f49b7a52f8461c84df8893fdbde205a32df25355945c49e34a2dabae0ab29645[.]zip[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

f49b7a52f8461c84df8893fdbde205a32df25355945c49e34a2dabae0ab29645.zip.zip
Size

5.0MB
MD5

2eee48fece28d0fdd7afae588a45d858
SHA1

7e76910db5a5da2b4a620bb2be8095859137f27e
SHA256

ea4d5f09e4fc91deb5b09d6773ab4e5f35d008f8cd3d9d8f9be0b5bad3e98b56
SHA512

07127e3d862c9a7843e75bf7867b1ea643f4b4aec54411e4874e742824d47910e31559d4801c7c77bd5553804115561e037986f07acd733b0fb481ce0c111c21
SSDEEP

98304:iRa4YgaYGD6F1J4Uudoj1bjVvjwXkLKF1Imrk4Vh0lEo/FIEm49cEgulj41/kdfW:iRaSGGFP4UJ1bJc2KYmrVhwEeM49cEgX

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack002/finaldata/FINALDATA.exe	upx

Unsigned PE 5 IoCs

Checks for missing Authenticode signature.

resource
unpack002/finaldata/FINALDATA.exe
unpack003/out.upx
unpack002/finaldata/HunLib.dll
unpack002/finaldata/INFDRV.dll
unpack002/finaldata/fdxutil.dll

Files

f49b7a52f8461c84df8893fdbde205a32df25355945c49e34a2dabae0ab29645.zip.zip
.zip

Password: infected
f49b7a52f8461c84df8893fdbde205a32df25355945c49e34a2dabae0ab29645.zip
.zip
finaldata/FDIDE.VXD
finaldata/FINALDATA.exe
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 7.2MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 4.4MB - Virtual size: 4.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 484KB - Virtual size: 483KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 400KB - Virtual size: 2.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_TEXT_HA
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
finaldata/FdWizard.exe
.exe windows:4 windows x86

d60f48e1e071f518fa8de3f0850ee7ea

Code Sign

01
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

01/08/1996, 00:00

Not After

31/12/2020, 23:59

Subject

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

0a
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

06/08/2003, 00:00

Not After

05/08/2013, 23:59

Subject

CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

07:4b:d0:f3:20:e2:54:d8:db:fa:21:5f:8e:c8:87:76
Certificate

Issuer

CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA

Not Before

28/03/2008, 02:18

Not After

30/03/2010, 08:49

Subject

CN=FINAL DATA Inc.,OU=Software Development Department,O=FINAL DATA Inc.,L=Gangnam-gu,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

PlaySoundA

mpr

WNetEnumResourceA
WNetOpenEnumA
WNetCloseEnum

kernel32

TlsAlloc
CopyFileA
GetTickCount
GetProfileIntA
GlobalFlags
GetThreadLocale
GetStringTypeExA
SetEndOfFile
UnlockFile
LockFile
DuplicateHandle
GlobalReAlloc
InterlockedIncrement
GetVersion
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
UnmapViewOfFile
CreateFileMappingA
MapViewOfFile
GetUserDefaultLCID
DeleteFileA
SetFileAttributesA
lstrcpyA
FileTimeToLocalFileTime
CloseHandle
GetFileTime
GetFileSize
SystemTimeToFileTime
GetSystemTime
CreateFileA
WriteFile
ReadFile
LocalFree
TlsFree
FormatMessageA
GetLastError
WideCharToMultiByte
MultiByteToWideChar
CreateDirectoryA
SetLastError
SetFilePointer
OutputDebugStringA
FileTimeToSystemTime
MoveFileA
lstrlenA
lstrcmpA
lstrcmpiA
FindClose
FindNextFileA
FindFirstFileA
GetDriveTypeA
GetLogicalDrives
GetVersionExA
DeviceIoControl
SetPriorityClass
GetCurrentProcess
GlobalUnlock
GlobalLock
GlobalFree
GlobalAlloc
GlobalSize
IsDBCSLeadByte
FreeLibrary
GetProcAddress
LoadLibraryA
GetDiskFreeSpaceA
GetVolumeInformationA
LocalAlloc
FlushFileBuffers
CompareFileTime
lstrcpynA
lstrcatA
GetDateFormatA
TlsSetValue
LocalReAlloc
TlsGetValue
GetProcessVersion
GetOEMCP
FindResourceExA
SetErrorMode
LocalUnlock
LocalLock
WritePrivateProfileStringA
lstrcpyW
RtlUnwind
GetLocalTime
RaiseException
ExitProcess
TerminateProcess
HeapReAlloc
GetTimeZoneInformation
GetStartupInfoA
GetCommandLineA
GetACP
HeapSize
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
SetUnhandledExceptionFilter
SetHandleCount
SetStdHandle
LCMapStringA
LCMapStringW
GetCurrentProcessId
GetStringTypeA
GetStringTypeW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
IsBadReadPtr
IsBadCodePtr
SetEnvironmentVariableA
GetModuleHandleW
MoveFileExA
InterlockedExchange
GetProfileStringA
GetModuleHandleA
GlobalMemoryStatus
GetCPInfo
CompareStringW
GetSystemTimeAsFileTime
GetCurrentThread
SetThreadPriority
CompareStringA
FindFirstFileW
FindNextFileW
GetFullPathNameW
GetFullPathNameA
SetFileAttributesW
GetFileAttributesW
CreateDirectoryW
GetFileType
SetConsoleCtrlHandler
GetStdHandle
GetConsoleMode
SetConsoleMode
ReadConsoleA
GetProcessHeap
HeapAlloc
HeapFree
GetCurrentDirectoryA
GetSystemDirectoryA
FileTimeToDosDateTime
GetFileAttributesA
LocalFileTimeToFileTime
SetFileTime
FreeResource
MulDiv
GetTempPathA
GetTempFileNameA
lstrlenW
DeleteCriticalSection
InterlockedDecrement
GetDiskFreeSpaceExA
GetTimeFormatA
IsBadWritePtr
DosDateTimeToFileTime
GetModuleFileNameA
GlobalHandle
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
GetWindowsDirectoryA
Beep
ReleaseMutex
CreateMutexA
WaitForSingleObject
SetEvent
Sleep
CreateEventA
CreateThread
FindResourceA
LoadResource
LockResource
SizeofResource

user32

InvalidateRect
IsWindowVisible
SetTimer
KillTimer
GetClientRect
LoadImageA
LoadBitmapA
PostThreadMessageA
BringWindowToTop
UnpackDDElParam
ReuseDDElParam
SetMenu
TranslateAcceleratorA
LoadAcceleratorsA
GetTabbedTextExtentA
GetSysColorBrush
WaitMessage
CopyAcceleratorTableA
CountClipboardFormats
SetWindowContextHelpId
ShowOwnedPopups
PostMessageA
RemoveMenu
GetMenuStringA
GetDesktopWindow
GetClassNameA
FindWindowA
SetRectEmpty
IsClipboardFormatAvailable
SetParent
IsRectEmpty
WindowFromDC
InSendMessage
ValidateRect
MapDialogRect
GetAsyncKeyState
LoadStringA
wvsprintfA
GetMenuCheckMarkDimensions
GetMenuState
SetMenuItemBitmaps
CheckMenuItem
IsDialogMessageA
IsDlgButtonChecked
IsWindowUnicode
DefDlgProcA
ExcludeUpdateRgn
UnregisterClassA
SendMessageA
EnableWindow
GetDCEx
CharNextA
PostQuitMessage
GetNextDlgGroupItem
SetDlgItemTextA
SetDlgItemInt
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
SendDlgItemMessageA
MapWindowPoints
AdjustWindowRectEx
EqualRect
DeferWindowPos
BeginDeferWindowPos
EndDeferWindowPos
GetScrollInfo
GetScrollRange
SetScrollRange
GetScrollPos
GetTopWindow
WinHelpA
GetClassInfoA
RegisterClassA
DestroyMenu
DestroyCursor
DestroyIcon
SetCursor
TrackPopupMenuEx
GetSubMenu
GetSysColor
GetIconInfo
LoadMenuA
IsWindow
CopyRect
PtInRect
InflateRect
OffsetRect
FillRect
FrameRect
DrawStateA
DrawFocusRect
GetWindowRect
ClientToScreen
GetActiveWindow
GetNextDlgTabItem
GetParent
WindowFromPoint
GetWindowLongA
GetCursorPos
GetMessagePos
ScreenToClient
UpdateWindow
LockWindowUpdate
RedrawWindow
GetKeyState
GetWindowDC
LoadIconA
wsprintfA
MessageBoxA
SetActiveWindow
RegisterClipboardFormatA
GetFocus
GetForegroundWindow
EmptyClipboard
CreateCaret
HideCaret
ShowCaret
SetCapture
ReleaseCapture
LoadCursorA
SetCaretPos
CloseClipboard
OpenClipboard
SetClipboardData
EnableMenuItem
ModifyMenuA
GetMenuItemCount
GetMenuItemID
GetMenu
ReleaseDC
GetDC
GetWindowTextA
DeleteMenu
InsertMenuA
GetSystemMetrics
DrawIcon
IsIconic
DispatchMessageA
TranslateMessage
PeekMessageA
DestroyCaret
SetScrollPos
DragDetect
EnableScrollBar
SetScrollInfo
DrawTextA
GetCapture
ScrollWindow
ShowScrollBar
SetWindowTextA
SetFocus
CreateWindowExA
ShowWindow
MoveWindow
DestroyWindow
TrackPopupMenu
AppendMenuA
IsChild
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
RemovePropA
DefWindowProcA
GetMessageTime
GetLastActivePopup
SetForegroundWindow
GetWindow
SetWindowPos
RegisterWindowMessageA
IntersectRect
SystemParametersInfoA
GetWindowPlacement
EndDialog
CreateDialogIndirectParamA
IsWindowEnabled
CharUpperW
CharLowerW
CharLowerA
CharUpperA
CharToOemBuffA
OemToCharA
CharToOemA
OemToCharBuffA
ClipCursor
GetMessageA
IsZoomed
GrayStringA
TabbedTextOutA
SetRect
CallWindowProcA
SetWindowLongA
MessageBoxExA
CreatePopupMenu
GetDlgItem
EndPaint
BeginPaint
GetWindowTextLengthA
GetDlgCtrlID
MessageBeep
CopyIcon

