01a1809bba4754219888b1a57788c5a68330ece5ff5986c268332db456885b7f

Sharing

Copy URL Twitter E-mail

General

Target

01a1809bba4754219888b1a57788c5a68330ece5ff5986c268332db456885b7f
Size

3.7MB
MD5

b2d84f7501902654bc92cb4ed06fb0ee
SHA1

f92ac5f64d9f315f9b0512b48b260db469b3e3b2
SHA256

01a1809bba4754219888b1a57788c5a68330ece5ff5986c268332db456885b7f
SHA512

0a02adff90187ad81945c373d59a99ab2cc759bd1e794075e063688107d28b6719075b9768cabe01cdd38e53055da85194acc06566199893293a33a8d7be57bf
SSDEEP

98304:z/oV1zr45TC8b40v477U/RvX+yRzN2XoUV9Rd2AWKx8fml:ToV1f49z4sRuoN21Xz2ojl

Score

5^/10

Malware Config

Signatures

AutoIT Executable 1 IoCs

AutoIT scripts compiled to PE executables.

resource	yara_rule
static1/unpack001/UltraISO_v9.7.6.3829_ԱЯ/UltraISOPortable.exe	autoit_exe

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/UltraISO_v9.7.6.3829_ԱЯ/UltraISOPortable.exe

Files

01a1809bba4754219888b1a57788c5a68330ece5ff5986c268332db456885b7f
.zip
UltraISO_v9.7.6.3829_ԱЯ/App/x86/UltraISO.exe
.exe windows:4 windows x86

f62155445574687e01f3d8fcd0176b46

Code Sign

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6a
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

19/09/2018, 00:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

48:1b:6a:07:a9:42:4c:1e:aa:fe:f3:cd:f1:0f
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign Extended Validation CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

70:10:b8:f0:4d:e6:47:b2:41:5e:bd:f2
Certificate

Issuer

CN=GlobalSign Extended Validation CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

22/09/2020, 15:04

Not After

23/09/2021, 15:04

Subject

SERIALNUMBER=91440301108928638F,CN=Shenzhen Yibo Digital Systems Development Co.\, Ltd.,O=Shenzhen Yibo Digital Systems Development Co.\, Ltd.,L=Shenzhen,ST=Guangdong,C=CN,1.2.840.113549.1.9.1=#0c136365727440657a6273797374656d732e636f6d,1.3.6.1.4.1.311.60.2.1.3=#1302434e,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6a
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

19/09/2018, 00:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

48:1b:6a:07:a9:42:4c:1e:aa:fe:f3:cd:f1:0f
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign Extended Validation CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

70:10:b8:f0:4d:e6:47:b2:41:5e:bd:f2
Certificate

Issuer

CN=GlobalSign Extended Validation CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

22/09/2020, 15:04

Not After

23/09/2021, 15:04

Subject

SERIALNUMBER=91440301108928638F,CN=Shenzhen Yibo Digital Systems Development Co.\, Ltd.,O=Shenzhen Yibo Digital Systems Development Co.\, Ltd.,L=Shenzhen,ST=Guangdong,C=CN,1.2.840.113549.1.9.1=#0c136365727440657a6273797374656d732e636f6d,1.3.6.1.4.1.311.60.2.1.3=#1302434e,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

40:a0:ac:35:20:bb:52:1c:46:5b:16:55:d1:d9:b6:5e:d0:0b:ad:2c:c8:06:94:cf:dd:e2:9b:f9:41:7b:e3:d3
Signer

Actual PE Digest

40:a0:ac:35:20:bb:52:1c:46:5b:16:55:d1:d9:b6:5e:d0:0b:ad:2c:c8:06:94:cf:dd:e2:9b:f9:41:7b:e3:d3

Digest Algorithm

sha256

PE Digest Matches

true

63:f7:8a:9e:7c:97:2e:3a:24:ab:68:83:58:54:73:f0:75:ad:ec:da
Signer

Actual PE Digest

63:f7:8a:9e:7c:97:2e:3a:24:ab:68:83:58:54:73:f0:75:ad:ec:da

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

setupapi

SetupDiDestroyDeviceInfoList

advapi32

AdjustTokenPrivileges
AllocateAndInitializeSid
ChangeServiceConfigA
CheckTokenMembership
CloseServiceHandle
ControlService
CreateServiceA
FreeSid
LookupPrivilegeValueA
OpenProcessToken
OpenSCManagerA
OpenServiceA
QueryServiceConfigA
QueryServiceStatus
RegCloseKey
RegCreateKeyA
RegCreateKeyExA
RegDeleteKeyA
RegEnumKeyExA
RegOpenKeyA
RegOpenKeyExA
RegQueryInfoKeyA
RegQueryValueExA
RegSetValueExA
StartServiceA

kernel32

CloseHandle
CompareFileTime
CompareStringA
CopyFileA
CreateDirectoryA
CreateEventA
CreateFileA
CreateFileMappingA
CreateFileW
CreatePipe
CreateProcessA
CreateSemaphoreA
CreateThread
DefineDosDeviceA
DeleteCriticalSection
DeleteFileA
DeviceIoControl
DosDateTimeToFileTime
DuplicateHandle
EnterCriticalSection
EnumCalendarInfoA
ExitProcess
ExitThread
ExpandEnvironmentStringsA
FileTimeToDosDateTime
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstFileA
FindNextFileA
FindResourceA
FormatMessageA
FreeLibrary
FreeResource
GetACP
GetCPInfo
GetCommandLineA
GetCurrentDirectoryA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDateFormatA
GetDiskFreeSpaceA
GetDiskFreeSpaceExA
GetDriveTypeA
GetEnvironmentStrings
GetEnvironmentVariableA
GetExitCodeProcess
GetFileAttributesA
GetFileAttributesW
GetFileInformationByHandle
GetFileSize
GetFileTime
GetFileType
GetFullPathNameA
GetLastError
GetLocalTime
GetLocaleInfoA
GetLogicalDriveStringsA
GetLogicalDrives
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetOverlappedResult
GetProcAddress
GetProcessHeap
GetShortPathNameA
GetStartupInfoA
GetStdHandle
GetStringTypeA
GetStringTypeExA
GetStringTypeW
GetSystemDefaultLangID
GetSystemDirectoryA
GetSystemInfo
GetSystemTime
GetSystemTimeAsFileTime
GetTempFileNameA
GetThreadLocale
GetTickCount
GetTimeZoneInformation
GetUserDefaultLCID
GetVersion
GetVersionExA
GlobalAddAtomA
GlobalAlloc
GlobalDeleteAtom
GlobalFindAtomA
GlobalFree
GlobalHandle
GlobalLock
GlobalMemoryStatus
GlobalMemoryStatusEx
GlobalReAlloc
GlobalSize
GlobalUnlock
HeapAlloc
HeapFree
InitializeCriticalSection
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsValidLocale
LCMapStringA
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
LoadResource
LocalAlloc
LocalFileTimeToFileTime
LocalFree
LockResource
MapViewOfFile
MoveFileA
MulDiv
MultiByteToWideChar
OpenFileMappingA
PeekNamedPipe
QueryDosDeviceA
RaiseException
ReadFile
ReleaseSemaphore
RemoveDirectoryA
ResetEvent
RtlUnwind
SetConsoleCtrlHandler
SetCurrentDirectoryA
SetEndOfFile
SetEnvironmentVariableA
SetErrorMode
SetEvent
SetFileAttributesA
SetFilePointer
SetFileTime
SetHandleCount
SetLastError
SetPriorityClass
SetThreadLocale
SetThreadPriority
SizeofResource
Sleep
SystemTimeToFileTime
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
UnmapViewOfFile
VirtualAlloc
VirtualFree
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
WinExec
WriteFile
lstrcmpA
lstrcpyA
lstrcpynA
lstrlenA
GetVolumeInformationA

mpr

WNetGetConnectionA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

comctl32

ImageList_Add
ImageList_BeginDrag
ImageList_Create
ImageList_Destroy
ImageList_DragEnter
ImageList_DragLeave
ImageList_DragMove
ImageList_DragShowNolock
ImageList_Draw
ImageList_DrawEx
ImageList_EndDrag
ImageList_GetBkColor
ImageList_GetDragImage
ImageList_GetIconSize
ImageList_GetImageCount
ImageList_Read
ImageList_Remove
ImageList_Replace
ImageList_ReplaceIcon
ImageList_SetBkColor
ImageList_SetDragCursorImage
ImageList_SetIconSize
ImageList_Write
ord17

comdlg32

GetOpenFileNameA
GetSaveFileNameA

gdi32

BitBlt
CombineRgn
CopyEnhMetaFileA
CreateBitmap
CreateBrushIndirect
CreateCompatibleBitmap
CreateCompatibleDC
CreateDIBSection
CreateDIBitmap
CreateFontIndirectA
CreateHalftonePalette
CreatePalette
CreatePenIndirect
CreateRectRgn
CreateSolidBrush
DeleteDC
DeleteEnhMetaFile
DeleteObject
Ellipse
ExcludeClipRect
ExtCreatePen
ExtTextOutA
GetBitmapBits
GetBrushOrgEx
GetClipBox
GetClipRgn
GetCurrentPositionEx
GetDCOrgEx
GetDIBColorTable
GetDIBits
GetDeviceCaps
GetEnhMetaFileBits
GetEnhMetaFileHeader
GetEnhMetaFilePaletteEntries
GetObjectA
GetPaletteEntries
GetPixel
GetRgnBox
GetStockObject
GetSystemPaletteEntries
GetTextExtentPoint32A
GetTextExtentPointA
GetTextMetricsA
GetWinMetaFileBits
GetWindowOrgEx
IntersectClipRect
LPtoDP
LineTo
MaskBlt
MoveToEx
PatBlt
Pie
PlayEnhMetaFile
PolyPolyline
Polyline
RealizePalette
RectVisible
Rectangle
RestoreDC
SaveDC
SelectClipRgn
SelectObject
SelectPalette
SetBkColor
SetBkMode
SetBrushOrgEx
SetDIBColorTable
SetEnhMetaFileBits
SetMapMode
SetPixel
SetROP2
SetStretchBltMode
SetTextColor
SetViewportExtEx
SetViewportOrgEx
SetWinMetaFileBits
SetWindowExtEx
SetWindowOrgEx
StretchBlt
UnrealizeObject

shell32

DragAcceptFiles
DragFinish
DragQueryFileA
ExtractIconExA
SHBrowseForFolderA
SHFileOperationA
SHFormatDrive
SHGetDesktopFolder
SHGetMalloc
SHGetSpecialFolderLocation
ShellExecuteA
ShellExecuteExA
SHGetPathFromIDListA

user32

ActivateKeyboardLayout
AdjustWindowRectEx
BeginPaint
BringWindowToTop
CallNextHookEx
CallWindowProcA
CharLowerA
CharLowerBuffA
CharNextA
CharToOemBuffA
CharUpperA
CharUpperBuffA
CheckMenuItem
ChildWindowFromPoint
ClientToScreen
CloseClipboard
CreateIcon
CreateMenu
CreatePopupMenu
CreateWindowExA
DefFrameProcA
DefMDIChildProcA
DefWindowProcA
DeleteMenu
DestroyCursor
DestroyIcon
DestroyMenu
DestroyWindow
DispatchMessageA
DrawEdge
DrawFocusRect
DrawFrameControl
DrawIcon
DrawIconEx
DrawMenuBar
DrawTextA
EmptyClipboard
EnableMenuItem
EnableScrollBar
EnableWindow
EndPaint
EnumClipboardFormats
EnumThreadWindows
EnumWindows
EqualRect
ExitWindowsEx
FillRect
FindWindowA
FrameRect
GetActiveWindow
GetAsyncKeyState
GetCapture
GetCaretPos
GetClassInfoA
GetClassNameA
GetClientRect
GetClipboardData
GetCursor
GetCursorPos
GetDC
GetDCEx
GetDesktopWindow
GetDoubleClickTime
GetFocus
GetForegroundWindow
GetIconInfo
GetKeyNameTextA
GetKeyState
GetKeyboardLayout
GetKeyboardLayoutList
GetKeyboardState
GetKeyboardType
GetLastActivePopup
GetMenu
GetMenuItemCount
GetMenuItemID
GetMenuItemInfoA
GetMenuState
GetMenuStringA
GetMessagePos
GetMessageTime
GetParent
GetPropA
GetScrollInfo
GetScrollPos
GetScrollRange
GetSubMenu
GetSystemMenu
GetSystemMetrics
GetTopWindow
GetWindow
GetWindowDC
GetWindowLongA
GetWindowPlacement
GetWindowRect
GetWindowTextA
GetWindowThreadProcessId
InflateRect
InsertMenuA
InsertMenuItemA
IntersectRect
InvalidateRect
IsCharAlphaA
IsCharAlphaNumericA
IsChild
IsDialogMessageA
IsIconic
IsRectEmpty
IsWindow
IsWindowEnabled
IsWindowVisible
IsZoomed
KillTimer
LoadBitmapA
LoadCursorA
LoadIconA
LoadKeyboardLayoutA
LoadStringA
LockWindowUpdate
MapVirtualKeyA
MapWindowPoints
MessageBeep
MessageBoxA
MsgWaitForMultipleObjects
OemToCharA
OffsetRect
OpenClipboard
PeekMessageA
PostMessageA
PostQuitMessage
PtInRect
RedrawWindow
RegisterClassA
RegisterClipboardFormatA
RegisterWindowMessageA
ReleaseCapture
ReleaseDC
RemoveMenu
RemovePropA
ScreenToClient
ScrollWindow
ScrollWindowEx
SendMessageA
SetActiveWindow
SetCapture
SetClassLongA
SetClipboardData
SetCursor
SetFocus
SetForegroundWindow
SetKeyboardState
SetMenu
SetMenuItemInfoA
SetPropA
SetRect
SetScrollInfo
SetScrollPos
SetScrollRange
SetTimer
SetWindowLongA
SetWindowPlacement
SetWindowPos
SetWindowTextA
SetWindowsHookExA
ShowCursor
ShowOwnedPopups
ShowScrollBar
ShowWindow
SystemParametersInfoA
TrackPopupMenu
TranslateMDISysAccel
TranslateMessage
UnhookWindowsHookEx
UnionRect
UnregisterClassA
UpdateWindow
ValidateRect
WaitMessage
WinHelpA
WindowFromPoint
wsprintfA
GetSysColor

