66aaf57cd969139133fe7a12d1c19897

Sharing

Copy URL

Twitter E-mail

General

Target

66aaf57cd969139133fe7a12d1c19897
Size

30.5MB
MD5

66aaf57cd969139133fe7a12d1c19897
SHA1

d1f86e47b6df5ede18f73a209eaa4a9588a1cb70
SHA256

e6f78a726b365f620275529ab2c52ca5da2e9508de42369410f152cb3143f4f6
SHA512

805fc4bb2044273563586410826d3a8f7ee54f1d74d63940ba569803dbac80618bbc598a217dca60684bf58dcd483383770b9c932652a308616a803df07ad2be
SSDEEP

786432:T0YEEM0o7ChJY54bKLSb0MRYvMDczMcu5NSr6:T0YQZ7b4bQS0M/DZcu50e

Score

3^/10

Malware Config

Signatures

Unsigned PE 17 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Controls/ChilkatAx-9.5.0-win32.dll
unpack001/Controls/ExG2antt.dll
unpack001/Controls/ExHTML.dll
unpack001/Controls/ExICalendar.dll
unpack001/Controls/ExOrgChart.dll
unpack001/Controls/ExPrint.dll
unpack001/Controls/ExSchedule.dll
unpack001/Controls/ExSurface.dll
unpack001/Controls/KsDHTMLEDLib.ocx
unpack001/IQURIProtocolInstall.exe
unpack001/InfoQube.exe
unpack001/InfoQubeClipper.exe
unpack001/InfoQubeIEExtensionInstall.exe
unpack001/PDFText.exe
unpack001/irun.dll
unpack001/multimarkdown.exe
unpack001/sbdll.dll

Files

66aaf57cd969139133fe7a12d1c19897
.zip
AppData/Default.Dock.dat
AppData/InfoQube.chm
.chm
AppData/Menu.Dat
AppData/MenuHTML.Dat
AppData/UserLicense.ini
AppData/options.ini
.xml
AppData/settings.ini
AppData/system.vb
.vbs
AppFiles/CheckOFF.ico
AppFiles/CheckOn.ico
AppFiles/CheckPartial.ico
AppFiles/Default.css
AppFiles/Delete.ico
AppFiles/DragDropItem.cur
AppFiles/DragDropItemCopy.cur
AppFiles/DragDropSubItem.cur
AppFiles/DragDropSubItemCopy.cur
AppFiles/Expand.js
.js .html polyglot
AppFiles/ExpandHP.js
.js .html polyglot
AppFiles/Folder.cur
AppFiles/Gray.css
AppFiles/HTMLClipperTemplate.htm
AppFiles/HomePage.htm
.html
AppFiles/InvoiceEx.htm
.html
AppFiles/NewHTML.htm
.html
AppFiles/NewInk.shtml
.html
AppFiles/NewMHT.mht
.eml
email-html-1.txt
AppFiles/NewSVG.svg
.xml
AppFiles/Night.css
AppFiles/ODCTemplate.odc
.html .js polyglot
AppFiles/SQLSynchIQDoc.xml
AppFiles/Sample.SNTemplate
AppFiles/SortTable.js
.js
AppFiles/SyntaxEdit.ini
AppFiles/VBScriptReservedNames.txt
.vbs
AppFiles/Violet.css
AppFiles/VisualStudio2012.dll
.dll windows:4 windows x86 arch:x86

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

31:a9:54:4a:3c:a4:e7:5c:fc:05:69:0f:97:ec:63:9f
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

31/10/2013, 00:00

Not After

26/11/2014, 23:59

Subject

CN=Codejock Technologies\, LLC,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Codejock Technologies\, LLC,L=Morrice,ST=Michigan,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

21:83:31:30:53:16:32:ca:e6:b4:40:b0:49:74:0d:21:e3:df:6d:1f
Signer

Actual PE Digest

21:83:31:30:53:16:32:ca:e6:b4:40:b0:49:74:0d:21:e3:df:6d:1f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
AppFiles/Welcome.SNDB
AppFiles/Welcome.ini
AppFiles/Windows7.dll
.dll windows:4 windows x86 arch:x86

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

31:a9:54:4a:3c:a4:e7:5c:fc:05:69:0f:97:ec:63:9f
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

31/10/2013, 00:00

Not After

26/11/2014, 23:59

Subject

CN=Codejock Technologies\, LLC,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Codejock Technologies\, LLC,L=Morrice,ST=Michigan,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

cb:8b:f8:d0:85:f7:02:7a:dd:e6:f8:f4:bb:f4:5c:bb:75:18:56:a9
Signer

Actual PE Digest

cb:8b:f8:d0:85:f7:02:7a:dd:e6:f8:f4:bb:f4:5c:bb:75:18:56:a9

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 496KB - Virtual size: 495KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
AppFiles/Yellow.css
AppFiles/_HTML_ASP.schclass
AppFiles/_VBScript.schclass
AppFiles/blank.sntemplate
AppFiles/close1.ico
AppFiles/close2.ico
AppFiles/close3.ico
AppFiles/languagecodes-uni.tab
AppFiles/md.css
AppFiles/menu.xcb
AppFiles/menuHTML.xcb
AppFiles/minus-print.ico
AppFiles/open1.ico
AppFiles/open2.ico
AppFiles/open3.ico
AppFiles/plus-print.ico
AppFiles/strings.da.tab
AppFiles/strings.de.tab
AppFiles/strings.en.tab
AppFiles/strings.fr.tab
AppFiles/strings.ro.tab
AppFiles/strings.zh-simp.tab
AppFiles/user.vb
Controls/COMDLG32.OCX
.dll regsvr32 windows:4 windows x86 arch:x86

988f29c1eb8054253091352741683c76

Code Sign

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

04/12/2003, 00:00

Not After

03/12/2008, 23:59

Subject

CN=VeriSign Time Stamping Services Signer,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

6a:0b:99:4f:c0:00:de:aa:11:d4:d8:40:9a:a8:be:e6
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/12/2000, 08:00

Not After

12/11/2005, 08:00

Subject

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

61:0e:7d:a7:00:00:00:00:00:48
Certificate

Issuer

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

25/10/2003, 05:59

Not After

25/01/2005, 06:09

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:04:be:c7:7e:04:0a:8e:9c:44:86:a8:95:a7:50:5e:ca:0f:22:ec
Signer

Actual PE Digest

30:04:be:c7:7e:04:0a:8e:9c:44:86:a8:95:a7:50:5e:ca:0f:22:ec

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

HeapReAlloc
GetLastError
LockResource
GetWindowsDirectoryA
InterlockedDecrement
InterlockedIncrement
IsDBCSLeadByte
CompareStringA
CompareStringW
lstrcmpA
GetLocaleInfoA
GetVersion
GetModuleFileNameA
GetFileAttributesA
IsBadWritePtr
DisableThreadLibraryCalls
GlobalAlloc
lstrcmpiA
LoadLibraryA
GetProcAddress
lstrcatA
lstrlenA
lstrcpyA
WriteProfileStringA
GlobalLock
GlobalUnlock
LoadResource
FindResourceA
lstrcpynA
LeaveCriticalSection
DeleteCriticalSection
FreeLibrary
HeapFree
WideCharToMultiByte
lstrlenW
HeapAlloc
GetProfileStringA
EnterCriticalSection
GetProcessHeap
GetCurrentThreadId
MultiByteToWideChar
InitializeCriticalSection
GlobalFree

user32

SetWindowRgn
IntersectRect
EqualRect
PtInRect
IsDialogMessageA
IsChild
GetKeyState
CreateDialogIndirectParamA
MessageBeep
PostMessageA
ClientToScreen
wsprintfA
SendMessageTimeoutA
CharNextA
GetActiveWindow
GetWindowThreadProcessId
LoadCursorA
MessageBoxA
GetWindowLongA
GetWindowRect
CreateWindowExA
SetWindowLongA
ShowWindow
DialogBoxParamA
EnableWindow
GetDesktopWindow
GetWindow
IsWindowEnabled
OffsetRect
GetParent
GetDlgItem
SendMessageA
SetFocus
SetParent
SetDlgItemInt
EndPaint
SetActiveWindow
IsWindowVisible
WinHelpA
GetDlgItemInt
EndDialog
GetDlgItemTextA
DestroyWindow
SetDlgItemTextA
GetWindowTextA
GetNextDlgTabItem
SendDlgItemMessageA
RegisterClassA
GetDC
ReleaseDC
LoadIconA
DrawIcon
DestroyIcon
GetSystemMetrics
RegisterWindowMessageA
LoadStringA
DefWindowProcA
UnregisterClassA
GetClientRect
BeginPaint
RegisterClipboardFormatA
SetWindowPos
MoveWindow

ole32

CreateOleAdviseHolder
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
ReleaseStgMedium

advapi32

RegEnumKeyExA
RegQueryValueA
RegOpenKeyA
RegQueryValueExA
RegDeleteValueA
RegDeleteKeyA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

oleaut32

LoadRegTypeLi
OleCreatePropertyFrame
SetErrorInfo
UnRegisterTypeLi
LoadTypeLi
LoadTypeLibEx
OleLoadPicture
VariantChangeType
RegisterTypeLi
VariantInit
GetErrorInfo
VariantClear
SysStringLen
SysAllocStringLen
OleTranslateColor
SysFreeString
SysAllocString
CreateErrorInfo

comdlg32

CommDlgExtendedError
PrintDlgA
ChooseFontA
ChooseColorA
GetOpenFileNameA
GetSaveFileNameA

gdi32

GetDIBits
CreateCompatibleDC
CreateBitmap
GetSystemPaletteEntries
StretchDIBits
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
SetMapMode
LPtoDP
SetViewportExtEx
GetViewportExtEx
CreateRectRgnIndirect
GetWindowExtEx
CreateDCA
GetObjectA
EnumFontFamiliesA
DeleteDC
DeleteObject
GetDeviceCaps
SelectObject

Exports

Exports

DLLGetDocumentation
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 72KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Controls/ChilkatAx-9.5.0-win32.dll
.dll regsvr32 windows:5 windows x86 arch:x86

f3fd03e8d29a5ed882c90e54aca992a7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

IsBadReadPtr
MapViewOfFile
CreateFileMappingA
SetEnvironmentVariableA
CompareStringW
CompareStringA
CreateFileA
FlushFileBuffers
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
InitializeCriticalSectionAndSpinCount
UnmapViewOfFile
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
SetStdHandle
GetConsoleMode
GetConsoleCP
LCMapStringW
LCMapStringA
GetCurrentProcessId
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetVersionExA
GetFileType
SetHandleCount
LocalFileTimeToFileTime
ReleaseSemaphore
WaitForSingleObject
CreateSemaphoreA
GetComputerNameA
CreateFileW
LoadLibraryA
GetFileSize
WriteFile
ReadFile
SetEndOfFile
SetFileTime
GetFileTime
FormatMessageA
GetComputerNameW
GetOEMCP
GetACP
GetSystemTimeAsFileTime
GetTickCount
Sleep
QueryPerformanceCounter
FindFirstFileW
FindNextFileW
FindClose
SetFilePointer
MoveFileW
RemoveDirectoryW
SetFileAttributesW
SetCurrentDirectoryW
CreateDirectoryW
GetFileAttributesW
DeleteFileW
CopyFileW
GetModuleFileNameW
GetTempPathW
GetTempPathA
GetCurrentDirectoryW
GetCurrentDirectoryA
GetFullPathNameW
CreateThread
CloseHandle
MultiByteToWideChar
GetLocalTime
GetSystemTime
CompareFileTime
SystemTimeToFileTime
FileTimeToSystemTime
GetThreadLocale
SetThreadLocale
HeapSize
GetStdHandle
ExitProcess
HeapDestroy
HeapCreate
HeapReAlloc
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
IsValidCodePage
GetCPInfo
GetTimeZoneInformation
GetCommandLineA
VirtualQuery
GetSystemInfo
VirtualProtect
RtlUnwind
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
GetModuleHandleW
LoadLibraryExA
FindResourceA
LoadResource
SizeofResource
FreeLibrary
SetLastError
GetModuleFileNameA
GetCurrentThreadId
GlobalAlloc
GlobalLock
GlobalUnlock
MulDiv
GetCurrentProcess
FlushInstructionCache
LeaveCriticalSection
EnterCriticalSection
InterlockedDecrement
InterlockedIncrement
IsDBCSLeadByte
lstrcmpiA
lstrlenA
GetModuleHandleA
GetProcAddress
GetLastError
DeleteCriticalSection
InitializeCriticalSection
RaiseException
lstrlenW
WideCharToMultiByte
GetStartupInfoA

user32

OffsetRect
SetWindowRgn
SetWindowPos
EqualRect
ReleaseDC
LoadCursorA
GetClassInfoExA
CharNextW
CreateWindowExA
RegisterClassExA
GetKeyState
InvalidateRect
IsWindow
GetFocus
IsChild
SetFocus
UnionRect
PtInRect
UnregisterClassA
CallWindowProcA
BeginPaint
GetClientRect
EndPaint
GetDC
CharNextA
ShowWindow
DestroyWindow
DefWindowProcA
SetWindowLongA
GetWindowLongA
IntersectRect

gdi32

SetMapMode
SetViewportOrgEx
DeleteDC
CreateDCA
GetClipRgn
CreateRectRgn
SelectClipRgn
Rectangle
SetTextAlign
TextOutA
CreateMetaFileA
SaveDC
SetWindowOrgEx
SetWindowExtEx
RestoreDC
CloseMetaFile
DeleteMetaFile
CreateRectRgnIndirect
GetDeviceCaps
LPtoDP

advapi32

CryptGenKey
RegDeleteValueA
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA
RegQueryInfoKeyA
RegEnumKeyExA
CryptReleaseContext
CryptGetProvParam
GetUserNameA
CryptAcquireContextA
CryptAcquireContextW
CryptSignHashA
CryptDestroyHash
CryptSetHashParam
CryptCreateHash
CryptEnumProvidersA
RegQueryValueExA
CryptDestroyKey
CryptGetUserKey
CryptExportKey
CryptImportKey
CryptDeriveKey
CryptHashData
CryptGenRandom
RegDeleteKeyA

ole32

CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree
CoInitialize
CoCreateInstance
CreateOleAdviseHolder
OleRegEnumVerbs
OleRegGetUserType
OleRegGetMiscStatus
CreateDataAdviseHolder
WriteClassStm
OleSaveToStream
ReadClassStm
StringFromGUID2

oleaut32

VariantClear
VarUI4FromStr
SysAllocStringByteLen
SysStringByteLen
VariantInit
VariantChangeType
SysStringLen
LoadRegTypeLi
LoadTypeLi
OleCreatePropertyFrame
VariantCopy
SysAllocString
UnRegisterTypeLi
RegisterTypeLi
SysAllocStringLen
SafeArrayGetElement
SafeArrayCreateVector
SysFreeString

ws2_32

select
WSAStartup
getsockopt
setsockopt
ioctlsocket
ntohs
inet_ntoa
getpeername
inet_addr
htons
WSAGetLastError
__WSAFDIsSet
closesocket
send
getsockname
bind
shutdown
sendto
socket
recv
gethostbyname
accept
connect
listen
gethostname

crypt32

CryptEncryptMessage
CryptVerifyDetachedMessageSignature
CryptVerifyMessageSignature
CryptEncodeObject
CryptSignMessage
CryptDecryptMessage
CryptMsgOpenToDecode
CryptMsgUpdate
CryptMsgClose
CryptMsgGetParam
CryptMsgControl
CertGetSubjectCertificateFromStore
CertDeleteCertificateFromStore
CertSaveStore
CertAddCertificateContextToStore
CertFindCertificateInStore
CertOpenStore
CertCloseStore
CertEnumCertificatesInStore
CertCreateCertificateContext
CertDuplicateCertificateContext
CertSetCertificateContextProperty
CertGetCertificateContextProperty
CryptDecodeObject
CertNameToStrW
CertVerifyRevocation
CertFreeCertificateContext

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 5.6MB - Virtual size: 5.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 410KB - Virtual size: 432KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 616KB - Virtual size: 615KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 494KB - Virtual size: 493KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Controls/Codejock.CommandBars.Unicode.v16.3.1.ocx
.dll regsvr32 windows:4 windows x86 arch:x86

ac0465c800682ab823ed86ca66a05835

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

31:a9:54:4a:3c:a4:e7:5c:fc:05:69:0f:97:ec:63:9f
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

31/10/2013, 00:00

Not After

26/11/2014, 23:59

Subject

CN=Codejock Technologies\, LLC,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Codejock Technologies\, LLC,L=Morrice,ST=Michigan,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

