火绒弹窗拦截5[.]0[.]73[.]1提取版[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

火绒弹窗拦截5.0.73.1提取版.zip
Size

3.0MB
MD5

04ff12084550f95bf27cf77cf5bb72bf
SHA1

9bd3f30260a521dc13bf3b89af9d7890bd360e60
SHA256

9b7a4f17972f6c0203b188451b52f5325e01203877bfb79b22b135139a3b2f1d
SHA512

06ce8ebe05c21d0838fa0f341e6ae8f01ee11c391367764a30bd261db57b8a3caea4687c8a0841f9b8d8974aea7c48bd22fd78c0af59955ec9ef45dfbe1a1cea
SSDEEP

49152:8wTpOmKPB0hEp19y5b0sa0wAY602mmVobEaqZ+4watkw6vf5y5OONI:6EEp1Yb9PwA306VowjPkwicpNI

Score

1^/10

Malware Config

Signatures

Files

火绒弹窗拦截5.0.73.1提取版.zip
.zip
火绒弹窗拦截5.0.73.1/CrashHandler.dll
.dll windows:5 windows x86 arch:x86

07d59c5eb2ad9a9bc5361d1f443a3420

Code Sign

39:72:44:3a:f9:22:b7:51:d7:d3:6c:10:dd:31:35:95
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

12/03/2019, 00:00

Not After

31/12/2028, 23:59

Subject

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

7b:49:49:3c:c1:d5:e7:3e:4f:a9:eb:a4:cd:ba:3f:d6
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

01/03/2021, 00:00

Not After

29/02/2024, 23:59

Subject

CN=Beijing Huorong Network Technology Co.\, Ltd.,O=Beijing Huorong Network Technology Co.\, Ltd.,POSTALCODE=100012,STREET=3rd Floor\, Ruipu Building D\, Courtyard 15\, Hongjunying South Road\, Chao Yang District,L=Beijing Shi,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/11/2018, 00:00

Not After

31/12/2030, 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11/05/2022, 00:00

Not After

10/08/2033, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

31:8b:81:d2:97:a4:df:8a:c1:6b:91:42:62:6f:74:9c:1a:cf:8b:36:30:8a:7d:2c:df:d5:8b:a4:2c:95:f6:24
Signer

Actual PE Digest

31:8b:81:d2:97:a4:df:8a:c1:6b:91:42:62:6f:74:9c:1a:cf:8b:36:30:8a:7d:2c:df:d5:8b:a4:2c:95:f6:24

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

VirtualProtect
WriteProcessMemory
GetCurrentProcess
GetCurrentThreadId
GetCurrentProcessId
CreateProcessW
WaitForSingleObject
CloseHandle
ExitProcess
GetProcAddress
LoadLibraryW
GetModuleFileNameW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
InterlockedFlushSList
RtlUnwind
GetLastError
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
GetModuleHandleExW
GetModuleFileNameA
MultiByteToWideChar
WideCharToMultiByte
HeapFree
HeapAlloc
GetACP
GetStdHandle
GetFileType
LCMapStringW
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
GetStringTypeW
SetStdHandle
HeapSize
HeapReAlloc
WriteFile
GetConsoleCP
GetConsoleMode
SetFilePointerEx
FlushFileBuffers
DecodePointer
WriteConsoleW
RaiseException
CreateFileW

Exports

Exports

SetCrashHandle

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
火绒弹窗拦截5.0.73.1/DuiLib.dll
.dll windows:5 windows x86 arch:x86

82da7ee900cc7c39439b01ac373ff6b6

Code Sign

39:72:44:3a:f9:22:b7:51:d7:d3:6c:10:dd:31:35:95
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

12/03/2019, 00:00

Not After

31/12/2028, 23:59

Subject

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

7b:49:49:3c:c1:d5:e7:3e:4f:a9:eb:a4:cd:ba:3f:d6
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

01/03/2021, 00:00

Not After

29/02/2024, 23:59

Subject

CN=Beijing Huorong Network Technology Co.\, Ltd.,O=Beijing Huorong Network Technology Co.\, Ltd.,POSTALCODE=100012,STREET=3rd Floor\, Ruipu Building D\, Courtyard 15\, Hongjunying South Road\, Chao Yang District,L=Beijing Shi,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/11/2018, 00:00

Not After

31/12/2030, 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11/05/2022, 00:00

Not After

10/08/2033, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

1b:7d:0c:e8:7f:eb:19:bc:57:2d:9d:af:0a:9b:35:e1:14:2c:dc:38:64:a6:5f:72:94:5c:ab:28:29:af:1b:0a
Signer

Actual PE Digest

1b:7d:0c:e8:7f:eb:19:bc:57:2d:9d:af:0a:9b:35:e1:14:2c:dc:38:64:a6:5f:72:94:5c:ab:28:29:af:1b:0a

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DuplicateHandle
SystemTimeToFileTime
DosDateTimeToFileTime
CreateDirectoryW
WideCharToMultiByte
WaitForSingleObjectEx
OutputDebugStringA
WriteConsoleW
FlushFileBuffers
SetFilePointerEx
GetConsoleMode
GetConsoleCP
HeapSize
SetStdHandle
DecodePointer
SetConsoleCtrlHandler
SetEnvironmentVariableW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
IsValidCodePage
FindNextFileW
FindNextFileA
FindFirstFileExW
FindFirstFileExA
FindClose
EnumSystemLocalesW
GetUserDefaultLCID
SetFileTime
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
GetStdHandle
HeapReAlloc
GetCurrentThread
GetStringTypeW
GetModuleFileNameA
GetModuleHandleExW
LoadLibraryExW
FreeLibrary
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
SetLastError
InterlockedFlushSList
InterlockedPushEntrySList
RaiseException
RtlUnwind
EncodePointer
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
SetFilePointer
WriteFile
GetFileType
GetCurrentProcess
ExitProcess
GetACP
GetVersionExW
LoadLibraryA
GetCurrentProcessId
OpenProcess
DisableThreadLibraryCalls
lstrlenW
CreateFileW
GetCurrentDirectoryW
SetCurrentDirectoryW
FindResourceW
GetModuleHandleW
GetModuleFileNameW
CloseHandle
ReadFile
GetFileSize
SizeofResource
LoadResource
LockResource
FreeResource
GetLastError
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InterlockedDecrement
GetProcAddress
InterlockedIncrement
OutputDebugStringW
GetProcessHeap
HeapFree
HeapAlloc
MultiByteToWideChar
GetTickCount
GetModuleHandleA
GetLocalTime
LoadLibraryW
MulDiv
IsValidLocale
CreateThread

user32

IsChild
NotifyWinEvent
AdjustWindowRectEx
GetPropW
SetPropW
GetMenu
CreateWindowExW
GetClassInfoExW
RegisterClassExW
RegisterClassW
CallWindowProcW
wsprintfW
GetSysColor
IsWindowVisible
IsIconic
DefWindowProcW
DestroyWindow
ShowWindow
MoveWindow
SetCapture
IsZoomed
EnumChildWindows
CharPrevW
SetRect
EnumDisplaySettingsW
ReleaseCapture
SetTimer
CreateAcceleratorTableW
GetDC
ReleaseDC
BeginPaint
EndPaint
InvalidateRect
InvalidateRgn
GetClientRect
ClientToScreen
ScreenToClient
FillRect
IntersectRect
PtInRect
GetGUIThreadInfo
CharNextW
SetCursor
LoadCursorW
KillTimer
InflateRect
GetUpdateRect
SetCaretPos
ShowCaret
HideCaret
CreateCaret
GetKeyState
SetWindowRgn
MessageBoxW
wvsprintfW
MonitorFromPoint
GetWindow
PostQuitMessage
PostMessageW
DispatchMessageW
TranslateMessage
GetMessageW
GetIconInfo
DrawIconEx
LoadImageW
DestroyIcon
PrivateExtractIconsW
GetSystemMetrics
SetWindowLongW
GetWindowLongW
EqualRect
IsRectEmpty
UnionRect
GetCaretPos
GetCaretBlinkTime
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
DrawTextW
EnableWindow
IsWindow
OffsetRect
GetMonitorInfoW
MonitorFromWindow
GetParent
MapWindowPoints
GetCursorPos
GetWindowRect
GetFocus
SetFocus
SetWindowPos
SendMessageW

gdi32

GetObjectA
GetObjectW
SetTextColor
SetBkMode
SelectObject
CreateSolidBrush
DeleteObject
DeleteDC
GetObjectType
Rectangle
RestoreDC
RoundRect
SaveDC
GetTextMetricsW
ExtCreatePen
CombineRgn
CreateFontIndirectW
CreateRectRgnIndirect
CreateRoundRectRgn
GetCharABCWidthsW
GetClipBox
GetTextExtentPoint32W
LineTo
SelectClipRgn
ExtSelectClipRgn
SetBkColor
StretchBlt
SetStretchBltMode
CreateDIBSection
MoveToEx
TextOutW
ExtTextOutW
GdiFlush
GetStockObject
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
GetDeviceCaps
CreatePen

shell32

SHGetFileInfoW

ole32

CLSIDFromProgID
CLSIDFromString
CoCreateInstance
OleLockRunning

oleaut32

VariantInit
VariantClear
SysAllocString
SysFreeString

gdiplus

GdiplusShutdown
GdiplusStartup
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipDeleteStringFormat
GdipCreateStringFormat
GdipDrawString
GdipDeleteFont
GdipCreateFontFromLogfontA
GdipCreateFontFromDC
GdipSetTextRenderingHint
GdipDeleteGraphics
GdipCreateFromHDC
GdipCreateLineBrushI
GdipDeleteBrush
GdipCloneBrush
GdipFree
GdipAlloc

