fu[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fu.zip
Size

10.0MB
MD5

6183eb3b769baf0943e1e98a4d9cbc18
SHA1

3251a0faadaa19a31a9b404e3c53f3ab5ecb4dd7
SHA256

124ad30d0e52d642fbebd80f5aa97ba45b179b7441337bdba2dbd6f2c5ba36ce
SHA512

4bc5915fe496ca1034906ce606948efea2637e96c773e1692e582471b2eac142537ec63f9e499809d20bc7e75362b524abd68f0970a82c90754eefd845eea3ac
SSDEEP

196608:yO1urbVmf6yiQNNMt2h/BD8IA5Y3Kc2+fUNuCynk1O3diezOORyb2DFPJDmaoZ2V:y7rw5NNDh/bA56f/9biOQQFJIEWv7qOI

Score

7^/10

upx

Malware Config

Signatures

ACProtect 1.3x - 1.4x DLL software 6 IoCs

Detects file using ACProtect software.

resource	yara_rule
static1/unpack001/fu/avcodec-53.dll	acprotect
static1/unpack001/fu/avformat-53.dll	acprotect
static1/unpack001/fu/avutil-51.dll	acprotect
static1/unpack001/fu/awesomium.dll	acprotect
static1/unpack001/fu/icudt.dll	acprotect
static1/unpack001/fu/libGLESv2.dll	acprotect

UPX packed file 6 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/fu/avcodec-53.dll	upx
static1/unpack001/fu/avformat-53.dll	upx
static1/unpack001/fu/avutil-51.dll	upx
static1/unpack001/fu/awesomium.dll	upx
static1/unpack001/fu/icudt.dll	upx
static1/unpack001/fu/libGLESv2.dll	upx

Unsigned PE 8 IoCs

Checks for missing Authenticode signature.

resource
unpack001/fu/FukeUpdate.exe
unpack001/fu/RunFor.exe
unpack001/fu/avcodec-53.dll
unpack001/fu/avformat-53.dll
unpack001/fu/avutil-51.dll
unpack001/fu/awesomium.dll
unpack001/fu/icudt.dll
unpack001/fu/libGLESv2.dll

Files

fu.zip
.zip
fu/FukeUpdate.exe
.exe windows x86

1868d5467d24c13730f0618af5d490e0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

awesomium

?IsEmpty@WebString@Awesomium@@QBE_NXZ
?ToUTF8@WebString@Awesomium@@QBEIPADI@Z
?instance@WebCore@Awesomium@@SAPAV12@XZ
??_7Load@WebViewListener@Awesomium@@6B@
??1Load@WebViewListener@Awesomium@@MAE@XZ
??_7View@WebViewListener@Awesomium@@6B@
??1View@WebViewListener@Awesomium@@MAE@XZ
??1WebURL@Awesomium@@QAE@XZ
?CreateFromUTF8@WebString@Awesomium@@SA?AV12@PBDI@Z
??1WebString@Awesomium@@QAE@XZ
??0WebURL@Awesomium@@QAE@ABVWebString@1@@Z
??1WebConfig@Awesomium@@QAE@XZ
??0WebConfig@Awesomium@@QAE@XZ
?Initialize@WebCore@Awesomium@@SAPAV12@ABUWebConfig@2@@Z
?Shutdown@WebCore@Awesomium@@SAXXZ

kernel32

IsDebuggerPresent
WriteConsoleW
SetStdHandle
FlushFileBuffers
SetFilePointerEx
GetConsoleMode
GetConsoleCP
GetStringTypeW
LCMapStringW
HeapReAlloc
LoadLibraryW
GetModuleHandleA
VerSetConditionMask
VerifyVersionInfoW
GetModuleFileNameA
SetCurrentDirectoryA
CreateThread
Sleep
GetLastError
CloseHandle
OutputDebugStringW
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetFileType
GetProcessHeap
GetCurrentThreadId
HeapSize
HeapAlloc
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
InterlockedIncrement
LoadLibraryExW
GetModuleFileNameW
EncodePointer
DecodePointer
InterlockedDecrement
ExitProcess
GetModuleHandleExW
GetProcAddress
MultiByteToWideChar
GetCommandLineA
RaiseException
RtlUnwind
CreateFileW
IsProcessorFeaturePresent
HeapFree
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetModuleHandleW
GetStdHandle
WriteFile

user32

PostQuitMessage
DefWindowProcA
LockSetForegroundWindow
ShowWindow
SetWindowTextW
RegisterClassExW
SetTimer
CreateWindowExW
GetMonitorInfoA
MonitorFromWindow
UpdateWindow
SetWindowPos
GetForegroundWindow
SetWindowsHookExA
CallNextHookEx
GetAsyncKeyState
MessageBoxW
GetKeyState
DispatchMessageA
TranslateMessage
GetMessageA

Sections

.text
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
fu/RunFor.exe
.exe windows x86

6d3f2836fd047750f100e2f49b4db91e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExW
GetModuleFileNameA
GetProcAddress
LoadLibraryW
CloseHandle
OpenProcess
WriteConsoleW
SetStdHandle
SetFilePointerEx
GetConsoleMode
GetConsoleCP
FlushFileBuffers
HeapAlloc
GetLastError
HeapFree
GetCommandLineW
IsDebuggerPresent
IsProcessorFeaturePresent
EncodePointer
DecodePointer
InterlockedDecrement
ExitProcess
GetModuleHandleExW
MultiByteToWideChar
GetStdHandle
WriteFile
GetModuleFileNameW
GetProcessHeap
EnterCriticalSection
LeaveCriticalSection
SetLastError
InterlockedIncrement
GetCurrentThreadId
GetFileType
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
Sleep
LoadLibraryExW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
OutputDebugStringW
WideCharToMultiByte
RtlUnwind
HeapSize
HeapReAlloc
LCMapStringW
GetStringTypeW
CreateFileW

advapi32

LookupAccountNameW
CreateProcessAsUserA
DuplicateTokenEx
EqualSid
GetTokenInformation
OpenProcessToken

secur32

LsaGetLogonSessionData
LsaEnumerateLogonSessions
LsaFreeReturnBuffer

psapi

EnumProcesses

Sections

.text
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
fu/avcodec-53.dll
.dll windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Exports