85:47:fb:13:f8:d7:6d:c3:59:18:c5:23:e5:e2:9a:cc:7c:da:cc:be
Signer

Actual PE Digest

85:47:fb:13:f8:d7:6d:c3:59:18:c5:23:e5:e2:9a:cc:7c:da:cc:be

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42u

ord2606
ord6868
ord3491
ord3490
ord3871
ord4124
ord2756
ord6278
ord3614
ord764
ord3023
ord5261
ord4847
ord4992
ord2506
ord6048
ord1767
ord5276
ord3356
ord4419
ord3592
ord641
ord2078
ord326
ord4704
ord1761
ord4370
ord6266
ord2858
ord1594
ord3232
ord1262
ord824
ord826
ord2036
ord2099
ord2836
ord2440
ord5830
ord4215
ord2576
ord3649
ord2430
ord1173
ord6375
ord6376
ord3737
ord613
ord289
ord6037
ord2444
ord1143
ord1258
ord1560
ord268
ord283
ord603
ord1981
ord1961
ord3503
ord273
ord2385
ord786
ord5985
ord519
ord3211
ord1252
ord1763
ord462
ord3110
ord3310
ord3465
ord452
ord6153
ord3723
ord543
ord803
ord6303
ord521
ord4162
ord834
ord836
ord2806
ord2755
ord4155
ord2805
ord5210
ord1565
ord849
ord850
ord906
ord845
ord537
ord1130
ord2225
ord404
ord957
ord1852
ord1203
ord1220
ord6360
ord3321
ord6361
ord4466
ord5494
ord3273
ord3676
ord446
ord743
ord6435
ord1211
ord2863
ord5571
ord3520
ord433
ord699
ord3933
ord397
ord5589
ord3433
ord6867
ord912
ord4183
ord4272
ord6489
ord4273
ord6279
ord4197
ord5706
ord1637
ord4158
ord1197
ord2914
ord4015
ord2719
ord2722
ord2721
ord1172
ord3882
ord2825
ord4217
ord5463
ord1574
ord2913
ord2797
ord960
ord6310
ord4174
ord5441
ord6008
ord5771
ord2595
ord3175
ord3178
ord3171
ord3647
ord1636
ord2144
ord6451
ord6597
ord2373
ord4265
ord1131
ord3000
ord2127
ord3727
ord2114
ord1932
ord556
ord809
ord5781
ord2400
ord2706
ord4078
ord6567
ord3343
ord4345
ord2617
ord297
ord619
ord5856
ord2456
ord4031
ord1649
ord3438
ord3781
ord434
ord3084
ord2787
ord5679
ord3025
ord3798
ord4279
ord4119
ord2634
ord4282
ord1137
ord4524
ord4538
ord4536
ord4517
ord5681
ord3269
ord439
ord736
ord2862
ord4199
ord1795
ord6150
ord2522
ord4051
ord5467
ord4116
ord2381
ord1702
ord5230
ord6365
ord5275
ord2436
ord620
ord298
ord5244
ord1709
ord4225
ord4448
ord4749
ord4753
ord2673
ord5147
ord6105
ord6331
ord2538
ord291
ord3517
ord3516
ord940
ord6399
ord6398
ord5155
ord5156
ord5154
ord4899
ord4736
ord4970
ord4942
ord4352
ord4371
ord4848
ord5283
ord4829
ord1764
ord6362
ord2405
ord2016
ord4214
ord2573
ord4395
ord3634
ord692
ord2294
ord2403
ord2015
ord4213
ord2570
ord4392
ord3577
ord616
ord2290
ord2362
ord6330
ord3087
ord3716
ord795
ord3092
ord5949
ord2293
ord6237
ord4638
ord4212
ord3572
ord4220
ord1712
ord4055
ord2932
ord4391
ord2567
ord4390
ord3569
ord609
ord5886
ord6195
ord5714
ord2621
ord1134
ord5506
ord3022
ord4037
ord1645
ord429
ord3952
ord4229
ord4280
ord4358
ord3578
ord2631
ord924
ord1834
ord1263
ord1851
ord859
ord656
ord5627
ord1821
ord2081
ord5945
ord4042
ord1214
ord1875
ord2879
ord3079
ord5142
ord3711
ord790
ord6107
ord2105
ord2235
ord1231
ord6397
ord2715
ord2382
ord3054
ord5094
ord5097
ord4461
ord4298
ord3345
ord975
ord5468
ord3398
ord2874
ord2873
ord4072
ord5233
ord2641
ord1658
ord4430
ord5248
ord3364
ord4421
ord366
ord5006
ord4146
ord3618
ord674
ord3864
ord2119
ord2383
ord5096
ord5099
ord4462
ord2875
ord2375
ord4431
ord5251
ord3368
ord402
ord4422
ord4148
ord3646
ord5280
ord5278
ord4312
ord3443
ord1657
ord3494
ord3170
ord2507
ord355
ord1921
ord2108
ord5801
ord2505
ord293
ord956
ord1191
ord805
ord3810
ord5123
ord5113
ord4889
ord4890
ord4826
ord4888
ord1896
ord4509
ord1714
ord4583
ord4582
ord4893
ord4364
ord4886
ord4529
ord5070
ord4335
ord4717
ord4881
ord4525
ord4539
ord4537
ord4520
ord4523
ord4518
ord4957
ord4954
ord4103
ord5236
ord3743
ord1718
ord4426
ord761
ord569
ord480
ord4251
ord4455
ord3098
ord5256
ord2777
ord1760
ord5921
ord6126
ord6124
ord6127
ord6212
ord3811
ord5140
ord5031
ord6595
ord6561
ord6793
ord6816
ord6339
ord774
ord502
ord1110
ord1149
ord6022
ord6023
ord5852
ord3605
ord3515
ord2089
ord1850
ord5491
ord6238
ord6316
ord2563
ord4109
ord1857
ord979
ord2558
ord5778
ord353
ord324
ord6125
ord3748
ord3749
ord2626
ord3432
ord698
ord911
ord396
ord5588
ord6865
ord1863
ord6699
ord768
ord1899
ord3808
ord812
ord559
ord5858
ord1158
ord1255
ord1824
ord5647
ord350
ord3898
ord4028
ord5638
ord1083
ord501
ord1000
ord4321
ord4319
ord4320
ord3747
ord2496
ord729
ord430
ord1699

msvcrt

_wtoi
_wcsicmp
_wcslwr
wcsstr
_ftol
_CIpow
free
swscanf
wcscmp
wcslen
malloc
_purecall
__CxxFrameHandler
wcstod
towupper
strchr
wcscpy
wcsncpy
calloc
wcschr
qsort
rand
_snprintf
longjmp
fprintf
_iob
abort
_setjmp3
fread
strtod
swprintf
_CxxThrowException
floor
ceil
wcsncmp
isprint
isxdigit
wcstombs
wcsrchr
_wcsdup
__dllonexit
_onexit
??1type_info@@UAE@XZ
_except_handler3
?terminate@@YAXXZ
_initterm
_adjust_fdiv
memmove

kernel32

LocalFree
lstrcpyW
GlobalFree
GlobalSize
GetProcessHeap
HeapAlloc
HeapFree
WriteFile
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
lstrcmpiW
GetUserDefaultLangID
lstrcpynW
SetFileAttributesW
GetModuleFileNameW
CreateDirectoryW
GetCurrentDirectoryW
lstrlenW
lstrcpynA
GetLastError
CompareStringW
GetTickCount
CreateThread
CreateEventW
SetThreadPriority
ResumeThread
WaitForSingleObject
SetEvent
GetVersionExW
LoadLibraryA
EnumResourceLanguagesW
EnumResourceTypesW
MultiByteToWideChar
WideCharToMultiByte
EnumResourceNamesW
FreeLibrary
lstrcmpA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GlobalAlloc
SetFilePointer
CreateFileW
ReadFile
CloseHandle
InterlockedIncrement
GlobalLock
GlobalUnlock
GetModuleHandleA
LoadLibraryW
GetCurrentThreadId
Sleep
FindResourceW
LoadResource
LockResource
SizeofResource
GetFileAttributesW
GetPrivateProfileStringW
GetTempPathW
GetTempFileNameW
GetPrivateProfileSectionNamesW
WritePrivateProfileStringW
DeleteFileW
InterlockedDecrement
GetCurrentProcessId
GetModuleHandleW
GetProcAddress
MulDiv
LocalAlloc

user32

GetScrollPos
DestroyCaret
DragDetect
SetCaretPos
CreateCaret
EnableScrollBar
EnableMenuItem
SetScrollPos
MapDialogRect
GetAsyncKeyState
InsertMenuW
DestroyAcceleratorTable
CreateAcceleratorTableW
VkKeyScanW
FindWindowExW
GetSubMenu
PeekMessageW
SetRect
SystemParametersInfoW
GetForegroundWindow
GetLastActivePopup
GetWindowLongW
GetDialogBaseUnits
IntersectRect
LoadCursorW
LockWindowUpdate
GetDCEx
ClientToScreen
GetClientRect
GetWindowRect
SetRectEmpty
CallNextHookEx
SetWindowsHookExW
GetTopWindow
GetDesktopWindow
GetDC
ReleaseDC
SetCapture
GetCapture
GetMessageW
IsWindow
TranslateMessage
DispatchMessageW
GetCursorPos
ScreenToClient
GetDoubleClickTime
SetTimer
ReleaseCapture
KillTimer
PtInRect
OffsetRect
GetSysColor
GetSystemMetrics
EnableWindow
UpdateWindow
GetSysColorBrush
SendMessageW
GetParent
GetScrollInfo
InvalidateRect
DrawFrameControl
DrawEdge
CopyRect
ToUnicodeEx
DefWindowProcW
RedrawWindow
InvertRect
IsRectEmpty
GetDlgCtrlID
HideCaret
ShowCaret
GetNextDlgTabItem
MapVirtualKeyW
IsMenu
SendMessageTimeoutW
LoadIconW
GetSystemMenu
GetMenuState
GetDlgItem
AdjustWindowRectEx
IsWindowEnabled
MessageBoxW
SetFocus
IsClipboardFormatAvailable
OpenClipboard
EmptyClipboard
CloseClipboard
SetForegroundWindow
GetActiveWindow
SetActiveWindow
MessageBeep
DrawFocusRect
GetClassLongW
IsZoomed
SetParent
SetCursor
IsChild
GetMenuItemCount
GetMenuItemInfoW
GetMenuItemID
MapWindowPoints
GetFocus
GetClassNameW
ShowWindow
GetWindow
IsDialogMessageW
EqualRect
SetWindowPos
GetCursor
IsWindowVisible
WindowFromPoint
PostThreadMessageW
GetClipboardData
GetTabbedTextExtentA
TrackPopupMenu
UnionRect
DeferWindowPos
MoveWindow
BringWindowToTop
GetKeyState
LoadMenuIndirectW
GetMenuStringW
LookupIconIdFromDirectoryEx
LoadMenuW
PostMessageW
SetClipboardData
LoadBitmapW
DrawStateW
CreateIconIndirect
DrawIconEx
DestroyIcon
CopyIcon
GetIconInfo
CreateIconFromResourceEx
GetKeyboardLayout
MapVirtualKeyExW
GetKeyNameTextW
LoadImageW
RegisterClipboardFormatW
SetWindowRgn
CharUpperW
GetKeyboardLayoutList
FillRect
GetKeyboardState
IsCharLowerW
IsIconic
CopyAcceleratorTableW
ShowScrollBar
SetCursorPos
GetMenu
SetMenu
GetClipboardFormatNameW
BeginDeferWindowPos
EndDeferWindowPos
GetMenuDefaultItem
CreatePopupMenu
wsprintfW
WaitMessage
OpenInputDesktop
GetUserObjectInformationW
InflateRect
CloseDesktop
GetWindowRgn
CallWindowProcW
RegisterWindowMessageW
IsWindowUnicode
SetWindowLongW
GetWindowLongA
SetWindowLongA
GrayStringW
DrawTextW
UnhookWindowsHookEx
TabbedTextOutW

gdi32

PtVisible
RectVisible
ExtTextOutW
Escape
CreateRectRgn
CombineRgn
CreateDIBSection
DeleteDC
StretchBlt
CreateBitmap
SetBkColor
SetStretchBltMode
GetDIBits
GetCurrentObject
GetTextColor
GetBitmapBits
ExtCreateRegion
Rectangle
CreatePatternBrush
GetViewportOrgEx
Polyline
PtInRegion
EnumFontFamiliesW
ExtFloodFill
Ellipse
GetMapMode
RoundRect
GetWindowOrgEx
GetRgnBox
CreatePolygonRgn
GetObjectA
GetTextMetricsW
OffsetViewportOrgEx
CreateFontIndirectW
GetWindowExtEx
StrokePath
FillPath
StrokeAndFillPath
EndPath
CloseFigure
MoveToEx
LineTo
PolyBezierTo
BeginPath
GetClipBox
GetCharWidthW
GetCurrentPositionEx
GetTextAlign
GetTextExtentPoint32A
IntersectClipRect
GetClipRgn
ExtSelectClipRgn
SetBkMode
SetBoundsRect
SetPixelV
FillRgn
FrameRgn
SetBrushOrgEx
AbortDoc
EndDoc
EndPage
StartPage
DPtoLP
StartDocW
SetAbortProc
GetObjectType
GetTextExtentPoint32W
Polygon
EnumFontFamiliesExW
SetPixel
GetStockObject
PatBlt
CreateSolidBrush
CreatePen
BitBlt
CreateRectRgnIndirect
CreateCompatibleDC
CreateCompatibleBitmap
GetObjectW
GetPixel
GetDeviceCaps
CreateFontW
SelectObject
SetTextColor
GetViewportExtEx
DeleteObject
TextOutW

advapi32

RegCloseKey
RegOpenKeyExW
RegCreateKeyExW
RegSetValueExW
RegDeleteValueW
RegQueryValueExW

shell32

SHGetMalloc
SHGetSpecialFolderLocation
SHGetPathFromIDListW
ShellExecuteW
SHAppBarMessage
SHGetFileInfoW
DragQueryFileW

comctl32

ImageList_GetImageCount
ImageList_Destroy
ImageList_GetIconSize
ImageList_GetIcon
_TrackMouseEvent
ImageList_DrawEx
ImageList_ReplaceIcon
ImageList_Add
ImageList_GetImageInfo
ImageList_AddMasked
ImageList_Draw

ole32

RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
CoCreateInstance
OleRun
ReleaseStgMedium

olepro32

ord252
ord254
ord253

oleaut32

SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
VarI4FromCy
VarI4FromR4
VarI4FromR8
VariantInit
VariantChangeType
SysAllocString
VariantChangeTypeEx
SafeArrayGetDim
OleLoadPicturePath
LoadRegTypeLi
SysFreeString
VariantClear
SafeArrayCreate

winmm

PlaySoundW

gdiplus

GdipCreateFontFromLogfontA
GdipFillRectangle
GdipCreateSolidFill
GdipSetCompositingQuality
GdipSetCompositingMode
GdipCreateFromHDC
GdipAlloc
GdipCloneBrush
GdipFree
GdipCreateFontFromDC
GdipSetStringFormatLineAlign
GdipDrawString
GdipDeleteStringFormat
GdipDeleteBrush
GdipDeleteFont
GdipDeleteGraphics
GdiplusShutdown
GdiplusStartup
GdipCreateStringFormat
GdipSetStringFormatTrimming

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 332KB - Virtual size: 329KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 356KB - Virtual size: 355KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 168KB - Virtual size: 166KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Controls/Codejock.Controls.Unicode.v16.3.1.ocx
.dll regsvr32 windows:4 windows x86 arch:x86

62b3550a9b7f7cb72c13e5928eb0f901

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

31:a9:54:4a:3c:a4:e7:5c:fc:05:69:0f:97:ec:63:9f
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

31/10/2013, 00:00

Not After

26/11/2014, 23:59

Subject

CN=Codejock Technologies\, LLC,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Codejock Technologies\, LLC,L=Morrice,ST=Michigan,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