shlwapi

PathIsUNCW
PathIsDirectoryW

comctl32

ord17
ImageList_DrawIndirect
ImageList_GetImageCount
_TrackMouseEvent

oleacc

CreateStdAccessibleObject
LresultFromObject

Exports

Exports

??0CAccessibleServer@DuiLib@@QAE@ABV01@@Z
??0CAccessibleServer@DuiLib@@QAE@PAVCPaintManagerUI@1@@Z
??0CActiveXUI@DuiLib@@QAE@ABV01@@Z
??0CActiveXUI@DuiLib@@QAE@XZ
??0CAnimationData@DuiLib@@QAE@HHHH@Z
??0CButtonUI@DuiLib@@QAE@$$QAV01@@Z
??0CButtonUI@DuiLib@@QAE@ABV01@@Z
??0CButtonUI@DuiLib@@QAE@XZ
??0CCheckBoxUI@DuiLib@@QAE@$$QAV01@@Z
??0CCheckBoxUI@DuiLib@@QAE@ABV01@@Z
??0CCheckBoxUI@DuiLib@@QAE@XZ
??0CChildLayoutUI@DuiLib@@QAE@$$QAV01@@Z
??0CChildLayoutUI@DuiLib@@QAE@ABV01@@Z
??0CChildLayoutUI@DuiLib@@QAE@XZ
??0CComboExUI@DuiLib@@QAE@ABV01@@Z
??0CComboExUI@DuiLib@@QAE@XZ
??0CComboUI@DuiLib@@QAE@ABV01@@Z
??0CComboUI@DuiLib@@QAE@XZ
??0CContainerUI@DuiLib@@QAE@ABV01@@Z
??0CContainerUI@DuiLib@@QAE@XZ
??0CControlUI@DuiLib@@QAE@ABV01@@Z
??0CControlUI@DuiLib@@QAE@XZ
??0CDPI@DuiLib@@QAE@PAUHWND__@@@Z
??0CDPI@DuiLib@@QAE@XZ
??0CDateTimeUI@DuiLib@@QAE@$$QAV01@@Z
??0CDateTimeUI@DuiLib@@QAE@ABV01@@Z
??0CDateTimeUI@DuiLib@@QAE@XZ
??0CDelegateBase@DuiLib@@QAE@ABV01@@Z
??0CDelegateBase@DuiLib@@QAE@PAX0@Z
??0CDialogBuilder@DuiLib@@QAE@XZ
??0CDuiDrawInfo@DuiLib@@QAE@ABV01@@Z
??0CDuiDrawInfo@DuiLib@@QAE@XZ
??0CDuiPtrArray@DuiLib@@QAE@ABV01@@Z
??0CDuiPtrArray@DuiLib@@QAE@H@Z
??0CDuiRect@DuiLib@@QAE@ABUtagRECT@@@Z
??0CDuiRect@DuiLib@@QAE@HHHH@Z
??0CDuiRect@DuiLib@@QAE@XZ
??0CDuiSize@DuiLib@@QAE@ABUtagSIZE@@@Z
??0CDuiSize@DuiLib@@QAE@HH@Z
??0CDuiSize@DuiLib@@QAE@UtagRECT@@@Z
??0CDuiSize@DuiLib@@QAE@XZ
??0CDuiString@DuiLib@@QAE@ABV01@@Z
??0CDuiString@DuiLib@@QAE@PB_WH@Z
??0CDuiString@DuiLib@@QAE@XZ
??0CDuiString@DuiLib@@QAE@_W@Z
??0CDuiStringPtrMap@DuiLib@@QAE@H@Z
??0CDuiValArray@DuiLib@@QAE@HH@Z
??0CEditUI@DuiLib@@QAE@ABV01@@Z
??0CEditUI@DuiLib@@QAE@XZ
??0CEventSource@DuiLib@@QAE@ABV01@@Z
??0CEventSource@DuiLib@@QAE@XZ
??0CFileIconUI@DuiLib@@QAE@ABV01@@Z
??0CFileIconUI@DuiLib@@QAE@XZ
??0CHorizontalLayoutUI@DuiLib@@QAE@$$QAV01@@Z
??0CHorizontalLayoutUI@DuiLib@@QAE@ABV01@@Z
??0CHorizontalLayoutUI@DuiLib@@QAE@XZ
??0CLabelUI@DuiLib@@QAE@ABV01@@Z
??0CLabelUI@DuiLib@@QAE@XZ
??0CListBodyUI@DuiLib@@QAE@$$QAV01@@Z
??0CListBodyUI@DuiLib@@QAE@ABV01@@Z
??0CListBodyUI@DuiLib@@QAE@PAVCListUI@1@@Z
??0CListContainerElementUI@DuiLib@@QAE@$$QAV01@@Z
??0CListContainerElementUI@DuiLib@@QAE@ABV01@@Z
??0CListContainerElementUI@DuiLib@@QAE@XZ
??0CListElementUI@DuiLib@@QAE@$$QAV01@@Z
??0CListElementUI@DuiLib@@QAE@ABV01@@Z
??0CListElementUI@DuiLib@@QAE@XZ
??0CListHeaderItemUI@DuiLib@@QAE@$$QAV01@@Z
??0CListHeaderItemUI@DuiLib@@QAE@ABV01@@Z
??0CListHeaderItemUI@DuiLib@@QAE@XZ
??0CListHeaderUI@DuiLib@@QAE@$$QAV01@@Z
??0CListHeaderUI@DuiLib@@QAE@ABV01@@Z
??0CListHeaderUI@DuiLib@@QAE@XZ
??0CListLabelElementUI@DuiLib@@QAE@$$QAV01@@Z
??0CListLabelElementUI@DuiLib@@QAE@ABV01@@Z
??0CListLabelElementUI@DuiLib@@QAE@XZ
??0CListMiddleUI@DuiLib@@QAE@$$QAV01@@Z
??0CListMiddleUI@DuiLib@@QAE@ABV01@@Z
??0CListMiddleUI@DuiLib@@QAE@XZ
??0CListNotifyKey@DuiLib@@IAE@XZ
??0CListNotifyKey@DuiLib@@QAE@$$QAV01@@Z
??0CListNotifyKey@DuiLib@@QAE@ABV01@@Z
??0CListTextElementUI@DuiLib@@QAE@ABV01@@Z
??0CListTextElementUI@DuiLib@@QAE@XZ
??0CListUI@DuiLib@@QAE@ABV01@@Z
??0CListUI@DuiLib@@QAE@XZ
??0CMarkup@DuiLib@@QAE@PB_W@Z
??0CMarkupNode@DuiLib@@AAE@PAVCMarkup@1@H@Z
??0CMarkupNode@DuiLib@@QAE@XZ
??0CMenuBodyUI@DuiLib@@QAE@ABV01@@Z
??0CMenuBodyUI@DuiLib@@QAE@XZ
??0CMenuItemUI@DuiLib@@QAE@ABV01@@Z
??0CMenuItemUI@DuiLib@@QAE@PAVCMenuUI@1@@Z
??0CMenuUI@DuiLib@@QAE@ABV01@@Z
??0CMenuUI@DuiLib@@QAE@PB_WPAVCMenuItemUI@1@@Z
??0CNotifyPump@DuiLib@@QAE@$$QAV01@@Z
??0CNotifyPump@DuiLib@@QAE@ABV01@@Z
??0CNotifyPump@DuiLib@@QAE@XZ
??0COptionUI@DuiLib@@QAE@ABV01@@Z
??0COptionUI@DuiLib@@QAE@XZ
??0CPaintManagerUI@DuiLib@@QAE@ABV01@@Z
??0CPaintManagerUI@DuiLib@@QAE@XZ
??0CPoint@DuiLib@@QAE@ABUtagPOINT@@@Z
??0CPoint@DuiLib@@QAE@HH@Z
??0CPoint@DuiLib@@QAE@J@Z
??0CPoint@DuiLib@@QAE@XZ
??0CProgressUI@DuiLib@@QAE@$$QAV01@@Z
??0CProgressUI@DuiLib@@QAE@ABV01@@Z
??0CProgressUI@DuiLib@@QAE@XZ
??0CRenderClip@DuiLib@@QAE@XZ
??0CRichEditUI@DuiLib@@QAE@ABV01@@Z
??0CRichEditUI@DuiLib@@QAE@XZ
??0CScrollBarUI@DuiLib@@QAE@$$QAV01@@Z
??0CScrollBarUI@DuiLib@@QAE@ABV01@@Z
??0CScrollBarUI@DuiLib@@QAE@XZ
??0CSliderUI@DuiLib@@QAE@$$QAV01@@Z
??0CSliderUI@DuiLib@@QAE@ABV01@@Z
??0CSliderUI@DuiLib@@QAE@XZ
??0CTabControlMgr@DuiLib@@QAE@ABV01@@Z
??0CTabControlMgr@DuiLib@@QAE@PAVCPaintManagerUI@1@@Z
??0CTabLayoutUI@DuiLib@@QAE@$$QAV01@@Z
??0CTabLayoutUI@DuiLib@@QAE@ABV01@@Z
??0CTabLayoutUI@DuiLib@@QAE@XZ
??0CTextUI@DuiLib@@QAE@ABV01@@Z
??0CTextUI@DuiLib@@QAE@XZ
??0CTileLayoutUI@DuiLib@@QAE@$$QAV01@@Z
??0CTileLayoutUI@DuiLib@@QAE@ABV01@@Z
??0CTileLayoutUI@DuiLib@@QAE@XZ
??0CTranslateManager@DuiLib@@QAE@ABV01@@Z
??0CTranslateManager@DuiLib@@QAE@XZ
??0CTreeNodeExUI@DuiLib@@QAE@ABV01@@Z
??0CTreeNodeExUI@DuiLib@@QAE@XZ
??0CTreeNodeUI@DuiLib@@QAE@ABV01@@Z
??0CTreeNodeUI@DuiLib@@QAE@PAV01@@Z
??0CTreeViewExUI@DuiLib@@QAE@ABV01@@Z
??0CTreeViewExUI@DuiLib@@QAE@K@Z
??0CTreeViewUI@DuiLib@@QAE@ABV01@@Z
??0CTreeViewUI@DuiLib@@QAE@XZ
??0CUIAnimation@DuiLib@@QAE@$$QAV01@@Z
??0CUIAnimation@DuiLib@@QAE@ABV01@@Z
??0CUIAnimation@DuiLib@@QAE@PAVCControlUI@1@@Z
??0CVListBodyUI@DuiLib@@QAE@$$QAV01@@Z
??0CVListBodyUI@DuiLib@@QAE@ABV01@@Z
??0CVListBodyUI@DuiLib@@QAE@PAVCVListUI@1@@Z
??0CVListUI@DuiLib@@QAE@$$QAV01@@Z
??0CVListUI@DuiLib@@QAE@ABV01@@Z
??0CVListUI@DuiLib@@QAE@XZ
??0CVerticalLayoutUI@DuiLib@@QAE@$$QAV01@@Z
??0CVerticalLayoutUI@DuiLib@@QAE@ABV01@@Z
??0CVerticalLayoutUI@DuiLib@@QAE@XZ
??0CWaitCursor@DuiLib@@QAE@XZ
??0CWebBrowserUI@DuiLib@@QAE@ABV01@@Z
??0CWebBrowserUI@DuiLib@@QAE@XZ
??0CWindowWnd@DuiLib@@QAE@$$QAV01@@Z
??0CWindowWnd@DuiLib@@QAE@ABV01@@Z
??0CWindowWnd@DuiLib@@QAE@XZ
??0ITreeInfo@DuiLib@@QAE@ABV01@@Z
??0ITreeInfo@DuiLib@@QAE@XZ
??0IUIAnimation@DuiLib@@QAE@ABV01@@Z
??0IUIAnimation@DuiLib@@QAE@XZ
??0IVListCallbackUI@DuiLib@@QAE@$$QAV01@@Z
??0IVListCallbackUI@DuiLib@@QAE@ABV01@@Z
??0IVListCallbackUI@DuiLib@@QAE@XZ
??0WindowImplBase@DuiLib@@QAE@ABV01@@Z
??0WindowImplBase@DuiLib@@QAE@XZ
??1CAccessibleServer@DuiLib@@UAE@XZ
??1CActiveXUI@DuiLib@@UAE@XZ
??1CButtonUI@DuiLib@@UAE@XZ
??1CCheckBoxUI@DuiLib@@UAE@XZ
??1CChildLayoutUI@DuiLib@@UAE@XZ
??1CComboExUI@DuiLib@@UAE@XZ
??1CComboUI@DuiLib@@UAE@XZ
??1CContainerUI@DuiLib@@UAE@XZ
??1CControlUI@DuiLib@@UAE@XZ
??1CDateTimeUI@DuiLib@@UAE@XZ
??1CDelegateBase@DuiLib@@UAE@XZ
??1CDialogBuilder@DuiLib@@QAE@XZ
??1CDuiDrawInfo@DuiLib@@QAE@XZ
??1CDuiPtrArray@DuiLib@@QAE@XZ
??1CDuiString@DuiLib@@QAE@XZ
??1CDuiStringPtrMap@DuiLib@@QAE@XZ
??1CDuiValArray@DuiLib@@QAE@XZ
??1CEditUI@DuiLib@@UAE@XZ
??1CEventSource@DuiLib@@QAE@XZ
??1CFileIconUI@DuiLib@@UAE@XZ
??1CHorizontalLayoutUI@DuiLib@@UAE@XZ
??1CLabelUI@DuiLib@@UAE@XZ
??1CListBodyUI@DuiLib@@UAE@XZ
??1CListContainerElementUI@DuiLib@@UAE@XZ
??1CListElementUI@DuiLib@@UAE@XZ
??1CListHeaderItemUI@DuiLib@@UAE@XZ
??1CListHeaderUI@DuiLib@@UAE@XZ
??1CListLabelElementUI@DuiLib@@UAE@XZ
??1CListMiddleUI@DuiLib@@UAE@XZ
??1CListNotifyKey@DuiLib@@QAE@XZ
??1CListTextElementUI@DuiLib@@UAE@XZ
??1CListUI@DuiLib@@UAE@XZ
??1CMarkup@DuiLib@@QAE@XZ
??1CMenuBodyUI@DuiLib@@UAE@XZ
??1CMenuItemUI@DuiLib@@UAE@XZ
??1CMenuUI@DuiLib@@UAE@XZ
??1CNotifyPump@DuiLib@@QAE@XZ
??1COptionUI@DuiLib@@UAE@XZ
??1CPaintManagerUI@DuiLib@@QAE@XZ
??1CProgressUI@DuiLib@@UAE@XZ
??1CRenderClip@DuiLib@@QAE@XZ
??1CRichEditUI@DuiLib@@UAE@XZ
??1CScrollBarUI@DuiLib@@UAE@XZ
??1CSliderUI@DuiLib@@UAE@XZ
??1CTabControlMgr@DuiLib@@QAE@XZ
??1CTabLayoutUI@DuiLib@@UAE@XZ
??1CTextUI@DuiLib@@UAE@XZ
??1CTileLayoutUI@DuiLib@@UAE@XZ
??1CTranslateManager@DuiLib@@QAE@XZ
??1CTreeNodeExUI@DuiLib@@UAE@XZ
??1CTreeNodeUI@DuiLib@@UAE@XZ
??1CTreeViewExUI@DuiLib@@UAE@XZ
??1CTreeViewUI@DuiLib@@UAE@XZ
??1CUIAnimation@DuiLib@@UAE@XZ
??1CVListBodyUI@DuiLib@@UAE@XZ
??1CVListUI@DuiLib@@UAE@XZ
??1CVerticalLayoutUI@DuiLib@@UAE@XZ
??1CWaitCursor@DuiLib@@QAE@XZ
??1CWebBrowserUI@DuiLib@@UAE@XZ
??1ITreeInfo@DuiLib@@QAE@XZ
??1IUIAnimation@DuiLib@@UAE@XZ
??1WindowImplBase@DuiLib@@UAE@XZ
??4CAccessibleServer@DuiLib@@QAEAAV01@ABV01@@Z
??4CActiveXUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CAnimationData@DuiLib@@QAEAAV01@$$QAV01@@Z
??4CAnimationData@DuiLib@@QAEAAV01@ABV01@@Z
??4CButtonUI@DuiLib@@QAEAAV01@$$QAV01@@Z
??4CButtonUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CCheckBoxUI@DuiLib@@QAEAAV01@$$QAV01@@Z
??4CCheckBoxUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CChildLayoutUI@DuiLib@@QAEAAV01@$$QAV01@@Z
??4CChildLayoutUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CComboExUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CComboUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CContainerUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CControlUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CDPI@DuiLib@@QAEAAV01@$$QAV01@@Z
??4CDPI@DuiLib@@QAEAAV01@ABV01@@Z
??4CDateTimeUI@DuiLib@@QAEAAV01@$$QAV01@@Z
??4CDateTimeUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CDelegateBase@DuiLib@@QAEAAV01@ABV01@@Z
??4CDialogBuilder@DuiLib@@QAEAAV01@$$QAV01@@Z
??4CDialogBuilder@DuiLib@@QAEAAV01@ABV01@@Z
??4CDuiDrawInfo@DuiLib@@QAEABV01@ABV01@@Z
??4CDuiPtrArray@DuiLib@@QAEAAV01@ABV01@@Z
??4CDuiRect@DuiLib@@QAEAAV01@$$QAV01@@Z
??4CDuiRect@DuiLib@@QAEAAV01@ABV01@@Z
??4CDuiSize@DuiLib@@QAEAAV01@$$QAV01@@Z
??4CDuiSize@DuiLib@@QAEAAV01@ABV01@@Z
??4CDuiString@DuiLib@@QAEABV01@ABV01@@Z
??4CDuiString@DuiLib@@QAEABV01@PBD@Z
??4CDuiString@DuiLib@@QAEABV01@PB_W@Z
??4CDuiString@DuiLib@@QAEABV01@_W@Z
??4CDuiStringPtrMap@DuiLib@@QAEAAV01@ABV01@@Z
??4CDuiValArray@DuiLib@@QAEAAV01@ABV01@@Z
??4CEditUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CEventSource@DuiLib@@QAEAAV01@ABV01@@Z
??4CFileIconUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CHorizontalLayoutUI@DuiLib@@QAEAAV01@$$QAV01@@Z
??4CHorizontalLayoutUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CLabelUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CListBodyUI@DuiLib@@QAEAAV01@$$QAV01@@Z
??4CListBodyUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CListContainerElementUI@DuiLib@@QAEAAV01@$$QAV01@@Z
??4CListContainerElementUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CListElementUI@DuiLib@@QAEAAV01@$$QAV01@@Z
??4CListElementUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CListHeaderItemUI@DuiLib@@QAEAAV01@$$QAV01@@Z
??4CListHeaderItemUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CListHeaderUI@DuiLib@@QAEAAV01@$$QAV01@@Z
??4CListHeaderUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CListLabelElementUI@DuiLib@@QAEAAV01@$$QAV01@@Z
??4CListLabelElementUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CListMiddleUI@DuiLib@@QAEAAV01@$$QAV01@@Z
??4CListMiddleUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CListNotifyKey@DuiLib@@QAEAAV01@$$QAV01@@Z
??4CListNotifyKey@DuiLib@@QAEAAV01@ABV01@@Z
??4CListTextElementUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CListUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CMarkup@DuiLib@@QAEAAV01@ABV01@@Z
??4CMarkupNode@DuiLib@@QAEAAV01@$$QAV01@@Z
??4CMarkupNode@DuiLib@@QAEAAV01@ABV01@@Z
??4CMenuBodyUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CMenuItemUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CMenuUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CNotifyPump@DuiLib@@QAEAAV01@$$QAV01@@Z
??4CNotifyPump@DuiLib@@QAEAAV01@ABV01@@Z
??4COptionUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CPaintManagerUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CPoint@DuiLib@@QAEAAV01@$$QAV01@@Z
??4CPoint@DuiLib@@QAEAAV01@ABV01@@Z
??4CProgressUI@DuiLib@@QAEAAV01@$$QAV01@@Z
??4CProgressUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CRenderClip@DuiLib@@QAEAAV01@ABV01@@Z
??4CRenderEngine@DuiLib@@QAEAAV01@$$QAV01@@Z
??4CRenderEngine@DuiLib@@QAEAAV01@ABV01@@Z
??4CRichEditUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CScrollBarUI@DuiLib@@QAEAAV01@$$QAV01@@Z
??4CScrollBarUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CSliderUI@DuiLib@@QAEAAV01@$$QAV01@@Z
??4CSliderUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CTabControlMgr@DuiLib@@QAEAAV01@ABV01@@Z
??4CTabLayoutUI@DuiLib@@QAEAAV01@$$QAV01@@Z
??4CTabLayoutUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CTextUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CTileLayoutUI@DuiLib@@QAEAAV01@$$QAV01@@Z
??4CTileLayoutUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CTranslateManager@DuiLib@@QAEAAV01@ABV01@@Z
??4CTreeNodeExUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CTreeNodeUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CTreeViewExUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CTreeViewUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CUIAnimation@DuiLib@@QAEAAV01@$$QAV01@@Z
??4CUIAnimation@DuiLib@@QAEAAV01@ABV01@@Z
??4CVListBodyUI@DuiLib@@QAEAAV01@$$QAV01@@Z
??4CVListBodyUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CVListUI@DuiLib@@QAEAAV01@$$QAV01@@Z
??4CVListUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CVerticalLayoutUI@DuiLib@@QAEAAV01@$$QAV01@@Z
??4CVerticalLayoutUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CWaitCursor@DuiLib@@QAEAAV01@ABV01@@Z
??4CWebBrowserUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CWindowWnd@DuiLib@@QAEAAV01@$$QAV01@@Z
??4CWindowWnd@DuiLib@@QAEAAV01@ABV01@@Z
??4ITreeInfo@DuiLib@@QAEAAV01@ABV01@@Z
??4IUIAnimation@DuiLib@@QAEAAV01@ABV01@@Z
??4IVListCallbackUI@DuiLib@@QAEAAV01@$$QAV01@@Z
??4IVListCallbackUI@DuiLib@@QAEAAV01@ABV01@@Z
??4WindowImplBase@DuiLib@@QAEAAV01@ABV01@@Z
??8CDuiString@DuiLib@@QBE_NPB_W@Z
??9CDuiString@DuiLib@@QBE_NPB_W@Z
??ACDuiPtrArray@DuiLib@@QBEPAXH@Z
??ACDuiString@DuiLib@@QBE_WH@Z
??ACDuiStringPtrMap@DuiLib@@QBEPB_WH@Z
??ACDuiValArray@DuiLib@@QBEPAXH@Z
??BCDuiString@DuiLib@@QBEPB_WXZ
??BCEventSource@DuiLib@@QAE_NXZ
??BCWindowWnd@DuiLib@@QBEPAUHWND__@@XZ
??HCDuiString@DuiLib@@QBE?AV01@ABV01@@Z
??HCDuiString@DuiLib@@QBE?AV01@PB_W@Z
??MCDuiString@DuiLib@@QBE_NPB_W@Z
??NCDuiString@DuiLib@@QBE_NPB_W@Z
??OCDuiString@DuiLib@@QBE_NPB_W@Z
??PCDuiString@DuiLib@@QBE_NPB_W@Z
??RCDelegateBase@DuiLib@@QAE_NPAX@Z
??RCEventSource@DuiLib@@QAE_NPAX@Z
??YCDuiString@DuiLib@@QAEABV01@ABV01@@Z
??YCDuiString@DuiLib@@QAEABV01@PBD@Z
??YCDuiString@DuiLib@@QAEABV01@PB_W@Z
??YCDuiString@DuiLib@@QAEABV01@_W@Z
??YCEventSource@DuiLib@@QAEXABVCDelegateBase@1@@Z
??YCEventSource@DuiLib@@QAEXP6A_NPAX@Z@Z
??ZCEventSource@DuiLib@@QAEXABVCDelegateBase@1@@Z
??ZCEventSource@DuiLib@@QAEXP6A_NPAX@Z@Z
??_7CAccessibleServer@DuiLib@@6BIAccessible@@@
??_7CAccessibleServer@DuiLib@@6BIEnumVARIANT@@@
??_7CActiveXUI@DuiLib@@6BCControlUI@1@@
??_7CActiveXUI@DuiLib@@6BIMessageFilterUI@1@@
??_7CButtonUI@DuiLib@@6B@
??_7CCheckBoxUI@DuiLib@@6B@
??_7CChildLayoutUI@DuiLib@@6BCControlUI@1@@
??_7CChildLayoutUI@DuiLib@@6BIContainerUI@1@@
??_7CComboExUI@DuiLib@@6B@
??_7CComboExUI@DuiLib@@6BCControlUI@1@@
??_7CComboExUI@DuiLib@@6BIContainerUI@1@@
??_7CComboUI@DuiLib@@6B@
??_7CComboUI@DuiLib@@6BCControlUI@1@@
??_7CComboUI@DuiLib@@6BIContainerUI@1@@
??_7CContainerUI@DuiLib@@6BCControlUI@1@@
??_7CContainerUI@DuiLib@@6BIContainerUI@1@@
??_7CControlUI@DuiLib@@6B@
??_7CDateTimeUI@DuiLib@@6B@
??_7CDelegateBase@DuiLib@@6B@
??_7CEditUI@DuiLib@@6BCLabelUI@1@@
??_7CEditUI@DuiLib@@6BIMessageFilterUI@1@@
??_7CFileIconUI@DuiLib@@6B@
??_7CHorizontalLayoutUI@DuiLib@@6BCControlUI@1@@
??_7CHorizontalLayoutUI@DuiLib@@6BIContainerUI@1@@
??_7CLabelUI@DuiLib@@6B@
??_7CListBodyUI@DuiLib@@6BCControlUI@1@@
??_7CListBodyUI@DuiLib@@6BIContainerUI@1@@
??_7CListContainerElementUI@DuiLib@@6B@
??_7CListContainerElementUI@DuiLib@@6BCControlUI@1@@
??_7CListContainerElementUI@DuiLib@@6BIContainerUI@1@@
??_7CListElementUI@DuiLib@@6BCControlUI@1@@
??_7CListElementUI@DuiLib@@6BIListItemUI@1@@
??_7CListHeaderItemUI@DuiLib@@6B@
??_7CListHeaderUI@DuiLib@@6BCControlUI@1@@
??_7CListHeaderUI@DuiLib@@6BIContainerUI@1@@
??_7CListLabelElementUI@DuiLib@@6BCControlUI@1@@
??_7CListLabelElementUI@DuiLib@@6BIListItemUI@1@@
??_7CListMiddleUI@DuiLib@@6BCControlUI@1@@
??_7CListMiddleUI@DuiLib@@6BIContainerUI@1@@
??_7CListTextElementUI@DuiLib@@6BCControlUI@1@@
??_7CListTextElementUI@DuiLib@@6BIListItemUI@1@@
??_7CListUI@DuiLib@@6B@
??_7CListUI@DuiLib@@6BCControlUI@1@@
??_7CListUI@DuiLib@@6BIContainerUI@1@@
??_7CMenuBodyUI@DuiLib@@6B@
??_7CMenuBodyUI@DuiLib@@6BCControlUI@1@@
??_7CMenuBodyUI@DuiLib@@6BIContainerUI@1@@
??_7CMenuItemUI@DuiLib@@6B@
??_7CMenuItemUI@DuiLib@@6BCControlUI@1@@
??_7CMenuItemUI@DuiLib@@6BIContainerUI@1@@
??_7CMenuUI@DuiLib@@6BCWindowWnd@1@@
??_7CMenuUI@DuiLib@@6BIDialogBuilderCallback@1@@
??_7CMenuUI@DuiLib@@6BINotifyUI@1@@
??_7CNotifyPump@DuiLib@@6B@
??_7COptionUI@DuiLib@@6B@
??_7CProgressUI@DuiLib@@6B@
??_7CRichEditUI@DuiLib@@6B@
??_7CRichEditUI@DuiLib@@6BCControlUI@1@@
??_7CRichEditUI@DuiLib@@6BIContainerUI@1@@
??_7CScrollBarUI@DuiLib@@6B@
??_7CSliderUI@DuiLib@@6B@
??_7CTabLayoutUI@DuiLib@@6BCControlUI@1@@
??_7CTabLayoutUI@DuiLib@@6BIContainerUI@1@@
??_7CTextUI@DuiLib@@6B@
??_7CTileLayoutUI@DuiLib@@6BCControlUI@1@@
??_7CTileLayoutUI@DuiLib@@6BIContainerUI@1@@
??_7CTreeNodeExUI@DuiLib@@6B@
??_7CTreeNodeExUI@DuiLib@@6BCControlUI@1@@
??_7CTreeNodeExUI@DuiLib@@6BIContainerUI@1@@
??_7CTreeNodeUI@DuiLib@@6B@
??_7CTreeNodeUI@DuiLib@@6BCControlUI@1@@
??_7CTreeNodeUI@DuiLib@@6BIContainerUI@1@@
??_7CTreeViewExUI@DuiLib@@6BCControlUI@1@@
??_7CTreeViewExUI@DuiLib@@6BCVListUI@1@@
??_7CTreeViewExUI@DuiLib@@6BIContainerUI@1@@
??_7CTreeViewExUI@DuiLib@@6BITreeInfo@1@@
??_7CTreeViewExUI@DuiLib@@6BIVListCallbackUI@1@@
??_7CTreeViewUI@DuiLib@@6BCControlUI@1@@
??_7CTreeViewUI@DuiLib@@6BCListUI@1@@
??_7CTreeViewUI@DuiLib@@6BIContainerUI@1@@
??_7CTreeViewUI@DuiLib@@6BINotifyUI@1@@
??_7CUIAnimation@DuiLib@@6B@
??_7CVListBodyUI@DuiLib@@6BCControlUI@1@@
??_7CVListBodyUI@DuiLib@@6BIContainerUI@1@@
??_7CVListUI@DuiLib@@6B@
??_7CVListUI@DuiLib@@6BCControlUI@1@@
??_7CVListUI@DuiLib@@6BIContainerUI@1@@
??_7CVerticalLayoutUI@DuiLib@@6BCControlUI@1@@
??_7CVerticalLayoutUI@DuiLib@@6BIContainerUI@1@@
??_7CWebBrowserUI@DuiLib@@6BCControlUI@1@@
??_7CWebBrowserUI@DuiLib@@6BIDispatch@@@
??_7CWebBrowserUI@DuiLib@@6BIDocHostUIHandler@@@
??_7CWebBrowserUI@DuiLib@@6BIMessageFilterUI@1@@
??_7CWebBrowserUI@DuiLib@@6BIOleCommandTarget@@@
??_7CWebBrowserUI@DuiLib@@6BIServiceProvider@@@
??_7CWebBrowserUI@DuiLib@@6BITranslateAccelerator@1@@
??_7CWindowWnd@DuiLib@@6B@
??_7ITreeInfo@DuiLib@@6B@
??_7IUIAnimation@DuiLib@@6B@
??_7IVListCallbackUI@DuiLib@@6B@
??_7WindowImplBase@DuiLib@@6BCNotifyPump@1@@
??_7WindowImplBase@DuiLib@@6BCWindowWnd@1@@
??_7WindowImplBase@DuiLib@@6BIDialogBuilderCallback@1@@
??_7WindowImplBase@DuiLib@@6BIMessageFilterUI@1@@
??_7WindowImplBase@DuiLib@@6BINotifyUI@1@@
??_FCDuiPtrArray@DuiLib@@QAEXXZ
??_FCDuiStringPtrMap@DuiLib@@QAEXXZ
??_FCMarkup@DuiLib@@QAEXXZ
??_FCMenuUI@DuiLib@@QAEXXZ
??_FCTreeNodeUI@DuiLib@@QAEXXZ
??_FCTreeViewExUI@DuiLib@@QAEXXZ
?AccSerStringFormat@CControlUI@DuiLib@@QAAXPB_WZZ
?Activate@CButtonUI@DuiLib@@UAE_NXZ
?Activate@CCheckBoxUI@DuiLib@@UAE_NXZ
?Activate@CComboExUI@DuiLib@@UAE_NXZ
?Activate@CComboUI@DuiLib@@UAE_NXZ
?Activate@CControlUI@DuiLib@@UAE_NXZ
?Activate@CListContainerElementUI@DuiLib@@UAE_NXZ
?Activate@CListElementUI@DuiLib@@UAE_NXZ
?Activate@COptionUI@DuiLib@@UAE_NXZ
?Add@CComboUI@DuiLib@@UAE_NPAVCControlUI@2@@Z
?Add@CContainerUI@DuiLib@@UAE_NPAVCControlUI@2@@Z
?Add@CDuiPtrArray@DuiLib@@QAE_NPAX@Z
?Add@CDuiValArray@DuiLib@@QAE_NPBX@Z
?Add@CListBodyUI@DuiLib@@UAE_NPAVCControlUI@2@@Z
?Add@CListUI@DuiLib@@UAE_NPAVCControlUI@2@@Z
?Add@CTabLayoutUI@DuiLib@@UAE_NPAVCControlUI@2@@Z
?Add@CTreeNodeUI@DuiLib@@UAE_NPAVCControlUI@2@@Z
?Add@CTreeViewUI@DuiLib@@UAE_NPAVCTreeNodeUI@2@@Z
?Add@CVListUI@DuiLib@@UAE_NPAVCControlUI@2@@Z
?AddAccSerCtrl@CPaintManagerUI@DuiLib@@QAEXPAVCControlUI@2@@Z
?AddAt@CComboUI@DuiLib@@UAE_NPAVCControlUI@2@H@Z
?AddAt@CContainerUI@DuiLib@@UAE_NPAVCControlUI@2@H@Z
?AddAt@CListBodyUI@DuiLib@@UAE_NPAVCControlUI@2@H@Z
?AddAt@CListUI@DuiLib@@UAE_NPAVCControlUI@2@H@Z
?AddAt@CTabLayoutUI@DuiLib@@UAE_NPAVCControlUI@2@H@Z
?AddAt@CTreeNodeUI@DuiLib@@UAE_NPAVCControlUI@2@H@Z
?AddAt@CTreeViewUI@DuiLib@@UAEJPAVCTreeNodeUI@2@H@Z
?AddAt@CTreeViewUI@DuiLib@@UAE_NPAVCTreeNodeUI@2@0@Z
?AddAt@CVListUI@DuiLib@@UAE_NPAVCControlUI@2@H@Z
?AddChildNode@CTreeNodeUI@DuiLib@@QAE_NPAV12@@Z