winmm

waveOutClose
waveOutGetPosition
waveOutOpen
waveOutPrepareHeader
waveOutReset
waveOutUnprepareHeader
waveOutWrite

ole32

CLSIDFromString
CoInitialize
CoInitializeEx
CoLockObjectExternal
CoTaskMemFree
CoUninitialize
CreateILockBytesOnHGlobal
DoDragDrop
GetHGlobalFromILockBytes
OleFlushClipboard
OleGetClipboard
OleInitialize
OleIsCurrentClipboard
OleSetClipboard
OleUninitialize
RegisterDragDrop
ReleaseStgMedium
RevokeDragDrop
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
StringFromCLSID

oleaut32

GetErrorInfo
SafeArrayCreate
SafeArrayGetElement
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayRedim
SysAllocStringLen
SysFreeString
SysReAllocStringLen
VariantChangeType
VariantClear
VariantCopy
VariantCopyInd
VariantInit

oledlg

ord4

Exports

Exports

@$xp$10TCCalendar
@$xp$17TPerformanceGraph
@$xp$17Taocntrr@TtaoKind
@$xp$17Taofrmts@ItaoLink
@$xp$17Taofrmts@TtaoLink
@$xp$18Taocntrr@EtaoError
@$xp$18Taofrmts@ItaoCells
@$xp$18Taofrmts@TtaoCells
@$xp$18Taofrmts@TtaoInURL
@$xp$19Taocntrr@TtaoFormat
@$xp$19Taocntrr@TtaoInKind
@$xp$19Taofrmts@TtaoInBiff
@$xp$19Taofrmts@TtaoInText
@$xp$19Taofrmts@TtaoIntArr
@$xp$19Taofrmts@TtaoOutRtf
@$xp$19Taofrmts@TtaoOutURL
@$xp$19Taofrmts@TtaoStrArr
@$xp$19Taofrmts@TtaoVarArr
@$xp$20Taocntrr@TtaoFormats
@$xp$20Taocntrr@TtaoOutKind
@$xp$20Taofrmts@TtaoInBiff5
@$xp$20Taofrmts@TtaoInBiff8
@$xp$20Taofrmts@TtaoInCells
@$xp$20Taofrmts@TtaoInHDrop
@$xp$20Taofrmts@TtaoOutText
@$xp$20Taofrmts@taoFrmts__1
@$xp$21Taocntrr@TtaoInFormat
@$xp$21Taocntrr@TtaoOleUIDlg
@$xp$21Taocntrr@taoCntrr__31
@$xp$21Taocntrr@taoCntrr__41
@$xp$21Taofrmts@TtaoAlignArr
@$xp$21Taofrmts@TtaoOutBiff8
@$xp$21Taofrmts@TtaoOutCells
@$xp$21Taofrmts@TtaoOutHDrop
@$xp$22Taocntrr@TtaoDirection
@$xp$22Taocntrr@TtaoOutFormat
@$xp$22Taofrmts@ItaoPropCells
@$xp$22Taofrmts@TtaoVarArrArr
@$xp$23Taocntrr@TtaoController
@$xp$23Taocntrr@TtaoDropEffect
@$xp$23Taocntrr@TtaoFormatList
@$xp$23Taocntrr@TtaoWinControl
@$xp$24Taocntrr@TtaoDragCursors
@$xp$24Taocntrr@TtaoFormatClass
@$xp$24Taofrmts@ItaoHeadedCells
@$xp$24Taofrmts@TtaoHeadedCells
@$xp$24Taofrmts@TtaoInOEMessage
@$xp$25Taocntrr@TtaoGetDataEvent
@$xp$25Taocntrr@TtaoPasteSpclDlg
@$xp$25Taocntrr@TtaoSetDataEvent
@$xp$25Taocntrr@TtaoTypeOfMedium
@$xp$25Taocntrr@TtaoUpdateAction
@$xp$26Taocntrr@TtaoExecuteAction
@$xp$26Taocntrr@TtaoPickTestEvent
@$xp$26Taocntrr@TtaoTypeOfMediums
@$xp$26Taofrmts@ItaoColumnarCells
@$xp$26Taofrmts@TtaoColumnarCells
@$xp$26Taofrmts@TtaoInShellIDList
@$xp$26Taofrmts@TtaoInUnicodeText
@$xp$27Cdiroutl@TCDirectoryOutline
@$xp$27Taocntrr@TtaoDataViewAspect
@$xp$27Taocntrr@TtaoInCustomFormat
@$xp$27Taofrmts@TtaoInFileContents
@$xp$27Taofrmts@TtaoInURLNetscape4
@$xp$27Taofrmts@TtaoOutFileNameMap
@$xp$27Taofrmts@TtaoOutShellIDList
@$xp$27Taofrmts@TtaoOutURLShortcut
@$xp$27Taofrmts@TtaoOutUnicodeText
@$xp$28Taocntrr@TtaoGetDataOutEvent
@$xp$28Taocntrr@TtaoOutCustomFormat
@$xp$28Taocntrr@TtaoPasteSpecialDlg
@$xp$28Taocntrr@TtaoScrollDirection
@$xp$28Taofrmts@TtaoInFileContentsW
@$xp$28Taofrmts@TtaoOutFileContents
@$xp$28Taofrmts@TtaoOutURLNetscape4
@$xp$29Taocntrr@TtaoControllerOption
@$xp$29Taocntrr@TtaoPasteSpecialFlag
@$xp$29Taocntrr@TtaoScrollDirections
@$xp$30Taocntrr@TtaoControllerOptions
@$xp$30Taocntrr@TtaoPasteSpecialFlags
@$xp$30Taocntrr@TtaoSetDataPasteEvent
@$xp$30Taocntrr@TtaoUpdateActionEvent
@$xp$30Taofrmts@TtaoOutFileDescriptor
@$xp$31Taocntrr@TtaoExecuteActionEvent
@$xp$31Taocntrr@TtaoSetDataTargetEvent
@$xp$31Taofrmts@TtaoOutFileDescriptorW
@$xp$31Taofrmts@TtaoOutPreferredEffect
@$xp$32Taocntrr@TtaoFlushClipboardEvent
@$xp$32Taocntrr@TtaoTargetFeedbackEvent
@$xp$32Taofrmts@TtaoOutURLShortcutTitle
@$xp$38Taocntrr@TtaoPasteSpecialLinkTypeRange
@$xp$7TCGauge
@@Ccalendr@Finalize
@@Ccalendr@Initialize
@@Cdiroutl@Finalize
@@Cdiroutl@Initialize
@@Cgauges@Finalize
@@Cgauges@Initialize
@@Perfgrap@Finalize
@@Perfgrap@Initialize
@@Ufrmabout@Finalize
@@Ufrmabout@Initialize
@@Ufrmburn@Finalize
@@Ufrmburn@Initialize
@@Ufrmcdiso@Finalize
@@Ufrmcdiso@Initialize
@@Ufrmchangelabel@Finalize
@@Ufrmchangelabel@Initialize
@@Ufrmcheck@Finalize
@@Ufrmcheck@Initialize
@@Ufrmchecksum@Finalize
@@Ufrmchecksum@Initialize
@@Ufrmcompress@Finalize
@@Ufrmcompress@Initialize
@@Ufrmconfig@Finalize
@@Ufrmconfig@Initialize
@@Ufrmconvert@Finalize
@@Ufrmconvert@Initialize
@@Ufrmcustomimage@Finalize
@@Ufrmcustomimage@Initialize
@@Ufrmdialog@Finalize
@@Ufrmdialog@Initialize
@@Ufrmdiskimage@Finalize
@@Ufrmdiskimage@Initialize
@@Ufrmdiskproperty@Finalize
@@Ufrmdiskproperty@Initialize
@@Ufrmencrypt@Finalize
@@Ufrmencrypt@Initialize
@@Ufrmfileattribute@Finalize
@@Ufrmfileattribute@Initialize
@@Ufrmfloppy@Finalize
@@Ufrmfloppy@Initialize
@@Ufrmghost@Finalize
@@Ufrmghost@Initialize
@@Ufrmimageformat@Finalize
@@Ufrmimageformat@Initialize
@@Ufrmlog@Finalize
@@Ufrmlog@Initialize
@@Ufrmmain@Finalize
@@Ufrmmain@Initialize
@@Ufrmopencd@Finalize
@@Ufrmopencd@Initialize
@@Ufrmpart@Finalize
@@Ufrmpart@Initialize
@@Ufrmpassword@Finalize
@@Ufrmpassword@Initialize
@@Ufrmpro@Finalize
@@Ufrmpro@Initialize
@@Ufrmprogress@Finalize
@@Ufrmprogress@Initialize
@@Ufrmregister@Finalize
@@Ufrmregister@Initialize
@@Ufrmsearch@Finalize
@@Ufrmsearch@Initialize
@@Ufrmsession@Finalize
@@Ufrmsession@Initialize
@@Ufrmsimsave@Finalize
@@Ufrmsimsave@Initialize
@@Ufrmssd@Finalize
@@Ufrmssd@Initialize
@@Ufrmstartup@Finalize
@@Ufrmstartup@Initialize
@@Ufrmusbwrite@Finalize
@@Ufrmusbwrite@Initialize
@@Ufrmvcd@Finalize
@@Ufrmvcd@Initialize
@@Ufrmwaitmedia@Finalize
@@Ufrmwaitmedia@Initialize
@Cdiroutl@TCDirectoryOutline@
@Cdiroutl@TCDirectoryOutline@$bctr$qqrp18Classes@TComponent
@Cdiroutl@TCDirectoryOutline@APointer
@Cdiroutl@TCDirectoryOutline@AssignCaseProc$qqrv
@Cdiroutl@TCDirectoryOutline@BuildOneLevel$qqrl
@Cdiroutl@TCDirectoryOutline@BuildSubTree$qqrl
@Cdiroutl@TCDirectoryOutline@BuildTree$qqrv
@Cdiroutl@TCDirectoryOutline@Change$qqrv
@Cdiroutl@TCDirectoryOutline@Click$qqrv
@Cdiroutl@TCDirectoryOutline@CreateWnd$qqrv
@Cdiroutl@TCDirectoryOutline@CurDir$qv
@Cdiroutl@TCDirectoryOutline@DriveToInt$qqrc
@Cdiroutl@TCDirectoryOutline@Expand$qqri
@Cdiroutl@TCDirectoryOutline@ForceCase$qqrrx17System@AnsiString
@Cdiroutl@TCDirectoryOutline@GetChildNamed$qqrrx17System@AnsiStringl
@Cdiroutl@TCDirectoryOutline@InvalidIndex
@Cdiroutl@TCDirectoryOutline@Loaded$qqrv
@Cdiroutl@TCDirectoryOutline@RootIndex
@Cdiroutl@TCDirectoryOutline@SetDirectory$qqr17System@AnsiString
@Cdiroutl@TCDirectoryOutline@SetDrive$qqrc
@Cdiroutl@TCDirectoryOutline@SetTextCase$qqr18Cdiroutl@TTextCase
@Cdiroutl@TCDirectoryOutline@WalkTree$qqrrx17System@AnsiString
@System@TObject@ClassNameIs$qqrx17System@AnsiString
@TCCalendar@
@TCCalendar@$bctr$qqrp18Classes@TComponent
@TCCalendar@Change$qqrv
@TCCalendar@ChangeMonth$qqri
@TCCalendar@Click$qqrv
@TCCalendar@DaysPerMonth$qqrii
@TCCalendar@DaysThisMonth$qqrv
@TCCalendar@Dispatch$qqrpv
@TCCalendar@DrawCell$qqriirx11Types@TRect42System@%Set$t14Grids@Grids__3$iuc$0$iuc$2%
@TCCalendar@GetCellText$qqrii
@TCCalendar@GetDateElement$qqri
@TCCalendar@IsLeapYear$qqri
@TCCalendar@NextMonth$qqrv
@TCCalendar@NextYear$qqrv
@TCCalendar@PrevMonth$qqrv
@TCCalendar@PrevYear$qqrv
@TCCalendar@SeTCCalendarDate$qqr16System@TDateTime
@TCCalendar@SelectCell$qqrii
@TCCalendar@SetDateElement$qqrii
@TCCalendar@SetStartOfWeek$qqrs
@TCCalendar@SetUseCurrentDate$qqro
@TCCalendar@StoreCalendarDate$qqrv
@TCCalendar@UpdateCalendar$qqrv
@TCCalendar@WMSize$qqrr16Messages@TWMSize
@TCGauge@
@TCGauge@$bctr$qqrp18Classes@TComponent
@TCGauge@AddProgress$qqrl
@TCGauge@GetPercentDone$qqrv
@TCGauge@Paint$qqrv
@TCGauge@PaintAsBar$qqrp16Graphics@TBitmaprx11Types@TRect
@TCGauge@PaintAsNeedle$qqrp16Graphics@TBitmaprx11Types@TRect
@TCGauge@PaintAsNothing$qqrp16Graphics@TBitmaprx11Types@TRect
@TCGauge@PaintAsPie$qqrp16Graphics@TBitmaprx11Types@TRect
@TCGauge@PaintAsText$qqrp16Graphics@TBitmaprx11Types@TRect
@TCGauge@PaintBackground$qqrp16Graphics@TBitmap
@TCGauge@SeTCGaugeKind$qqr11TCGaugeKind
@TCGauge@SetBackColor$qqr15Graphics@TColor
@TCGauge@SetBaseSize$qqrl
@TCGauge@SetBorderStyle$qqr22Forms@TFormBorderStyle
@TCGauge@SetForeColor$qqr15Graphics@TColor
@TCGauge@SetMaxValue$qqrl
@TCGauge@SetMediaName$qqrpc
@TCGauge@SetMinValue$qqrl
@TCGauge@SetProgress$qqrl
@TCGauge@SetShowText$qqro
@TPerformanceGraph@
@TPerformanceGraph@$bctr$qqrp18Classes@TComponent
@TPerformanceGraph@$bdtr$qqrv
@TPerformanceGraph@DataPoint$qqr15Graphics@TColorl
@TPerformanceGraph@DisplayPoints$qqrl
@TPerformanceGraph@FirstY$qqrv
@TPerformanceGraph@GetBandCount$qqrv
@TPerformanceGraph@Initialize$qqrl
@TPerformanceGraph@LastY$qqri
@TPerformanceGraph@NextY$qqri
@TPerformanceGraph@Paint$qqrv
@TPerformanceGraph@PaintBar$qqr15Graphics@TColorll
@TPerformanceGraph@PaintLine$qqr15Graphics@TColorll
@TPerformanceGraph@ReallocHistory$qqrv
@TPerformanceGraph@Replay$qqrv
@TPerformanceGraph@RoundUp$qqrll
@TPerformanceGraph@ScrollGraph$qqrv
@TPerformanceGraph@SetBackColor$qqr15Graphics@TColor
@TPerformanceGraph@SetForeColor$qqr15Graphics@TColor
@TPerformanceGraph@SetGradient$qqrl
@TPerformanceGraph@SetGraphKind$qqr10TGraphKind
@TPerformanceGraph@SetGridSize$qqrl
@TPerformanceGraph@SetGridlines$qqro
@TPerformanceGraph@SetPenWidth$qqrl
@TPerformanceGraph@SetScale$qqrl
@TPerformanceGraph@SetStepSize$qqrl
@TPerformanceGraph@ShiftY$qqrv
@TPerformanceGraph@Update$qqrv
@Taocntrr@AutoDragDrop$qqrp14System@TObjectt1ii
@Taocntrr@AutoDragOver$qqrp14System@TObjectt1ii19Controls@TDragStatero
@Taocntrr@DropEffectToInt$qqr23Taocntrr@TtaoDropEffect
@Taocntrr@EtaoError@
@Taocntrr@Finalization$qqrv
@Taocntrr@FindController$qqrp14System@TObject
@Taocntrr@IntToDropEffect$qqri
@Taocntrr@KeyStateToDropEffect$qqriri
@Taocntrr@TransferError$qqrx17System@AnsiStringp18Classes@TComponent
@Taocntrr@TtaoController@
@Taocntrr@TtaoController@$bctr$qqrp18Classes@TComponent
@Taocntrr@TtaoController@$bdtr$qqrv
@Taocntrr@TtaoController@AcceptableDataObject$qqrx39System@%DelphiInterface$t11IDataObject%17Taocntrr@TtaoKindoop23Taocntrr@TtaoFormatList
@Taocntrr@TtaoController@CanCopy$qqrv
@Taocntrr@TtaoController@CanDelete$qqrv
@Taocntrr@TtaoController@CanFlushClipboard$qqrv
@Taocntrr@TtaoController@CanPaste$qqrv
@Taocntrr@TtaoController@CanPickUp$qqrrx12Types@TPoint
@Taocntrr@TtaoController@CanRedo$qqrv
@Taocntrr@TtaoController@CanSelectAll$qqrv
@Taocntrr@TtaoController@CanUndo$qqrv
@Taocntrr@TtaoController@ControlOnEndDrag$qqrp14System@TObjectt1ii
@Taocntrr@TtaoController@ControlOnStartDrag$qqrp14System@TObjectrp20Controls@TDragObject
@Taocntrr@TtaoController@ControlRemoveHook$qqrv
@Taocntrr@TtaoController@ControlSetHook$qqrv
@Taocntrr@TtaoController@Copy$qqrv
@Taocntrr@TtaoController@CreateFormats$qqrv
@Taocntrr@TtaoController@CreateTargetDragObject$qqrv
@Taocntrr@TtaoController@CursorPos$qqrv
@Taocntrr@TtaoController@CustomizableFormatClass$qqr22Taocntrr@TtaoDirection
@Taocntrr@TtaoController@Cut$qqrv
@Taocntrr@TtaoController@DataObject_EnumFormatEtc$qqrr42System@%DelphiInterface$t14IEnumFORMATETC%17Taocntrr@TtaoKind
@Taocntrr@TtaoController@DataObject_GetCanonicalFormatEtc$qqrrx12tagFORMATETCr12tagFORMATETC17Taocntrr@TtaoKind
@Taocntrr@TtaoController@DataObject_GetData$qqrrx12tagFORMATETCr12tagSTGMEDIUM17Taocntrr@TtaoKind
@Taocntrr@TtaoController@DataObject_GetDataHere$qqrrx12tagFORMATETCr12tagSTGMEDIUM17Taocntrr@TtaoKind
