3:6a:eb:2b:84

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

true

Verification

Signing Certificate

CN=Artem Shevchenko,O=Artem Shevchenko,POSTALCODE=04050,STREET=Melnikova st. 15\, 5 apt.,L=Kiev,ST=Kiev,C=UA

09/09/2019, 06:54
Valid: true

Chain 1

CN=Artem Shevchenko,O=Artem Shevchenko,POSTALCODE=04050,STREET=Melnikova st. 15\, 5 apt.,L=Kiev,ST=Kiev,C=UA

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

imagehlp

SymGetSymFromAddr64
SymInitialize
SymGetLineFromAddr64
SymGetModuleBase64
SymFunctionTableAccess64
SymSetOptions
StackWalk64
EnumerateLoadedModules

shell32

CommandLineToArgvW

advapi32

CryptReleaseContext
CryptGenRandom
CryptAcquireContextW

gdi32

GetPixelFormat
StretchDIBits
SetPixelFormat

user32

UnhookWindowsHookEx
ClientToScreen
GetWindowRect
SetWindowsHookExA
GetClientRect
WindowFromDC
GetDC
ReleaseDC
CallNextHookEx
RegisterClassA
LoadCursorA
AdjustWindowRectEx
DefWindowProcA
CreateWindowExA
LoadIconA
DestroyWindow

kernel32

LCMapStringW
CompareStringW
GetTimeFormatW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetStringTypeW
SetFilePointer
FindFirstFileW
GetDateFormatW
OutputDebugStringW
WriteConsoleW
GetTimeZoneInformation
SetFilePointerEx
RaiseException
ReadConsoleW
RtlUnwind
FlushFileBuffers
GetCPInfo
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
TlsGetValue
TlsSetValue
Thread32First
Thread32Next
CreateToolhelp32Snapshot
GetCurrentThreadId
TlsAlloc
CloseHandle
GetCurrentProcessId
TlsFree
SetLastError
OutputDebugStringA
WaitForSingleObject
CreateSemaphoreA
ReleaseSemaphore
GetExitCodeThread
QueryPerformanceCounter
Sleep
QueryPerformanceFrequency
GetSystemInfo
GetConsoleWindow
IsDebuggerPresent
FreeLibrary
GetProcAddress
LoadLibraryA
VirtualFree
VirtualAlloc
InterlockedIncrement
InterlockedDecrement
InterlockedExchangeAdd
InterlockedCompareExchange
TryEnterCriticalSection
LocalFree
GetCurrentProcess
GetLastError
FormatMessageA
LoadLibraryW
FlushInstructionCache
VirtualProtect
VirtualQuery
GetFileInformationByHandle
GetFileType
ReadFile
FindClose
SetFileTime
MapViewOfFile
UnmapViewOfFile
CreateFileMappingW
GetModuleFileNameW
GetModuleHandleW
GetTempPathW
GetCurrentDirectoryW
CreateDirectoryW
RemoveDirectoryW
CreateFileW
GetFileAttributesW
DeleteFileW
GetOEMCP
FindNextFileW
MoveFileExW
CreateHardLinkW
MultiByteToWideChar
WideCharToMultiByte
SetUnhandledExceptionFilter
GetCurrentThread
SetErrorMode
SetConsoleCtrlHandler
GetSystemTimeAsFileTime
GetProcessTimes
GetStdHandle
GetCommandLineW
GetEnvironmentVariableW
GetConsoleMode
GetConsoleScreenBufferInfo
SetConsoleTextAttribute
TerminateProcess
GetExitCodeProcess
DuplicateHandle
CreateProcessW
SearchPathW
CreateJobObjectW
AssignProcessToJobObject
SetInformationJobObject
GetCommandLineA
HeapFree
EncodePointer
DecodePointer
ExitProcess
GetModuleHandleExW
AreFileApisANSI
HeapAlloc
IsProcessorFeaturePresent
HeapReAlloc
CreateThread
ExitThread
LoadLibraryExW
SetEndOfFile
GetProcessHeap
SetStdHandle
InitializeCriticalSectionAndSpinCount
HeapValidate
HeapWalk
InterlockedExchange
GetStartupInfoW
GetModuleFileNameA
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
CreateSemaphoreW
HeapSize
HeapQueryInformation
WriteFile
GetConsoleCP
FatalAppExitA
IsValidCodePage
GetACP
SetEnvironmentVariableA