Sections

.text
Size: 666KB - Virtual size: 665KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 299KB - Virtual size: 298KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 35KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
火绒弹窗拦截5.0.73.1/PopBlkEng.dll
.dll windows:5 windows x86 arch:x86

8d4bcaf000fff5d5d05fe85a2c0f1870

Code Sign

39:72:44:3a:f9:22:b7:51:d7:d3:6c:10:dd:31:35:95
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

12/03/2019, 00:00

Not After

31/12/2028, 23:59

Subject

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

7b:49:49:3c:c1:d5:e7:3e:4f:a9:eb:a4:cd:ba:3f:d6
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

01/03/2021, 00:00

Not After

29/02/2024, 23:59

Subject

CN=Beijing Huorong Network Technology Co.\, Ltd.,O=Beijing Huorong Network Technology Co.\, Ltd.,POSTALCODE=100012,STREET=3rd Floor\, Ruipu Building D\, Courtyard 15\, Hongjunying South Road\, Chao Yang District,L=Beijing Shi,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/11/2018, 00:00

Not After

31/12/2030, 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11/05/2022, 00:00

Not After

10/08/2033, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

f3:a4:62:42:62:91:ff:2f:97:f6:53:97:74:1d:bd:2d:73:31:0e:0e:c7:09:2c:7d:7a:ad:16:7d:60:35:f9:68
Signer

Actual PE Digest

f3:a4:62:42:62:91:ff:2f:97:f6:53:97:74:1d:bd:2d:73:31:0e:0e:c7:09:2c:7d:7a:ad:16:7d:60:35:f9:68