@Taocntrr@TtaoController@DataObject_QueryGetData$qqrrx12tagFORMATETC17Taocntrr@TtaoKind
@Taocntrr@TtaoController@DataObject_SetData$qqrrx12tagFORMATETCr12tagSTGMEDIUMo17Taocntrr@TtaoKind
@Taocntrr@TtaoController@DefaultHandler$qqrpv
@Taocntrr@TtaoController@Delete$qqrv
@Taocntrr@TtaoController@DoBeforeLeftButtonDown$qqr46System@%Set$t18Classes@Classes__1$iuc$0$iuc$6%ii
@Taocntrr@TtaoController@DragCaptureSetHook$qqrui
@Taocntrr@TtaoController@DragCaptureWndMethod$qqrr17Messages@TMessage
@Taocntrr@TtaoController@DragCursor$qqri
@Taocntrr@TtaoController@DragDone$qqro
@Taocntrr@TtaoController@DragDrop$qqrp14System@TObjectii
@Taocntrr@TtaoController@DragMessage$qqr21Controls@TDragMessagepvrx12Types@TPoint
@Taocntrr@TtaoController@DragOver$qqrp14System@TObjectii19Controls@TDragStatero
@Taocntrr@TtaoController@DragTo$qqrrx12Types@TPoint
@Taocntrr@TtaoController@DropEffectsSource$qqro
@Taocntrr@TtaoController@DropEffectsTarget$qqro
@Taocntrr@TtaoController@DropSource_GiveFeedback$qqri
@Taocntrr@TtaoController@DropSource_QueryContinueDrag$qqroi
@Taocntrr@TtaoController@DropTarget_DragEnter$qqrx39System@%DelphiInterface$t11IDataObject%irx12Types@TPointri
@Taocntrr@TtaoController@DropTarget_Drop$qqrx39System@%DelphiInterface$t11IDataObject%irx12Types@TPointri
@Taocntrr@TtaoController@EMCanRedo$qqrr17Messages@TMessage
@Taocntrr@TtaoController@EMCanUndo$qqrr17Messages@TMessage
@Taocntrr@TtaoController@EMRedo$qqrr17Messages@TMessage
@Taocntrr@TtaoController@EMUndo$qqrr17Messages@TMessage
@Taocntrr@TtaoController@ExecutePasteSpecial$qqrx39System@%DelphiInterface$t11IDataObject%
@Taocntrr@TtaoController@FlushClipboard$qqrv
@Taocntrr@TtaoController@FormatList$qqr17Taocntrr@TtaoKind
@Taocntrr@TtaoController@FormatList$qqr22Taocntrr@TtaoDirection
@Taocntrr@TtaoController@FreeTargetDragObject$qqrv
@Taocntrr@TtaoController@GetChildren$qqrynpqqrp18Classes@TComponent$vp18Classes@TComponent
@Taocntrr@TtaoController@GetControlClass$qqrv
@Taocntrr@TtaoController@GetData$qqr17Taocntrr@TtaoKind
@Taocntrr@TtaoController@GetDefaultFormats$qqr22Taocntrr@TtaoDirectionp16Classes@TStrings
@Taocntrr@TtaoController@GetInPrefferedEffect$qqrv
@Taocntrr@TtaoController@GetOptionsAllowed$qqrv
@Taocntrr@TtaoController@GetOptionsDefault$qqrv
@Taocntrr@TtaoController@GiveFeedback$qqrxi
@Taocntrr@TtaoController@HoverTimerOnTimer$qqrp14System@TObject
@Taocntrr@TtaoController@IDropTarget_DragLeave$qqrv
@Taocntrr@TtaoController@IDropTarget_DragOver$qqrirx12Types@TPointri
@Taocntrr@TtaoController@KeepDragOrigin$qqrv
@Taocntrr@TtaoController@LeftButtonDown$qqr46System@%Set$t18Classes@Classes__1$iuc$0$iuc$6%rx12Types@TPoint
@Taocntrr@TtaoController@Notification$qqrp18Classes@TComponent18Classes@TOperation
@Taocntrr@TtaoController@OleDragDrop$qqrv
@Taocntrr@TtaoController@Paste$qqro
@Taocntrr@TtaoController@Perform$qqruiii
@Taocntrr@TtaoController@PopulateList$qqrp16Classes@TStringspxp17System@TMetaClassxi
@Taocntrr@TtaoController@QdCanCopy$qqrr17Messages@TMessage
@Taocntrr@TtaoController@QdCanCut$qqrr17Messages@TMessage
@Taocntrr@TtaoController@QdCanDelete$qqrr17Messages@TMessage
@Taocntrr@TtaoController@QdCanPaste$qqrr17Messages@TMessage
@Taocntrr@TtaoController@QdCanSelectAll$qqrr17Messages@TMessage
@Taocntrr@TtaoController@QdFindController$qqrr17Messages@TMessage
@Taocntrr@TtaoController@QdPasteSpecial$qqrr17Messages@TMessage
@Taocntrr@TtaoController@Redo$qqrv
@Taocntrr@TtaoController@RegisterTarget$qqrv
@Taocntrr@TtaoController@ReleaseSnapshot$qqrv
@Taocntrr@TtaoController@RevokeTarget$qqrv
@Taocntrr@TtaoController@ScrollTest$qqrrx12Types@TPoint
@Taocntrr@TtaoController@ScrollTimerOnTimer$qqrp14System@TObject
@Taocntrr@TtaoController@SelectAll$qqrv
@Taocntrr@TtaoController@SetControl$qqrpx20Controls@TWinControl
@Taocntrr@TtaoController@SetCursor$qqrr21Messages@TWMSetCursor
@Taocntrr@TtaoController@SetData$qqr17Taocntrr@TtaoKindx45System@%DelphiInterface$t17System@IInterface%rx12Types@TPoint
@Taocntrr@TtaoController@SetFeedbackBrush$qqrp15Graphics@TBrush
@Taocntrr@TtaoController@SetFormats$qqrp20Taocntrr@TtaoFormats
@Taocntrr@TtaoController@SetInPrefferedEffect$qqr23Taocntrr@TtaoDropEffect
@Taocntrr@TtaoController@SetOptions$qqrx58System@%Set$t29Taocntrr@TtaoControllerOption$iuc$0$iuc$18%
@Taocntrr@TtaoController@SetPasteSpecialDlg$qqrp28Taocntrr@TtaoPasteSpecialDlg
@Taocntrr@TtaoController@SetScrollDirections$qqrx56System@%Set$t28Taocntrr@TtaoScrollDirection$iuc$0$iuc$3%
@Taocntrr@TtaoController@TargetFeedback$qqr19Controls@TDragStateorx12Types@TPoint
@Taocntrr@TtaoController@Undo$qqrv
@Taocntrr@TtaoController@WMClear$qqrr17Messages@TMessage
@Taocntrr@TtaoController@WMCopy$qqrr17Messages@TMessage
@Taocntrr@TtaoController@WMCut$qqrr17Messages@TMessage
@Taocntrr@TtaoController@WMPaste$qqrr17Messages@TMessage
@Taocntrr@TtaoController@WMSetSel$qqrr17Messages@TMessage
@Taocntrr@TtaoController@WndProc$qqrr17Messages@TMessage
@Taocntrr@TtaoDragCursors@
@Taocntrr@TtaoDragCursors@$bctr$qqrp18Classes@TComponent
@Taocntrr@TtaoDragCursors@$bdtr$qqrv
@Taocntrr@TtaoFormat@
@Taocntrr@TtaoFormat@$bctr$qqrp18Classes@TComponent
@Taocntrr@TtaoFormat@$bdtr$qqrv
@Taocntrr@TtaoFormat@Direction$qqrp17System@TMetaClass
@Taocntrr@TtaoFormat@FormatEtc$qqrv
@Taocntrr@TtaoFormat@GetAspect$qqrv
@Taocntrr@TtaoFormat@GetFormatName$qqrv
@Taocntrr@TtaoFormat@GetMediums$qqrv
@Taocntrr@TtaoFormat@GetParentComponent$qqrv
@Taocntrr@TtaoFormat@HasParent$qqrv
@Taocntrr@TtaoFormat@SetAspect$qqrx27Taocntrr@TtaoDataViewAspect
@Taocntrr@TtaoFormat@SetController$qqrpx18Classes@TComponent
@Taocntrr@TtaoFormat@SetFormatName$qqrx17System@AnsiString
@Taocntrr@TtaoFormat@SetMediums$qqrx53System@%Set$t25Taocntrr@TtaoTypeOfMedium$iuc$0$iuc$7%
@Taocntrr@TtaoFormat@SetParentComponent$qqrp18Classes@TComponent
@Taocntrr@TtaoFormat@ValidFormatEtc$qqrrx12tagFORMATETC
@Taocntrr@TtaoFormatList@
@Taocntrr@TtaoFormatList@GetFormat$qqri
@Taocntrr@TtaoFormats@
@Taocntrr@TtaoFormats@$bctr$qqrp23Taocntrr@TtaoController
@Taocntrr@TtaoFormats@$bdtr$qqrv
@Taocntrr@TtaoFormats@Assign$qqrp19Classes@TPersistent
@Taocntrr@TtaoFormats@DefineProperties$qqrp14Classes@TFiler
@Taocntrr@TtaoFormats@FormatList$qqr17Taocntrr@TtaoKind
@Taocntrr@TtaoFormats@FormatList$qqr22Taocntrr@TtaoDirection
@Taocntrr@TtaoFormats@ReadDefault$qqrp15Classes@TReader
@Taocntrr@TtaoFormats@WriteDefault$qqrp15Classes@TWriter
@Taocntrr@TtaoInCustomFormat@
@Taocntrr@TtaoInCustomFormat@$bctr$qqrp18Classes@TComponent
@Taocntrr@TtaoInCustomFormat@GetPasteSpecialFlags$qqrv
@Taocntrr@TtaoInCustomFormat@SetData$qqrx39System@%DelphiInterface$t11IDataObject%
@Taocntrr@TtaoInCustomFormat@SetPasteSpecialFlags$qqrx57System@%Set$t29Taocntrr@TtaoPasteSpecialFlag$iuc$0$iuc$3%
@Taocntrr@TtaoInFormat@
@Taocntrr@TtaoInFormat@SetData$qqrx39System@%DelphiInterface$t11IDataObject%
@Taocntrr@TtaoOleUIDlg@
@Taocntrr@TtaoOleUIDlg@Execute$qqrv
@Taocntrr@TtaoOleUIDlg@FillCommonInfo$qqrpvi
@Taocntrr@TtaoOutCustomFormat@
@Taocntrr@TtaoOutCustomFormat@DataObjectSetData$qqrrx12tagFORMATETCr12tagSTGMEDIUMo17Taocntrr@TtaoKindro
@Taocntrr@TtaoOutCustomFormat@GetData$qqrx45System@%DelphiInterface$t17System@IInterface%rx12tagFORMATETCr12tagSTGMEDIUMo
@Taocntrr@TtaoOutFormat@
@Taocntrr@TtaoOutFormat@GetData$qqrx45System@%DelphiInterface$t17System@IInterface%rx12tagFORMATETCr12tagSTGMEDIUMo
@Taocntrr@TtaoPasteSpclDlg@
@Taocntrr@TtaoPasteSpclDlg@$bctr$qqrp23Taocntrr@TtaoControllerx39System@%DelphiInterface$t11IDataObject%
@Taocntrr@TtaoPasteSpclDlg@$bdtr$qqrv
@Taocntrr@TtaoPasteSpclDlg@Execute$qqrv
@Taocntrr@TtaoPasteSpclDlg@FillClsidExclude$qqrpx16Classes@TStrings
@Taocntrr@TtaoPasteSpclDlg@FillFormats$qqrpx13Classes@TList
@Taocntrr@TtaoPasteSpecialDlg@
@Taocntrr@TtaoPasteSpecialDlg@$bctr$qqrp23Taocntrr@TtaoController
@Taocntrr@TtaoPasteSpecialDlg@$bdtr$qqrv
@Taocntrr@TtaoPasteSpecialDlg@Assign$qqrp19Classes@TPersistent
@Taocntrr@TtaoPasteSpecialDlg@Flags$qqrv
@Taocntrr@TtaoPasteSpecialDlg@SetClsidExclude$qqrpx16Classes@TStrings
@Taocntrr@TtaoWinControl@
@Taocntrr@TtaoWinControl@CanCopy$qqrv
@Taocntrr@TtaoWinControl@CanDelete$qqrv
@Taocntrr@TtaoWinControl@CanPaste$qqrv
@Taocntrr@TtaoWinControl@CanPickUp$qqrrx12Types@TPoint
@Taocntrr@TtaoWinControl@CanRedo$qqrv
@Taocntrr@TtaoWinControl@CanSelectAll$qqrv
@Taocntrr@TtaoWinControl@CanUndo$qqrv
@Taocntrr@TtaoWinControl@Delete$qqrv
@Taocntrr@TtaoWinControl@DoExecuteAction$qqr26Taocntrr@TtaoExecuteAction
@Taocntrr@TtaoWinControl@DoUpdateAction$qqr25Taocntrr@TtaoUpdateAction
@Taocntrr@TtaoWinControl@GetControlClass$qqrv
@Taocntrr@TtaoWinControl@GetData$qqr17Taocntrr@TtaoKind
@Taocntrr@TtaoWinControl@GetDefaultFormats$qqr22Taocntrr@TtaoDirectionp16Classes@TStrings
@Taocntrr@TtaoWinControl@Redo$qqrv
@Taocntrr@TtaoWinControl@SelectAll$qqrv
@Taocntrr@TtaoWinControl@SetData$qqr17Taocntrr@TtaoKindx45System@%DelphiInterface$t17System@IInterface%rx12Types@TPoint
@Taocntrr@TtaoWinControl@TargetFeedback$qqr19Controls@TDragStateorx12Types@TPoint
@Taocntrr@TtaoWinControl@Undo$qqrv
@Taocntrr@initialization$qqrv
@Taofrmts@Finalization$qqrv
@Taofrmts@ObjectToText$qqrp18Classes@TComponent
@Taofrmts@QueryPrefferedEffect$qqrp27Taocntrr@TtaoInCustomFormatx39System@%DelphiInterface$t11IDataObject%
@Taofrmts@SingleCell$qqrx46System@%DelphiInterface$t18Taofrmts@ItaoCells%
@Taofrmts@StreamToText$qqrp15Classes@TStreami
@Taofrmts@TextToObject$qqrx17System@AnsiStringp18Classes@TComponent
@Taofrmts@TextToStream$qqrx17System@AnsiStringp15Classes@TStream
@Taofrmts@TtaoCells@
@Taofrmts@TtaoCells@$bctr$qqrii
@Taofrmts@TtaoCells@$bdtr$qqrv
@Taofrmts@TtaoCells@CellsRow$qqri
@Taofrmts@TtaoCells@CheckCoords$qqrii
@Taofrmts@TtaoCells@CheckCoords$qqriiii
@Taofrmts@TtaoCells@ColCount$qqrv
@Taofrmts@TtaoCells@DeleteRow$qqri
@Taofrmts@TtaoCells@GetProperty$qqrx17System@AnsiString
@Taofrmts@TtaoCells@GetValue$qqrii
@Taofrmts@TtaoCells@PropertyNames$qqrv
@Taofrmts@TtaoCells@RowCount$qqrv
@Taofrmts@TtaoCells@SetProperty$qqrx17System@AnsiStringrx14System@Variant
@Taofrmts@TtaoCells@SetValue$qqriirx14System@Variant
@Taofrmts@TtaoColumnarCells@
@Taofrmts@TtaoColumnarCells@$bdtr$qqrv
@Taofrmts@TtaoColumnarCells@DefaultValue$qqrxipxv
@Taofrmts@TtaoColumnarCells@DisplayStyles$qqrv
@Taofrmts@TtaoColumnarCells@GetAlignment$qqri
@Taofrmts@TtaoColumnarCells@GetDisplayFormat$qqrix17System@AnsiString
@Taofrmts@TtaoColumnarCells@GetFont$qqrv
@Taofrmts@TtaoColumnarCells@GetWidth$qqri
@Taofrmts@TtaoColumnarCells@SetAlignment$qqri18Classes@TAlignment
@Taofrmts@TtaoColumnarCells@SetDisplayFormat$qqri17System@AnsiStringrx14System@Variant
@Taofrmts@TtaoColumnarCells@SetFont$qqrp14Graphics@TFont
@Taofrmts@TtaoColumnarCells@SetWidth$qqrii
@Taofrmts@TtaoHeadedCells@
@Taofrmts@TtaoHeadedCells@GetTitle$qqri
@Taofrmts@TtaoHeadedCells@SetTitle$qqri17System@AnsiString
@Taofrmts@TtaoInBiff5@
@Taofrmts@TtaoInBiff5@$bctr$qqrp18Classes@TComponent
@Taofrmts@TtaoInBiff8@
@Taofrmts@TtaoInBiff8@$bctr$qqrp18Classes@TComponent
@Taofrmts@TtaoInBiff@
@Taofrmts@TtaoInBiff@Parse$qqrx34System@%DelphiInterface$t7IStream%
@Taofrmts@TtaoInBiff@SetData$qqrx39System@%DelphiInterface$t11IDataObject%
@Taofrmts@TtaoInCells@
@Taofrmts@TtaoInCells@$bctr$qqrp18Classes@TComponent
@Taofrmts@TtaoInCells@SetData$qqrx39System@%DelphiInterface$t11IDataObject%
@Taofrmts@TtaoInFileContents@

