Balsamiq[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

Balsamiq.zip
Size

50.0MB
MD5

cf8799b9eb78ed27fd4c690319929d8b
SHA1

8d66949e62d2a0cff806aed496325aa8edbeb4d6
SHA256

e1d795ae106a6a65d586da7805225649c2daf07e0432a55e185866c46711b0e3
SHA512

6ee8ee2643f245528f05eb5d6fa3d01500b946e9680fba18ded1091aab802dd57a8d08bdaf5e237f88fe5316a235813dc91aa95dbf17b360c0c78aed515187d8
SSDEEP

1572864:ZBRkKei8MJXDCgGtvzBUxcgUyS89yXuMq:ZBRnei8MJmbtvzBQUyS8weMq

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/Balsamiq/keygen.exe	upx

Files

Balsamiq.zip
.zip
Balsamiq/Balsamiq_Mockups_3.1.1_bundled.zip
.zip
Balsamiq_Mockups_3/Adobe AIR/Versions/1.0/Adobe AIR.dll
.dll windows x86

55825614bb3a835423a551c99e15b794

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

4d:4a:a1:fd:f2:6f:9f:33:53:d6:26:14:ed:a6:62:37
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

24/09/2012, 00:00

Not After

01/10/2015, 23:59

Subject

CN=Adobe Systems Incorporated,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Universal Client,O=Adobe Systems Incorporated,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7e:3f:0b:f8:35:b5:c1:de:eb:df:0e:48:54:e4:ea:ab:fa:5b:6b:4b
Signer

Actual PE Digest

7e:3f:0b:f8:35:b5:c1:de:eb:df:0e:48:54:e4:ea:ab:fa:5b:6b:4b

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Adobe Systems Incorporated,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Universal Client,O=Adobe Systems Incorporated,ST=California,C=US

23/11/2013, 02:01
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEnvironmentVariableA
CompareStringW
CompareStringA
GetTimeZoneInformation
HeapSize
LCMapStringW
LCMapStringA
GetStringTypeW
MultiByteToWideChar
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
RaiseException
InitializeCriticalSectionAndSpinCount
FreeLibrary
HeapReAlloc
VirtualAlloc
GetLocaleInfoA
GetLocaleInfoW
IsValidCodePage
IsDBCSLeadByte
GlobalUnlock
GlobalLock
SystemTimeToFileTime
GetLocalTime
GlobalAlloc
GlobalSize
GetDriveTypeW
GetVolumeInformationW
GetLogicalDriveStringsW
CloseHandle
CreateEventW
TerminateThread
SetEvent
ResetEvent
WaitForSingleObject
WaitForMultipleObjects
CreateWaitableTimerW
ExitThread
SetThreadPriority
CreateThread
GetSystemTime
GetSystemDirectoryA
GetVersionExW
QueryPerformanceFrequency
QueueUserAPC
OpenThread
SetCurrentDirectoryW
GetCurrentDirectoryW
GetSystemDirectoryW
SleepEx
GetProcessTimes
LoadLibraryW
ExpandEnvironmentStringsW
MoveFileExW
DeleteFileW
GetFileAttributesW
VirtualQuery
GetUserDefaultLangID
GetUserDefaultUILanguage
GlobalFree
SetFilePointer
CreateFileW
ReadFile
GetFileSize
CreateFileA
VerifyVersionInfoW
VerSetConditionMask
CreateProcessA
LockResource
LoadResource
FindResourceExA
FindResourceExW
GetModuleFileNameW
GetTempPathW
FindClose
FindNextFileW
FindFirstFileW
GetFileAttributesA
CreateDirectoryA
DeleteFileA
GetTempPathA
CreateMutexA
GetFileAttributesExW
GetFileInformationByHandle
GetLongPathNameW
GetTempFileNameW
GetFullPathNameW
ExpandEnvironmentStringsA
CreateProcessW
DeviceIoControl
OutputDebugStringA
GetTempFileNameA
GetVersionExA
CreateDirectoryW
RemoveDirectoryW
SetFilePointerEx
GetFileSizeEx
SetEndOfFile
FlushInstructionCache
CompareFileTime
LocalFree
ReleaseSemaphore
CreateSemaphoreW
SetNamedPipeHandleState
EndUpdateResourceW
BeginUpdateResourceW
UpdateResourceW
lstrlenA
GetExitCodeThread
DuplicateHandle
lstrlenW
OpenProcess
GetExitCodeProcess
GetOverlappedResult
ConnectNamedPipe
CreateNamedPipeA
GetModuleHandleA
GetCommandLineW
UnmapViewOfFile
ReleaseMutex
MapViewOfFile
CreateFileMappingA
GetComputerNameExW
CreateNamedPipeW
CancelIo
GetProcessHeap
GenerateConsoleCtrlEvent
FormatMessageW
SetHandleInformation
lstrcmpiW
SizeofResource
FindResourceW
LoadLibraryExW
SetThreadAffinityMask
VirtualProtect
FormatMessageA
CreateEventA
FlushFileBuffers
AreFileApisANSI
UnlockFile
LockFile
LockFileEx
UnlockFileEx
GetFullPathNameA
GetDiskFreeSpaceA
GetDiskFreeSpaceW
CreateFileMappingW
CreateWaitableTimerA
SetWaitableTimer
CancelWaitableTimer
InterlockedExchangeAdd
GetVersion
FileTimeToSystemTime
GetNumberFormatW
GetCurrencyFormatW
GetDateFormatW
GetTimeFormatW
EnumSystemLocalesW
GetProcessAffinityMask
GetNativeSystemInfo
LocalAlloc
lstrcpynW
GlobalMemoryStatus
FlushConsoleInputBuffer
SetStdHandle
FileTimeToLocalFileTime
GetDriveTypeA
FindFirstFileA
ReadConsoleInputA
SetConsoleMode
GetConsoleMode
GetConsoleCP
GetCurrentDirectoryA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
IsProcessorFeaturePresent
GetOEMCP
GetACP
GetCPInfo
LoadLibraryA
SetConsoleCtrlHandler
HeapAlloc
IsDebuggerPresent
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
VirtualFree
HeapDestroy
HeapCreate
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
ExitProcess
HeapFree
GetCurrentThread
GetLastError
SetLastError
TlsFree
TlsAlloc
GetProcAddress
GetModuleHandleW
GetModuleFileNameA
GetStdHandle
WriteFile
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlUnwind
GetCommandLineA
GetSystemInfo
SwitchToThread
TlsGetValue
TlsSetValue
GetCurrentThreadId
LeaveCriticalSection
EnterCriticalSection
TryEnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
InterlockedDecrement
InterlockedIncrement
InterlockedExchange
InterlockedCompareExchange
Sleep

ole32

RegisterDragDrop
OleGetClipboard
PropVariantClear
OleInitialize
OleUninitialize
OleSetClipboard
RevokeDragDrop
OleIsCurrentClipboard
OleFlushClipboard
ReleaseStgMedium
DoDragDrop
CoCreateInstance
CoInitialize
CoUninitialize
CoTaskMemFree
CreateStreamOnHGlobal
CoSetProxyBlanket
CoMarshalInterThreadInterfaceInStream
CoInitializeEx
CoGetInterfaceAndReleaseStream
CoTaskMemAlloc
CoTaskMemRealloc
MkParseDisplayName
CreateBindCtx
CoFreeUnusedLibraries

oleaut32

LoadRegTypeLi
SysStringLen
SysAllocStringLen
VariantInit
VariantClear
SysStringByteLen
SysAllocStringByteLen
SysAllocString
LoadTypeLi
VarUI4FromStr
SysFreeString

ws2_32

htonl
inet_ntoa
gethostbyname
accept
listen
gethostname
WSAEnumNetworkEvents
WSAEventSelect
WSACreateEvent
WSACloseEvent
recv
setsockopt
sendto
send
recvfrom
connect
bind
getpeername
getsockname
WSAAddressToStringA
ioctlsocket
select
WSAStartup
WSASocketW
socket
ntohl
WSAIoctl
WSAAsyncSelect
WSAGetLastError
inet_addr
closesocket
WSACleanup
getservbyname
htons
gethostbyaddr
getservbyport
ntohs
WSASetLastError

version

VerQueryValueW
VerQueryValueA
GetFileVersionInfoSizeW
GetFileVersionInfoW
GetFileVersionInfoSizeA
GetFileVersionInfoA

crypt32

CertVerifySubjectCertificateContext
CryptProtectData
CryptUnprotectData
CryptFindLocalizedName
CertGetEnhancedKeyUsage
CertAddEncodedCertificateToStore
CertDuplicateCertificateContext
CryptImportPublicKeyInfo
CertGetCertificateChain
CertFreeCertificateChain
CertCompareCertificateName
CertAddCertificateContextToStore
CertNameToStrW
CryptDecodeObjectEx
CertFindRDNAttr
CertRDNValueToStrW
CryptFindOIDInfo
CertEnumCertificatesInStore
CertCompareCertificate
CertVerifyTimeValidity
CertVerifyRevocation
CertOpenStore
CertAddStoreToCollection
CryptVerifyMessageSignature
CryptGetMessageCertificates
CertCreateCertificateContext
CertFindCertificateInStore
CertFreeCertificateContext
CertCloseStore

winmm

waveOutUnprepareHeader
mixerSetControlDetails
waveInGetPosition
waveOutPause
waveOutRestart
mixerGetControlDetailsA
mixerOpen
mixerGetDevCapsA
mixerGetLineInfoA
mixerGetLineControlsA
mixerClose
waveInMessage
waveOutMessage
waveOutGetDevCapsA
waveInGetDevCapsA
mixerGetID
waveInOpen
waveInPrepareHeader
waveInAddBuffer
waveInStart
waveInStop
waveInReset
waveInUnprepareHeader
waveInClose
waveInGetNumDevs
waveOutGetNumDevs
waveInGetDevCapsW
waveOutGetDevCapsW
waveOutGetPosition
waveOutOpen
waveOutClose
waveOutReset
timeEndPeriod
waveOutPrepareHeader
waveOutWrite
timeSetEvent
timeKillEvent
timeGetDevCaps
timeBeginPeriod
timeGetTime

oleacc

AccessibleObjectFromWindow

user32

DrawMenuBar
EnumWindows
DeleteMenu
EnumDisplayMonitors
PostQuitMessage
GetMessageW
ShowCaret
CreateCaret
DestroyCaret
SetCaretPos
InsertMenuItemW
CreateMenu
GetMenuItemInfoW
SetMenuItemInfoW
RemoveMenu
EnumDisplayDevicesA
UpdateLayeredWindow
GetKeyboardLayout
ActivateKeyboardLayout
OffsetRect
GetLastInputInfo
GetAsyncKeyState
UnregisterClassA
DdeUninitialize
DdeFreeStringHandle
DdeDisconnect
DdeClientTransaction
DdeConnect
DdeCreateStringHandleA
DdeInitializeW
SetMenuInfo
GetMenuInfo
DestroyMenu
TrackPopupMenu
CreatePopupMenu
CharLowerW
CharUpperW
MapVirtualKeyW
CharNextW
EnumDisplayDevicesW
PostMessageA
RegisterWindowMessageA
MonitorFromRect
GetMonitorInfoA
GetUserObjectInformationW
GetProcessWindowStation
wsprintfW
GetWindowTextW
GetClassLongW
BeginPaint
EndPaint
EnumDisplaySettingsW
IsWindow
GetClassInfoExW
ShowWindowAsync
SetWindowRgn
GetWindow
IsWindowVisible
ShowWindow
SetWindowPlacement
GetWindowPlacement
GetMenuBarInfo
GetSystemMenu
SetMenu
FlashWindowEx
GetActiveWindow
MapWindowPoints
IsIconic
DefWindowProcW
ReleaseCapture
GetMessageTime
SetCapture
SetCursorPos
TrackMouseEvent
GetCapture
GetWindowThreadProcessId
AttachThreadInput
LoadStringW
LoadCursorW
GetQueueStatus
SetTimer
GetWindowInfo
CopyRect
InvalidateRect
KillTimer
GetForegroundWindow
WaitForInputIdle
CreateWindowExW
RemovePropW
SetForegroundWindow
CallWindowProcW
FindWindowExW
EnumChildWindows
GetFocus
GetAncestor
EnableWindow
GetWindowTextLengthW
GetDlgItemTextA
IsWindowEnabled
SetDlgItemTextA
SetRectEmpty
CreateIconIndirect
DialogBoxParamW
GetDlgItemTextW
SetDlgItemTextW
GetClientRect
MoveWindow
MessageBoxA
SendMessageTimeoutW
FillRect
ClientToScreen
MonitorFromWindow
GetMonitorInfoW
DialogBoxIndirectParamW
EndDialog
GetParent
GetWindowRect
GetDesktopWindow
SetWindowPos
LoadIconW
GetDlgItem
SetWindowTextW
SetFocus
PostMessageW
DestroyWindow
SetCursor
GetCursor
DestroyIcon
GetPropW
SetPropW
RegisterClassExW
IsZoomed
UpdateWindow
GetDoubleClickTime
RegisterClipboardFormatA
RegisterClipboardFormatW
GetClipboardFormatNameA
ReleaseDC
GetDC
ScreenToClient
GetKeyState
GetCursorPos
DispatchMessageW
TranslateMessage
MsgWaitForMultipleObjects
PeekMessageW
CloseClipboard
GetClipboardData
OpenClipboard
IsClipboardFormatAvailable
SetClipboardData
EmptyClipboard
InflateRect
SendInput
MessageBoxW
PostThreadMessageW
SendMessageW
SystemParametersInfoW
SetWindowLongW
PtInRect
SetRect
GetSystemMetrics
GetWindowLongW

gdi32

ExtTextOutW
SetBkColor
SetStretchBltMode
GetStretchBltMode
PolyBezierTo
LineTo
MoveToEx
GetTextAlign
EndPath
BeginPath
EndPage
StartPage
CreateCompatibleBitmap
GetDIBits
CreateBitmap
StretchBlt
CreateFontIndirectW
CreateDCW
CreateDCA
GetICMProfileA
SaveDC
SetPolyFillMode
GetObjectW
BitBlt
CreateDIBSection
ResetDCW
CreateICW
EndDoc
RestoreDC
SelectClipPath
GdiFlush
CreateSolidBrush
StrokePath
GetClipBox
CreateRectRgnIndirect
SelectPalette
RealizePalette
SetPixel
CreateCompatibleDC
SelectObject
SetDIBitsToDevice
ExtCreatePen
DeleteDC
FillPath
AbortDoc
LPtoDP
StartDocW
StretchDIBits
GetSystemPaletteEntries
CreatePalette
GetFontData
EnumFontFamiliesExW
SetGraphicsMode
SetWorldTransform
GetBkColor
SelectClipRgn
GetTextColor
DeleteObject
GetBkMode
SetBkMode
GdiAlphaBlend
GetTextExtentPoint32A
ExtTextOutA
GetTextExtentPoint32W
GetTextMetricsW
EnumFontFamiliesW
EnumFontFamiliesA
SetTextColor
CreateFontIndirectA
IntersectClipRect
GetClipRgn
CreateRectRgn
SetTextAlign
GetTextCharacterExtra
GetCurrentObject
GetDeviceCaps
DPtoLP
CreatePen
SetTextCharacterExtra
GetStockObject
GetWorldTransform

msimg32

AlphaBlend

advapi32

InitializeSecurityDescriptor
InitializeAcl
SetSecurityInfo
SetSecurityDescriptorControl
MakeSelfRelativeSD
SetEntriesInAclW
RegEnumKeyExW
CryptGenRandom
OpenProcessToken
GetTokenInformation
RegQueryInfoKeyW
RegisterEventSourceA
ReportEventA
DeregisterEventSource
GetSidSubAuthorityCount
GetSidSubAuthority
IsValidSid
CryptExportKey
CryptEncrypt
CryptImportKey
CryptGenKey
CryptDestroyKey
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
RegOpenKeyA
RegSetValueExW
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
CryptReleaseContext
CryptDestroyHash
CryptCreateHash
CryptAcquireContextW
CryptGetHashParam
CryptHashData
SetSecurityDescriptorDacl

comdlg32

CommDlgExtendedError
PrintDlgW
PageSetupDlgW
GetOpenFileNameW
GetSaveFileNameW

shell32

SHCreateDirectoryExW
SHGetSpecialFolderPathW
CommandLineToArgvW
ShellExecuteExW
SHGetFileInfoW
SHGetSpecialFolderLocation
SHChangeNotify
Shell_NotifyIconW
SHGetDiskFreeSpaceExW
SHFileOperationW
SHGetFolderPathW
SHGetSettings
SHGetFolderPathA
SHBrowseForFolderW
SHAppBarMessage
SHGetFolderLocation
SHGetPathFromIDListW
ord2
ord4

shlwapi

PathAppendA
PathAppendW
PathRemoveFileSpecW
StrDupW
StrCmpW
ord219
AssocQueryStringW
PathFileExistsW

wininet

InternetErrorDlg
InternetSetCookieW
InternetGetCookieW

msi

ord72
ord96
ord37
ord17
ord125
ord121
ord32
ord159
ord20
ord205
ord151
ord153
ord141
ord88
ord16
ord137
ord70
ord90
ord173
ord92
ord8
ord84
ord113
ord78

urlmon

CoInternetParseUrl
CoInternetCompareUrl
CopyStgMedium

comctl32

ImageList_GetIconSize
ImageList_Draw

mscms

TranslateBitmapBits
CloseColorProfile
CreateColorTransformW
OpenColorProfileW
DeleteColorTransform

secur32

LsaFreeReturnBuffer
LsaGetLogonSessionData

dsound

ord8
ord1

iphlpapi

GetAdaptersAddresses

dnsapi

DnsQuery_UTF8
DnsRecordListFree

dinput8

DirectInput8Create

winspool.drv

EnumPrintersW
OpenPrinterW
GetPrinterW
ClosePrinter

Exports

Exports

ADLWMain
AdobeCPGetAPI
AppEntryWinMain
AppInstallWinMain
CaptiveAppEntryWinMain
ExtendedAppEntryWinMain
FREAcquireBitmapData
FREAcquireBitmapData2
FREAcquireByteArray
FRECallObjectMethod
FREDispatchStatusEventAsync
FREGetArrayElementAt
FREGetArrayLength
FREGetContextActionScriptData
FREGetContextNativeData
FREGetObjectAsBool
FREGetObjectAsDouble
FREGetObjectAsInt32
FREGetObjectAsUTF8
FREGetObjectAsUint32
FREGetObjectProperty
FREGetObjectType
FREInvalidateBitmapDataRect
FRENewObject
FRENewObjectFromBool
FRENewObjectFromDouble
FRENewObjectFromInt32
FRENewObjectFromUTF8
FRENewObjectFromUint32
FREReleaseBitmapData
FREReleaseByteArray
FRESetArrayElementAt
FRESetArrayLength
FRESetContextActionScriptData
FRESetContextNativeData
FRESetObjectProperty
NAIPWMain
RuntimeInstallerWinMain