Exports

MPV_common_init_mmx
_get_output_format
_nm__av_pix_fmt_descriptors
_nm__av_reverse
align_put_bits
audio_resample
audio_resample_close
av_audio_convert
av_audio_convert_alloc
av_audio_convert_free
av_audio_resample_init
av_bitstream_filter_close
av_bitstream_filter_filter
av_bitstream_filter_init
av_bitstream_filter_next
av_codec_next
av_destruct_packet
av_destruct_packet_nofree
av_dup_packet
av_fast_malloc
av_fast_realloc
av_fft_calc
av_fft_end
av_fft_init
av_fft_permute
av_free_packet
av_get_bits_per_sample
av_get_bits_per_sample_format
av_get_codec_tag_string
av_get_pict_type_char
av_get_profile_name
av_grow_packet
av_hwaccel_next
av_imdct_calc
av_imdct_half
av_init_packet
av_lockmgr_register
av_log_ask_for_sample
av_log_missing_feature
av_mdct_calc
av_mdct_end
av_mdct_init
av_new_packet
av_packet_get_side_data
av_packet_merge_side_data
av_packet_new_side_data
av_packet_split_side_data
av_parser_change
av_parser_close
av_parser_init
av_parser_next
av_parser_parse2
av_picture_copy
av_picture_crop
av_picture_pad
av_rdft_calc
av_rdft_end
av_rdft_init
av_register_bitstream_filter
av_register_codec_parser
av_register_hwaccel
av_resample
av_resample_close
av_resample_compensate
av_resample_init
av_shrink_packet
av_xiphlacing
avcodec_align_dimensions
avcodec_align_dimensions2
avcodec_alloc_context
avcodec_alloc_context2
avcodec_alloc_context3
avcodec_alloc_frame
avcodec_channel_layout_num_channels
avcodec_close
avcodec_configuration
avcodec_copy_context
avcodec_decode_audio3
avcodec_decode_subtitle2
avcodec_decode_video2
avcodec_default_execute
avcodec_default_execute2
avcodec_default_free_buffers
avcodec_default_get_buffer
avcodec_default_get_format
avcodec_default_reget_buffer
avcodec_default_release_buffer
avcodec_encode_audio
avcodec_encode_subtitle
avcodec_encode_video
avcodec_find_best_pix_fmt
avcodec_find_decoder
avcodec_find_decoder_by_name
avcodec_find_encoder
avcodec_find_encoder_by_name
avcodec_flush_buffers
avcodec_get_channel_layout
avcodec_get_channel_layout_string
avcodec_get_chroma_sub_sample
avcodec_get_context_defaults
avcodec_get_context_defaults2
avcodec_get_context_defaults3
avcodec_get_edge_width
avcodec_get_frame_defaults
avcodec_get_pix_fmt_loss
avcodec_get_pix_fmt_name
avcodec_get_sample_fmt
avcodec_get_sample_fmt_name
avcodec_guess_channel_layout
avcodec_init
avcodec_license
avcodec_open
avcodec_open2
avcodec_pix_fmt_to_codec_tag
avcodec_register
avcodec_register_all
avcodec_sample_fmt_string
avcodec_set_dimensions
avcodec_string
avcodec_thread_init
avcodec_version
avpicture_alloc
avpicture_deinterlace
avpicture_fill
avpicture_free
avpicture_get_size
avpicture_layout
avsubtitle_free
dsputil_init
dsputil_init_mmx
dsputil_init_pix_mmx
dsputil_static_init
ff_add_hfyu_left_prediction_sse4
ff_add_hfyu_left_prediction_ssse3
ff_add_hfyu_median_prediction_mmx2
ff_add_pixels_clamped_c
ff_add_pixels_clamped_mmx
ff_alternate_horizontal_scan
ff_alternate_vertical_scan
ff_apply_window_int16_mmxext
ff_apply_window_int16_mmxext_ba
ff_apply_window_int16_sse2
ff_apply_window_int16_sse2_ba
ff_apply_window_int16_ssse3
ff_apply_window_int16_ssse3_atom
ff_avg_cavs_qpel16_mc00_mmx2
ff_avg_cavs_qpel8_mc00_mmx2
ff_avg_h264_chroma_mc2_10_mmxext
ff_avg_h264_chroma_mc2_mmx2
ff_avg_h264_chroma_mc4_10_mmxext
ff_avg_h264_chroma_mc4_3dnow
ff_avg_h264_chroma_mc4_mmx2
ff_avg_h264_chroma_mc4_ssse3
ff_avg_h264_chroma_mc8_10_avx
ff_avg_h264_chroma_mc8_10_sse2
ff_avg_h264_chroma_mc8_3dnow_rnd
ff_avg_h264_chroma_mc8_mmx2_rnd
ff_avg_h264_chroma_mc8_ssse3_rnd
ff_avg_h264_qpel16_mc00_10_mmxext
ff_avg_h264_qpel16_mc00_10_sse2
ff_avg_h264_qpel16_mc01_10_mmxext
ff_avg_h264_qpel16_mc01_10_sse2
ff_avg_h264_qpel16_mc02_10_mmxext
ff_avg_h264_qpel16_mc02_10_sse2
ff_avg_h264_qpel16_mc03_10_mmxext
ff_avg_h264_qpel16_mc03_10_sse2
ff_avg_h264_qpel16_mc10_10_mmxext
ff_avg_h264_qpel16_mc10_10_sse2
ff_avg_h264_qpel16_mc10_10_sse2_cache64
ff_avg_h264_qpel16_mc10_10_ssse3_cache64
ff_avg_h264_qpel16_mc11_10_mmxext
ff_avg_h264_qpel16_mc11_10_sse2
ff_avg_h264_qpel16_mc12_10_mmxext
ff_avg_h264_qpel16_mc12_10_sse2
ff_avg_h264_qpel16_mc13_10_mmxext
ff_avg_h264_qpel16_mc13_10_sse2
ff_avg_h264_qpel16_mc20_10_mmxext
ff_avg_h264_qpel16_mc20_10_sse2
ff_avg_h264_qpel16_mc20_10_sse2_cache64
ff_avg_h264_qpel16_mc20_10_ssse3_cache64
ff_avg_h264_qpel16_mc21_10_mmxext
ff_avg_h264_qpel16_mc21_10_sse2
ff_avg_h264_qpel16_mc22_10_mmxext
ff_avg_h264_qpel16_mc22_10_sse2
ff_avg_h264_qpel16_mc23_10_mmxext
ff_avg_h264_qpel16_mc23_10_sse2
ff_avg_h264_qpel16_mc30_10_mmxext
ff_avg_h264_qpel16_mc30_10_sse2
ff_avg_h264_qpel16_mc30_10_sse2_cache64
ff_avg_h264_qpel16_mc30_10_ssse3_cache64
ff_avg_h264_qpel16_mc31_10_mmxext
ff_avg_h264_qpel16_mc31_10_sse2
ff_avg_h264_qpel16_mc32_10_mmxext
ff_avg_h264_qpel16_mc32_10_sse2
ff_avg_h264_qpel16_mc33_10_mmxext
ff_avg_h264_qpel16_mc33_10_sse2
ff_avg_h264_qpel4_mc00_10_mmxext
ff_avg_h264_qpel4_mc01_10_mmxext
ff_avg_h264_qpel4_mc02_10_mmxext
ff_avg_h264_qpel4_mc03_10_mmxext
ff_avg_h264_qpel4_mc10_10_mmxext
ff_avg_h264_qpel4_mc11_10_mmxext
ff_avg_h264_qpel4_mc12_10_mmxext
ff_avg_h264_qpel4_mc13_10_mmxext
ff_avg_h264_qpel4_mc20_10_mmxext
ff_avg_h264_qpel4_mc21_10_mmxext
ff_avg_h264_qpel4_mc22_10_mmxext
ff_avg_h264_qpel4_mc23_10_mmxext
ff_avg_h264_qpel4_mc30_10_mmxext
ff_avg_h264_qpel4_mc31_10_mmxext
ff_avg_h264_qpel4_mc32_10_mmxext
ff_avg_h264_qpel4_mc33_10_mmxext
ff_avg_h264_qpel8_mc00_10_mmxext
ff_avg_h264_qpel8_mc00_10_sse2
ff_avg_h264_qpel8_mc01_10_mmxext
ff_avg_h264_qpel8_mc01_10_sse2
ff_avg_h264_qpel8_mc02_10_mmxext
ff_avg_h264_qpel8_mc02_10_sse2
ff_avg_h264_qpel8_mc03_10_mmxext
ff_avg_h264_qpel8_mc03_10_sse2
ff_avg_h264_qpel8_mc10_10_mmxext
ff_avg_h264_qpel8_mc10_10_sse2
ff_avg_h264_qpel8_mc10_10_sse2_cache64
ff_avg_h264_qpel8_mc10_10_ssse3_cache64
ff_avg_h264_qpel8_mc11_10_mmxext
ff_avg_h264_qpel8_mc11_10_sse2
ff_avg_h264_qpel8_mc12_10_mmxext
ff_avg_h264_qpel8_mc12_10_sse2
ff_avg_h264_qpel8_mc13_10_mmxext
ff_avg_h264_qpel8_mc13_10_sse2
ff_avg_h264_qpel8_mc20_10_mmxext
ff_avg_h264_qpel8_mc20_10_sse2
ff_avg_h264_qpel8_mc20_10_sse2_cache64
ff_avg_h264_qpel8_mc20_10_ssse3_cache64
ff_avg_h264_qpel8_mc21_10_mmxext
ff_avg_h264_qpel8_mc21_10_sse2
ff_avg_h264_qpel8_mc22_10_mmxext
ff_avg_h264_qpel8_mc22_10_sse2
ff_avg_h264_qpel8_mc23_10_mmxext
ff_avg_h264_qpel8_mc23_10_sse2
ff_avg_h264_qpel8_mc30_10_mmxext
ff_avg_h264_qpel8_mc30_10_sse2
ff_avg_h264_qpel8_mc30_10_sse2_cache64
ff_avg_h264_qpel8_mc30_10_ssse3_cache64
ff_avg_h264_qpel8_mc31_10_mmxext
ff_avg_h264_qpel8_mc31_10_sse2
ff_avg_h264_qpel8_mc32_10_mmxext
ff_avg_h264_qpel8_mc32_10_sse2
ff_avg_h264_qpel8_mc33_10_mmxext
ff_avg_h264_qpel8_mc33_10_sse2
ff_avg_pixels16x16_10_c
ff_avg_pixels16x16_8_c
ff_avg_pixels16x16_9_c
ff_avg_pixels8x8_10_c
ff_avg_pixels8x8_8_c
ff_avg_pixels8x8_9_c
ff_avg_qpel16_mc11_old_c
ff_avg_qpel16_mc12_old_c
ff_avg_qpel16_mc13_old_c
ff_avg_qpel16_mc31_old_c
ff_avg_qpel16_mc32_old_c
ff_avg_qpel16_mc33_old_c
ff_avg_qpel8_mc11_old_c
ff_avg_qpel8_mc12_old_c
ff_avg_qpel8_mc13_old_c
ff_avg_qpel8_mc31_old_c
ff_avg_qpel8_mc32_old_c
ff_avg_qpel8_mc33_old_c
ff_avg_rv40_chroma_mc4_3dnow
ff_avg_rv40_chroma_mc4_mmx2
ff_avg_rv40_chroma_mc8_3dnow
ff_avg_rv40_chroma_mc8_mmx2
ff_avg_vc1_chroma_mc8_3dnow_nornd
ff_avg_vc1_chroma_mc8_mmx2_nornd
ff_avg_vc1_chroma_mc8_ssse3_nornd
ff_avg_vc1_mspel_mc00_mmx2
ff_block_permute
ff_bone
ff_check_alignment
ff_combine_frame
ff_copy_bits
ff_copy_pce_data
ff_cos_1024
ff_cos_1024_fixed
ff_cos_128
ff_cos_128_fixed
ff_cos_16
ff_cos_16384
ff_cos_16384_fixed
ff_cos_16_fixed
ff_cos_2048
ff_cos_2048_fixed
ff_cos_256
ff_cos_256_fixed
ff_cos_32
ff_cos_32768
ff_cos_32768_fixed
ff_cos_32_fixed
ff_cos_4096
ff_cos_4096_fixed
ff_cos_512
ff_cos_512_fixed
ff_cos_64
ff_cos_64_fixed
ff_cos_65536
ff_cos_65536_fixed
ff_cos_8192
ff_cos_8192_fixed
ff_cos_tabs
ff_cos_tabs_fixed
ff_cropTbl
ff_deinterlace_line_inplace_mmx
ff_deinterlace_line_mmx
ff_dirac_parse_sequence_header
ff_dnxhd_init_mmx
ff_emu_edge_core_mmx
ff_emu_edge_core_sse
ff_emulated_edge_mc_10
ff_emulated_edge_mc_8
ff_emulated_edge_mc_9
ff_faanidct
ff_faanidct_add
ff_faanidct_put
ff_fdct_mmx
ff_fdct_mmx2
ff_fdct_sse2
ff_fetch_timestamp
ff_fft_calc_avx
ff_fft_calc_sse
ff_fft_dispatch_3dn
ff_fft_dispatch_3dn2
ff_fft_dispatch_avx
ff_fft_dispatch_interleave_3dn
ff_fft_dispatch_interleave_3dn2
ff_fft_dispatch_interleave_avx
ff_fft_dispatch_interleave_sse
ff_fft_dispatch_sse
ff_fft_end
ff_fft_end_fixed
ff_fft_init
ff_fft_init_fixed
ff_fft_init_mmx
ff_fft_permute_sse
ff_find_pix_fmt
ff_float_interleave2_mmx
ff_float_interleave2_sse
ff_float_interleave6_mmx
ff_float_interleave6_sse
ff_float_interleave_c
ff_float_to_int16_interleave6_3dn2
ff_float_to_int16_interleave6_3dnow
ff_float_to_int16_interleave6_sse
ff_fmt_convert_init
ff_fmt_convert_init_x86
ff_frame_rate_tab
ff_gmc_c
ff_golomb_vlc_len
ff_h264_pred_init
ff_h264_pred_init_x86
ff_idct_xvid_mmx
ff_idct_xvid_mmx2
ff_idct_xvid_sse2
ff_idct_xvid_sse2_add
ff_idct_xvid_sse2_put
ff_imdct_calc_c
ff_imdct_calc_c_fixed
ff_imdct_calc_sse
ff_imdct_half_avx
ff_imdct_half_c
ff_imdct_half_c_fixed
ff_imdct_half_sse
ff_init_ff_cos_tabs
ff_init_ff_cos_tabs_fixed
ff_init_scantable
ff_interleaved_dirac_golomb_vlc_code
ff_interleaved_golomb_vlc_len
ff_interleaved_se_golomb_vlc_code
ff_interleaved_ue_golomb_vlc_code
ff_inverse
ff_is_hwaccel_pix_fmt
ff_log2_run
ff_match_2uint16
ff_mdct_calc_c
ff_mdct_calc_c_fixed
ff_mdct_calcw_c
ff_mdct_end
ff_mdct_end_fixed
ff_mdct_init
ff_mdct_init_fixed
ff_mpa_alloc_tables
ff_mpa_bitrate_tab
ff_mpa_enwindow
ff_mpa_freq_tab
ff_mpa_quant_bits
ff_mpa_quant_steps
ff_mpa_sblimit_table
ff_mpeg12_mbAddrIncrTable
ff_mpeg12_mbMotionVectorTable
ff_mpeg12_mbPatTable
ff_mpeg12_vlc_dc_chroma_bits
ff_mpeg12_vlc_dc_chroma_code
ff_mpeg12_vlc_dc_lum_bits
ff_mpeg12_vlc_dc_lum_code
ff_mpeg1_aspect
ff_mpeg1_default_intra_matrix
ff_mpeg1_default_non_intra_matrix
ff_mpeg2_aspect
ff_mpeg4audio_channels
ff_mpeg4audio_get_config
ff_mpeg4audio_sample_rates
ff_mpeg4video_split
ff_parse1_close
ff_parse_close
ff_pb_0
ff_pb_1
ff_pb_1F
ff_pb_3
ff_pb_3F
ff_pb_4
ff_pb_7
ff_pb_80
ff_pb_81
ff_pb_A1
ff_pb_F8
ff_pb_FC
ff_pb_FE
ff_pd_1
ff_pd_2
ff_pdw_80000000
ff_pred16x16_dc_mmxext
ff_pred16x16_dc_sse2
ff_pred16x16_dc_ssse3
ff_pred16x16_horizontal_10_mmxext
ff_pred16x16_horizontal_10_sse2
ff_pred16x16_horizontal_mmx
ff_pred16x16_horizontal_mmxext
ff_pred16x16_horizontal_ssse3
ff_pred16x16_plane_h264_mmx
ff_pred16x16_plane_h264_mmx2
ff_pred16x16_plane_h264_sse2
ff_pred16x16_plane_h264_ssse3
ff_pred16x16_plane_rv40_mmx
ff_pred16x16_plane_rv40_mmx2
ff_pred16x16_plane_rv40_sse2
ff_pred16x16_plane_rv40_ssse3
ff_pred16x16_plane_svq3_mmx
ff_pred16x16_plane_svq3_mmx2
ff_pred16x16_plane_svq3_sse2
ff_pred16x16_plane_svq3_ssse3
ff_pred16x16_tm_vp8_mmx
ff_pred16x16_tm_vp8_mmxext
ff_pred16x16_tm_vp8_sse2
ff_pred16x16_vertical_10_mmxext
ff_pred16x16_vertical_10_sse2
ff_pred16x16_vertical_mmx
ff_pred16x16_vertical_sse
ff_pred4x4_dc_10_mmxext
ff_pred4x4_dc_mmxext
ff_pred4x4_down_left_10_avx
ff_pred4x4_down_left_10_sse2
ff_pred4x4_down_left_mmxext
ff_pred4x4_down_right_10_avx
ff_pred4x4_down_right_10_sse2
ff_pred4x4_down_right_10_ssse3
ff_pred4x4_down_right_mmxext
ff_pred4x4_horizontal_down_10_avx
ff_pred4x4_horizontal_down_10_sse2
ff_pred4x4_horizontal_down_10_ssse3
ff_pred4x4_horizontal_down_mmxext
ff_pred4x4_horizontal_up_10_mmxext
ff_pred4x4_horizontal_up_mmxext
ff_pred4x4_tm_vp8_mmx
ff_pred4x4_tm_vp8_mmxext
ff_pred4x4_tm_vp8_ssse3
ff_pred4x4_vertical_left_10_avx
ff_pred4x4_vertical_left_10_sse2
ff_pred4x4_vertical_left_mmxext
ff_pred4x4_vertical_right_10_avx
ff_pred4x4_vertical_right_10_sse2
ff_pred4x4_vertical_right_10_ssse3
ff_pred4x4_vertical_right_mmxext
ff_pred4x4_vertical_vp8_mmxext
ff_pred8x8_dc_10_mmxext
ff_pred8x8_dc_10_sse2
ff_pred8x8_dc_mmxext
ff_pred8x8_dc_rv40_mmxext
ff_pred8x8_horizontal_10_sse2
ff_pred8x8_horizontal_mmx
ff_pred8x8_horizontal_mmxext
ff_pred8x8_horizontal_ssse3
ff_pred8x8_plane_mmx
ff_pred8x8_plane_mmx2
ff_pred8x8_plane_sse2
ff_pred8x8_plane_ssse3
ff_pred8x8_tm_vp8_mmx
ff_pred8x8_tm_vp8_mmxext
ff_pred8x8_tm_vp8_sse2
ff_pred8x8_tm_vp8_ssse3
ff_pred8x8_top_dc_10_mmxext
ff_pred8x8_top_dc_10_sse2