gdi32

RectVisible
PtVisible
CreateRectRgn
GetTextMetricsA
GetTextCharset
RealizePalette
CreatePalette
StretchDIBits
GetDeviceCaps
GetSystemPaletteEntries
SelectPalette
SetTextAlign
MoveToEx
LineTo
StretchBlt
CreateFontA
GetTextExtentPointA
SetBkMode
SetBoundsRect
GetCharWidthA
TextOutA
CreatePen
GetPixel
GetDIBits
SetDIBits
ExtTextOutA
CreateFontIndirectA
DPtoLP
SetWinMetaFileBits
PlayEnhMetaFile
DeleteEnhMetaFile
GetTextExtentPoint32A
CreateSolidBrush
CreateCompatibleBitmap
GetObjectA
CreateBitmap
CreateCompatibleDC
SelectObject
SetBkColor
BitBlt
SetTextColor
DeleteDC
GetStockObject
DeleteObject
StartPage
SetAbortProc
EnumFontFamiliesExA
GetTextAlign
GetTextColor
Escape
CreateBrushIndirect
CreateRectRgnIndirect
CreateDIBitmap
GetBkColor
GetCurrentObject
GetClipBox
PatBlt
StartDocA
SaveDC
RestoreDC
SetROP2
SetStretchBltMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
ExcludeClipRect
IntersectClipRect
GetCurrentPositionEx
GetViewportExtEx
GetWindowExtEx
CreatePatternBrush
GetMapMode
CombineRgn
DeleteMetaFile
CloseMetaFile
CreateMetaFileA
LPtoDP
CopyMetaFileA
CreateDCA
AbortDoc
EndDoc
Rectangle
SetRectRgn
EndPage

comdlg32

FindTextA
ReplaceTextA
GetOpenFileNameA
GetFileTitleA
PrintDlgA
ChooseFontA
GetSaveFileNameA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

IsTextUnicode
RegQueryValueExA
RegEnumValueA
RegOpenKeyExA
QueryServiceStatus
CloseServiceHandle
OpenServiceA
OpenSCManagerA
RegOpenKeyA
RegSetValueExA
RegCreateKeyA
RegEnumKeyA
RegDeleteValueA
RegDeleteKeyA
SetFileSecurityA
SetSecurityDescriptorOwner
GetTokenInformation
OpenProcessToken
InitializeSecurityDescriptor
AdjustTokenPrivileges
LookupPrivilegeValueA
SetSecurityDescriptorDacl
RegCreateKeyExA
RegSetValueA
GetFileSecurityA
SetFileSecurityW
AllocateAndInitializeSid
EqualSid
FreeSid
RegCloseKey
GetSidIdentifierAuthority
GetSidSubAuthorityCount
GetSidSubAuthority
CopySid
LookupAccountNameA
GetLengthSid
InitializeAcl
AddAccessAllowedAce

shell32

DragQueryFileA
DragFinish
DragAcceptFiles
SHGetMalloc
SHBrowseForFolderA
SHGetPathFromIDListA
ShellExecuteA
SHGetFileInfoA
ShellExecuteExA

comctl32

_TrackMouseEvent
ImageList_AddMasked
ImageList_ReplaceIcon
ImageList_GetIcon
ImageList_Draw
ImageList_GetImageInfo
ImageList_SetBkColor
ImageList_GetBkColor
ord17
ImageList_Destroy
ImageList_Create
ImageList_LoadImageA
PropertySheetA
DestroyPropertySheetPage
CreatePropertySheetPageA
ImageList_DrawIndirect

oledlg

ord3
ord5
ord4
ord11
ord8
ord1

ole32

OleGetIconOfClass
OleSetMenuDescriptor
StgOpenStorageOnILockBytes
OleSave
OleLoad
OleCreate
OleCreateLinkToFile
OleCreateFromFile
OleCreateStaticFromData
OleCreateLinkFromData
OleCreateFromData
OleSetContainedObject
OleLockRunning
CLSIDFromString
CLSIDFromProgID
CoTreatAsClass
StringFromCLSID
ReadClassStg
ReadFmtUserTypeStg
WriteFmtUserTypeStg
SetConvertStg
CreateBindCtx
CoTaskMemAlloc
OleDuplicateData
RevokeDragDrop
RegisterDragDrop
OleGetClipboard
OleIsRunning
OleRun
CoLockObjectExternal
WriteClassStg
GetRunningObjectTable
OleIsCurrentClipboard
OleFlushClipboard
OleSetClipboard
StgIsStorageFile
StgOpenStorage
CreateFileMoniker
CoDisconnectObject
CreateDataAdviseHolder
OleRegGetMiscStatus
CreateOleAdviseHolder
OleRegGetUserType
OleRegEnumVerbs
CreateGenericComposite
CreateItemMoniker
OleSaveToStream
WriteClassStm
CoTaskMemFree
ReleaseStgMedium
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
CreateStreamOnHGlobal
StgCreateDocfile
DoDragDrop
OleInitialize
OleUninitialize
CoFreeUnusedLibraries
CoGetClassObject
GetHGlobalFromILockBytes
CoRegisterMessageFilter
CoRevokeClassObject

olepro32

ord251
ord253

oleaut32

VariantTimeToSystemTime
VariantChangeType
SysAllocStringByteLen
SysAllocString
VariantCopy
SafeArrayCreate
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
SysStringLen
SysAllocStringLen
VariantClear
SysFreeString

wsock32

inet_ntoa
WSACleanup
WSAStartup
accept
setsockopt
htonl
bind
WSAAsyncSelect
closesocket
recv
WSASetLastError
shutdown
send
getsockname
ioctlsocket
connect
ntohs
recvfrom
WSAGetLastError
inet_addr
htons
sendto
socket

odbc32

ord4
ord13
ord16
ord72
ord11
ord48
ord49
ord36
ord19
ord41
ord7
ord24
ord75
ord31
ord9
ord45

wininet

HttpSendRequestA
InternetOpenA
InternetOpenUrlA
HttpQueryInfoA
InternetReadFile
InternetCloseHandle
HttpOpenRequestA
InternetConnectA

fdxutil

?startEntity@DefaultHandler@xercesc_2_8@@UAEXQBG@Z
?startDTD@DefaultHandler@xercesc_2_8@@UAEXQBG00@Z
?startCDATA@DefaultHandler@xercesc_2_8@@UAEXXZ
?endEntity@DefaultHandler@xercesc_2_8@@UAEXQBG@Z
?endDTD@DefaultHandler@xercesc_2_8@@UAEXXZ
?endCDATA@DefaultHandler@xercesc_2_8@@UAEXXZ
?comment@DefaultHandler@xercesc_2_8@@UAEXQBGI@Z
?resetErrors@DefaultHandler@xercesc_2_8@@UAEXXZ
?fatalError@DefaultHandler@xercesc_2_8@@UAEXABVSAXParseException@2@@Z
?error@DefaultHandler@xercesc_2_8@@UAEXABVSAXParseException@2@@Z
?warning@DefaultHandler@xercesc_2_8@@UAEXABVSAXParseException@2@@Z
?skippedEntity@DefaultHandler@xercesc_2_8@@UAEXQBG@Z
?endPrefixMapping@DefaultHandler@xercesc_2_8@@UAEXQBG@Z
?startPrefixMapping@DefaultHandler@xercesc_2_8@@UAEXQBG0@Z
?startDocument@DefaultHandler@xercesc_2_8@@UAEXXZ
?setDocumentLocator@DefaultHandler@xercesc_2_8@@UAEXQBVLocator@2@@Z
?processingInstruction@DefaultHandler@xercesc_2_8@@UAEXQBG0@Z
?ignorableWhitespace@DefaultHandler@xercesc_2_8@@UAEXQBGI@Z
?endElement@DefaultHandler@xercesc_2_8@@UAEXQBG00@Z
?endDocument@DefaultHandler@xercesc_2_8@@UAEXXZ
?elementDecl@DefaultHandler@xercesc_2_8@@UAEXQBG0@Z
?resetDocType@DefaultHandler@xercesc_2_8@@UAEXXZ
?unparsedEntityDecl@DefaultHandler@xercesc_2_8@@UAEXQBG000@Z
?notationDecl@DefaultHandler@xercesc_2_8@@UAEXQBG00@Z
?resetDocument@DefaultHandler@xercesc_2_8@@UAEXXZ
?resolveEntity@DefaultHandler@xercesc_2_8@@UAEPAVInputSource@2@QBG0@Z
??1DefaultHandler@xercesc_2_8@@UAE@XZ
??0DefaultHandler@xercesc_2_8@@QAE@XZ
?fgMemoryManager@XMLPlatformUtils@xercesc_2_8@@2PAVMemoryManager@2@A
?getDOMImplementation@DOMImplementationRegistry@xercesc_2_8@@SAPAVDOMImplementation@2@PBG@Z
?fgXercesSchema@XMLUni@xercesc_2_8@@2QBGB
?fgSAX2CoreNameSpacePrefixes@XMLUni@xercesc_2_8@@2QBGB
?fgSAX2CoreNameSpaces@XMLUni@xercesc_2_8@@2QBGB
?createXMLReader@XMLReaderFactory@xercesc_2_8@@SAPAVSAX2XMLReader@2@QAVMemoryManager@2@QAVXMLGrammarPool@2@@Z
??1MemBufInputSource@xercesc_2_8@@UAE@XZ
??0MemBufInputSource@xercesc_2_8@@QAE@QBEIQBG_NQAVMemoryManager@1@@Z
?flush@LocalFileFormatTarget@xercesc_2_8@@UAEXXZ
?writeChars@LocalFileFormatTarget@xercesc_2_8@@UAEXQBEIQAVXMLFormatter@2@@Z
??3XMemory@xercesc_2_8@@SAXPAX@Z
??0LocalFileFormatTarget@xercesc_2_8@@QAE@QBDQAVMemoryManager@1@@Z
??2XMemory@xercesc_2_8@@SAPAXI@Z
?fgDOMWRTFormatPrettyPrint@XMLUni@xercesc_2_8@@2QBGB
?attributeDecl@DefaultHandler@xercesc_2_8@@UAEXQBG0000@Z
??1LocalFileFormatTarget@xercesc_2_8@@UAE@XZ
?internalEntityDecl@DefaultHandler@xercesc_2_8@@UAEXQBG0@Z
?externalEntityDecl@DefaultHandler@xercesc_2_8@@UAEXQBG00@Z
?Terminate@XMLPlatformUtils@xercesc_2_8@@SAXXZ
?fgXercescDefaultLocale@XMLUni@xercesc_2_8@@2QBDB
?Initialize@XMLPlatformUtils@xercesc_2_8@@SAXQBD0QAVPanicHandler@2@QAVMemoryManager@2@_N@Z
?characters@DefaultHandler@xercesc_2_8@@UAEXQBGI@Z
?transcode@XMLString@xercesc_2_8@@SA_NQBDQAGIQAVMemoryManager@2@@Z