9f:d0:c9:46:67:a6:f2:26:2c:0a:10:c1:a1:ed:95:f9:56:c8:e0:06
Signer

Actual PE Digest

9f:d0:c9:46:67:a6:f2:26:2c:0a:10:c1:a1:ed:95:f9:56:c8:e0:06

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42u

ord6372
ord3744
ord5059
ord1720
ord5257
ord2438
ord2116
ord5273
ord4621
ord4419
ord3592
ord641
ord326
ord4704
ord1761
ord4370
ord6266
ord2858
ord1594
ord3232
ord1262
ord824
ord826
ord2036
ord2099
ord2836
ord2440
ord5830
ord4215
ord2576
ord3649
ord2430
ord1173
ord6375
ord6376
ord6211
ord6051
ord1768
ord5286
ord3737
ord818
ord4294
ord4270
ord755
ord470
ord613
ord289
ord2371
ord6037
ord2444
ord1143
ord1258
ord1560
ord268
ord283
ord603
ord1981
ord1961
ord3503
ord273
ord2385
ord1252
ord1763
ord462
ord3110
ord3310
ord3465
ord452
ord6153
ord6303
ord521
ord4162
ord834
ord836
ord2806
ord2755
ord4155
ord2805
ord5210
ord1565
ord849
ord850
ord906
ord845
ord537
ord1130
ord2225
ord404
ord957
ord1852
ord1203
ord1220
ord2863
ord5571
ord3520
ord433
ord699
ord3933
ord397
ord5589
ord3433
ord6867
ord912
ord4183
ord4272
ord6489
ord4273
ord6279
ord4197
ord5706
ord1637
ord4158
ord1197
ord2914
ord4015
ord2719
ord2722
ord2721
ord1941
ord2144
ord6451
ord6597
ord3792
ord2373
ord4265
ord1131
ord3000
ord2127
ord3727
ord2114
ord1932
ord556
ord809
ord4282
ord6748
ord2621
ord940
ord1147
ord6654
ord6195
ord1137
ord3397
ord3605
ord656
ord765
ord6456
ord5047
ord4474
ord3087
ord2637
ord2100
ord4279
ord6373
ord2070
ord3716
ord795
ord2108
ord6655
ord3084
ord4118
ord6166
ord3693
ord3952
ord1787
ord2634
ord3625
ord2572
ord4394
ord682
ord1836
ord1841
ord4078
ord1840
ord5801
ord6082
ord4369
ord4846
ord3351
ord324
ord1900
ord1683
ord2520
ord5284
ord4433
ord2046
ord4425
ord771
ord2033
ord498
ord1008
ord3470
ord4254
ord5845
ord4709
ord5781
ord5784
ord472
ord4253
ord3714
ord5155
ord5156
ord5154
ord4899
ord4736
ord4942
ord4352
ord4371
ord4848
ord5283
ord4829
ord3694
ord793
ord768
ord489
ord2286
ord2354
ord2294
ord4970
ord6330
ord2638
ord1921
ord2567
ord4390
ord3569
ord801
ord609
ord541
ord2293
ord1808
ord4229
ord668
ord2762
ord356
ord6874
ord539
ord1850
ord2644
ord1662
ord4532
ord3798
ord1821
ord3867
ord2538
ord291
ord2706
ord1919
ord5852
ord4199
ord3525
ord2431
ord1686
ord4336
ord4681
ord4633
ord5670
ord2148
ord4850
ord4914
ord3128
ord5998
ord2129
ord1955
ord5207
ord2948
ord3863
ord5144
ord4699
ord4701
ord2871
ord2993
ord5645
ord4108
ord4655
ord4654
ord4762
ord4644
ord4897
ord4542
ord4515
ord4588
ord4982
ord4919
ord4924
ord4929
ord4653
ord4903
ord4902
ord4662
ord4661
ord4660
ord4642
ord4683
ord5017
ord4648
ord4637
ord4348
ord4774
ord4643
ord4631
ord4630
ord5054
ord4578
ord4365
ord4355
ord4350
ord4733
ord4735
ord4732
ord4403
ord4597
ord4409
ord4986
ord4973
ord2480
ord3399
ord4533
ord4528
ord4943
ord2533
ord2949
ord2376
ord6366
ord2978
ord3143
ord3255
ord4460
ord3264
ord2981
ord3075
ord4076
ord4618
ord5821
ord1202
ord723
ord4990
ord4737
ord5884
ord5975
ord6124
ord5569
ord3194
ord5027
ord5570
ord3052
ord4814
ord2558
ord559
ord812
ord1088
ord5858
ord5606
ord2862
ord353
ord924
ord5857
ord3898
ord1644
ord2104
ord6191
ord3515
ord6397
ord3865
ord2455
ord3706
ord783
ord1764
ord6362
ord2405
ord2016
ord4395
ord692
ord1839
ord6190
ord4119
ord6168
ord5778
ord1255
ord1824
ord5647
ord350
ord4028
ord5638
ord1083
ord501
ord1000
ord1113
ord1112
ord5506
ord1640
ord429
ord1869
ord4244
ord423
ord4803
ord1607
ord4805
ord1678
ord6036
ord1679
ord3469
ord2047
ord956
ord6865
ord5679
ord5949
ord3494
ord2507
ord355
ord4361
ord5340
ord3268
ord438
ord4037
ord2605
ord1699
ord2378
ord6566
ord3877
ord2787
ord4983
ord4920
ord4925
ord3267
ord2496
ord430
ord729
ord2715
ord2382
ord3054
ord5094
ord5097
ord4461
ord4298
ord3345
ord5006
ord975
ord5468
ord3398
ord2874
ord2873
ord4146
ord4072
ord5233
ord5278
ord2641
ord1658
ord4430
ord4421
ord366
ord1834
ord4237
ord4787
ord5248
ord5224
ord1714
ord4583
ord4582
ord4893
ord4364
ord4886
ord4529
ord5070
ord4335
ord4342
ord4881
ord4525
ord4539
ord4537
ord4520
ord4523
ord4518
ord4957
ord4954
ord4103
ord5236
ord3743
ord1718
ord5256
ord4426
ord761
ord480
ord1896
ord4251
ord4888
ord4717
ord5115
ord674
ord5479
ord2488
ord5955
ord3114
ord6038
ord3225
ord3207
ord2896
ord5980
ord3198
ord6162
ord3799
ord4782

msvcrt

_ftol
wcsstr
_wcslwr
_wcsicmp
_wtoi
memmove
free
swscanf
wcscmp
wcslen
malloc
_purecall
__CxxFrameHandler
wcstod
towupper
strchr
wcscpy
wcsncpy
calloc
realloc
_wsplitpath
wcstombs
_fstat
_wfopen
fclose
fseek
ftell
fgetws
wcschr
iswxdigit
iswalnum
iswspace
iswdigit
iswprint
iswalpha
isprint
swprintf
isxdigit
wcsncmp
qsort
_snprintf
longjmp
fprintf
_iob
abort
_setjmp3
fread
strtod
floor
ceil
_CxxThrowException
wcsrchr
_wcsdup
__dllonexit
_onexit
??1type_info@@UAE@XZ
_except_handler3
?terminate@@YAXXZ
_initterm
_adjust_fdiv
_CIpow

kernel32

GlobalFree
IsDBCSLeadByte
lstrcpyW
lstrcpynW
GetProcessHeap
HeapAlloc
HeapFree
GetLastError
LocalFree
GetPrivateProfileIntW
lstrlenW
GlobalSize
GetCurrentDirectoryW
GetModuleFileNameW
GetTickCount
GetVersionExW
LoadLibraryA
EnumResourceLanguagesW
EnumResourceTypesW
MultiByteToWideChar
WideCharToMultiByte
EnumResourceNamesW
FreeLibrary
lstrcmpA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
InterlockedDecrement
GlobalAlloc
SetFilePointer
CreateFileW
ReadFile
CloseHandle
InterlockedIncrement
GlobalLock
GlobalUnlock
GetModuleHandleA
LoadLibraryW
GetModuleHandleW
GetProcAddress
GetCurrentThreadId
Sleep
FindResourceW
LoadResource
LockResource
SizeofResource
GetFileAttributesW
GetPrivateProfileStringW
WritePrivateProfileStringW
MulDiv
LocalAlloc

user32

SetRect
SystemParametersInfoW
GetForegroundWindow
GetLastActivePopup
GetWindowLongW
GetDialogBaseUnits
IntersectRect
LoadCursorW
LockWindowUpdate
ClientToScreen
GetClientRect
GetWindowRect
SetRectEmpty
CallNextHookEx
GetParent
SetWindowsHookExW
UnhookWindowsHookEx
GetDesktopWindow
GetDC
ReleaseDC
SetCapture
SetScrollPos
GetMessageW
IsWindow
TranslateMessage
DispatchMessageW
GetCursorPos
ScreenToClient
GetDoubleClickTime
SetTimer
GetKeyState
ReleaseCapture
KillTimer
PtInRect
OffsetRect
GetSysColor
GetSystemMetrics
DrawFrameControl
DrawEdge
CopyRect
InflateRect
DefWindowProcW
FillRect
InvertRect
PeekMessageW
EnableMenuItem
EnableScrollBar
ShowScrollBar
CreateCaret
SetCaretPos
DragDetect
GetScrollInfo
DestroyCaret
TrackPopupMenu
HideCaret
EnumChildWindows
GetMenuItemCount
GetMenuItemID
IsClipboardFormatAvailable
GetClipboardData
GetWindowPlacement
ShowWindow
GetClassLongW
LoadIconW
SetFocus
OpenClipboard
EmptyClipboard
CloseClipboard
CheckMenuItem
GetNextDlgTabItem
GetWindow
MessageBeep
GetFocus
DrawFocusRect
AdjustWindowRectEx
RedrawWindow
GetSysColorBrush
LoadStringW
SetWindowTextW
SetCursor
IsWindowEnabled
GetActiveWindow
SetActiveWindow
UpdateWindow
EqualRect
SetWindowPos
InvalidateRect
GetCursor
IsWindowVisible
WindowFromPoint
GetSubMenu
TabbedTextOutW
DrawTextW
DrawAnimatedRects
IsRectEmpty
FindWindowW
LoadMenuIndirectW
LookupIconIdFromDirectoryEx
LoadMenuW
PostMessageW
SetClipboardData
LoadBitmapW
DrawStateW
CreateIconIndirect
DrawIconEx
DestroyIcon
CopyIcon
GetIconInfo
CreateIconFromResourceEx
GetDlgItem
GetSystemMenu
RemoveMenu
LoadImageW
RegisterClipboardFormatW
SetWindowRgn
GetWindowRgn
SetForegroundWindow
ValidateRect
ShowCaret
SetParent
DrawMenuBar
GetMenu
SetWindowPlacement
SetClassLongW
WinHelpW
VkKeyScanW
CreateAcceleratorTableW
DestroyAcceleratorTable
UnionRect
GetTabbedTextExtentA
IsChild
DeferWindowPos
BeginDeferWindowPos
EndDeferWindowPos
wsprintfW
GetClassNameW
MoveWindow
GetScrollPos
GetDlgCtrlID
CallWindowProcW
RegisterWindowMessageW
IsWindowUnicode
SetWindowLongW
GetWindowLongA
SetWindowLongA
SendMessageW
EnableWindow
GetCapture
GrayStringW

gdi32

CreateRectRgn
CombineRgn
CreateDIBSection
DeleteDC
StretchBlt
CreateBitmap
SetBkColor
SetStretchBltMode
GetDIBits
GetCurrentObject
GetTextColor
GetBitmapBits
ExtCreateRegion
GetTextAlign
GetTextMetricsW
SetPixelV
CreatePolygonRgn
FillRgn
FrameRgn
PtInRegion
GetCharWidthW
SetBoundsRect
Rectangle
CreatePatternBrush
GetBkColor
GetWindowOrgEx
RoundRect
GetRgnBox
OffsetViewportOrgEx
Escape
GetWindowExtEx
Ellipse
Polyline
StrokePath
FillPath
StrokeAndFillPath
EndPath
CloseFigure
MoveToEx
LineTo
PolyBezierTo
BeginPath
GetClipBox
GetCurrentPositionEx
GetTextExtentPoint32A
IntersectClipRect
GetClipRgn
ExtSelectClipRgn
SetBkMode
GetTextExtentPointW
SetBrushOrgEx
GetBrushOrgEx
ExtTextOutW
RectVisible
PtVisible
CreateFontIndirectW
GetTextExtentPoint32W
Polygon
EnumFontFamiliesExW
SetPixel
GetStockObject
PatBlt
CreateSolidBrush
CreatePen
BitBlt
CreateRectRgnIndirect
CreateCompatibleDC
CreateCompatibleBitmap
GetObjectW
GetPixel
GetDeviceCaps
CreateFontW
SelectObject
SetTextColor
GetViewportExtEx
DeleteObject
TextOutW

advapi32

RegCloseKey
RegOpenKeyExW
RegCreateKeyExW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegQueryValueExW

shell32

DragQueryFileW
SHGetMalloc
SHBrowseForFolderW
SHGetPathFromIDListW
SHAppBarMessage
Shell_NotifyIconW

comctl32

_TrackMouseEvent
ImageList_Destroy
ImageList_GetIcon
ImageList_GetImageCount
ImageList_GetIconSize
ImageList_DrawEx
ImageList_ReplaceIcon
ImageList_Add
ImageList_GetImageInfo
ImageList_Create
ImageList_Draw
ImageList_AddMasked
ord17

ole32

RevokeDragDrop
RegisterDragDrop
PropVariantClear
CoCreateInstance
OleRun
CoLockObjectExternal
ReleaseStgMedium

olepro32

ord252
ord254
ord253

oleaut32

SafeArrayCreate
VarI4FromCy
VarI4FromR4
VarI4FromR8
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
VariantChangeType
VariantInit
SysAllocString
VariantChangeTypeEx
SafeArrayGetDim
OleLoadPicturePath
LoadRegTypeLi
SysFreeString
VariantClear
VariantCopy

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 264KB - Virtual size: 263KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 372KB - Virtual size: 368KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 120KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Controls/Codejock.DockingPane.Unicode.v16.3.1.ocx
.dll regsvr32 windows:4 windows x86 arch:x86

9366cd71f1d6e2e0df6c146309ac9127

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

31:a9:54:4a:3c:a4:e7:5c:fc:05:69:0f:97:ec:63:9f
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

31/10/2013, 00:00

Not After

26/11/2014, 23:59

Subject

CN=Codejock Technologies\, LLC,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Codejock Technologies\, LLC,L=Morrice,ST=Michigan,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:64:ca:95:8f:a6:61:e5:a9:e0:42:88:93:ef:e1:00:78:32:1a:a0
Signer

Actual PE Digest

65:64:ca:95:8f:a6:61:e5:a9:e0:42:88:93:ef:e1:00:78:32:1a:a0

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42u

ord6372
ord3744
ord5059
ord1720
ord5257
ord2438
ord2116
ord5273
ord2978
ord3143
ord3255
ord4460
ord3264
ord2981
ord3075
ord4076
ord4618
ord5821
ord423
ord723
ord5157
ord4803
ord1607
ord6597
ord3792
ord4294
ord3469
ord5002
ord800
ord535
ord2810
ord540
ord2756
ord6868
ord5568
ord2910
ord940
ord925
ord538
ord1165
ord665
ord5438
ord956
ord353
ord6865
ord3257
ord1203
ord1220
ord2478
ord3232
ord861
ord1594
ord858
ord4273
ord5679
ord2506
ord2377
ord6370
ord4621
ord4155
ord640
ord1172
ord6211
ord6195
ord1633
ord323
ord641
ord801
ord2632
ord2615
ord541
ord1174
ord4361
ord5340
ord3268
ord438
ord5857
ord4037
ord2605
ord1699
ord2378
ord6566
ord537
ord3877
ord2787
ord1791
ord2715
ord2382
ord3054
ord5094
ord5097
ord4461
ord4298
ord3345
ord5006
ord975
ord5468
ord3398
ord2874
ord2873
ord4146
ord4072
ord5233
ord5278
ord2641
ord1658
ord4430
ord4421
ord366
ord1834
ord4237
ord4787
ord5801
ord2371
ord4118
ord5248
ord2385
ord6193
ord5714
ord4078
ord2225
ord2084
ord5224
ord1714
ord4583
ord4582
ord4893
ord4364
ord4886
ord4529
ord5070
ord4335
ord4342
ord4881
ord4525
ord4539
ord4537
ord4520
ord4523
ord4518
ord4957
ord4954
ord4103
ord5236
ord3743
ord1718
ord5256
ord4426
ord761
ord480
ord1896
ord4251
ord4888
ord3490
ord1137
ord3871
ord5977
ord4717
ord5115
ord3087
ord2854
ord2855
ord6871
ord5571
ord3520
ord433
ord674
ord4015
ord2863
ord5860
ord815
ord6371
ord4480
ord2546
ord2504
ord5727
ord3917
ord1089
ord5193
ord2388
ord3341
ord5296
ord5298
ord4074
ord4692
ord5303
ord5285
ord5710
ord3396
ord3665
ord561
ord3947
ord2716
ord6350
ord1213
ord1224
ord6360
ord3321
ord6361
ord4466
ord5494
ord3273
ord3676
ord446
ord743
ord6435
ord1211
ord6038
ord2679
ord4001
ord1223
ord1207
ord672
ord362
ord3941
ord922
ord3566
ord3621
ord5781
ord1143
ord3658
ord5324
ord324
ord4453
ord3737
ord567
ord6316
ord818
ord2951
ord2548
ord6026
ord2456
ord465
ord1262
ord6238
ord3201
ord4654
ord3199
ord536
ord4282
ord5027
ord2862
ord4028
ord4270
ord5445
ord6389
ord909
ord4200
ord3981
ord1769
ord884
ord886
ord463
ord6379
ord882
ord2793
ord876
ord878
ord2047
ord879
ord2732
ord6390
ord5446
ord2885
ord6568
ord857
ord941
ord6771
ord6640
ord703
ord6381
ord2446
ord6385
ord403
ord1971
ord3313
ord5180
ord354
ord927
ord686
ord2088
ord384
ord2966
ord5755
ord6188
ord5752
ord6182
ord4324
ord6185
ord6017
ord6168
ord5869
ord5785
ord5790
ord5674
ord5732
ord5575
ord5567
ord6057
ord3591
ord3701
ord5777
ord3688
ord3568
ord2397
ord5783
ord3215
ord6437
ord1230
ord2746
ord2372
ord2559
ord2745
ord2705
ord3133
ord4128
ord4292
ord1168
ord1229
ord3512
ord2606
ord3491
ord4124
ord6278
ord3614
ord5871
ord764
ord3023
ord2858
ord824
ord826
ord2036
ord2099
ord2836
ord2440
ord5830
ord4215
ord2576
ord3649
ord2430
ord1173
ord6375
ord6376
ord755
ord470
ord613
ord289
ord2444
ord1258
ord603
ord1961
ord273
ord1252
ord1763
ord462
ord3110
ord3310
ord3465
ord452
ord6153
ord6303
ord521
ord4162
ord834
ord836
ord2806
ord2755
ord2805
ord5210
ord1565
ord849
ord850
ord906
ord845
ord404
ord957
ord1852
ord699
ord3933
ord397
ord5589
ord3433
ord6867
ord912
ord4183
ord4272
ord6489
ord6279
ord4197
ord5706
ord1637
ord4158
ord2914
ord1941
ord2144
ord6451
ord2373
ord4265
ord1131
ord3000
ord2127
ord3727
ord2114
ord1932
ord556
ord809
ord2558
ord1717
ord5252
ord706
ord2143
ord408
ord1857
ord4243
ord4781
ord4407
ord4524
ord4538
ord4536
ord4517
ord5681
ord3269
ord439
ord736
ord5491
ord1226
ord4280
ord805
ord3025
ord924
ord697
ord4181
ord910
ord395
ord4279
ord4695
ord4989
ord4804
ord2706
ord4789
ord4791
ord4810
ord979
ord4652
ord3652
ord5024
ord6373
ord3915
ord5047
ord5778
ord1255
ord1129
ord2640
ord1115
ord1568
ord1570
ord1179
ord342
ord1240
ord1194
ord1563
ord1248
ord1250
ord1571
ord600
ord269
ord4655
ord4108
ord5645
ord2993
ord2871
ord4701
ord4699
ord5144
ord3863
ord2948
ord5207
ord1955
ord2129
ord5998
ord3128
ord4914
ord4850
ord2148
ord5670
ord4633
ord4681
ord4336
ord1686
ord2431
ord3525
ord4244
ord1869
ord1130
ord6466
ord268
ord1560
ord2406
ord1634
ord2859