Exports

Exports

DrvCopyContext
DrvCreateContext
DrvCreateLayerContext
DrvDeleteContext
DrvDescribeLayerPlane
DrvDescribePixelFormat
DrvGetLayerPaletteEntries
DrvGetProcAddress
DrvPresentBuffers
DrvRealizeLayerPalette
DrvReleaseContext
DrvSetCallbackProcs
DrvSetContext
DrvSetLayerPaletteEntries
DrvSetPixelFormat
DrvShareLists
DrvSwapBuffers
DrvSwapLayerBuffers
DrvValidateVersion
_glActiveProgramEXT@4
_glActiveTexture@4
_glActiveTextureARB@4
_glAlphaFragmentOp1ATI@24
_glAlphaFragmentOp2ATI@36
_glAlphaFragmentOp3ATI@48
_glAlphaFuncx@8
_glAreProgramsResidentNV@12
_glAreTexturesResidentEXT@12
_glArrayElementEXT@4
_glAttachObjectARB@8
_glAttachShader@8
_glBeginConditionalRender@8
_glBeginConditionalRenderNV@8
_glBeginFragmentShaderATI@0
_glBeginPerfMonitorAMD@4
_glBeginQuery@8
_glBeginQueryARB@8
_glBeginQueryIndexed@12
_glBeginTransformFeedback@4
_glBeginTransformFeedbackEXT@4
_glBindAttribLocation@12
_glBindAttribLocationARB@12
_glBindBuffer@8
_glBindBufferARB@8
_glBindBufferBase@12
_glBindBufferBaseEXT@12
_glBindBufferOffsetEXT@16
_glBindBufferRange@20
_glBindBufferRangeEXT@20
_glBindBuffersBase@16
_glBindBuffersRange@24
_glBindFragDataLocation@12
_glBindFragDataLocationEXT@12
_glBindFragDataLocationIndexed@16
_glBindFragmentShaderATI@4
_glBindFramebuffer@8
_glBindFramebufferEXT@8
_glBindImageTexture@28
_glBindImageTextures@12
_glBindProgramARB@8
_glBindProgramNV@8
_glBindRenderbuffer@8
_glBindRenderbufferEXT@8
_glBindSampler@8
_glBindSamplers@12
_glBindTextureEXT@8
_glBindTextures@12
_glBindTransformFeedback@8
_glBindVertexArray@4
_glBindVertexBuffer@16
_glBindVertexBuffers@20
_glBlendColor@16
_glBlendColorEXT@16
_glBlendEquation@4
_glBlendEquationEXT@4
_glBlendEquationIndexedAMD@8
_glBlendEquationSeparate@8
_glBlendEquationSeparateIndexedAMD@12
_glBlendEquationSeparateiARB@12
_glBlendEquationiARB@8
_glBlendFuncIndexedAMD@12
_glBlendFuncSeparate@16
_glBlendFuncSeparateEXT@16
_glBlendFuncSeparateIndexedAMD@20
_glBlendFuncSeparateiARB@20
_glBlendFunciARB@12
_glBlitFramebuffer@40
_glBufferData@16
_glBufferDataARB@16
_glBufferStorage@16
_glBufferSubData@16
_glBufferSubDataARB@16
_glCheckFramebufferStatus@4
_glCheckFramebufferStatusEXT@4
_glClampColor@8
_glClampColorARB@8
_glClearBufferData@20
_glClearBufferSubData@28
_glClearBufferfi@16
_glClearBufferfv@12
_glClearBufferiv@12
_glClearBufferuiv@12
_glClearColorIiEXT@16
_glClearColorIuiEXT@16
_glClearColorx@16
_glClearDepthf@4
_glClearDepthx@4
_glClientActiveTexture@4
_glClientActiveTextureARB@4
_glClientWaitSync@16
_glClipPlanef@8
_glClipPlanex@8
_glColor4x@16
_glColorFragmentOp1ATI@28
_glColorFragmentOp2ATI@40
_glColorFragmentOp3ATI@52
_glColorMaskIndexedEXT@20
_glColorMaski@20
_glColorP3ui@8
_glColorP3uiv@8
_glColorP4ui@8
_glColorP4uiv@8
_glColorPointerEXT@20
_glColorSubTable@24
_glColorTable@24
_glColorTableEXT@24
_glColorTableParameterfv@12
_glColorTableParameteriv@12
_glCompileShader@4
_glCompileShaderARB@4
_glCompressedTexImage1D@28
_glCompressedTexImage1DARB@28
_glCompressedTexImage2D@32
_glCompressedTexImage2DARB@32