Sections

.text
Size: 12.3MB - Virtual size: 12.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rodata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6.2MB - Virtual size: 6.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 443KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 512B - Virtual size: 84B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 209KB - Virtual size: 208KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 827KB - Virtual size: 827KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Balsamiq_Mockups_3/Adobe AIR/Versions/1.0/Resources/Adobe AIR.vch
Balsamiq_Mockups_3/Adobe AIR/Versions/1.0/Resources/AdobeCP15.dll
.dll windows x86

5654f6bff0dd174f50c057d3f5682311

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

4d:4a:a1:fd:f2:6f:9f:33:53:d6:26:14:ed:a6:62:37
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

24/09/2012, 00:00

Not After

01/10/2015, 23:59

Subject

CN=Adobe Systems Incorporated,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Universal Client,O=Adobe Systems Incorporated,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

e8:b0:ea:0a:41:61:02:e3:b2:62:68:45:b3:b3:9c:19:38:0c:5c:80
Signer

Actual PE Digest

e8:b0:ea:0a:41:61:02:e3:b2:62:68:45:b3:b3:9c:19:38:0c:5c:80

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Adobe Systems Incorporated,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Universal Client,O=Adobe Systems Incorporated,ST=California,C=US

23/11/2013, 02:01
Valid: false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetCurrentProcessId
GetConsoleCP
GetConsoleMode
FlushFileBuffers
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetLocaleInfoW
CreateFileA
SetHandleCount
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetTimeZoneInformation
CreateFileW
SetEndOfFile
CompareStringA
CompareStringW
SetEnvironmentVariableA
SetFilePointer
ReadFile
GetOEMCP
GetACP
HeapSize
GetModuleFileNameA
GetStdHandle
WriteFile
SetLastError
lstrlenA
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
HeapCreate
HeapDestroy
GetStringTypeW
GetStringTypeA
DeleteFileA
GetFileSize
GetFileTime
SetFileTime
CompareFileTime
GetSystemInfo
LocalFree
GlobalFree
FormatMessageA
ReleaseMutex
CreateMutexA
LCMapStringW
LCMapStringA
GetCPInfo
RaiseException
RtlUnwind
GetProcessHeap
GetVersionExA
GetCommandLineA
GetCurrentThreadId
ExitProcess
GetSystemTimeAsFileTime
HeapReAlloc
HeapAlloc
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
HeapFree
GetLastError
MultiByteToWideChar
InterlockedExchange
InterlockedCompareExchange
WideCharToMultiByte
VirtualFree
VirtualAlloc
InterlockedDecrement
InterlockedIncrement
LoadLibraryA
GetCurrentProcess
GetModuleHandleA
GetProcAddress
CreateThread
CloseHandle
DeleteCriticalSection
EnterCriticalSection
ExitThread
LeaveCriticalSection
CreateEventA
Sleep
InitializeCriticalSection
SetEvent
WaitForSingleObject
GetCurrentThread
GetTickCount
SetStdHandle

user32

GetCursorPos

advapi32

CryptAcquireContextW
CryptImportKey
CryptDecrypt
CryptGetUserKey
CryptDestroyKey
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyA
RegCloseKey
RegSetValueExA
CryptReleaseContext
CryptSetKeyParam
CryptGenRandom
CryptAcquireContextA
CryptSetProvParam
CryptGetProvParam

wininet

InternetCloseHandle
HttpOpenRequestA
InternetCrackUrlA
InternetCanonicalizeUrlA
InternetConnectA
InternetSetOptionA
InternetSetStatusCallback
InternetOpenA
InternetReadFile
HttpAddRequestHeadersA
HttpQueryInfoA
HttpSendRequestA
InternetQueryOptionA

ws2_32

getsockopt
shutdown
closesocket
select
inet_addr
gethostbyname
WSAGetLastError
WSAStartup
connect
ioctlsocket
htons
setsockopt
socket
recv
__WSAFDIsSet
send
accept

crypt32

CryptMsgOpenToDecode
CryptMsgGetParam
CryptDecodeObject
CertFindCertificateInStore
CertEnumCertificatesInStore
CryptMsgUpdate
CryptMsgOpenToEncode
CryptMsgClose
CertGetEnhancedKeyUsage
CertAddCertificateContextToStore
CertDuplicateCertificateContext
CryptImportPublicKeyInfo
CertFreeCertificateContext
CertFindExtension
CertSetCertificateContextProperty
CertGetCertificateContextProperty
CertGetNameStringW
CertGetNameStringA
CryptProtectData
CryptUnprotectData
CertCloseStore
CertDeleteCertificateFromStore
CertOpenStore
CryptFindLocalizedName
CryptAcquireCertificatePrivateKey
CertAddEncodedCertificateToStore

Exports

Exports

AdobeCPGetAPI
C_EDCAuthenticationManager_allowHttpConnection
C_EDCAuthenticationManager_deleteUserCredentials
C_EDCAuthenticationManager_getAuthenticatedPrincipal
C_EDCAuthenticationManager_getClientVersion
C_EDCAuthenticationManager_getSAMLToken
C_EDCAuthenticationManager_getServerVersion
C_EDCAuthenticationManager_getUserCredentials
C_EDCAuthenticationManager_isAllowHttpConnection
C_EDCAuthenticationManager_isLoggedIn
C_EDCAuthenticationManager_isUserCredentialsCachingEnabled
C_EDCAuthenticationManager_login
C_EDCAuthenticationManager_logout
C_EDCAuthenticationManager_setSAMLToken
C_EDCByteBuffer_delete
C_EDCByteBuffer_getBytes
C_EDCByteBuffer_getLength
C_EDCCertificateInfoList_delete
C_EDCClientCallbacks_new
C_EDCClient_terminate
C_EDCConsumer_DownloadVoucher
C_EDCConsumer_delete
C_EDCConsumer_getBackgroundSyncFrequency
C_EDCConsumer_getDocHistoryURL
C_EDCConsumer_getLicenseId
C_EDCConsumer_getRevocationURL
C_EDCConsumer_getSecureTime
C_EDCConsumer_getSynchronizationProgress
C_EDCConsumer_getURL
C_EDCConsumer_isAnonymous
C_EDCConsumer_isOffline
C_EDCConsumer_isSyncing
C_EDCConsumer_iterate
C_EDCConsumer_logCustomEvents
C_EDCConsumer_logEvents
C_EDCConsumer_new
C_EDCConsumer_newFromIterationResponse
C_EDCConsumer_newFromPublishAsResponse
C_EDCConsumer_publishAs
C_EDCConsumer_requestAccess
C_EDCConsumer_setBackgroundSyncFrequency
C_EDCConsumer_setOffline
C_EDCConsumer_startSynchronization
C_EDCDecryptor_decryptBytes
C_EDCDecryptor_delete
C_EDCDecryptor_getDecryptionKey
C_EDCDecryptor_setDecryptionKey
C_EDCDeleteString
C_EDCPermSet_delete
C_EDCRevocationData_delete
C_EDCVoucherPropList_delete
C_EDCVoucherStore_get
C_EDCVoucherStore_new
C_EDCVoucherStore_put
C_EDCVoucherStore_remove
C_EDCVoucherStore_removeFromDisk
C_EDCVoucher_canRevoke
C_EDCVoucher_canViewAuditHistory
C_EDCVoucher_delete
C_EDCVoucher_getAuthenticatedUserFriendlyName
C_EDCVoucher_getAuthenticatedUserId
C_EDCVoucher_getClockSkew
C_EDCVoucher_getDecryptor
C_EDCVoucher_getEncryptor
C_EDCVoucher_getExpirationDate
C_EDCVoucher_getExtendedVoucherProperties
C_EDCVoucher_getExternalAuthLeasePeriod
C_EDCVoucher_getFirstPlaybackDate
C_EDCVoucher_getLicenseId
C_EDCVoucher_getOfflineLeasePeriodExpirationDate
C_EDCVoucher_getOfflineLeasePeriodRemaining
C_EDCVoucher_getOfflineLeaseStartDate
C_EDCVoucher_getPermissions
C_EDCVoucher_getPlaybackWindowExpirationDate
C_EDCVoucher_getPolicy
C_EDCVoucher_getRevocationData
C_EDCVoucher_getStartDate
C_EDCVoucher_getWatermark
C_EDCVoucher_isAudited
C_EDCVoucher_isExternalAuthorizationSet
C_EDCVoucher_isRevoked
C_EDCWatermarkTemplate_delete
C_EDCvoucherStore_delete
C_PDRLPolicyPropertyList_delete
C_PDRLPolicy_addPolicyEntry
C_PDRLPolicy_clearPolicyEntries
C_PDRLPolicy_countPolicyEntries
C_PDRLPolicy_delete
C_PDRLPolicy_getCreationDate
C_PDRLPolicy_getEncryptionMethod
C_PDRLPolicy_getInstanceVersionNum
C_PDRLPolicy_getLastModifiedDate
C_PDRLPolicy_getOfflineLeasePeriod
C_PDRLPolicy_getPolicyDescription
C_PDRLPolicy_getPolicyEntry
C_PDRLPolicy_getPolicyId
C_PDRLPolicy_getPolicyName
C_PDRLPolicy_getPolicyType
C_PDRLPolicy_getProperty
C_PDRLPolicy_getSchemaVersion
C_PDRLPolicy_getValidityPeriod
C_PDRLPolicy_getWatermarkId
C_PDRLPolicy_isAudited
C_PDRLPolicy_isCertifiedMode
C_PDRLPolicy_isEncryptAttachments
C_PDRLPolicy_isPlaintextMetadata
C_PDRLPolicy_isWatermarked
C_PDRLPolicy_new
C_PDRLPolicy_policyFromXML
C_PDRLPolicy_removePolicyEntry
C_PDRLPolicy_setAudited
C_PDRLPolicy_setCertifiedMode
C_PDRLPolicy_setEncryptAttachments
C_PDRLPolicy_setEncryptionMethod
C_PDRLPolicy_setOfflineLeasePeriod
C_PDRLPolicy_setPlaintextMetadata
C_PDRLPolicy_setPolicyDescription
C_PDRLPolicy_setPolicyName
C_PDRLPolicy_setProperty
C_PDRLPolicy_setValidityPeriod
C_PDRLPolicy_setWatermarkId
C_PDRLPolicy_toXML

Sections

.text
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 468KB - Virtual size: 465KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 588KB - Virtual size: 597KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 4KB - Virtual size: 84B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 156KB - Virtual size: 154KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Balsamiq_Mockups_3/Adobe AIR/Versions/1.0/Resources/CaptiveAppEntry.exe
.exe windows x86

9b8cde1048803eb9f29e20b92535d1cc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetStdHandle
ExitProcess
CreateFileW
GetModuleHandleW
WriteConsoleW
GetStdHandle
GetConsoleOutputCP
WriteConsoleA
FlushFileBuffers
GetConsoleMode
GetConsoleCP
GetUserDefaultUILanguage
GetCommandLineW
HeapAlloc
GetProcessHeap
GetFullPathNameW
HeapFree
GetCommandLineA
GetStartupInfoA
SetUnhandledExceptionFilter
Sleep
WriteFile
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
HeapCreate
GetFileAttributesW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
IsDebuggerPresent
LoadLibraryA
InitializeCriticalSectionAndSpinCount
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
VirtualAlloc
HeapReAlloc
RtlUnwind
HeapSize
GetLocaleInfoA
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
CloseHandle
InitializeCriticalSection
SetFilePointer
LoadLibraryW
GetProcAddress
VirtualFree
GetModuleFileNameW
CreateFileA

shell32

CommandLineToArgvW

user32

MessageBoxExW

shlwapi

PathAppendW
PathRemoveFileSpecW
StrCmpW

msi

ord90

Sections

.text
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 704B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Balsamiq_Mockups_3/Adobe AIR/Versions/1.0/Resources/NPSWF32.dll
.dll regsvr32 windows x86

280560606043f999dad67348fe1e8f98

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

4d:4a:a1:fd:f2:6f:9f:33:53:d6:26:14:ed:a6:62:37
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

24/09/2012, 00:00

Not After

01/10/2015, 23:59

Subject

CN=Adobe Systems Incorporated,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Universal Client,O=Adobe Systems Incorporated,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

60:27:4b:94:2d:2c:32:12:0b:d3:fb:21:76:04:c0:2a:f4:61:89:7b
Signer

Actual PE Digest

60:27:4b:94:2d:2c:32:12:0b:d3:fb:21:76:04:c0:2a:f4:61:89:7b

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Adobe Systems Incorporated,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Universal Client,O=Adobe Systems Incorporated,ST=California,C=US

23/11/2013, 02:01
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueW
GetFileVersionInfoSizeA
GetFileVersionInfoA
GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueA

winmm

mixerGetLineControlsA
mixerClose
waveInMessage
waveOutMessage
waveOutGetDevCapsA
waveInGetDevCapsA
mixerGetID
mixerGetLineInfoA
mixerGetDevCapsA
mixerOpen
mixerGetControlDetailsA
waveOutGetDevCapsW
waveInGetDevCapsW
waveOutGetNumDevs
waveInGetNumDevs
waveInStart
waveOutRestart
waveInStop
waveInClose
waveInUnprepareHeader
waveInReset
waveInPrepareHeader
waveInOpen
timeSetEvent
timeKillEvent
timeEndPeriod
timeBeginPeriod
timeGetDevCaps
waveOutWrite
waveOutPrepareHeader
waveOutUnprepareHeader
waveOutReset
waveOutClose
waveOutOpen
waveOutGetPosition
timeGetTime
waveOutPause
waveInGetPosition
mixerSetControlDetails
waveInAddBuffer
waveOutSetVolume

wininet

HttpSendRequestA
InternetReadFile
InternetCloseHandle
InternetSetOptionA
HttpOpenRequestA
InternetConnectA
InternetOpenA
HttpQueryInfoA

crypt32

CertEnumCertificatesInStore
CertAddCertificateContextToStore
CertCompareCertificateName
CryptFindOIDInfo
CertRDNValueToStrW
CertFindRDNAttr
CryptDecodeObjectEx
CertNameToStrW
CertVerifyTimeValidity
CertVerifyRevocation
CertOpenStore
CertAddStoreToCollection
CryptVerifyMessageSignature
CryptGetMessageCertificates
CertCreateCertificateContext
CertVerifySubjectCertificateContext
CertFindCertificateInStore
CertFreeCertificateContext
CertCloseStore
CertCompareCertificate

rpcrt4

RpcStringFreeA
UuidToStringA

oleaut32

VariantClear
UnRegisterTypeLi
RegisterTypeLi
LoadTypeLi
LoadRegTypeLi
SysAllocString
SysStringLen
SysFreeString
VariantInit