msvcrt

free
wcstombs
wcscmp
wcsncpy
wcslen
malloc
swscanf
wcsrchr
wcscpy
floor
ceil
_ftol
_CxxThrowException
_purecall
__CxxFrameHandler
_CIpow
wcsstr
_wcslwr
_wcsicmp
_wtoi
memmove
_CIacos
wcstod
towupper
strchr
calloc
qsort
_snprintf
longjmp
fprintf
_iob
abort
_setjmp3
fread
strtod
??1type_info@@UAE@XZ
__dllonexit
_onexit
_except_handler3
?terminate@@YAXXZ
_initterm
_adjust_fdiv
_wcsdup

kernel32

LocalFree
GetTickCount
GetVersionExW
LoadLibraryA
EnumResourceLanguagesW
EnumResourceTypesW
MultiByteToWideChar
WideCharToMultiByte
EnumResourceNamesW
FreeLibrary
lstrcmpA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
SetFilePointer
CreateFileW
ReadFile
CloseHandle
GetModuleHandleA
LoadLibraryW
GetModuleHandleW
GetProcAddress
GetCurrentThreadId
Sleep
FindResourceW
LoadResource
LockResource
SizeofResource
GetPrivateProfileStringW
GetTempPathW
GetTempFileNameW
GetPrivateProfileSectionNamesW
WritePrivateProfileStringW
DeleteFileW
InterlockedDecrement
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
InterlockedIncrement
GetModuleFileNameW
lstrcpyW
GetFileAttributesW
MulDiv
LocalAlloc

user32

SystemParametersInfoW
IsWindowEnabled
IsRectEmpty
GetActiveWindow
SetActiveWindow
IsWindow
EnableWindow
SetTimer
KillTimer
GetKeyState
UpdateWindow
wsprintfW
WindowFromPoint
CopyRect
OffsetRect
InflateRect
MoveWindow
GetParent
GetWindowLongW
SendMessageW
GetSystemMetrics
PtInRect
GetDC
ReleaseDC
ScreenToClient
GetDesktopWindow
InvalidateRect
GetMenuStringW
LookupIconIdFromDirectoryEx
LoadMenuW
CopyImage
PostMessageW
DrawStateW
CreateIconIndirect
DrawIconEx
DrawFrameControl
DrawFocusRect
GetIconInfo
CreateIconFromResourceEx
LoadImageW
RegisterClipboardFormatW
SetWindowRgn
RegisterWindowMessageW
SetWindowLongW
GrayStringW
DrawTextW
TabbedTextOutW
PeekMessageW
LoadMenuIndirectW
DefWindowProcW
GetForegroundWindow
GetLastActivePopup
IntersectRect
SetCapture
LoadCursorW
LockWindowUpdate
GetDCEx
GetCapture
GetMessageW
ClientToScreen
DispatchMessageW
ReleaseCapture
DeleteMenu
AppendMenuW
EnableMenuItem
InvertRect
GetCursorPos
CallNextHookEx
SetWindowsHookExW
UnhookWindowsHookEx
GetDlgCtrlID
CopyIcon
UnionRect
CreatePopupMenu
InsertMenuW
TrackPopupMenu
BringWindowToTop
GetSystemMenu
GetClassLongW
GetWindow
SetCursorPos
SetCursor
SetParent
ShowWindow
GetFocus
IsChild
SetFocus
MapWindowPoints
FillRect
SetWindowPos
DestroyIcon
GetCursor
GetSysColor
GetClientRect
BeginDeferWindowPos
EndDeferWindowPos
SetRectEmpty
FindWindowExW
IsWindowVisible
LoadBitmapW
GetWindowRect
SetRect
EqualRect

gdi32

GetStockObject
SetPixel
EnumFontFamiliesExW
Polygon
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
CreateRectRgn
CombineRgn
CreateDIBSection
DeleteDC
StretchBlt
PatBlt
SetTextColor
SetBkColor
SetStretchBltMode
GetDIBits
GetBitmapBits
ExtCreateRegion
RoundRect
GetCurrentObject
CreatePatternBrush
GetTextColor
GetWindowOrgEx
GetRgnBox
CreatePolygonRgn
CreateSolidBrush
CreatePen
DeleteObject
CreateRectRgnIndirect
CreateCompatibleBitmap
SelectObject
GetPixel
CreateCompatibleDC
BitBlt
GetTextExtentPoint32W
CreateFontIndirectW
CreateBitmap
GetObjectW
GetDeviceCaps

advapi32

RegCloseKey
RegOpenKeyExW
RegCreateKeyExW
RegSetValueExW
RegDeleteValueW
RegQueryValueExW

shell32

DragQueryFileW

comctl32

ImageList_GetImageCount
ImageList_Destroy
ImageList_GetIconSize
ImageList_AddMasked
ImageList_GetIcon
ImageList_DrawEx
ImageList_Add
ImageList_GetImageInfo
_TrackMouseEvent
ImageList_Draw

ole32

OleUninitialize
OleInitialize
OleRun
ReleaseStgMedium
CoCreateInstance

olepro32

ord254
ord253
ord252

oleaut32

VariantChangeTypeEx
SafeArrayGetDim
OleLoadPicturePath
SysFreeString
SafeArrayCreate
VarI4FromCy
VarI4FromR4
VarI4FromR8
VariantInit
VariantChangeType
VariantClear
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
LoadRegTypeLi
SysAllocString

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 516KB - Virtual size: 513KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 96KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 412KB - Virtual size: 411KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Controls/Codejock.SyntaxEdit.Unicode.v16.3.1.ocx
.dll regsvr32 windows:4 windows x86 arch:x86

5eedb6c74ef40bfc5004de4d45970277

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

31:a9:54:4a:3c:a4:e7:5c:fc:05:69:0f:97:ec:63:9f
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

31/10/2013, 00:00

Not After

26/11/2014, 23:59

Subject

CN=Codejock Technologies\, LLC,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Codejock Technologies\, LLC,L=Morrice,ST=Michigan,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

04:fa:40:e6:6a:4e:4b:0c:55:54:44:9f:9e:12:6d:ea:76:11:30:b7
Signer

Actual PE Digest

04:fa:40:e6:6a:4e:4b:0c:55:54:44:9f:9e:12:6d:ea:76:11:30:b7

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42u

ord6193
ord6871
ord6437
ord1230
ord567
ord2746
ord2372
ord2559
ord2745
ord816
ord562
ord4128
ord4292
ord1229
ord3512
ord1791
ord6868
ord3490
ord3871
ord2756
ord6278
ord3614
ord5871
ord3904
ord764
ord3023
ord5261
ord4847
ord4992
ord2506
ord6048
ord4073
ord1767
ord4401
ord5237
ord2377
ord5157
ord6370
ord4347
ord5276
ord3793
ord4831
ord4435
ord2640
ord2047
ord6372
ord3744
ord5059
ord1720
ord5257
ord2438
ord2116
ord5273
ord3356
ord4621
ord4419
ord3592
ord641
ord2078
ord326
ord4704
ord1761
ord4370
ord6266
ord1594
ord3232
ord1262
ord824
ord826
ord2036
ord2099
ord2836
ord2440
ord5830
ord4215
ord2576
ord3649
ord2430
ord6037
ord2444
ord1143
ord1258
ord1560
ord268
ord603
ord1961
ord273
ord2385
ord3211
ord1252
ord1763
ord462
ord3110
ord3310
ord3465
ord452
ord6153
ord3723
ord543
ord803
ord6303
ord521
ord4162
ord3579
ord4270
ord6051
ord1768
ord5286
ord3737
ord818
ord834
ord836
ord2806
ord2755
ord4155
ord2805
ord5210
ord1565
ord849
ord850
ord906
ord845
ord1130
ord2225
ord404
ord957
ord1852
ord1203
ord1220
ord2863
ord5571
ord3520
ord433
ord699
ord3933
ord397
ord5589
ord3433
ord6867
ord912
ord4183
ord6489
ord6279
ord4197
ord5706
ord1637
ord4158
ord1197
ord2914
ord2719
ord2722
ord2721
ord1172
ord2913
ord5771
ord2089
ord1263
ord2634
ord6597
ord4294
ord2371
ord6125
ord3747
ord6124
ord2626
ord755
ord470
ord6211
ord3516
ord610
ord287
ord942
ord6398
ord5852
ord6135
ord2403
ord4392
ord616
ord1794
ord2505
ord293
ord6654
ord3312
ord3084
ord5267
ord3397
ord3716
ord795
ord4118
ord5047
ord812
ord559
ord1941
ord613
ord289
ord5858
ord6451
ord926
ord6219
ord5679
ord3749
ord1937
ord3751
ord2644
ord1662
ord4078
ord1920
ord6325
ord541
ord801
ord5853
ord1808
ord3605
ord656
ord2294
ord4229
ord6195
ord3087
ord3952
ord1817
ord4233
ord4690
ord3053
ord3060
ord6332
ord2502
ord2534
ord5239
ord5736
ord1739
ord5573
ord3167
ord5649
ord2391
ord3449
ord3193
ord6076
ord6171
ord4617
ord4420
ord652
ord338
ord5677
ord4817
ord4852
ord4947
ord4414
ord4381
ord5784
ord472
ord2567
ord4390
ord3569
ord2015
ord4213
ord2570
ord3577
ord609
ord2293
ord2362
ord5604
ord6330
ord2162
ord3517
ord6399
ord6218
ord2354
ord6874
ord6139
ord5647
ord3122
ord3611
ord1255
ord350
ord798
ord5461
ord5857
ord533
ord5641
ord1105
ord1615
ord3898
ord859
ord398
ord700
ord913
ord4184
ord3434
ord802
ord542
ord5590
ord3805
ord348
ord2057
ord663
ord711
ord413
ord2400
ord3515
ord6397
ord3915
ord6646
ord1900
ord4254
ord1764
ord6362
ord2405
ord2016
ord4214
ord2573
ord4395
ord3634
ord692
ord4119
ord4474
ord6316
ord5155
ord5156
ord5154
ord4899
ord4736
ord4942
ord4371
ord4848
ord5283
ord4829
ord768
ord491
ord1899
ord4253
ord4970
ord4352
ord6865
ord6024
ord2638
ord2286
ord2281
ord2291
ord1137
ord3798
ord773
ord501
ord3215
ord1083
ord5603
ord1863
ord998
ord4583
ord4335
ord4525
ord4539
ord4958
ord4955
ord4103
ord5236
ord3743
ord1719
ord4426
ord736
ord813
ord439
ord560
ord4268
ord6023
ord6022
ord5491
ord2862
ord4458
ord5142
ord4688
ord4717
ord4327
ord2527
ord6140
ord4582
ord4017
ord3501
ord3069
ord5949
ord2373
ord2879
ord3492
ord3911
ord5848
ord4211
ord1851
ord3808
ord1850
ord4518
ord4037
ord4520
ord729
ord2496
ord1699
ord430
ord6128
ord4343
ord815
ord6371
ord4480
ord2546
ord5727
ord3917
ord1089
ord5193
ord2388
ord3341
ord5296
ord5298
ord4074
ord4692
ord5303
ord5285
ord5710
ord3396
ord3665
ord561
ord3947
ord2716
ord6748
ord2504
ord6350
ord1213
ord1224
ord6360
ord3321
ord6361
ord4466
ord5494
ord3273
ord3676
ord446
ord743
ord6435
ord1211
ord5980
ord3198
ord5955
ord3114
ord6038
ord3225
ord4524
ord4538
ord4517
ord5681
ord3269
ord2679
ord3525
ord2431
ord1686
ord4336
ord4681
ord4633
ord5670
ord2148
ord4850
ord4914
ord5998
ord2129
ord1955
ord5207
ord2948
ord3863
ord5144
ord4699
ord4701
ord2871
ord2993
ord5645
ord4108
ord4655
ord4654
ord4762
ord4644
ord4897
ord4542
ord4515
ord4588
ord4982
ord4919
ord4924
ord4929
ord4653
ord4903
ord4902
ord4662
ord4661
ord4660
ord4642
ord4683
ord5017
ord4648
ord4637
ord4348
ord4774
ord4643
ord4631
ord5054
ord4365
ord4355

msvcrt

__CxxFrameHandler
_CxxThrowException
malloc
wcslen
wcscmp
swscanf
free
_CIpow
_ftol
wcsstr
_wcslwr
_wcsicmp
_wtoi
memmove
_purecall
wcstod
towupper
strchr
wcscpy
wcsncpy
isalnum
qsort
_lfind
_wsplitpath
wcspbrk
wcsncmp
isleadbyte
strpbrk
wcschr
_wcsnicmp
iswalpha
iswupper
_wcsupr
iswlower
_wcsicoll
wcstol
_snprintf
longjmp
fprintf
_iob
abort
_setjmp3
fread
strtod
_wsetlocale
wcsrchr
_wcsdup
wcstombs
__dllonexit
_onexit
??1type_info@@UAE@XZ
_except_handler3
?terminate@@YAXXZ
_initterm
_adjust_fdiv

kernel32

LocalFree
GetLastError
GlobalFree
GetPrivateProfileSectionW
WaitForMultipleObjects
GetThreadPriority
ResetEvent
GetFileInformationByHandle
TerminateThread
GetFullPathNameW
SetFileAttributesW
FindFirstFileW
FindClose
GetModuleFileNameW
GlobalSize
lstrcpyW
GetTickCount
lstrlenW
CreateEventW
SetThreadPriority
WaitForSingleObject
SetEvent
GetVersionExW
EnumResourceLanguagesW
EnumResourceTypesW
MultiByteToWideChar
WideCharToMultiByte
EnumResourceNamesW
FreeLibrary
lstrcmpA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
InterlockedDecrement
InterlockedIncrement
GlobalAlloc
SetFilePointer
CreateFileW
ReadFile
CloseHandle
GetLocaleInfoW
GetLocalTime
GetDateFormatW
GetTimeFormatW
GlobalLock
GlobalUnlock
GetModuleHandleA
MulDiv
LoadLibraryW
GetModuleHandleW
GetProcAddress
GetCurrentThreadId
Sleep
FindResourceW
LoadResource
LockResource
SizeofResource
GetFileAttributesW
GetPrivateProfileSectionNamesW
DeleteFileW
LocalAlloc