Sections

.text
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1.6MB - Virtual size: 6.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 14KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 35KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 903KB - Virtual size: 904KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 155KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
UltraISO_v9.7.6.3829_ԱЯ/App/x86/drivers/FileDlg.exe
.exe windows:4 windows x86

5ff1180aee53404e3d04ef87ff1e52cd

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

39:72:44:3a:f9:22:b7:51:d7:d3:6c:10:dd:31:35:95
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

12/03/2019, 00:00

Not After

31/12/2028, 23:59

Subject

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

b3:ea:74:a5:fe:6f:ee:1d:1e:7a:30:98:75:3d:84:88
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

06/08/2020, 00:00

Not After

06/08/2023, 23:59

Subject

CN=SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO.\, LTD.,O=SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO.\, LTD.,POSTALCODE=518053,STREET=Rm 206\, Building 10\, Liyuan New Village\, Baishi Zhou\, Shahe Rd\, Nanshan Dist,L=Shenzhen,ST=Guangdong Sheng,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/11/2018, 00:00

Not After

31/12/2030, 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

39:72:44:3a:f9:22:b7:51:d7:d3:6c:10:dd:31:35:95
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

12/03/2019, 00:00

Not After

31/12/2028, 23:59

Subject

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

b3:ea:74:a5:fe:6f:ee:1d:1e:7a:30:98:75:3d:84:88
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

06/08/2020, 00:00

Not After

06/08/2023, 23:59

Subject

CN=SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO.\, LTD.,O=SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO.\, LTD.,POSTALCODE=518053,STREET=Rm 206\, Building 10\, Liyuan New Village\, Baishi Zhou\, Shahe Rd\, Nanshan Dist,L=Shenzhen,ST=Guangdong Sheng,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/11/2018, 00:00

Not After

31/12/2030, 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

ff:c9:42:a1:94:e1:fa:c5:af:c9:55:5b:22:2a:6e:55:e5:96:dc:1b:64:ef:26:5a:ce:3d:33:53:9c:d5:91:22
Signer

Actual PE Digest

ff:c9:42:a1:94:e1:fa:c5:af:c9:55:5b:22:2a:6e:55:e5:96:dc:1b:64:ef:26:5a:ce:3d:33:53:9c:d5:91:22