_glCompressedTexImage3D@36
_glCompressedTexImage3DARB@36
_glCompressedTexSubImage1D@28
_glCompressedTexSubImage1DARB@28
_glCompressedTexSubImage2D@36
_glCompressedTexSubImage2DARB@36
_glCompressedTexSubImage3D@44
_glCompressedTexSubImage3DARB@44
_glConvolutionFilter1D@24
_glConvolutionFilter2D@28
_glConvolutionParameterf@12
_glConvolutionParameterfv@12
_glConvolutionParameteri@12
_glConvolutionParameteriv@12
_glCopyBufferSubData@20
_glCopyColorSubTable@20
_glCopyColorTable@20
_glCopyConvolutionFilter1D@20
_glCopyConvolutionFilter2D@24
_glCopyTexImage1DEXT@28
_glCopyTexImage2DEXT@32
_glCopyTexSubImage1DEXT@24
_glCopyTexSubImage2DEXT@32
_glCopyTexSubImage3D@36
_glCopyTexSubImage3DEXT@36
_glCreateProgram@0
_glCreateProgramObjectARB@0
_glCreateShader@4
_glCreateShaderObjectARB@4
_glCreateShaderProgramEXT@8
_glDebugMessageCallback@8
_glDebugMessageCallbackARB@8
_glDebugMessageControl@24
_glDebugMessageControlARB@24
_glDebugMessageInsert@24
_glDebugMessageInsertARB@24
_glDeleteBuffers@8
_glDeleteBuffersARB@8
_glDeleteFragmentShaderATI@4
_glDeleteFramebuffers@8
_glDeleteFramebuffersEXT@8
_glDeleteObjectARB@4
_glDeletePerfMonitorsAMD@8
_glDeleteProgram@4
_glDeleteProgramsARB@8
_glDeleteProgramsNV@8
_glDeleteQueries@8
_glDeleteQueriesARB@8
_glDeleteRenderbuffers@8
_glDeleteRenderbuffersEXT@8
_glDeleteSamplers@8
_glDeleteShader@4
_glDeleteSync@4
_glDeleteTexturesEXT@8
_glDeleteTransformFeedbacks@8
_glDeleteVertexArrays@8
_glDepthRangeArrayv@12
_glDepthRangeIndexed@20
_glDepthRangef@8
_glDepthRangex@8
_glDetachObjectARB@8
_glDetachShader@8
_glDisableIndexedEXT@8
_glDisableVertexAttribArray@4
_glDisableVertexAttribArrayARB@4
_glDisablei@8
_glDispatchCompute@12
_glDispatchComputeIndirect@4
_glDrawArraysEXT@12
_glDrawArraysIndirect@8
_glDrawArraysInstanced@16
_glDrawArraysInstancedARB@16
_glDrawArraysInstancedBaseInstance@20
_glDrawArraysInstancedEXT@16
_glDrawBuffers@8
_glDrawBuffersARB@8
_glDrawBuffersATI@8
_glDrawElementsBaseVertex@20
_glDrawElementsIndirect@12
_glDrawElementsInstanced@20
_glDrawElementsInstancedARB@20
_glDrawElementsInstancedBaseInstance@24
_glDrawElementsInstancedBaseVertex@24
_glDrawElementsInstancedBaseVertexBaseInstance@28
_glDrawElementsInstancedEXT@20
_glDrawRangeElements@24
_glDrawRangeElementsBaseVertex@28
_glDrawRangeElementsEXT@24
_glDrawTransformFeedback@8
_glDrawTransformFeedbackInstanced@12
_glDrawTransformFeedbackStream@12
_glDrawTransformFeedbackStreamInstanced@16
_glEGLImageTargetRenderbufferStorageOES@8
_glEGLImageTargetTexture2DOES@8
_glEdgeFlagPointerEXT@12
_glEnableIndexedEXT@8
_glEnableVertexAttribArray@4
_glEnableVertexAttribArrayARB@4
_glEnablei@8
_glEndConditionalRender@0
_glEndConditionalRenderNV@0
_glEndFragmentShaderATI@0
_glEndPerfMonitorAMD@4
_glEndQuery@4
_glEndQueryARB@4
_glEndQueryIndexed@8
_glEndTransformFeedback@0
_glEndTransformFeedbackEXT@0
_glExecuteProgramNV@12
_glFenceSync@8
_glFlushMappedBufferRange@12
_glFogCoordPointer@12
_glFogCoordPointerEXT@12
_glFogCoordd@8
_glFogCoorddEXT@8
_glFogCoorddv@4
_glFogCoorddvEXT@4
_glFogCoordf@4
_glFogCoordfEXT@4