user32

ReleaseDC
GetSysColor
GetClipboardData
OpenClipboard
EmptyClipboard
CloseClipboard
GetFocus
KillTimer
SetTimer
GetCaretPos
UpdateWindow
InvalidateRect
GetKeyState
GetKeyboardLayout
FindWindowW
InflateRect
DrawFocusRect
SetCursor
ShowScrollBar
RedrawWindow
GetClassInfoW
GetDC
LoadMenuIndirectW
LookupIconIdFromDirectoryEx
LoadMenuW
RegisterWindowMessageW
PostMessageW
SetClipboardData
LoadBitmapW
GetActiveWindow
DrawIconEx
DestroyIcon
CopyIcon
GetIconInfo
CreateIconFromResourceEx
LoadImageW
RegisterClipboardFormatW
SendMessageW
EnableWindow
GrayStringW
DrawTextW
TabbedTextOutW
GetDesktopWindow
GetSystemMetrics
PeekMessageW
SetRect
SystemParametersInfoW
DefWindowProcW
GetWindowLongW
SetCapture
IsRectEmpty
LoadCursorW
PtInRect
SetActiveWindow
wsprintfW
SetWindowPos
ScreenToClient
GetCursorPos
SetRectEmpty
GetParent
CreateIconIndirect
IsWindowEnabled
GetWindowTextW
IsClipboardFormatAvailable
IsWindowVisible
EqualRect
FillRect
DestroyWindow
ShowWindow
BringWindowToTop
SetForegroundWindow
MoveWindow
CreateCaret
SetCaretPos
SetWindowLongW
CreatePopupMenu
AppendMenuW
HideCaret
ShowCaret
DrawStateW
DestroyCaret
GetWindowRect
IsWindow
GetCapture
ClientToScreen
OffsetRect
ReleaseCapture
CopyRect
GetClientRect

gdi32

ExtTextOutW
Escape
DeleteDC
StretchBlt
CreateBitmap
CreateDIBSection
SetStretchBltMode
GetDIBits
GetTextMetricsW
TextOutW
SetPixelV
Rectangle
GetBkColor
DPtoLP
AbortDoc
EndDoc
EndPage
StartPage
StartDocW
SetAbortProc
RectVisible
PtVisible
CreateFontIndirectW
GetTextExtentPoint32W
EnumFontFamiliesExW
SetPixel
GetStockObject
CreatePen
DeleteObject
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
GetObjectW
GetTextExtentExPointW
GetDeviceCaps
GetPixel

advapi32

RegCloseKey
RegOpenKeyExW
RegCreateKeyExW
RegSetValueExW
RegDeleteValueW
RegQueryValueExW

shell32

DragFinish
DragQueryFileW

comctl32

ImageList_GetImageCount
ImageList_Destroy
ImageList_GetIconSize
ImageList_AddMasked
ImageList_GetIcon
ImageList_DrawEx
ImageList_Add
ImageList_GetImageInfo
ImageList_Draw

ole32

CoCreateInstance
OleRun
ReleaseStgMedium

olepro32

ord252
ord254
ord253

oleaut32

VarI4FromCy
VarI4FromR4
VarI4FromR8
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
VariantInit
VariantChangeType
SysAllocString
VariantChangeTypeEx
SafeArrayGetDim
OleLoadPicturePath
LoadRegTypeLi
SysFreeString
VariantClear
SafeArrayCreate

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 588KB - Virtual size: 586KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 116KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Controls/Codejock.TaskPanel.Unicode.v16.3.1.ocx
.dll regsvr32 windows:4 windows x86 arch:x86

ce428522c69999c73f93d9aeb82ab17f

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

31:a9:54:4a:3c:a4:e7:5c:fc:05:69:0f:97:ec:63:9f
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

31/10/2013, 00:00

Not After

26/11/2014, 23:59

Subject

CN=Codejock Technologies\, LLC,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Codejock Technologies\, LLC,L=Morrice,ST=Michigan,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

fa:60:dd:6e:bd:a7:fd:b1:f3:e2:bb:a9:22:4a:36:31:01:03:af:18
Signer

Actual PE Digest

fa:60:dd:6e:bd:a7:fd:b1:f3:e2:bb:a9:22:4a:36:31:01:03:af:18

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42u

ord4294
ord3469
ord5002
ord800
ord535
ord2810
ord540
ord2756
ord6868
ord5568
ord2910
ord940
ord925
ord538
ord1165
ord665
ord5438
ord956
ord353
ord6865
ord3257
ord1203
ord1220
ord2478
ord3232
ord861
ord1594
ord858
ord4273
ord5679
ord2506
ord2377
ord6370
ord4621
ord4155
ord640
ord6195
ord1633
ord323
ord641
ord801
ord2632
ord2615
ord541
ord1174
ord4361
ord5340
ord3268
ord438
ord5857
ord4037
ord2605
ord1699
ord2378
ord6566
ord537
ord3877
ord2787
ord2496
ord430
ord729
ord1791
ord2715
ord2382
ord3054
ord5094
ord5097
ord4461
ord4298
ord3345
ord5006
ord975
ord5468
ord3398
ord2874
ord2873
ord4146
ord4072
ord5233
ord5278
ord2641
ord1658
ord4430
ord4421
ord366
ord1834
ord4237
ord4787
ord5801
ord2371
ord4118
ord5248
ord2385
ord6193
ord4078
ord2225
ord5224
ord1714
ord4583
ord4582
ord4893
ord4364
ord4886
ord4529
ord5070
ord4335
ord4342
ord4881
ord4525
ord4539
ord4537
ord4520
ord4523
ord4518
ord4957
ord4954
ord4103
ord5236
ord3743
ord1718
ord5256
ord4426
ord761
ord480
ord1896
ord4251
ord4888
ord3490
ord1137
ord3871
ord5977
ord4717
ord5115
ord3087
ord2854
ord2855
ord6871
ord5571
ord3520
ord433
ord674
ord4015
ord2863
ord5860
ord4028
ord815
ord6371
ord4480
ord2546
ord2504
ord5727
ord3917
ord1089
ord5193
ord2388
ord3341
ord5296
ord5298
ord4074
ord4692
ord5303
ord5285
ord5710
ord3396
ord3665
ord561
ord3947
ord2716
ord6350
ord1213
ord1224
ord6360
ord3321
ord6361
ord4466
ord5494
ord3273
ord3676
ord446
ord743
ord6435
ord1211
ord5955
ord3114
ord6038
ord3225
ord2679
ord1223
ord1207
ord922
ord672
ord2628
ord3941
ord362
ord2746
ord3566
ord3621
ord3658
ord613
ord289
ord5310
ord5324
ord324
ord4453
ord5027
ord6026
ord4282
ord4279
ord2559
ord2456
ord465
ord3194
ord5047
ord4122
ord4121
ord3201
ord3940
ord3199
ord703
ord6285
ord404
ord968
ord3465
ord452
ord536
ord4637
ord2372
ord2836
ord2104
ord6375
ord2099
ord5446
ord5436
ord6379
ord6390
ord1911
ord3397
ord3706
ord783
ord567
ord4270
ord755
ord470
ord5871
ord1226
ord1941
ord818
ord5445
ord909
ord4200
ord3981
ord1769
ord884
ord886
ord463
ord882
ord2793
ord876
ord878
ord879
ord2732
ord2885
ord6568
ord857
ord941
ord6771
ord6640
ord6381
ord2446
ord6385
ord403
ord1971
ord3313
ord5180
ord354
ord927
ord686
ord2088
ord384
ord2966
ord5755
ord6188
ord5752
ord6182
ord4324
ord6185
ord6017
ord6168
ord5869
ord5785
ord5790
ord5674
ord5732
ord5575
ord5567
ord6057
ord3591
ord3701
ord5777
ord3688
ord3568
ord2397
ord6437
ord1230
ord2745
ord2705
ord3133
ord4128
ord4292
ord1168
ord1229
ord3512
ord2606
ord3491
ord4124
ord6278
ord3614
ord764
ord3023
ord1262
ord824
ord826
ord2036
ord2440
ord5830
ord1173
ord3737
ord2444
ord1143
ord1258
ord603
ord1961
ord273
ord786
ord519
ord1252
ord1763
ord462
ord3110
ord3310
ord6153
ord6303
ord521
ord4162
ord834
ord836
ord2806
ord2755
ord2805
ord5210
ord1565
ord849
ord850
ord906
ord845
ord957
ord1852
ord699
ord3933
ord397
ord5589
ord3433
ord6867
ord912
ord4183
ord4272
ord6489
ord6279
ord4197
ord5706
ord1637
ord4158
ord2914
ord2144
ord6451
ord2373
ord4265
ord1131
ord3000
ord2127
ord3727
ord2114
ord1932
ord556
ord809
ord1821
ord656
ord2081
ord4524
ord4538
ord4517
ord5681
ord3269
ord439
ord736
ord5491
ord6125
ord2626
ord6124
ord3747
ord3749
ord3748
ord6456
ord2706
ord5781
ord6567
ord4280
ord2453
ord3169
ord3916
ord6190
ord1255
ord1824
ord5647
ord350
ord3898
ord5638
ord1083
ord501
ord1000
ord1129
ord1115
ord1568
ord1570
ord1179
ord342
ord1240
ord1194
ord1563
ord1248
ord1250
ord1571
ord600
ord269
ord4648
ord5017
ord4683
ord4642
ord4660
ord4661
ord4662
ord4902
ord4903
ord4653
ord4929
ord4924
ord4919
ord4982
ord4588
ord4515
ord4542
ord4897
ord4644
ord4762
ord4654
ord4655
ord4108
ord5645
ord2993
ord2871
ord4701
ord4699
ord5144
ord3863
ord2948
ord5207
ord1955
ord2129
ord5998
ord3128
ord4914
ord4850
ord2148
ord5670
ord4633
ord4681
ord4336
ord1686
ord2431
ord3525
ord3792
ord6597
ord1607
ord4803
ord5157
ord723
ord423
ord5821
ord4618
ord4076
ord3075
ord2981
ord3264
ord4460
ord3255
ord3143
ord2978
ord5273
ord2116
ord2438

msvcrt

wcstombs
wcscmp
wcsncpy
wcslen
malloc
swscanf
_wcsdup
wcsrchr
wcscpy
floor
ceil
_ftol
_purecall
__CxxFrameHandler
_CIpow
wcsstr
_wcslwr
_wcsicmp
_wtoi
memmove
_CIacos
wcstod
towupper
strchr
calloc
_snprintf
longjmp
fprintf
_iob
abort
_setjmp3
fread
strtod
_CxxThrowException
qsort
wcsncmp
wcschr
??1type_info@@UAE@XZ
__dllonexit
_onexit
_except_handler3
?terminate@@YAXXZ
_initterm
_adjust_fdiv
free

kernel32

LocalFree
lstrcpynW
GetProcessHeap
HeapAlloc
HeapFree
GetWindowsDirectoryW
LoadLibraryExW
GetTickCount
GetVersionExW
LoadLibraryA
EnumResourceLanguagesW
EnumResourceTypesW
MultiByteToWideChar
WideCharToMultiByte
EnumResourceNamesW
FreeLibrary
lstrcmpA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
SetFilePointer
CreateFileW
ReadFile
CloseHandle
GetModuleHandleA
LoadLibraryW
GetModuleHandleW
GetProcAddress
GetCurrentThreadId
Sleep
FindResourceW
LoadResource
LockResource
SizeofResource
InterlockedDecrement
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
InterlockedIncrement
GetModuleFileNameW
lstrcpyW
GetFileAttributesW
MulDiv
LocalAlloc

user32

SetTimer
KillTimer
GetKeyState
UpdateWindow
SetRect
CopyRect
OffsetRect
InflateRect
DeferWindowPos
GetParent
GetWindowLongW
SendMessageW
GetSystemMetrics
PtInRect
GetDC
ReleaseDC
ScreenToClient
GetDesktopWindow
GetTabbedTextExtentA
DrawFocusRect
SetParent
ShowWindow
EnableWindow
GetNextDlgTabItem
SetCursor
GetWindow
RedrawWindow
SetFocus
GetCursor
IsWindowVisible
WindowFromPoint
SystemParametersInfoW
LookupIconIdFromDirectoryEx
LoadMenuW
PostMessageW
LoadBitmapW
DrawStateW
CreateIconIndirect
DrawIconEx
DestroyIcon
CopyIcon
GetIconInfo
CreateIconFromResourceEx
LoadImageW
RegisterClipboardFormatW
SetWindowRgn
IsChild
IsWindow
RegisterWindowMessageW
GrayStringW
DrawTextW
TabbedTextOutW
GetForegroundWindow
InvalidateRect
EqualRect
GetWindowRect
GetLastActivePopup
IntersectRect
IsRectEmpty
LoadMenuIndirectW
GetSysColor
SetWindowPos
LoadCursorW
GetFocus
InvertRect
FillRect
DefWindowProcW
DrawEdge
DrawFrameControl
GetClientRect
ShowScrollBar
GetScrollInfo
ReleaseCapture
GetDoubleClickTime
GetCursorPos
DispatchMessageW
UnionRect
ClientToScreen
SetRectEmpty
CallNextHookEx
SetWindowsHookExW
UnhookWindowsHookEx
SetCapture
GetCapture
GetMessageW
MoveWindow
TranslateMessage

gdi32

CreateRectRgnIndirect
CreatePen
CreateSolidBrush
GetStockObject
SetPixel
EnumFontFamiliesExW
Polygon
PtVisible
RectVisible
ExtTextOutW
Escape
CreateRectRgn
CreateDIBSection
DeleteDC
StretchBlt
CreateBitmap
SetBkColor
SetStretchBltMode
GetDIBits
GetCurrentObject
GetTextColor
GetBitmapBits
ExtCreateRegion
CreateCompatibleDC
GetViewportOrgEx
ExtSelectClipRgn
GetClipRgn
GetTextMetricsW
OffsetViewportOrgEx
GetViewportExtEx
GetWindowExtEx
Ellipse
Polyline
StrokePath
FillPath
StrokeAndFillPath
EndPath
CloseFigure
MoveToEx
LineTo
PolyBezierTo
BeginPath
GetClipBox
GetCharWidthW
GetCurrentPositionEx
GetTextAlign
GetTextExtentPoint32A
IntersectClipRect
SetBkMode
GetPixel
CreateFontW
SelectObject
SetTextColor
TextOutW
DeleteObject
CreateCompatibleBitmap
BitBlt
GetTextExtentPoint32W
CreateFontIndirectW
RoundRect
GetObjectW
GetDeviceCaps

advapi32

RegCloseKey
RegOpenKeyExW
RegCreateKeyExW
RegSetValueExW
RegDeleteValueW
RegQueryValueExW

shell32

DragQueryFileW

comctl32

ImageList_Destroy
ImageList_GetImageCount
ImageList_GetIcon
_TrackMouseEvent
ImageList_GetIconSize
ImageList_DrawEx
ImageList_Add
ImageList_GetImageInfo
ImageList_AddMasked

ole32

OleUninitialize
OleInitialize
OleRun
ReleaseStgMedium
CoCreateInstance

olepro32

ord254
ord253
ord252

oleaut32

VariantChangeTypeEx
OleLoadPicturePath
SafeArrayGetDim
SysFreeString
SafeArrayCreate
VarI4FromCy
VarI4FromR4
VarI4FromR8
VariantInit
VariantChangeType
VariantClear
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
LoadRegTypeLi
SysAllocString

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 572KB - Virtual size: 569KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 124KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 108KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 64KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Controls/ExG2antt.dll
.dll regsvr32 windows:4 windows x86 arch:x86