Digest Algorithm

sha256

PE Digest Matches

true

34:f7:ce:f3:af:09:d5:55:6d:79:50:0d:36:53:66:e9:f3:20:bb:58
Signer

Actual PE Digest

34:f7:ce:f3:af:09:d5:55:6d:79:50:0d:36:53:66:e9:f3:20:bb:58

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CloseHandle
CreateFileA
CreateFileMappingA
ExitProcess
GetACP
GetCPInfo
GetCommandLineA
GetCurrentProcessId
GetCurrentThreadId
GetEnvironmentStrings
GetFileType
GetLastError
GetLocalTime
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetProcAddress
GetProcessHeap
GetStartupInfoA
GetStdHandle
GetStringTypeW
GetVersion
HeapAlloc
HeapFree
IsDBCSLeadByteEx
IsDebuggerPresent
LCMapStringA
LoadLibraryA
MapViewOfFile
MultiByteToWideChar
OpenFileMappingA
RaiseException
RtlUnwind
SetConsoleCtrlHandler
SetFilePointer
SetHandleCount
Sleep
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnmapViewOfFile
VirtualAlloc
VirtualFree
VirtualQuery
WideCharToMultiByte
WriteFile

user32

EnumThreadWindows
MessageBoxA
wsprintfA

ole32

CoCreateInstance
CoInitializeEx
CoTaskMemFree
CoUninitialize

Exports

Exports

__GetExceptDLLinfo
___CPPdebugHook

Sections

.text
Size: 46KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
UltraISO_v9.7.6.3829_ԱЯ/App/x86/drivers/ISODrive.sys
.sys windows:5 windows x86

92ceb94f309a340920bfdd2ca5a3b1c7

Code Sign

04:00:00:00:00:01:2f:4e:e1:52:d7
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

13/04/2011, 10:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

04:00:00:00:00:01:2f:4e:e1:35:5c
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

13/04/2011, 10:00

Not After

13/04/2019, 10:00

Subject

CN=GlobalSign CodeSigning CA - G2,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

11:21:40:5c:1f:0e:d2:58:88:2b:e5:4d:86:86:ba:11:ea:45
Certificate

Issuer

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Not Before

23/08/2013, 00:00

Not After

23/09/2024, 00:00

Subject

CN=GlobalSign TSA for MS Authenticode - G1,O=GMO GlobalSign Pte Ltd,C=SG

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

11:21:1b:6c:1d:76:87:d7:89:b2:b9:11:8c:0d:96:22:c4:2f
Certificate

Issuer

CN=GlobalSign CodeSigning CA - G2,O=GlobalSign nv-sa,C=BE

Not Before

19/11/2013, 03:22

Not After

19/11/2016, 03:22

Subject

CN=SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD.,O=SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD.,L=Shenzhen,ST=Guangdong,C=CN,1.2.840.113549.1.9.1=#0c136365727440657a6273797374656d732e636f6d

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:0b:7f:6b:00:00:00:00:00:19
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:00

Not After

23/05/2016, 17:10

Subject

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

dd:de:b4:2a:d6:d7:aa:c4:83:b0:a6:c1:83:05:ea:94:b7:43:5b:72
Signer

Actual PE Digest

dd:de:b4:2a:d6:d7:aa:c4:83:b0:a6:c1:83:05:ea:94:b7:43:5b:72

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

IoDeleteDevice
ZwOpenSymbolicLinkObject
IoCreateSymbolicLink
KeSetEvent
ZwClose
ObReferenceObjectByHandle
PsCreateSystemThread
KeInitializeEvent
KeInitializeSpinLock
IoCreateDevice
RtlAppendUnicodeStringToString
RtlIntegerToUnicodeString
RtlAppendUnicodeToString
ExFreePoolWithTag
ExAllocatePoolWithTag
RtlQueryRegistryValues
RtlInitUnicodeString
SeTokenType
ObfDereferenceObject
KeWaitForSingleObject
IoDeleteSymbolicLink
IofCompleteRequest
RtlCopyUnicodeString
ProbeForWrite
_except_handler3
MmMapLockedPagesSpecifyCache
IofCallDriver
KeGetCurrentThread
IoAllocateIrp
IoGetRelatedDeviceObject
NtAdjustPrivilegesToken
ZwOpenProcessToken
RtlCompareMemory
ZwReadFile
_allmul
_allshr
ExfInterlockedRemoveHeadList
PsRevertToSelf
SeImpersonateClient
PsTerminateSystemThread
IoSetHardErrorOrVerifyDevice
ExfInterlockedInsertTailList
SeCreateClientSecurity
ZwQueryInformationFile
ZwCreateFile
_alldiv
KeTickCount
KeBugCheckEx

Sections

.text
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PAGE
Size: 512B - Virtual size: 366B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

INIT
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
UltraISO_v9.7.6.3829_ԱЯ/App/x86/drivers/ISODrv64.sys
.sys windows:5 windows x64

ca96b7f2935e037ae9b674cc940efc40

Code Sign

04:00:00:00:00:01:2f:4e:e1:52:d7
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

13/04/2011, 10:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

04:00:00:00:00:01:2f:4e:e1:35:5c
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

13/04/2011, 10:00

Not After

13/04/2019, 10:00

Subject

CN=GlobalSign CodeSigning CA - G2,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

11:21:40:5c:1f:0e:d2:58:88:2b:e5:4d:86:86:ba:11:ea:45
Certificate

Issuer

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Not Before

23/08/2013, 00:00

Not After

23/09/2024, 00:00

Subject

CN=GlobalSign TSA for MS Authenticode - G1,O=GMO GlobalSign Pte Ltd,C=SG

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

11:21:1b:6c:1d:76:87:d7:89:b2:b9:11:8c:0d:96:22:c4:2f
Certificate

Issuer

CN=GlobalSign CodeSigning CA - G2,O=GlobalSign nv-sa,C=BE

Not Before

19/11/2013, 03:22

Not After

19/11/2016, 03:22

Subject

CN=SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD.,O=SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD.,L=Shenzhen,ST=Guangdong,C=CN,1.2.840.113549.1.9.1=#0c136365727440657a6273797374656d732e636f6d

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:0b:7f:6b:00:00:00:00:00:19
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:00

Not After

23/05/2016, 17:10

Subject

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

d3:88:77:8f:92:1a:09:c3:82:ed:c0:d5:da:70:19:f0:00:96:93:77
Signer

Actual PE Digest

d3:88:77:8f:92:1a:09:c3:82:ed:c0:d5:da:70:19:f0:00:96:93:77

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

ntoskrnl.exe

ZwOpenSymbolicLinkObject
IoCreateSymbolicLink
KeSetEvent
ZwClose
ObReferenceObjectByHandle
IoDeleteDevice
PsCreateSystemThread
KeInitializeEvent
IoCreateDevice
RtlAppendUnicodeStringToString
RtlIntegerToUnicodeString
RtlAppendUnicodeToString
ExFreePoolWithTag
ExAllocatePoolWithTag
RtlQueryRegistryValues
RtlInitUnicodeString
SeTokenType
ObfDereferenceObject
KeWaitForSingleObject
IoDeleteSymbolicLink
IofCompleteRequest
RtlCopyUnicodeString
__C_specific_handler
ProbeForWrite
IoIs32bitProcess
MmMapLockedPagesSpecifyCache
NtAdjustPrivilegesToken
ZwOpenProcessToken
RtlCompareMemory
ZwReadFile
IofCallDriver
IoAllocateIrp
IoGetRelatedDeviceObject
IoSetHardErrorOrVerifyDevice
PsRevertToSelf
SeImpersonateClient
ExInterlockedRemoveHeadList
PsTerminateSystemThread
ExInterlockedInsertTailList
SeCreateClientSecurity
ZwQueryInformationFile
ZwCreateFile
KeBugCheckEx

Sections

.text
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

PAGE
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

INIT
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
UltraISO_v9.7.6.3829_ԱЯ/App/x86/drivers/IsoCmd.exe
.exe windows:5 windows x86

5d30fe8c13c8cfc987eeeaa6a0eddb98

Code Sign

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6a
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

19/09/2018, 00:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

48:1b:6a:07:a9:42:4c:1e:aa:fe:f3:cd:f1:0f
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign Extended Validation CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

70:10:b8:f0:4d:e6:47:b2:41:5e:bd:f2
Certificate

Issuer

CN=GlobalSign Extended Validation CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

22/09/2020, 15:04

Not After

23/09/2021, 15:04

Subject

SERIALNUMBER=91440301108928638F,CN=Shenzhen Yibo Digital Systems Development Co.\, Ltd.,O=Shenzhen Yibo Digital Systems Development Co.\, Ltd.,L=Shenzhen,ST=Guangdong,C=CN,1.2.840.113549.1.9.1=#0c136365727440657a6273797374656d732e636f6d,1.3.6.1.4.1.311.60.2.1.3=#1302434e,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6a
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

19/09/2018, 00:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

48:1b:6a:07:a9:42:4c:1e:aa:fe:f3:cd:f1:0f
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign Extended Validation CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

70:10:b8:f0:4d:e6:47:b2:41:5e:bd:f2
Certificate

Issuer

CN=GlobalSign Extended Validation CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

22/09/2020, 15:04

Not After

23/09/2021, 15:04

Subject

SERIALNUMBER=91440301108928638F,CN=Shenzhen Yibo Digital Systems Development Co.\, Ltd.,O=Shenzhen Yibo Digital Systems Development Co.\, Ltd.,L=Shenzhen,ST=Guangdong,C=CN,1.2.840.113549.1.9.1=#0c136365727440657a6273797374656d732e636f6d,1.3.6.1.4.1.311.60.2.1.3=#1302434e,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:49:9f:c9:d1:22:1d:c2:55:b5:3f:3c:b9:94:74:50:1a:63:53:a0:b5:50:5f:28:17:99:6e:d4:c3:d4:3a:05
Signer

Actual PE Digest

90:49:9f:c9:d1:22:1d:c2:55:b5:3f:3c:b9:94:74:50:1a:63:53:a0:b5:50:5f:28:17:99:6e:d4:c3:d4:3a:05

Digest Algorithm

sha256

PE Digest Matches

true

5e:fb:91:f9:a3:06:9a:ca:3e:f0:22:e4:23:09:58:96:7e:62:23:0a
Signer

Actual PE Digest

5e:fb:91:f9:a3:06:9a:ca:3e:f0:22:e4:23:09:58:96:7e:62:23:0a

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
__initenv
exit
_cexit
_XcptFilter
_exit
_c_exit
wcslen
toupper
printf
_iob
fprintf
_vsnprintf

advapi32

RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
OpenSCManagerA
RegCreateKeyExA
RegCloseKey
ControlService
StartServiceA
OpenServiceA
DeleteService
CreateServiceA
CloseServiceHandle

kernel32

WideCharToMultiByte
CreateFileA
DeviceIoControl
CloseHandle
QueryDosDeviceA
GetLogicalDriveStringsA
GetLastError
FormatMessageA
LocalFree
GetModuleHandleA
GetProcAddress
Sleep
MultiByteToWideChar
GetCurrentDirectoryA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
DefineDosDeviceA
GetCurrentProcess

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
UltraISO_v9.7.6.3829_ԱЯ/App/x86/drivers/bootpart.exe
.exe windows:5 windows x86

cf316e25eeca39dfcf28358629c34deb

Code Sign

04:00:00:00:00:01:2f:4e:e1:52:d7
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

13/04/2011, 10:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

11:21:d6:99:a7:64:97:3e:f1:f8:42:7e:e9:19:cc:53:41:14
Certificate

Issuer

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Not Before

24/05/2016, 00:00

Not After

24/06/2027, 00:00

Subject

CN=GlobalSign TSA for MS Authenticode - G2,O=GMO GlobalSign Pte Ltd,C=SG

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:66:b7:39:c1:b3:48:ac:9a:ca:14:e9:3d:7e:31:3b
Certificate

Issuer

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

30/07/2017, 00:00

Not After

31/07/2020, 12:00

Subject

CN=SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD.,O=SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD.,L=ShenZhen,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0f:a8:49:06:15:d7:00:a0:be:21:76:fd:c5:ec:6d:bd
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

11/02/2011, 12:00

Not After

10/02/2026, 12:00

Subject

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9e:ff:2e:3e:80:f3:7b:5a:16:c8:b0:13:0e:f0:3a
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/07/2017, 00:00

Not After

31/07/2020, 12:00

Subject

CN=SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD.,O=SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD.,L=ShenZhen,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/10/2019, 00:00

Not After

17/10/2030, 00:00

Subject

CN=TIMESTAMP-SHA256-2019-10-15,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

26:dc:c7:0b:d6:10:a7:95:28:f4:28:65:34:40:d2:5d:97:39:41:95:78:a5:ec:01:95:d0:8b:df:39:f8:be:77
Signer

Actual PE Digest

26:dc:c7:0b:d6:10:a7:95:28:f4:28:65:34:40:d2:5d:97:39:41:95:78:a5:ec:01:95:d0:8b:df:39:f8:be:77

Digest Algorithm

sha256

PE Digest Matches

true

80:72:a6:9b:81:1c:ff:03:49:33:eb:c6:35:bd:bf:bc:ba:8c:33:29
Signer

Actual PE Digest

80:72:a6:9b:81:1c:ff:03:49:33:eb:c6:35:bd:bf:bc:ba:8c:33:29

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
exit
_cexit
_XcptFilter
_exit
_c_exit
strtol
toupper
vfprintf
fputc
fflush
__initenv
strncmp
malloc
free
_iob
fprintf
printf
sprintf

advapi32

OpenSCManagerA
StartServiceA
OpenServiceA
DeleteService
CreateServiceA
CloseServiceHandle
ControlService

kernel32

SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
SetErrorMode
Sleep
GetCurrentDirectoryA
GetModuleHandleA
GetProcAddress
GetCurrentProcess
ReadFile
SetLastError
CreateFileA
QueryDosDeviceA
LocalFree
FormatMessageA
GetLastError
CloseHandle
GetFileSize
DefineDosDeviceA
DeviceIoControl

shell32

SHChangeNotify

setupapi

SetupDiDestroyDeviceInfoList
SetupDiGetDeviceInterfaceDetailA
SetupDiEnumDeviceInterfaces
SetupDiGetClassDevsA
SetupDiGetDeviceRegistryPropertyA