Sections

.text
Size: 3.1MB - Virtual size: 3.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 392KB - Virtual size: 388KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 264KB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5.0MB - Virtual size: 5.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
finaldata/FinalData.cnt
finaldata/HunLib.dll
.dll windows:4 windows x86

021b6c5590d35e5853b2b7498523adc1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetFileType
HeapAlloc
HeapReAlloc
GetCommandLineA
GetVersion
EnterCriticalSection
LeaveCriticalSection
GetLastError
ReadFile
GetModuleHandleA
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
InitializeCriticalSection
DeleteCriticalSection
ExitProcess
RtlUnwind
SetFilePointer
CloseHandle
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
SetHandleCount
GetStdHandle
HeapFree
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
WriteFile
SetStdHandle
FlushFileBuffers
CreateFileA
InterlockedDecrement
InterlockedIncrement
GetCPInfo
GetACP
GetOEMCP
GetProcAddress
LoadLibraryA
SetEndOfFile
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW

Exports

Exports

GetHMFLen
GetHMFText
HMFClose
HMFCreate

Sections

.text
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
finaldata/INFDRV.dll
.dll windows:4 windows x86

4d9dbab255f9bb83059660eeba980a77

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleFileNameA
SUnMapLS_IP_EBP_12
SMapLS_IP_EBP_16
SUnMapLS_IP_EBP_16
SMapLS_IP_EBP_20
SUnMapLS_IP_EBP_20
SMapLS_IP_EBP_24
SUnMapLS_IP_EBP_24
SMapLS_IP_EBP_28
SUnMapLS_IP_EBP_28
ThunkConnect32
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
SMapLS_IP_EBP_12
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
HeapFree
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
GetCPInfo
GetACP
GetOEMCP
VirtualAlloc
HeapReAlloc
GetProcAddress
LoadLibraryA
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
RtlUnwind
GetModuleFileNameA
SUnMapLS_IP_EBP_12
SMapLS_IP_EBP_16
SUnMapLS_IP_EBP_16
SMapLS_IP_EBP_20
SUnMapLS_IP_EBP_20
SMapLS_IP_EBP_24
SUnMapLS_IP_EBP_24
SMapLS_IP_EBP_28
SUnMapLS_IP_EBP_28
ThunkConnect32
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
SMapLS_IP_EBP_12
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
HeapFree
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
GetCPInfo
GetACP
GetOEMCP
VirtualAlloc
HeapReAlloc
GetProcAddress
LoadLibraryA
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
RtlUnwind

Exports

Exports

CheckExtensionsPresent32
DllGetVersion
ExtGetDriveParameter32
ExtLockDrive32
ExtReadPhysicalSector32
ExtUnlockDrive32
ExtWritePhysicalSector32
GetDriveParameter32
GetDriveType32
ReadPhysicalSector32
ReadSectorsFromCD
ResetDrive32
WritePhysicalSector32

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
finaldata/INFTHK.DLL
finaldata/fdxutil.dll
.dll windows:4 windows x86

9205ceb88e2719b54fab74decef5f2b6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentProcess
GetStdHandle
GetLastError
ReadFile
WriteFile
GetFullPathNameA
GetFullPathNameW
GetCurrentDirectoryA
GetCurrentDirectoryW
GetTickCount
DeleteCriticalSection
EnterCriticalSection
InitializeCriticalSection
LeaveCriticalSection
DuplicateHandle
InterlockedDecrement
GetVersionExA
GetModuleHandleA
LockResource
LoadResource
FindResourceExA
IsValidCodePage
MultiByteToWideChar
IsDBCSLeadByteEx
WideCharToMultiByte
FreeLibrary
GetProcAddress
LoadLibraryA
CreateFileW
CreateFileA
CloseHandle
InterlockedIncrement
SetFilePointer

advapi32

RegEnumKeyExA
RegQueryValueExA
RegCloseKey
RegOpenKeyExA

msvcrt

_purecall
__CxxFrameHandler
_CxxThrowException
wcsncpy
_wcsupr
mbstowcs
mblen
__mb_cur_max
wcscmp
_wcsicmp
_wcsnicmp
iswspace
_wcslwr
??2@YAPAXI@Z
atoi
strchr
strstr
strncat
_itoa
_ftol
exit
fprintf
_iob
localeconv
strtod
_errno
div
strncmp
isspace
strtoul
strtol
fflush
fwrite
free
_except_handler3
?terminate@@YAXXZ
??1type_info@@UAE@XZ
__dllonexit
_onexit
_initterm
malloc
_adjust_fdiv
_stricmp
_strnicmp