72e06c56ad5a29a131d02ad23f3cca6e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetStdHandle
GetOEMCP
HeapCreate
HeapDestroy
ExitProcess
HeapSize
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStringTypeA
LCMapStringA
GetCommandLineA
GetTimeZoneInformation
VirtualQuery
GetSystemInfo
VirtualProtect
GetSystemTimeAsFileTime
HeapReAlloc
RtlUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
LocalFree
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
GetThreadLocale
GetLocaleInfoA
GetACP
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
SetStdHandle
GetFileType
SetHandleCount
GetStartupInfoA
CreateFileA
SetFilePointer
GetConsoleCP
GetConsoleMode
FlushFileBuffers
FreeEnvironmentStringsA
GetEnvironmentStrings
QueryPerformanceCounter
GetCurrentProcessId
WriteConsoleA
GetConsoleOutputCP
SetEnvironmentVariableA
GetDiskFreeSpaceA
InterlockedExchange
GetSystemDirectoryA
GetWindowsDirectoryA
GetModuleFileNameA
GetModuleHandleA
CompareStringA
GetVersion
LoadLibraryA
GetLocalTime
FreeResource
OpenProcess
WriteFile
GlobalReAlloc
GlobalSize
LoadResource
LockResource
SizeofResource
DisableThreadLibraryCalls
GetLastError
DeleteCriticalSection
InitializeCriticalSection
GetFileSize
ReadFile
CloseHandle
GetVersionExA
IsBadReadPtr
IsBadWritePtr
GlobalFree
GlobalAlloc
GlobalLock
lstrlenA
GlobalUnlock
GetTickCount
InterlockedIncrement
Sleep
SetLastError
GetCurrentThreadId
MulDiv
GetCurrentProcess
FlushInstructionCache
LeaveCriticalSection
EnterCriticalSection
RaiseException
FreeLibrary
InterlockedDecrement

user32

UnregisterClassA
GetFocus
PtInRect
NotifyWinEvent
ClientToScreen
GetParent
IsRectEmpty
SetFocus
OffsetRect
GetClientRect
ShowWindow
ReleaseDC
GetDC
DestroyWindow
GetWindow
SetParent
DestroyIcon
TranslateMessage
GetAsyncKeyState
GetMessagePos
IsWindow
GetSystemMetrics
DrawEdge
MoveWindow
SetWindowPos
GetWindowRect
ScreenToClient
BeginPaint
EndPaint
InvalidateRect
IntersectRect
GetWindowThreadProcessId
GetDlgItem
CopyIcon
MessageBeep
GetForegroundWindow
SetClipboardData
EmptyClipboard
GetQueueStatus
GetCursor
GetDlgCtrlID
SetActiveWindow
CreatePopupMenu
DestroyMenu
TrackPopupMenu
GetMenuItemCount
ChildWindowFromPoint
AdjustWindowRectEx
IsWindowEnabled
ScrollWindowEx
WindowFromPoint
GetActiveWindow
InvertRect
wsprintfA
EqualRect
FlashWindow
UnhookWindowsHookEx
CallNextHookEx
SetCaretPos
SetRect
GetDialogBaseUnits
DestroyCursor
SystemParametersInfoA
UnionRect
KillTimer
SetTimer
SetCapture
GetCaretPos
GetDesktopWindow
DrawIconEx
GetCapture
SubtractRect
DrawFocusRect
ReleaseCapture
RedrawWindow
OpenClipboard
CloseClipboard
HideCaret
CreateCaret
ShowCaret
DrawFrameControl
GetSysColor
SetWindowRgn
GetWindowDC
SetCursor
FillRect
GetSysColorBrush
FrameRect
InflateRect
IsWindowVisible
DestroyCaret
IsChild
GetCursorPos
GetKeyState

gdi32

SetROP2
GetPixel
CreatePatternBrush
ExtCreatePen
MoveToEx
LineTo
SaveDC
SetMapMode
SetWindowOrgEx
SetViewportOrgEx
RestoreDC
SetTextAlign
DeleteEnhMetaFile
GetClipBox
IntersectClipRect
CreateRectRgn
CreateBitmap
PatBlt
CreatePen
Polyline
SetStretchBltMode
StretchBlt
ExcludeClipRect
SetBkColor
SetPixelV
CreateSolidBrush
LPtoDP
CreateRectRgnIndirect
DeleteMetaFile
DeleteObject
DeleteDC
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
GetDeviceCaps
BitBlt
GetStockObject
SetBkMode
GetTextColor
SetTextColor
OffsetClipRgn
GetWindowOrgEx
GetViewportOrgEx
GetClipRgn
SetViewportExtEx
GetObjectType
GetWindowExtEx
Polygon
PolyBezier
GetDIBits
ModifyWorldTransform
SetWorldTransform
SetGraphicsMode
CreateHatchBrush
Rectangle
Ellipse
CreateBrushIndirect
CloseMetaFile
SetWindowExtEx
CombineRgn
ExtCreateRegion
CreateDIBSection
SelectClipRgn
CloseEnhMetaFile
ExtSelectClipRgn

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

ole32

CLSIDFromProgID
OleLockRunning
CoGetClassObject
CoCreateInstance
OleInitialize
OleUninitialize
DoDragDrop
CreateStreamOnHGlobal
CreateDataAdviseHolder
CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree
CLSIDFromString
OleRun
OleDraw
StgCreateDocfile
OleConvertOLESTREAMToIStorage
OleSaveToStream
WriteClassStm
OleLoadFromStream
ReleaseStgMedium
ProgIDFromCLSID
StringFromGUID2
OleRegGetMiscStatus
OleRegGetUserType
OleRegEnumVerbs
CreateOleAdviseHolder
RevokeDragDrop
RegisterDragDrop

oleaut32

VarUI4FromStr
OleCreatePictureIndirect
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayGetLBound
SafeArrayGetVartype
SafeArrayCreate
SafeArrayDestroy
OleCreatePropertyFrame
GetErrorInfo
CreateErrorInfo
SetErrorInfo
RegisterTypeLi
UnRegisterTypeLi
SysAllocStringLen
SafeArrayCreateVector
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayUnaccessData
VarBstrCmp
SysStringByteLen
SysAllocStringByteLen
VarCmp
LoadTypeLi
LoadRegTypeLi
OleLoadPicture
SysStringLen
VariantTimeToSystemTime
OleTranslateColor
OleCreateFontIndirect
SysFreeString
VariantCopy
VariantChangeType
VariantClear
VariantInit
SysAllocString

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 628KB - Virtual size: 627KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 168KB - Virtual size: 204KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 408KB - Virtual size: 406KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 216KB - Virtual size: 213KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Controls/ExHTML.dll
.dll regsvr32 windows:4 windows x86 arch:x86

c998384b7a39ce20b58c6d0eb681e391

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FreeEnvironmentStringsA
SetFilePointer
FlushFileBuffers
GetConsoleMode
GetConsoleCP
GetStartupInfoA
GetFileType
SetHandleCount
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetTimeZoneInformation
GetStdHandle
GetOEMCP
HeapCreate
HeapDestroy
HeapSize
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetDateFormatA
GetEnvironmentStrings
ExitProcess
GetStringTypeA
LCMapStringA
GetCommandLineA
VirtualQuery
GetSystemInfo
VirtualProtect
GetSystemTimeAsFileTime
HeapReAlloc
RtlUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
GetThreadLocale
GetLocaleInfoA
GetACP
QueryPerformanceCounter
GetCurrentProcessId
WriteConsoleA
GetConsoleOutputCP
SetStdHandle
CreateFileA
SetEnvironmentVariableA
GetDiskFreeSpaceA
InterlockedExchange
GetSystemDirectoryA
GetWindowsDirectoryA
GetModuleFileNameA
GetModuleHandleA
CompareStringA
GetVersion
LoadLibraryA
OpenProcess
FindClose
ResumeThread
SuspendThread
WaitForSingleObject
TerminateThread
CreateThread
WriteFile
GlobalReAlloc
lstrlenA
GlobalFree
GlobalSize
InterlockedDecrement
InterlockedIncrement
DisableThreadLibraryCalls
GetLastError
DeleteCriticalSection
InitializeCriticalSection
GetFileSize
ReadFile
CloseHandle
GetVersionExA
LoadResource
SizeofResource
LockResource
FreeResource
GlobalAlloc
GlobalLock
GlobalUnlock
Sleep
GetTickCount
SetLastError
GetCurrentThreadId
FreeLibrary
MulDiv
GetCurrentProcess
FlushInstructionCache
LeaveCriticalSection
EnterCriticalSection
RaiseException
GetTimeFormatA

user32

DestroyCaret
OffsetRect
GetClientRect
ShowWindow
ReleaseDC
GetDC
DestroyWindow
GetWindow
SetParent
MoveWindow
SetWindowPos
GetWindowRect
ClientToScreen
SetCaretPos
IsWindow
GetWindowDC
SetWindowRgn
GetMessagePos
GetAsyncKeyState
InflateRect
FrameRect
IsRectEmpty
BeginPaint
EndPaint
FillRect
GetSysColor
GetSysColorBrush
SetTimer
KillTimer
OpenClipboard
CreateCaret
HideCaret
ShowCaret
CloseClipboard
SetClipboardData
EmptyClipboard
MessageBeep
GetCursor
EndDialog
GetDlgItem
GetDlgCtrlID
CopyIcon
IsWindowVisible
GetForegroundWindow
SetCursorPos
WindowFromPoint
ToUnicodeEx
GetKeyboardState
IsWindowEnabled
GetWindowThreadProcessId
ScrollDC
GetActiveWindow
SetActiveWindow
CallNextHookEx
UnhookWindowsHookEx
ChildWindowFromPoint
InvertRect
wsprintfA
ScreenToClient
DrawFrameControl
FlashWindow
SetFocus
AdjustWindowRectEx
DrawIconEx
DestroyIcon
SetRect
RedrawWindow
GetDialogBaseUnits
IsChild
InvalidateRect
DestroyCursor
GetParent
EqualRect
DrawFocusRect
UnionRect
IntersectRect
SystemParametersInfoA
GetSystemMetrics
DrawEdge
GetKeyState
SetCapture
GetCapture
ReleaseCapture
SetCursor
GetCursorPos
GetFocus
GetCaretPos
GetDesktopWindow
PtInRect
TranslateMessage
UnregisterClassA

gdi32

LineTo
SetPixelV
CreateSolidBrush
SetStretchBltMode
StretchBlt
SelectClipRgn
ExcludeClipRect
DeleteObject
DeleteDC
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
GetDeviceCaps
BitBlt
GetStockObject
SetBkMode
GetTextColor
SetTextColor
GetClipBox
CreateRectRgnIndirect
DeleteMetaFile
CloseMetaFile
ExtCreatePen
SetWindowExtEx
SetWindowOrgEx
SaveDC
SetViewportOrgEx
SetMapMode
LPtoDP
CombineRgn
ExtCreateRegion
CreateDIBSection
CreateRectRgn
ExtSelectClipRgn
OffsetClipRgn
GetWindowOrgEx
GetViewportOrgEx
GetClipRgn
Polyline
CreatePen
ModifyWorldTransform
SetWorldTransform
SetGraphicsMode
FillRgn
CreatePolygonRgn
PatBlt
SetBkColor
CreatePatternBrush
CreateBitmap
GetPixel
RestoreDC
MoveToEx

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

ole32

OleDraw
OleSaveToStream
WriteClassStm
OleLoadFromStream
ReleaseStgMedium
ProgIDFromCLSID
StringFromGUID2
CreateOleAdviseHolder
CreateDataAdviseHolder
OleRegGetMiscStatus
OleRegGetUserType
OleRegEnumVerbs
RevokeDragDrop
RegisterDragDrop
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CreateStreamOnHGlobal
DoDragDrop
OleUninitialize
OleInitialize
CoCreateInstance
CoGetClassObject
OleLockRunning
CLSIDFromProgID

oleaut32

UnRegisterTypeLi
OleCreatePictureIndirect
VariantCopyInd
SysAllocStringByteLen
VarCmp
SafeArrayGetDim
SafeArrayGetLBound
SafeArrayGetVartype
VariantTimeToSystemTime
SafeArrayCreateVector
SafeArrayDestroy
SafeArrayCreate
OleCreatePropertyFrame
LoadRegTypeLi
CreateErrorInfo
SetErrorInfo
VarUI4FromStr
RegisterTypeLi
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayUnaccessData
LoadTypeLi
SysStringByteLen
SysStringLen
VariantChangeType
VariantInit
OleTranslateColor
OleLoadPicture
SysAllocStringLen
OleCreateFontIndirect
SysAllocString
VariantCopy
VariantClear
SysFreeString

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 424KB - Virtual size: 420KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 144KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Controls/ExICalendar.dll
.dll regsvr32 windows:4 windows x86 arch:x86

2033beaa037bdaa8c23de051b19467da

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetTimeFormatW
GetDateFormatW
FreeResource
LockResource
GetTickCount
CloseHandle
ReadFile
GetFileSize
CreateFileW
LoadLibraryA
GetVersion
WideCharToMultiByte
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetEndOfFile
CreateFileA
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetLocaleInfoW
GetCurrentProcessId
QueryPerformanceCounter
GetModuleHandleW
LoadLibraryExW
FindResourceW
LoadResource
SizeofResource
InterlockedDecrement
InterlockedIncrement
DisableThreadLibraryCalls
lstrcmpiW
GetLastError
DeleteCriticalSection
InitializeCriticalSection
RaiseException
lstrlenA
MultiByteToWideChar
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalReAlloc
GlobalFree
GetModuleFileNameW
LeaveCriticalSection
EnterCriticalSection
lstrlenW
GetSystemDirectoryW
FreeLibrary
LoadLibraryW
GetProcAddress
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetTimeZoneInformation
SetFilePointer
FlushFileBuffers
GetConsoleMode
GetStartupInfoA
GetFileType
SetHandleCount
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetOEMCP
GetModuleFileNameA
GetStdHandle
WriteFile
VirtualFree
HeapCreate
HeapDestroy
HeapSize
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
ExitProcess
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
InterlockedCompareExchange
Sleep
RtlUnwind
HeapFree
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapAlloc
HeapReAlloc
VirtualProtect
VirtualAlloc
GetModuleHandleA
GetSystemInfo
VirtualQuery
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCommandLineA
GetProcessHeap
LCMapStringA
LCMapStringW
GetCPInfo
GetStringTypeA
GetStringTypeW
GetConsoleCP

user32

OffsetRect
wsprintfW
CharNextW
UnregisterClassA

gdi32

DeleteObject
DeleteDC
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
GetDeviceCaps
BitBlt
GetStockObject
SetBkMode
GetTextColor
SetTextColor

advapi32

RegQueryInfoKeyW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
RegEnumKeyExW

ole32

CoTaskMemRealloc
CoTaskMemFree
CoCreateInstance
StringFromGUID2
CreateStreamOnHGlobal
CLSIDFromProgID
CoTaskMemAlloc

oleaut32

OleLoadPicture
SafeArrayGetDim
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetVartype
SafeArrayGetElemsize
VariantTimeToSystemTime
VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
VariantChangeType
VariantInit
SafeArrayCreateVector
SafeArrayAccessData
SafeArrayUnaccessData
LoadTypeLi
LoadRegTypeLi
SysStringLen
VariantCopy
VariantClear
SysFreeString
SysAllocString

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 472KB - Virtual size: 470KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Controls/ExOrgChart.dll
.dll regsvr32 windows:4 windows x86 arch:x86