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FindResourceExW
GetLastError
InitializeCriticalSectionAndSpinCount
GetCurrentProcessId
TerminateProcess
WaitForSingleObject
CreateThread
TerminateThread
DeleteFileW
GetNativeSystemInfo
RaiseException
DecodePointer
MulDiv
LoadLibraryW
ExpandEnvironmentStringsW
GetFileAttributesW
GetModuleHandleW
GetProcessTimes
GetLogicalDriveStringsW
QueryDosDeviceW
WriteFile
WriteConsoleW
FlushFileBuffers
SetStdHandle
FindResourceW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindNextFileA
FindFirstFileExA
FindClose
GetConsoleCP
SetFilePointerEx
GetConsoleMode
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetFileType
GetStdHandle
GetACP
GetModuleFileNameA
GetModuleHandleExW
ExitProcess
RtlUnwind
InterlockedFlushSList
LoadLibraryExW
FreeLibrary
LoadResource
LockResource
SizeofResource
GetProcessHeap
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
HeapDestroy
CreateFileW
GetVersion
GetProcAddress
GetModuleHandleA
GetTickCount
WideCharToMultiByte
DeleteCriticalSection
CloseHandle
Sleep
MultiByteToWideChar
OpenProcess
InitializeCriticalSection
LeaveCriticalSection
InterlockedDecrement
GetCurrentProcess
GetLongPathNameW
EnterCriticalSection
InterlockedExchange
InterlockedIncrement
FreeEnvironmentStringsW
GetLocaleInfoW
LCMapStringW
CompareStringW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
SetLastError
GetCPInfo
EncodePointer
GetStringTypeW
OutputDebugStringW
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent

user32

GetDesktopWindow
GetDC
PrintWindow
OffsetRect
GetClassNameW
GetParent
IsWindowVisible
GetWindowRect
GetWindowThreadProcessId
FindWindowW
IsWindow
PostMessageW
EnumWindows
GetMonitorInfoW
EnumDisplaySettingsW
SetRect
EnumDisplayMonitors
MonitorFromWindow
IntersectRect
MoveWindow
ShowWindow
GetSystemMetrics
IsRectEmpty
EqualRect
ReleaseDC
GetDCEx
GetWindow
GetWindowLongW
GetWindowTextW

gdi32

BitBlt
CreateDIBSection
CreateCompatibleBitmap
DeleteObject
SelectObject
CreateCompatibleDC
GetPixel
DeleteDC

advapi32

RegEnumKeyExW
RegOpenKeyExW
RegQueryValueExA
RegOpenKeyExA
RegQueryValueExW
RegCloseKey

shell32

SHGetSpecialFolderPathW

libxsse

ord30
ord10
ord2

shlwapi

PathFileExistsW

jansson

json_array_get
json_object_iter_key
json_object_iter
json_array_size
json_integer_value
json_delete
json_object
json_array
json_loadb
json_load_callback
json_object_get
json_object_set_new
json_object_iter_next
json_string_value
json_object_iter_value
json_loads
json_array_clear
json_unpack
json_string
json_integer
json_dumps_free
json_dumps
json_deep_copy
json_pack
json_array_append_new
json_object_key_to_iter

sqlite

sqlite3_exec
sqlite3_busy_timeout
sqlite3_open
sqlite3_errmsg
sqlite3_close_v2
sqlite3_bind_blob
sqlite3_bind_null
sqlite3_bind_int64
sqlite3_bind_text
sqlite3_column_text
sqlite3_column_bytes
sqlite3_column_int64
sqlite3_bind_int
sqlite3_prepare_v2
sqlite3_finalize
sqlite3_column_int
sqlite3_step
sqlite3_mutex_leave
sqlite3_db_mutex
sqlite3_mutex_enter

psapi

GetProcessImageFileNameW

msi

ord70

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

Exports

Exports

CreateBlockTask
CreateCustomItem
CreatePopupWindow
CreateScanTask
LoadBlockDB
LoadPopupWindow

Sections

.text
Size: 251KB - Virtual size: 250KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 1024B - Virtual size: 544B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
火绒弹窗拦截5.0.73.1/data/db/popblk.db
火绒弹窗拦截5.0.73.1/jansson.dll
.dll windows:5 windows x86 arch:x86

6352b05f36a3dbcf39d907d987aec925

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

02:6a:8e:89:54:e2:9b:67:72:df:79:f7:37:3c:0f:6d
Certificate

Issuer

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

27/04/2018, 00:00

Not After

31/12/2019, 12:00

Subject

CN=Beijing Huorong Network Technology Co.\, Ltd.,O=Beijing Huorong Network Technology Co.\, Ltd.,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0f:a8:49:06:15:d7:00:a0:be:21:76:fd:c5:ec:6d:bd
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

11/02/2011, 12:00

Not After

10/02/2026, 12:00

Subject

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:d7:8b:d5:05:31:a4:a2:99:21:f8:f7:04:e2:86:c4
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

26/04/2018, 00:00

Not After

29/04/2021, 12:00

Subject

CN=Beijing Huorong Network Technology Co.\, Ltd.,O=Beijing Huorong Network Technology Co.\, Ltd.,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

92:4b:b8:be:61:0a:8b:3c:d0:b0:8e:cd:e3:df:b8:82:8f:58:fa:81:d8:b1:3f:2d:73:0a:93:af:f7:f0:64:ba
Signer

Actual PE Digest

92:4b:b8:be:61:0a:8b:3c:d0:b0:8e:cd:e3:df:b8:82:8f:58:fa:81:d8:b1:3f:2d:73:0a:93:af:f7:f0:64:ba

Digest Algorithm

sha256

PE Digest Matches

true

29:04:b0:42:5f:0b:b7:79:f4:c8:04:d5:a2:06:1d:a1:cf:c6:d8:63
Signer

Actual PE Digest

29:04:b0:42:5f:0b:b7:79:f4:c8:04:d5:a2:06:1d:a1:cf:c6:d8:63

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

InterlockedDecrement
InterlockedIncrement
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
InterlockedPushEntrySList
InterlockedFlushSList
RtlUnwind
GetLastError
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
ExitProcess
GetModuleHandleExW
GetModuleFileNameA
GetModuleFileNameW
MultiByteToWideChar
WideCharToMultiByte
HeapFree
HeapAlloc
CloseHandle
WriteFile
GetConsoleCP
GetConsoleMode
GetCurrentThread
GetACP
GetStdHandle
GetFileType
GetStringTypeW
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
FindClose
FindFirstFileExA
FindFirstFileExW
FindNextFileA
FindNextFileW
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
SetEnvironmentVariableW
GetProcessHeap
SetConsoleCtrlHandler
CreateFileW
SetStdHandle
FlushFileBuffers
SetFilePointerEx
WriteConsoleW
ReadFile
ReadConsoleW
HeapSize
HeapReAlloc
SetEndOfFile
OutputDebugStringA
OutputDebugStringW
WaitForSingleObjectEx
CreateThread
EncodePointer
DecodePointer
RaiseException

Exports

Exports

json_array
json_array_append_new
json_array_clear
json_array_extend
json_array_get
json_array_insert_new
json_array_remove
json_array_set_new
json_array_size
json_copy
json_deep_copy
json_delete
json_dump_callback
json_dump_file
json_dumpf
json_dumps
json_dumps_free
json_equal
json_false
json_integer
json_integer_set
json_integer_value
json_load_callback
json_load_file
json_loadb
json_loadf
json_loads
json_null
json_number_value
json_object
json_object_clear
json_object_del
json_object_get
json_object_iter
json_object_iter_at
json_object_iter_key
json_object_iter_next
json_object_iter_set_new
json_object_iter_value
json_object_key_to_iter
json_object_set_new
json_object_set_new_nocheck
json_object_size
json_object_update
json_object_update_existing
json_object_update_missing
json_pack
json_pack_ex
json_real
json_real_set
json_real_value
json_set_alloc_funcs
json_string
json_string_nocheck
json_string_set
json_string_set_nocheck
json_string_value
json_true
json_unpack
json_unpack_ex
json_vpack_ex
json_vunpack_ex

Sections

.text
Size: 294KB - Virtual size: 293KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 356B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
火绒弹窗拦截5.0.73.1/libcodecs.dll
.dll windows:5 windows x86 arch:x86

01d04598572389d1fbf63a2e5725cca9

Code Sign

39:72:44:3a:f9:22:b7:51:d7:d3:6c:10:dd:31:35:95
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

12/03/2019, 00:00

Not After

31/12/2028, 23:59

Subject

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

7b:49:49:3c:c1:d5:e7:3e:4f:a9:eb:a4:cd:ba:3f:d6
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

01/03/2021, 00:00

Not After

29/02/2024, 23:59

Subject

CN=Beijing Huorong Network Technology Co.\, Ltd.,O=Beijing Huorong Network Technology Co.\, Ltd.,POSTALCODE=100012,STREET=3rd Floor\, Ruipu Building D\, Courtyard 15\, Hongjunying South Road\, Chao Yang District,L=Beijing Shi,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/11/2018, 00:00

Not After

31/12/2030, 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11/05/2022, 00:00

Not After

10/08/2033, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:e7:d0:f6:ab:2b:29:f0:e0:2c:11:28:30:ac:5b:cf:8b:d4:ea:74:f4:fb:fd:d4:b7:e5:aa:de:72:e2:1e:99
Signer

Actual PE Digest

0c:e7:d0:f6:ab:2b:29:f0:e0:2c:11:28:30:ac:5b:cf:8b:d4:ea:74:f4:fb:fd:d4:b7:e5:aa:de:72:e2:1e:99

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

VirtualFree
VirtualAlloc
GetVersionExW
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InterlockedIncrement
WaitForSingleObject
SetEvent
InitializeCriticalSection
ReleaseSemaphore
GetLastError
ResetEvent
CreateSemaphoreW
CreateEventW
CloseHandle
WideCharToMultiByte
MultiByteToWideChar
WaitForMultipleObjects
CreateDirectoryW
GetModuleHandleW
GetTickCount
SetFileTime
GetSystemDirectoryW
CreateFileW
GetTempPathW
GetCurrentDirectoryW
SetLastError
GetProcAddress
MoveFileW
SetCurrentDirectoryW
RemoveDirectoryW
GetCurrentThreadId
GetWindowsDirectoryW
DeleteFileW
GetCurrentProcessId
SetFileAttributesW
FindFirstFileW
FindFirstChangeNotificationW
GetLogicalDriveStringsW
FindCloseChangeNotification
GetFileAttributesW
FindClose
GetModuleHandleA
FindNextFileW
GetFileSize
SetFilePointer
SetEndOfFile
WriteFile
ReadFile
CompareFileTime
GlobalMemoryStatus
GetCurrentProcess
GetSystemInfo
GetProcessAffinityMask
FileTimeToDosDateTime
DosDateTimeToFileTime
GetSystemTimeAsFileTime
FreeLibrary
QueryPerformanceCounter
LoadLibraryW
LocalFileTimeToFileTime
FileTimeToLocalFileTime
DisableThreadLibraryCalls
RaiseException
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetTimeZoneInformation
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
IsValidLocale
HeapFree
HeapAlloc
ExitThread
CreateThread
HeapReAlloc
GetCommandLineA
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapCreate
HeapDestroy
FatalAppExitA
Sleep
ExitProcess
GetStdHandle
GetModuleFileNameA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedDecrement
GetCurrentThread
HeapSize
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
InitializeCriticalSectionAndSpinCount
RtlUnwind
SetConsoleCtrlHandler
InterlockedExchange
LoadLibraryA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetLocaleInfoW
GetLocaleInfoA
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
EnumSystemLocalesA

user32

CharPrevExA
CharUpperW

oleaut32

SysFreeString
SysAllocStringLen
VariantCopy
VariantClear
SysAllocString
SysStringLen

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 123KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 46KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
火绒弹窗拦截5.0.73.1/libxsse.dll
.dll windows:5 windows x86 arch:x86

a2b92b8ca4ef9e52aa167f879ea3b7f7

Code Sign

39:72:44:3a:f9:22:b7:51:d7:d3:6c:10:dd:31:35:95
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

12/03/2019, 00:00

Not After

31/12/2028, 23:59

Subject

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

7b:49:49:3c:c1:d5:e7:3e:4f:a9:eb:a4:cd:ba:3f:d6
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

01/03/2021, 00:00

Not After

29/02/2024, 23:59

Subject

CN=Beijing Huorong Network Technology Co.\, Ltd.,O=Beijing Huorong Network Technology Co.\, Ltd.,POSTALCODE=100012,STREET=3rd Floor\, Ruipu Building D\, Courtyard 15\, Hongjunying South Road\, Chao Yang District,L=Beijing Shi,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/11/2018, 00:00

Not After

31/12/2030, 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11/05/2022, 00:00

Not After

10/08/2033, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

d2:2c:a9:a7:56:0d:8b:1a:c6:26:4a:bf:bc:4f:07:2b:4b:d6:a0:e9:59:13:9f:e2:a4:9a:57:6c:92:d5:6f:78
Signer

Actual PE Digest

d2:2c:a9:a7:56:0d:8b:1a:c6:26:4a:bf:bc:4f:07:2b:4b:d6:a0:e9:59:13:9f:e2:a4:9a:57:6c:92:d5:6f:78

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

oleaut32

SysStringLen
VariantClear
VariantCopy
SysAllocString
SysAllocStringLen

kernel32

FindFirstFileW
FindNextFileW
FindClose
SystemTimeToFileTime
GetSystemTime
InterlockedExchange
GetCurrentThreadId
CreateThread
ReadFile
GetModuleFileNameA
GetFileSizeEx
GetLongPathNameW
GetCurrentProcess
WriteFile
InterlockedDecrement
ExpandEnvironmentStringsA
SetEndOfFile
CreateFileW
GetFileAttributesW
UnmapViewOfFile
DuplicateHandle
GetModuleHandleA
OpenProcess
GetVersion
Sleep
LoadLibraryA
GetSystemInfo
GetCurrentDirectoryW
VirtualAlloc
GetWindowsDirectoryW
GetProcAddress
SetFilePointerEx
LocalFree
IsBadReadPtr
CreateFileMappingW
MapViewOfFile
GetTickCount
InterlockedCompareExchange
FreeLibrary
GetVersionExW
WriteProcessMemory
ReadProcessMemory
DisableThreadLibraryCalls
HeapSize
GetTimeZoneInformation
WriteConsoleW
SetConsoleCtrlHandler
GetProcessHeap
SetEnvironmentVariableW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
IsValidCodePage
VirtualFree
VirtualProtect
CreateSemaphoreW
ResetEvent
CloseHandle
SetEvent
CreateEventW
WaitForSingleObject
InitializeCriticalSection
ReleaseSemaphore
InterlockedIncrement
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
DecodePointer
CompareFileTime
WideCharToMultiByte
GetLastError
MultiByteToWideChar
GetTempPathW
OutputDebugStringA
OutputDebugStringW
WaitForSingleObjectEx
FlushFileBuffers
SearchPathA
FindNextFileA
FindFirstFileExW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeSListHead
EncodePointer
RaiseException
InterlockedPushEntrySList
InterlockedFlushSList
SetLastError
RtlUnwind
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
ExitThread
ResumeThread
FreeLibraryAndExitThread
GetModuleHandleExW
QueryPerformanceFrequency
GetDriveTypeW
GetFileType
PeekNamedPipe
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GetFileAttributesExW
SetFileAttributesW
DeleteFileW
ExitProcess
GetModuleFileNameW
GetConsoleMode
ReadConsoleW
GetConsoleCP
HeapFree
HeapAlloc
GetCurrentThread
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetACP
GetStringTypeW
HeapReAlloc
SetCurrentDirectoryW
GetFullPathNameW
GetFullPathNameA
SetStdHandle
GetStdHandle
GetCPInfo
FindFirstFileExA

user32

IsWindowVisible
CloseWindowStation
EnumDesktopsA
GetWindowRect
OpenWindowStationA
OpenDesktopA
EnumDesktopWindows
GetParent
CharUpperW
EnumWindowStationsA
GetWindowThreadProcessId
CloseDesktop

advapi32

RegSetKeySecurity
BuildExplicitAccessWithNameA
SetSecurityDescriptorDacl
SetEntriesInAclA
GetSecurityDescriptorDacl
RegGetKeySecurity
RegCloseKey
RegDeleteKeyA
RegQueryValueExA
RegCreateKeyExA
RegSetValueExW
RegSetValueExA
OpenProcessToken
RegLoadKeyA
InitializeSecurityDescriptor
RegOpenKeyExA
ConvertSidToStringSidW
RegEnumValueA
RegDeleteValueA
RegOpenKeyW
RegSaveKeyA
RegQueryValueExW
RegEnumKeyExA
GetTokenInformation

sfc

SfcIsFileProtected

Exports

Exports

libxsse_exrec_alloc
libxsse_record_alloc
libxsse_register_codec
libxsse_register_exunit