_glFogCoordfv@4
_glFogCoordfvEXT@4
_glFogx@8
_glFogxv@8
_glFramebufferRenderbuffer@16
_glFramebufferRenderbufferEXT@16
_glFramebufferTexture1D@20
_glFramebufferTexture1DEXT@20
_glFramebufferTexture2D@20
_glFramebufferTexture2DEXT@20
_glFramebufferTexture3D@24
_glFramebufferTexture3DEXT@24
_glFramebufferTexture@16
_glFramebufferTextureARB@16
_glFramebufferTextureFaceARB@20
_glFramebufferTextureLayer@20
_glFramebufferTextureLayerARB@20
_glFramebufferTextureLayerEXT@20
_glFrustumf@24
_glFrustumx@24
_glGenBuffers@8
_glGenBuffersARB@8
_glGenFragmentShadersATI@4
_glGenFramebuffers@8
_glGenFramebuffersEXT@8
_glGenPerfMonitorsAMD@8
_glGenProgramsARB@8
_glGenProgramsNV@8
_glGenQueries@8
_glGenQueriesARB@8
_glGenRenderbuffers@8
_glGenRenderbuffersEXT@8
_glGenSamplers@8
_glGenTexturesEXT@8
_glGenTransformFeedbacks@8
_glGenVertexArrays@8
_glGenerateMipmap@4
_glGenerateMipmapEXT@4
_glGetActiveAtomicCounterBufferiv@16
_glGetActiveAttrib@28
_glGetActiveAttribARB@28
_glGetActiveUniform@28
_glGetActiveUniformARB@28
_glGetActiveUniformBlockName@20
_glGetActiveUniformBlockiv@16
_glGetActiveUniformName@20
_glGetActiveUniformsiv@20
_glGetAttachedObjectsARB@16
_glGetAttachedShaders@16
_glGetAttribLocation@8
_glGetAttribLocationARB@8
_glGetBooleanIndexedvEXT@12
_glGetBooleani_v@12
_glGetBufferParameteri64v@12
_glGetBufferParameteriv@12
_glGetBufferParameterivARB@12
_glGetBufferPointerv@12
_glGetBufferPointervARB@12
_glGetBufferSubData@16
_glGetBufferSubDataARB@16
_glGetClipPlanef@8
_glGetClipPlanex@8
_glGetColorTable@16
_glGetColorTableEXT@16
_glGetColorTableParameterfv@12
_glGetColorTableParameterfvEXT@12
_glGetColorTableParameteriv@12
_glGetColorTableParameterivEXT@12
_glGetCompressedTexImage@12
_glGetCompressedTexImageARB@12
_glGetConvolutionFilter@16
_glGetConvolutionParameterfv@12
_glGetConvolutionParameteriv@12
_glGetDebugMessageLog@32
_glGetDebugMessageLogARB@32
_glGetDoublei_v@12
_glGetFixedv@8
_glGetFloati_v@12
_glGetFragDataIndex@8
_glGetFragDataLocation@8
_glGetFragDataLocationEXT@8
_glGetFramebufferAttachmentParameteriv@16
_glGetFramebufferAttachmentParameterivEXT@16
_glGetGraphicsResetStatusARB@0
_glGetHandleARB@4
_glGetHistogram@20
_glGetHistogramParameterfv@12
_glGetHistogramParameteriv@12
_glGetInfoLogARB@16
_glGetInteger64i_v@12
_glGetInteger64v@8
_glGetIntegerIndexedvEXT@12
_glGetIntegeri_v@12
_glGetLightxv@12
_glGetMaterialxv@12
_glGetMinmax@20
_glGetMinmaxParameterfv@12
_glGetMinmaxParameteriv@12
_glGetMultisamplefv@12
_glGetObjectLabel@20
_glGetObjectParameterfvARB@12
_glGetObjectParameterivAPPLE@16
_glGetObjectParameterivARB@12
_glGetObjectPtrLabel@16
_glGetPerfMonitorCounterDataAMD@20
_glGetPerfMonitorCounterInfoAMD@16
_glGetPerfMonitorCounterStringAMD@20
_glGetPerfMonitorCountersAMD@20
_glGetPerfMonitorGroupStringAMD@16
_glGetPerfMonitorGroupsAMD@12
_glGetPointervEXT@8
_glGetProgramBinary@20
_glGetProgramEnvParameterdvARB@12
_glGetProgramEnvParameterfvARB@12
_glGetProgramInfoLog@16
_glGetProgramLocalParameterdvARB@12
_glGetProgramLocalParameterfvARB@12
_glGetProgramNamedParameterdvNV@16