Sections

UPX0
Size: - Virtual size: 1.4MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 268KB - Virtual size: 272KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 36KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
fu/avformat-53.dll
.dll windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Exports

Exports

_get_output_format
_nm__ff_log2_tab
_nm__ff_mpa_freq_tab
_nm__ff_mpeg4audio_sample_rates
_nm__ff_raw_pix_fmt_tags
av_add_index_entry
av_alloc_put_byte
av_append_packet
av_close_input_file
av_close_input_stream
av_codec_get_id
av_codec_get_tag
av_demuxer_open
av_dump_format
av_filename_number_test
av_find_best_stream
av_find_default_stream_index
av_find_input_format
av_find_stream_info
av_gen_search
av_get_frame_filename
av_get_output_timestamp
av_get_packet
av_gettime
av_guess_codec
av_guess_format
av_hex_dump
av_hex_dump_log
av_iformat_next
av_index_search_timestamp
av_interleave_packet_per_dts
av_interleaved_write_frame
av_match_ext
av_metadata_conv
av_metadata_copy
av_metadata_free
av_metadata_get
av_metadata_set2
av_new_program
av_new_stream
av_oformat_next
av_open_input_file
av_open_input_stream
av_pkt_dump
av_pkt_dump2
av_pkt_dump_log
av_pkt_dump_log2
av_probe_input_buffer
av_probe_input_format
av_probe_input_format2
av_probe_input_format3
av_protocol_next
av_read_frame
av_read_packet
av_read_pause
av_read_play
av_register_all
av_register_input_format
av_register_output_format
av_register_protocol2
av_sdp_create
av_seek_frame
av_seek_frame_binary
av_set_parameters
av_set_pts_info
av_update_cur_dts
av_url_read_fpause
av_url_read_fseek
av_url_read_pause
av_url_read_seek
av_url_split
av_write_frame
av_write_header
av_write_trailer
avf_sdp_create
avformat_alloc_context
avformat_alloc_output_context
avformat_alloc_output_context2
avformat_configuration
avformat_find_stream_info
avformat_free_context
avformat_license
avformat_open_input
avformat_seek_file
avformat_version
avformat_write_header
avio_alloc_context
avio_check
avio_close
avio_close_dyn_buf
avio_enum_protocols
avio_flush
avio_get_str
avio_get_str16be
avio_get_str16le
avio_open
avio_open_dyn_buf
avio_pause
avio_printf
avio_put_str
avio_put_str16le
avio_r8
avio_rb16
avio_rb24
avio_rb32
avio_rb64
avio_read
avio_rl16
avio_rl24
avio_rl32
avio_rl64
avio_seek
avio_seek_time
avio_set_interrupt_cb
avio_size
avio_skip
avio_w8
avio_wb16
avio_wb24
avio_wb32
avio_wb64
avio_wl16
avio_wl24
avio_wl32
avio_wl64
avio_write
brktimegm
codec_movaudio_tags
codec_movvideo_tags
dump_format
ff_add_index_entry
ff_celt_codec
ff_codec_bmp_tags
ff_codec_get_id
ff_codec_get_tag
ff_codec_guid_get_id
ff_codec_movsubtitle_tags
ff_codec_wav_guids
ff_codec_wav_tags
ff_crc04C11DB7_update
ff_data_to_hex
ff_find_stream_index
ff_free_parser_state
ff_gen_syncpoint_search
ff_get_bmp_header
ff_get_guid
ff_get_line
ff_get_v_length
ff_get_wav_header
ff_hex_to_data
ff_id3v1_genre_str
ff_id3v1_read
ff_id3v2_2_metadata_conv
ff_id3v2_34_metadata_conv
ff_id3v2_3_tags
ff_id3v2_4_metadata_conv
ff_id3v2_4_tags
ff_id3v2_match
ff_id3v2_read
ff_id3v2_tag_len
ff_id3v2_tags
ff_index_search_timestamp
ff_interleave_add_packet
ff_make_absolute_url
ff_metadata_conv
ff_metadata_conv_ctx
ff_mkv_codec_tags
ff_mkv_metadata_conv
ff_mkv_mime_tags
ff_mov_iso639_to_lang
ff_mov_lang_to_iso639
ff_mov_read_chan
ff_mov_write_chan
ff_mp4_obj_type
ff_mp4_read_dec_config_descr
ff_mp4_read_descr
ff_mp4_read_descr_len
ff_new_chapter
ff_ntp_time
ff_ogm_audio_codec
ff_ogm_old_codec
ff_ogm_text_codec
ff_ogm_video_codec
ff_parse_key_value
ff_parse_specific_params
ff_program_add_stream_index
ff_put_v
ff_read_frame_flush
ff_reduce_index
ff_restore_parser_state
ff_rm_alloc_rmstream
ff_rm_codec_tags
ff_rm_free_rmstream
ff_rm_metadata
ff_rm_parse_packet
ff_rm_read_mdpr_codecdata
ff_rm_reorder_sipr_data
ff_rm_retrieve_cache
ff_sdp_write_media
ff_sipr_subpk_size
ff_skeleton_codec
ff_store_parser_state
ff_theora_codec
ff_url_join
ff_vorbis_codec
ff_vorbis_comment
ff_vorbiscomment_length
ff_vorbiscomment_metadata_conv
ff_vorbiscomment_write
ff_wav_codec_get_id
ff_win32_open
ff_write_chained
ffio_fdopen
ffio_fill
ffio_get_checksum
ffio_init_checksum
ffio_init_context
ffio_open_dyn_packet_buf
ffio_read_partial
ffio_read_varlen
ffio_rewind_with_probe_data
ffio_set_buf_size
ffurl_alloc
ffurl_close
ffurl_connect
ffurl_get_file_handle
ffurl_open
ffurl_read
ffurl_read_complete
ffurl_register_protocol
ffurl_seek
ffurl_size
ffurl_write
find_info_tag
first_protocol
get_be16
get_be24
get_be32
get_be64
get_buffer
get_byte
get_checksum
get_le16
get_le24
get_le32
get_le64
get_partial_buffer
get_strz
init_checksum
init_put_byte
matroska_video_stereo_mode
matroska_video_stereo_plane
parse_date
pcm_read_seek
put_be16
put_be24
put_be32
put_be64
put_buffer
put_byte
put_flush_packet
put_le16
put_le24
put_le32
put_le64
put_nbyte
put_strz
put_tag
url_alloc
url_close
url_close_buf
url_close_dyn_buf
url_connect
url_exist
url_fclose
url_fdopen
url_feof
url_ferror
url_fget_max_packet_size
url_fgetc
url_fgets
url_fileno
url_filesize
url_fopen
url_fprintf
url_fseek
url_fsize
url_fskip
url_ftell
url_get_file_handle
url_get_filename
url_get_max_packet_size
url_interrupt_cb
url_open
url_open_buf
url_open_dyn_buf
url_open_dyn_packet_buf
url_open_protocol
url_read
url_read_complete
url_seek
url_set_interrupt_cb
url_setbufsize
url_write