Exports

Exports

??0ASCIIRangeFactory@xercesc_2_8@@QAE@XZ
??0AbstractDOMParser@xercesc_2_8@@IAE@QAVXMLValidator@1@QAVMemoryManager@1@QAVXMLGrammarPool@1@@Z
??0AbstractNumericFacetValidator@xercesc_2_8@@IAE@QAVDatatypeValidator@1@QAV?$RefHashTableOf@VKVStringPair@xercesc_2_8@@@1@HW4ValidatorType@21@QAVMemoryManager@1@@Z
??0AbstractNumericValidator@xercesc_2_8@@IAE@QAVDatatypeValidator@1@QAV?$RefHashTableOf@VKVStringPair@xercesc_2_8@@@1@HW4ValidatorType@21@QAVMemoryManager@1@@Z
??0AbstractStringValidator@xercesc_2_8@@IAE@QAVDatatypeValidator@1@QAV?$RefHashTableOf@VKVStringPair@xercesc_2_8@@@1@HW4ValidatorType@21@QAVMemoryManager@1@@Z
??0AnySimpleTypeDatatypeValidator@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0AnyURIDatatypeValidator@xercesc_2_8@@QAE@QAVDatatypeValidator@1@QAV?$RefHashTableOf@VKVStringPair@xercesc_2_8@@@1@QAV?$RefArrayVectorOf@G@1@HQAVMemoryManager@1@@Z
??0AnyURIDatatypeValidator@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0ArrayIndexOutOfBoundsException@xercesc_2_8@@QAE@ABV01@@Z
??0ArrayIndexOutOfBoundsException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@0000PAVMemoryManager@1@@Z
??0ArrayIndexOutOfBoundsException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@PAVMemoryManager@1@@Z
??0ArrayIndexOutOfBoundsException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@QBG222PAVMemoryManager@1@@Z
??0AttributeList@xercesc_2_8@@QAE@XZ
??0Attributes@xercesc_2_8@@QAE@XZ
??0BMPattern@xercesc_2_8@@QAE@QBGH_NQAVMemoryManager@1@@Z
??0BMPattern@xercesc_2_8@@QAE@QBG_NQAVMemoryManager@1@@Z
??0Base64BinaryDatatypeValidator@xercesc_2_8@@QAE@QAVDatatypeValidator@1@QAV?$RefHashTableOf@VKVStringPair@xercesc_2_8@@@1@QAV?$RefArrayVectorOf@G@1@HQAVMemoryManager@1@@Z
??0Base64BinaryDatatypeValidator@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0BinFileInputStream@xercesc_2_8@@QAE@QAXQAVMemoryManager@1@@Z
??0BinFileInputStream@xercesc_2_8@@QAE@QBDQAVMemoryManager@1@@Z
??0BinFileInputStream@xercesc_2_8@@QAE@QBGQAVMemoryManager@1@@Z
??0BinFileOutputStream@xercesc_2_8@@QAE@QBDQAVMemoryManager@1@@Z
??0BinFileOutputStream@xercesc_2_8@@QAE@QBGQAVMemoryManager@1@@Z
??0BinHTTPURLInputStream@xercesc_2_8@@QAE@ABVXMLURL@1@PBVXMLNetHTTPInfo@1@@Z
??0BinInputStream@xercesc_2_8@@IAE@XZ
??0BinMemInputStream@xercesc_2_8@@QAE@QBEIW4BufOpts@01@QAVMemoryManager@1@@Z
??0BinMemOutputStream@xercesc_2_8@@QAE@HQAVMemoryManager@1@@Z
??0BinOutputStream@xercesc_2_8@@IAE@XZ
??0BitSet@xercesc_2_8@@QAE@ABV01@@Z
??0BitSet@xercesc_2_8@@QAE@IQAVMemoryManager@1@@Z
??0BlockRangeFactory@xercesc_2_8@@QAE@XZ
??0BooleanDatatypeValidator@xercesc_2_8@@QAE@QAVDatatypeValidator@1@QAV?$RefHashTableOf@VKVStringPair@xercesc_2_8@@@1@QAV?$RefArrayVectorOf@G@1@HQAVMemoryManager@1@@Z
??0BooleanDatatypeValidator@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0CharOp@xercesc_2_8@@QAE@FHQAVMemoryManager@1@@Z
??0CharToken@xercesc_2_8@@QAE@GHQAVMemoryManager@1@@Z
??0ChildOp@xercesc_2_8@@QAE@FQAVMemoryManager@1@@Z
??0ClosureToken@xercesc_2_8@@QAE@GQAVToken@1@QAVMemoryManager@1@@Z
??0ComplexTypeInfo@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0ConcatToken@xercesc_2_8@@QAE@QAVToken@1@0QAVMemoryManager@1@@Z
??0ConditionOp@xercesc_2_8@@QAE@FHQBVOp@1@00QAVMemoryManager@1@@Z
??0ConditionToken@xercesc_2_8@@QAE@IQAVToken@1@00QAVMemoryManager@1@@Z
??0ContentHandler@xercesc_2_8@@QAE@XZ
??0ContentLeafNameTypeVector@xercesc_2_8@@QAE@ABV01@@Z
??0ContentLeafNameTypeVector@xercesc_2_8@@QAE@QAPAVQName@1@QAW4NodeTypes@ContentSpecNode@1@IQAVMemoryManager@1@@Z
??0ContentLeafNameTypeVector@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0ContentSpecNode@xercesc_2_8@@QAE@ABV01@@Z
??0ContentSpecNode@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0ContentSpecNode@xercesc_2_8@@QAE@QAVQName@1@QAVMemoryManager@1@@Z
??0ContentSpecNode@xercesc_2_8@@QAE@QAVQName@1@_NQAVMemoryManager@1@@Z
??0ContentSpecNode@xercesc_2_8@@QAE@QAVXMLElementDecl@1@QAVMemoryManager@1@@Z
??0ContentSpecNode@xercesc_2_8@@QAE@W4NodeTypes@01@QAV01@1_N2QAVMemoryManager@1@@Z
??0Context@RegularExpression@xercesc_2_8@@QAE@PAV012@@Z
??0Context@RegularExpression@xercesc_2_8@@QAE@QAVMemoryManager@2@@Z
??0DGXMLScanner@xercesc_2_8@@QAE@QAVXMLDocumentHandler@1@QAVDocTypeHandler@1@QAVXMLEntityHandler@1@QAVXMLErrorReporter@1@QAVXMLValidator@1@QAVGrammarResolver@1@QAVMemoryManager@1@@Z
??0DGXMLScanner@xercesc_2_8@@QAE@QAVXMLValidator@1@QAVGrammarResolver@1@QAVMemoryManager@1@@Z
??0DOMAttr@xercesc_2_8@@IAE@ABV01@@Z
??0DOMAttr@xercesc_2_8@@IAE@XZ
??0DOMAttrImpl@xercesc_2_8@@QAE@ABV01@_N@Z
??0DOMAttrImpl@xercesc_2_8@@QAE@PAVDOMDocument@1@PBG@Z
??0DOMAttrMapImpl@xercesc_2_8@@QAE@PAVDOMNode@1@@Z
??0DOMAttrMapImpl@xercesc_2_8@@QAE@PAVDOMNode@1@PBV01@@Z
??0DOMAttrNSImpl@xercesc_2_8@@QAE@ABV01@_N@Z
??0DOMAttrNSImpl@xercesc_2_8@@QAE@PAVDOMDocument@1@PBG1@Z
??0DOMAttrNSImpl@xercesc_2_8@@QAE@PAVDOMDocument@1@PBG@Z
??0DOMBuilder@xercesc_2_8@@IAE@XZ
??0DOMBuilderImpl@xercesc_2_8@@QAE@QAVXMLValidator@1@QAVMemoryManager@1@QAVXMLGrammarPool@1@@Z
??0DOMCDATASection@xercesc_2_8@@IAE@ABV01@@Z
??0DOMCDATASection@xercesc_2_8@@IAE@XZ
??0DOMCDATASectionImpl@xercesc_2_8@@QAE@ABV01@_N@Z
??0DOMCDATASectionImpl@xercesc_2_8@@QAE@PAVDOMDocument@1@PBG@Z
??0DOMCharacterData@xercesc_2_8@@IAE@ABV01@@Z
??0DOMCharacterData@xercesc_2_8@@IAE@XZ
??0DOMCharacterDataImpl@xercesc_2_8@@QAE@ABV01@@Z
??0DOMCharacterDataImpl@xercesc_2_8@@QAE@PAVDOMDocument@1@PBG@Z
??0DOMChildNode@xercesc_2_8@@QAE@ABV01@@Z
??0DOMChildNode@xercesc_2_8@@QAE@XZ
??0DOMComment@xercesc_2_8@@IAE@XZ
??0DOMCommentImpl@xercesc_2_8@@QAE@ABV01@_N@Z
??0DOMCommentImpl@xercesc_2_8@@QAE@PAVDOMDocument@1@PBG@Z
??0DOMConfiguration@xercesc_2_8@@IAE@XZ
??0DOMConfigurationImpl@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0DOMDeepNodeListImpl@xercesc_2_8@@QAE@PBVDOMNode@1@PBG1@Z
??0DOMDeepNodeListImpl@xercesc_2_8@@QAE@PBVDOMNode@1@PBG@Z
??0DOMDocument@xercesc_2_8@@IAE@XZ
??0DOMDocumentFragment@xercesc_2_8@@IAE@XZ
??0DOMDocumentFragmentImpl@xercesc_2_8@@AAE@ABV01@_N@Z
??0DOMDocumentFragmentImpl@xercesc_2_8@@IAE@PAVDOMDocument@1@@Z
??0DOMDocumentImpl@xercesc_2_8@@QAE@PBG0PAVDOMDocumentType@1@QAVMemoryManager@1@@Z
??0DOMDocumentImpl@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0DOMDocumentRange@xercesc_2_8@@IAE@XZ
??0DOMDocumentTraversal@xercesc_2_8@@IAE@XZ
??0DOMDocumentType@xercesc_2_8@@IAE@XZ
??0DOMDocumentTypeImpl@xercesc_2_8@@QAE@ABV01@_N1@Z
??0DOMDocumentTypeImpl@xercesc_2_8@@QAE@PAVDOMDocument@1@PBG11_N@Z
??0DOMDocumentTypeImpl@xercesc_2_8@@QAE@PAVDOMDocument@1@PBG_N@Z
??0DOMElement@xercesc_2_8@@IAE@ABV01@@Z
??0DOMElement@xercesc_2_8@@IAE@XZ
??0DOMElementImpl@xercesc_2_8@@QAE@ABV01@_N@Z
??0DOMElementImpl@xercesc_2_8@@QAE@PAVDOMDocument@1@PBG@Z
??0DOMElementNSImpl@xercesc_2_8@@QAE@ABV01@_N@Z
??0DOMElementNSImpl@xercesc_2_8@@QAE@PAVDOMDocument@1@PBG1@Z
??0DOMElementNSImpl@xercesc_2_8@@QAE@PAVDOMDocument@1@PBG@Z
??0DOMEntity@xercesc_2_8@@IAE@ABV01@@Z
??0DOMEntity@xercesc_2_8@@IAE@XZ
??0DOMEntityImpl@xercesc_2_8@@QAE@ABV01@_N@Z
??0DOMEntityImpl@xercesc_2_8@@QAE@PAVDOMDocument@1@PBG@Z
??0DOMEntityReference@xercesc_2_8@@IAE@ABV01@@Z
??0DOMEntityReference@xercesc_2_8@@IAE@XZ
??0DOMEntityReferenceImpl@xercesc_2_8@@QAE@ABV01@_N@Z
??0DOMEntityReferenceImpl@xercesc_2_8@@QAE@PAVDOMDocument@1@PBG@Z
??0DOMEntityReferenceImpl@xercesc_2_8@@QAE@PAVDOMDocument@1@PBG_N@Z
??0DOMEntityResolver@xercesc_2_8@@IAE@XZ
??0DOMError@xercesc_2_8@@IAE@XZ
??0DOMErrorHandler@xercesc_2_8@@IAE@XZ
??0DOMErrorImpl@xercesc_2_8@@QAE@F@Z
??0DOMErrorImpl@xercesc_2_8@@QAE@FPBG0PAX@Z
??0DOMErrorImpl@xercesc_2_8@@QAE@FQBGQAVDOMLocator@1@@Z
??0DOMException@xercesc_2_8@@QAE@ABV01@@Z
??0DOMException@xercesc_2_8@@QAE@FPBGQAVMemoryManager@1@@Z
??0DOMException@xercesc_2_8@@QAE@XZ
??0DOMImplementation@xercesc_2_8@@IAE@XZ
??0DOMImplementationLS@xercesc_2_8@@IAE@XZ
??0DOMImplementationSource@xercesc_2_8@@IAE@XZ
??0DOMInputSource@xercesc_2_8@@IAE@XZ
??0DOMLocator@xercesc_2_8@@IAE@XZ
??0DOMLocatorImpl@xercesc_2_8@@QAE@JJQAVDOMNode@1@QBGJ@Z
??0DOMLocatorImpl@xercesc_2_8@@QAE@XZ
??0DOMNamedNodeMap@xercesc_2_8@@IAE@XZ
??0DOMNamedNodeMapImpl@xercesc_2_8@@QAE@PAVDOMNode@1@@Z
??0DOMNode@xercesc_2_8@@IAE@ABV01@@Z
??0DOMNode@xercesc_2_8@@IAE@XZ
??0DOMNodeFilter@xercesc_2_8@@IAE@XZ
??0DOMNodeImpl@xercesc_2_8@@QAE@ABV01@@Z
??0DOMNodeImpl@xercesc_2_8@@QAE@PAVDOMNode@1@@Z
??0DOMNodeIterator@xercesc_2_8@@IAE@ABV01@@Z
??0DOMNodeIterator@xercesc_2_8@@IAE@XZ
??0DOMNodeIteratorImpl@xercesc_2_8@@QAE@ABV01@@Z
??0DOMNodeIteratorImpl@xercesc_2_8@@QAE@PAVDOMDocument@1@PAVDOMNode@1@KPAVDOMNodeFilter@1@_N@Z
??0DOMNodeList@xercesc_2_8@@IAE@XZ
??0DOMNodeListImpl@xercesc_2_8@@QAE@PAVDOMNode@1@@Z
??0DOMNotation@xercesc_2_8@@IAE@ABV01@@Z
??0DOMNotation@xercesc_2_8@@IAE@XZ
??0DOMNotationImpl@xercesc_2_8@@QAE@ABV01@_N@Z
??0DOMNotationImpl@xercesc_2_8@@QAE@PAVDOMDocument@1@PBG@Z
??0DOMPSVITypeInfo@xercesc_2_8@@IAE@XZ
??0DOMParentNode@xercesc_2_8@@QAE@ABV01@@Z
??0DOMParentNode@xercesc_2_8@@QAE@PAVDOMDocument@1@@Z
??0DOMProcessingInstruction@xercesc_2_8@@IAE@ABV01@@Z
??0DOMProcessingInstruction@xercesc_2_8@@IAE@XZ
??0DOMProcessingInstructionImpl@xercesc_2_8@@QAE@ABV01@_N@Z
??0DOMProcessingInstructionImpl@xercesc_2_8@@QAE@PAVDOMDocument@1@PBG1@Z