_glGetProgramNamedParameterfvNV@16
_glGetProgramParameterdvNV@16
_glGetProgramParameterfvNV@16
_glGetProgramStringARB@12
_glGetProgramStringNV@12
_glGetProgramiv@12
_glGetProgramivARB@12
_glGetProgramivNV@12
_glGetQueryIndexediv@16
_glGetQueryObjectiv@12
_glGetQueryObjectivARB@12
_glGetQueryObjectuiv@12
_glGetQueryObjectuivARB@12
_glGetQueryiv@12
_glGetQueryivARB@12
_glGetRenderbufferParameteriv@12
_glGetRenderbufferParameterivEXT@12
_glGetSamplerParameterIiv@12
_glGetSamplerParameterIuiv@12
_glGetSamplerParameterfv@12
_glGetSamplerParameteriv@12
_glGetSeparableFilter@24
_glGetShaderInfoLog@16
_glGetShaderPrecisionFormat@16
_glGetShaderSource@16
_glGetShaderSourceARB@16
_glGetShaderiv@12
_glGetStringi@8
_glGetSynciv@20
_glGetTexBumpParameterfvATI@8
_glGetTexBumpParameterivATI@8
_glGetTexEnvxv@12
_glGetTexParameterIiv@12
_glGetTexParameterIivEXT@12
_glGetTexParameterIuiv@12
_glGetTexParameterIuivEXT@12
_glGetTexParameterxv@12
_glGetTrackMatrixivNV@16
_glGetTransformFeedbackVarying@28
_glGetTransformFeedbackVaryingEXT@28
_glGetUniformBlockIndex@8
_glGetUniformIndices@16
_glGetUniformLocation@8
_glGetUniformLocationARB@8
_glGetUniformfv@12
_glGetUniformfvARB@12
_glGetUniformiv@12
_glGetUniformivARB@12
_glGetUniformuiv@12
_glGetUniformuivEXT@12
_glGetVertexAttribIiv@12
_glGetVertexAttribIivEXT@12
_glGetVertexAttribIuiv@12
_glGetVertexAttribIuivEXT@12
_glGetVertexAttribPointerv@12
_glGetVertexAttribPointervARB@12
_glGetVertexAttribPointervNV@12
_glGetVertexAttribdv@12
_glGetVertexAttribdvARB@12
_glGetVertexAttribdvNV@12
_glGetVertexAttribfv@12
_glGetVertexAttribfvARB@12
_glGetVertexAttribfvNV@12
_glGetVertexAttribiv@12
_glGetVertexAttribivARB@12
_glGetVertexAttribivNV@12
_glGetnColorTableARB@20
_glGetnCompressedTexImageARB@16
_glGetnConvolutionFilterARB@20
_glGetnHistogramARB@24
_glGetnMapdvARB@16
_glGetnMapfvARB@16
_glGetnMapivARB@16
_glGetnMinmaxARB@24
_glGetnPixelMapfvARB@12
_glGetnPixelMapuivARB@12
_glGetnPixelMapusvARB@12
_glGetnPolygonStippleARB@8
_glGetnSeparableFilterARB@32
_glGetnTexImageARB@24
_glGetnUniformdvARB@16
_glGetnUniformfvARB@16
_glGetnUniformivARB@16
_glGetnUniformuivARB@16
_glHistogram@16
_glIndexPointerEXT@16
_glInvalidateBufferData@4
_glInvalidateBufferSubData@12
_glInvalidateFramebuffer@12
_glInvalidateSubFramebuffer@28
_glInvalidateTexImage@8
_glInvalidateTexSubImage@32
_glIsBuffer@4
_glIsBufferARB@4
_glIsEnabledIndexedEXT@8
_glIsEnabledi@8
_glIsFramebuffer@4
_glIsFramebufferEXT@4
_glIsProgram@4
_glIsProgramARB@4
_glIsProgramNV@4
_glIsQuery@4
_glIsQueryARB@4
_glIsRenderbuffer@4
_glIsRenderbufferEXT@4
_glIsSampler@4
_glIsShader@4
_glIsSync@4
_glIsTextureEXT@4
_glIsTransformFeedback@4
_glIsVertexArray@4
_glLightModelx@8
_glLightModelxv@8
_glLightx@12
_glLightxv@12
_glLineWidthx@4
_glLinkProgram@4
_glLinkProgramARB@4
_glLoadMatrixx@4
_glLoadProgramNV@16
_glLoadTransposeMatrixd@4
_glLoadTransposeMatrixdARB@4
_glLoadTransposeMatrixf@4
_glLoadTransposeMatrixfARB@4
_glLockArraysEXT@8
_glMapBuffer@8
_glMapBufferARB@8
_glMapBufferRange@16
_glMaterialx@12