564a88fe9f5a0277225ce466c1ae0148

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetStartupInfoA
GetFileType
SetHandleCount
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetOEMCP
GetStdHandle
HeapCreate
HeapDestroy
HeapSize
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetDateFormatA
GetTimeFormatA
ExitProcess
GetStringTypeA
LCMapStringA
GetCommandLineA
GetConsoleCP
GetSystemTimeAsFileTime
VirtualQuery
GetSystemInfo
VirtualProtect
HeapReAlloc
RtlUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
GetThreadLocale
GetLocaleInfoA
GetACP
GetConsoleMode
FlushFileBuffers
SetFilePointer
GetTimeZoneInformation
SetStdHandle
CreateFileA
FreeEnvironmentStringsA
GetEnvironmentStrings
QueryPerformanceCounter
GetCurrentProcessId
WriteConsoleA
GetConsoleOutputCP
SetEnvironmentVariableA
LocalFree
GetDiskFreeSpaceA
InterlockedExchange
GetSystemDirectoryA
GetWindowsDirectoryA
GetModuleFileNameA
GetModuleHandleA
CompareStringA
GetVersion
LoadLibraryA
FreeResource
OpenProcess
FindClose
GlobalSize
ResumeThread
SuspendThread
WaitForSingleObject
TerminateThread
CreateThread
WriteFile
GlobalReAlloc
LoadResource
LockResource
SizeofResource
InterlockedDecrement
InterlockedIncrement
DisableThreadLibraryCalls
GetLastError
DeleteCriticalSection
InitializeCriticalSection
GetVersionExA
GetTickCount
Sleep
GetFileSize
ReadFile
FreeLibrary
CloseHandle
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
SetLastError
GetCurrentThreadId
MulDiv
GetCurrentProcess
FlushInstructionCache
LeaveCriticalSection
EnterCriticalSection
RaiseException
lstrlenA

user32

SetCaretPos
UnregisterClassA
OffsetRect
GetClientRect
ShowWindow
ReleaseDC
GetDC
DestroyWindow
GetWindow
SetParent
TranslateMessage
PtInRect
SetWindowPos
GetWindowRect
ClientToScreen
ScreenToClient
InvalidateRect
FlashWindow
OpenClipboard
IsWindow
SetWindowRgn
EqualRect
IntersectRect
GetAsyncKeyState
GetKeyState
GetCursorPos
CloseClipboard
MessageBeep
SetClipboardData
EmptyClipboard
SetRect
EndDialog
GetDlgItem
GetDlgCtrlID
DrawFrameControl
GetCursor
DestroyIcon
DrawIconEx
CopyIcon
IsWindowVisible
GetForegroundWindow
SetCursorPos
WindowFromPoint
ToUnicodeEx
GetKeyboardState
IsWindowEnabled
GetWindowThreadProcessId
ScrollDC
GetActiveWindow
SetActiveWindow
CallNextHookEx
UnhookWindowsHookEx
ChildWindowFromPoint
InvertRect
wsprintfA
GetDialogBaseUnits
DestroyCursor
UnionRect
RedrawWindow
ShowCaret
HideCaret
CreateCaret
KillTimer
SetTimer
DestroyCaret
SetCapture
SystemParametersInfoA
GetSystemMetrics
GetCapture
ReleaseCapture
SetCursor
GetCaretPos
GetSysColorBrush
GetSysColor
EndPaint
BeginPaint
GetWindowDC
InflateRect
DrawFocusRect
MoveWindow
GetMessagePos
GetDesktopWindow
IsRectEmpty
FillRect
DrawEdge
FrameRect
GetParent
GetFocus
IsChild
SetFocus

gdi32

LPtoDP
PlayEnhMetaFile
DeleteEnhMetaFile
GetPixel
CreateBitmap
CreatePatternBrush
SetBkColor
SetPixelV
SetStretchBltMode
StretchBlt
SelectClipRgn
GetObjectType
SetViewportOrgEx
SetMapMode
SetViewportExtEx
SetWindowOrgEx
ExcludeClipRect
SetTextAlign
GetClipBox
GetWindowExtEx
SetWindowExtEx
CreateSolidBrush
CreateRectRgnIndirect
DeleteObject
DeleteDC
CreateCompatibleDC
CloseEnhMetaFile
SelectObject
GetDeviceCaps
BitBlt
GetStockObject
SetBkMode
GetTextColor
SetTextColor
CreateDIBSection
CreateRectRgn
ExtSelectClipRgn
OffsetClipRgn
GetWindowOrgEx
GetViewportOrgEx
GetClipRgn
Polyline
CreatePen
Polygon
LineTo
MoveToEx
PolyBezier
RoundRect
IntersectClipRect
GetDIBits
ExtCreatePen
Rectangle
FillRgn
CreatePolygonRgn
DeleteMetaFile
CloseMetaFile
RestoreDC
SaveDC
CombineRgn
CreateCompatibleBitmap
PatBlt
ExtCreateRegion

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

ole32

CLSIDFromProgID
OleLockRunning
CoGetClassObject
CoCreateInstance
OleInitialize
OleUninitialize
CLSIDFromString
OleRun
StgCreateDocfile
OleConvertOLESTREAMToIStorage
OleDraw
StringFromGUID2
CreateOleAdviseHolder
CreateDataAdviseHolder
OleRegGetMiscStatus
OleRegGetUserType
OleRegEnumVerbs
CoTaskMemRealloc
CoTaskMemAlloc
DoDragDrop
CreateStreamOnHGlobal
ProgIDFromCLSID
CoTaskMemFree
OleSaveToStream
WriteClassStm
OleLoadFromStream

oleaut32

UnRegisterTypeLi
OleCreatePictureIndirect
VarCmp
VariantTimeToSystemTime
SafeArrayCreateVector
OleCreatePropertyFrame
VarUI4FromStr
RegisterTypeLi
SysAllocStringLen
SafeArrayGetDim
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetVartype
SafeArrayCreate
SafeArrayAccessData
SafeArrayUnaccessData
LoadTypeLi
LoadRegTypeLi
OleLoadPicture
CreateErrorInfo
SetErrorInfo
OleTranslateColor
VariantChangeType
VariantInit
SysStringByteLen
SysAllocStringByteLen
SysStringLen
OleCreateFontIndirect
VariantCopy
VariantClear
SysFreeString
SysAllocString

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 344KB - Virtual size: 340KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 140KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 128KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Controls/ExPrint.dll
.dll regsvr32 windows:4 windows x86 arch:x86

71dddd4bcdf963e2831b6725a5a63915

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winspool.drv

ord204
ord203

kernel32

CreateFileW
GetStdHandle
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetTimeZoneInformation
GetOEMCP
HeapCreate
HeapDestroy
ExitProcess
HeapSize
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStringTypeW
GetStringTypeA
GetCPInfo
LCMapStringW
LCMapStringA
GetCommandLineA
VirtualQuery
GetSystemInfo
GetModuleHandleA
VirtualProtect
GetSystemTimeAsFileTime
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
RtlUnwind
HeapReAlloc
Sleep
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
SetStdHandle
GetFileType
SetHandleCount
GetStartupInfoA
CreateFileA
SetFilePointer
GetConsoleCP
GetConsoleMode
FlushFileBuffers
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetCurrentProcessId
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringA
SetEnvironmentVariableA
CompareStringW
GetProcAddress
LoadLibraryW
FreeLibrary
RaiseException
EnterCriticalSection
LeaveCriticalSection
FlushInstructionCache
GetCurrentProcess
MulDiv
GetCurrentThreadId
SetLastError
GetSystemDirectoryW
GetVersionExA
GetModuleHandleW
MultiByteToWideChar
GetTickCount
LoadLibraryA
LockResource
FreeResource
SetThreadPriority
ResumeThread
SuspendThread
WaitForSingleObject
TerminateThread
CreateThread
WriteProfileStringW
DeleteFileW
GetProfileIntW
CloseHandle
GetProfileStringW
GetVersion
GlobalSize
OutputDebugStringW
WriteFile
WideCharToMultiByte
GlobalReAlloc
GlobalFree
LoadLibraryExW
FindResourceW
LoadResource
SizeofResource
InterlockedDecrement
InterlockedIncrement
DisableThreadLibraryCalls
lstrcmpiW
DeleteCriticalSection
InitializeCriticalSection
lstrlenA
GetNumberFormatW
GetDateFormatW
GetTimeFormatW
GetCurrencyFormatW
GetModuleFileNameW
lstrlenW
GetLastError
GetLocaleInfoW
GetModuleFileNameA
GetFileSize
GlobalAlloc
GlobalLock
ReadFile
GlobalUnlock

user32

GetCursorPos
KillTimer
SetTimer
GetDesktopWindow
GetSysColorBrush
IsWindowVisible
GetCapture
RedrawWindow
GetWindowDC
SetForegroundWindow
GetScrollPos
SetScrollPos
OpenClipboard
GetScrollInfo
SetScrollInfo
LoadBitmapW
CloseClipboard
SetClipboardData
EmptyClipboard
DrawFocusRect
ChildWindowFromPoint
GetForegroundWindow
AdjustWindowRectEx
IsWindowEnabled
EnableWindow
InvertRect
RegisterClassExW
PostMessageW
DefWindowProcW
GetWindow
CallWindowProcW
UnregisterClassA
DestroyWindow
GetDC
ReleaseDC
LoadCursorW
GetClassInfoExW
ShowWindow
SetWindowLongW
GetClientRect
OffsetRect
GetSysColor
LoadStringW
LoadIconW
GetActiveWindow
SendMessageW
GetDlgItem
SetWindowTextW
EndDialog
DrawStateW
LoadImageW
DrawTextW
FrameRect
DrawIconEx
DestroyIcon
SetRect
RegisterClipboardFormatW
RegisterWindowMessageW
ScreenToClient
ClientToScreen
GetParent
SetFocus
GetFocus
IsChild
InvalidateRect
DestroyCursor
BeginPaint
EndPaint
EqualRect
SetWindowRgn
SetWindowPos
UnionRect
CharNextW
IsRectEmpty
MessageBoxW
wsprintfW
GetCursor
SetCursor
GetMessagePos
SetCapture
PtInRect
ReleaseCapture
GetKeyState
TranslateMessage
DispatchMessageW
MoveWindow
IsWindow
IntersectRect
SystemParametersInfoA
GetWindowRect
GetSystemMetrics
DrawEdge
InflateRect
GetAsyncKeyState
FillRect
PeekMessageW
GetWindowLongW
CreateWindowExW

gdi32

DeleteEnhMetaFile
CreateBrushIndirect
SetGraphicsMode
SetWorldTransform
ModifyWorldTransform
DPtoLP
StartDocW
StartPage
EndPage
EndDoc
Rectangle
SetStretchBltMode
StretchBlt
ExcludeClipRect
CopyEnhMetaFileW
GetDIBits
GetTextMetricsW
GetClipRgn
GetViewportOrgEx
GetWindowOrgEx
OffsetClipRgn
ExtSelectClipRgn
CreateRectRgn
CreateDIBSection
ExtCreateRegion
CombineRgn
LPtoDP
SetViewportOrgEx
CreateDCW
CreateMetaFileW
SaveDC
SetWindowOrgEx
RestoreDC
CloseMetaFile
DeleteMetaFile
SetMapMode
SetViewportExtEx
SetWindowExtEx
GetViewportExtEx
GetWindowExtEx
CreateRectRgnIndirect
SelectClipRgn
PlayEnhMetaFile
CloseEnhMetaFile
CreateEnhMetaFileW
CreatePen
MoveToEx
LineTo
GetClipBox
GetPixel
CreateSolidBrush
CreateBitmap
SetBkColor
PatBlt
CreateFontIndirectW
GetTextExtentPoint32W
GetObjectW
SetPixelV
DeleteObject
DeleteDC
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
GetDeviceCaps
BitBlt
GetStockObject
SetBkMode
GetTextColor
SetTextColor

advapi32

RegSetValueExW
RegEnumKeyExW
RegQueryInfoKeyW
RegDeleteKeyW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW

ole32

DoDragDrop
ProgIDFromCLSID
OleSaveToStream
WriteClassStm
OleLoadFromStream
StringFromGUID2
CreateOleAdviseHolder
CreateDataAdviseHolder
OleRegGetMiscStatus
OleRegGetUserType
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CreateStreamOnHGlobal
OleUninitialize
OleInitialize
CoCreateInstance
CLSIDFromProgID
OleDraw
OleRegEnumVerbs

oleaut32

UnRegisterTypeLi
SafeArrayGetElemsize
CreateErrorInfo
SetErrorInfo
VariantCopyInd
SysAllocStringLen
OleCreatePropertyFrame
VarUI4FromStr
RegisterTypeLi
SafeArrayGetDim
SafeArrayGetLBound
SafeArrayGetVartype
SafeArrayCreate
SafeArrayCreateVector
VarCmp
VariantTimeToSystemTime
LoadTypeLi
LoadRegTypeLi
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayUnaccessData
SysStringLen
VariantCopy
OleLoadPicture
SysStringByteLen
SysAllocStringByteLen
VariantChangeType
VariantClear
VariantInit
OleTranslateColor
OleCreateFontIndirect
SysAllocString
SysFreeString

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 692KB - Virtual size: 691KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 232KB - Virtual size: 229KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Controls/ExSchedule.dll
.dll regsvr32 windows:4 windows x86 arch:x86

00a1f649eb4419c5ec990ef5a11ac039

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetConsoleMode
GetConsoleCP
GetStartupInfoA
GetFileType
SetHandleCount
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetTimeZoneInformation
GetOEMCP
GetStdHandle
HeapCreate
HeapDestroy
HeapSize
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetDateFormatA
GetTimeFormatA
ExitProcess
GetStringTypeA
LCMapStringA
GetCommandLineA
FlushFileBuffers
VirtualQuery
GetSystemInfo
VirtualProtect
GetSystemTimeAsFileTime
HeapReAlloc
RtlUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
GetThreadLocale
GetLocaleInfoA
GetACP
SetFilePointer
SetStdHandle
CreateFileA
FreeEnvironmentStringsA
GetEnvironmentStrings
QueryPerformanceCounter
GetCurrentProcessId
WriteConsoleA
GetConsoleOutputCP
SetEnvironmentVariableA
LocalFree
GetDiskFreeSpaceA
InterlockedExchange
GetSystemDirectoryA
GetWindowsDirectoryA
GetModuleFileNameA
GetModuleHandleA
CompareStringA
GetVersion
LoadLibraryA
OpenProcess
FindClose
GlobalSize
FreeResource
ResumeThread
SuspendThread
WaitForSingleObject
TerminateThread
CreateThread
WriteFile
GlobalReAlloc
GlobalFree
LoadResource
LockResource
SizeofResource
InterlockedDecrement
InterlockedIncrement
DisableThreadLibraryCalls
GetLastError
DeleteCriticalSection
InitializeCriticalSection
lstrlenA
GetFileSize
ReadFile
CloseHandle
GetVersionExA
GlobalAlloc
GlobalLock
FreeLibrary
GlobalUnlock
GetTickCount
Sleep
SetLastError
GetCurrentThreadId
MulDiv
GetCurrentProcess
FlushInstructionCache
LeaveCriticalSection
EnterCriticalSection
RaiseException

user32

DestroyMenu
UnregisterClassA
OffsetRect
GetClientRect
ShowWindow
ReleaseDC
GetDC
DestroyWindow
GetWindow
SetParent
MoveWindow
SetWindowPos
GetWindowRect
InvalidateRect
GetParent
IsWindow
DrawFocusRect
InflateRect
FillRect
TranslateMessage
PtInRect
GetCursorPos
GetDesktopWindow
GetFocus
ClientToScreen
ScreenToClient
GetWindowDC
SetRect
EndDialog
GetDlgItem
GetDlgCtrlID
DrawIconEx
DrawFrameControl
GetCursor
CopyIcon
IsWindowVisible
GetForegroundWindow
SetCursorPos
WindowFromPoint
ToUnicodeEx
GetKeyboardState
IsWindowEnabled
GetWindowThreadProcessId
ScrollDC
GetActiveWindow
FlashWindow
CallNextHookEx
UnhookWindowsHookEx
SetActiveWindow
GetMenuItemCount
ChildWindowFromPoint
SubtractRect
InvertRect
wsprintfA
GetDialogBaseUnits
IsChild
DestroyIcon
DestroyCursor
UnionRect
EqualRect
TrackPopupMenu
CreatePopupMenu
RedrawWindow
SetCaretPos
MessageBeep
EmptyClipboard
SetClipboardData
CloseClipboard
ShowCaret
HideCaret
CreateCaret
OpenClipboard
SetFocus
KillTimer
SetTimer
DestroyCaret
IntersectRect
SystemParametersInfoA
DrawEdge
GetKeyState
SetCapture
GetSystemMetrics
GetCapture
ReleaseCapture
SetCursor
GetCaretPos
GetSysColorBrush
GetSysColor
EndPaint
BeginPaint
IsRectEmpty
FrameRect
GetAsyncKeyState
GetMessagePos
SetWindowRgn

gdi32

LPtoDP
CreateRectRgnIndirect
DeleteEnhMetaFile
GetClipBox
GetPixel
SetBkColor
PatBlt
ExtCreatePen
MoveToEx
LineTo
SetPixelV
CreateBitmap
CreatePatternBrush
SetStretchBltMode
StretchBlt
SelectClipRgn
ExcludeClipRect
CreateSolidBrush
DeleteObject
DeleteDC
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
GetDeviceCaps
CloseEnhMetaFile
GetStockObject
SetBkMode
GetTextColor
SetTextColor
SetViewportOrgEx
SetMapMode
CombineRgn
ExtCreateRegion
CreateDIBSection
CreateRectRgn
ExtSelectClipRgn
OffsetClipRgn
GetWindowOrgEx
GetViewportOrgEx
GetClipRgn
Polyline
CreatePen
GetDIBits
ModifyWorldTransform
SetWorldTransform
SetGraphicsMode
IntersectClipRect
CreateEllipticRgn
GetWindowExtEx
FillRgn
CreatePolygonRgn
DeleteMetaFile
CloseMetaFile
RestoreDC
SetWindowExtEx
SetWindowOrgEx
BitBlt
SaveDC

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

ole32

CLSIDFromProgID
OleLockRunning
CoGetClassObject
CoCreateInstance
OleInitialize
OleUninitialize
DoDragDrop
CLSIDFromString
OleRun
OleDraw
ReleaseStgMedium
ProgIDFromCLSID
OleSaveToStream
WriteClassStm
OleLoadFromStream
StringFromGUID2
CreateDataAdviseHolder
OleRegGetMiscStatus
OleRegGetUserType
OleRegEnumVerbs
CreateOleAdviseHolder
RevokeDragDrop
RegisterDragDrop
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CreateStreamOnHGlobal

oleaut32

RegisterTypeLi
SafeArrayCopy
SafeArrayDestroy
CreateErrorInfo
SetErrorInfo
OleCreatePictureIndirect
SysAllocStringByteLen
SafeArrayGetElemsize
OleCreatePropertyFrame
VarUI4FromStr
GetErrorInfo
UnRegisterTypeLi
SysStringByteLen
LoadTypeLi
LoadRegTypeLi
SysStringLen
VarCmp
SafeArrayGetDim
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetVartype
SafeArrayCreate
OleLoadPicture
SysAllocStringLen
OleTranslateColor
VariantTimeToSystemTime
SafeArrayCreateVector
SafeArrayAccessData
SafeArrayUnaccessData
VariantChangeType
VariantInit
OleCreateFontIndirect
SysAllocString
VariantCopy
VariantClear
SysFreeString