Sections

.text
Size: 836KB - Virtual size: 836KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 144KB - Virtual size: 143KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 452B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 26KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
火绒弹窗拦截5.0.73.1/popblock.ui
.zip
cmpt/combo.xml
.xml
cmpt/msg_title.xml
.xml
cmpt/title.xml
.xml
cmpt/title1.xml
.xml
dlg_blockinfo.xml
.xml
dlg_config.xml
.xml
dlg_flash.xml
.xml
dlg_lace.xml
.xml
dlg_main.xml
.xml
dlg_messages.xml
.xml
dlg_record.xml
.xml
dlg_shot.xml
.xml
dlg_wndinfo.xml
.xml
img/100/ani_opt_big.png
.png
img/100/ani_opt_big_off.png
.png
img/100/ani_opt_big_on.png
.png
img/100/ani_opt_small.png
.png
img/100/ani_opt_small_off.png
.png
img/100/ani_opt_small_on.png
.png
img/100/arrow.png
.png
img/100/bk_border.png
.png
img/100/bk_border_opaque_small.png
.png
img/100/bk_edit_white.png
.png
img/100/bk_tooltips.png
.png
img/100/btn_locate.png
.png
img/100/btn_zoom_in.png
.png
img/100/btn_zoom_out.png
.png
img/100/checkbox.png
.png
img/100/close_gray.png
.png
img/100/close_white.png
.png
img/100/combo.png
.png
img/100/icon_custom.png
.png
img/100/icon_message.png
.png
img/100/icon_nofound.png
.png
img/100/icon_norecord.png
.png
img/100/icon_popblock.png
.png
img/100/icon_stop.png
.png
img/100/icon_success.png
.png
img/100/icon_tray_menu.png
.png
img/100/logo.png
.png
img/100/max_gray.png
.png
img/100/menu_gray.png
.png
img/100/menu_tray_exit.png
.png
img/100/menu_tray_show.png
.png
img/100/menu_tray_snap.png
.png
img/100/min_gray.png
.png
img/100/msgboxtip.png
.png
img/100/programbar.png
.png
img/100/radio.png
.png
img/100/restore_gray.png
.png
img/100/search.png
.png
img/100/search_close.png
.png
img/100/syscfg_config.png
.png
img/100/syscfg_exit.png
.png
img/100/syscfg_feedback.png
.png
img/100/syscfg_shortcut.png
.png
img/100/window_flash.png
.png
img/125/ani_opt_big.png
.png
img/125/ani_opt_big_off.png
.png
img/125/ani_opt_big_on.png
.png
img/125/ani_opt_small.png
.png
img/125/ani_opt_small_off.png
.png
img/125/ani_opt_small_on.png
.png
img/125/arrow.png
.png
img/125/bk_border.png
.png
img/125/bk_border_opaque_small.png
.png
img/125/bk_edit_white.png
.png
img/125/bk_tooltips.png
.png
img/125/btn_locate.png
.png
img/125/btn_zoom_in.png
.png
img/125/btn_zoom_out.png
.png
img/125/checkbox.png
.png
img/125/close_gray.png
.png
img/125/close_white.png
.png
img/125/combo.png
.png
img/125/icon_custom.png
.png
img/125/icon_message.png
.png
img/125/icon_nofound.png
.png
img/125/icon_norecord.png
.png
img/125/icon_popblock.png
.png
img/125/icon_stop.png
.png
img/125/icon_success.png
.png
img/125/icon_tray_menu.png
.png
img/125/logo.png
.png
img/125/max_gray.png
.png
img/125/menu_gray.png
.png
img/125/menu_tray_exit.png
.png
img/125/menu_tray_show.png
.png
img/125/menu_tray_snap.png
.png
img/125/min_gray.png
.png
img/125/msgboxtip.png
.png
img/125/programbar.png
.png
img/125/radio.png
.png
img/125/restore_gray.png
.png
img/125/search.png
.png
img/125/search_close.png
.png
img/125/syscfg_config.png
.png
img/125/syscfg_exit.png
.png
img/125/syscfg_feedback.png
.png
img/125/syscfg_shortcut.png
.png
img/125/window_flash.png
.png
img/150/ani_opt_big.png
.png
img/150/ani_opt_big_off.png
.png
img/150/ani_opt_big_on.png
.png
img/150/ani_opt_small.png
.png
img/150/ani_opt_small_off.png
.png
img/150/ani_opt_small_on.png
.png
img/150/arrow.png
.png
img/150/bk_border.png
.png
img/150/bk_border_opaque_small.png
.png
img/150/bk_edit_white.png
.png
img/150/bk_tooltips.png
.png
img/150/btn_locate.png
.png
img/150/btn_zoom_in.png
.png
img/150/btn_zoom_out.png
.png
img/150/checkbox.png
.png
img/150/close_gray.png
.png
img/150/close_white.png
.png
img/150/combo.png
.png
img/150/icon_custom.png
.png
img/150/icon_message.png
.png
img/150/icon_nofound.png
.png
img/150/icon_norecord.png
.png
img/150/icon_popblock.png
.png
img/150/icon_stop.png
.png
img/150/icon_success.png
.png
img/150/icon_tray_menu.png
.png
img/150/logo.png
.png
img/150/max_gray.png
.png
img/150/menu_gray.png
.png
img/150/menu_tray_exit.png
.png
img/150/menu_tray_show.png
.png
img/150/menu_tray_snap.png
.png
img/150/min_gray.png
.png
img/150/msgboxtip.png
.png
img/150/programbar.png
.png
img/150/radio.png
.png
img/150/restore_gray.png
.png
img/150/search.png
.png
img/150/search_close.png
.png
img/150/syscfg_config.png
.png
img/150/syscfg_exit.png
.png
img/150/syscfg_feedback.png
.png
img/150/syscfg_shortcut.png
.png
img/150/window_flash.png
.png
img/175/ani_opt_big.png
.png
img/175/ani_opt_big_off.png
.png
img/175/ani_opt_big_on.png
.png
img/175/ani_opt_small.png
.png
img/175/ani_opt_small_off.png
.png
img/175/ani_opt_small_on.png
.png
img/175/arrow.png
.png
img/175/bk_border.png
.png
img/175/bk_border_opaque_small.png
.png
img/175/bk_edit_white.png
.png
img/175/bk_tooltips.png
.png
img/175/btn_locate.png
.png
img/175/btn_zoom_in.png
.png
img/175/btn_zoom_out.png
.png
img/175/checkbox.png
.png
img/175/close_gray.png
.png
img/175/close_white.png
.png
img/175/combo.png
.png
img/175/icon_custom.png
.png
img/175/icon_message.png
.png
img/175/icon_nofound.png
.png
img/175/icon_norecord.png
.png
img/175/icon_popblock.png
.png
img/175/icon_stop.png
.png
img/175/icon_success.png
.png
img/175/icon_tray_menu.png
.png
img/175/logo.png
.png
img/175/max_gray.png
.png
img/175/menu_gray.png
.png
img/175/menu_tray_exit.png
.png
img/175/menu_tray_show.png
.png
img/175/menu_tray_snap.png
.png
img/175/min_gray.png
.png
img/175/msgboxtip.png
.png
img/175/programbar.png
.png
img/175/radio.png
.png
img/175/restore_gray.png
.png
img/175/search.png
.png
img/175/search_close.png
.png
img/175/syscfg_config.png
.png
img/175/syscfg_exit.png
.png
img/175/syscfg_feedback.png
.png
img/175/syscfg_shortcut.png
.png
img/175/window_flash.png
.png
img/bk_progress.png
.png
img/bk_window.png
.png
img/btn_cancel.png
.png
img/btn_orange_ok.png
.png
img/edit.png
.png
img/fg_window.png
.png
item_blocklist.xml
.xml
item_expand.xml
.xml
item_list_day.xml
.xml
item_list_msg.xml
.xml
item_list_window.xml
.xml
menu_syscfg.xml
.xml
menu_tray.xml
.xml
msg_lackdb.xml
.xml
msg_quit.xml
.xml
res/defaults.xml
.xml
res/fonts.xml
.xml
res/images.xml
.xml
res/styles.xml
.xml
strings/en.xml
.xml
strings/zh-cn.xml
.xml
strings/zh-tw.xml
.xml
tooltips.xml
.xml
火绒弹窗拦截5.0.73.1/selfprot.dll
.dll windows:5 windows x86 arch:x86

8d364dda4fee79a14338baa56355d230

Code Sign

39:72:44:3a:f9:22:b7:51:d7:d3:6c:10:dd:31:35:95
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

12/03/2019, 00:00

Not After

31/12/2028, 23:59

Subject

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

7b:49:49:3c:c1:d5:e7:3e:4f:a9:eb:a4:cd:ba:3f:d6
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

01/03/2021, 00:00

Not After

29/02/2024, 23:59

Subject

CN=Beijing Huorong Network Technology Co.\, Ltd.,O=Beijing Huorong Network Technology Co.\, Ltd.,POSTALCODE=100012,STREET=3rd Floor\, Ruipu Building D\, Courtyard 15\, Hongjunying South Road\, Chao Yang District,L=Beijing Shi,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/11/2018, 00:00

Not After

31/12/2030, 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11/05/2022, 00:00

Not After

10/08/2033, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

2c:6c:0d:46:94:e5:ad:c0:ca:3a:f4:71:58:99:89:11:4d:44:42:9d:43:9e:73:88:9b:37:3a:ba:10:df:c5:a8
Signer

Actual PE Digest

2c:6c:0d:46:94:e5:ad:c0:ca:3a:f4:71:58:99:89:11:4d:44:42:9d:43:9e:73:88:9b:37:3a:ba:10:df:c5:a8

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
FreeLibrary
IsBadReadPtr
VirtualProtect
InterlockedExchange
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
InterlockedFlushSList
RtlUnwind
GetLastError
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
ExitProcess
GetModuleHandleExW
GetModuleFileNameA
MultiByteToWideChar
WideCharToMultiByte
HeapFree
HeapAlloc
LCMapStringW
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
GetStdHandle
GetFileType
GetStringTypeW
HeapSize
HeapReAlloc
SetStdHandle
WriteFile
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetFilePointerEx
CloseHandle
WriteConsoleW
DecodePointer
CreateFileW
RaiseException

Exports

Exports

disable_msg_inject

Sections

.text
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
火绒弹窗拦截5.0.73.1/sqlite.dll
.dll windows:5 windows x86 arch:x86

91b6c44601d8ecd5f3650b1d31866961

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

02:6a:8e:89:54:e2:9b:67:72:df:79:f7:37:3c:0f:6d
Certificate

Issuer

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

27/04/2018, 00:00

Not After

31/12/2019, 12:00

Subject

CN=Beijing Huorong Network Technology Co.\, Ltd.,O=Beijing Huorong Network Technology Co.\, Ltd.,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0f:a8:49:06:15:d7:00:a0:be:21:76:fd:c5:ec:6d:bd
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

11/02/2011, 12:00

Not After

10/02/2026, 12:00

Subject

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:d7:8b:d5:05:31:a4:a2:99:21:f8:f7:04:e2:86:c4
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

26/04/2018, 00:00

Not After

29/04/2021, 12:00

Subject

CN=Beijing Huorong Network Technology Co.\, Ltd.,O=Beijing Huorong Network Technology Co.\, Ltd.,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

d5:1c:77:7b:5a:fc:a8:87:82:25:da:67:2c:d8:3e:15:6d:5f:c6:b7:fb:c1:6d:35:96:89:fb:b5:e6:6f:0b:c4
Signer

Actual PE Digest

d5:1c:77:7b:5a:fc:a8:87:82:25:da:67:2c:d8:3e:15:6d:5f:c6:b7:fb:c1:6d:35:96:89:fb:b5:e6:6f:0b:c4

Digest Algorithm

sha256

PE Digest Matches

true

ca:5a:36:e7:c5:38:d1:ed:4f:d9:50:5a:2e:f6:28:8e:d6:cc:a5:c5
Signer

Actual PE Digest

ca:5a:36:e7:c5:38:d1:ed:4f:d9:50:5a:2e:f6:28:8e:d6:cc:a5:c5

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetConsoleScreenBufferInfo
SetConsoleTextAttribute
GetCurrentProcess
GetStdHandle
LoadLibraryA
GetProcAddress
FreeLibrary
AreFileApisANSI
ReadFile
TryEnterCriticalSection
HeapCreate
HeapFree
EnterCriticalSection
GetFullPathNameW
WriteFile
InterlockedCompareExchange
GetDiskFreeSpaceW
OutputDebugStringA
LockFile
LeaveCriticalSection
InitializeCriticalSection
SetFilePointer
GetFullPathNameA
SetEndOfFile
UnlockFileEx
GetTempPathW
CreateMutexW
WaitForSingleObject
CreateFileW
GetFileAttributesW
GetCurrentThreadId
GetVersionExW
UnmapViewOfFile
HeapValidate
HeapSize
MultiByteToWideChar
Sleep
GetTempPathA
FormatMessageW
GetDiskFreeSpaceA
GetLastError
GetFileAttributesA
GetFileAttributesExW
OutputDebugStringW
FlushViewOfFile
CreateFileA
WaitForSingleObjectEx
GetVersionExA
DeleteFileA
DeleteFileW
HeapReAlloc
CloseHandle
GetSystemInfo
LoadLibraryW
HeapAlloc
HeapCompact
HeapDestroy
UnlockFile
CreateFileMappingA
LocalFree
LockFileEx
GetFileSize
DeleteCriticalSection
GetCurrentProcessId
GetProcessHeap
SystemTimeToFileTime
WideCharToMultiByte
GetSystemTimeAsFileTime
GetSystemTime
FormatMessageA
CreateFileMappingW
MapViewOfFile
QueryPerformanceCounter
GetTickCount
FlushFileBuffers
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
InterlockedPushEntrySList
InterlockedFlushSList
RtlUnwind
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
ExitProcess
GetModuleHandleExW
DuplicateHandle
CreateProcessA
CreateProcessW
CreateThread
ExitThread
ResumeThread
FreeLibraryAndExitThread
GetModuleFileNameA
GetModuleFileNameW
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
SetFilePointerEx
GetConsoleMode
ReadConsoleW
GetFileType
GetCurrentThread
GetACP
GetConsoleCP
GetExitCodeProcess
CreatePipe
SetStdHandle
GetStringTypeW
GetTimeZoneInformation
FindClose
FindFirstFileExA
FindFirstFileExW
FindNextFileA
FindNextFileW
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
SetEnvironmentVariableW
SetConsoleCtrlHandler
WriteConsoleW
EncodePointer
DecodePointer
RaiseException