urlmon

CopyStgMedium

dsound

ord8
ord1

dinput8

DirectInput8Create

kernel32

GlobalSize
GlobalAlloc
GetSystemInfo
GetUserDefaultUILanguage
MoveFileExW
VirtualQuery
GetUserDefaultLangID
GetVersionExA
SetFilePointer
VerifyVersionInfoW
VerSetConditionMask
CreateThread
ReadFile
GetFileSize
FindResourceExA
FindResourceExW
SetUnhandledExceptionFilter
GetTempPathW
GetTimeZoneInformation
ReleaseSemaphore
CreateSemaphoreW
GetTempFileNameW
GetSystemDirectoryW
ExpandEnvironmentStringsA
GetTempPathA
GetFileAttributesA
CreateMutexA
SetFilePointerEx
GetFileAttributesExW
GetFileInformationByHandle
GetVolumeInformationW
GetCurrentDirectoryW
SetCurrentDirectoryW
OutputDebugStringA
TlsSetValue
ReleaseMutex
CreateFileMappingA
GetExitCodeThread
DuplicateHandle
TerminateThread
CreateWaitableTimerW
SetThreadPriority
GetSystemDirectoryA
CompareFileTime
LocalFree
QueryPerformanceCounter
QueryPerformanceFrequency
QueueUserAPC
OpenThread
SleepEx
SwitchToThread
HeapReAlloc
GetCommandLineA
RtlUnwind
UnhandledExceptionFilter
IsProcessorFeaturePresent
GetProcessAffinityMask
HeapSize
HeapFree
GetProcessHeap
HeapAlloc
EnumSystemLocalesW
IsValidLocale
GetUserDefaultLCID
GetTimeFormatW
GetDateFormatW
CompareStringW
GetCurrencyFormatW
GetNumberFormatW
VirtualProtect
SetSystemTime
DebugBreak
CreateSemaphoreA
VirtualFree
VirtualAlloc
DeviceIoControl
GetVersion
CancelWaitableTimer
SetWaitableTimer
CreateWaitableTimerA
CreateEventA
FlushFileBuffers
SetEndOfFile
CreateIoCompletionPort
GetQueuedCompletionStatus
PostQueuedCompletionStatus
GetNativeSystemInfo
RegisterWaitForSingleObject
UnregisterWaitEx
GlobalMemoryStatusEx
IsDebuggerPresent
FileTimeToSystemTime
TlsAlloc
TlsFree
GetSystemTimeAsFileTime
GetStdHandle
ResumeThread
GetModuleHandleExA
OpenProcess
CreateToolhelp32Snapshot
Thread32First
GetThreadTimes
Thread32Next
InitializeCriticalSectionAndSpinCount
FormatMessageA
CreateProcessW
CreateFileMappingW
CreateMutexW
GetNamedPipeInfo
CreateNamedPipeW
CancelIo
ConnectNamedPipe
InterlockedExchangeAdd
ExitProcess
TerminateProcess
GetConsoleMode
LCMapStringA
SetConsoleCtrlHandler
SetHandleCount
GetFileType
GetStartupInfoA
GetOEMCP
IsValidCodePage
HeapCreate
HeapDestroy
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
EnumSystemLocalesA
CompareStringA
SetEnvironmentVariableA
LocalAlloc
lstrcpynW
GlobalMemoryStatus
FlushConsoleInputBuffer
lstrlenA
ReadConsoleInputA
SetConsoleMode
TlsGetValue
InitializeCriticalSection
GlobalLock
GlobalUnlock
UnmapViewOfFile
MapViewOfFile
GetProcessTimes
GlobalFree
GetEnvironmentVariableA
CreateDirectoryA
GetCurrentDirectoryA
GetTempFileNameA
CreateFileA
WriteFile
DeleteFileA
GetCurrentProcessId
GetModuleHandleA
CreateProcessA
WideCharToMultiByte
CreateDirectoryW
GetFileAttributesW
CreateFileW
GetFileSizeEx
GetSystemTime
SystemTimeToFileTime
FindFirstFileW
RemoveDirectoryW
DeleteFileW
FindNextFileW
FindClose
GetModuleFileNameA
FindResourceA
SizeofResource
LoadResource
LockResource
OpenFile
_lwrite
_lclose
FreeResource
GetModuleFileNameW
lstrlenW
SetLastError
GetCurrentProcess
FlushInstructionCache
RaiseException
LCMapStringW
GetTickCount
GetCurrentThreadId
GetLocaleInfoW
TryEnterCriticalSection
LoadLibraryW
GetVersionExW
LoadLibraryA
GetProcAddress
WaitForMultipleObjects
GetLastError
FreeLibrary
WaitForSingleObject
ResetEvent
CloseHandle
CreateEventW
SetEvent
GetModuleHandleW
InterlockedDecrement
InterlockedIncrement
GetCurrentThread
SetThreadAffinityMask
IsDBCSLeadByte
GetACP
GetCPInfo
MultiByteToWideChar
ExitThread
ExpandEnvironmentStringsW
InterlockedExchange
InterlockedCompareExchange
Sleep
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
GetConsoleCP

user32

GetProcessWindowStation
GetUserObjectInformationW
GetMonitorInfoA
MonitorFromRect
EnumDisplayMonitors
RegisterClassExA
SetWindowLongA
GetMessageA
DispatchMessageA
GetWindowLongA
DefWindowProcA
RegisterWindowMessageA
PostMessageA
UnregisterClassW
CallMsgFilterW
MsgWaitForMultipleObjectsEx
WaitMessage
MsgWaitForMultipleObjects
GetClassNameA
CallNextHookEx
GetUpdateRect
ValidateRect
SetWindowsHookExW
UnhookWindowsHookEx
SetActiveWindow
SetParent
UpdateWindow
GetAncestor
MapWindowPoints
GetWindowTextW
GetWindow
SetWindowPlacement
GetWindowPlacement
IsZoomed
GetSystemMenu
FlashWindowEx
GetActiveWindow
MoveWindow
SetCaretPos
CreateCaret
ShowCaret
DestroyCaret
EnumDisplayDevicesW
EmptyClipboard
SetClipboardData
wsprintfW
GetDesktopWindow
MonitorFromWindow
EnumDisplaySettingsW
IsClipboardFormatAvailable
OpenClipboard
GetClipboardData
CloseClipboard
RegisterClipboardFormatW
RemoveMenu
GetForegroundWindow
SetRect
EnumDisplayDevicesA
SetMenuItemInfoW
GetMenuItemInfoW
InsertMenuItemW
CreatePopupMenu
TrackPopupMenu
DestroyMenu
DrawMenuBar
CreateMenu
SetMenuInfo
MapVirtualKeyW
CharUpperW
CharLowerW
PostThreadMessageW
GetMessageW
TranslateMessage
OffsetRect
CreateWindowExW
ShowWindow
ShowWindowAsync
IsIconic
GetWindowTextLengthW
DestroyWindow
GetDoubleClickTime
DeleteMenu
RemovePropW
DispatchMessageW
WaitForInputIdle
MessageBoxA
DialogBoxParamW
SetWindowTextA
RedrawWindow
DialogBoxIndirectParamW
SetWindowTextW
SendMessageTimeoutW
CreateIconIndirect
GetMonitorInfoW
SetRectEmpty
GetCursor
DestroyIcon
LoadImageW
GetPropW
SetPropW
PtInRect
InflateRect
GetClipboardFormatNameA
RegisterClipboardFormatA
SetWindowPos
RegisterClassA
CreateWindowExA
SetCapture
ReleaseCapture
SetCursorPos
GetSubMenu
GetCapture
SystemParametersInfoW
ScreenToClient
GetMessageTime
GetCursorPos
WindowFromPoint
LoadIconW
RegisterClassW
PeekMessageW
GetQueueStatus
KillTimer
SetTimer
IsWindowVisible
PostMessageW
GetTopWindow
GetFocus
GetParent
GetWindowThreadProcessId
AttachThreadInput
GetDlgItem
IsWindow
EnableWindow
SendMessageW
InvalidateRect
GetKeyState
ReleaseDC
LoadStringW
MessageBoxW
SetCursor
EnableMenuItem
CheckMenuItem
FillRect
GetDC
BeginPaint
GetClientRect
EndPaint
GetSystemMetrics
EndDialog
UnregisterClassA
SetFocus
GetWindowInfo
CopyRect
RegisterClassExW
CallWindowProcW
PostQuitMessage
LoadCursorW
GetClassInfoExW
SetWindowLongW
DefWindowProcW
ClientToScreen
SendInput
ActivateKeyboardLayout
GetKeyboardLayout
GetWindowLongW
GetWindowRect
UpdateLayeredWindow

gdi32

EnumFontFamiliesExW
CreateDCW
GetFontData
FillPath
ExtCreatePen
StrokePath
EndDoc
StartDocW
CreatePalette
GetWorldTransform
SetGraphicsMode
SetWorldTransform
GetTextCharacterExtra
DPtoLP
EnumFontFamiliesA
GetCurrentObject
CreatePen
SetTextCharacterExtra
GetBkColor
SelectClipRgn
GetTextColor
GetBkMode
GetTextAlign
SetBkMode
SetTextAlign
CreateRectRgn
GetClipRgn
IntersectClipRect
CreateFontIndirectA
SetTextColor
GetTextMetricsW
GetTextExtentPoint32W
ExtTextOutA
GetTextExtentPoint32A
CreateFontIndirectW
CreateBitmap
SetPixel
CreateDCA
GetICMProfileA
SelectPalette
RealizePalette
RectVisible
LPtoDP
StretchDIBits
GetStockObject
Rectangle
GetDeviceCaps
GetSystemPaletteEntries
GetClipBox
CreateSolidBrush
EnumFontFamiliesW
GetStretchBltMode
CreateCompatibleBitmap
SetStretchBltMode
SetBkColor
ExtTextOutW
BitBlt
StretchBlt
GdiAlphaBlend
CreateDIBSection
GetObjectW
SelectObject
DeleteObject
GdiFlush
DeleteDC
CreateCompatibleDC
RestoreDC
SelectClipPath
PolyBezierTo
LineTo
MoveToEx
EndPath
BeginPath
SaveDC
SetPolyFillMode
EndPage
StartPage

comdlg32

GetSaveFileNameW
GetOpenFileNameW
CommDlgExtendedError
PrintDlgW

advapi32

CryptDecrypt
CryptSetKeyParam
CryptGetHashParam
CryptHashData
CryptDestroyHash
CryptAcquireContextA
CryptCreateHash
RegisterEventSourceA
ReportEventA
DeregisterEventSource
IsValidSid
CryptImportKey
CryptGenKey
CryptDestroyKey
CryptExportKey
CryptEncrypt
RegOpenKeyA
OpenProcessToken
GetTokenInformation
GetSidSubAuthorityCount
GetSidSubAuthority
RegCreateKeyExA
CryptAcquireContextW
CryptGenRandom
CryptReleaseContext
RegDeleteValueA
RegOpenKeyExW
RegCloseKey
RegQueryValueExA
RegSetValueExA
RegOpenKeyExA
RegCreateKeyA
RegQueryValueExW

shell32

SHGetFolderPathW
SHGetFolderPathA
SHGetPathFromIDListW
SHBrowseForFolderW
SHAppBarMessage
SHGetFolderLocation
SHGetSettings
ord165
ShellExecuteW
SHGetDiskFreeSpaceExW
SHGetSpecialFolderPathW
SHFileOperationW

ole32

OleGetClipboard
OleInitialize
CoUninitialize
CoSetProxyBlanket
CoInitializeEx
OleIsCurrentClipboard
OleFlushClipboard
OleSetClipboard
PropVariantClear
CoFreeUnusedLibraries
CoTaskMemFree
CoCreateInstance
CoTaskMemAlloc
OleUninitialize
ReleaseStgMedium
CreateBindCtx
MkParseDisplayName
CoInitialize

ws2_32

closesocket
WSACleanup
WSASocketW
ntohl
select
gethostname
connect
ioctlsocket
WSAEnumNetworkEvents
WSAAsyncSelect
WSACreateEvent
WSAAddressToStringA
bind
sendto
recvfrom
WSAStartup
setsockopt
recv
send
ntohs
WSAGetLastError
WSAIoctl
WSAEventSelect
socket
getsockname
htons
WSACloseEvent
gethostbyname
inet_ntoa
htonl
getservbyname
gethostbyaddr
getservbyport
WSASetLastError
inet_addr

shlwapi

UrlCanonicalizeW
AssocQueryStringW
PathRemoveFileSpecA

mscms

OpenColorProfileW
CreateColorTransformW
CloseColorProfile
TranslateBitmapBits
DeleteColorTransform

winspool.drv

GetPrinterW
ClosePrinter
OpenPrinterW

Exports

Exports

AdobeCPGetAPI
BrokerMainW
DllRegisterServer
DllUnregisterServer
FlashPlayer_11_9_900_169_FlashPlayer
Flash_DisableLocalSecurity
Flash_EnforceLocalSecurity
IAEModule_AEModule_PutKernel
IAEModule_IAEKernel_LoadModule
IAEModule_IAEKernel_UnloadModule
Java_ShockwaveFlash_CurrentFrame_stub
Java_ShockwaveFlash_FlashVersion_stub
Java_ShockwaveFlash_FrameLoaded_stub
Java_ShockwaveFlash_GetVariable_stub
Java_ShockwaveFlash_GotoFrame_stub
Java_ShockwaveFlash_IsPlaying_stub
Java_ShockwaveFlash_LoadMovie_stub
Java_ShockwaveFlash_Pan_stub
Java_ShockwaveFlash_PercentLoaded_stub
Java_ShockwaveFlash_Play_stub
Java_ShockwaveFlash_SetVariable_stub
Java_ShockwaveFlash_SetZoomRect_stub
Java_ShockwaveFlash_StopPlay_stub
Java_ShockwaveFlash_TCallFrame_stub
Java_ShockwaveFlash_TCallLabel_stub
Java_ShockwaveFlash_TCurrentFrame_stub
Java_ShockwaveFlash_TCurrentLabel_stub
Java_ShockwaveFlash_TGetProperty_stub
Java_ShockwaveFlash_TGotoFrame_stub
Java_ShockwaveFlash_TGotoLabel_stub
Java_ShockwaveFlash_TPlay_stub
Java_ShockwaveFlash_TSetProperty_stub
Java_ShockwaveFlash_TStopPlay_stub
Java_ShockwaveFlash_TotalFrames_stub
Java_ShockwaveFlash_Zoom_stub
NP_Acrobat_GetEntryPoints
NP_Acrobat_Initialize
NP_GetEntryPoints
NP_Initialize
NP_SetBrokerClient
NP_SetNPAPIHostProxy
NP_Shutdown
native_ShockwaveFlash_CurrentFrame
native_ShockwaveFlash_FlashVersion
native_ShockwaveFlash_FrameLoaded
native_ShockwaveFlash_GetVariable
native_ShockwaveFlash_GotoFrame
native_ShockwaveFlash_IsPlaying
native_ShockwaveFlash_LoadMovie
native_ShockwaveFlash_Pan
native_ShockwaveFlash_PercentLoaded
native_ShockwaveFlash_Play
native_ShockwaveFlash_SetVariable
native_ShockwaveFlash_SetZoomRect
native_ShockwaveFlash_StopPlay
native_ShockwaveFlash_TCallFrame
native_ShockwaveFlash_TCallLabel
native_ShockwaveFlash_TCurrentFrame
native_ShockwaveFlash_TCurrentLabel
native_ShockwaveFlash_TGetProperty
native_ShockwaveFlash_TGotoFrame
native_ShockwaveFlash_TGotoLabel
native_ShockwaveFlash_TPlay
native_ShockwaveFlash_TSetProperty
native_ShockwaveFlash_TStopPlay
native_ShockwaveFlash_TotalFrames
native_ShockwaveFlash_Zoom
register_ShockwaveFlash
unregister_ShockwaveFlash
unuse_ShockwaveFlash
unuse_netscape_plugin_Plugin
use_ShockwaveFlash
use_netscape_plugin_Plugin

Sections

.text
Size: 11.5MB - Virtual size: 11.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rodata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3.1MB - Virtual size: 3.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 254KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 580KB - Virtual size: 579KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Balsamiq_Mockups_3/Adobe AIR/Versions/1.0/Resources/WebKit.dll
.dll windows x86

ace0d8b7f4672550c80161c56f9bfdf0

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

4d:4a:a1:fd:f2:6f:9f:33:53:d6:26:14:ed:a6:62:37
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

24/09/2012, 00:00

Not After

01/10/2015, 23:59

Subject

CN=Adobe Systems Incorporated,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Universal Client,O=Adobe Systems Incorporated,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

04:0d:a2:8d:17:86:f2:56:68:68:88:85:38:75:06:83:9e:9d:3e:e0
Signer

Actual PE Digest

04:0d:a2:8d:17:86:f2:56:68:68:88:85:38:75:06:83:9e:9d:3e:e0

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Adobe Systems Incorporated,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Universal Client,O=Adobe Systems Incorporated,ST=California,C=US

23/11/2013, 02:01
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsSetValue
TlsFree
SetLastError
GetModuleHandleA
Sleep
SetHandleCount
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
GetCurrentProcessId
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetConsoleCP
TlsAlloc
GetFullPathNameA
GetCurrentDirectoryA
GetFullPathNameW
FlushFileBuffers
LCMapStringA
LCMapStringW
InitializeCriticalSectionAndSpinCount
LoadLibraryA
GetLocaleInfoA
InterlockedExchange
GetStringTypeA
GetStringTypeW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringA
SetEnvironmentVariableA
SetEndOfFile
GetProcessHeap
TlsGetValue
GetModuleFileNameA
GetStdHandle
GetFileType
SetStdHandle
CreateDirectoryA
FindFirstFileW
GetDriveTypeW
FindFirstFileA
GetDriveTypeA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
RtlUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
RaiseException
GetDateFormatA
GetTimeFormatA
LeaveCriticalSection
EnterCriticalSection
GetTimeZoneInformation
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
GetCommandLineA
GetCurrentThreadId
GetSystemTimeAsFileTime
GetModuleHandleW
LoadLibraryW
FormatMessageW
LocalFree
GetFileAttributesA
lstrlenA
ExitProcess
GetVersionExW
GetLocaleInfoW
MultiByteToWideChar
GetLastError
GetCurrentDirectoryW
SetCurrentDirectoryW
LoadLibraryExW
FreeLibrary
GetProcAddress
GetFileAttributesExW
CreateFileW
GetFileSize
ReadFile
FoldStringW
GetCurrentThread
GetThreadTimes
GetSystemInfo
VirtualFree
VirtualAlloc
QueryPerformanceFrequency
QueryPerformanceCounter
DeleteFileA
CreateFileA
SetFilePointer
WriteFile
CloseHandle
InterlockedDecrement
InterlockedIncrement
GetTickCount
GetConsoleMode
CompareStringW

user32

SystemParametersInfoW
GetDC
ReleaseDC
GetLastInputInfo
SendMessageW
GetPropW
ReleaseCapture
SetCapture
CallWindowProcW
SetParent
CreateWindowExW
DefWindowProcA
SetWindowLongA
SetPropW
SetWindowRgn
MoveWindow
DestroyWindow
FillRect
InvalidateRect
GetFocus
IsChild
GetUpdateRect
IntersectRect
EqualRect
GetWindowRgn
DefWindowProcW
LoadCursorW
RegisterClassExW
GetKeyboardState
SetKeyboardState
ShowWindow
SetFocus
GetWindowRect
ClientToScreen
GetWindowLongW
SetWindowLongW
UpdateWindow