??0DOMRange@xercesc_2_8@@IAE@ABV01@@Z
??0DOMRange@xercesc_2_8@@IAE@XZ
??0DOMRangeException@xercesc_2_8@@QAE@ABV01@@Z
??0DOMRangeException@xercesc_2_8@@QAE@W4RangeExceptionCode@01@PBGQAVMemoryManager@1@@Z
??0DOMRangeException@xercesc_2_8@@QAE@XZ
??0DOMRangeImpl@xercesc_2_8@@QAE@ABV01@@Z
??0DOMRangeImpl@xercesc_2_8@@QAE@PAVDOMDocument@1@QAVMemoryManager@1@@Z
??0DOMText@xercesc_2_8@@IAE@ABV01@@Z
??0DOMText@xercesc_2_8@@IAE@XZ
??0DOMTextImpl@xercesc_2_8@@QAE@ABV01@_N@Z
??0DOMTextImpl@xercesc_2_8@@QAE@PAVDOMDocument@1@PBG@Z
??0DOMTreeWalker@xercesc_2_8@@IAE@ABV01@@Z
??0DOMTreeWalker@xercesc_2_8@@IAE@XZ
??0DOMTreeWalkerImpl@xercesc_2_8@@QAE@ABV01@@Z
??0DOMTreeWalkerImpl@xercesc_2_8@@QAE@PAVDOMNode@1@KPAVDOMNodeFilter@1@_N@Z
??0DOMTypeInfo@xercesc_2_8@@IAE@XZ
??0DOMTypeInfoImpl@xercesc_2_8@@QAE@PAVDOMDocumentImpl@1@PBVDOMPSVITypeInfo@1@@Z
??0DOMTypeInfoImpl@xercesc_2_8@@QAE@PBG0@Z
??0DOMUserDataHandler@xercesc_2_8@@IAE@XZ
??0DOMWriter@xercesc_2_8@@IAE@XZ
??0DOMWriterFilter@xercesc_2_8@@IAE@XZ
??0DOMWriterImpl@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0DOMXPathEvaluator@xercesc_2_8@@IAE@XZ
??0DOMXPathException@xercesc_2_8@@QAE@ABV01@@Z
??0DOMXPathException@xercesc_2_8@@QAE@FPBG@Z
??0DOMXPathException@xercesc_2_8@@QAE@XZ
??0DOMXPathExpression@xercesc_2_8@@IAE@XZ
??0DOMXPathNSResolver@xercesc_2_8@@IAE@XZ
??0DOMXPathNamespace@xercesc_2_8@@IAE@XZ
??0DOMXPathResult@xercesc_2_8@@IAE@XZ
??0DTDAttDef@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0DTDAttDef@xercesc_2_8@@QAE@QBG0W4AttTypes@XMLAttDef@1@W4DefAttTypes@31@0QAVMemoryManager@1@@Z
??0DTDAttDef@xercesc_2_8@@QAE@QBGW4AttTypes@XMLAttDef@1@W4DefAttTypes@31@QAVMemoryManager@1@@Z
??0DTDAttDefList@xercesc_2_8@@QAE@QAV?$RefHashTableOf@VDTDAttDef@xercesc_2_8@@@1@QAVMemoryManager@1@@Z
??0DTDAttDefList@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0DTDElementDecl@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0DTDElementDecl@xercesc_2_8@@QAE@QAVQName@1@W4ModelTypes@01@QAVMemoryManager@1@@Z
??0DTDElementDecl@xercesc_2_8@@QAE@QBGIW4ModelTypes@01@QAVMemoryManager@1@@Z
??0DTDEntityDecl@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0DTDEntityDecl@xercesc_2_8@@QAE@QBG0_NQAVMemoryManager@1@@Z
??0DTDEntityDecl@xercesc_2_8@@QAE@QBGG_N1@Z
??0DTDEntityDecl@xercesc_2_8@@QAE@QBG_NQAVMemoryManager@1@@Z
??0DTDGrammar@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0DTDHandler@xercesc_2_8@@QAE@XZ
??0DTDScanner@xercesc_2_8@@QAE@PAVDTDGrammar@1@QAVDocTypeHandler@1@QAVMemoryManager@1@2@Z
??0DTDValidator@xercesc_2_8@@QAE@QAVXMLErrorReporter@1@@Z
??0DatatypeValidator@xercesc_2_8@@IAE@QAV01@QAV?$RefHashTableOf@VKVStringPair@xercesc_2_8@@@1@HW4ValidatorType@01@QAVMemoryManager@1@@Z
??0DatatypeValidatorFactory@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0DateDatatypeValidator@xercesc_2_8@@QAE@QAVDatatypeValidator@1@QAV?$RefHashTableOf@VKVStringPair@xercesc_2_8@@@1@QAV?$RefArrayVectorOf@G@1@HQAVMemoryManager@1@@Z
??0DateDatatypeValidator@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0DateTimeDatatypeValidator@xercesc_2_8@@QAE@QAVDatatypeValidator@1@QAV?$RefHashTableOf@VKVStringPair@xercesc_2_8@@@1@QAV?$RefArrayVectorOf@G@1@HQAVMemoryManager@1@@Z
??0DateTimeDatatypeValidator@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0DateTimeValidator@xercesc_2_8@@IAE@QAVDatatypeValidator@1@QAV?$RefHashTableOf@VKVStringPair@xercesc_2_8@@@1@HW4ValidatorType@21@QAVMemoryManager@1@@Z
??0DayDatatypeValidator@xercesc_2_8@@QAE@QAVDatatypeValidator@1@QAV?$RefHashTableOf@VKVStringPair@xercesc_2_8@@@1@QAV?$RefArrayVectorOf@G@1@HQAVMemoryManager@1@@Z
??0DayDatatypeValidator@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0DecimalDatatypeValidator@xercesc_2_8@@IAE@QAVDatatypeValidator@1@QAV?$RefHashTableOf@VKVStringPair@xercesc_2_8@@@1@HW4ValidatorType@21@QAVMemoryManager@1@@Z
??0DecimalDatatypeValidator@xercesc_2_8@@QAE@QAVDatatypeValidator@1@QAV?$RefHashTableOf@VKVStringPair@xercesc_2_8@@@1@QAV?$RefArrayVectorOf@G@1@HQAVMemoryManager@1@@Z
??0DecimalDatatypeValidator@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0DeclHandler@xercesc_2_8@@QAE@XZ
??0DefaultHandler@xercesc_2_8@@QAE@XZ
??0DefaultPanicHandler@xercesc_2_8@@QAE@XZ
??0DocTypeHandler@xercesc_2_8@@QAE@XZ
??0DocumentHandler@xercesc_2_8@@QAE@XZ
??0DoubleDatatypeValidator@xercesc_2_8@@IAE@QAVDatatypeValidator@1@QAV?$RefHashTableOf@VKVStringPair@xercesc_2_8@@@1@HW4ValidatorType@21@QAVMemoryManager@1@@Z
??0DoubleDatatypeValidator@xercesc_2_8@@QAE@QAVDatatypeValidator@1@QAV?$RefHashTableOf@VKVStringPair@xercesc_2_8@@@1@QAV?$RefArrayVectorOf@G@1@HQAVMemoryManager@1@@Z
??0DoubleDatatypeValidator@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0DurationDatatypeValidator@xercesc_2_8@@QAE@QAVDatatypeValidator@1@QAV?$RefHashTableOf@VKVStringPair@xercesc_2_8@@@1@QAV?$RefArrayVectorOf@G@1@HQAVMemoryManager@1@@Z
??0DurationDatatypeValidator@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0ENTITYDatatypeValidator@xercesc_2_8@@QAE@QAVDatatypeValidator@1@QAV?$RefHashTableOf@VKVStringPair@xercesc_2_8@@@1@QAV?$RefArrayVectorOf@G@1@HQAVMemoryManager@1@@Z
??0ENTITYDatatypeValidator@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0ElemStack@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0EmptyStackException@xercesc_2_8@@QAE@ABV01@@Z
??0EmptyStackException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@0000PAVMemoryManager@1@@Z
??0EmptyStackException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@PAVMemoryManager@1@@Z
??0EmptyStackException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@QBG222PAVMemoryManager@1@@Z
??0EncodingValidator@xercesc_2_8@@AAE@XZ
??0EndOfEntityException@xercesc_2_8@@QAE@ABV01@@Z
??0EndOfEntityException@xercesc_2_8@@QAE@PAVXMLEntityDecl@1@I@Z
??0EntityResolver@xercesc_2_8@@QAE@XZ
??0ErrorHandler@xercesc_2_8@@QAE@XZ
??0FieldActivator@xercesc_2_8@@QAE@ABV01@@Z
??0FieldActivator@xercesc_2_8@@QAE@QAVValueStoreCache@1@QAVXPathMatcherStack@1@QAVMemoryManager@1@@Z
??0FieldMatcher@xercesc_2_8@@AAE@QAVXercesXPath@1@QAVIC_Field@1@QAVValueStore@1@QAVFieldActivator@1@QAVMemoryManager@1@@Z
??0FieldValueMap@xercesc_2_8@@QAE@ABV01@@Z
??0FieldValueMap@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0FloatDatatypeValidator@xercesc_2_8@@IAE@QAVDatatypeValidator@1@QAV?$RefHashTableOf@VKVStringPair@xercesc_2_8@@@1@HW4ValidatorType@21@QAVMemoryManager@1@@Z
??0FloatDatatypeValidator@xercesc_2_8@@QAE@QAVDatatypeValidator@1@QAV?$RefHashTableOf@VKVStringPair@xercesc_2_8@@@1@QAV?$RefArrayVectorOf@G@1@HQAVMemoryManager@1@@Z
??0FloatDatatypeValidator@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0GeneralAttributeCheck@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0Grammar@xercesc_2_8@@IAE@XZ
??0GrammarResolver@xercesc_2_8@@QAE@QAVXMLGrammarPool@1@QAVMemoryManager@1@@Z
??0HandlerBase@xercesc_2_8@@QAE@XZ
??0HashBase@xercesc_2_8@@QAE@XZ
??0HashCMStateSet@xercesc_2_8@@QAE@XZ
??0HashPtr@xercesc_2_8@@QAE@XZ
??0HashXMLCh@xercesc_2_8@@QAE@XZ
??0HexBinaryDatatypeValidator@xercesc_2_8@@QAE@QAVDatatypeValidator@1@QAV?$RefHashTableOf@VKVStringPair@xercesc_2_8@@@1@QAV?$RefArrayVectorOf@G@1@HQAVMemoryManager@1@@Z
??0HexBinaryDatatypeValidator@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0IC_Field@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0IC_Field@xercesc_2_8@@QAE@QAVXercesXPath@1@QAVIdentityConstraint@1@@Z
??0IC_Key@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0IC_Key@xercesc_2_8@@QAE@QBG0QAVMemoryManager@1@@Z
??0IC_KeyRef@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0IC_KeyRef@xercesc_2_8@@QAE@QBG0QAVIdentityConstraint@1@QAVMemoryManager@1@@Z
??0IC_Selector@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0IC_Selector@xercesc_2_8@@QAE@QAVXercesXPath@1@QAVIdentityConstraint@1@@Z
??0IC_Unique@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0IC_Unique@xercesc_2_8@@QAE@QBG0QAVMemoryManager@1@@Z
??0IDDatatypeValidator@xercesc_2_8@@IAE@QAVDatatypeValidator@1@QAV?$RefHashTableOf@VKVStringPair@xercesc_2_8@@@1@HW4ValidatorType@21@QAVMemoryManager@1@@Z
??0IDDatatypeValidator@xercesc_2_8@@QAE@QAVDatatypeValidator@1@QAV?$RefHashTableOf@VKVStringPair@xercesc_2_8@@@1@QAV?$RefArrayVectorOf@G@1@HQAVMemoryManager@1@@Z
??0IDDatatypeValidator@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0IDREFDatatypeValidator@xercesc_2_8@@IAE@QAVDatatypeValidator@1@QAV?$RefHashTableOf@VKVStringPair@xercesc_2_8@@@1@HW4ValidatorType@21@QAVMemoryManager@1@@Z
??0IDREFDatatypeValidator@xercesc_2_8@@QAE@QAVDatatypeValidator@1@QAV?$RefHashTableOf@VKVStringPair@xercesc_2_8@@@1@QAV?$RefArrayVectorOf@G@1@HQAVMemoryManager@1@@Z
??0IDREFDatatypeValidator@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0IGXMLScanner@xercesc_2_8@@QAE@QAVXMLDocumentHandler@1@QAVDocTypeHandler@1@QAVXMLEntityHandler@1@QAVXMLErrorReporter@1@QAVXMLValidator@1@QAVGrammarResolver@1@QAVMemoryManager@1@@Z
??0IGXMLScanner@xercesc_2_8@@QAE@QAVXMLValidator@1@QAVGrammarResolver@1@QAVMemoryManager@1@@Z
??0IOException@xercesc_2_8@@QAE@ABV01@@Z
??0IOException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@0000PAVMemoryManager@1@@Z
??0IOException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@PAVMemoryManager@1@@Z