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 832B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
UltraISO_v9.7.6.3829_ԱЯ/App/x86/drivers/bootpart.sys
.sys windows:5 windows x86

7106415a9b05d4b9cfc02293d39a9a38

Code Sign

04:00:00:00:00:01:2f:4e:e1:52:d7
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

13/04/2011, 10:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

04:00:00:00:00:01:2f:4e:e1:35:5c
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

13/04/2011, 10:00

Not After

13/04/2019, 10:00

Subject

CN=GlobalSign CodeSigning CA - G2,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

11:21:40:5c:1f:0e:d2:58:88:2b:e5:4d:86:86:ba:11:ea:45
Certificate

Issuer

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Not Before

23/08/2013, 00:00

Not After

23/09/2024, 00:00

Subject

CN=GlobalSign TSA for MS Authenticode - G1,O=GMO GlobalSign Pte Ltd,C=SG

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

61:29:15:27:00:00:00:00:00:2a
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

15/04/2011, 19:55

Not After

15/04/2021, 20:05

Subject

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

11:21:41:e3:35:6d:f0:a7:a3:e9:39:b9:c2:11:3b:35:cb:09
Certificate

Issuer

CN=GlobalSign CodeSigning CA - G2,O=GlobalSign nv-sa,C=BE

Not Before

25/08/2014, 03:56

Not After

19/11/2016, 03:22

Subject

CN=SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD.,O=SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD.,L=Shenzhen,ST=Guangdong,C=CN,1.2.840.113549.1.9.1=#0c136365727440657a6273797374656d732e636f6d

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

bd:4b:9b:ef:cd:b4:09:36:c9:97:cb:68:d9:fe:7d:87:2b:46:8b:44
Signer

Actual PE Digest

bd:4b:9b:ef:cd:b4:09:36:c9:97:cb:68:d9:fe:7d:87:2b:46:8b:44

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

ZwDeleteKey
ZwOpenKey
IoDeleteDevice
ZwOpenSymbolicLinkObject
RtlAppendUnicodeToString
ExAllocatePoolWithTag
ZwClose
SeTokenType
ObfDereferenceObject
KeWaitForSingleObject
KeSetEvent
ExFreePoolWithTag
IoDeleteSymbolicLink
IofCompleteRequest
ExfInterlockedInsertTailList
KeInitializeEvent
DbgPrint
ZwCreateFile
SeCreateClientSecurity
KeGetCurrentThread
ZwQueryInformationFile
IoCreateSymbolicLink
ZwReadFile
RtlInitUnicodeString
swprintf
_allmul
NtAdjustPrivilegesToken
ZwOpenProcessToken
ExfInterlockedRemoveHeadList
ZwWriteFile
MmMapLockedPagesSpecifyCache
PsRevertToSelf
SeImpersonateClient
PsTerminateSystemThread
KeSetPriorityThread
RtlCopyUnicodeString
ObReferenceObjectByHandle
PsCreateSystemThread
KeInitializeSpinLock
KeTickCount
KeBugCheckEx
MmGetSystemRoutineAddress
wcslen
ZwSetSecurityObject
ObOpenObjectByPointer
IoDeviceObjectType
IoCreateDevice
RtlGetDaclSecurityDescriptor
RtlGetSaclSecurityDescriptor
RtlGetGroupSecurityDescriptor
RtlGetOwnerSecurityDescriptor
_snwprintf
RtlLengthSecurityDescriptor
SeCaptureSecurityDescriptor
SeExports
IoIsWdmVersionAvailable
_wcsnicmp
RtlAddAccessAllowedAce
RtlLengthSid
wcschr
RtlAbsoluteToSelfRelativeSD
RtlSetDaclSecurityDescriptor
RtlCreateSecurityDescriptor
ZwCreateKey
ZwQueryValueKey
ZwSetValueKey
RtlFreeUnicodeString

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 929B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 408B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PAGE
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

INIT
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 686B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
UltraISO_v9.7.6.3829_ԱЯ/App/x86/drivers/bootpt64.sys
.sys windows:5 windows x64

447f1cd11f0211ba9fe52ce23371cafe

Code Sign

04:00:00:00:00:01:2f:4e:e1:52:d7
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

13/04/2011, 10:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

04:00:00:00:00:01:2f:4e:e1:35:5c
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

13/04/2011, 10:00

Not After

13/04/2019, 10:00

Subject

CN=GlobalSign CodeSigning CA - G2,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

11:21:40:5c:1f:0e:d2:58:88:2b:e5:4d:86:86:ba:11:ea:45
Certificate

Issuer

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Not Before

23/08/2013, 00:00

Not After

23/09/2024, 00:00

Subject

CN=GlobalSign TSA for MS Authenticode - G1,O=GMO GlobalSign Pte Ltd,C=SG

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

61:29:15:27:00:00:00:00:00:2a
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

15/04/2011, 19:55

Not After

15/04/2021, 20:05

Subject

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

11:21:41:e3:35:6d:f0:a7:a3:e9:39:b9:c2:11:3b:35:cb:09
Certificate

Issuer

CN=GlobalSign CodeSigning CA - G2,O=GlobalSign nv-sa,C=BE

Not Before

25/08/2014, 03:56

Not After

19/11/2016, 03:22

Subject

CN=SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD.,O=SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD.,L=Shenzhen,ST=Guangdong,C=CN,1.2.840.113549.1.9.1=#0c136365727440657a6273797374656d732e636f6d

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

45:a3:d9:3f:f5:6e:32:c5:3c:58:10:99:70:dd:d9:f9:c4:a5:ca:be
Signer

Actual PE Digest

45:a3:d9:3f:f5:6e:32:c5:3c:58:10:99:70:dd:d9:f9:c4:a5:ca:be

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

ntoskrnl.exe

ZwDeleteKey
ZwOpenKey
IoDeleteDevice
ZwOpenSymbolicLinkObject
RtlAppendUnicodeToString
ExAllocatePoolWithTag
ZwClose
SeTokenType
ObfDereferenceObject
KeWaitForSingleObject
KeSetEvent
ExFreePoolWithTag
IoDeleteSymbolicLink
IofCompleteRequest
ExInterlockedInsertTailList
KeInitializeEvent
DbgPrint
ZwCreateFile
SeCreateClientSecurity
ZwQueryInformationFile
IoCreateSymbolicLink
ZwReadFile
RtlInitUnicodeString
swprintf
NtAdjustPrivilegesToken
ZwOpenProcessToken
ZwWriteFile
MmMapLockedPagesSpecifyCache
PsRevertToSelf
SeImpersonateClient
ExInterlockedRemoveHeadList
PsTerminateSystemThread
KeSetPriorityThread
RtlCopyUnicodeString
ObReferenceObjectByHandle
PsCreateSystemThread
KeBugCheckEx
MmGetSystemRoutineAddress
ZwSetSecurityObject
ObOpenObjectByPointer
IoDeviceObjectType
IoCreateDevice
RtlGetDaclSecurityDescriptor
RtlGetSaclSecurityDescriptor
RtlGetGroupSecurityDescriptor
RtlGetOwnerSecurityDescriptor
_snwprintf
RtlLengthSecurityDescriptor
SeCaptureSecurityDescriptor
SeExports
IoIsWdmVersionAvailable
_wcsnicmp
RtlAddAccessAllowedAce
RtlLengthSid
wcschr
RtlAbsoluteToSelfRelativeSD
RtlSetDaclSecurityDescriptor
RtlCreateSecurityDescriptor
ZwCreateKey
ZwQueryValueKey
ZwSetValueKey
RtlFreeUnicodeString

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 764B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 756B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

PAGE
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

INIT
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
UltraISO_v9.7.6.3829_ԱЯ/App/x86/isoshell.dll
.dll regsvr32 windows:4 windows x86

7c74863037feb824f5529aae329b8db8

Code Sign

04:00:00:00:00:01:2f:4e:e1:52:d7
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

13/04/2011, 10:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

11:21:d6:99:a7:64:97:3e:f1:f8:42:7e:e9:19:cc:53:41:14
Certificate

Issuer

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Not Before

24/05/2016, 00:00

Not After

24/06/2027, 00:00

Subject

CN=GlobalSign TSA for MS Authenticode - G2,O=GMO GlobalSign Pte Ltd,C=SG

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:66:b7:39:c1:b3:48:ac:9a:ca:14:e9:3d:7e:31:3b
Certificate

Issuer

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

30/07/2017, 00:00

Not After

31/07/2020, 12:00

Subject

CN=SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD.,O=SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD.,L=ShenZhen,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0f:a8:49:06:15:d7:00:a0:be:21:76:fd:c5:ec:6d:bd
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

11/02/2011, 12:00

Not After

10/02/2026, 12:00

Subject

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9e:ff:2e:3e:80:f3:7b:5a:16:c8:b0:13:0e:f0:3a
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/07/2017, 00:00

Not After

31/07/2020, 12:00

Subject

CN=SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD.,O=SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD.,L=ShenZhen,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/10/2019, 00:00

Not After

17/10/2030, 00:00

Subject

CN=TIMESTAMP-SHA256-2019-10-15,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

b6:47:3c:df:4a:26:da:41:6a:b6:13:5b:fc:0d:cf:62:c5:3b:a2:4b:bd:e4:52:f8:3b:5c:5c:25:77:99:67:7a
Signer

Actual PE Digest

b6:47:3c:df:4a:26:da:41:6a:b6:13:5b:fc:0d:cf:62:c5:3b:a2:4b:bd:e4:52:f8:3b:5c:5c:25:77:99:67:7a

Digest Algorithm

sha256

PE Digest Matches

true

31:d0:a0:87:93:a7:5b:4d:be:fc:0f:3e:d5:f3:5f:97:62:2d:98:2c
Signer

Actual PE Digest

31:d0:a0:87:93:a7:5b:4d:be:fc:0f:3e:d5:f3:5f:97:62:2d:98:2c

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DisableThreadLibraryCalls
HeapAlloc
GetSystemInfo
GetVersionExA
HeapCreate
GetVersion
lstrlenA
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
InterlockedIncrement
EnterCriticalSection
InterlockedDecrement
lstrlenW
GetShortPathNameA
GetModuleHandleA
GetModuleFileNameA
FreeLibrary
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
GetDriveTypeA
lstrcpynA
IsDBCSLeadByte
HeapDestroy
GetProcAddress
LoadLibraryA
lstrcpyA
lstrcatA
DebugBreak
HeapReAlloc
HeapFree
GlobalUnlock
GlobalLock
GetFileAttributesA
lstrcpynW
WinExec
SetCurrentDirectoryA
ReadFile
LocalAlloc
GetFileInformationByHandle
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
CreateFileA
DeviceIoControl
CloseHandle
WideCharToMultiByte
QueryDosDeviceA
DefineDosDeviceA
Sleep
GetLastError
FormatMessageA
lstrcmpiA
LocalFree
RtlUnwind

user32

CharNextA
wsprintfA
LoadImageA
InsertMenuItemA
InsertMenuA
CreatePopupMenu
MessageBoxA
SetMenuItemBitmaps

advapi32

RegDeleteKeyA
RegCreateKeyExA
RegSetValueExA
RegCloseKey
RegOpenKeyExA
RegEnumKeyExA
RegQueryInfoKeyA
RegEnumValueA
RegQueryValueExA
RegOpenKeyA
RegDeleteValueA

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetMalloc
DragQueryFileA

ole32

ReleaseStgMedium
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
CoTaskMemRealloc

oleaut32

LoadTypeLi
SysAllocString
SysFreeString
VarUI4FromStr
LoadRegTypeLi
SysStringLen
RegisterTypeLi

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
UltraISO_v9.7.6.3829_ԱЯ/App/x86/isoshl64.dll
.dll regsvr32 windows:5 windows x64

cbc1e923185663d97dcb6695ccfa95a2

Code Sign

04:00:00:00:00:01:2f:4e:e1:52:d7
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

13/04/2011, 10:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

11:21:d6:99:a7:64:97:3e:f1:f8:42:7e:e9:19:cc:53:41:14
Certificate

Issuer

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Not Before

24/05/2016, 00:00

Not After

24/06/2027, 00:00

Subject

CN=GlobalSign TSA for MS Authenticode - G2,O=GMO GlobalSign Pte Ltd,C=SG

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:66:b7:39:c1:b3:48:ac:9a:ca:14:e9:3d:7e:31:3b
Certificate

Issuer

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

30/07/2017, 00:00

Not After

31/07/2020, 12:00

Subject

CN=SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD.,O=SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD.,L=ShenZhen,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0f:a8:49:06:15:d7:00:a0:be:21:76:fd:c5:ec:6d:bd
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

11/02/2011, 12:00

Not After

10/02/2026, 12:00

Subject

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9e:ff:2e:3e:80:f3:7b:5a:16:c8:b0:13:0e:f0:3a
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/07/2017, 00:00