gdi32

GetFontData
GetGlyphIndicesW
GetCharWidthI
GetTextMetricsW
GetGlyphOutlineW
GetOutlineTextMetricsW
AddFontMemResourceEx
CreateEnhMetaFileW
CloseEnhMetaFile
EnumEnhMetaFile
DeleteEnhMetaFile
GetStockObject
GetFontUnicodeRanges
EnumFontFamiliesExW
GetTextFaceW
CreateFontIndirectW
RemoveFontMemResourceEx
GetObjectW
IntersectClipRect
ModifyWorldTransform
RestoreDC
SaveDC
CreateCompatibleDC
CreateDIBSection
SelectObject
SetGraphicsMode
GetWorldTransform
SetWorldTransform
GetClipBox
CreateRectRgn
GetRgnBox
DeleteObject
GetDeviceCaps
StretchBlt
SetStretchBltMode
StretchDIBits
GetClipRgn
GetGraphicsMode
SelectClipRgn
ExtSelectClipRgn
ExtCreateRegion
PatBlt
SetBrushOrgEx
CreatePatternBrush
CreateSolidBrush
ExtTextOutW
SetBkMode
SetTextAlign
SetTextColor
CreateCompatibleBitmap
SetMapMode
GetCharWidth32W
ExtEscape
SelectClipPath
EndPath
CloseFigure
MoveToEx
BeginPath
LineTo
PolyBezierTo
SetPolyFillMode
WidenPath
StrokePath
ExtCreatePen
SetMiterLimit
FillPath
BitBlt
GdiFlush
DeleteDC

usp10

ScriptXtoCP
ScriptPlace
ScriptItemize
ScriptFreeCache
ScriptStringFree
ScriptStringOut
ScriptStringAnalyse
ScriptShape

urlmon

FindMimeFromData

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

msimg32

GradientFill

winmm

timeEndPeriod
timeBeginPeriod

advapi32

RegCloseKey
RegQueryValueExW
RegOpenKeyExW

ole32

CoCreateGuid
CoTaskMemFree
CoCreateInstance

Exports

Exports

WebKitGetAPI
cairo_append_path
cairo_arc
cairo_arc_negative
cairo_clip
cairo_clip_extents
cairo_clip_preserve
cairo_close_path
cairo_copy_clip_rectangle_list
cairo_copy_page
cairo_copy_path
cairo_copy_path_flat
cairo_create
cairo_curve_to
cairo_debug_reset_static_data
cairo_destroy
cairo_device_acquire
cairo_device_destroy
cairo_device_finish
cairo_device_flush
cairo_device_get_reference_count
cairo_device_get_type
cairo_device_get_user_data
cairo_device_reference
cairo_device_release
cairo_device_set_user_data
cairo_device_status
cairo_device_to_user
cairo_device_to_user_distance
cairo_fill
cairo_fill_extents
cairo_fill_preserve
cairo_font_extents
cairo_font_face_destroy
cairo_font_face_get_reference_count
cairo_font_face_get_type
cairo_font_face_get_user_data
cairo_font_face_reference
cairo_font_face_set_user_data
cairo_font_face_status
cairo_font_options_copy
cairo_font_options_create
cairo_font_options_destroy
cairo_font_options_equal
cairo_font_options_get_antialias
cairo_font_options_get_hint_metrics
cairo_font_options_get_hint_style
cairo_font_options_get_subpixel_order
cairo_font_options_hash
cairo_font_options_merge
cairo_font_options_set_antialias
cairo_font_options_set_hint_metrics
cairo_font_options_set_hint_style
cairo_font_options_set_subpixel_order
cairo_font_options_status
cairo_format_stride_for_width
cairo_get_antialias
cairo_get_current_point
cairo_get_dash
cairo_get_dash_count
cairo_get_fill_rule
cairo_get_font_face
cairo_get_font_matrix
cairo_get_font_options
cairo_get_group_target
cairo_get_line_cap
cairo_get_line_join
cairo_get_line_width
cairo_get_matrix
cairo_get_miter_limit
cairo_get_operator
cairo_get_reference_count
cairo_get_scaled_font
cairo_get_source
cairo_get_target
cairo_get_tolerance
cairo_get_user_data
cairo_glyph_allocate
cairo_glyph_extents
cairo_glyph_free
cairo_glyph_path
cairo_has_current_point
cairo_identity_matrix
cairo_image_surface_create
cairo_image_surface_create_for_data
cairo_image_surface_create_from_png
cairo_image_surface_create_from_png_stream
cairo_image_surface_get_data
cairo_image_surface_get_format
cairo_image_surface_get_height
cairo_image_surface_get_stride
cairo_image_surface_get_width
cairo_in_clip
cairo_in_fill
cairo_in_stroke
cairo_line_to
cairo_mask
cairo_mask_surface
cairo_matrix_init
cairo_matrix_init_identity
cairo_matrix_init_rotate
cairo_matrix_init_scale
cairo_matrix_init_translate
cairo_matrix_invert
cairo_matrix_multiply
cairo_matrix_rotate
cairo_matrix_scale
cairo_matrix_transform_distance
cairo_matrix_transform_point
cairo_matrix_translate
cairo_move_to
cairo_new_path
cairo_new_sub_path
cairo_paint
cairo_paint_with_alpha
cairo_path_destroy
cairo_path_extents
cairo_pattern_add_color_stop_rgb
cairo_pattern_add_color_stop_rgba
cairo_pattern_create_for_surface
cairo_pattern_create_linear
cairo_pattern_create_radial
cairo_pattern_create_rgb
cairo_pattern_create_rgba
cairo_pattern_destroy
cairo_pattern_get_color_stop_count
cairo_pattern_get_color_stop_rgba
cairo_pattern_get_extend
cairo_pattern_get_filter
cairo_pattern_get_linear_points
cairo_pattern_get_matrix
cairo_pattern_get_radial_circles
cairo_pattern_get_reference_count
cairo_pattern_get_rgba
cairo_pattern_get_surface
cairo_pattern_get_type
cairo_pattern_get_user_data
cairo_pattern_reference
cairo_pattern_set_extend
cairo_pattern_set_filter
cairo_pattern_set_matrix
cairo_pattern_set_user_data
cairo_pattern_status
cairo_pop_group
cairo_pop_group_to_source
cairo_push_group
cairo_push_group_with_content
cairo_recording_surface_create
cairo_recording_surface_ink_extents
cairo_rectangle
cairo_rectangle_list_destroy
cairo_reference
cairo_region_contains_point
cairo_region_contains_rectangle
cairo_region_copy
cairo_region_create
cairo_region_create_rectangle
cairo_region_create_rectangles
cairo_region_destroy
cairo_region_equal
cairo_region_get_extents
cairo_region_get_rectangle
cairo_region_intersect
cairo_region_intersect_rectangle
cairo_region_is_empty
cairo_region_num_rectangles
cairo_region_reference
cairo_region_status
cairo_region_subtract
cairo_region_subtract_rectangle
cairo_region_translate
cairo_region_union
cairo_region_union_rectangle
cairo_region_xor
cairo_region_xor_rectangle
cairo_rel_curve_to
cairo_rel_line_to
cairo_rel_move_to
cairo_reset_clip
cairo_restore
cairo_rotate
cairo_save
cairo_scale
cairo_scaled_font_create
cairo_scaled_font_destroy
cairo_scaled_font_extents
cairo_scaled_font_get_ctm
cairo_scaled_font_get_font_face
cairo_scaled_font_get_font_matrix
cairo_scaled_font_get_font_options
cairo_scaled_font_get_reference_count
cairo_scaled_font_get_scale_matrix
cairo_scaled_font_get_type
cairo_scaled_font_get_user_data
cairo_scaled_font_glyph_extents
cairo_scaled_font_reference
cairo_scaled_font_set_user_data
cairo_scaled_font_status
cairo_scaled_font_text_extents
cairo_scaled_font_text_to_glyphs
cairo_select_font_face
cairo_set_antialias
cairo_set_dash
cairo_set_fill_rule
cairo_set_font_face
cairo_set_font_matrix
cairo_set_font_options
cairo_set_font_size
cairo_set_line_cap
cairo_set_line_join
cairo_set_line_width
cairo_set_matrix
cairo_set_miter_limit
cairo_set_operator
cairo_set_scaled_font
cairo_set_source
cairo_set_source_rgb
cairo_set_source_rgba
cairo_set_source_surface
cairo_set_tolerance
cairo_set_user_data
cairo_show_glyphs
cairo_show_page
cairo_show_text
cairo_show_text_glyphs
cairo_status
cairo_status_to_string
cairo_stroke
cairo_stroke_extents
cairo_stroke_preserve
cairo_surface_copy_page
cairo_surface_create_similar
cairo_surface_destroy
cairo_surface_finish
cairo_surface_flush
cairo_surface_get_content
cairo_surface_get_device
cairo_surface_get_device_offset
cairo_surface_get_fallback_resolution
cairo_surface_get_font_options
cairo_surface_get_mime_data
cairo_surface_get_reference_count
cairo_surface_get_type
cairo_surface_get_user_data
cairo_surface_has_show_text_glyphs
cairo_surface_mark_dirty
cairo_surface_mark_dirty_rectangle
cairo_surface_reference
cairo_surface_set_device_offset
cairo_surface_set_fallback_resolution
cairo_surface_set_mime_data
cairo_surface_set_user_data
cairo_surface_show_page
cairo_surface_status
cairo_surface_write_to_png
cairo_surface_write_to_png_stream
cairo_text_cluster_allocate
cairo_text_cluster_free
cairo_text_extents
cairo_text_path
cairo_toy_font_face_create
cairo_toy_font_face_get_family
cairo_toy_font_face_get_slant
cairo_toy_font_face_get_weight
cairo_transform
cairo_translate
cairo_user_font_face_create
cairo_user_font_face_get_init_func
cairo_user_font_face_get_render_glyph_func
cairo_user_font_face_get_text_to_glyphs_func
cairo_user_font_face_get_unicode_to_glyph_func
cairo_user_font_face_set_init_func
cairo_user_font_face_set_render_glyph_func
cairo_user_font_face_set_text_to_glyphs_func
cairo_user_font_face_set_unicode_to_glyph_func
cairo_user_to_device
cairo_user_to_device_distance
cairo_win32_font_face_create_for_hfont
cairo_win32_font_face_create_for_logfontw
cairo_win32_font_face_create_for_logfontw_hfont
cairo_win32_printing_surface_create
cairo_win32_scaled_font_done_font
cairo_win32_scaled_font_get_device_to_logical
cairo_win32_scaled_font_get_logical_to_device
cairo_win32_scaled_font_get_metrics_factor
cairo_win32_scaled_font_select_font
cairo_win32_surface_create
cairo_win32_surface_create_with_ddb
cairo_win32_surface_create_with_dib
cairo_win32_surface_get_dc
cairo_win32_surface_get_image

Sections

.text
Size: 3.5MB - Virtual size: 3.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 850KB - Virtual size: 850KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 29KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.unwante
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 226KB - Virtual size: 226KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Balsamiq_Mockups_3/Adobe AIR/Versions/1.0/Resources/WebKit/LGPL License.txt
Balsamiq_Mockups_3/Adobe AIR/Versions/1.0/Resources/WebKit/Notice WebKit.txt
Balsamiq_Mockups_3/Balsamiq Mockups 3.exe
.exe windows x86

9b8cde1048803eb9f29e20b92535d1cc

Code Sign

07
Certificate

Issuer

CN=Go Daddy Root Certificate Authority - G2,O=GoDaddy.com\, Inc.,L=Scottsdale,ST=Arizona,C=US

Not Before

03/05/2011, 07:00

Not After

03/05/2031, 07:00

Subject

CN=Go Daddy Secure Certificate Authority - G2,OU=http://certs.godaddy.com/repository/,O=GoDaddy.com\, Inc.,L=Scottsdale,ST=Arizona,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

04:5a:cc:20:53:72:e0
Certificate

Issuer

CN=Go Daddy Secure Certificate Authority - G2,OU=http://certs.godaddy.com/repository/,O=GoDaddy.com\, Inc.,L=Scottsdale,ST=Arizona,C=US

Not Before

10/12/2014, 09:40

Not After

28/01/2016, 14:27

Subject

CN=Balsamiq SRL,O=Balsamiq SRL,L=Bologna,C=IT

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

6c:2e:36:ad:af:9e:e4:14
Certificate

Issuer

CN=Starfield Services Root Certificate Authority,OU=http://certificates.starfieldtech.com/repository/,O=Starfield Technologies\, Inc.,L=Scottsdale,ST=Arizona,C=US

Not Before

16/03/2015, 07:00

Not After

16/03/2020, 07:00

Subject

CN=Starfield Services Timestamp Authority - G1,O=Starfield Technologies\, Inc.,L=Scottsdale,ST=Arizona,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

c2:70:7f:12:25:15:f9:f9:bd:e3:d4:bb:ad:0a:dc:33:7a:34:56:38
Signer

Actual PE Digest

c2:70:7f:12:25:15:f9:f9:bd:e3:d4:bb:ad:0a:dc:33:7a:34:56:38

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

true

Verification

Signing Certificate

CN=Balsamiq SRL,O=Balsamiq SRL,L=Bologna,C=IT

28/04/2015, 15:00
Valid: true

Chain 1

CN=Balsamiq SRL,O=Balsamiq SRL,L=Bologna,C=IT

CN=Go Daddy Secure Certificate Authority - G2,OU=http://certs.godaddy.com/repository/,O=GoDaddy.com\, Inc.,L=Scottsdale,ST=Arizona,C=US

CN=Go Daddy Root Certificate Authority - G2,O=GoDaddy.com\, Inc.,L=Scottsdale,ST=Arizona,C=US

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetStdHandle
ExitProcess
CreateFileW
GetModuleHandleW
WriteConsoleW
GetStdHandle
GetConsoleOutputCP
WriteConsoleA
FlushFileBuffers
GetConsoleMode
GetConsoleCP
GetUserDefaultUILanguage
GetCommandLineW
HeapAlloc
GetProcessHeap
GetFullPathNameW
HeapFree
GetCommandLineA
GetStartupInfoA
SetUnhandledExceptionFilter
Sleep
WriteFile
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
HeapCreate
GetFileAttributesW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
IsDebuggerPresent
LoadLibraryA
InitializeCriticalSectionAndSpinCount
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
VirtualAlloc
HeapReAlloc
RtlUnwind
HeapSize
GetLocaleInfoA
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
CloseHandle
InitializeCriticalSection
SetFilePointer
LoadLibraryW
GetProcAddress
VirtualFree
GetModuleFileNameW
CreateFileA

shell32

CommandLineToArgvW

user32

MessageBoxExW

shlwapi

PathAppendW
PathRemoveFileSpecW
StrCmpW

msi

ord90

Sections

.text
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 163KB - Virtual size: 162KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Balsamiq_Mockups_3/META-INF/AIR/application.xml
.xml
Balsamiq_Mockups_3/META-INF/AIR/hash
Balsamiq_Mockups_3/META-INF/signatures.xml
Balsamiq_Mockups_3/balsamiq_mockups_3.1.1.swf
Balsamiq_Mockups_3/framework_4.6.0.23201.swf
Balsamiq_Mockups_3/icons/mockups_doc_ico_128.png
.png
Balsamiq_Mockups_3/icons/mockups_doc_ico_16.png
.png
Balsamiq_Mockups_3/icons/mockups_doc_ico_29.png
.png
Balsamiq_Mockups_3/icons/mockups_doc_ico_32.png
.png
Balsamiq_Mockups_3/icons/mockups_doc_ico_36.png
.png
Balsamiq_Mockups_3/icons/mockups_doc_ico_48.png
.png
Balsamiq_Mockups_3/icons/mockups_doc_ico_512.png
.png
Balsamiq_Mockups_3/icons/mockups_ico_128.png
.png
Balsamiq_Mockups_3/icons/mockups_ico_16.png
.png
Balsamiq_Mockups_3/icons/mockups_ico_29.png
.png
Balsamiq_Mockups_3/icons/mockups_ico_32.png
.png
Balsamiq_Mockups_3/icons/mockups_ico_36.png
.png
Balsamiq_Mockups_3/icons/mockups_ico_48.png
.png
Balsamiq_Mockups_3/icons/mockups_ico_512.png
.png
Balsamiq_Mockups_3/mimetype
Balsamiq_Mockups_3/skins/sketch.swf
Balsamiq_Mockups_3/skins/wireframe.swf
Balsamiq_Mockups_3/textLayout_2.0.0.232.swf
Balsamiq/Balsamiq_Mockups_3/Adobe AIR/Versions/1.0/Adobe AIR.dll
.dll windows x86

55825614bb3a835423a551c99e15b794

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

4d:4a:a1:fd:f2:6f:9f:33:53:d6:26:14:ed:a6:62:37
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

24/09/2012, 00:00

Not After

01/10/2015, 23:59

Subject

CN=Adobe Systems Incorporated,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Universal Client,O=Adobe Systems Incorporated,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7e:3f:0b:f8:35:b5:c1:de:eb:df:0e:48:54:e4:ea:ab:fa:5b:6b:4b
Signer

Actual PE Digest

7e:3f:0b:f8:35:b5:c1:de:eb:df:0e:48:54:e4:ea:ab:fa:5b:6b:4b

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Adobe Systems Incorporated,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Universal Client,O=Adobe Systems Incorporated,ST=California,C=US