Sections

UPX0
Size: - Virtual size: 132KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 79KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
fu/avutil-51.dll
.dll windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Exports

Exports

av_add_q
av_adler32_update
av_aes_crypt
av_aes_init
av_aes_size
av_base64_decode
av_base64_encode
av_bmg_get
av_compare_mod
av_compare_ts
av_crc
av_crc_get_table
av_crc_init
av_d2q
av_d2str
av_dbl2ext
av_dbl2int
av_default_item_name
av_des_crypt
av_des_init
av_dict_copy
av_dict_free
av_dict_get
av_dict_set
av_div_q
av_dynarray_add
av_eval_expr
av_evaluate_lls
av_expr_eval
av_expr_free
av_expr_parse
av_expr_parse_and_eval
av_ext2dbl
av_fifo_alloc
av_fifo_drain
av_fifo_free
av_fifo_generic_read
av_fifo_generic_write
av_fifo_realloc2
av_fifo_reset
av_fifo_size
av_fifo_space
av_file_map
av_file_unmap
av_find_info_tag
av_find_nearest_q_idx
av_find_opt
av_flt2int
av_force_cpu_flags
av_free
av_free_expr
av_freep
av_gcd
av_get_bits_per_pixel
av_get_bits_per_sample_fmt
av_get_bytes_per_sample
av_get_channel_layout
av_get_channel_layout_nb_channels
av_get_channel_layout_string
av_get_cpu_flags
av_get_double
av_get_int
av_get_picture_type_char
av_get_pix_fmt
av_get_pix_fmt_name
av_get_pix_fmt_string
av_get_q
av_get_random_seed
av_get_sample_fmt
av_get_sample_fmt_name
av_get_sample_fmt_string
av_get_string
av_get_token
av_image_alloc
av_image_check_size
av_image_copy
av_image_copy_plane
av_image_fill_linesizes
av_image_fill_max_pixsteps
av_image_fill_pointers
av_image_get_linesize
av_init_lls
av_int2dbl
av_int2flt
av_lfg_init
av_log
av_log_default_callback
av_log_get_level
av_log_set_callback
av_log_set_flags
av_log_set_level
av_lzo1x_decode
av_malloc
av_mallocz
av_md5_final
av_md5_init
av_md5_size
av_md5_sum
av_md5_update
av_memcpy_backptr
av_mul_q
av_nearer_q
av_next_option
av_opt_find
av_opt_flag_is_set
av_opt_free
av_opt_set_defaults
av_opt_set_defaults2
av_opt_set_dict
av_opt_show2
av_parse_and_eval_expr
av_parse_color
av_parse_expr
av_parse_time
av_parse_video_rate
av_parse_video_size
av_pix_fmt_descriptors
av_rc4_crypt
av_rc4_init
av_read_image_line
av_realloc
av_reduce
av_rescale
av_rescale_q
av_rescale_rnd
av_reverse
av_samples_alloc
av_samples_fill_arrays
av_set_double
av_set_int
av_set_options_string
av_set_q
av_set_string3
av_sha_final
av_sha_init
av_sha_size
av_sha_update
av_solve_lls
av_strdup
av_strerror
av_stristart
av_stristr
av_strlcat
av_strlcatf
av_strlcpy
av_strstart
av_strtod
av_sub_q
av_tree_destroy
av_tree_enumerate
av_tree_find
av_tree_insert
av_tree_node_size
av_update_lls
av_vlog
av_write_image_line
avutil_configuration
avutil_license
avutil_version
ff_get_cpu_flags_x86
ff_inverse
ff_log2_tab
ff_set_systematic_pal2
ff_sqrt_tab

Sections

UPX0
Size: - Virtual size: 104KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 57KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
fu/awesomium.dll
.dll windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