Exports

Exports

sqlite3_aggregate_context
sqlite3_aggregate_count
sqlite3_auto_extension
sqlite3_backup_finish
sqlite3_backup_init
sqlite3_backup_pagecount
sqlite3_backup_remaining
sqlite3_backup_step
sqlite3_bind_blob
sqlite3_bind_blob64
sqlite3_bind_double
sqlite3_bind_int
sqlite3_bind_int64
sqlite3_bind_null
sqlite3_bind_parameter_count
sqlite3_bind_parameter_index
sqlite3_bind_parameter_name
sqlite3_bind_text
sqlite3_bind_text16
sqlite3_bind_text64
sqlite3_bind_value
sqlite3_bind_zeroblob
sqlite3_bind_zeroblob64
sqlite3_blob_bytes
sqlite3_blob_close
sqlite3_blob_open
sqlite3_blob_read
sqlite3_blob_reopen
sqlite3_blob_write
sqlite3_busy_handler
sqlite3_busy_timeout
sqlite3_cancel_auto_extension
sqlite3_changes
sqlite3_clear_bindings
sqlite3_close
sqlite3_close_v2
sqlite3_collation_needed
sqlite3_collation_needed16
sqlite3_column_blob
sqlite3_column_bytes
sqlite3_column_bytes16
sqlite3_column_count
sqlite3_column_database_name
sqlite3_column_database_name16
sqlite3_column_decltype
sqlite3_column_decltype16
sqlite3_column_double
sqlite3_column_int
sqlite3_column_int64
sqlite3_column_name
sqlite3_column_name16
sqlite3_column_origin_name
sqlite3_column_origin_name16
sqlite3_column_table_name
sqlite3_column_table_name16
sqlite3_column_text
sqlite3_column_text16
sqlite3_column_type
sqlite3_column_value
sqlite3_commit_hook
sqlite3_compileoption_get
sqlite3_compileoption_used
sqlite3_complete
sqlite3_complete16
sqlite3_config
sqlite3_context_db_handle
sqlite3_create_collation
sqlite3_create_collation16
sqlite3_create_collation_v2
sqlite3_create_function
sqlite3_create_function16
sqlite3_create_function_v2
sqlite3_create_module
sqlite3_create_module_v2
sqlite3_data_count
sqlite3_db_cacheflush
sqlite3_db_config
sqlite3_db_filename
sqlite3_db_handle
sqlite3_db_mutex
sqlite3_db_readonly
sqlite3_db_release_memory
sqlite3_db_status
sqlite3_declare_vtab
sqlite3_enable_load_extension
sqlite3_enable_shared_cache
sqlite3_errcode
sqlite3_errmsg
sqlite3_errmsg16
sqlite3_errstr
sqlite3_exec
sqlite3_expired
sqlite3_extended_errcode
sqlite3_extended_result_codes
sqlite3_file_control
sqlite3_finalize
sqlite3_free
sqlite3_free_table
sqlite3_get_autocommit
sqlite3_get_auxdata
sqlite3_get_table
sqlite3_global_recover
sqlite3_initialize
sqlite3_interrupt
sqlite3_last_insert_rowid
sqlite3_libversion
sqlite3_libversion_number
sqlite3_limit
sqlite3_load_extension
sqlite3_log
sqlite3_malloc
sqlite3_malloc64
sqlite3_memory_alarm
sqlite3_memory_highwater
sqlite3_memory_used
sqlite3_mprintf
sqlite3_msize
sqlite3_mutex_alloc
sqlite3_mutex_enter
sqlite3_mutex_free
sqlite3_mutex_leave
sqlite3_mutex_try
sqlite3_next_stmt
sqlite3_open
sqlite3_open16
sqlite3_open_v2
sqlite3_os_end
sqlite3_os_init
sqlite3_overload_function
sqlite3_prepare
sqlite3_prepare16
sqlite3_prepare16_v2
sqlite3_prepare_v2
sqlite3_profile
sqlite3_progress_handler
sqlite3_randomness
sqlite3_realloc
sqlite3_realloc64
sqlite3_release_memory
sqlite3_reset
sqlite3_reset_auto_extension
sqlite3_result_blob
sqlite3_result_blob64
sqlite3_result_double
sqlite3_result_error
sqlite3_result_error16
sqlite3_result_error_code
sqlite3_result_error_nomem
sqlite3_result_error_toobig
sqlite3_result_int
sqlite3_result_int64
sqlite3_result_null
sqlite3_result_subtype
sqlite3_result_text
sqlite3_result_text16
sqlite3_result_text16be
sqlite3_result_text16le
sqlite3_result_text64
sqlite3_result_value
sqlite3_result_zeroblob
sqlite3_result_zeroblob64
sqlite3_rollback_hook
sqlite3_set_authorizer
sqlite3_set_auxdata
sqlite3_shutdown
sqlite3_sleep
sqlite3_snprintf
sqlite3_soft_heap_limit
sqlite3_soft_heap_limit64
sqlite3_sourceid
sqlite3_sql
sqlite3_status
sqlite3_status64
sqlite3_step
sqlite3_stmt_busy
sqlite3_stmt_readonly
sqlite3_stmt_status
sqlite3_strglob
sqlite3_stricmp
sqlite3_strlike
sqlite3_strnicmp
sqlite3_system_errno
sqlite3_table_column_metadata
sqlite3_test_control
sqlite3_thread_cleanup
sqlite3_threadsafe
sqlite3_total_changes
sqlite3_trace
sqlite3_transfer_bindings
sqlite3_update_hook
sqlite3_uri_boolean
sqlite3_uri_int64
sqlite3_uri_parameter
sqlite3_user_data
sqlite3_value_blob
sqlite3_value_bytes
sqlite3_value_bytes16
sqlite3_value_double
sqlite3_value_dup
sqlite3_value_free
sqlite3_value_int
sqlite3_value_int64
sqlite3_value_numeric_type
sqlite3_value_subtype
sqlite3_value_text
sqlite3_value_text16
sqlite3_value_text16be
sqlite3_value_text16le
sqlite3_value_type
sqlite3_vfs_find
sqlite3_vfs_register
sqlite3_vfs_unregister
sqlite3_vmprintf
sqlite3_vsnprintf
sqlite3_vtab_config
sqlite3_vtab_on_conflict
sqlite3_wal_autocheckpoint
sqlite3_wal_checkpoint
sqlite3_wal_checkpoint_v2
sqlite3_wal_hook
sqlite3_win32_is_nt
sqlite3_win32_mbcs_to_utf8
sqlite3_win32_set_directory
sqlite3_win32_sleep
sqlite3_win32_utf8_to_mbcs
sqlite3_win32_write_debug

Sections

.text
Size: 787KB - Virtual size: 787KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 91KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 368B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 22KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
火绒弹窗拦截5.0.73.1/卸载.bat
火绒弹窗拦截5.0.73.1/弹窗拦截.exe
.exe windows:5 windows x86 arch:x86

970f757d8f16b16b119f8d2b624600b7

Code Sign

39:72:44:3a:f9:22:b7:51:d7:d3:6c:10:dd:31:35:95
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

12/03/2019, 00:00

Not After

31/12/2028, 23:59

Subject

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

7b:49:49:3c:c1:d5:e7:3e:4f:a9:eb:a4:cd:ba:3f:d6
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

01/03/2021, 00:00

Not After

29/02/2024, 23:59

Subject

CN=Beijing Huorong Network Technology Co.\, Ltd.,O=Beijing Huorong Network Technology Co.\, Ltd.,POSTALCODE=100012,STREET=3rd Floor\, Ruipu Building D\, Courtyard 15\, Hongjunying South Road\, Chao Yang District,L=Beijing Shi,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/11/2018, 00:00

Not After

31/12/2030, 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11/05/2022, 00:00

Not After

10/08/2033, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

02:61:91:73:ec:a9:45:54:e5:65:05:be:be:9d:d9:78:9e:8e:ad:00:f2:92:e9:44:cb:77:6d:de:aa:2a:13:dc
Signer

Actual PE Digest

02:61:91:73:ec:a9:45:54:e5:65:05:be:be:9d:d9:78:9e:8e:ad:00:f2:92:e9:44:cb:77:6d:de:aa:2a:13:dc

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ResetEvent
WaitForSingleObjectEx
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
OutputDebugStringW
EncodePointer
InterlockedPopEntrySList
InterlockedPushEntrySList
FlushInstructionCache
VirtualAlloc
VirtualFree
LoadLibraryExA
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
RtlUnwind
ExitProcess
GetModuleHandleExW
GetStdHandle
WriteFile
GetACP
InterlockedDecrement
GetFileType
GetConsoleMode
SetFilePointerEx
GetConsoleCP
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
FindFirstFileExW
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetStdHandle
FlushFileBuffers
WriteConsoleW
GetStringTypeW
GetCurrentProcessId
RemoveDirectoryW
CreateEventW
CreateThread
WaitForMultipleObjects
DecodePointer
MoveFileExW
LoadLibraryExW
lstrcmpiW
FreeLibrary
SetEvent
WaitForSingleObject
TerminateThread
CreateMutexW
SetCurrentDirectoryW
CreateProcessW
LoadLibraryW
GlobalDeleteAtom
GlobalAddAtomW
GetVersionExW
GetModuleFileNameW
GetComputerNameW
SetLastError
GetModuleHandleW
GetUserDefaultUILanguage
RaiseException
GetCurrentThreadId
InitializeCriticalSectionAndSpinCount
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
GetProcessHeap
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
HeapDestroy
TzSpecificLocalTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetLocalTime
FileTimeToSystemTime
SystemTimeToFileTime
GetSystemTime
FindClose
FindNextFileW
DeleteFileW
GetLastError
CreateDirectoryW
GetFileAttributesW
CreateFileW
GetVersion
GetProcAddress
GetModuleHandleA
GetTickCount
WideCharToMultiByte
DeleteCriticalSection
LocalFree
GetWindowsDirectoryW
CloseHandle
Sleep
MultiByteToWideChar
InitializeCriticalSection
LeaveCriticalSection
GetCurrentProcess
EnterCriticalSection
InterlockedExchange
InterlockedIncrement

user32

KillTimer
ClientToScreen
MoveWindow
FlashWindow
IntersectRect
SendMessageW
SetTimer
GetKeyboardLayout
ToUnicodeEx
InvalidateRect
GetParent
GetAsyncKeyState
GetCursorPos
SetCursor
CharNextW
UnregisterHotKey
RegisterHotKey
IsWindowVisible
GetClassNameW
WindowFromPoint
DestroyIcon
GetSystemMetrics
PtInRect
EnumWindows
FindWindowW
GetDesktopWindow
IsRectEmpty
ReleaseDC
GetWindowDC
GetCapture
MonitorFromPoint
SetForegroundWindow
IsWindowEnabled
DestroyWindow
RegisterWindowMessageW
GetWindowRect
GetWindowThreadProcessId
SetWindowLongW
GetWindowLongW
DefWindowProcW
CallWindowProcW
UnregisterClassW
SetWindowPos
MapWindowPoints
GetClientRect
GetMonitorInfoW
MonitorFromWindow
GetWindow
CopyRect
PostMessageW
EnumChildWindows
EnumThreadWindows
ShowWindow
EnableWindow
IsWindow
PeekMessageW
GetMessageW
SetFocus
TranslateMessage
DispatchMessageW
PostQuitMessage
IsChild
ScreenToClient
RegisterClassExW
GetClassInfoExW
SetWindowRgn
LoadCursorW
CreateWindowExW
IsZoomed
OffsetRect
IsIconic
LoadImageW

gdi32

GetObjectW
CreateDIBSection
SetViewportOrgEx
StretchBlt
BitBlt
CreateCompatibleBitmap
SelectObject
CreateCompatibleDC
DeleteDC
DeleteObject
CreateRoundRectRgn
GetObjectType

advapi32

RegQueryValueExA
RegEnumKeyExW
RegQueryInfoKeyW
RegDeleteKeyW
AdjustTokenPrivileges
LookupPrivilegeValueW
GetUserNameW
RegDeleteValueW
RegCreateKeyExW
RegOpenKeyExW
RegSetValueExW
RegOpenKeyExA
RegQueryValueExW
RegCloseKey
OpenProcessToken

shell32

SHGetSpecialFolderPathW
Shell_NotifyIconW
SHChangeNotify
ShellExecuteW

ole32

CoTaskMemFree
CoUninitialize
CoInitializeEx
CoTaskMemAlloc
CoTaskMemRealloc
CoCreateInstance

oleaut32

VarUI4FromStr
VariantInit
VariantClear
SysAllocString
SysFreeString

libxsse

ord30
ord2
ord10

shlwapi

PathFileExistsW
PathFileExistsA

comctl32

InitCommonControlsEx

gdiplus

GdipCreateFromHDC
GdipDeleteGraphics
GdipSetSmoothingMode
GdipFillEllipseI
GdipCreateSolidFill
GdipDeleteBrush
GdipFree
GdipAlloc
GdipDeleteMatrix
GdipCreateMatrix
GdipDeletePath
GdipCreatePath
GdipTranslateMatrix
GdipSetMatrixElements
GdipFillPath
GdipSetWorldTransform
GdipSetSolidFillColor
GdipClosePathFigure
ord1
GdipAddPathLine
GdipResetPath
GdipCreateBitmapFromHBITMAP
GdipCloneImage
GdipDisposeImage
GdipGetImageEncodersSize
GdipGetImageEncoders
GdipSaveImageToFile