23/11/2013, 02:01
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEnvironmentVariableA
CompareStringW
CompareStringA
GetTimeZoneInformation
HeapSize
LCMapStringW
LCMapStringA
GetStringTypeW
MultiByteToWideChar
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
RaiseException
InitializeCriticalSectionAndSpinCount
FreeLibrary
HeapReAlloc
VirtualAlloc
GetLocaleInfoA
GetLocaleInfoW
IsValidCodePage
IsDBCSLeadByte
GlobalUnlock
GlobalLock
SystemTimeToFileTime
GetLocalTime
GlobalAlloc
GlobalSize
GetDriveTypeW
GetVolumeInformationW
GetLogicalDriveStringsW
CloseHandle
CreateEventW
TerminateThread
SetEvent
ResetEvent
WaitForSingleObject
WaitForMultipleObjects
CreateWaitableTimerW
ExitThread
SetThreadPriority
CreateThread
GetSystemTime
GetSystemDirectoryA
GetVersionExW
QueryPerformanceFrequency
QueueUserAPC
OpenThread
SetCurrentDirectoryW
GetCurrentDirectoryW
GetSystemDirectoryW
SleepEx
GetProcessTimes
LoadLibraryW
ExpandEnvironmentStringsW
MoveFileExW
DeleteFileW
GetFileAttributesW
VirtualQuery
GetUserDefaultLangID
GetUserDefaultUILanguage
GlobalFree
SetFilePointer
CreateFileW
ReadFile
GetFileSize
CreateFileA
VerifyVersionInfoW
VerSetConditionMask
CreateProcessA
LockResource
LoadResource
FindResourceExA
FindResourceExW
GetModuleFileNameW
GetTempPathW
FindClose
FindNextFileW
FindFirstFileW
GetFileAttributesA
CreateDirectoryA
DeleteFileA
GetTempPathA
CreateMutexA
GetFileAttributesExW
GetFileInformationByHandle
GetLongPathNameW
GetTempFileNameW
GetFullPathNameW
ExpandEnvironmentStringsA
CreateProcessW
DeviceIoControl
OutputDebugStringA
GetTempFileNameA
GetVersionExA
CreateDirectoryW
RemoveDirectoryW
SetFilePointerEx
GetFileSizeEx
SetEndOfFile
FlushInstructionCache
CompareFileTime
LocalFree
ReleaseSemaphore
CreateSemaphoreW
SetNamedPipeHandleState
EndUpdateResourceW
BeginUpdateResourceW
UpdateResourceW
lstrlenA
GetExitCodeThread
DuplicateHandle
lstrlenW
OpenProcess
GetExitCodeProcess
GetOverlappedResult
ConnectNamedPipe
CreateNamedPipeA
GetModuleHandleA
GetCommandLineW
UnmapViewOfFile
ReleaseMutex
MapViewOfFile
CreateFileMappingA
GetComputerNameExW
CreateNamedPipeW
CancelIo
GetProcessHeap
GenerateConsoleCtrlEvent
FormatMessageW
SetHandleInformation
lstrcmpiW
SizeofResource
FindResourceW
LoadLibraryExW
SetThreadAffinityMask
VirtualProtect
FormatMessageA
CreateEventA
FlushFileBuffers
AreFileApisANSI
UnlockFile
LockFile
LockFileEx
UnlockFileEx
GetFullPathNameA
GetDiskFreeSpaceA
GetDiskFreeSpaceW
CreateFileMappingW
CreateWaitableTimerA
SetWaitableTimer
CancelWaitableTimer
InterlockedExchangeAdd
GetVersion
FileTimeToSystemTime
GetNumberFormatW
GetCurrencyFormatW
GetDateFormatW
GetTimeFormatW
EnumSystemLocalesW
GetProcessAffinityMask
GetNativeSystemInfo
LocalAlloc
lstrcpynW
GlobalMemoryStatus
FlushConsoleInputBuffer
SetStdHandle
FileTimeToLocalFileTime
GetDriveTypeA
FindFirstFileA
ReadConsoleInputA
SetConsoleMode
GetConsoleMode
GetConsoleCP
GetCurrentDirectoryA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
IsProcessorFeaturePresent
GetOEMCP
GetACP
GetCPInfo
LoadLibraryA
SetConsoleCtrlHandler
HeapAlloc
IsDebuggerPresent
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
VirtualFree
HeapDestroy
HeapCreate
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
ExitProcess
HeapFree
GetCurrentThread
GetLastError
SetLastError
TlsFree
TlsAlloc
GetProcAddress
GetModuleHandleW
GetModuleFileNameA
GetStdHandle
WriteFile
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlUnwind
GetCommandLineA
GetSystemInfo
SwitchToThread
TlsGetValue
TlsSetValue
GetCurrentThreadId
LeaveCriticalSection
EnterCriticalSection
TryEnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
InterlockedDecrement
InterlockedIncrement
InterlockedExchange
InterlockedCompareExchange
Sleep

ole32

RegisterDragDrop
OleGetClipboard
PropVariantClear
OleInitialize
OleUninitialize
OleSetClipboard
RevokeDragDrop
OleIsCurrentClipboard
OleFlushClipboard
ReleaseStgMedium
DoDragDrop
CoCreateInstance
CoInitialize
CoUninitialize
CoTaskMemFree
CreateStreamOnHGlobal
CoSetProxyBlanket
CoMarshalInterThreadInterfaceInStream
CoInitializeEx
CoGetInterfaceAndReleaseStream
CoTaskMemAlloc
CoTaskMemRealloc
MkParseDisplayName
CreateBindCtx
CoFreeUnusedLibraries

oleaut32

LoadRegTypeLi
SysStringLen
SysAllocStringLen
VariantInit
VariantClear
SysStringByteLen
SysAllocStringByteLen
SysAllocString
LoadTypeLi
VarUI4FromStr
SysFreeString

ws2_32

htonl
inet_ntoa
gethostbyname
accept
listen
gethostname
WSAEnumNetworkEvents
WSAEventSelect
WSACreateEvent
WSACloseEvent
recv
setsockopt
sendto
send
recvfrom
connect
bind
getpeername
getsockname
WSAAddressToStringA
ioctlsocket
select
WSAStartup
WSASocketW
socket
ntohl
WSAIoctl
WSAAsyncSelect
WSAGetLastError
inet_addr
closesocket
WSACleanup
getservbyname
htons
gethostbyaddr
getservbyport
ntohs
WSASetLastError

version

VerQueryValueW
VerQueryValueA
GetFileVersionInfoSizeW
GetFileVersionInfoW
GetFileVersionInfoSizeA
GetFileVersionInfoA

crypt32

CertVerifySubjectCertificateContext
CryptProtectData
CryptUnprotectData
CryptFindLocalizedName
CertGetEnhancedKeyUsage
CertAddEncodedCertificateToStore
CertDuplicateCertificateContext
CryptImportPublicKeyInfo
CertGetCertificateChain
CertFreeCertificateChain
CertCompareCertificateName
CertAddCertificateContextToStore
CertNameToStrW
CryptDecodeObjectEx
CertFindRDNAttr
CertRDNValueToStrW
CryptFindOIDInfo
CertEnumCertificatesInStore
CertCompareCertificate
CertVerifyTimeValidity
CertVerifyRevocation
CertOpenStore
CertAddStoreToCollection
CryptVerifyMessageSignature
CryptGetMessageCertificates
CertCreateCertificateContext
CertFindCertificateInStore
CertFreeCertificateContext
CertCloseStore

winmm

waveOutUnprepareHeader
mixerSetControlDetails
waveInGetPosition
waveOutPause
waveOutRestart
mixerGetControlDetailsA
mixerOpen
mixerGetDevCapsA
mixerGetLineInfoA
mixerGetLineControlsA
mixerClose
waveInMessage
waveOutMessage
waveOutGetDevCapsA
waveInGetDevCapsA
mixerGetID
waveInOpen
waveInPrepareHeader
waveInAddBuffer
waveInStart
waveInStop
waveInReset
waveInUnprepareHeader
waveInClose
waveInGetNumDevs
waveOutGetNumDevs
waveInGetDevCapsW
waveOutGetDevCapsW
waveOutGetPosition
waveOutOpen
waveOutClose
waveOutReset
timeEndPeriod
waveOutPrepareHeader
waveOutWrite
timeSetEvent
timeKillEvent
timeGetDevCaps
timeBeginPeriod
timeGetTime

oleacc

AccessibleObjectFromWindow

user32

DrawMenuBar
EnumWindows
DeleteMenu
EnumDisplayMonitors
PostQuitMessage
GetMessageW
ShowCaret
CreateCaret
DestroyCaret
SetCaretPos
InsertMenuItemW
CreateMenu
GetMenuItemInfoW
SetMenuItemInfoW
RemoveMenu
EnumDisplayDevicesA
UpdateLayeredWindow
GetKeyboardLayout
ActivateKeyboardLayout
OffsetRect
GetLastInputInfo
GetAsyncKeyState
UnregisterClassA
DdeUninitialize
DdeFreeStringHandle
DdeDisconnect
DdeClientTransaction
DdeConnect
DdeCreateStringHandleA
DdeInitializeW
SetMenuInfo
GetMenuInfo
DestroyMenu
TrackPopupMenu
CreatePopupMenu
CharLowerW
CharUpperW
MapVirtualKeyW
CharNextW
EnumDisplayDevicesW
PostMessageA
RegisterWindowMessageA
MonitorFromRect
GetMonitorInfoA
GetUserObjectInformationW
GetProcessWindowStation
wsprintfW
GetWindowTextW
GetClassLongW
BeginPaint
EndPaint
EnumDisplaySettingsW
IsWindow
GetClassInfoExW
ShowWindowAsync
SetWindowRgn
GetWindow
IsWindowVisible
ShowWindow
SetWindowPlacement
GetWindowPlacement
GetMenuBarInfo
GetSystemMenu
SetMenu
FlashWindowEx
GetActiveWindow
MapWindowPoints
IsIconic
DefWindowProcW
ReleaseCapture
GetMessageTime
SetCapture
SetCursorPos
TrackMouseEvent
GetCapture
GetWindowThreadProcessId
AttachThreadInput
LoadStringW
LoadCursorW
GetQueueStatus
SetTimer
GetWindowInfo
CopyRect
InvalidateRect
KillTimer
GetForegroundWindow
WaitForInputIdle
CreateWindowExW
RemovePropW
SetForegroundWindow
CallWindowProcW
FindWindowExW
EnumChildWindows
GetFocus
GetAncestor
EnableWindow
GetWindowTextLengthW
GetDlgItemTextA
IsWindowEnabled
SetDlgItemTextA
SetRectEmpty
CreateIconIndirect
DialogBoxParamW
GetDlgItemTextW
SetDlgItemTextW
GetClientRect
MoveWindow
MessageBoxA
SendMessageTimeoutW
FillRect
ClientToScreen
MonitorFromWindow
GetMonitorInfoW
DialogBoxIndirectParamW
EndDialog
GetParent
GetWindowRect
GetDesktopWindow
SetWindowPos
LoadIconW
GetDlgItem
SetWindowTextW
SetFocus
PostMessageW
DestroyWindow
SetCursor
GetCursor
DestroyIcon
GetPropW
SetPropW
RegisterClassExW
IsZoomed
UpdateWindow
GetDoubleClickTime
RegisterClipboardFormatA
RegisterClipboardFormatW
GetClipboardFormatNameA
ReleaseDC
GetDC
ScreenToClient
GetKeyState
GetCursorPos
DispatchMessageW
TranslateMessage
MsgWaitForMultipleObjects
PeekMessageW
CloseClipboard
GetClipboardData
OpenClipboard
IsClipboardFormatAvailable
SetClipboardData
EmptyClipboard
InflateRect
SendInput
MessageBoxW
PostThreadMessageW
SendMessageW
SystemParametersInfoW
SetWindowLongW
PtInRect
SetRect
GetSystemMetrics
GetWindowLongW

gdi32

ExtTextOutW
SetBkColor
SetStretchBltMode
GetStretchBltMode
PolyBezierTo
LineTo
MoveToEx
GetTextAlign
EndPath
BeginPath
EndPage
StartPage
CreateCompatibleBitmap
GetDIBits
CreateBitmap
StretchBlt
CreateFontIndirectW
CreateDCW
CreateDCA
GetICMProfileA
SaveDC
SetPolyFillMode
GetObjectW
BitBlt
CreateDIBSection
ResetDCW
CreateICW
EndDoc
RestoreDC
SelectClipPath
GdiFlush
CreateSolidBrush
StrokePath
GetClipBox
CreateRectRgnIndirect
SelectPalette
RealizePalette
SetPixel
CreateCompatibleDC
SelectObject
SetDIBitsToDevice
ExtCreatePen
DeleteDC
FillPath
AbortDoc
LPtoDP
StartDocW
StretchDIBits
GetSystemPaletteEntries
CreatePalette
GetFontData
EnumFontFamiliesExW
SetGraphicsMode
SetWorldTransform
GetBkColor
SelectClipRgn
GetTextColor
DeleteObject
GetBkMode
SetBkMode
GdiAlphaBlend
GetTextExtentPoint32A
ExtTextOutA
GetTextExtentPoint32W
GetTextMetricsW
EnumFontFamiliesW
EnumFontFamiliesA
SetTextColor
CreateFontIndirectA
IntersectClipRect
GetClipRgn
CreateRectRgn
SetTextAlign
GetTextCharacterExtra
GetCurrentObject
GetDeviceCaps
DPtoLP
CreatePen
SetTextCharacterExtra
GetStockObject
GetWorldTransform

msimg32

AlphaBlend

advapi32

InitializeSecurityDescriptor
InitializeAcl
SetSecurityInfo
SetSecurityDescriptorControl
MakeSelfRelativeSD
SetEntriesInAclW
RegEnumKeyExW
CryptGenRandom
OpenProcessToken
GetTokenInformation
RegQueryInfoKeyW
RegisterEventSourceA
ReportEventA
DeregisterEventSource
GetSidSubAuthorityCount
GetSidSubAuthority
IsValidSid
CryptExportKey
CryptEncrypt
CryptImportKey
CryptGenKey
CryptDestroyKey
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
RegOpenKeyA
RegSetValueExW
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
CryptReleaseContext
CryptDestroyHash
CryptCreateHash
CryptAcquireContextW
CryptGetHashParam
CryptHashData
SetSecurityDescriptorDacl

comdlg32

CommDlgExtendedError
PrintDlgW
PageSetupDlgW
GetOpenFileNameW
GetSaveFileNameW

shell32

SHCreateDirectoryExW
SHGetSpecialFolderPathW
CommandLineToArgvW
ShellExecuteExW
SHGetFileInfoW
SHGetSpecialFolderLocation
SHChangeNotify
Shell_NotifyIconW
SHGetDiskFreeSpaceExW
SHFileOperationW
SHGetFolderPathW
SHGetSettings
SHGetFolderPathA
SHBrowseForFolderW
SHAppBarMessage
SHGetFolderLocation
SHGetPathFromIDListW
ord2
ord4

shlwapi

PathAppendA
PathAppendW
PathRemoveFileSpecW
StrDupW
StrCmpW
ord219
AssocQueryStringW
PathFileExistsW

wininet

InternetErrorDlg
InternetSetCookieW
InternetGetCookieW

msi

ord72
ord96
ord37
ord17
ord125
ord121
ord32
ord159
ord20
ord205
ord151
ord153
ord141
ord88
ord16
ord137
ord70
ord90
ord173
ord92
ord8
ord84
ord113
ord78

urlmon

CoInternetParseUrl
CoInternetCompareUrl
CopyStgMedium

comctl32

ImageList_GetIconSize
ImageList_Draw

mscms

TranslateBitmapBits
CloseColorProfile
CreateColorTransformW
OpenColorProfileW
DeleteColorTransform

secur32

LsaFreeReturnBuffer
LsaGetLogonSessionData

dsound

ord8
ord1

iphlpapi

GetAdaptersAddresses

dnsapi

DnsQuery_UTF8
DnsRecordListFree

dinput8

DirectInput8Create

winspool.drv

EnumPrintersW
OpenPrinterW
GetPrinterW
ClosePrinter

Exports

Exports

ADLWMain
AdobeCPGetAPI
AppEntryWinMain
AppInstallWinMain
CaptiveAppEntryWinMain
ExtendedAppEntryWinMain
FREAcquireBitmapData
FREAcquireBitmapData2
FREAcquireByteArray
FRECallObjectMethod
FREDispatchStatusEventAsync
FREGetArrayElementAt
FREGetArrayLength
FREGetContextActionScriptData
FREGetContextNativeData
FREGetObjectAsBool
FREGetObjectAsDouble
FREGetObjectAsInt32
FREGetObjectAsUTF8
FREGetObjectAsUint32
FREGetObjectProperty
FREGetObjectType
FREInvalidateBitmapDataRect
FRENewObject
FRENewObjectFromBool
FRENewObjectFromDouble
FRENewObjectFromInt32
FRENewObjectFromUTF8
FRENewObjectFromUint32
FREReleaseBitmapData
FREReleaseByteArray
FRESetArrayElementAt
FRESetArrayLength
FRESetContextActionScriptData
FRESetContextNativeData
FRESetObjectProperty
NAIPWMain
RuntimeInstallerWinMain

Sections

.text
Size: 12.3MB - Virtual size: 12.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rodata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6.2MB - Virtual size: 6.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 443KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 512B - Virtual size: 84B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 209KB - Virtual size: 208KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 827KB - Virtual size: 827KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Balsamiq/Balsamiq_Mockups_3/Adobe AIR/Versions/1.0/Resources/Adobe AIR.vch
Balsamiq/Balsamiq_Mockups_3/Adobe AIR/Versions/1.0/Resources/AdobeCP15.dll
.dll windows x86

5654f6bff0dd174f50c057d3f5682311

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

4d:4a:a1:fd:f2:6f:9f:33:53:d6:26:14:ed:a6:62:37
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

24/09/2012, 00:00

Not After

01/10/2015, 23:59

Subject

CN=Adobe Systems Incorporated,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Universal Client,O=Adobe Systems Incorporated,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

e8:b0:ea:0a:41:61:02:e3:b2:62:68:45:b3:b3:9c:19:38:0c:5c:80
Signer

Actual PE Digest

e8:b0:ea:0a:41:61:02:e3:b2:62:68:45:b3:b3:9c:19:38:0c:5c:80

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Adobe Systems Incorporated,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Universal Client,O=Adobe Systems Incorporated,ST=California,C=US