??0IOException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@QBG222PAVMemoryManager@1@@Z
??0IdentityConstraint@xercesc_2_8@@IAE@QBG0QAVMemoryManager@1@@Z
??0IdentityConstraintHandler@xercesc_2_8@@QAE@QAVXMLScanner@1@QAVMemoryManager@1@@Z
??0IllegalArgumentException@xercesc_2_8@@QAE@ABV01@@Z
??0IllegalArgumentException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@0000PAVMemoryManager@1@@Z
??0IllegalArgumentException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@PAVMemoryManager@1@@Z
??0IllegalArgumentException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@QBG222PAVMemoryManager@1@@Z
??0InputSource@xercesc_2_8@@IAE@QAVMemoryManager@1@@Z
??0InputSource@xercesc_2_8@@IAE@QBD0QAVMemoryManager@1@@Z
??0InputSource@xercesc_2_8@@IAE@QBDQAVMemoryManager@1@@Z
??0InputSource@xercesc_2_8@@IAE@QBG0QAVMemoryManager@1@@Z
??0InputSource@xercesc_2_8@@IAE@QBGQAVMemoryManager@1@@Z
??0InvalidCastException@xercesc_2_8@@QAE@ABV01@@Z
??0InvalidCastException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@0000PAVMemoryManager@1@@Z
??0InvalidCastException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@PAVMemoryManager@1@@Z
??0InvalidCastException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@QBG222PAVMemoryManager@1@@Z
??0InvalidDatatypeFacetException@xercesc_2_8@@QAE@ABV01@@Z
??0InvalidDatatypeFacetException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@0000PAVMemoryManager@1@@Z
??0InvalidDatatypeFacetException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@PAVMemoryManager@1@@Z
??0InvalidDatatypeFacetException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@QBG222PAVMemoryManager@1@@Z
??0InvalidDatatypeValueException@xercesc_2_8@@QAE@ABV01@@Z
??0InvalidDatatypeValueException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@0000PAVMemoryManager@1@@Z
??0InvalidDatatypeValueException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@PAVMemoryManager@1@@Z
??0InvalidDatatypeValueException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@QBG222PAVMemoryManager@1@@Z
??0KVStringPair@xercesc_2_8@@QAE@ABV01@@Z
??0KVStringPair@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0KVStringPair@xercesc_2_8@@QAE@QBG0IQAVMemoryManager@1@@Z
??0KVStringPair@xercesc_2_8@@QAE@QBG0QAVMemoryManager@1@@Z
??0KVStringPair@xercesc_2_8@@QAE@QBGI0IQAVMemoryManager@1@@Z
??0LexicalHandler@xercesc_2_8@@QAE@XZ
??0ListDatatypeValidator@xercesc_2_8@@QAE@QAVDatatypeValidator@1@QAV?$RefHashTableOf@VKVStringPair@xercesc_2_8@@@1@QAV?$RefArrayVectorOf@G@1@HQAVMemoryManager@1@@Z
??0ListDatatypeValidator@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0LocalFileFormatTarget@xercesc_2_8@@QAE@QBDQAVMemoryManager@1@@Z
??0LocalFileFormatTarget@xercesc_2_8@@QAE@QBGQAVMemoryManager@1@@Z
??0LocalFileInputSource@xercesc_2_8@@QAE@QBG0QAVMemoryManager@1@@Z
??0LocalFileInputSource@xercesc_2_8@@QAE@QBGQAVMemoryManager@1@@Z
??0Locator@xercesc_2_8@@QAE@XZ
??0MalformedURLException@xercesc_2_8@@QAE@ABV01@@Z
??0MalformedURLException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@0000PAVMemoryManager@1@@Z
??0MalformedURLException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@PAVMemoryManager@1@@Z
??0MalformedURLException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@QBG222PAVMemoryManager@1@@Z
??0Match@xercesc_2_8@@QAE@ABV01@@Z
??0Match@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0MemBufFormatTarget@xercesc_2_8@@QAE@HQAVMemoryManager@1@@Z
??0MemBufInputSource@xercesc_2_8@@QAE@QBEIQBD_NQAVMemoryManager@1@@Z
??0MemBufInputSource@xercesc_2_8@@QAE@QBEIQBG_NQAVMemoryManager@1@@Z
??0MemoryManager@xercesc_2_8@@IAE@XZ
??0MemoryManagerArrayImpl@xercesc_2_8@@QAE@XZ
??0MemoryManagerImpl@xercesc_2_8@@QAE@XZ
??0ModifierOp@xercesc_2_8@@QAE@FHHQAVMemoryManager@1@@Z
??0ModifierToken@xercesc_2_8@@QAE@QAVToken@1@HHQAVMemoryManager@1@@Z
??0MonthDatatypeValidator@xercesc_2_8@@QAE@QAVDatatypeValidator@1@QAV?$RefHashTableOf@VKVStringPair@xercesc_2_8@@@1@QAV?$RefArrayVectorOf@G@1@HQAVMemoryManager@1@@Z
??0MonthDatatypeValidator@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0MonthDayDatatypeValidator@xercesc_2_8@@QAE@QAVDatatypeValidator@1@QAV?$RefHashTableOf@VKVStringPair@xercesc_2_8@@@1@QAV?$RefArrayVectorOf@G@1@HQAVMemoryManager@1@@Z
??0MonthDayDatatypeValidator@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0NCNameDatatypeValidator@xercesc_2_8@@IAE@QAVDatatypeValidator@1@QAV?$RefHashTableOf@VKVStringPair@xercesc_2_8@@@1@HW4ValidatorType@21@QAVMemoryManager@1@@Z
??0NCNameDatatypeValidator@xercesc_2_8@@QAE@QAVDatatypeValidator@1@QAV?$RefHashTableOf@VKVStringPair@xercesc_2_8@@@1@QAV?$RefArrayVectorOf@G@1@HQAVMemoryManager@1@@Z
??0NCNameDatatypeValidator@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0NOTATIONDatatypeValidator@xercesc_2_8@@QAE@QAVDatatypeValidator@1@QAV?$RefHashTableOf@VKVStringPair@xercesc_2_8@@@1@QAV?$RefArrayVectorOf@G@1@HQAVMemoryManager@1@@Z
??0NOTATIONDatatypeValidator@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0NameDatatypeValidator@xercesc_2_8@@IAE@QAVDatatypeValidator@1@QAV?$RefHashTableOf@VKVStringPair@xercesc_2_8@@@1@HW4ValidatorType@21@QAVMemoryManager@1@@Z
??0NameDatatypeValidator@xercesc_2_8@@QAE@QAVDatatypeValidator@1@QAV?$RefHashTableOf@VKVStringPair@xercesc_2_8@@@1@QAV?$RefArrayVectorOf@G@1@HQAVMemoryManager@1@@Z
??0NameDatatypeValidator@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0NamespaceScope@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0NetAccessorException@xercesc_2_8@@QAE@ABV01@@Z
??0NetAccessorException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@0000PAVMemoryManager@1@@Z
??0NetAccessorException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@PAVMemoryManager@1@@Z
??0NetAccessorException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@QBG222PAVMemoryManager@1@@Z
??0NoSuchElementException@xercesc_2_8@@QAE@ABV01@@Z
??0NoSuchElementException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@0000PAVMemoryManager@1@@Z
??0NoSuchElementException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@PAVMemoryManager@1@@Z
??0NoSuchElementException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@QBG222PAVMemoryManager@1@@Z
??0NullPointerException@xercesc_2_8@@QAE@ABV01@@Z
??0NullPointerException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@0000PAVMemoryManager@1@@Z
??0NullPointerException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@PAVMemoryManager@1@@Z
??0NullPointerException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@QBG222PAVMemoryManager@1@@Z
??0NumberFormatException@xercesc_2_8@@QAE@ABV01@@Z
??0NumberFormatException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@0000PAVMemoryManager@1@@Z
??0NumberFormatException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@PAVMemoryManager@1@@Z
??0NumberFormatException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@QBG222PAVMemoryManager@1@@Z
??0Op@xercesc_2_8@@IAE@FQAVMemoryManager@1@@Z
??0OpFactory@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0OutOfMemoryException@xercesc_2_8@@QAE@ABV01@@Z
??0OutOfMemoryException@xercesc_2_8@@QAE@XZ
??0PSVIAttribute@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0PSVIAttributeList@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0PSVIElement@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0PSVIHandler@xercesc_2_8@@IAE@XZ
??0PSVIItem@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0PanicHandler@xercesc_2_8@@IAE@XZ
??0ParenToken@xercesc_2_8@@QAE@GQAVToken@1@HQAVMemoryManager@1@@Z
??0ParseException@xercesc_2_8@@QAE@ABV01@@Z
??0ParseException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@0000PAVMemoryManager@1@@Z
??0ParseException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@PAVMemoryManager@1@@Z
??0ParseException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@QBG222PAVMemoryManager@1@@Z
??0Parser@xercesc_2_8@@QAE@XZ
??0ParserForXMLSchema@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0QName@xercesc_2_8@@QAE@ABV01@@Z
??0QName@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0QName@xercesc_2_8@@QAE@QBG0IQAVMemoryManager@1@@Z
??0QName@xercesc_2_8@@QAE@QBGIQAVMemoryManager@1@@Z
??0QNameDatatypeValidator@xercesc_2_8@@QAE@QAVDatatypeValidator@1@QAV?$RefHashTableOf@VKVStringPair@xercesc_2_8@@@1@QAV?$RefArrayVectorOf@G@1@HQAVMemoryManager@1@@Z
??0QNameDatatypeValidator@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0RangeFactory@xercesc_2_8@@IAE@XZ
??0RangeOp@xercesc_2_8@@QAE@FQBVToken@1@QAVMemoryManager@1@@Z
??0RangeToken@xercesc_2_8@@QAE@GQAVMemoryManager@1@@Z
??0RangeTokenElemMap@xercesc_2_8@@QAE@I@Z
??0RangeTokenMap@xercesc_2_8@@IAE@PAVMemoryManager@1@@Z
??0ReaderMgr@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0RegularExpression@xercesc_2_8@@QAE@QBD0QAVMemoryManager@1@@Z
??0RegularExpression@xercesc_2_8@@QAE@QBDQAVMemoryManager@1@@Z
??0RegularExpression@xercesc_2_8@@QAE@QBG0QAVMemoryManager@1@@Z
??0RegularExpression@xercesc_2_8@@QAE@QBGQAVMemoryManager@1@@Z
??0RegxParser@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0RuntimeException@xercesc_2_8@@QAE@ABV01@@Z
??0RuntimeException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@0000PAVMemoryManager@1@@Z