Not After

31/07/2020, 12:00

Subject

CN=SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD.,O=SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD.,L=ShenZhen,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/10/2019, 00:00

Not After

17/10/2030, 00:00

Subject

CN=TIMESTAMP-SHA256-2019-10-15,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

1e:9d:48:85:f7:e3:98:c4:12:e7:e5:af:01:12:cd:18:f2:19:06:7a:89:95:d3:11:cd:35:3b:d4:46:e4:ee:d9
Signer

Actual PE Digest

1e:9d:48:85:f7:e3:98:c4:12:e7:e5:af:01:12:cd:18:f2:19:06:7a:89:95:d3:11:cd:35:3b:d4:46:e4:ee:d9

Digest Algorithm

sha256

PE Digest Matches

true

d9:fe:7e:e3:01:d1:f6:94:c1:1c:ec:f5:3e:83:9f:5f:8e:83:51:0c
Signer

Actual PE Digest

d9:fe:7e:e3:01:d1:f6:94:c1:1c:ec:f5:3e:83:9f:5f:8e:83:51:0c

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

lstrlenW
RaiseException
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
GetProcAddress
GetModuleHandleA
lstrlenA
lstrcmpiA
DisableThreadLibraryCalls
GetModuleFileNameA
GetModuleHandleW
IsDBCSLeadByte
GetVersion
FreeLibrary
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
GlobalUnlock
GetDriveTypeA
GetFileAttributesA
lstrcpynA
lstrcpynW
WinExec
SetCurrentDirectoryA
ReadFile
LocalAlloc
GetFileInformationByHandle
lstrcatA
lstrcpyA
LoadLibraryW
GetStringTypeW
LCMapStringW
GetSystemTimeAsFileTime
GetCurrentProcessId
MultiByteToWideChar
CreateFileA
DeviceIoControl
CloseHandle
WideCharToMultiByte
QueryDosDeviceA
DefineDosDeviceA
Sleep
GetLastError
FormatMessageA
GlobalLock
LocalFree
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStartupInfoW
GetFileType
SetHandleCount
HeapSize
HeapReAlloc
HeapDestroy
HeapCreate
HeapSetInformation
GetModuleFileNameW
GetStdHandle
WriteFile
ExitProcess
FlsAlloc
SetLastError
HeapAlloc
HeapFree
RtlPcToFileHeader
VirtualProtect
VirtualAlloc
SetThreadStackGuarantee
GetSystemInfo
VirtualQuery
DecodePointer
EncodePointer
RtlLookupFunctionEntry
RtlUnwindEx
GetCurrentThreadId
FlsSetValue
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlCaptureContext
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
FlsGetValue
FlsFree

user32

CreatePopupMenu
CharNextA
CharNextW
SetMenuItemBitmaps
LoadImageA
InsertMenuItemA
MessageBoxA
wsprintfA
InsertMenuA

advapi32

RegQueryValueExA
RegQueryInfoKeyA
RegEnumKeyExA
RegQueryInfoKeyW
RegSetValueExA
RegCloseKey
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegOpenKeyExA
RegOpenKeyA

shell32

DragQueryFileA
SHGetMalloc
SHGetPathFromIDListA
SHBrowseForFolderA

ole32

ReleaseStgMedium
StringFromGUID2
CoCreateInstance
CoTaskMemFree
CoTaskMemAlloc
CoTaskMemRealloc

oleaut32

LoadRegTypeLi
VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
SysAllocString
SysFreeString
SysStringLen

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
UltraISO_v9.7.6.3829_ԱЯ/App/x86/lang/lang_cn.dll
.dll windows:4 windows x86

a760606a533af4814ef9283c1ca3b322

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

39:72:44:3a:f9:22:b7:51:d7:d3:6c:10:dd:31:35:95
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

12/03/2019, 00:00

Not After

31/12/2028, 23:59

Subject

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

b3:ea:74:a5:fe:6f:ee:1d:1e:7a:30:98:75:3d:84:88
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

06/08/2020, 00:00

Not After

06/08/2023, 23:59

Subject

CN=SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO.\, LTD.,O=SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO.\, LTD.,POSTALCODE=518053,STREET=Rm 206\, Building 10\, Liyuan New Village\, Baishi Zhou\, Shahe Rd\, Nanshan Dist,L=Shenzhen,ST=Guangdong Sheng,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/11/2018, 00:00

Not After

31/12/2030, 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

39:72:44:3a:f9:22:b7:51:d7:d3:6c:10:dd:31:35:95
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

12/03/2019, 00:00

Not After

31/12/2028, 23:59

Subject

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

b3:ea:74:a5:fe:6f:ee:1d:1e:7a:30:98:75:3d:84:88
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

06/08/2020, 00:00

Not After

06/08/2023, 23:59

Subject

CN=SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO.\, LTD.,O=SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO.\, LTD.,POSTALCODE=518053,STREET=Rm 206\, Building 10\, Liyuan New Village\, Baishi Zhou\, Shahe Rd\, Nanshan Dist,L=Shenzhen,ST=Guangdong Sheng,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/11/2018, 00:00

Not After

31/12/2030, 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

81:89:aa:e8:4e:83:e7:aa:13:b9:d0:b3:d2:b6:59:cc:c8:4c:58:23:68:71:26:bc:c4:7d:ca:1c:da:e1:7c:33
Signer

Actual PE Digest

81:89:aa:e8:4e:83:e7:aa:13:b9:d0:b3:d2:b6:59:cc:c8:4c:58:23:68:71:26:bc:c4:7d:ca:1c:da:e1:7c:33

Digest Algorithm

sha256

PE Digest Matches

true

fb:4b:f6:8a:01:a8:ae:77:d0:30:a7:c7:b1:98:21:15:ff:61:be:0c
Signer

Actual PE Digest

fb:4b:f6:8a:01:a8:ae:77:d0:30:a7:c7:b1:98:21:15:ff:61:be:0c

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileA
ExitProcess
FreeEnvironmentStringsA
GetACP
GetCPInfo
GetCurrentThreadId
GetEnvironmentStrings
GetFileType
GetLastError
GetLocalTime
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetProcAddress
GetProcessHeap
GetStartupInfoA
GetStdHandle
GetStringTypeW
GetVersion
GetVersionExA
GlobalMemoryStatus
HeapAlloc
HeapFree
LoadLibraryA
RaiseException
RtlUnwind
SetConsoleCtrlHandler
SetFilePointer
SetHandleCount
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
WriteFile

user32

EnumThreadWindows
MessageBoxA
wsprintfA

Exports

Exports

GetFontName
GetFontSize
GetLangID
GetLangName
GetLangStr
___CPPdebugHook

Sections

.text
Size: 31KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 33KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
UltraISO_v9.7.6.3829_ԱЯ/App/x86/lang/lang_tw.dll
.dll windows:4 windows x86

a760606a533af4814ef9283c1ca3b322

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

39:72:44:3a:f9:22:b7:51:d7:d3:6c:10:dd:31:35:95
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

12/03/2019, 00:00

Not After

31/12/2028, 23:59

Subject

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

b3:ea:74:a5:fe:6f:ee:1d:1e:7a:30:98:75:3d:84:88
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

06/08/2020, 00:00

Not After

06/08/2023, 23:59

Subject

CN=SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO.\, LTD.,O=SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO.\, LTD.,POSTALCODE=518053,STREET=Rm 206\, Building 10\, Liyuan New Village\, Baishi Zhou\, Shahe Rd\, Nanshan Dist,L=Shenzhen,ST=Guangdong Sheng,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/11/2018, 00:00

Not After

31/12/2030, 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

39:72:44:3a:f9:22:b7:51:d7:d3:6c:10:dd:31:35:95
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

12/03/2019, 00:00

Not After

31/12/2028, 23:59

Subject

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

b3:ea:74:a5:fe:6f:ee:1d:1e:7a:30:98:75:3d:84:88
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

06/08/2020, 00:00

Not After

06/08/2023, 23:59

Subject

CN=SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO.\, LTD.,O=SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO.\, LTD.,POSTALCODE=518053,STREET=Rm 206\, Building 10\, Liyuan New Village\, Baishi Zhou\, Shahe Rd\, Nanshan Dist,L=Shenzhen,ST=Guangdong Sheng,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/11/2018, 00:00

Not After

31/12/2030, 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

aa:f6:4c:8d:1e:3e:ad:9d:b3:7b:60:39:d8:21:25:aa:ef:9d:17:17:73:69:ad:7e:e9:13:52:81:36:47:f0:d5
Signer

Actual PE Digest

aa:f6:4c:8d:1e:3e:ad:9d:b3:7b:60:39:d8:21:25:aa:ef:9d:17:17:73:69:ad:7e:e9:13:52:81:36:47:f0:d5

Digest Algorithm

sha256

PE Digest Matches

true

ce:56:56:9f:cf:1d:43:a7:d3:a7:22:05:67:41:1a:31:24:62:4a:e7
Signer

Actual PE Digest

ce:56:56:9f:cf:1d:43:a7:d3:a7:22:05:67:41:1a:31:24:62:4a:e7

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileA
ExitProcess
FreeEnvironmentStringsA
GetACP
GetCPInfo
GetCurrentThreadId
GetEnvironmentStrings
GetFileType
GetLastError
GetLocalTime
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetProcAddress
GetProcessHeap
GetStartupInfoA
GetStdHandle
GetStringTypeW
GetVersion
GetVersionExA
GlobalMemoryStatus
HeapAlloc
HeapFree
LoadLibraryA
RaiseException
RtlUnwind
SetConsoleCtrlHandler
SetFilePointer
SetHandleCount
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
WriteFile

user32

EnumThreadWindows
MessageBoxA
wsprintfA

Exports

Exports

GetFontName
GetFontSize
GetLangID
GetLangName
GetLangStr
___CPPdebugHook

Sections

.text
Size: 31KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 34KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
UltraISO_v9.7.6.3829_ԱЯ/UltraISOPortable.exe
.exe windows:5 windows x86

870b8e75c7190e202e9c6c81dff1040c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

__WSAFDIsSet
setsockopt
ntohs
recvfrom
sendto
htons
select
listen
WSAStartup
bind
closesocket
connect
socket
send
WSACleanup
ioctlsocket
accept
WSAGetLastError
inet_addr
gethostbyname
gethostname
recv

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

winmm

timeGetTime
waveOutSetVolume
mciSendStringW

comctl32

ImageList_Remove
ImageList_SetDragCursorImage
ImageList_BeginDrag
ImageList_DragEnter
ImageList_DragLeave
ImageList_EndDrag
ImageList_DragMove
ImageList_ReplaceIcon
ImageList_Create
InitCommonControlsEx
ImageList_Destroy

mpr

WNetCancelConnection2W
WNetGetConnectionW
WNetAddConnection2W
WNetUseConnectionW

wininet

InternetReadFile
InternetCloseHandle
InternetOpenW
InternetSetOptionW
InternetCrackUrlW
HttpQueryInfoW
InternetConnectW
HttpOpenRequestW
HttpSendRequestW
FtpOpenFileW
FtpGetFileSize
InternetOpenUrlW
InternetQueryOptionW
InternetQueryDataAvailable

psapi

EnumProcesses
GetModuleBaseNameW
GetProcessMemoryInfo
EnumProcessModules

userenv

CreateEnvironmentBlock
DestroyEnvironmentBlock
UnloadUserProfile
LoadUserProfileW

kernel32

HeapAlloc
Sleep
GetCurrentThreadId
RaiseException
MulDiv
GetVersionExW
GetSystemInfo
MultiByteToWideChar
WideCharToMultiByte
GetModuleHandleW
QueryPerformanceCounter
VirtualFreeEx
OpenProcess
VirtualAllocEx
WriteProcessMemory
ReadProcessMemory
CreateFileW
SetFilePointerEx
ReadFile
WriteFile
FlushFileBuffers
TerminateProcess
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
SetFileTime
GetFileAttributesW
FindFirstFileW
FindClose
DeleteFileW
FindNextFileW
lstrcmpiW
MoveFileW
CopyFileW
CreateDirectoryW
RemoveDirectoryW
SetSystemPowerState
QueryPerformanceFrequency
FindResourceW
LoadResource
LockResource
SizeofResource
GetProcessHeap
OutputDebugStringW
GetLocalTime
CompareStringW
CompareStringA
InterlockedIncrement
InterlockedDecrement
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
GetStdHandle
CreatePipe
InterlockedExchange
TerminateThread
GetTempPathW
GetTempFileNameW
VirtualFree
FormatMessageW
GetExitCodeProcess
SetErrorMode
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileSectionW
WritePrivateProfileSectionW
GetPrivateProfileSectionNamesW
FileTimeToLocalFileTime
FileTimeToSystemTime
SystemTimeToFileTime
LocalFileTimeToFileTime
GetDriveTypeW
GetDiskFreeSpaceExW
GetDiskFreeSpaceW
GetVolumeInformationW
SetVolumeLabelW
CreateHardLinkW
DeviceIoControl
SetFileAttributesW
GetShortPathNameW
CreateEventW
SetEvent
GetEnvironmentVariableW
SetEnvironmentVariableW
GlobalLock
GlobalUnlock
GlobalAlloc
GetFileSize
GlobalFree
GlobalMemoryStatusEx
Beep
GetComputerNameW
GetWindowsDirectoryW
GetSystemDirectoryW
GetCurrentProcessId
GetCurrentThread
GetProcessIoCounters
CreateProcessW
SetPriorityClass
LoadLibraryW
VirtualAlloc
LoadLibraryExW
HeapFree
WaitForSingleObject
CreateThread
DuplicateHandle
GetLastError
CloseHandle
GetCurrentProcess
GetProcAddress
LoadLibraryA
FreeLibrary
GetModuleFileNameW
GetFullPathNameW
ExitProcess
ExitThread
GetSystemTimeAsFileTime
SetCurrentDirectoryW
IsDebuggerPresent
GetCurrentDirectoryW
ResumeThread
GetStartupInfoW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
HeapSize
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetModuleFileNameA
HeapReAlloc
HeapCreate
SetHandleCount
GetFileType
GetStartupInfoA
SetStdHandle
GetConsoleCP
GetConsoleMode
LCMapStringW
LCMapStringA
RtlUnwind
SetFilePointer
GetTimeZoneInformation
GetTimeFormatA
GetDateFormatA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetTickCount
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetModuleHandleA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEndOfFile
EnumResourceNamesW
SetEnvironmentVariableA