23/11/2013, 02:01
Valid: false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetCurrentProcessId
GetConsoleCP
GetConsoleMode
FlushFileBuffers
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetLocaleInfoW
CreateFileA
SetHandleCount
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetTimeZoneInformation
CreateFileW
SetEndOfFile
CompareStringA
CompareStringW
SetEnvironmentVariableA
SetFilePointer
ReadFile
GetOEMCP
GetACP
HeapSize
GetModuleFileNameA
GetStdHandle
WriteFile
SetLastError
lstrlenA
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
HeapCreate
HeapDestroy
GetStringTypeW
GetStringTypeA
DeleteFileA
GetFileSize
GetFileTime
SetFileTime
CompareFileTime
GetSystemInfo
LocalFree
GlobalFree
FormatMessageA
ReleaseMutex
CreateMutexA
LCMapStringW
LCMapStringA
GetCPInfo
RaiseException
RtlUnwind
GetProcessHeap
GetVersionExA
GetCommandLineA
GetCurrentThreadId
ExitProcess
GetSystemTimeAsFileTime
HeapReAlloc
HeapAlloc
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
HeapFree
GetLastError
MultiByteToWideChar
InterlockedExchange
InterlockedCompareExchange
WideCharToMultiByte
VirtualFree
VirtualAlloc
InterlockedDecrement
InterlockedIncrement
LoadLibraryA
GetCurrentProcess
GetModuleHandleA
GetProcAddress
CreateThread
CloseHandle
DeleteCriticalSection
EnterCriticalSection
ExitThread
LeaveCriticalSection
CreateEventA
Sleep
InitializeCriticalSection
SetEvent
WaitForSingleObject
GetCurrentThread
GetTickCount
SetStdHandle

user32

GetCursorPos

advapi32

CryptAcquireContextW
CryptImportKey
CryptDecrypt
CryptGetUserKey
CryptDestroyKey
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyA
RegCloseKey
RegSetValueExA
CryptReleaseContext
CryptSetKeyParam
CryptGenRandom
CryptAcquireContextA
CryptSetProvParam
CryptGetProvParam

wininet

InternetCloseHandle
HttpOpenRequestA
InternetCrackUrlA
InternetCanonicalizeUrlA
InternetConnectA
InternetSetOptionA
InternetSetStatusCallback
InternetOpenA
InternetReadFile
HttpAddRequestHeadersA
HttpQueryInfoA
HttpSendRequestA
InternetQueryOptionA

ws2_32

getsockopt
shutdown
closesocket
select
inet_addr
gethostbyname
WSAGetLastError
WSAStartup
connect
ioctlsocket
htons
setsockopt
socket
recv
__WSAFDIsSet
send
accept

crypt32

CryptMsgOpenToDecode
CryptMsgGetParam
CryptDecodeObject
CertFindCertificateInStore
CertEnumCertificatesInStore
CryptMsgUpdate
CryptMsgOpenToEncode
CryptMsgClose
CertGetEnhancedKeyUsage
CertAddCertificateContextToStore
CertDuplicateCertificateContext
CryptImportPublicKeyInfo
CertFreeCertificateContext
CertFindExtension
CertSetCertificateContextProperty
CertGetCertificateContextProperty
CertGetNameStringW
CertGetNameStringA
CryptProtectData
CryptUnprotectData
CertCloseStore
CertDeleteCertificateFromStore
CertOpenStore
CryptFindLocalizedName
CryptAcquireCertificatePrivateKey
CertAddEncodedCertificateToStore

Exports

Exports

AdobeCPGetAPI
C_EDCAuthenticationManager_allowHttpConnection
C_EDCAuthenticationManager_deleteUserCredentials
C_EDCAuthenticationManager_getAuthenticatedPrincipal
C_EDCAuthenticationManager_getClientVersion
C_EDCAuthenticationManager_getSAMLToken
C_EDCAuthenticationManager_getServerVersion
C_EDCAuthenticationManager_getUserCredentials
C_EDCAuthenticationManager_isAllowHttpConnection
C_EDCAuthenticationManager_isLoggedIn
C_EDCAuthenticationManager_isUserCredentialsCachingEnabled
C_EDCAuthenticationManager_login
C_EDCAuthenticationManager_logout
C_EDCAuthenticationManager_setSAMLToken
C_EDCByteBuffer_delete
C_EDCByteBuffer_getBytes
C_EDCByteBuffer_getLength
C_EDCCertificateInfoList_delete
C_EDCClientCallbacks_new
C_EDCClient_terminate
C_EDCConsumer_DownloadVoucher
C_EDCConsumer_delete
C_EDCConsumer_getBackgroundSyncFrequency
C_EDCConsumer_getDocHistoryURL
C_EDCConsumer_getLicenseId
C_EDCConsumer_getRevocationURL
C_EDCConsumer_getSecureTime
C_EDCConsumer_getSynchronizationProgress
C_EDCConsumer_getURL
C_EDCConsumer_isAnonymous
C_EDCConsumer_isOffline
C_EDCConsumer_isSyncing
C_EDCConsumer_iterate
C_EDCConsumer_logCustomEvents
C_EDCConsumer_logEvents
C_EDCConsumer_new
C_EDCConsumer_newFromIterationResponse
C_EDCConsumer_newFromPublishAsResponse
C_EDCConsumer_publishAs
C_EDCConsumer_requestAccess
C_EDCConsumer_setBackgroundSyncFrequency
C_EDCConsumer_setOffline
C_EDCConsumer_startSynchronization
C_EDCDecryptor_decryptBytes
C_EDCDecryptor_delete
C_EDCDecryptor_getDecryptionKey
C_EDCDecryptor_setDecryptionKey
C_EDCDeleteString
C_EDCPermSet_delete
C_EDCRevocationData_delete
C_EDCVoucherPropList_delete
C_EDCVoucherStore_get
C_EDCVoucherStore_new
C_EDCVoucherStore_put
C_EDCVoucherStore_remove
C_EDCVoucherStore_removeFromDisk
C_EDCVoucher_canRevoke
C_EDCVoucher_canViewAuditHistory
C_EDCVoucher_delete
C_EDCVoucher_getAuthenticatedUserFriendlyName
C_EDCVoucher_getAuthenticatedUserId
C_EDCVoucher_getClockSkew
C_EDCVoucher_getDecryptor
C_EDCVoucher_getEncryptor
C_EDCVoucher_getExpirationDate
C_EDCVoucher_getExtendedVoucherProperties
C_EDCVoucher_getExternalAuthLeasePeriod
C_EDCVoucher_getFirstPlaybackDate
C_EDCVoucher_getLicenseId
C_EDCVoucher_getOfflineLeasePeriodExpirationDate
C_EDCVoucher_getOfflineLeasePeriodRemaining
C_EDCVoucher_getOfflineLeaseStartDate
C_EDCVoucher_getPermissions
C_EDCVoucher_getPlaybackWindowExpirationDate
C_EDCVoucher_getPolicy
C_EDCVoucher_getRevocationData
C_EDCVoucher_getStartDate
C_EDCVoucher_getWatermark
C_EDCVoucher_isAudited
C_EDCVoucher_isExternalAuthorizationSet
C_EDCVoucher_isRevoked
C_EDCWatermarkTemplate_delete
C_EDCvoucherStore_delete
C_PDRLPolicyPropertyList_delete
C_PDRLPolicy_addPolicyEntry
C_PDRLPolicy_clearPolicyEntries
C_PDRLPolicy_countPolicyEntries
C_PDRLPolicy_delete
C_PDRLPolicy_getCreationDate
C_PDRLPolicy_getEncryptionMethod
C_PDRLPolicy_getInstanceVersionNum
C_PDRLPolicy_getLastModifiedDate
C_PDRLPolicy_getOfflineLeasePeriod
C_PDRLPolicy_getPolicyDescription
C_PDRLPolicy_getPolicyEntry
C_PDRLPolicy_getPolicyId
C_PDRLPolicy_getPolicyName
C_PDRLPolicy_getPolicyType
C_PDRLPolicy_getProperty
C_PDRLPolicy_getSchemaVersion
C_PDRLPolicy_getValidityPeriod
C_PDRLPolicy_getWatermarkId
C_PDRLPolicy_isAudited
C_PDRLPolicy_isCertifiedMode
C_PDRLPolicy_isEncryptAttachments
C_PDRLPolicy_isPlaintextMetadata
C_PDRLPolicy_isWatermarked
C_PDRLPolicy_new
C_PDRLPolicy_policyFromXML
C_PDRLPolicy_removePolicyEntry
C_PDRLPolicy_setAudited
C_PDRLPolicy_setCertifiedMode
C_PDRLPolicy_setEncryptAttachments
C_PDRLPolicy_setEncryptionMethod
C_PDRLPolicy_setOfflineLeasePeriod
C_PDRLPolicy_setPlaintextMetadata
C_PDRLPolicy_setPolicyDescription
C_PDRLPolicy_setPolicyName
C_PDRLPolicy_setProperty
C_PDRLPolicy_setValidityPeriod
C_PDRLPolicy_setWatermarkId
C_PDRLPolicy_toXML

Sections

.text
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 468KB - Virtual size: 465KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 588KB - Virtual size: 597KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 4KB - Virtual size: 84B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 156KB - Virtual size: 154KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Balsamiq/Balsamiq_Mockups_3/Adobe AIR/Versions/1.0/Resources/CaptiveAppEntry.exe
.exe windows x86

9b8cde1048803eb9f29e20b92535d1cc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetStdHandle
ExitProcess
CreateFileW
GetModuleHandleW
WriteConsoleW
GetStdHandle
GetConsoleOutputCP
WriteConsoleA
FlushFileBuffers
GetConsoleMode
GetConsoleCP
GetUserDefaultUILanguage
GetCommandLineW
HeapAlloc
GetProcessHeap
GetFullPathNameW
HeapFree
GetCommandLineA
GetStartupInfoA
SetUnhandledExceptionFilter
Sleep
WriteFile
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
HeapCreate
GetFileAttributesW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
IsDebuggerPresent
LoadLibraryA
InitializeCriticalSectionAndSpinCount
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
VirtualAlloc
HeapReAlloc
RtlUnwind
HeapSize
GetLocaleInfoA
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
CloseHandle
InitializeCriticalSection
SetFilePointer
LoadLibraryW
GetProcAddress
VirtualFree
GetModuleFileNameW
CreateFileA

shell32

CommandLineToArgvW

user32

MessageBoxExW

shlwapi

PathAppendW
PathRemoveFileSpecW
StrCmpW

msi

ord90

Sections

.text
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 704B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Balsamiq/Balsamiq_Mockups_3/Adobe AIR/Versions/1.0/Resources/NPSWF32.dll
.dll regsvr32 windows x86

280560606043f999dad67348fe1e8f98

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

4d:4a:a1:fd:f2:6f:9f:33:53:d6:26:14:ed:a6:62:37
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

24/09/2012, 00:00

Not After

01/10/2015, 23:59

Subject

CN=Adobe Systems Incorporated,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Universal Client,O=Adobe Systems Incorporated,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

60:27:4b:94:2d:2c:32:12:0b:d3:fb:21:76:04:c0:2a:f4:61:89:7b
Signer

Actual PE Digest

60:27:4b:94:2d:2c:32:12:0b:d3:fb:21:76:04:c0:2a:f4:61:89:7b

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Adobe Systems Incorporated,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Universal Client,O=Adobe Systems Incorporated,ST=California,C=US

23/11/2013, 02:01
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueW
GetFileVersionInfoSizeA
GetFileVersionInfoA
GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueA

winmm

mixerGetLineControlsA
mixerClose
waveInMessage
waveOutMessage
waveOutGetDevCapsA
waveInGetDevCapsA
mixerGetID
mixerGetLineInfoA
mixerGetDevCapsA
mixerOpen
mixerGetControlDetailsA
waveOutGetDevCapsW
waveInGetDevCapsW
waveOutGetNumDevs
waveInGetNumDevs
waveInStart
waveOutRestart
waveInStop
waveInClose
waveInUnprepareHeader
waveInReset
waveInPrepareHeader
waveInOpen
timeSetEvent
timeKillEvent
timeEndPeriod
timeBeginPeriod
timeGetDevCaps
waveOutWrite
waveOutPrepareHeader
waveOutUnprepareHeader
waveOutReset
waveOutClose
waveOutOpen
waveOutGetPosition
timeGetTime
waveOutPause
waveInGetPosition
mixerSetControlDetails
waveInAddBuffer
waveOutSetVolume

wininet

HttpSendRequestA
InternetReadFile
InternetCloseHandle
InternetSetOptionA
HttpOpenRequestA
InternetConnectA
InternetOpenA
HttpQueryInfoA

crypt32

CertEnumCertificatesInStore
CertAddCertificateContextToStore
CertCompareCertificateName
CryptFindOIDInfo
CertRDNValueToStrW
CertFindRDNAttr
CryptDecodeObjectEx
CertNameToStrW
CertVerifyTimeValidity
CertVerifyRevocation
CertOpenStore
CertAddStoreToCollection
CryptVerifyMessageSignature
CryptGetMessageCertificates
CertCreateCertificateContext
CertVerifySubjectCertificateContext
CertFindCertificateInStore
CertFreeCertificateContext
CertCloseStore
CertCompareCertificate

rpcrt4

RpcStringFreeA
UuidToStringA

oleaut32

VariantClear
UnRegisterTypeLi
RegisterTypeLi
LoadTypeLi
LoadRegTypeLi
SysAllocString
SysStringLen
SysFreeString
VariantInit

urlmon

CopyStgMedium

dsound

ord8
ord1

dinput8

DirectInput8Create

kernel32

GlobalSize
GlobalAlloc
GetSystemInfo
GetUserDefaultUILanguage
MoveFileExW
VirtualQuery
GetUserDefaultLangID
GetVersionExA
SetFilePointer
VerifyVersionInfoW
VerSetConditionMask
CreateThread
ReadFile
GetFileSize
FindResourceExA
FindResourceExW
SetUnhandledExceptionFilter
GetTempPathW
GetTimeZoneInformation
ReleaseSemaphore
CreateSemaphoreW
GetTempFileNameW
GetSystemDirectoryW
ExpandEnvironmentStringsA
GetTempPathA
GetFileAttributesA
CreateMutexA
SetFilePointerEx
GetFileAttributesExW
GetFileInformationByHandle
GetVolumeInformationW
GetCurrentDirectoryW
SetCurrentDirectoryW
OutputDebugStringA
TlsSetValue
ReleaseMutex
CreateFileMappingA
GetExitCodeThread
DuplicateHandle
TerminateThread
CreateWaitableTimerW
SetThreadPriority
GetSystemDirectoryA
CompareFileTime
LocalFree
QueryPerformanceCounter
QueryPerformanceFrequency
QueueUserAPC
OpenThread
SleepEx
SwitchToThread
HeapReAlloc
GetCommandLineA
RtlUnwind
UnhandledExceptionFilter
IsProcessorFeaturePresent
GetProcessAffinityMask
HeapSize
HeapFree
GetProcessHeap
HeapAlloc
EnumSystemLocalesW
IsValidLocale
GetUserDefaultLCID
GetTimeFormatW
GetDateFormatW
CompareStringW
GetCurrencyFormatW
GetNumberFormatW
VirtualProtect
SetSystemTime
DebugBreak
CreateSemaphoreA
VirtualFree
VirtualAlloc
DeviceIoControl
GetVersion
CancelWaitableTimer
SetWaitableTimer
CreateWaitableTimerA
CreateEventA
FlushFileBuffers
SetEndOfFile
CreateIoCompletionPort
GetQueuedCompletionStatus
PostQueuedCompletionStatus
GetNativeSystemInfo
RegisterWaitForSingleObject
UnregisterWaitEx
GlobalMemoryStatusEx
IsDebuggerPresent
FileTimeToSystemTime
TlsAlloc
TlsFree
GetSystemTimeAsFileTime
GetStdHandle
ResumeThread
GetModuleHandleExA
OpenProcess
CreateToolhelp32Snapshot
Thread32First
GetThreadTimes
Thread32Next
InitializeCriticalSectionAndSpinCount
FormatMessageA
CreateProcessW
CreateFileMappingW
CreateMutexW
GetNamedPipeInfo
CreateNamedPipeW
CancelIo
ConnectNamedPipe
InterlockedExchangeAdd
ExitProcess
TerminateProcess
GetConsoleMode
LCMapStringA
SetConsoleCtrlHandler
SetHandleCount
GetFileType
GetStartupInfoA
GetOEMCP
IsValidCodePage
HeapCreate
HeapDestroy
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
EnumSystemLocalesA
CompareStringA
SetEnvironmentVariableA
LocalAlloc
lstrcpynW
GlobalMemoryStatus
FlushConsoleInputBuffer
lstrlenA
ReadConsoleInputA
SetConsoleMode
TlsGetValue
InitializeCriticalSection
GlobalLock
GlobalUnlock
UnmapViewOfFile
MapViewOfFile
GetProcessTimes
GlobalFree
GetEnvironmentVariableA
CreateDirectoryA
GetCurrentDirectoryA
GetTempFileNameA
CreateFileA
WriteFile
DeleteFileA
GetCurrentProcessId
GetModuleHandleA
CreateProcessA
WideCharToMultiByte
CreateDirectoryW
GetFileAttributesW
CreateFileW
GetFileSizeEx
GetSystemTime
SystemTimeToFileTime
FindFirstFileW
RemoveDirectoryW
DeleteFileW
FindNextFileW
FindClose
GetModuleFileNameA
FindResourceA
SizeofResource
LoadResource
LockResource
OpenFile
_lwrite
_lclose
FreeResource
GetModuleFileNameW
lstrlenW
SetLastError
GetCurrentProcess
FlushInstructionCache
RaiseException
LCMapStringW
GetTickCount
GetCurrentThreadId
GetLocaleInfoW
TryEnterCriticalSection
LoadLibraryW
GetVersionExW
LoadLibraryA
GetProcAddress
WaitForMultipleObjects
GetLastError
FreeLibrary
WaitForSingleObject
ResetEvent
CloseHandle
CreateEventW
SetEvent
GetModuleHandleW
InterlockedDecrement
InterlockedIncrement
GetCurrentThread
SetThreadAffinityMask
IsDBCSLeadByte
GetACP
GetCPInfo
MultiByteToWideChar
ExitThread
ExpandEnvironmentStringsW
InterlockedExchange
InterlockedCompareExchange
Sleep
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
GetConsoleCP