duilib

?GetSkinFileName@CMenuUI@DuiLib@@UAEPB_WXZ
?OnCreate@CMenuUI@DuiLib@@MAEJIIJ@Z
?OnDestroy@CMenuUI@DuiLib@@MAEJIIJ@Z
?OnKeyDown@CMenuUI@DuiLib@@MAEJIIJ@Z
?OnKillFocus@CMenuUI@DuiLib@@MAEJIIJ@Z
?Notify@CMenuUI@DuiLib@@MAEXAAUtagTNotifyUI@2@@Z
?CreateControl@CMenuUI@DuiLib@@MAEPAVCControlUI@2@PB_W@Z
?SetSkinFile@CMenuUI@DuiLib@@QAEXPB_W@Z
?AddNotifier@CMenuUI@DuiLib@@QAE_NPAVIMenuNotify@2@@Z
?CreateMenu@CMenuUI@DuiLib@@QAEPAUHWND__@@PAU3@HHW4eShowMenuPosition@12@@Z
?ShowWindow@CWindowWnd@DuiLib@@QAEX_N0@Z
?GetString@CControlUI@DuiLib@@QBEPB_WXZ
?GetCurSel@CTabLayoutUI@DuiLib@@QBEHXZ
?SelectItem@CTabLayoutUI@DuiLib@@QAE_NH_N@Z
?SetToolTipString@CControlUI@DuiLib@@QAEXPB_W_N@Z
?SetFilePath@CFileIconUI@DuiLib@@QAEXPB_W@Z
?GetContainerItemXML@CListUI@DuiLib@@QAEPB_WXZ
?CompareNoCase@CDuiString@DuiLib@@QBEHPB_W@Z
?StringFormat@CControlUI@DuiLib@@QAAXPB_WZZ
?GetMainMonitorDPI@CDPI@DuiLib@@SAHXZ
??0COptionUI@DuiLib@@QAE@XZ
??1COptionUI@DuiLib@@UAE@XZ
?GetInterface@COptionUI@DuiLib@@UAEPAXPB_W@Z
?GetControlFlags@CButtonUI@DuiLib@@UBEIXZ
?Activate@COptionUI@DuiLib@@UAE_NXZ
?SetManager@COptionUI@DuiLib@@UAEXPAVCPaintManagerUI@2@PAVCControlUI@2@_N@Z
?GetText@CLabelUI@DuiLib@@UBE?AVCDuiString@2@XZ
?SetText@CLabelUI@DuiLib@@UAEXPB_W@Z
?SetEnabled@COptionUI@DuiLib@@UAEX_N@Z
?DoEvent@CButtonUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?SetAttribute@COptionUI@DuiLib@@UAEXPB_W0@Z
?EstimateSize@COptionUI@DuiLib@@UAE?AUtagSIZE@@U3@@Z
?DoPaint@CControlUI@DuiLib@@UAEXPAUHDC__@@ABUtagRECT@@@Z
??0CDuiDrawInfo@DuiLib@@QAE@XZ
??1CDuiDrawInfo@DuiLib@@QAE@XZ
?Scale@CDPI@DuiLib@@QAEHH@Z
?FetchImageString@CRenderEngine@DuiLib@@SA_NPAVCPaintManagerUI@2@PB_WPAVCDuiDrawInfo@2@@Z
?DrawImage@CRenderEngine@DuiLib@@SA_NPAUHDC__@@PAVCPaintManagerUI@2@ABUtagRECT@@2PAVCDuiDrawInfo@2@@Z
?PaintText@COptionUI@DuiLib@@UAEXPAUHDC__@@@Z
?PaintBorder@COptionUI@DuiLib@@UAEXPAUHDC__@@@Z
?GetAccSerState@COptionUI@DuiLib@@UBEJXZ
?Selected@COptionUI@DuiLib@@UAEX_N0@Z
?IsAnimationRunning@CUIAnimation@DuiLib@@UAEHH@Z
?SetCurrentFrame@CUIAnimation@DuiLib@@UAEHHH@Z
?OnAnimationStart@CUIAnimation@DuiLib@@UAEXHH@Z
?FindSubControlByName@CPaintManagerUI@DuiLib@@QBEPAVCControlUI@2@PAV32@PB_W@Z
?DrawImage@CRenderEngine@DuiLib@@SAXPAUHDC__@@PAUHBITMAP__@@ABUtagRECT@@222_NE333@Z
?OnAnimationElapse@CUIAnimation@DuiLib@@UAEXH@Z
?StopAnimation@CUIAnimation@DuiLib@@UAEXH@Z
?StartAnimation@CUIAnimation@DuiLib@@UAEHHHHHH@Z
?GenerateBitmap@CRenderEngine@DuiLib@@SAPAUHBITMAP__@@PAVCPaintManagerUI@2@PAVCControlUI@2@UtagRECT@@@Z
?ScaleBack@CDPI@DuiLib@@QAEHH@Z
?GetCurrentFrame@CUIAnimation@DuiLib@@UAEHH@Z
??1CUIAnimation@DuiLib@@UAE@XZ
??0CUIAnimation@DuiLib@@QAE@PAVCControlUI@1@@Z
?SetFocus@CPaintManagerUI@DuiLib@@QAEXPAVCControlUI@2@@Z
?SetTextColor@CLabelUI@DuiLib@@QAEXK@Z
?IsSelected@COptionUI@DuiLib@@QBE_NXZ
?GetData@CDuiString@DuiLib@@QBEPB_WXZ
??4CDuiString@DuiLib@@QAEABV01@ABV01@@Z
?TranslateString@CPaintManagerUI@DuiLib@@SA_NPB_WAAVCDuiString@2@@Z
??0CDuiString@DuiLib@@QAE@XZ
?FormatTanslateString@CPaintManagerUI@DuiLib@@SA?AVCDuiString@2@PB_W@Z
?HandleCursorMessage@CControlUI@DuiLib@@UBE_NABUtagPOINT@@@Z
?GetControlData@CControlUI@DuiLib@@UAE_NPAPAX@Z
?FindAccSerChildByPt@CControlUI@DuiLib@@UAEPAV12@ABUtagPOINT@@@Z
?GetAccSerState@CControlUI@DuiLib@@UBEJXZ
?GetAccSerName@CControlUI@DuiLib@@UBE?AVCDuiString@2@_N@Z
?SetAccSerInfo@CControlUI@DuiLib@@UAEXPAUtagTAccessibleServerInfo@2@@Z
?FindFirstAccSerCtrl@CControlUI@DuiLib@@UAEPAV12@XZ
?DoPostPaint@CControlUI@DuiLib@@UAEXPAUHDC__@@ABUtagRECT@@@Z
?PaintBorder@CControlUI@DuiLib@@UAEXPAUHDC__@@@Z
?PaintText@CControlUI@DuiLib@@UAEXPAUHDC__@@@Z
?PaintStatusImage@CControlUI@DuiLib@@UAEXPAUHDC__@@@Z
?PaintBkImage@CControlUI@DuiLib@@UAEXPAUHDC__@@@Z
?PaintBkColor@CControlUI@DuiLib@@UAEXPAUHDC__@@@Z
?EstimateSize@CControlUI@DuiLib@@UAE?AUtagSIZE@@U3@@Z
?SetAttributeList@CControlUI@DuiLib@@UAEXPB_W@Z
?SetAttribute@CControlUI@DuiLib@@UAEXPB_W0@Z
?Event@CControlUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?DoInit@CControlUI@DuiLib@@UAEXXZ
?Init@CControlUI@DuiLib@@UAEXXZ
?FindControl@CControlUI@DuiLib@@UAEPAV12@P6GPAV12@PAV12@PAX@Z1I@Z
?SetFloat@CControlUI@DuiLib@@UAEX_N@Z
?OnFinalMessage@CMenuUI@DuiLib@@MAEXPAUHWND__@@@Z
?SetFocus@CControlUI@DuiLib@@UAEXXZ
?IsFocused@CControlUI@DuiLib@@UBE_NXZ
?SetKeyboardEnabled@CControlUI@DuiLib@@UAEX_N@Z
?SetMouseEnabled@CControlUI@DuiLib@@UAEX_N@Z
?SetEnabled@CControlUI@DuiLib@@UAEX_N@Z
?SetInternVisible@CControlUI@DuiLib@@UAEX_N@Z
?IsVisible@CControlUI@DuiLib@@UBE_NXZ
?SetTag@CControlUI@DuiLib@@UAEXI@Z
?GetTag@CControlUI@DuiLib@@UBEIXZ
?SetContextMenuUsed@CControlUI@DuiLib@@UAEX_N@Z
?IsContextMenuUsed@CControlUI@DuiLib@@UBE_NXZ
?SetShortcut@CControlUI@DuiLib@@UAEX_W@Z
?GetShortcut@CControlUI@DuiLib@@UBE_WXZ
?GetToolTipWidth@CControlUI@DuiLib@@UAEHXZ
?SetToolTipWidth@CControlUI@DuiLib@@UAEXH@Z
?SetToolTip@CControlUI@DuiLib@@UAEXPB_W@Z
?GetToolTip@CControlUI@DuiLib@@UBE?AVCDuiString@2@XZ
?ResetPos@CControlUI@DuiLib@@UAEXXZ
?SetFloatPercent@CControlUI@DuiLib@@UAEXUtagTPercentInfo@2@@Z
?GetFloatPercent@CControlUI@DuiLib@@UBE?AUtagTPercentInfo@2@XZ
?SetMaxHeight@CControlUI@DuiLib@@UAEXH@Z
?GetMaxHeight@CControlUI@DuiLib@@UBEHXZ
?SetMinHeight@CControlUI@DuiLib@@UAEXH@Z
?GetMinHeight@CControlUI@DuiLib@@UBEHXZ
?SetMaxWidth@CControlUI@DuiLib@@UAEXH@Z
?SetMinWidth@CControlUI@DuiLib@@UAEXH@Z
?GetMinWidth@CControlUI@DuiLib@@UBEHXZ
?SetFixedHeight@CControlUI@DuiLib@@UAEXH@Z
??1CVerticalLayoutUI@DuiLib@@UAE@XZ
?RemoveAll@CContainerUI@DuiLib@@UAEXXZ
?RemoveAt@CContainerUI@DuiLib@@UAE_NH@Z
?Remove@CContainerUI@DuiLib@@UAE_NPAVCControlUI@2@@Z
?AddAt@CContainerUI@DuiLib@@UAE_NPAVCControlUI@2@H@Z
?Add@CContainerUI@DuiLib@@UAE_NPAVCControlUI@2@@Z
?GetCount@CContainerUI@DuiLib@@UBEHXZ
?SetItemIndex@CContainerUI@DuiLib@@UAE_NPAVCControlUI@2@H@Z
?GetItemIndex@CContainerUI@DuiLib@@UBEHPAVCControlUI@2@@Z
?GetItemAt@CContainerUI@DuiLib@@UBEPAVCControlUI@2@H@Z
?ProcessScrollBar@CContainerUI@DuiLib@@MAEXUtagRECT@@HH@Z
?SetFloatPos@CContainerUI@DuiLib@@MAEXH@Z
?GetHorizontalScrollBar@CContainerUI@DuiLib@@UBEPAVCScrollBarUI@2@XZ
?GetVerticalScrollBar@CContainerUI@DuiLib@@UBEPAVCScrollBarUI@2@XZ
?EnableScrollBar@CContainerUI@DuiLib@@UAEX_N0@Z
?EndRight@CContainerUI@DuiLib@@UAEXXZ
?HomeLeft@CContainerUI@DuiLib@@UAEXXZ
?GetFixedHeight@CControlUI@DuiLib@@UBEHXZ
?SetFixedWidth@CControlUI@DuiLib@@UAEXH@Z
?GetFixedWidth@CControlUI@DuiLib@@UBEHXZ
?SetFixedXY@CControlUI@DuiLib@@UAEXUtagSIZE@@@Z
?GetFixedXY@CControlUI@DuiLib@@UBE?AUtagSIZE@@XZ
?SetPadding@CControlUI@DuiLib@@UAEXUtagRECT@@@Z
?GetPadding@CControlUI@DuiLib@@UBE?AUtagRECT@@XZ
?GetY@CControlUI@DuiLib@@UBEHXZ
?GetX@CControlUI@DuiLib@@UBEHXZ
?GetHeight@CControlUI@DuiLib@@UBEHXZ
?GetWidth@CControlUI@DuiLib@@UBEHXZ
?SetPos@CControlUI@DuiLib@@UAEXUtagRECT@@_N@Z
?GetRelativePos@CControlUI@DuiLib@@UBE?AUtagRECT@@XZ
?HandleMessage@CMenuUI@DuiLib@@MAEJIIJ@Z
?GetClassStyle@CWindowWnd@DuiLib@@MBEIXZ
?GetSuperClassName@CWindowWnd@DuiLib@@MBEPB_WXZ
?GetWindowClassName@CMenuUI@DuiLib@@MBEPB_WXZ
?ShowModal@CMenuUI@DuiLib@@UAEIXZ
?ShowSubMenuOrDestroy@CMenuItemUI@DuiLib@@QAEXXZ
?GetItemIndex@CMenuUI@DuiLib@@QBEHPAVCMenuItemUI@2@@Z
??8CDuiString@DuiLib@@QBE_NPB_W@Z
?GetName@CMenuUI@DuiLib@@QBE?AVCDuiString@2@XZ
??1CMenuUI@DuiLib@@UAE@XZ
??0CMenuUI@DuiLib@@QAE@PB_WPAVCMenuItemUI@1@@Z
?SetTimer@CPaintManagerUI@DuiLib@@QAE_NPAVCControlUI@2@II@Z
?KillTimer@CPaintManagerUI@DuiLib@@QAE_NPAVCControlUI@2@I@Z
?SetItemMinWidth@CMenuBodyUI@DuiLib@@QAEXH@Z
?GetPaintManager@CMenuUI@DuiLib@@QAEPAVCPaintManagerUI@2@XZ
?GetBody@CMenuUI@DuiLib@@QBEPAVCMenuBodyUI@2@XZ
?FormatTanslateString@CPaintManagerUI@DuiLib@@SA?AVCDuiString@2@PB_W0ZZ
?IsEmpty@CDuiString@DuiLib@@QBE_NXZ
??0CDuiRect@DuiLib@@QAE@XZ
?GetItemCount@CVListUI@DuiLib@@QBEHXZ
?GetFirstItemIndex@CVListUI@DuiLib@@QAEHXZ
??0CDuiRect@DuiLib@@QAE@ABUtagRECT@@@Z
?GetWidth@CDuiRect@DuiLib@@QBEHXZ
?GetHeight@CDuiRect@DuiLib@@QBEHXZ
?Offset@CDuiRect@DuiLib@@QAEXHH@Z
?SetItemCount@CVListUI@DuiLib@@QAEXH@Z
?SetBkImage@CControlUI@DuiLib@@QAEXPB_W@Z
?GetFixedColumns@CTileLayoutUI@DuiLib@@QBEHXZ
?GetItemSize@CTileLayoutUI@DuiLib@@QBE?AUtagSIZE@@XZ
?GetChildVPadding@CTileLayoutUI@DuiLib@@QBEHXZ
?SetInstance@CPaintManagerUI@DuiLib@@SAXPAUHINSTANCE__@@@Z
?SetResourcePath@CPaintManagerUI@DuiLib@@SAXPB_W@Z
?GetInstancePath@CPaintManagerUI@DuiLib@@SA?AVCDuiString@2@XZ
?SetResourceZip@CPaintManagerUI@DuiLib@@SAXPB_W_N@Z
?PageRight@CContainerUI@DuiLib@@UAEXXZ
?PageLeft@CContainerUI@DuiLib@@UAEXXZ
?LineRight@CContainerUI@DuiLib@@UAEXXZ
?LineLeft@CContainerUI@DuiLib@@UAEXXZ
?EndDown@CContainerUI@DuiLib@@UAEXXZ
?HomeUp@CContainerUI@DuiLib@@UAEXXZ
?PageDown@CContainerUI@DuiLib@@UAEXXZ
?PageUp@CContainerUI@DuiLib@@UAEXXZ
?LineDown@CContainerUI@DuiLib@@UAEXXZ
?LineUp@CContainerUI@DuiLib@@UAEXXZ
?SetScrollStepSize@CContainerUI@DuiLib@@UAEXH@Z
?GetScrollStepSize@CContainerUI@DuiLib@@UBEHXZ
?SetScrollPos@CContainerUI@DuiLib@@UAEXUtagSIZE@@@Z
?GetScrollRange@CContainerUI@DuiLib@@UBE?AUtagSIZE@@XZ
?GetScrollPos@CContainerUI@DuiLib@@UBE?AUtagSIZE@@XZ
?FindSelectable@CContainerUI@DuiLib@@UBEHH_N@Z
?SetMouseChildEnabled@CContainerUI@DuiLib@@UAEX_N@Z
?IsMouseChildEnabled@CContainerUI@DuiLib@@UBE_NXZ
?SetDelayedDestroy@CContainerUI@DuiLib@@UAEX_N@Z
?IsDelayedDestroy@CContainerUI@DuiLib@@UBE_NXZ
?SetAutoDestroy@CContainerUI@DuiLib@@UAEX_N@Z
?IsAutoDestroy@CContainerUI@DuiLib@@UBE_NXZ
?SetChildVAlign@CContainerUI@DuiLib@@UAEXI@Z
?GetChildVAlign@CContainerUI@DuiLib@@UBEIXZ
?SetChildAlign@CContainerUI@DuiLib@@UAEXI@Z
?IsFloat@CControlUI@DuiLib@@UBE_NXZ
?GetMaxWidth@CControlUI@DuiLib@@UBEHXZ
?GetChildAlign@CContainerUI@DuiLib@@UBEIXZ
?SetChildPadding@CContainerUI@DuiLib@@UAEXH@Z
?GetChildPadding@CContainerUI@DuiLib@@UBEHXZ
?SetInset@CContainerUI@DuiLib@@UAEXUtagRECT@@@Z
?GetInset@CContainerUI@DuiLib@@UBE?AUtagRECT@@XZ
?FindAccSerChildByPt@CContainerUI@DuiLib@@UAEPAVCControlUI@2@ABUtagPOINT@@@Z
?GetAccSerName@CContainerUI@DuiLib@@UBE?AVCDuiString@2@_N@Z
?FindFirstAccSerCtrl@CContainerUI@DuiLib@@UAEPAVCControlUI@2@XZ
?DoPostPaint@CVerticalLayoutUI@DuiLib@@UAEXPAUHDC__@@ABUtagRECT@@@Z
?DoPaint@CContainerUI@DuiLib@@UAEXPAUHDC__@@ABUtagRECT@@@Z
?SetAttribute@CVerticalLayoutUI@DuiLib@@UAEXPB_W0@Z
?DoEvent@CVerticalLayoutUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?FindControl@CContainerUI@DuiLib@@UAEPAVCControlUI@2@P6GPAV32@PAV32@PAX@Z1I@Z
?SetMouseEnabled@CContainerUI@DuiLib@@UAEX_N@Z
?SetInternVisible@CContainerUI@DuiLib@@UAEX_N@Z
?SetVisible@CContainerUI@DuiLib@@UAEX_N@Z
?SetPos@CVerticalLayoutUI@DuiLib@@UAEXUtagRECT@@_N@Z
?SetManager@CContainerUI@DuiLib@@UAEXPAVCPaintManagerUI@2@PAVCControlUI@2@_N@Z
?GetControlFlags@CVerticalLayoutUI@DuiLib@@UBEIXZ
?NeedParentUpdate@CControlUI@DuiLib@@QAEXXZ
?GetInterface@CVerticalLayoutUI@DuiLib@@UAEPAXPB_W@Z
??0CVerticalLayoutUI@DuiLib@@QAE@XZ
?GetInstance@CPaintManagerUI@DuiLib@@SAPAUHINSTANCE__@@XZ
??YCDuiString@DuiLib@@QAEABV01@PB_W@Z
?GetSelectedTable@CTranslateManager@DuiLib@@QAE?AVCDuiString@2@XZ
?GetItem@CTranslateManager@DuiLib@@QAE?AVCDuiString@2@PB_W0@Z
?InsertItem@CTranslateManager@DuiLib@@QAEHPB_W00@Z
?SetDPIAwareness@CDPI@DuiLib@@SAHW4PROCESS_DPI_AWARENESS@@@Z
?SetDefaultTable@CTranslateManager@DuiLib@@QAE_NPB_W@Z
??BCDuiString@DuiLib@@QBEPB_WXZ
??0CPaintManagerUI@DuiLib@@QAE@XZ
??1CPaintManagerUI@DuiLib@@QAE@XZ
?GetDPIAwareness@CDPI@DuiLib@@SA?AW4PROCESS_DPI_AWARENESS@@XZ
?GetDPIOfMonitorNearestToPoint@CDPI@DuiLib@@SAHUtagPOINT@@@Z
?GetMainMonitorDPI@CDPI@DuiLib@@SAHPAUHWND__@@@Z
??1CDuiString@DuiLib@@QAE@XZ
?SelectTable@CTranslateManager@DuiLib@@QAE_NPB_W@Z
?GetTranslateManager@CPaintManagerUI@DuiLib@@SAAAVCTranslateManager@2@XZ
?PreMessageHandler@CPaintManagerUI@DuiLib@@QAE_NIIJAAJ@Z
?TranslateAcceleratorW@CPaintManagerUI@DuiLib@@QAE_NPAUtagMSG@@@Z
?MessageHandler@CPaintManagerUI@DuiLib@@QAE_NIIJAAJ@Z
?GetAccCtrlFromPoint@CPaintManagerUI@DuiLib@@QBEPAVCControlUI@2@ABUtagPOINT@@@Z
?SetAccSerMouseCtrl@CPaintManagerUI@DuiLib@@QAEXPAVCControlUI@2@@Z
?IsEnableAccSerHitTest@CPaintManagerUI@DuiLib@@QBE_NXZ
?GetRoot@CPaintManagerUI@DuiLib@@QBEPAVCControlUI@2@XZ
?ReapObjects@CPaintManagerUI@DuiLib@@QAEXPAVCControlUI@2@@Z
?AddNotifier@CPaintManagerUI@DuiLib@@QAE_NPAVINotifyUI@2@@Z
?AttachDialog@CPaintManagerUI@DuiLib@@QAE_NPAVCControlUI@2@@Z
?Create@CDialogBuilder@DuiLib@@QAEPAVCControlUI@2@VSTRINGorID@2@PB_WPAVIDialogBuilderCallback@2@PAVCPaintManagerUI@2@PAV32@@Z
?Init@CPaintManagerUI@DuiLib@@QAEXPAUHWND__@@@Z
??1CDialogBuilder@DuiLib@@QAE@XZ
??0CDialogBuilder@DuiLib@@QAE@XZ
?GetInitSize@CPaintManagerUI@DuiLib@@QAE?AUtagSIZE@@XZ
?GetDPIObj@CPaintManagerUI@DuiLib@@QAEPAVCDPI@2@XZ
?GetDPIFix@CPaintManagerUI@DuiLib@@QAE?AUtagSIZE@@H@Z
?GetScale@CDPI@DuiLib@@QAEIXZ
?GetMaxInfo@CPaintManagerUI@DuiLib@@QAE?AUtagSIZE@@XZ
?GetMinInfo@CPaintManagerUI@DuiLib@@QAE?AUtagSIZE@@XZ
?GetSizeBox@CPaintManagerUI@DuiLib@@QAE?AUtagRECT@@XZ
?GetCaptionRect@CPaintManagerUI@DuiLib@@QAE?AUtagRECT@@XZ
?FindControl@CPaintManagerUI@DuiLib@@QBEPAVCControlUI@2@UtagPOINT@@@Z
?GetRoundCorner@CPaintManagerUI@DuiLib@@QAE?AUtagSIZE@@XZ
??0CControlUI@DuiLib@@QAE@XZ
??1CControlUI@DuiLib@@UAE@XZ
?FreeImage@CRenderEngine@DuiLib@@SAXPBUtagTImageInfo@2@@Z
?LoadImageW@CRenderEngine@DuiLib@@SAPAUtagTImageInfo@2@VSTRINGorID@2@PB_WK@Z
?IsMouseEnabled@CControlUI@DuiLib@@UBE_NXZ
?DoEvent@CControlUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?Invalidate@CControlUI@DuiLib@@QAEXXZ
?IsKeyboardEnabled@CControlUI@DuiLib@@UBE_NXZ
?IsEnabled@CControlUI@DuiLib@@UBE_NXZ
?Activate@CControlUI@DuiLib@@UAE_NXZ
?SendNotify@CPaintManagerUI@DuiLib@@QAEXPAVCControlUI@2@PB_WIJ_N@Z
?Scale@CDPI@DuiLib@@QAEXPAUtagSIZE@@@Z
?Scale@CDPI@DuiLib@@QAEXPAUtagRECT@@@Z
??0CRenderClip@DuiLib@@QAE@XZ
??1CRenderClip@DuiLib@@QAE@XZ
?GenerateRoundClip@CRenderClip@DuiLib@@SAXPAUHDC__@@UtagRECT@@1HHAAV12@@Z
?ScaleBack@CDPI@DuiLib@@QAEXPAUtagRECT@@@Z
?DrawColor@CRenderEngine@DuiLib@@SAXPAUHDC__@@ABUtagRECT@@K@Z
?GetAdjustColor@CControlUI@DuiLib@@QAEKK@Z
?FindControl@CPaintManagerUI@DuiLib@@QBEPAVCControlUI@2@PB_W@Z
?SetString@CControlUI@DuiLib@@QAEXPB_W_N@Z
?SetText@CControlUI@DuiLib@@UAEXPB_W@Z
?SetUserData@CControlUI@DuiLib@@UAEXPB_W@Z
?SetVisible@CControlUI@DuiLib@@UAEX_N@Z
?GetName@CControlUI@DuiLib@@UBE?AVCDuiString@2@XZ
?GetUserData@CControlUI@DuiLib@@UAEABVCDuiString@2@XZ
?SetName@CControlUI@DuiLib@@UAEXPB_W@Z
?GetInterface@CControlUI@DuiLib@@UAEPAXPB_W@Z
?GetControlFlags@CControlUI@DuiLib@@UBEIXZ
?GetManager@CControlUI@DuiLib@@UBEPAVCPaintManagerUI@2@XZ
?SetManager@CControlUI@DuiLib@@UAEXPAVCPaintManagerUI@2@PAV12@_N@Z
?GetParent@CControlUI@DuiLib@@UBEPAV12@XZ
?GetText@CControlUI@DuiLib@@UBE?AVCDuiString@2@XZ
?GetPos@CControlUI@DuiLib@@UBEABUtagRECT@@XZ
?LoadTable@CTranslateManager@DuiLib@@QAEHVSTRINGorID@2@PB_W1@Z