??0RuntimeException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@PAVMemoryManager@1@@Z
??0RuntimeException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@QBG222PAVMemoryManager@1@@Z
??0SAX2XMLFilter@xercesc_2_8@@QAE@XZ
??0SAX2XMLFilterImpl@xercesc_2_8@@QAE@PAVSAX2XMLReader@1@@Z
??0SAX2XMLReader@xercesc_2_8@@QAE@XZ
??0SAX2XMLReaderImpl@xercesc_2_8@@QAE@QAVMemoryManager@1@QAVXMLGrammarPool@1@@Z
??0SAXException@xercesc_2_8@@QAE@ABV01@@Z
??0SAXException@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0SAXException@xercesc_2_8@@QAE@QBDQAVMemoryManager@1@@Z
??0SAXException@xercesc_2_8@@QAE@QBGQAVMemoryManager@1@@Z
??0SAXNotRecognizedException@xercesc_2_8@@QAE@ABV01@@Z
??0SAXNotRecognizedException@xercesc_2_8@@QAE@ABVSAXException@1@@Z
??0SAXNotRecognizedException@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0SAXNotRecognizedException@xercesc_2_8@@QAE@QBDQAVMemoryManager@1@@Z
??0SAXNotRecognizedException@xercesc_2_8@@QAE@QBGQAVMemoryManager@1@@Z
??0SAXNotSupportedException@xercesc_2_8@@QAE@ABV01@@Z
??0SAXNotSupportedException@xercesc_2_8@@QAE@ABVSAXException@1@@Z
??0SAXNotSupportedException@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0SAXNotSupportedException@xercesc_2_8@@QAE@QBDQAVMemoryManager@1@@Z
??0SAXNotSupportedException@xercesc_2_8@@QAE@QBGQAVMemoryManager@1@@Z
??0SAXParseException@xercesc_2_8@@QAE@ABV01@@Z
??0SAXParseException@xercesc_2_8@@QAE@QBG00JJQAVMemoryManager@1@@Z
??0SAXParseException@xercesc_2_8@@QAE@QBGABVLocator@1@QAVMemoryManager@1@@Z
??0SAXParser@xercesc_2_8@@QAE@QAVXMLValidator@1@QAVMemoryManager@1@QAVXMLGrammarPool@1@@Z
??0SGXMLScanner@xercesc_2_8@@QAE@QAVXMLDocumentHandler@1@QAVDocTypeHandler@1@QAVXMLEntityHandler@1@QAVXMLErrorReporter@1@QAVXMLValidator@1@QAVGrammarResolver@1@QAVMemoryManager@1@@Z
??0SGXMLScanner@xercesc_2_8@@QAE@QAVXMLValidator@1@QAVGrammarResolver@1@QAVMemoryManager@1@@Z
??0SchemaAttDef@xercesc_2_8@@QAE@PBV01@@Z
??0SchemaAttDef@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0SchemaAttDef@xercesc_2_8@@QAE@QBG0H0W4AttTypes@XMLAttDef@1@W4DefAttTypes@31@0QAVMemoryManager@1@@Z
??0SchemaAttDef@xercesc_2_8@@QAE@QBG0HW4AttTypes@XMLAttDef@1@W4DefAttTypes@31@QAVMemoryManager@1@@Z
??0SchemaAttDefList@xercesc_2_8@@QAE@QAV?$RefHash2KeysTableOf@VSchemaAttDef@xercesc_2_8@@@1@QAVMemoryManager@1@@Z
??0SchemaAttDefList@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0SchemaDateTimeException@xercesc_2_8@@QAE@ABV01@@Z
??0SchemaDateTimeException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@0000PAVMemoryManager@1@@Z
??0SchemaDateTimeException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@PAVMemoryManager@1@@Z
??0SchemaDateTimeException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@QBG222PAVMemoryManager@1@@Z
??0SchemaElementDecl@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0SchemaElementDecl@xercesc_2_8@@QAE@QBG0HW4ModelTypes@01@HQAVMemoryManager@1@@Z
??0SchemaElementDecl@xercesc_2_8@@QAE@QBVQName@1@W4ModelTypes@01@HQAVMemoryManager@1@@Z
??0SchemaGrammar@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0SchemaInfo@xercesc_2_8@@QAE@GHHHHIQAGQBGQBVDOMElement@1@QAVMemoryManager@1@@Z
??0SchemaValidator@xercesc_2_8@@QAE@QAVXMLErrorReporter@1@QAVMemoryManager@1@@Z
??0SecurityManager@xercesc_2_8@@QAE@XZ
??0SelectorMatcher@xercesc_2_8@@AAE@QAVXercesXPath@1@QAVIC_Selector@1@QAVFieldActivator@1@HQAVMemoryManager@1@@Z
??0StdInInputSource@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0StdOutFormatTarget@xercesc_2_8@@QAE@XZ
??0StringDatatypeValidator@xercesc_2_8@@IAE@QAVDatatypeValidator@1@QAV?$RefHashTableOf@VKVStringPair@xercesc_2_8@@@1@HW4ValidatorType@21@QAVMemoryManager@1@@Z
??0StringDatatypeValidator@xercesc_2_8@@QAE@QAVDatatypeValidator@1@QAV?$RefHashTableOf@VKVStringPair@xercesc_2_8@@@1@QAV?$RefArrayVectorOf@G@1@HQAVMemoryManager@1@@Z
??0StringDatatypeValidator@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0StringOp@xercesc_2_8@@QAE@FQBGQAVMemoryManager@1@@Z
??0StringToken@xercesc_2_8@@QAE@GQBGHQAVMemoryManager@1@@Z
??0SubstitutionGroupComparator@xercesc_2_8@@QAE@QAVGrammarResolver@1@QAVXMLStringPool@1@@Z
??0ThrowEOEJanitor@xercesc_2_8@@QAE@PAVReaderMgr@1@_N@Z
??0TimeDatatypeValidator@xercesc_2_8@@QAE@QAVDatatypeValidator@1@QAV?$RefHashTableOf@VKVStringPair@xercesc_2_8@@@1@QAV?$RefArrayVectorOf@G@1@HQAVMemoryManager@1@@Z
??0TimeDatatypeValidator@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0Token@xercesc_2_8@@QAE@GQAVMemoryManager@1@@Z
??0TokenFactory@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0TranscodingException@xercesc_2_8@@QAE@ABV01@@Z
??0TranscodingException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@0000PAVMemoryManager@1@@Z
??0TranscodingException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@PAVMemoryManager@1@@Z
??0TranscodingException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@QBG222PAVMemoryManager@1@@Z
??0TraverseSchema@xercesc_2_8@@QAE@QAVDOMElement@1@QAVXMLStringPool@1@QAVSchemaGrammar@1@QAVGrammarResolver@1@QAVXMLScanner@1@QBGQAVXMLEntityHandler@1@QAVXMLErrorReporter@1@QAVMemoryManager@1@@Z
??0URLInputSource@xercesc_2_8@@QAE@ABVXMLURL@1@QAVMemoryManager@1@@Z
??0URLInputSource@xercesc_2_8@@QAE@QBG00QAVMemoryManager@1@@Z
??0URLInputSource@xercesc_2_8@@QAE@QBG0QAVMemoryManager@1@@Z
??0URLInputSource@xercesc_2_8@@QAE@QBGQBD1QAVMemoryManager@1@@Z
??0URLInputSource@xercesc_2_8@@QAE@QBGQBDQAVMemoryManager@1@@Z
??0UTFDataFormatException@xercesc_2_8@@QAE@ABV01@@Z
??0UTFDataFormatException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@0000PAVMemoryManager@1@@Z
??0UTFDataFormatException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@PAVMemoryManager@1@@Z
??0UTFDataFormatException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@QBG222PAVMemoryManager@1@@Z
??0UnexpectedEOFException@xercesc_2_8@@QAE@ABV01@@Z
??0UnexpectedEOFException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@0000PAVMemoryManager@1@@Z
??0UnexpectedEOFException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@PAVMemoryManager@1@@Z
??0UnexpectedEOFException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@QBG222PAVMemoryManager@1@@Z
??0UnicodeRangeFactory@xercesc_2_8@@QAE@XZ
??0UnionDatatypeValidator@xercesc_2_8@@QAE@QAV?$RefVectorOf@VDatatypeValidator@xercesc_2_8@@@1@HQAVMemoryManager@1@@Z
??0UnionDatatypeValidator@xercesc_2_8@@QAE@QAVDatatypeValidator@1@QAV?$RefHashTableOf@VKVStringPair@xercesc_2_8@@@1@QAV?$RefArrayVectorOf@G@1@HQAVMemoryManager@1@QAV?$RefVectorOf@VDatatypeValidator@xercesc_2_8@@@1@_N@Z
??0UnionDatatypeValidator@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0UnionOp@xercesc_2_8@@QAE@FHQAVMemoryManager@1@@Z
??0UnionToken@xercesc_2_8@@QAE@GQAVMemoryManager@1@@Z
??0UnsupportedEncodingException@xercesc_2_8@@QAE@ABV01@@Z
??0UnsupportedEncodingException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@0000PAVMemoryManager@1@@Z
??0UnsupportedEncodingException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@PAVMemoryManager@1@@Z
??0UnsupportedEncodingException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@QBG222PAVMemoryManager@1@@Z
??0ValidationContext@xercesc_2_8@@IAE@QAVMemoryManager@1@@Z
??0ValidationContextImpl@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0ValueStore@xercesc_2_8@@QAE@QAVIdentityConstraint@1@QAVXMLScanner@1@QAVMemoryManager@1@@Z
??0ValueStoreCache@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0VecAttrListImpl@xercesc_2_8@@QAE@XZ
??0VecAttributesImpl@xercesc_2_8@@QAE@XZ
??0WFElemStack@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0WFXMLScanner@xercesc_2_8@@QAE@QAVXMLDocumentHandler@1@QAVDocTypeHandler@1@QAVXMLEntityHandler@1@QAVXMLErrorReporter@1@QAVXMLValidator@1@QAVGrammarResolver@1@QAVMemoryManager@1@@Z
??0WFXMLScanner@xercesc_2_8@@QAE@QAVXMLValidator@1@QAVGrammarResolver@1@QAVMemoryManager@1@@Z
??0Win32LCPTranscoder@xercesc_2_8@@QAE@XZ
??0Win32MsgLoader@xercesc_2_8@@QAE@QBG@Z
??0Win32TransService@xercesc_2_8@@QAE@XZ
??0Win32Transcoder@xercesc_2_8@@QAE@QBGIIIQAVMemoryManager@1@@Z
??0WinSockNetAccessor@xercesc_2_8@@QAE@XZ
??0Wrapper4DOMInputSource@xercesc_2_8@@QAE@QAVDOMInputSource@1@_NQAVMemoryManager@1@@Z
??0Wrapper4InputSource@xercesc_2_8@@QAE@QAVInputSource@1@_NQAVMemoryManager@1@@Z
??0XML256TableTranscoder@xercesc_2_8@@IAE@QBGI0QBUTransRec@XMLTransService@1@IQAVMemoryManager@1@@Z
??0XML88591Transcoder@xercesc_2_8@@QAE@QBGIQAVMemoryManager@1@@Z
??0XMLASCIITranscoder@xercesc_2_8@@QAE@QBGIQAVMemoryManager@1@@Z
??0XMLAbstractDoubleFloat@xercesc_2_8@@IAE@QAVMemoryManager@1@@Z
??0XMLAttDef@xercesc_2_8@@IAE@QBGW4AttTypes@01@W4DefAttTypes@01@0QAVMemoryManager@1@@Z
??0XMLAttDef@xercesc_2_8@@IAE@W4AttTypes@01@W4DefAttTypes@01@QAVMemoryManager@1@@Z
??0XMLAttDefList@xercesc_2_8@@IAE@QAVMemoryManager@1@@Z
??0XMLAttr@xercesc_2_8@@QAE@IQBG00W4AttTypes@XMLAttDef@1@_NQAVMemoryManager@1@PAVDatatypeValidator@1@2@Z
??0XMLAttr@xercesc_2_8@@QAE@IQBG0W4AttTypes@XMLAttDef@1@_NQAVMemoryManager@1@PAVDatatypeValidator@1@2@Z
??0XMLAttr@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0XMLBigDecimal@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0XMLBigDecimal@xercesc_2_8@@QAE@QBGQAVMemoryManager@1@@Z
??0XMLBigInteger@xercesc_2_8@@QAE@ABV01@@Z