??0BitmapSurface@Awesomium@@QAE@ABV01@@Z
??0BitmapSurface@Awesomium@@QAE@HH@Z
??0BitmapSurfaceFactory@Awesomium@@QAE@ABV01@@Z
??0BitmapSurfaceFactory@Awesomium@@QAE@XZ
??0DataPakSource@Awesomium@@QAE@ABV01@@Z
??0DataPakSource@Awesomium@@QAE@ABVWebString@1@@Z
??0DataSource@Awesomium@@IAE@XZ
??0DataSource@Awesomium@@QAE@ABV01@@Z
??0Dialog@WebViewListener@Awesomium@@QAE@ABV012@@Z
??0Dialog@WebViewListener@Awesomium@@QAE@XZ
??0Download@WebViewListener@Awesomium@@QAE@ABV012@@Z
??0Download@WebViewListener@Awesomium@@QAE@XZ
??0InputMethodEditor@WebViewListener@Awesomium@@QAE@ABV012@@Z
??0InputMethodEditor@WebViewListener@Awesomium@@QAE@XZ
??0JSArray@Awesomium@@QAE@ABV01@@Z
??0JSArray@Awesomium@@QAE@I@Z
??0JSArray@Awesomium@@QAE@XZ
??0JSObject@Awesomium@@IAE@II@Z
??0JSObject@Awesomium@@QAE@ABV01@@Z
??0JSObject@Awesomium@@QAE@XZ
??0JSValue@Awesomium@@QAE@ABV01@@Z
??0JSValue@Awesomium@@QAE@ABVJSArray@1@@Z
??0JSValue@Awesomium@@QAE@ABVJSObject@1@@Z
??0JSValue@Awesomium@@QAE@ABVWebString@1@@Z
??0JSValue@Awesomium@@QAE@H@Z
??0JSValue@Awesomium@@QAE@N@Z
??0JSValue@Awesomium@@QAE@XZ
??0JSValue@Awesomium@@QAE@_N@Z
??0Load@WebViewListener@Awesomium@@QAE@ABV012@@Z
??0Load@WebViewListener@Awesomium@@QAE@XZ
??0Menu@WebViewListener@Awesomium@@QAE@ABV012@@Z
??0Menu@WebViewListener@Awesomium@@QAE@XZ
??0Print@WebViewListener@Awesomium@@QAE@ABV012@@Z
??0Print@WebViewListener@Awesomium@@QAE@XZ
??0PrintConfig@Awesomium@@QAE@XZ
??0Process@WebViewListener@Awesomium@@QAE@ABV012@@Z
??0Process@WebViewListener@Awesomium@@QAE@XZ
??0Rect@Awesomium@@QAE@HHHH@Z
??0Rect@Awesomium@@QAE@XZ
??0ResourceInterceptor@Awesomium@@QAE@ABV01@@Z
??0ResourceInterceptor@Awesomium@@QAE@XZ
??0ResourceRequest@Awesomium@@QAE@ABV01@@Z
??0ResourceRequest@Awesomium@@QAE@XZ
??0ResourceResponse@Awesomium@@IAE@ABVWebString@1@@Z
??0ResourceResponse@Awesomium@@IAE@IPAEABVWebString@1@@Z
??0ResourceResponse@Awesomium@@QAE@ABV01@@Z
??0Surface@Awesomium@@QAE@ABV01@@Z
??0Surface@Awesomium@@QAE@XZ
??0SurfaceFactory@Awesomium@@QAE@ABV01@@Z
??0SurfaceFactory@Awesomium@@QAE@XZ
??0UploadElement@Awesomium@@QAE@ABV01@@Z
??0UploadElement@Awesomium@@QAE@XZ
??0View@WebViewListener@Awesomium@@QAE@ABV012@@Z
??0View@WebViewListener@Awesomium@@QAE@XZ
??0WebConfig@Awesomium@@QAE@ABU01@@Z
??0WebConfig@Awesomium@@QAE@XZ
??0WebContextMenuInfo@Awesomium@@QAE@ABU01@@Z
??0WebContextMenuInfo@Awesomium@@QAE@XZ
??0WebCore@Awesomium@@QAE@ABV01@@Z
??0WebCore@Awesomium@@QAE@XZ
??0WebFileChooserInfo@Awesomium@@QAE@ABU01@@Z
??0WebFileChooserInfo@Awesomium@@QAE@XZ
??0WebKeyboardEvent@Awesomium@@QAE@IIJ@Z
??0WebKeyboardEvent@Awesomium@@QAE@XZ
??0WebLoginDialogInfo@Awesomium@@QAE@ABU01@@Z
??0WebLoginDialogInfo@Awesomium@@QAE@XZ
??0WebMenuItem@Awesomium@@QAE@ABU01@@Z
??0WebMenuItem@Awesomium@@QAE@XZ
??0WebMenuItemArray@Awesomium@@QAE@ABV01@@Z
??0WebMenuItemArray@Awesomium@@QAE@I@Z
??0WebMenuItemArray@Awesomium@@QAE@XZ
??0WebPageInfo@Awesomium@@QAE@ABU01@@Z
??0WebPageInfo@Awesomium@@QAE@XZ
??0WebPopupMenuInfo@Awesomium@@QAE@ABU01@@Z
??0WebPopupMenuInfo@Awesomium@@QAE@XZ
??0WebPreferences@Awesomium@@QAE@ABU01@@Z
??0WebPreferences@Awesomium@@QAE@XZ
??0WebSession@Awesomium@@QAE@ABV01@@Z
??0WebSession@Awesomium@@QAE@XZ
??0WebString@Awesomium@@AAE@PBX@Z
??0WebString@Awesomium@@QAE@ABV01@@Z
??0WebString@Awesomium@@QAE@ABV01@II@Z
??0WebString@Awesomium@@QAE@PBG@Z
??0WebString@Awesomium@@QAE@PBGI@Z
??0WebString@Awesomium@@QAE@XZ
??0WebStringArray@Awesomium@@QAE@ABV01@@Z
??0WebStringArray@Awesomium@@QAE@I@Z
??0WebStringArray@Awesomium@@QAE@XZ
??0WebTouchEvent@Awesomium@@QAE@XZ
??0WebTouchPoint@Awesomium@@QAE@XZ
??0WebURL@Awesomium@@AAE@PBX@Z
??0WebURL@Awesomium@@QAE@ABV01@@Z
??0WebURL@Awesomium@@QAE@ABVWebString@1@@Z
??0WebURL@Awesomium@@QAE@XZ
??0WebView@Awesomium@@QAE@ABV01@@Z
??0WebView@Awesomium@@QAE@XZ
??1BitmapSurface@Awesomium@@UAE@XZ
??1BitmapSurfaceFactory@Awesomium@@UAE@XZ
??1DataPakSource@Awesomium@@UAE@XZ
??1DataSource@Awesomium@@UAE@XZ
??1Dialog@WebViewListener@Awesomium@@MAE@XZ
??1Download@WebViewListener@Awesomium@@MAE@XZ
??1InputMethodEditor@WebViewListener@Awesomium@@MAE@XZ
??1JSArray@Awesomium@@QAE@XZ
??1JSObject@Awesomium@@QAE@XZ
??1JSValue@Awesomium@@QAE@XZ
??1Load@WebViewListener@Awesomium@@MAE@XZ
??1Menu@WebViewListener@Awesomium@@MAE@XZ
??1Print@WebViewListener@Awesomium@@MAE@XZ
??1Process@WebViewListener@Awesomium@@MAE@XZ
??1ResourceInterceptor@Awesomium@@UAE@XZ
??1ResourceRequest@Awesomium@@MAE@XZ
??1ResourceResponse@Awesomium@@IAE@XZ
??1Surface@Awesomium@@UAE@XZ
??1SurfaceFactory@Awesomium@@UAE@XZ
??1UploadElement@Awesomium@@MAE@XZ
??1View@WebViewListener@Awesomium@@MAE@XZ
??1WebConfig@Awesomium@@QAE@XZ
??1WebContextMenuInfo@Awesomium@@QAE@XZ
??1WebCore@Awesomium@@MAE@XZ
??1WebFileChooserInfo@Awesomium@@QAE@XZ
??1WebLoginDialogInfo@Awesomium@@QAE@XZ
??1WebMenuItem@Awesomium@@QAE@XZ
??1WebMenuItemArray@Awesomium@@QAE@XZ
??1WebPageInfo@Awesomium@@QAE@XZ
??1WebPopupMenuInfo@Awesomium@@QAE@XZ
??1WebPreferences@Awesomium@@QAE@XZ
??1WebSession@Awesomium@@MAE@XZ
??1WebString@Awesomium@@QAE@XZ
??1WebStringArray@Awesomium@@QAE@XZ
??1WebURL@Awesomium@@QAE@XZ
??1WebView@Awesomium@@MAE@XZ
??4BitmapSurface@Awesomium@@QAEAAV01@ABV01@@Z
??4BitmapSurfaceFactory@Awesomium@@QAEAAV01@ABV01@@Z
??4DataPakSource@Awesomium@@QAEAAV01@ABV01@@Z
??4DataSource@Awesomium@@QAEAAV01@ABV01@@Z
??4Dialog@WebViewListener@Awesomium@@QAEAAV012@ABV012@@Z
??4Download@WebViewListener@Awesomium@@QAEAAV012@ABV012@@Z
??4InputMethodEditor@WebViewListener@Awesomium@@QAEAAV012@ABV012@@Z
??4JSArray@Awesomium@@QAEAAV01@ABV01@@Z
??4JSObject@Awesomium@@QAEAAV01@ABV01@@Z
??4JSValue@Awesomium@@QAEAAV01@ABV01@@Z
??4Load@WebViewListener@Awesomium@@QAEAAV012@ABV012@@Z
??4Menu@WebViewListener@Awesomium@@QAEAAV012@ABV012@@Z
??4Print@WebViewListener@Awesomium@@QAEAAV012@ABV012@@Z
??4PrintConfig@Awesomium@@QAEAAU01@ABU01@@Z
??4Process@WebViewListener@Awesomium@@QAEAAV012@ABV012@@Z
??4Rect@Awesomium@@QAEAAU01@ABU01@@Z
??4ResourceInterceptor@Awesomium@@QAEAAV01@ABV01@@Z
??4ResourceRequest@Awesomium@@QAEAAV01@ABV01@@Z
??4ResourceResponse@Awesomium@@QAEAAV01@ABV01@@Z
??4Surface@Awesomium@@QAEAAV01@ABV01@@Z
??4SurfaceFactory@Awesomium@@QAEAAV01@ABV01@@Z
??4UploadElement@Awesomium@@QAEAAV01@ABV01@@Z
??4View@WebViewListener@Awesomium@@QAEAAV012@ABV012@@Z
??4WebConfig@Awesomium@@QAEAAU01@ABU01@@Z
??4WebContextMenuInfo@Awesomium@@QAEAAU01@ABU01@@Z
??4WebCore@Awesomium@@QAEAAV01@ABV01@@Z
??4WebFileChooserInfo@Awesomium@@QAEAAU01@ABU01@@Z
??4WebKeyboardEvent@Awesomium@@QAEAAV01@ABV01@@Z
??4WebLoginDialogInfo@Awesomium@@QAEAAU01@ABU01@@Z
??4WebMenuItem@Awesomium@@QAEAAU01@ABU01@@Z
??4WebMenuItemArray@Awesomium@@QAEAAV01@ABV01@@Z
??4WebPageInfo@Awesomium@@QAEAAU01@ABU01@@Z
??4WebPopupMenuInfo@Awesomium@@QAEAAU01@ABU01@@Z
??4WebPreferences@Awesomium@@QAEAAU01@ABU01@@Z
??4WebSession@Awesomium@@QAEAAV01@ABV01@@Z
??4WebString@Awesomium@@QAEAAV01@ABV01@@Z
??4WebStringArray@Awesomium@@QAEAAV01@ABV01@@Z
??4WebTouchEvent@Awesomium@@QAEAAU01@ABU01@@Z
??4WebTouchPoint@Awesomium@@QAEAAU01@ABU01@@Z
??4WebURL@Awesomium@@QAEAAV01@ABV01@@Z
??4WebView@Awesomium@@QAEAAV01@ABV01@@Z
??8WebString@Awesomium@@QBE_NABV01@@Z
??8WebURL@Awesomium@@QBE_NABV01@@Z
??9WebString@Awesomium@@QBE_NABV01@@Z
??9WebURL@Awesomium@@QBE_NABV01@@Z
??AJSArray@Awesomium@@QAEAAVJSValue@1@I@Z
??AJSArray@Awesomium@@QBEABVJSValue@1@I@Z
??AWebMenuItemArray@Awesomium@@QAEAAUWebMenuItem@1@I@Z
??AWebMenuItemArray@Awesomium@@QBEABUWebMenuItem@1@I@Z
??AWebStringArray@Awesomium@@QAEAAVWebString@1@I@Z
??AWebStringArray@Awesomium@@QBEABVWebString@1@I@Z
??MWebString@Awesomium@@QBE_NABV01@@Z
??MWebURL@Awesomium@@QBE_NABV01@@Z
??_7BitmapSurface@Awesomium@@6B@
??_7BitmapSurfaceFactory@Awesomium@@6B@
??_7DataPakSource@Awesomium@@6B@
??_7DataSource@Awesomium@@6B@
??_7Dialog@WebViewListener@Awesomium@@6B@
??_7Download@WebViewListener@Awesomium@@6B@
??_7InputMethodEditor@WebViewListener@Awesomium@@6B@
??_7Load@WebViewListener@Awesomium@@6B@
??_7Menu@WebViewListener@Awesomium@@6B@
??_7Print@WebViewListener@Awesomium@@6B@
??_7Process@WebViewListener@Awesomium@@6B@
??_7ResourceInterceptor@Awesomium@@6B@
??_7ResourceRequest@Awesomium@@6B@
??_7Surface@Awesomium@@6B@
??_7SurfaceFactory@Awesomium@@6B@
??_7UploadElement@Awesomium@@6B@
??_7View@WebViewListener@Awesomium@@6B@
??_7WebCore@Awesomium@@6B@
??_7WebSession@Awesomium@@6B@
??_7WebView@Awesomium@@6B@
?Append@WebString@Awesomium@@QAEAAV12@ABV12@@Z
?Assign@WebString@Awesomium@@QAEAAV12@ABV12@@Z
?Assign@WebString@Awesomium@@QAEAAV12@ABV12@II@Z
?Assign@WebString@Awesomium@@QAEAAV12@PBG@Z
?Assign@WebString@Awesomium@@QAEAAV12@PBGI@Z
?At@JSArray@Awesomium@@QAEAAVJSValue@2@I@Z
?At@JSArray@Awesomium@@QBEABVJSValue@2@I@Z
?At@WebMenuItemArray@Awesomium@@QAEAAUWebMenuItem@2@I@Z
?At@WebMenuItemArray@Awesomium@@QBEABUWebMenuItem@2@I@Z
?At@WebStringArray@Awesomium@@QAEAAVWebString@2@I@Z
?At@WebStringArray@Awesomium@@QBEABVWebString@2@I@Z
?ChildProcessMain@Awesomium@@YAHPAUHINSTANCE__@@@Z
?Clear@JSArray@Awesomium@@QAEXXZ
?Clear@WebString@Awesomium@@QAEXXZ
?Compare@WebString@Awesomium@@QBEHABV12@@Z
?CopyBuffers@Awesomium@@YAXHHPAEH0HH_N1@Z
?CopyTo@BitmapSurface@Awesomium@@QBEXPAEHH_N1@Z
?Create@ResourceResponse@Awesomium@@SAPAV12@ABVWebString@2@@Z
?Create@ResourceResponse@Awesomium@@SAPAV12@IPAEABVWebString@2@@Z
?CreateFromUTF8@WebString@Awesomium@@SA?AV12@PBDI@Z
?CreateSurface@BitmapSurfaceFactory@Awesomium@@UAEPAVSurface@2@PAVWebView@2@HH@Z
?DestroySurface@BitmapSurfaceFactory@Awesomium@@UAEXPAVSurface@2@@Z
?Erase@JSArray@Awesomium@@QAEXI@Z
?GetAlphaAtPoint@BitmapSurface@Awesomium@@QBEEHH@Z
?GetBridge@JSObject@Awesomium@@IBEPAVJSObjectBridge@2@I@Z
?GetKeyIdentifierFromVirtualKeyCode@Awesomium@@YAXHPAPAD@Z
?GetMethodNames@JSObject@Awesomium@@QBE?AVJSArray@2@XZ
?GetProperty@JSObject@Awesomium@@QBE?AVJSValue@2@ABVWebString@2@@Z
?GetPropertyNames@JSObject@Awesomium@@QBE?AVJSArray@2@XZ
?HasMethod@JSObject@Awesomium@@QBE_NABVWebString@2@@Z
?HasProperty@JSObject@Awesomium@@QBE_NABVWebString@2@@Z
?Initialize@WebCore@Awesomium@@SAPAV12@ABUWebConfig@2@@Z