jansson

json_array_append_new
json_object_set_new
json_object_key_to_iter
json_integer
json_string
json_unpack
json_pack
json_dumps
json_dumps_free
json_object_del
json_loads
json_object_get
json_load_callback
json_loadb
json_array
json_object
json_delete
json_integer_value
json_array_size
json_object_iter
json_object_iter_key
json_array_get
json_object_iter_next
json_string_value
json_object_iter_value

sqlite

sqlite3_bind_int
sqlite3_bind_int64
sqlite3_bind_text
sqlite3_bind_blob
sqlite3_column_int
sqlite3_column_int64
sqlite3_column_text
sqlite3_prepare_v2
sqlite3_finalize
sqlite3_step
sqlite3_errmsg
sqlite3_open
sqlite3_busy_timeout
sqlite3_close_v2
sqlite3_exec
sqlite3_mutex_enter
sqlite3_db_mutex
sqlite3_mutex_leave
sqlite3_bind_null

popblkeng

CreateBlockTask
CreatePopupWindow
LoadPopupWindow
CreateCustomItem
LoadBlockDB
CreateScanTask

selfprot

disable_msg_inject

Sections

.text
Size: 282KB - Virtual size: 282KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 95KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 400B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 238KB - Virtual size: 237KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 22KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
火绒弹窗拦截5.0.73.1/绿化.bat

Sharing

General

Malware Config

Signatures

Files

07d59c5eb2ad9a9bc5361d1f443a3420

Code Sign

39:72:44:3a:f9:22:b7:51:d7:d3:6c:10:dd:31:35:95Certificate

Key Usages

7b:49:49:3c:c1:d5:e7:3e:4f:a9:eb:a4:cd:ba:3f:d6Certificate

Extended Key Usages

Key Usages

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6aCertificate

Extended Key Usages

Key Usages

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43Certificate

Extended Key Usages

Key Usages

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate

Extended Key Usages

Key Usages

31:8b:81:d2:97:a4:df:8a:c1:6b:91:42:62:6f:74:9c:1a:cf:8b:36:30:8a:7d:2c:df:d5:8b:a4:2c:95:f6:24Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 60KB - Virtual size: 59KB

.rdata Size: 25KB - Virtual size: 25KB

.data Size: 2KB - Virtual size: 5KB

.gfids Size: 512B - Virtual size: 160B

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 4KB - Virtual size: 7KB

82da7ee900cc7c39439b01ac373ff6b6

Code Sign

39:72:44:3a:f9:22:b7:51:d7:d3:6c:10:dd:31:35:95Certificate

Key Usages

7b:49:49:3c:c1:d5:e7:3e:4f:a9:eb:a4:cd:ba:3f:d6Certificate

Extended Key Usages

Key Usages

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6aCertificate

Extended Key Usages

Key Usages

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43Certificate

Extended Key Usages

Key Usages

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate

Extended Key Usages

Key Usages

1b:7d:0c:e8:7f:eb:19:bc:57:2d:9d:af:0a:9b:35:e1:14:2c:dc:38:64:a6:5f:72:94:5c:ab:28:29:af:1b:0aSigner

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

ole32

oleaut32

gdiplus

shlwapi

comctl32

oleacc

Exports

Exports

Sections

.text Size: 666KB - Virtual size: 665KB

.rdata Size: 299KB - Virtual size: 298KB

.data Size: 6KB - Virtual size: 13KB

.gfids Size: 512B - Virtual size: 480B

.rsrc Size: 1024B - Virtual size: 928B

.reloc Size: 35KB - Virtual size: 38KB

8d4bcaf000fff5d5d05fe85a2c0f1870

Code Sign

39:72:44:3a:f9:22:b7:51:d7:d3:6c:10:dd:31:35:95Certificate

Key Usages

39:72:44:3a:f9:22:b7:51:d7:d3:6c:10:dd:31:35:95
Certificate

7b:49:49:3c:c1:d5:e7:3e:4f:a9:eb:a4:cd:ba:3f:d6
Certificate

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

31:8b:81:d2:97:a4:df:8a:c1:6b:91:42:62:6f:74:9c:1a:cf:8b:36:30:8a:7d:2c:df:d5:8b:a4:2c:95:f6:24
Signer

.text
Size: 60KB - Virtual size: 59KB

.rdata
Size: 25KB - Virtual size: 25KB

.data
Size: 2KB - Virtual size: 5KB

.gfids
Size: 512B - Virtual size: 160B

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 4KB - Virtual size: 7KB

39:72:44:3a:f9:22:b7:51:d7:d3:6c:10:dd:31:35:95
Certificate

7b:49:49:3c:c1:d5:e7:3e:4f:a9:eb:a4:cd:ba:3f:d6
Certificate

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

1b:7d:0c:e8:7f:eb:19:bc:57:2d:9d:af:0a:9b:35:e1:14:2c:dc:38:64:a6:5f:72:94:5c:ab:28:29:af:1b:0a
Signer

.text
Size: 666KB - Virtual size: 665KB

.rdata
Size: 299KB - Virtual size: 298KB

.data
Size: 6KB - Virtual size: 13KB

.gfids
Size: 512B - Virtual size: 480B

.rsrc
Size: 1024B - Virtual size: 928B

.reloc
Size: 35KB - Virtual size: 38KB

39:72:44:3a:f9:22:b7:51:d7:d3:6c:10:dd:31:35:95
Certificate

7b:49:49:3c:c1:d5:e7:3e:4f:a9:eb:a4:cd:ba:3f:d6
Certificate

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

f3:a4:62:42:62:91:ff:2f:97:f6:53:97:74:1d:bd:2d:73:31:0e:0e:c7:09:2c:7d:7a:ad:16:7d:60:35:f9:68
Signer

.text
Size: 251KB - Virtual size: 250KB

.rdata
Size: 73KB - Virtual size: 72KB

.data
Size: 4KB - Virtual size: 8KB

.gfids
Size: 1024B - Virtual size: 544B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 13KB - Virtual size: 16KB

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

02:6a:8e:89:54:e2:9b:67:72:df:79:f7:37:3c:0f:6d
Certificate

0f:a8:49:06:15:d7:00:a0:be:21:76:fd:c5:ec:6d:bd
Certificate

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

0e:d7:8b:d5:05:31:a4:a2:99:21:f8:f7:04:e2:86:c4
Certificate

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

92:4b:b8:be:61:0a:8b:3c:d0:b0:8e:cd:e3:df:b8:82:8f:58:fa:81:d8:b1:3f:2d:73:0a:93:af:f7:f0:64:ba
Signer

29:04:b0:42:5f:0b:b7:79:f4:c8:04:d5:a2:06:1d:a1:cf:c6:d8:63
Signer