Sections

.text
Size: 10.6MB - Virtual size: 10.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3.2MB - Virtual size: 3.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 59KB - Virtual size: 421KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 572KB - Virtual size: 571KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
qt_de.qm
qt_fr.qm
qt_ru.qm
qt_uk.qm
readme.txt
udate-settings.ini
udpater.ini

Sharing

General

Malware Config

Signatures

Files

Password: 1896

Password: 1896

c8820c92458429ac52b291ca51bad0e4

Code Sign

02:ac:5c:26:6a:0b:40:9b:8f:0b:79:f2:ae:46:25:77Certificate

Key Usages

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:ddCertificate

Extended Key Usages

Key Usages

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate

Extended Key Usages

Key Usages

03:55:db:cf:a2:75:1e:85:ba:b8:2f:2a:ea:1c:f2:e8Certificate

Extended Key Usages

Key Usages

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06Certificate

Extended Key Usages

Key Usages

02:ac:5c:26:6a:0b:40:9b:8f:0b:79:f2:ae:46:25:77Certificate

Key Usages

02:d6:da:1a:da:8f:d6:b3:69:a2:ea:e1:6a:07:31:efCertificate

Extended Key Usages

Key Usages

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5cCertificate

Extended Key Usages

Key Usages

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:ddCertificate

Extended Key Usages

Key Usages

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate

Extended Key Usages

Key Usages

24:c2:ef:fc:08:27:a1:fb:4b:f8:58:8b:3e:f5:7e:3c:b5:71:4e:26:20:7b:ed:13:a8:4a:0f:30:7b:4b:50:94Signer