?Insert@JSArray@Awesomium@@QAEXABVJSValue@2@I@Z
?Invoke@JSObject@Awesomium@@QAE?AVJSValue@2@ABVWebString@2@ABVJSArray@2@@Z
?InvokeAsync@JSObject@Awesomium@@QAEXABVWebString@2@ABVJSArray@2@@Z
?IsArray@JSValue@Awesomium@@QBE_NXZ
?IsBoolean@JSValue@Awesomium@@QBE_NXZ
?IsChildProcess@Awesomium@@YA_NPAUHINSTANCE__@@@Z
?IsDouble@JSValue@Awesomium@@QBE_NXZ
?IsEmpty@Rect@Awesomium@@QBE_NXZ
?IsEmpty@WebString@Awesomium@@QBE_NXZ
?IsEmpty@WebURL@Awesomium@@QBE_NXZ
?IsInteger@JSValue@Awesomium@@QBE_NXZ
?IsNull@JSValue@Awesomium@@QBE_NXZ
?IsNumber@JSValue@Awesomium@@QBE_NXZ
?IsObject@JSValue@Awesomium@@QBE_NXZ
?IsString@JSValue@Awesomium@@QBE_NXZ
?IsUndefined@JSValue@Awesomium@@QBE_NXZ
?IsValid@WebURL@Awesomium@@QBE_NXZ
?Null@JSValue@Awesomium@@SAABV12@XZ
?OnFilterNavigation@ResourceInterceptor@Awesomium@@UAE_NHHABVWebString@2@ABVWebURL@2@_N@Z
?OnRequest@DataPakSource@Awesomium@@UAEXHABVResourceRequest@2@ABVWebString@2@@Z
?OnRequest@ResourceInterceptor@Awesomium@@UAEPAVResourceResponse@2@PAVResourceRequest@2@@Z
?OnWillDownload@ResourceInterceptor@Awesomium@@UAEXHHABVWebURL@2@@Z
?Paint@BitmapSurface@Awesomium@@UAEXPAEHABURect@2@1@Z
?Pop@JSArray@Awesomium@@QAEXXZ
?Push@JSArray@Awesomium@@QAEXABVJSValue@2@@Z
?Push@WebMenuItemArray@Awesomium@@QAEXABUWebMenuItem@2@@Z
?Push@WebStringArray@Awesomium@@QAEXABVWebString@2@@Z
?RemoveProperty@JSObject@Awesomium@@QAEXABVWebString@2@@Z
?SaveToJPEG@BitmapSurface@Awesomium@@QBE_NABVWebString@2@H@Z
?SaveToPNG@BitmapSurface@Awesomium@@QBE_NABVWebString@2@_N@Z
?Scroll@BitmapSurface@Awesomium@@UAEXHHABURect@2@@Z
?SendResponse@DataSource@Awesomium@@QAEXHIPBEABVWebString@2@@Z
?SetCustomMethod@JSObject@Awesomium@@QAEXABVWebString@2@_N@Z
?SetProperty@JSObject@Awesomium@@QAEXABVWebString@2@ABVJSValue@2@@Z
?SetPropertyAsync@JSObject@Awesomium@@QAEXABVWebString@2@ABVJSValue@2@@Z
?Shutdown@WebCore@Awesomium@@SAXXZ
?Swap@WebString@Awesomium@@QAEXAAV12@@Z
?ToArray@JSValue@Awesomium@@QAEAAVJSArray@2@XZ
?ToArray@JSValue@Awesomium@@QBEABVJSArray@2@XZ
?ToBoolean@JSValue@Awesomium@@QBE_NXZ
?ToDouble@JSValue@Awesomium@@QBENXZ
?ToInteger@JSValue@Awesomium@@QBEHXZ
?ToObject@JSValue@Awesomium@@QAEAAVJSObject@2@XZ
?ToObject@JSValue@Awesomium@@QBEABVJSObject@2@XZ
?ToString@JSObject@Awesomium@@QBE?AVWebString@2@XZ
?ToString@JSValue@Awesomium@@QBE?AVWebString@2@XZ
?ToUTF8@WebString@Awesomium@@QBEIPADI@Z
?TranslateError@JSObject@Awesomium@@IBEXPAVJSObjectBridge@2@_N@Z
?Undefined@JSValue@Awesomium@@SAABV12@XZ
?WriteDataPak@Awesomium@@YA_NABVWebString@1@00AAG@Z
?allocated_memory@WebCore@Awesomium@@SAIXZ
?anchor@WebURL@Awesomium@@QBE?AVWebString@2@XZ
?buffer@BitmapSurface@Awesomium@@QBEPBEXZ
?capacity@JSArray@Awesomium@@QBEIXZ
?data@WebString@Awesomium@@QBEPBGXZ
?filename@WebURL@Awesomium@@QBE?AVWebString@2@XZ
?height@BitmapSurface@Awesomium@@QBEHXZ
?host@WebURL@Awesomium@@QBE?AVWebString@2@XZ
?instance@WebCore@Awesomium@@SAPAV12@XZ
?instance_@WebCore@Awesomium@@0PAV12@A
?is_dirty@BitmapSurface@Awesomium@@QBE_NXZ
?last_error@JSObject@Awesomium@@QBE?AW4Error@2@XZ
?length@WebString@Awesomium@@QBEIXZ
?owner@JSObject@Awesomium@@QBEPAVWebView@2@XZ
?password@WebURL@Awesomium@@QBE?AVWebString@2@XZ
?path@WebURL@Awesomium@@QBE?AVWebString@2@XZ
?port@WebURL@Awesomium@@QBE?AVWebString@2@XZ
?query@WebURL@Awesomium@@QBE?AVWebString@2@XZ
?ref_count@JSObject@Awesomium@@QBEHXZ
?release_memory@WebCore@Awesomium@@SAXXZ
?remote_id@JSObject@Awesomium@@QBEIXZ
?row_span@BitmapSurface@Awesomium@@QBEHXZ
?scheme@WebURL@Awesomium@@QBE?AVWebString@2@XZ
?set_is_dirty@BitmapSurface@Awesomium@@QAEX_N@Z
?set_session@DataSource@Awesomium@@IAEXPAVWebSession@2@H@Z
?size@JSArray@Awesomium@@QBEIXZ
?size@WebMenuItemArray@Awesomium@@QBEIXZ
?size@WebStringArray@Awesomium@@QBEIXZ
?spec@WebURL@Awesomium@@QBE?AVWebString@2@XZ
?type@JSObject@Awesomium@@QBE?AW4JSObjectType@2@XZ
?used_memory@WebCore@Awesomium@@SAIXZ
?username@WebURL@Awesomium@@QBE?AVWebString@2@XZ
?width@BitmapSurface@Awesomium@@QBEHXZ
_Awe_BitmapSurfaceFactory_CreateSurface@16
_Awe_BitmapSurfaceFactory_CreateSurfaceExplicitBitmapSurfaceFactory@16
_Awe_BitmapSurfaceFactory_DestroySurface@8
_Awe_BitmapSurfaceFactory_DestroySurfaceExplicitBitmapSurfaceFactory@8
_Awe_BitmapSurfaceFactory_Upcast@4
_Awe_BitmapSurfaceFactory_director_connect@12
_Awe_BitmapSurface_CopyTo@24
_Awe_BitmapSurface_GetAlphaAtPoint@12
_Awe_BitmapSurface_Paint@44
_Awe_BitmapSurface_PaintExplicitBitmapSurface@44
_Awe_BitmapSurface_SaveToJPEG_0@12
_Awe_BitmapSurface_SaveToJPEG_1@8
_Awe_BitmapSurface_SaveToPNG_0@12
_Awe_BitmapSurface_SaveToPNG_1@8
_Awe_BitmapSurface_Scroll@28
_Awe_BitmapSurface_ScrollExplicitBitmapSurface@28
_Awe_BitmapSurface_Upcast@4
_Awe_BitmapSurface_buffer@4
_Awe_BitmapSurface_director_connect@12
_Awe_BitmapSurface_height@4
_Awe_BitmapSurface_is_dirty@4
_Awe_BitmapSurface_row_span@4
_Awe_BitmapSurface_set_is_dirty@8
_Awe_BitmapSurface_width@4
_Awe_ChildProcessMain@4
_Awe_CopyBuffers@36
_Awe_DataPakSource_OnRequest@16
_Awe_DataPakSource_OnRequestExplicitDataPakSource@16
_Awe_DataPakSource_Upcast@4
_Awe_DataPakSource_director_connect@8
_Awe_DataSource_OnRequest@16
_Awe_DataSource_SendResponse@20
_Awe_DataSource_director_connect@8
_Awe_Dialog_OnShowCertificateErrorDialog@20
_Awe_Dialog_OnShowFileChooser@12
_Awe_Dialog_OnShowLoginDialog@12
_Awe_Dialog_OnShowPageInfoDialog@12
_Awe_Dialog_director_connect@20
_Awe_Download_OnFinishDownload@20
_Awe_Download_OnRequestDownload@24
_Awe_Download_OnUpdateDownload@36
_Awe_Download_director_connect@16
_Awe_GetKeyIdentifierFromVirtualKeyCode@8
_Awe_InputMethodEditor_OnCancelIME@8
_Awe_InputMethodEditor_OnChangeIMERange@16
_Awe_InputMethodEditor_OnUpdateIME@20
_Awe_InputMethodEditor_director_connect@16
_Awe_IsChildProcess@4
_Awe_JSArray_At_0@8
_Awe_JSArray_Clear@4
_Awe_JSArray_Erase@8
_Awe_JSArray_Insert@12
_Awe_JSArray_Pop@4
_Awe_JSArray_Push@8
_Awe_JSArray_capacity@4
_Awe_JSArray_size@4
_Awe_JSMethodHandler_OnMethodCall@20
_Awe_JSMethodHandler_OnMethodCallWithReturnValue@20
_Awe_JSMethodHandler_director_connect@12
_Awe_JSObject_GetMethodNames@4
_Awe_JSObject_GetProperty@8
_Awe_JSObject_GetPropertyNames@4
_Awe_JSObject_HasMethod@8
_Awe_JSObject_HasProperty@8
_Awe_JSObject_Invoke@12
_Awe_JSObject_InvokeAsync@12
_Awe_JSObject_RemoveProperty@8
_Awe_JSObject_SetCustomMethod@12
_Awe_JSObject_SetProperty@12
_Awe_JSObject_SetPropertyAsync@12
_Awe_JSObject_ToString@4
_Awe_JSObject_last_error@4
_Awe_JSObject_owner@4
_Awe_JSObject_ref_count@4
_Awe_JSObject_remote_id@4
_Awe_JSObject_type@4
_Awe_JSValue_IsArray@4
_Awe_JSValue_IsBoolean@4
_Awe_JSValue_IsDouble@4
_Awe_JSValue_IsInteger@4
_Awe_JSValue_IsNull@4
_Awe_JSValue_IsNumber@4
_Awe_JSValue_IsObject@4
_Awe_JSValue_IsString@4
_Awe_JSValue_IsUndefined@4
_Awe_JSValue_Null@0
_Awe_JSValue_ToArray_0@4
_Awe_JSValue_ToBoolean@4
_Awe_JSValue_ToDouble@4
_Awe_JSValue_ToInteger@4
_Awe_JSValue_ToObject_0@4
_Awe_JSValue_ToString@4
_Awe_JSValue_Undefined@0
_Awe_Load_OnBeginLoadingFrame@28
_Awe_Load_OnDocumentReady@12
_Awe_Load_OnFailLoadingFrame@32
_Awe_Load_OnFinishLoadingFrame@24
_Awe_Load_director_connect@20
_Awe_Menu_OnShowContextMenu@12
_Awe_Menu_OnShowPopupMenu@12
_Awe_Menu_director_connect@12
_Awe_Print_OnFailPrint@12
_Awe_Print_OnFinishPrint@16
_Awe_Print_OnRequestPrint@8
_Awe_Print_director_connect@16
_Awe_Process_OnCrashed@12
_Awe_Process_OnLaunch@8
_Awe_Process_OnResponsive@8
_Awe_Process_OnUnresponsive@8
_Awe_Process_director_connect@20
_Awe_RegisterStringCallback@4
_Awe_ResourceInterceptor_OnFilterNavigation@24
_Awe_ResourceInterceptor_OnFilterNavigationExplicitResourceInterceptor@24
_Awe_ResourceInterceptor_OnRequest@8
_Awe_ResourceInterceptor_OnRequestExplicitResourceInterceptor@8
_Awe_ResourceInterceptor_OnWillDownload@16
_Awe_ResourceInterceptor_OnWillDownloadExplicitResourceInterceptor@16
_Awe_ResourceInterceptor_director_connect@16
_Awe_ResourceRequest_AppendExtraHeader@12
_Awe_ResourceRequest_AppendUploadBytes@12
_Awe_ResourceRequest_AppendUploadFilePath@8
_Awe_ResourceRequest_Cancel@4
_Awe_ResourceRequest_ClearUploadElements@4
_Awe_ResourceRequest_GetUploadElement@8
_Awe_ResourceRequest_extra_headers@4
_Awe_ResourceRequest_method@4
_Awe_ResourceRequest_num_upload_elements@4
_Awe_ResourceRequest_origin_process_id@4
_Awe_ResourceRequest_origin_routing_id@4
_Awe_ResourceRequest_referrer@4
_Awe_ResourceRequest_set_extra_headers@8
_Awe_ResourceRequest_set_ignore_data_source_handler@8
_Awe_ResourceRequest_set_method@8
_Awe_ResourceRequest_set_referrer@8
_Awe_ResourceRequest_url@4
_Awe_ResourceResponse_Create_0@12
_Awe_ResourceResponse_Create_1@4
_Awe_SurfaceFactory_CreateSurface@16
_Awe_SurfaceFactory_DestroySurface@8
_Awe_SurfaceFactory_director_connect@12
_Awe_Surface_Paint@44
_Awe_Surface_Scroll@28
_Awe_Surface_director_connect@12
_Awe_UploadElement_IsBytes@4
_Awe_UploadElement_IsFilePath@4
_Awe_UploadElement_bytes@4
_Awe_UploadElement_file_path@4
_Awe_UploadElement_num_bytes@4
_Awe_View_OnAddConsoleMessage@20
_Awe_View_OnChangeAddressBar@12
_Awe_View_OnChangeCursor@12
_Awe_View_OnChangeFocus@12
_Awe_View_OnChangeTargetURL@12
_Awe_View_OnChangeTitle@12
_Awe_View_OnChangeTooltip@12
_Awe_View_OnShowCreatedWebView@40
_Awe_View_director_connect@36
_Awe_WebConfig_additional_options_get@4
_Awe_WebConfig_additional_options_set@8
_Awe_WebConfig_asset_protocol_get@4
_Awe_WebConfig_asset_protocol_set@8
_Awe_WebConfig_child_process_path_get@4
_Awe_WebConfig_child_process_path_set@8
_Awe_WebConfig_log_level_get@4
_Awe_WebConfig_log_level_set@8
_Awe_WebConfig_log_path_get@4
_Awe_WebConfig_log_path_set@8
_Awe_WebConfig_package_path_get@4
_Awe_WebConfig_package_path_set@8
_Awe_WebConfig_plugin_path_get@4
_Awe_WebConfig_plugin_path_set@8
_Awe_WebConfig_reduce_memory_usage_on_navigation_get@4
_Awe_WebConfig_reduce_memory_usage_on_navigation_set@8
_Awe_WebConfig_remote_debugging_host_get@4
_Awe_WebConfig_remote_debugging_host_set@8
_Awe_WebConfig_remote_debugging_port_get@4
_Awe_WebConfig_remote_debugging_port_set@8
_Awe_WebConfig_user_agent_get@4
_Awe_WebConfig_user_agent_set@8
_Awe_WebConfig_user_script_get@4