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 788KB - Virtual size: 786KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 148KB - Virtual size: 147KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 76KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 7.2MB

UPX1 Size: 2.1MB - Virtual size: 2.1MB

.rsrc Size: 36KB - Virtual size: 40KB

Headers

File Characteristics

Sections

.text Size: 4.4MB - Virtual size: 4.4MB

.rdata Size: 484KB - Virtual size: 483KB

.data Size: 400KB - Virtual size: 2.3MB

_TEXT_HA Size: 68KB - Virtual size: 66KB

.rsrc Size: 2.0MB - Virtual size: 2.0MB

d60f48e1e071f518fa8de3f0850ee7ea

Code Sign

01Certificate

0aCertificate

Extended Key Usages

Key Usages

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate

Extended Key Usages

Key Usages

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate

Extended Key Usages

Key Usages

07:4b:d0:f3:20:e2:54:d8:db:fa:21:5f:8e:c8:87:76Certificate

Extended Key Usages

Signer

Headers

File Characteristics

Imports

winmm

mpr

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

wsock32

odbc32

wininet

fdxutil

Sections

.text Size: 3.1MB - Virtual size: 3.1MB

.rdata Size: 392KB - Virtual size: 388KB

.data Size: 264KB - Virtual size: 2.4MB

.rsrc Size: 5.0MB - Virtual size: 5.0MB

021b6c5590d35e5853b2b7498523adc1

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 44KB - Virtual size: 41KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 12KB - Virtual size: 17KB

.reloc Size: 4KB - Virtual size: 3KB

4d9dbab255f9bb83059660eeba980a77

Headers

File Characteristics

Imports

kernel32

Exports

Exports

UPX0
Size: - Virtual size: 7.2MB

UPX1
Size: 2.1MB - Virtual size: 2.1MB

.rsrc
Size: 36KB - Virtual size: 40KB

.text
Size: 4.4MB - Virtual size: 4.4MB

.rdata
Size: 484KB - Virtual size: 483KB

.data
Size: 400KB - Virtual size: 2.3MB

_TEXT_HA
Size: 68KB - Virtual size: 66KB

.rsrc
Size: 2.0MB - Virtual size: 2.0MB

01
Certificate

0a
Certificate

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

07:4b:d0:f3:20:e2:54:d8:db:fa:21:5f:8e:c8:87:76
Certificate

.text
Size: 3.1MB - Virtual size: 3.1MB

.rdata
Size: 392KB - Virtual size: 388KB

.data
Size: 264KB - Virtual size: 2.4MB

.rsrc
Size: 5.0MB - Virtual size: 5.0MB

.text
Size: 44KB - Virtual size: 41KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 12KB - Virtual size: 17KB

.reloc
Size: 4KB - Virtual size: 3KB

.text
Size: 12KB - Virtual size: 11KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 2KB

.reloc
Size: 4KB - Virtual size: 1KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 788KB - Virtual size: 786KB

.data
Size: 148KB - Virtual size: 147KB

.rsrc
Size: 92KB - Virtual size: 91KB

.reloc
Size: 76KB - Virtual size: 74KB