Signature Validations

Verification

14/03/2021, 05:27 Valid: true

Chain 1

37:3f:c6:23:c3:cf:ff:ba:35:17:70:cb:48:f8:d5:ed:57:d9:b5:83Signer

Signature Validations

Verification

14/03/2021, 05:27 Valid: false

Headers

File Characteristics

Imports

kernel32

version

user32

oleaut32

netapi32

advapi32

Exports

Exports

Sections

.text Size: 164KB - Virtual size: 164KB

.data Size: 19KB - Virtual size: 18KB

.bss Size: - Virtual size: 41KB

.idata Size: 3KB - Virtual size: 3KB

.didata Size: 1024B - Virtual size: 608B

.edata Size: 512B - Virtual size: 153B

.rdata Size: 512B - Virtual size: 69B

.reloc Size: 8KB - Virtual size: 7KB

.pdata Size: 9KB - Virtual size: 8KB

.rsrc Size: 5KB - Virtual size: 5KB

Password: 1896

8f734ad2a2d1a7b5910aa87f16fd104e

Code Sign

e4:12:82:66:79:32:d8:54:6f:96:d4:d4:62:32:c0:6fCertificate

Extended Key Usages

Key Usages

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6aCertificate

Extended Key Usages

Key Usages

2b:73:db:74:63:11:4c:5a:5b:32:4a:f2:30:57:72:49Certificate

Extended Key Usages

Key Usages

02:ac:5c:26:6a:0b:40:9b:8f:0b:79:f2:ae:46:25:77
Certificate

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

03:55:db:cf:a2:75:1e:85:ba:b8:2f:2a:ea:1c:f2:e8
Certificate

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

02:ac:5c:26:6a:0b:40:9b:8f:0b:79:f2:ae:46:25:77
Certificate

02:d6:da:1a:da:8f:d6:b3:69:a2:ea:e1:6a:07:31:ef
Certificate

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

24:c2:ef:fc:08:27:a1:fb:4b:f8:58:8b:3e:f5:7e:3c:b5:71:4e:26:20:7b:ed:13:a8:4a:0f:30:7b:4b:50:94
Signer

14/03/2021, 05:27
Valid: true

37:3f:c6:23:c3:cf:ff:ba:35:17:70:cb:48:f8:d5:ed:57:d9:b5:83
Signer

14/03/2021, 05:27
Valid: false

.text
Size: 164KB - Virtual size: 164KB

.data
Size: 19KB - Virtual size: 18KB

.bss
Size: - Virtual size: 41KB

.idata
Size: 3KB - Virtual size: 3KB

.didata
Size: 1024B - Virtual size: 608B

.edata
Size: 512B - Virtual size: 153B

.rdata
Size: 512B - Virtual size: 69B

.reloc
Size: 8KB - Virtual size: 7KB

.pdata
Size: 9KB - Virtual size: 8KB

.rsrc
Size: 5KB - Virtual size: 5KB

e4:12:82:66:79:32:d8:54:6f:96:d4:d4:62:32:c0:6f
Certificate

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

2b:73:db:74:63:11:4c:5a:5b:32:4a:f2:30:57:72:49
Certificate

62:5c:4d:90:8c:d5:42:fb:ab:2e:a5:73:3f:f1:54:19
Certificate

42:1a:f2:94:09:84:19:1f:52:0a:4b:c6:24:26:a7:4b
Certificate

5e:15:e0:2a:05:a7:dc:0f:db:9c:69:e1:0b:c8:38:e3:6c:c3:a4:d0
Signer

09/09/2019, 06:55
Valid: true

.text
Size: 2.8MB - Virtual size: 2.8MB

.rdata
Size: 1.8MB - Virtual size: 1.8MB

.data
Size: 24KB - Virtual size: 35KB

_RDATA
Size: 512B - Virtual size: 48B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 137KB - Virtual size: 136KB

02:ac:5c:26:6a:0b:40:9b:8f:0b:79:f2:ae:46:25:77
Certificate

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

03:55:db:cf:a2:75:1e:85:ba:b8:2f:2a:ea:1c:f2:e8
Certificate

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

02:ac:5c:26:6a:0b:40:9b:8f:0b:79:f2:ae:46:25:77
Certificate

02:d6:da:1a:da:8f:d6:b3:69:a2:ea:e1:6a:07:31:ef
Certificate

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

b0:cc:3f:24:46:44:ec:82:4c:c8:ff:34:cb:ef:f9:20:7c:34:66:7b:41:c8:18:03:20:b8:d3:93:79:97:95:11
Signer

14/03/2021, 05:27
Valid: true

7e:40:70:c7:0f:a0:fd:b3:ad:e9:f6:20:8d:ff:a9:47:b6:2a:88:4e
Signer

14/03/2021, 05:27
Valid: false