Sections

UPX0
Size: - Virtual size: 14.3MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 6.0MB - Virtual size: 6.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 43KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
fu/awesomium_process.exe
.exe windows x86

3e23a87136c45cfd410f1805b6182c6a

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

01
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

30/05/2000, 10:48

Not After

30/05/2020, 10:48

Subject

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

27:66:ee:56:eb:49:f3:8e:ab:d7:70:a2:fc:84:de:22
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

30/05/2000, 10:48

Not After

30/05/2020, 10:48

Subject

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

49:61:ec:fc:88:b7:58:eb:c2:d6:cb:cf:d8:90:0f:b2
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

23/04/2015, 00:00

Not After

22/04/2017, 23:59

Subject

CN=Awesomium Technologies LLC,OU=Awesomium Technologies LLC,O=Awesomium Technologies LLC,POSTALCODE=77095,STREET=15822 Jamie Lee Dr.,L=Houston,ST=TX,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09/05/2013, 00:00

Not After

08/05/2028, 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

99:9a:a6:95:a8:fb:3a:85:80:09:15:80:72:9a:36:3a:1d:65:62:95
Signer

Actual PE Digest

99:9a:a6:95:a8:fb:3a:85:80:09:15:80:72:9a:36:3a:1d:65:62:95

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
MultiByteToWideChar
LCMapStringW
GetCommandLineW
HeapSetInformation
GetStartupInfoW
RtlUnwind
SetUnhandledExceptionFilter
GetProcAddress
GetModuleHandleW
DecodePointer
WriteFile
GetStdHandle
GetModuleFileNameW
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
GetLastError
InterlockedDecrement
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
IsDebuggerPresent
LeaveCriticalSection
EnterCriticalSection
LoadLibraryW
HeapFree
Sleep
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
WideCharToMultiByte
HeapSize
HeapAlloc
HeapReAlloc
IsProcessorFeaturePresent
GetStringTypeW

awesomium

?ChildProcessMain@Awesomium@@YAHPAUHINSTANCE__@@@Z

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
fu/icudt.dll
.dll windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

icudt46_dat

Sections

UPX0
Size: - Virtual size: 6.6MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 2.9MB - Virtual size: 2.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
fu/libEGL.dll
.dll windows x86

abff00e59264285786c94c5cfb75b65a

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

01
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

30/05/2000, 10:48

Not After

30/05/2020, 10:48

Subject

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

27:66:ee:56:eb:49:f3:8e:ab:d7:70:a2:fc:84:de:22
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

30/05/2000, 10:48

Not After

30/05/2020, 10:48

Subject

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

49:61:ec:fc:88:b7:58:eb:c2:d6:cb:cf:d8:90:0f:b2
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

23/04/2015, 00:00

Not After

22/04/2017, 23:59

Subject

CN=Awesomium Technologies LLC,OU=Awesomium Technologies LLC,O=Awesomium Technologies LLC,POSTALCODE=77095,STREET=15822 Jamie Lee Dr.,L=Houston,ST=TX,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09/05/2013, 00:00

Not After

08/05/2028, 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

3a:b6:08:40:8b:50:3c:6b:e8:50:f6:4e:f7:32:25:20:4c:51:55:e7
Signer

Actual PE Digest

3a:b6:08:40:8b:50:3c:6b:e8:50:f6:4e:f7:32:25:20:4c:51:55:e7

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

d3d9

D3DPERF_BeginEvent
D3DPERF_SetMarker
D3DPERF_EndEvent
D3DPERF_GetStatus
Direct3DCreate9

kernel32

FlushFileBuffers
CloseHandle
TlsFree
TlsSetValue
LocalAlloc
TlsAlloc
LocalFree
TlsGetValue
Sleep
GetModuleHandleW
GetProcAddress
GetVersion
GetCurrentProcessId
GetLastError
GetCurrentThreadId
CreateFileW
WriteConsoleW
SetStdHandle
GetStringTypeW
MultiByteToWideChar
LCMapStringW
GetConsoleMode
GetConsoleCP
SetFilePointer
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
SetLastError
GetCurrentProcess
LoadLibraryW
HeapReAlloc
EnterCriticalSection
LeaveCriticalSection
GetModuleFileNameW
FreeLibrary
InterlockedExchange
LoadLibraryA
RaiseException
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
DecodePointer
TerminateProcess
RtlUnwind
GetCommandLineA
HeapFree
IsProcessorFeaturePresent
HeapAlloc
HeapSize
ExitProcess
InterlockedIncrement
InterlockedDecrement
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
WriteFile

user32

GetDC
RemovePropW
SetWindowLongW
GetPropW
InvalidateRect
ReleaseDC
DestroyWindow
IsWindow
SetPropW
CallWindowProcW
GetClientRect
GetWindowThreadProcessId
CreateWindowExW

gdi32

GetDeviceCaps

libglesv2

ord145
ord146
ord147
ord158
ord148
ord144

Exports

Exports

eglBindAPI
eglBindTexImage
eglChooseConfig
eglCopyBuffers
eglCreateContext
eglCreatePbufferFromClientBuffer
eglCreatePbufferSurface
eglCreatePixmapSurface
eglCreateWindowSurface
eglDestroyContext
eglDestroySurface
eglGetConfigAttrib
eglGetConfigs
eglGetCurrentContext
eglGetCurrentDisplay
eglGetCurrentSurface
eglGetDisplay
eglGetError
eglGetProcAddress
eglInitialize
eglMakeCurrent
eglQueryAPI
eglQueryContext
eglQueryString
eglQuerySurface
eglReleaseTexImage
eglReleaseThread
eglSurfaceAttrib
eglSwapBuffers
eglSwapInterval
eglTerminate
eglWaitClient
eglWaitGL
eglWaitNative