user32

SetWindowPos
GetCursorInfo
RegisterHotKey
ClientToScreen
GetKeyboardLayoutNameW
IsCharAlphaW
IsCharAlphaNumericW
IsCharLowerW
IsCharUpperW
GetMenuStringW
GetSubMenu
GetCaretPos
IsZoomed
MonitorFromPoint
GetMonitorInfoW
SetWindowLongW
SetLayeredWindowAttributes
FlashWindow
GetClassLongW
TranslateAcceleratorW
IsDialogMessageW
GetSysColor
InflateRect
DrawFocusRect
DrawTextW
FrameRect
DrawFrameControl
FillRect
PtInRect
DestroyAcceleratorTable
CreateAcceleratorTableW
SetCursor
GetWindowDC
GetSystemMetrics
GetActiveWindow
CharNextW
wsprintfW
RedrawWindow
DrawMenuBar
DestroyMenu
SetMenu
GetWindowTextLengthW
CreateMenu
IsDlgButtonChecked
DefDlgProcW
ReleaseCapture
SetCapture
WindowFromPoint
CreateIconFromResourceEx
mouse_event
ExitWindowsEx
SetActiveWindow
FindWindowExW
EnumThreadWindows
SetMenuDefaultItem
InsertMenuItemW
IsMenu
TrackPopupMenuEx
GetCursorPos
DeleteMenu
CheckMenuRadioItem
CopyImage
GetMenuItemCount
SetMenuItemInfoW
GetMenuItemInfoW
SetForegroundWindow
IsIconic
FindWindowW
SystemParametersInfoW
PeekMessageW
SendInput
GetAsyncKeyState
SetKeyboardState
GetKeyboardState
GetKeyState
VkKeyScanW
LoadStringW
DialogBoxParamW
MessageBeep
EndDialog
SendDlgItemMessageW
GetDlgItem
SetWindowTextW
CopyRect
ReleaseDC
GetDC
EndPaint
BeginPaint
GetClientRect
GetMenu
DestroyWindow
EnumWindows
GetDesktopWindow
IsWindow
IsWindowEnabled
IsWindowVisible
EnableWindow
InvalidateRect
GetWindowThreadProcessId
AttachThreadInput
GetFocus
GetWindowTextW
ScreenToClient
SendMessageTimeoutW
EnumChildWindows
CharUpperBuffW
GetClassNameW
GetParent
GetDlgCtrlID
SendMessageW
MapVirtualKeyW
PostMessageW
GetWindowRect
SetUserObjectSecurity
GetUserObjectSecurity
CloseDesktop
CloseWindowStation
OpenDesktopW
SetProcessWindowStation
GetProcessWindowStation
OpenWindowStationW
MessageBoxW
DefWindowProcW
MoveWindow
AdjustWindowRectEx
SetRect
SetClipboardData
EmptyClipboard
CountClipboardFormats
CloseClipboard
GetClipboardData
IsClipboardFormatAvailable
OpenClipboard
BlockInput
GetMessageW
LockWindowUpdate
DispatchMessageW
GetMenuItemID
TranslateMessage
SetFocus
PostQuitMessage
KillTimer
CreatePopupMenu
RegisterWindowMessageW
SetTimer
ShowWindow
CreateWindowExW
RegisterClassExW
LoadIconW
LoadCursorW
GetSysColorBrush
GetForegroundWindow
MessageBoxA
DestroyIcon
UnregisterHotKey
CharLowerBuffW
MonitorFromRect
keybd_event
LoadImageW
GetWindowLongW

gdi32

DeleteObject
GetObjectW
GetTextExtentPoint32W
ExtCreatePen
StrokeAndFillPath
StrokePath
EndPath
SetPixel
CloseFigure
CreateCompatibleBitmap
CreateCompatibleDC
SelectObject
StretchBlt
GetDIBits
LineTo
AngleArc
MoveToEx
Ellipse
PolyDraw
BeginPath
Rectangle
GetDeviceCaps
SetBkMode
RoundRect
SetBkColor
CreatePen
CreateSolidBrush
SetTextColor
CreateFontW
GetTextFaceW
GetStockObject
CreateDCW
GetPixel
DeleteDC
SetViewportOrgEx

comdlg32

GetSaveFileNameW
GetOpenFileNameW

advapi32

RegEnumValueW
RegDeleteValueW
RegDeleteKeyW
RegSetValueExW
RegCreateKeyExW
GetUserNameW
RegConnectRegistryW
RegEnumKeyExW
CloseServiceHandle
UnlockServiceDatabase
LockServiceDatabase
OpenSCManagerW
InitiateSystemShutdownExW
AdjustTokenPrivileges
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
OpenThreadToken
OpenProcessToken
LookupPrivilegeValueW
DuplicateTokenEx
CreateProcessAsUserW
CreateProcessWithLogonW
InitializeSecurityDescriptor
InitializeAcl
GetLengthSid
SetSecurityDescriptorDacl
CopySid
LogonUserW
GetTokenInformation
GetAclInformation
GetAce
AddAce
GetSecurityDescriptorDacl

shell32

DragQueryPoint
ShellExecuteExW
SHGetFolderPathW
DragQueryFileW
SHEmptyRecycleBinW
SHBrowseForFolderW
SHFileOperationW
SHGetPathFromIDListW
SHGetDesktopFolder
SHGetMalloc
ExtractIconExW
Shell_NotifyIconW
ShellExecuteW
DragFinish

ole32

OleSetMenuDescriptor
MkParseDisplayName
OleSetContainedObject
CoInitialize
CoUninitialize
CoCreateInstance
CreateStreamOnHGlobal
CoTaskMemAlloc
CoTaskMemFree
CLSIDFromString
StringFromCLSID
IIDFromString
StringFromIID
OleInitialize
CreateBindCtx
CLSIDFromProgID
CoInitializeSecurity
CoCreateInstanceEx
CoSetProxyBlanket
OleUninitialize

oleaut32

SafeArrayAllocData
SafeArrayAllocDescriptorEx
SysAllocString
OleLoadPicture
SafeArrayGetVartype
SafeArrayDestroyData
SafeArrayAccessData
VarR8FromDec
VariantTimeToSystemTime
VariantClear
VariantCopy
VariantInit
SafeArrayDestroyDescriptor
LoadRegTypeLi
GetActiveObject
SafeArrayUnaccessData

Sections

.text
Size: 512KB - Virtual size: 512KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
UltraISO_v9.7.6.3829_ԱЯ/Я־.txt

Sharing

General

Malware Config

Signatures

Files

f62155445574687e01f3d8fcd0176b46

Code Sign

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6aCertificate

Key Usages

48:1b:6a:07:a9:42:4c:1e:aa:fe:f3:cd:f1:0fCertificate

Extended Key Usages

Key Usages

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:ddCertificate

Extended Key Usages

Key Usages

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate

Extended Key Usages

Key Usages

70:10:b8:f0:4d:e6:47:b2:41:5e:bd:f2Certificate

Extended Key Usages

Key Usages

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6aCertificate

Key Usages

48:1b:6a:07:a9:42:4c:1e:aa:fe:f3:cd:f1:0fCertificate

Extended Key Usages

Key Usages

70:10:b8:f0:4d:e6:47:b2:41:5e:bd:f2Certificate

Extended Key Usages

Key Usages

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:ddCertificate

Extended Key Usages

Key Usages

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate

Extended Key Usages

Key Usages

40:a0:ac:35:20:bb:52:1c:46:5b:16:55:d1:d9:b6:5e:d0:0b:ad:2c:c8:06:94:cf:dd:e2:9b:f9:41:7b:e3:d3Signer

63:f7:8a:9e:7c:97:2e:3a:24:ab:68:83:58:54:73:f0:75:ad:ec:daSigner

Headers

File Characteristics

Imports

setupapi

advapi32

kernel32

mpr

version

comctl32

comdlg32

gdi32

shell32

user32

winmm

ole32

oleaut32

oledlg

Exports

Exports

Sections

.text Size: 2.5MB - Virtual size: 2.5MB

.data Size: 1.6MB - Virtual size: 6.6MB

.tls Size: 512B - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.idata Size: 14KB - Virtual size: 16KB

.edata Size: 35KB - Virtual size: 36KB

.rsrc Size: 903KB - Virtual size: 904KB

.reloc Size: 155KB - Virtual size: 156KB

5ff1180aee53404e3d04ef87ff1e52cd

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:ddCertificate

Extended Key Usages

Key Usages

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate

Extended Key Usages

Key Usages

39:72:44:3a:f9:22:b7:51:d7:d3:6c:10:dd:31:35:95Certificate

Key Usages

b3:ea:74:a5:fe:6f:ee:1d:1e:7a:30:98:75:3d:84:88Certificate

Extended Key Usages

Key Usages

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6aCertificate

Extended Key Usages

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6a
Certificate

48:1b:6a:07:a9:42:4c:1e:aa:fe:f3:cd:f1:0f
Certificate

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

70:10:b8:f0:4d:e6:47:b2:41:5e:bd:f2
Certificate

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6a
Certificate

48:1b:6a:07:a9:42:4c:1e:aa:fe:f3:cd:f1:0f
Certificate

70:10:b8:f0:4d:e6:47:b2:41:5e:bd:f2
Certificate

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

40:a0:ac:35:20:bb:52:1c:46:5b:16:55:d1:d9:b6:5e:d0:0b:ad:2c:c8:06:94:cf:dd:e2:9b:f9:41:7b:e3:d3
Signer

63:f7:8a:9e:7c:97:2e:3a:24:ab:68:83:58:54:73:f0:75:ad:ec:da
Signer

.text
Size: 2.5MB - Virtual size: 2.5MB

.data
Size: 1.6MB - Virtual size: 6.6MB

.tls
Size: 512B - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.idata
Size: 14KB - Virtual size: 16KB

.edata
Size: 35KB - Virtual size: 36KB

.rsrc
Size: 903KB - Virtual size: 904KB

.reloc
Size: 155KB - Virtual size: 156KB

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

39:72:44:3a:f9:22:b7:51:d7:d3:6c:10:dd:31:35:95
Certificate

b3:ea:74:a5:fe:6f:ee:1d:1e:7a:30:98:75:3d:84:88
Certificate

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

39:72:44:3a:f9:22:b7:51:d7:d3:6c:10:dd:31:35:95
Certificate

b3:ea:74:a5:fe:6f:ee:1d:1e:7a:30:98:75:3d:84:88
Certificate

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

ff:c9:42:a1:94:e1:fa:c5:af:c9:55:5b:22:2a:6e:55:e5:96:dc:1b:64:ef:26:5a:ce:3d:33:53:9c:d5:91:22
Signer

34:f7:ce:f3:af:09:d5:55:6d:79:50:0d:36:53:66:e9:f3:20:bb:58
Signer

.text
Size: 46KB - Virtual size: 48KB

.data
Size: 12KB - Virtual size: 24KB

.tls
Size: 512B - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.idata
Size: 1KB - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 4KB

.rsrc
Size: 1024B - Virtual size: 4KB

.reloc
Size: 3KB - Virtual size: 4KB

04:00:00:00:00:01:2f:4e:e1:52:d7
Certificate

04:00:00:00:00:01:2f:4e:e1:35:5c
Certificate

11:21:40:5c:1f:0e:d2:58:88:2b:e5:4d:86:86:ba:11:ea:45
Certificate

11:21:1b:6c:1d:76:87:d7:89:b2:b9:11:8c:0d:96:22:c4:2f
Certificate

61:0b:7f:6b:00:00:00:00:00:19
Certificate

dd:de:b4:2a:d6:d7:aa:c4:83:b0:a6:c1:83:05:ea:94:b7:43:5b:72
Signer

.text
Size: 44KB - Virtual size: 44KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 15KB - Virtual size: 15KB

PAGE
Size: 512B - Virtual size: 366B

INIT
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 1024B - Virtual size: 912B

.reloc
Size: 2KB - Virtual size: 1KB

04:00:00:00:00:01:2f:4e:e1:52:d7
Certificate

04:00:00:00:00:01:2f:4e:e1:35:5c
Certificate

11:21:40:5c:1f:0e:d2:58:88:2b:e5:4d:86:86:ba:11:ea:45
Certificate