user32

GetProcessWindowStation
GetUserObjectInformationW
GetMonitorInfoA
MonitorFromRect
EnumDisplayMonitors
RegisterClassExA
SetWindowLongA
GetMessageA
DispatchMessageA
GetWindowLongA
DefWindowProcA
RegisterWindowMessageA
PostMessageA
UnregisterClassW
CallMsgFilterW
MsgWaitForMultipleObjectsEx
WaitMessage
MsgWaitForMultipleObjects
GetClassNameA
CallNextHookEx
GetUpdateRect
ValidateRect
SetWindowsHookExW
UnhookWindowsHookEx
SetActiveWindow
SetParent
UpdateWindow
GetAncestor
MapWindowPoints
GetWindowTextW
GetWindow
SetWindowPlacement
GetWindowPlacement
IsZoomed
GetSystemMenu
FlashWindowEx
GetActiveWindow
MoveWindow
SetCaretPos
CreateCaret
ShowCaret
DestroyCaret
EnumDisplayDevicesW
EmptyClipboard
SetClipboardData
wsprintfW
GetDesktopWindow
MonitorFromWindow
EnumDisplaySettingsW
IsClipboardFormatAvailable
OpenClipboard
GetClipboardData
CloseClipboard
RegisterClipboardFormatW
RemoveMenu
GetForegroundWindow
SetRect
EnumDisplayDevicesA
SetMenuItemInfoW
GetMenuItemInfoW
InsertMenuItemW
CreatePopupMenu
TrackPopupMenu
DestroyMenu
DrawMenuBar
CreateMenu
SetMenuInfo
MapVirtualKeyW
CharUpperW
CharLowerW
PostThreadMessageW
GetMessageW
TranslateMessage
OffsetRect
CreateWindowExW
ShowWindow
ShowWindowAsync
IsIconic
GetWindowTextLengthW
DestroyWindow
GetDoubleClickTime
DeleteMenu
RemovePropW
DispatchMessageW
WaitForInputIdle
MessageBoxA
DialogBoxParamW
SetWindowTextA
RedrawWindow
DialogBoxIndirectParamW
SetWindowTextW
SendMessageTimeoutW
CreateIconIndirect
GetMonitorInfoW
SetRectEmpty
GetCursor
DestroyIcon
LoadImageW
GetPropW
SetPropW
PtInRect
InflateRect
GetClipboardFormatNameA
RegisterClipboardFormatA
SetWindowPos
RegisterClassA
CreateWindowExA
SetCapture
ReleaseCapture
SetCursorPos
GetSubMenu
GetCapture
SystemParametersInfoW
ScreenToClient
GetMessageTime
GetCursorPos
WindowFromPoint
LoadIconW
RegisterClassW
PeekMessageW
GetQueueStatus
KillTimer
SetTimer
IsWindowVisible
PostMessageW
GetTopWindow
GetFocus
GetParent
GetWindowThreadProcessId
AttachThreadInput
GetDlgItem
IsWindow
EnableWindow
SendMessageW
InvalidateRect
GetKeyState
ReleaseDC
LoadStringW
MessageBoxW
SetCursor
EnableMenuItem
CheckMenuItem
FillRect
GetDC
BeginPaint
GetClientRect
EndPaint
GetSystemMetrics
EndDialog
UnregisterClassA
SetFocus
GetWindowInfo
CopyRect
RegisterClassExW
CallWindowProcW
PostQuitMessage
LoadCursorW
GetClassInfoExW
SetWindowLongW
DefWindowProcW
ClientToScreen
SendInput
ActivateKeyboardLayout
GetKeyboardLayout
GetWindowLongW
GetWindowRect
UpdateLayeredWindow

gdi32

EnumFontFamiliesExW
CreateDCW
GetFontData
FillPath
ExtCreatePen
StrokePath
EndDoc
StartDocW
CreatePalette
GetWorldTransform
SetGraphicsMode
SetWorldTransform
GetTextCharacterExtra
DPtoLP
EnumFontFamiliesA
GetCurrentObject
CreatePen
SetTextCharacterExtra
GetBkColor
SelectClipRgn
GetTextColor
GetBkMode
GetTextAlign
SetBkMode
SetTextAlign
CreateRectRgn
GetClipRgn
IntersectClipRect
CreateFontIndirectA
SetTextColor
GetTextMetricsW
GetTextExtentPoint32W
ExtTextOutA
GetTextExtentPoint32A
CreateFontIndirectW
CreateBitmap
SetPixel
CreateDCA
GetICMProfileA
SelectPalette
RealizePalette
RectVisible
LPtoDP
StretchDIBits
GetStockObject
Rectangle
GetDeviceCaps
GetSystemPaletteEntries
GetClipBox
CreateSolidBrush
EnumFontFamiliesW
GetStretchBltMode
CreateCompatibleBitmap
SetStretchBltMode
SetBkColor
ExtTextOutW
BitBlt
StretchBlt
GdiAlphaBlend
CreateDIBSection
GetObjectW
SelectObject
DeleteObject
GdiFlush
DeleteDC
CreateCompatibleDC
RestoreDC
SelectClipPath
PolyBezierTo
LineTo
MoveToEx
EndPath
BeginPath
SaveDC
SetPolyFillMode
EndPage
StartPage

comdlg32

GetSaveFileNameW
GetOpenFileNameW
CommDlgExtendedError
PrintDlgW

advapi32

CryptDecrypt
CryptSetKeyParam
CryptGetHashParam
CryptHashData
CryptDestroyHash
CryptAcquireContextA
CryptCreateHash
RegisterEventSourceA
ReportEventA
DeregisterEventSource
IsValidSid
CryptImportKey
CryptGenKey
CryptDestroyKey
CryptExportKey
CryptEncrypt
RegOpenKeyA
OpenProcessToken
GetTokenInformation
GetSidSubAuthorityCount
GetSidSubAuthority
RegCreateKeyExA
CryptAcquireContextW
CryptGenRandom
CryptReleaseContext
RegDeleteValueA
RegOpenKeyExW
RegCloseKey
RegQueryValueExA
RegSetValueExA
RegOpenKeyExA
RegCreateKeyA
RegQueryValueExW

shell32

SHGetFolderPathW
SHGetFolderPathA
SHGetPathFromIDListW
SHBrowseForFolderW
SHAppBarMessage
SHGetFolderLocation
SHGetSettings
ord165
ShellExecuteW
SHGetDiskFreeSpaceExW
SHGetSpecialFolderPathW
SHFileOperationW

ole32

OleGetClipboard
OleInitialize
CoUninitialize
CoSetProxyBlanket
CoInitializeEx
OleIsCurrentClipboard
OleFlushClipboard
OleSetClipboard
PropVariantClear
CoFreeUnusedLibraries
CoTaskMemFree
CoCreateInstance
CoTaskMemAlloc
OleUninitialize
ReleaseStgMedium
CreateBindCtx
MkParseDisplayName
CoInitialize

ws2_32

closesocket
WSACleanup
WSASocketW
ntohl
select
gethostname
connect
ioctlsocket
WSAEnumNetworkEvents
WSAAsyncSelect
WSACreateEvent
WSAAddressToStringA
bind
sendto
recvfrom
WSAStartup
setsockopt
recv
send
ntohs
WSAGetLastError
WSAIoctl
WSAEventSelect
socket
getsockname
htons
WSACloseEvent
gethostbyname
inet_ntoa
htonl
getservbyname
gethostbyaddr
getservbyport
WSASetLastError
inet_addr

shlwapi

UrlCanonicalizeW
AssocQueryStringW
PathRemoveFileSpecA

mscms

OpenColorProfileW
CreateColorTransformW
CloseColorProfile
TranslateBitmapBits
DeleteColorTransform

winspool.drv

GetPrinterW
ClosePrinter
OpenPrinterW

Exports

Exports

AdobeCPGetAPI
BrokerMainW
DllRegisterServer
DllUnregisterServer
FlashPlayer_11_9_900_169_FlashPlayer
Flash_DisableLocalSecurity
Flash_EnforceLocalSecurity
IAEModule_AEModule_PutKernel
IAEModule_IAEKernel_LoadModule
IAEModule_IAEKernel_UnloadModule
Java_ShockwaveFlash_CurrentFrame_stub
Java_ShockwaveFlash_FlashVersion_stub
Java_ShockwaveFlash_FrameLoaded_stub
Java_ShockwaveFlash_GetVariable_stub
Java_ShockwaveFlash_GotoFrame_stub
Java_ShockwaveFlash_IsPlaying_stub
Java_ShockwaveFlash_LoadMovie_stub
Java_ShockwaveFlash_Pan_stub
Java_ShockwaveFlash_PercentLoaded_stub
Java_ShockwaveFlash_Play_stub
Java_ShockwaveFlash_SetVariable_stub
Java_ShockwaveFlash_SetZoomRect_stub
Java_ShockwaveFlash_StopPlay_stub
Java_ShockwaveFlash_TCallFrame_stub
Java_ShockwaveFlash_TCallLabel_stub
Java_ShockwaveFlash_TCurrentFrame_stub
Java_ShockwaveFlash_TCurrentLabel_stub
Java_ShockwaveFlash_TGetProperty_stub
Java_ShockwaveFlash_TGotoFrame_stub
Java_ShockwaveFlash_TGotoLabel_stub
Java_ShockwaveFlash_TPlay_stub
Java_ShockwaveFlash_TSetProperty_stub
Java_ShockwaveFlash_TStopPlay_stub
Java_ShockwaveFlash_TotalFrames_stub
Java_ShockwaveFlash_Zoom_stub
NP_Acrobat_GetEntryPoints
NP_Acrobat_Initialize
NP_GetEntryPoints
NP_Initialize
NP_SetBrokerClient
NP_SetNPAPIHostProxy
NP_Shutdown
native_ShockwaveFlash_CurrentFrame
native_ShockwaveFlash_FlashVersion
native_ShockwaveFlash_FrameLoaded
native_ShockwaveFlash_GetVariable
native_ShockwaveFlash_GotoFrame
native_ShockwaveFlash_IsPlaying
native_ShockwaveFlash_LoadMovie
native_ShockwaveFlash_Pan
native_ShockwaveFlash_PercentLoaded
native_ShockwaveFlash_Play
native_ShockwaveFlash_SetVariable
native_ShockwaveFlash_SetZoomRect
native_ShockwaveFlash_StopPlay
native_ShockwaveFlash_TCallFrame
native_ShockwaveFlash_TCallLabel
native_ShockwaveFlash_TCurrentFrame
native_ShockwaveFlash_TCurrentLabel
native_ShockwaveFlash_TGetProperty
native_ShockwaveFlash_TGotoFrame
native_ShockwaveFlash_TGotoLabel
native_ShockwaveFlash_TPlay
native_ShockwaveFlash_TSetProperty
native_ShockwaveFlash_TStopPlay
native_ShockwaveFlash_TotalFrames
native_ShockwaveFlash_Zoom
register_ShockwaveFlash
unregister_ShockwaveFlash
unuse_ShockwaveFlash
unuse_netscape_plugin_Plugin
use_ShockwaveFlash
use_netscape_plugin_Plugin

Sections

.text
Size: 11.5MB - Virtual size: 11.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rodata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3.1MB - Virtual size: 3.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 254KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 580KB - Virtual size: 579KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Balsamiq/Balsamiq_Mockups_3/Adobe AIR/Versions/1.0/Resources/WebKit.dll
.dll windows x86

ace0d8b7f4672550c80161c56f9bfdf0

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

4d:4a:a1:fd:f2:6f:9f:33:53:d6:26:14:ed:a6:62:37
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

24/09/2012, 00:00

Not After

01/10/2015, 23:59

Subject

CN=Adobe Systems Incorporated,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Universal Client,O=Adobe Systems Incorporated,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

04:0d:a2:8d:17:86:f2:56:68:68:88:85:38:75:06:83:9e:9d:3e:e0
Signer

Actual PE Digest

04:0d:a2:8d:17:86:f2:56:68:68:88:85:38:75:06:83:9e:9d:3e:e0

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Adobe Systems Incorporated,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Universal Client,O=Adobe Systems Incorporated,ST=California,C=US

23/11/2013, 02:01
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsSetValue
TlsFree
SetLastError
GetModuleHandleA
Sleep
SetHandleCount
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
GetCurrentProcessId
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetConsoleCP
TlsAlloc
GetFullPathNameA
GetCurrentDirectoryA
GetFullPathNameW
FlushFileBuffers
LCMapStringA
LCMapStringW
InitializeCriticalSectionAndSpinCount
LoadLibraryA
GetLocaleInfoA
InterlockedExchange
GetStringTypeA
GetStringTypeW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringA
SetEnvironmentVariableA
SetEndOfFile
GetProcessHeap
TlsGetValue
GetModuleFileNameA
GetStdHandle
GetFileType
SetStdHandle
CreateDirectoryA
FindFirstFileW
GetDriveTypeW
FindFirstFileA
GetDriveTypeA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
RtlUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
RaiseException
GetDateFormatA
GetTimeFormatA
LeaveCriticalSection
EnterCriticalSection
GetTimeZoneInformation
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
GetCommandLineA
GetCurrentThreadId
GetSystemTimeAsFileTime
GetModuleHandleW
LoadLibraryW
FormatMessageW
LocalFree
GetFileAttributesA
lstrlenA
ExitProcess
GetVersionExW
GetLocaleInfoW
MultiByteToWideChar
GetLastError
GetCurrentDirectoryW
SetCurrentDirectoryW
LoadLibraryExW
FreeLibrary
GetProcAddress
GetFileAttributesExW
CreateFileW
GetFileSize
ReadFile
FoldStringW
GetCurrentThread
GetThreadTimes
GetSystemInfo
VirtualFree
VirtualAlloc
QueryPerformanceFrequency
QueryPerformanceCounter
DeleteFileA
CreateFileA
SetFilePointer
WriteFile
CloseHandle
InterlockedDecrement
InterlockedIncrement
GetTickCount
GetConsoleMode
CompareStringW

user32

SystemParametersInfoW
GetDC
ReleaseDC
GetLastInputInfo
SendMessageW
GetPropW
ReleaseCapture
SetCapture
CallWindowProcW
SetParent
CreateWindowExW
DefWindowProcA
SetWindowLongA
SetPropW
SetWindowRgn
MoveWindow
DestroyWindow
FillRect
InvalidateRect
GetFocus
IsChild
GetUpdateRect
IntersectRect
EqualRect
GetWindowRgn
DefWindowProcW
LoadCursorW
RegisterClassExW
GetKeyboardState
SetKeyboardState
ShowWindow
SetFocus
GetWindowRect
ClientToScreen
GetWindowLongW
SetWindowLongW
UpdateWindow

gdi32

GetFontData
GetGlyphIndicesW
GetCharWidthI
GetTextMetricsW
GetGlyphOutlineW
GetOutlineTextMetricsW
AddFontMemResourceEx
CreateEnhMetaFileW
CloseEnhMetaFile
EnumEnhMetaFile
DeleteEnhMetaFile
GetStockObject
GetFontUnicodeRanges
EnumFontFamiliesExW
GetTextFaceW
CreateFontIndirectW
RemoveFontMemResourceEx
GetObjectW
IntersectClipRect
ModifyWorldTransform
RestoreDC
SaveDC
CreateCompatibleDC
CreateDIBSection
SelectObject
SetGraphicsMode
GetWorldTransform
SetWorldTransform
GetClipBox
CreateRectRgn
GetRgnBox
DeleteObject
GetDeviceCaps
StretchBlt
SetStretchBltMode
StretchDIBits
GetClipRgn
GetGraphicsMode
SelectClipRgn
ExtSelectClipRgn
ExtCreateRegion
PatBlt
SetBrushOrgEx
CreatePatternBrush
CreateSolidBrush
ExtTextOutW
SetBkMode
SetTextAlign
SetTextColor
CreateCompatibleBitmap
SetMapMode
GetCharWidth32W
ExtEscape
SelectClipPath
EndPath
CloseFigure
MoveToEx
BeginPath
LineTo
PolyBezierTo
SetPolyFillMode
WidenPath
StrokePath
ExtCreatePen
SetMiterLimit
FillPath
BitBlt
GdiFlush
DeleteDC

usp10

ScriptXtoCP
ScriptPlace
ScriptItemize
ScriptFreeCache
ScriptStringFree
ScriptStringOut
ScriptStringAnalyse
ScriptShape