Sections

.text
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
fu/libGLESv2.dll
.dll windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

glActiveTexture
glAttachShader
glBindAttribLocation
glBindBuffer
glBindFramebuffer
glBindRenderbuffer
glBindTexture
glBlendColor
glBlendEquation
glBlendEquationSeparate
glBlendFunc
glBlendFuncSeparate
glBlitFramebufferANGLE
glBufferData
glBufferSubData
glCheckFramebufferStatus
glClear
glClearColor
glClearDepthf
glClearStencil
glColorMask
glCompileShader
glCompressedTexImage2D
glCompressedTexSubImage2D
glCopyTexImage2D
glCopyTexSubImage2D
glCreateProgram
glCreateShader
glCullFace
glDeleteBuffers
glDeleteFencesNV
glDeleteFramebuffers
glDeleteProgram
glDeleteRenderbuffers
glDeleteShader
glDeleteTextures
glDepthFunc
glDepthMask
glDepthRangef
glDetachShader
glDisable
glDisableVertexAttribArray
glDrawArrays
glDrawElements
glEnable
glEnableVertexAttribArray
glFinish
glFinishFenceNV
glFlush
glFramebufferRenderbuffer
glFramebufferTexture2D
glFrontFace
glGenBuffers
glGenFencesNV
glGenFramebuffers
glGenRenderbuffers
glGenTextures
glGenerateMipmap
glGetActiveAttrib
glGetActiveUniform
glGetAttachedShaders
glGetAttribLocation
glGetBooleanv
glGetBufferParameteriv
glGetError
glGetFenceivNV
glGetFloatv
glGetFramebufferAttachmentParameteriv
glGetGraphicsResetStatusEXT
glGetIntegerv
glGetProgramInfoLog
glGetProgramiv
glGetRenderbufferParameteriv
glGetShaderInfoLog
glGetShaderPrecisionFormat
glGetShaderSource
glGetShaderiv
glGetString
glGetTexParameterfv
glGetTexParameteriv
glGetTranslatedShaderSourceANGLE
glGetUniformLocation
glGetUniformfv
glGetUniformiv
glGetVertexAttribPointerv
glGetVertexAttribfv
glGetVertexAttribiv
glGetnUniformfvEXT
glGetnUniformivEXT
glHint
glIsBuffer
glIsEnabled
glIsFenceNV
glIsFramebuffer
glIsProgram
glIsRenderbuffer
glIsShader
glIsTexture
glLineWidth
glLinkProgram
glPixelStorei
glPolygonOffset
glReadPixels
glReadnPixelsEXT
glReleaseShaderCompiler
glRenderbufferStorage
glRenderbufferStorageMultisampleANGLE
glSampleCoverage
glScissor
glSetFenceNV
glShaderBinary
glShaderSource
glStencilFunc
glStencilFuncSeparate
glStencilMask
glStencilMaskSeparate
glStencilOp
glStencilOpSeparate
glTestFenceNV
glTexImage2D
glTexImage3DOES
glTexParameterf
glTexParameterfv
glTexParameteri
glTexParameteriv
glTexStorage2DEXT
glTexSubImage2D
glUniform1f
glUniform1fv
glUniform1i
glUniform1iv
glUniform2f
glUniform2fv
glUniform2i
glUniform2iv
glUniform3f
glUniform3fv
glUniform3i
glUniform3iv
glUniform4f
glUniform4fv
glUniform4i
glUniform4iv
glUniformMatrix2fv
glUniformMatrix3fv
glUniformMatrix4fv
glUseProgram
glValidateProgram
glVertexAttrib1f
glVertexAttrib1fv
glVertexAttrib2f
glVertexAttrib2fv
glVertexAttrib3f
glVertexAttrib3fv
glVertexAttrib4f
glVertexAttrib4fv
glVertexAttribPointer
glViewport

Sections

UPX0
Size: - Virtual size: 348KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 179KB - Virtual size: 180KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
fu/www/backblue.gif
.gif
fu/www/code.jquery.com/jquery-latest.js
.js
fu/www/fade.gif
.gif
fu/www/fediafedia.com/prank/assets/js/lang.js
.js
fu/www/fediafedia.com/prank/vista/index.html
.js
fu/www/fediafedia.com/prank/win7/index.html
.js
fu/www/fediafedia.com/prank/win8/index.html
.html .js
fu/www/fediafedia.com/prank/xp/index.html
.js
fu/www/i.imgur.com/FvmmtMl.jpg
fu/www/i.imgur.com/N9nbgDY.jpg
fu/www/i.imgur.com/PI73wHG.png
.png
fu/www/i.imgur.com/QOBYXA3.png
.png
fu/www/i.imgur.com/SSa5BPv.png
.png
fu/www/i.imgur.com/WBymYwU.gif
.gif
fu/www/i.imgur.com/bGNCoDi.jpg
.jpg
fu/www/i.imgur.com/dhaSKKq.png
.png
fu/www/i.imgur.com/eZQzDJL.gif
.gif
fu/www/i.imgur.com/gQyFbtU.png
.png
fu/www/i.imgur.com/hPIlmru.png
.png
fu/xinput9_1_0.dll
.dll windows x86

286430b343ed2faba4ceb6c16c83cd3a

Code Sign

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

04/12/2003, 00:00

Not After

03/12/2008, 23:59

Subject

CN=VeriSign Time Stamping Services Signer,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

6a:0b:99:4f:c0:00:0c:ab:11:d8:22:ef:7d:6c:79:7e
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

23/05/2002, 08:00

Not After

25/09/2011, 08:00

Subject

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

61:05:87:58:00:03:00:00:00:5a
Certificate

Issuer

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

05/01/2005, 23:20

Not After

05/04/2006, 23:30

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

74:b5:f5:07:88:7b:ad:78:29:83:d0:95:5a:ef:97:cf:b2:3b:c1:e7
Signer

Actual PE Digest

74:b5:f5:07:88:7b:ad:78:29:83:d0:95:5a:ef:97:cf:b2:3b:c1:e7

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

RtlUnwind

kernel32

LocalAlloc
LoadLibraryW
FreeLibrary
GetProcAddress
GetLastError
CreateFileW
DeviceIoControl
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
ExitProcess
GetModuleHandleA
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
HeapDestroy
HeapCreate
GetCurrentProcess
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
DuplicateHandle
GetEnvironmentStringsW
WriteFile
InterlockedExchange
VirtualQuery
Sleep
GetACP
GetOEMCP
GetCPInfo
VirtualAlloc
HeapReAlloc
IsBadWritePtr
LoadLibraryA
RaiseException
IsBadReadPtr
IsBadCodePtr
SetFilePointer
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetStdHandle
GetLocaleInfoA
VirtualProtect
GetSystemInfo
FlushFileBuffers
LocalFree
CloseHandle
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
VirtualFree
WideCharToMultiByte

advapi32

TraceMessage
GetTraceLoggerHandle
GetTraceEnableLevel
GetTraceEnableFlags
RegCreateKeyExW
RegSetValueExW
RegCloseKey
UnregisterTraceGuids
RegisterTraceGuidsW

setupapi

SetupDiDestroyDeviceInfoList
SetupDiGetClassDevsW
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailW

Exports

Exports

DllMain
XInputGetCapabilities
XInputGetDSoundAudioDeviceGuids
XInputGetState
XInputSetState

Sections

.text
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 992B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1868d5467d24c13730f0618af5d490e0

Headers

DLL Characteristics

File Characteristics

Imports

awesomium

kernel32

user32

Sections

.text Size: 44KB - Virtual size: 44KB

.rdata Size: 28KB - Virtual size: 28KB

.data Size: 4KB - Virtual size: 11KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 16KB - Virtual size: 15KB

6d3f2836fd047750f100e2f49b4db91e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

secur32

psapi

Sections

.text Size: 31KB - Virtual size: 31KB

.rdata Size: 19KB - Virtual size: 18KB

.data Size: 3KB - Virtual size: 11KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 9KB - Virtual size: 8KB

Headers

DLL Characteristics

File Characteristics

Exports

Exports

Sections

UPX0 Size: - Virtual size: 1.4MB

UPX1 Size: 268KB - Virtual size: 272KB

UPX2 Size: 36KB - Virtual size: 40KB

Headers

DLL Characteristics

File Characteristics

Exports

Exports

Sections

UPX0 Size: - Virtual size: 132KB

UPX1 Size: 79KB - Virtual size: 80KB

UPX2 Size: 8KB - Virtual size: 12KB

Headers

DLL Characteristics

File Characteristics

Exports

Exports

Sections

UPX0 Size: - Virtual size: 104KB

UPX1 Size: 57KB - Virtual size: 60KB

UPX2 Size: 4KB - Virtual size: 8KB

Headers

DLL Characteristics

File Characteristics

Exports

Exports

Sections

UPX0 Size: - Virtual size: 14.3MB

UPX1 Size: 6.0MB - Virtual size: 6.0MB

.rsrc Size: 43KB - Virtual size: 44KB

3e23a87136c45cfd410f1805b6182c6a

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate

Extended Key Usages

Key Usages

01Certificate

Key Usages

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate

Extended Key Usages

Key Usages

.text
Size: 44KB - Virtual size: 44KB

.rdata
Size: 28KB - Virtual size: 28KB

.data
Size: 4KB - Virtual size: 11KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 16KB - Virtual size: 15KB

.text
Size: 31KB - Virtual size: 31KB

.rdata
Size: 19KB - Virtual size: 18KB

.data
Size: 3KB - Virtual size: 11KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 9KB - Virtual size: 8KB

UPX0
Size: - Virtual size: 1.4MB

UPX1
Size: 268KB - Virtual size: 272KB

UPX2
Size: 36KB - Virtual size: 40KB

UPX0
Size: - Virtual size: 132KB

UPX1
Size: 79KB - Virtual size: 80KB

UPX2
Size: 8KB - Virtual size: 12KB

UPX0
Size: - Virtual size: 104KB

UPX1
Size: 57KB - Virtual size: 60KB

UPX2
Size: 4KB - Virtual size: 8KB

UPX0
Size: - Virtual size: 14.3MB

UPX1
Size: 6.0MB - Virtual size: 6.0MB

.rsrc
Size: 43KB - Virtual size: 44KB

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

01
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

27:66:ee:56:eb:49:f3:8e:ab:d7:70:a2:fc:84:de:22
Certificate

49:61:ec:fc:88:b7:58:eb:c2:d6:cb:cf:d8:90:0f:b2
Certificate

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

99:9a:a6:95:a8:fb:3a:85:80:09:15:80:72:9a:36:3a:1d:65:62:95
Signer

.text
Size: 17KB - Virtual size: 16KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 3KB - Virtual size: 6KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 1KB

UPX0
Size: - Virtual size: 6.6MB

UPX1
Size: 2.9MB - Virtual size: 2.9MB

.rsrc
Size: 1KB - Virtual size: 4KB

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

01
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

27:66:ee:56:eb:49:f3:8e:ab:d7:70:a2:fc:84:de:22
Certificate

49:61:ec:fc:88:b7:58:eb:c2:d6:cb:cf:d8:90:0f:b2
Certificate

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

3a:b6:08:40:8b:50:3c:6b:e8:50:f6:4e:f7:32:25:20:4c:51:55:e7
Signer

.text
Size: 61KB - Virtual size: 61KB

.rdata
Size: 22KB - Virtual size: 21KB

.data
Size: 4KB - Virtual size: 11KB

.rsrc
Size: 1KB - Virtual size: 1KB