urlmon

FindMimeFromData

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

msimg32

GradientFill

winmm

timeEndPeriod
timeBeginPeriod

advapi32

RegCloseKey
RegQueryValueExW
RegOpenKeyExW

ole32

CoCreateGuid
CoTaskMemFree
CoCreateInstance

Exports

Exports

WebKitGetAPI
cairo_append_path
cairo_arc
cairo_arc_negative
cairo_clip
cairo_clip_extents
cairo_clip_preserve
cairo_close_path
cairo_copy_clip_rectangle_list
cairo_copy_page
cairo_copy_path
cairo_copy_path_flat
cairo_create
cairo_curve_to
cairo_debug_reset_static_data
cairo_destroy
cairo_device_acquire
cairo_device_destroy
cairo_device_finish
cairo_device_flush
cairo_device_get_reference_count
cairo_device_get_type
cairo_device_get_user_data
cairo_device_reference
cairo_device_release
cairo_device_set_user_data
cairo_device_status
cairo_device_to_user
cairo_device_to_user_distance
cairo_fill
cairo_fill_extents
cairo_fill_preserve
cairo_font_extents
cairo_font_face_destroy
cairo_font_face_get_reference_count
cairo_font_face_get_type
cairo_font_face_get_user_data
cairo_font_face_reference
cairo_font_face_set_user_data
cairo_font_face_status
cairo_font_options_copy
cairo_font_options_create
cairo_font_options_destroy
cairo_font_options_equal
cairo_font_options_get_antialias
cairo_font_options_get_hint_metrics
cairo_font_options_get_hint_style
cairo_font_options_get_subpixel_order
cairo_font_options_hash
cairo_font_options_merge
cairo_font_options_set_antialias
cairo_font_options_set_hint_metrics
cairo_font_options_set_hint_style
cairo_font_options_set_subpixel_order
cairo_font_options_status
cairo_format_stride_for_width
cairo_get_antialias
cairo_get_current_point
cairo_get_dash
cairo_get_dash_count
cairo_get_fill_rule
cairo_get_font_face
cairo_get_font_matrix
cairo_get_font_options
cairo_get_group_target
cairo_get_line_cap
cairo_get_line_join
cairo_get_line_width
cairo_get_matrix
cairo_get_miter_limit
cairo_get_operator
cairo_get_reference_count
cairo_get_scaled_font
cairo_get_source
cairo_get_target
cairo_get_tolerance
cairo_get_user_data
cairo_glyph_allocate
cairo_glyph_extents
cairo_glyph_free
cairo_glyph_path
cairo_has_current_point
cairo_identity_matrix
cairo_image_surface_create
cairo_image_surface_create_for_data
cairo_image_surface_create_from_png
cairo_image_surface_create_from_png_stream
cairo_image_surface_get_data
cairo_image_surface_get_format
cairo_image_surface_get_height
cairo_image_surface_get_stride
cairo_image_surface_get_width
cairo_in_clip
cairo_in_fill
cairo_in_stroke
cairo_line_to
cairo_mask
cairo_mask_surface
cairo_matrix_init
cairo_matrix_init_identity
cairo_matrix_init_rotate
cairo_matrix_init_scale
cairo_matrix_init_translate
cairo_matrix_invert
cairo_matrix_multiply
cairo_matrix_rotate
cairo_matrix_scale
cairo_matrix_transform_distance
cairo_matrix_transform_point
cairo_matrix_translate
cairo_move_to
cairo_new_path
cairo_new_sub_path
cairo_paint
cairo_paint_with_alpha
cairo_path_destroy
cairo_path_extents
cairo_pattern_add_color_stop_rgb
cairo_pattern_add_color_stop_rgba
cairo_pattern_create_for_surface
cairo_pattern_create_linear
cairo_pattern_create_radial
cairo_pattern_create_rgb
cairo_pattern_create_rgba
cairo_pattern_destroy
cairo_pattern_get_color_stop_count
cairo_pattern_get_color_stop_rgba
cairo_pattern_get_extend
cairo_pattern_get_filter
cairo_pattern_get_linear_points
cairo_pattern_get_matrix
cairo_pattern_get_radial_circles
cairo_pattern_get_reference_count
cairo_pattern_get_rgba
cairo_pattern_get_surface
cairo_pattern_get_type
cairo_pattern_get_user_data
cairo_pattern_reference
cairo_pattern_set_extend
cairo_pattern_set_filter
cairo_pattern_set_matrix
cairo_pattern_set_user_data
cairo_pattern_status
cairo_pop_group
cairo_pop_group_to_source
cairo_push_group
cairo_push_group_with_content
cairo_recording_surface_create
cairo_recording_surface_ink_extents
cairo_rectangle
cairo_rectangle_list_destroy
cairo_reference
cairo_region_contains_point
cairo_region_contains_rectangle
cairo_region_copy
cairo_region_create
cairo_region_create_rectangle
cairo_region_create_rectangles
cairo_region_destroy
cairo_region_equal
cairo_region_get_extents
cairo_region_get_rectangle
cairo_region_intersect
cairo_region_intersect_rectangle
cairo_region_is_empty
cairo_region_num_rectangles
cairo_region_reference
cairo_region_status
cairo_region_subtract
cairo_region_subtract_rectangle
cairo_region_translate
cairo_region_union
cairo_region_union_rectangle
cairo_region_xor
cairo_region_xor_rectangle
cairo_rel_curve_to
cairo_rel_line_to
cairo_rel_move_to
cairo_reset_clip
cairo_restore
cairo_rotate
cairo_save
cairo_scale
cairo_scaled_font_create
cairo_scaled_font_destroy
cairo_scaled_font_extents
cairo_scaled_font_get_ctm
cairo_scaled_font_get_font_face
cairo_scaled_font_get_font_matrix
cairo_scaled_font_get_font_options
cairo_scaled_font_get_reference_count
cairo_scaled_font_get_scale_matrix
cairo_scaled_font_get_type
cairo_scaled_font_get_user_data
cairo_scaled_font_glyph_extents
cairo_scaled_font_reference
cairo_scaled_font_set_user_data
cairo_scaled_font_status
cairo_scaled_font_text_extents
cairo_scaled_font_text_to_glyphs
cairo_select_font_face
cairo_set_antialias
cairo_set_dash
cairo_set_fill_rule
cairo_set_font_face
cairo_set_font_matrix
cairo_set_font_options
cairo_set_font_size
cairo_set_line_cap
cairo_set_line_join
cairo_set_line_width
cairo_set_matrix
cairo_set_miter_limit
cairo_set_operator
cairo_set_scaled_font
cairo_set_source
cairo_set_source_rgb
cairo_set_source_rgba
cairo_set_source_surface
cairo_set_tolerance
cairo_set_user_data
cairo_show_glyphs
cairo_show_page
cairo_show_text
cairo_show_text_glyphs
cairo_status
cairo_status_to_string
cairo_stroke
cairo_stroke_extents
cairo_stroke_preserve
cairo_surface_copy_page
cairo_surface_create_similar
cairo_surface_destroy
cairo_surface_finish
cairo_surface_flush
cairo_surface_get_content
cairo_surface_get_device
cairo_surface_get_device_offset
cairo_surface_get_fallback_resolution
cairo_surface_get_font_options
cairo_surface_get_mime_data
cairo_surface_get_reference_count
cairo_surface_get_type
cairo_surface_get_user_data
cairo_surface_has_show_text_glyphs
cairo_surface_mark_dirty
cairo_surface_mark_dirty_rectangle
cairo_surface_reference
cairo_surface_set_device_offset
cairo_surface_set_fallback_resolution
cairo_surface_set_mime_data
cairo_surface_set_user_data
cairo_surface_show_page
cairo_surface_status
cairo_surface_write_to_png
cairo_surface_write_to_png_stream
cairo_text_cluster_allocate
cairo_text_cluster_free
cairo_text_extents
cairo_text_path
cairo_toy_font_face_create
cairo_toy_font_face_get_family
cairo_toy_font_face_get_slant
cairo_toy_font_face_get_weight
cairo_transform
cairo_translate
cairo_user_font_face_create
cairo_user_font_face_get_init_func
cairo_user_font_face_get_render_glyph_func
cairo_user_font_face_get_text_to_glyphs_func
cairo_user_font_face_get_unicode_to_glyph_func
cairo_user_font_face_set_init_func
cairo_user_font_face_set_render_glyph_func
cairo_user_font_face_set_text_to_glyphs_func
cairo_user_font_face_set_unicode_to_glyph_func
cairo_user_to_device
cairo_user_to_device_distance
cairo_win32_font_face_create_for_hfont
cairo_win32_font_face_create_for_logfontw
cairo_win32_font_face_create_for_logfontw_hfont
cairo_win32_printing_surface_create
cairo_win32_scaled_font_done_font
cairo_win32_scaled_font_get_device_to_logical
cairo_win32_scaled_font_get_logical_to_device
cairo_win32_scaled_font_get_metrics_factor
cairo_win32_scaled_font_select_font
cairo_win32_surface_create
cairo_win32_surface_create_with_ddb
cairo_win32_surface_create_with_dib
cairo_win32_surface_get_dc
cairo_win32_surface_get_image

Sections

.text
Size: 3.5MB - Virtual size: 3.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 850KB - Virtual size: 850KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 29KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.unwante
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 226KB - Virtual size: 226KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Balsamiq/Balsamiq_Mockups_3/Adobe AIR/Versions/1.0/Resources/WebKit/LGPL License.txt
Balsamiq/Balsamiq_Mockups_3/Adobe AIR/Versions/1.0/Resources/WebKit/Notice WebKit.txt
Balsamiq/Balsamiq_Mockups_3/Balsamiq Mockups 3.exe
.exe windows x86

9b8cde1048803eb9f29e20b92535d1cc

Code Sign

07
Certificate

Issuer

CN=Go Daddy Root Certificate Authority - G2,O=GoDaddy.com\, Inc.,L=Scottsdale,ST=Arizona,C=US

Not Before

03/05/2011, 07:00

Not After

03/05/2031, 07:00

Subject

CN=Go Daddy Secure Certificate Authority - G2,OU=http://certs.godaddy.com/repository/,O=GoDaddy.com\, Inc.,L=Scottsdale,ST=Arizona,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

04:5a:cc:20:53:72:e0
Certificate

Issuer

CN=Go Daddy Secure Certificate Authority - G2,OU=http://certs.godaddy.com/repository/,O=GoDaddy.com\, Inc.,L=Scottsdale,ST=Arizona,C=US

Not Before

10/12/2014, 09:40

Not After

28/01/2016, 14:27

Subject

CN=Balsamiq SRL,O=Balsamiq SRL,L=Bologna,C=IT

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

6c:2e:36:ad:af:9e:e4:14
Certificate

Issuer

CN=Starfield Services Root Certificate Authority,OU=http://certificates.starfieldtech.com/repository/,O=Starfield Technologies\, Inc.,L=Scottsdale,ST=Arizona,C=US

Not Before

16/03/2015, 07:00

Not After

16/03/2020, 07:00

Subject

CN=Starfield Services Timestamp Authority - G1,O=Starfield Technologies\, Inc.,L=Scottsdale,ST=Arizona,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

c2:70:7f:12:25:15:f9:f9:bd:e3:d4:bb:ad:0a:dc:33:7a:34:56:38
Signer

Actual PE Digest

c2:70:7f:12:25:15:f9:f9:bd:e3:d4:bb:ad:0a:dc:33:7a:34:56:38

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

true

Verification

Signing Certificate

CN=Balsamiq SRL,O=Balsamiq SRL,L=Bologna,C=IT

28/04/2015, 15:00
Valid: true

Chain 1

CN=Balsamiq SRL,O=Balsamiq SRL,L=Bologna,C=IT

CN=Go Daddy Secure Certificate Authority - G2,OU=http://certs.godaddy.com/repository/,O=GoDaddy.com\, Inc.,L=Scottsdale,ST=Arizona,C=US

CN=Go Daddy Root Certificate Authority - G2,O=GoDaddy.com\, Inc.,L=Scottsdale,ST=Arizona,C=US

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetStdHandle
ExitProcess
CreateFileW
GetModuleHandleW
WriteConsoleW
GetStdHandle
GetConsoleOutputCP
WriteConsoleA
FlushFileBuffers
GetConsoleMode
GetConsoleCP
GetUserDefaultUILanguage
GetCommandLineW
HeapAlloc
GetProcessHeap
GetFullPathNameW
HeapFree
GetCommandLineA
GetStartupInfoA
SetUnhandledExceptionFilter
Sleep
WriteFile
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
HeapCreate
GetFileAttributesW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
IsDebuggerPresent
LoadLibraryA
InitializeCriticalSectionAndSpinCount
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
VirtualAlloc
HeapReAlloc
RtlUnwind
HeapSize
GetLocaleInfoA
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
CloseHandle
InitializeCriticalSection
SetFilePointer
LoadLibraryW
GetProcAddress
VirtualFree
GetModuleFileNameW
CreateFileA

shell32

CommandLineToArgvW

user32

MessageBoxExW

shlwapi

PathAppendW
PathRemoveFileSpecW
StrCmpW

msi

ord90

Sections

.text
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 163KB - Virtual size: 162KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Balsamiq/Balsamiq_Mockups_3/META-INF/AIR/application.xml
.xml
Balsamiq/Balsamiq_Mockups_3/META-INF/AIR/hash
Balsamiq/Balsamiq_Mockups_3/META-INF/signatures.xml
Balsamiq/Balsamiq_Mockups_3/balsamiq_mockups_3.1.1.swf
Balsamiq/Balsamiq_Mockups_3/framework_4.6.0.23201.swf
Balsamiq/Balsamiq_Mockups_3/icons/mockups_doc_ico_128.png
.png
Balsamiq/Balsamiq_Mockups_3/icons/mockups_doc_ico_16.png
.png
Balsamiq/Balsamiq_Mockups_3/icons/mockups_doc_ico_29.png
.png
Balsamiq/Balsamiq_Mockups_3/icons/mockups_doc_ico_32.png
.png
Balsamiq/Balsamiq_Mockups_3/icons/mockups_doc_ico_36.png
.png
Balsamiq/Balsamiq_Mockups_3/icons/mockups_doc_ico_48.png
.png
Balsamiq/Balsamiq_Mockups_3/icons/mockups_doc_ico_512.png
.png
Balsamiq/Balsamiq_Mockups_3/icons/mockups_ico_128.png
.png
Balsamiq/Balsamiq_Mockups_3/icons/mockups_ico_16.png
.png
Balsamiq/Balsamiq_Mockups_3/icons/mockups_ico_29.png
.png
Balsamiq/Balsamiq_Mockups_3/icons/mockups_ico_32.png
.png
Balsamiq/Balsamiq_Mockups_3/icons/mockups_ico_36.png
.png
Balsamiq/Balsamiq_Mockups_3/icons/mockups_ico_48.png
.png
Balsamiq/Balsamiq_Mockups_3/icons/mockups_ico_512.png
.png
Balsamiq/Balsamiq_Mockups_3/mimetype
Balsamiq/Balsamiq_Mockups_3/skins/sketch.swf
Balsamiq/Balsamiq_Mockups_3/skins/wireframe.swf
Balsamiq/Balsamiq_Mockups_3/textLayout_2.0.0.232.swf
Balsamiq/keygen-nGen.rar
.rar
Balsamiq/keygen.exe
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 156KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 172KB - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 82KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

55825614bb3a835423a551c99e15b794

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate

Extended Key Usages

Key Usages

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate

Extended Key Usages

Key Usages

4d:4a:a1:fd:f2:6f:9f:33:53:d6:26:14:ed:a6:62:37Certificate

Extended Key Usages

Key Usages

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7Certificate

Extended Key Usages

Key Usages

7e:3f:0b:f8:35:b5:c1:de:eb:df:0e:48:54:e4:ea:ab:fa:5b:6b:4bSigner

Signature Validations

Verification

23/11/2013, 02:01 Valid: false

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ole32

oleaut32

ws2_32

version

crypt32

winmm

oleacc

user32

gdi32

msimg32

advapi32

comdlg32

shell32

shlwapi

wininet

msi

urlmon

comctl32

mscms

secur32

dsound

iphlpapi

dnsapi

dinput8

winspool.drv

Exports

Exports

Sections

.text Size: 12.3MB - Virtual size: 12.3MB

.rodata Size: 4KB - Virtual size: 4KB

.rdata Size: 6.2MB - Virtual size: 6.2MB

.data Size: 443KB - Virtual size: 1.4MB

.data1 Size: 512B - Virtual size: 84B

.rsrc Size: 209KB - Virtual size: 208KB

.reloc Size: 827KB - Virtual size: 827KB

5654f6bff0dd174f50c057d3f5682311

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate

Extended Key Usages

Key Usages

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate

Extended Key Usages

Key Usages

4d:4a:a1:fd:f2:6f:9f:33:53:d6:26:14:ed:a6:62:37Certificate

Extended Key Usages

Key Usages

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7Certificate

Extended Key Usages

Key Usages

e8:b0:ea:0a:41:61:02:e3:b2:62:68:45:b3:b3:9c:19:38:0c:5c:80Signer

Signature Validations

Verification

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

4d:4a:a1:fd:f2:6f:9f:33:53:d6:26:14:ed:a6:62:37
Certificate

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

7e:3f:0b:f8:35:b5:c1:de:eb:df:0e:48:54:e4:ea:ab:fa:5b:6b:4b
Signer

23/11/2013, 02:01
Valid: false

.text
Size: 12.3MB - Virtual size: 12.3MB

.rodata
Size: 4KB - Virtual size: 4KB

.rdata
Size: 6.2MB - Virtual size: 6.2MB

.data
Size: 443KB - Virtual size: 1.4MB

.data1
Size: 512B - Virtual size: 84B

.rsrc
Size: 209KB - Virtual size: 208KB

.reloc
Size: 827KB - Virtual size: 827KB

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

4d:4a:a1:fd:f2:6f:9f:33:53:d6:26:14:ed:a6:62:37
Certificate

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

e8:b0:ea:0a:41:61:02:e3:b2:62:68:45:b3:b3:9c:19:38:0c:5c:80
Signer

23/11/2013, 02:01
Valid: false

.text
Size: 2.1MB - Virtual size: 2.1MB

.rdata
Size: 468KB - Virtual size: 465KB

.data
Size: 588KB - Virtual size: 597KB

.data1
Size: 4KB - Virtual size: 84B

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 156KB - Virtual size: 154KB

.text
Size: 31KB - Virtual size: 31KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 4KB - Virtual size: 10KB

.rsrc
Size: 1024B - Virtual size: 704B

.reloc
Size: 4KB - Virtual size: 4KB

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

4d:4a:a1:fd:f2:6f:9f:33:53:d6:26:14:ed:a6:62:37
Certificate

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

60:27:4b:94:2d:2c:32:12:0b:d3:fb:21:76:04:c0:2a:f4:61:89:7b
Signer

23/11/2013, 02:01
Valid: false