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 520KB - Virtual size: 518KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 144KB - Virtual size: 179KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 196KB - Virtual size: 192KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 192KB - Virtual size: 188KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Controls/ExSurface.dll
.dll regsvr32 windows:4 windows x86 arch:x86

a1bdd27aeea0c6a2f2ce2216f9b73396

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

EnumSystemLocalesA
GetUserDefaultLCID
GetOEMCP
HeapCreate
HeapDestroy
GetStdHandle
HeapSize
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetDateFormatA
GetTimeFormatA
ExitProcess
GetStringTypeA
LCMapStringA
GetCommandLineA
GetSystemTimeAsFileTime
IsValidLocale
GetSystemInfo
VirtualProtect
HeapReAlloc
RtlUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
LocalFree
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
GetThreadLocale
GetLocaleInfoA
GetACP
SetHandleCount
GetFileType
GetStartupInfoA
GetConsoleCP
GetConsoleMode
FlushFileBuffers
SetFilePointer
GetTimeZoneInformation
FreeEnvironmentStringsA
GetEnvironmentStrings
QueryPerformanceCounter
GetCurrentProcessId
WriteConsoleA
GetConsoleOutputCP
SetStdHandle
CreateFileA
SetEnvironmentVariableA
GetDiskFreeSpaceA
InterlockedExchange
GetSystemDirectoryA
GetWindowsDirectoryA
GetModuleFileNameA
GetModuleHandleA
CompareStringA
GetVersion
LoadLibraryA
OpenProcess
FindClose
GlobalSize
ResumeThread
SuspendThread
WaitForSingleObject
TerminateThread
CreateThread
InterlockedDecrement
InterlockedIncrement
DisableThreadLibraryCalls
GetLastError
DeleteCriticalSection
InitializeCriticalSection
WriteFile
GlobalReAlloc
GlobalFree
lstrlenA
GetFileSize
ReadFile
CloseHandle
GetVersionExA
LoadResource
SizeofResource
LockResource
FreeResource
GlobalAlloc
GlobalLock
GlobalUnlock
GetTickCount
FreeLibrary
Sleep
SetLastError
GetCurrentThreadId
MulDiv
GetCurrentProcess
FlushInstructionCache
LeaveCriticalSection
EnterCriticalSection
RaiseException
VirtualQuery

user32

TrackPopupMenu
DestroyMenu
CreatePopupMenu
RedrawWindow
SetCaretPos
UnregisterClassA
OffsetRect
UnionRect
IsRectEmpty
IntersectRect
GetClientRect
ShowWindow
ReleaseDC
GetDC
DestroyWindow
GetWindow
SetParent
MoveWindow
SetWindowPos
GetWindowRect
InvalidateRect
GetParent
IsWindow
DrawFocusRect
InflateRect
FillRect
TranslateMessage
PtInRect
GetCursorPos
SetRect
EqualRect
DestroyCursor
IsChild
GetDialogBaseUnits
EndDialog
GetDlgItem
GetDlgCtrlID
DestroyIcon
DrawIconEx
DrawFrameControl
GetCursor
CopyIcon
IsWindowVisible
GetForegroundWindow
SetCursorPos
WindowFromPoint
ToUnicodeEx
GetKeyboardState
IsWindowEnabled
GetWindowThreadProcessId
ScrollDC
GetActiveWindow
FlashWindow
AdjustWindowRect
CallNextHookEx
UnhookWindowsHookEx
SetActiveWindow
GetMenuItemCount
ChildWindowFromPoint
InvertRect
wsprintfA
MessageBeep
EmptyClipboard
SetClipboardData
CloseClipboard
ShowCaret
HideCaret
CreateCaret
OpenClipboard
SetFocus
KillTimer
SetTimer
DestroyCaret
SetCapture
GetKeyState
SystemParametersInfoA
GetSystemMetrics
DrawEdge
GetCapture
ReleaseCapture
SetCursor
GetCaretPos
GetSysColorBrush
GetSysColor
EndPaint
BeginPaint
FrameRect
GetAsyncKeyState
GetMessagePos
SetWindowRgn
GetWindowDC
ScreenToClient
ClientToScreen
GetFocus
GetDesktopWindow

gdi32

GetPixel
SetPixelV
PatBlt
CreateBitmap
CreatePatternBrush
SetStretchBltMode
StretchBlt
SelectClipRgn
ExcludeClipRect
CreateSolidBrush
DeleteObject
DeleteDC
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
GetDeviceCaps
BitBlt
GetStockObject
SetBkMode
GetTextColor
SetTextColor
CreateRectRgnIndirect
LPtoDP
CombineRgn
ExtCreateRegion
GetClipBox
CreateRectRgn
GetRegionData
ExtSelectClipRgn
OffsetClipRgn
GetClipRgn
DeleteMetaFile
CloseMetaFile
RestoreDC
SetWindowExtEx
SetWindowOrgEx
SaveDC
SetViewportOrgEx
SetMapMode
GetViewportOrgEx
Polyline
CreatePen
SetViewportExtEx
Polygon
PolyBezier
ModifyWorldTransform
SetWorldTransform
SetGraphicsMode
CreateBrushIndirect
FillRgn
CreatePolygonRgn
Ellipse
GetWindowExtEx
LineTo
MoveToEx
ExtCreatePen
CreateDIBSection
SetBkColor

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

ole32

CLSIDFromString
OleRun
OleDraw
ProgIDFromCLSID
OleSaveToStream
WriteClassStm
OleLoadFromStream
StringFromGUID2
CreateOleAdviseHolder
CreateDataAdviseHolder
OleRegGetMiscStatus
OleRegGetUserType
OleRegEnumVerbs
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CreateStreamOnHGlobal
DoDragDrop
OleUninitialize
OleInitialize
CoCreateInstance
CoGetClassObject
OleLockRunning
CLSIDFromProgID

oleaut32

SafeArrayGetUBound
SafeArrayDestroy
CreateErrorInfo
SetErrorInfo
OleCreatePictureIndirect
VariantCopyInd
VariantTimeToSystemTime
SysAllocStringByteLen
SafeArrayCreateVector
OleCreatePropertyFrame
VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
VarCmp
SysStringByteLen
LoadTypeLi
LoadRegTypeLi
SysStringLen
SafeArrayGetDim
SafeArrayGetLBound
SafeArrayGetVartype
SafeArrayCreate
SafeArrayAccessData
SafeArrayUnaccessData
OleLoadPicture
SysAllocStringLen
OleTranslateColor
OleCreateFontIndirect
SysAllocString
VariantChangeType
VariantInit
VariantCopy
VariantClear
SysFreeString

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 440KB - Virtual size: 439KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 124KB - Virtual size: 155KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 116KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 160KB - Virtual size: 157KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Controls/KsDHTMLEDLib.ocx
.dll regsvr32 windows:5 windows x86 arch:x86

82e26c2851dd238aa0a5cc9f9f02d8a0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

oleaut32

SysFreeString
SysReAllocStringLen
SysAllocStringLen
CreateErrorInfo
GetErrorInfo
SetErrorInfo
GetActiveObject
DispGetIDsOfNames
RegisterTypeLib
LoadTypeLibEx
SafeArrayGetElement
SysFreeString
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayGetElement
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayCreate
VariantChangeType
VariantCopyInd
VariantCopy
VariantClear
VariantInit

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCloseKey
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegFlushKey
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey
GetUserNameW

user32

GetKeyboardType
LoadStringW
MessageBoxA
CharNextW
CreateWindowExW
keybd_event
WindowFromPoint
WaitMessage
WaitForInputIdle
UpdateWindow
UnregisterClassW
UnhookWindowsHookEx
TranslateMessage
TranslateMDISysAccel
TrackPopupMenu
SystemParametersInfoW
ShowWindow
ShowScrollBar
ShowOwnedPopups
ShowCursor
SetWindowRgn
SetWindowsHookExW
SetWindowTextW
SetWindowPos
SetWindowPlacement
SetWindowLongW
SetTimer
SetSystemCursor
SetScrollRange
SetScrollPos
SetScrollInfo
SetRectEmpty
SetRect
SetPropW
SetParent
SetMenuItemInfoW
SetMenu
SetKeyboardState
SetForegroundWindow
SetFocus
SetCursor
SetClipboardData
SetClassLongW
SetCapture
SetActiveWindow
SendMessageA
SendMessageW
ScrollWindow
ScreenToClient
RemovePropW
RemoveMenu
ReleaseDC
ReleaseCapture
RegisterWindowMessageW
RegisterClipboardFormatW
RegisterClassW
RedrawWindow
PtInRect
PostThreadMessageW
PostQuitMessage
PostMessageW
PeekMessageA
PeekMessageW
OpenClipboard
OffsetRect
MsgWaitForMultipleObjectsEx
MsgWaitForMultipleObjects
MessageBoxW
MessageBeep
MapWindowPoints
MapVirtualKeyW
LoadStringW
LoadKeyboardLayoutW
LoadIconW
LoadCursorW
LoadBitmapW
KillTimer
IsZoomed
IsWindowVisible
IsWindowUnicode
IsWindowEnabled
IsWindow
IsIconic
IsDialogMessageA
IsDialogMessageW
IsClipboardFormatAvailable
IsChild
IsCharAlphaNumericW
IsCharAlphaW
InvalidateRect
IntersectRect
InsertMenuItemW
InsertMenuW
InflateRect
GetWindowThreadProcessId
GetWindowTextW
GetWindowRect
GetWindowPlacement
GetWindowLongW
GetWindowDC
GetTopWindow
GetSystemMetrics
GetSystemMenu
GetSysColorBrush
GetSysColor
GetSubMenu
GetScrollRange
GetScrollPos
GetScrollInfo
GetPropW
GetParent
GetWindow
GetMessageTime
GetMessagePos
GetMenuStringW
GetMenuState
GetMenuItemInfoW
GetMenuItemID
GetMenuItemCount
GetMenu
GetLastActivePopup
GetKeyboardState
GetKeyboardLayoutNameW
GetKeyboardLayoutList
GetKeyboardLayout
GetKeyState
GetKeyNameTextW
GetIconInfo
GetForegroundWindow
GetFocus
GetDlgItem
GetDlgCtrlID
GetDesktopWindow
GetDCEx
GetDC
GetCursorPos
GetCursor
GetClipboardFormatNameW
GetClipboardData
GetClientRect
GetClassLongW
GetClassInfoW
GetCapture
GetAsyncKeyState
GetActiveWindow
FrameRect
FindWindowExW
FindWindowW
FillRect
EqualRect
EnumWindows
EnumThreadWindows
EnumClipboardFormats
EnumChildWindows
EndPaint
EnableWindow
EnableScrollBar
EnableMenuItem
EmptyClipboard
DrawTextExW
DrawTextW
DrawMenuBar
DrawIconEx
DrawIcon
DrawFrameControl
DrawFocusRect
DrawEdge
DispatchMessageA
DispatchMessageW
DestroyWindow
DestroyMenu
DestroyIcon
DestroyCursor
DeleteMenu
DefWindowProcW
DefMDIChildProcW
DefFrameProcW
CreatePopupMenu
CreateMenu
CreateIcon
CopyIcon
CloseClipboard
ClientToScreen
CheckMenuItem
CharUpperBuffW
CharNextW
CharLowerBuffW
CharLowerW
CallWindowProcW
CallNextHookEx
BeginPaint
AdjustWindowRectEx
ActivateKeyboardLayout

kernel32

GetACP
Sleep
VirtualFree
VirtualAlloc
GetSystemInfo
GetTickCount
QueryPerformanceCounter
GetVersion
GetCurrentThreadId
VirtualQuery
WideCharToMultiByte
SetCurrentDirectoryW
MultiByteToWideChar
lstrlenW
lstrcpynW
LoadLibraryExW
GetThreadLocale
GetStartupInfoA
GetProcAddress
GetModuleHandleW
GetModuleFileNameW
GetLocaleInfoW
GetCurrentDirectoryW
GetCommandLineW
FreeLibrary
FindFirstFileW
FindClose
ExitProcess
ExitThread
CreateThread
CompareStringW
WriteFile
UnhandledExceptionFilter
RtlUnwind
RaiseException
GetStdHandle
CloseHandle
TlsSetValue
TlsGetValue
TlsFree
TlsAlloc
LocalFree
LocalAlloc
lstrcpyW
WriteProcessMemory
WriteFile
WideCharToMultiByte
WaitForSingleObject
WaitForMultipleObjectsEx
VirtualQueryEx
VirtualQuery
VirtualProtectEx
VirtualFree
VirtualAlloc
SwitchToThread
SizeofResource
SignalObjectAndWait
SetThreadLocale
SetLastError
SetFilePointer
SetEvent
SetErrorMode
SetEndOfFile
ResumeThread
ResetEvent
ReadFile
MultiByteToWideChar
MulDiv
LockResource
LoadResource
LoadLibraryW
LeaveCriticalSection
IsValidLocale
InitializeCriticalSection
GlobalUnlock
GlobalSize
GlobalReAlloc
GlobalHandle
GlobalLock
GlobalFree
GlobalFindAtomW
GlobalDeleteAtom
GlobalAlloc
GlobalAddAtomW
GetWindowsDirectoryW
GetVersionExW
GetVersion
GetUserDefaultLCID
GetTickCount
GetThreadLocale
GetTempPathA
GetSystemInfo
GetSystemDirectoryW
GetSystemDefaultLCID
GetStdHandle
GetShortPathNameW
GetProcAddress
GetModuleHandleW
GetModuleFileNameA
GetModuleFileNameW
GetLogicalDrives
GetLocaleInfoW
GetLocalTime
GetLastError
GetFullPathNameW
GetFileAttributesW
GetExitCodeThread
GetDriveTypeW
GetDiskFreeSpaceW
GetDateFormatW
GetCurrentThreadId
GetCurrentThread
GetCurrentProcessId
GetCurrentProcess
GetComputerNameW
GetCPInfo
GetACP
FreeResource
InterlockedIncrement
InterlockedExchangeAdd
InterlockedExchange
InterlockedDecrement
InterlockedCompareExchange
FreeLibrary
FormatMessageW
FindResourceW
FindNextFileW
FindFirstFileW
FindClose
FileTimeToLocalFileTime
FileTimeToDosDateTime
EnumCalendarInfoW
EnterCriticalSection
DeleteCriticalSection
CreateThread
CreateFileW
CreateEventW
CreateDirectoryW
CompareStringW
CloseHandle
Sleep

msimg32

AlphaBlend

gdi32

UnrealizeObject
StretchBlt
SetWindowOrgEx
SetWindowExtEx
SetWinMetaFileBits
SetViewportOrgEx
SetTextColor
SetStretchBltMode
SetROP2
SetPixel
SetMapMode
SetEnhMetaFileBits
SetDIBColorTable
SetBrushOrgEx
SetBkMode
SetBkColor
SelectPalette
SelectObject
SelectClipRgn
SaveDC
RestoreDC
Rectangle
RectVisible
RealizePalette
PlayEnhMetaFile
PatBlt
MoveToEx
MaskBlt
LineTo
LPtoDP
IntersectClipRect
GetWindowOrgEx
GetWinMetaFileBits
GetTextMetricsW
GetTextExtentPointW
GetTextExtentPoint32W
GetSystemPaletteEntries
GetStockObject
GetRgnBox
GetPixel
GetPaletteEntries
GetObjectW
GetNearestPaletteIndex
GetEnhMetaFilePaletteEntries
GetEnhMetaFileHeader
GetEnhMetaFileDescriptionW
GetEnhMetaFileBits
GetDeviceCaps
GetDIBits
GetDIBColorTable
GetDCOrgEx
GetCurrentPositionEx
GetClipBox
GetBrushOrgEx
GetBitmapBits
GdiFlush
FrameRgn
ExtTextOutW
ExcludeClipRect
EnumFontFamiliesExW
DeleteObject
DeleteMetaFile
DeleteEnhMetaFile
DeleteDC
CreateSolidBrush
CreateRectRgnIndirect
CreateRectRgn
CreatePenIndirect
CreatePen
CreatePalette
CreateMetaFileW
CreateHalftonePalette
CreateFontIndirectW
CreateEnhMetaFileW
CreateDIBitmap
CreateDIBSection
CreateCompatibleDC
CreateCompatibleBitmap
CreateBrushIndirect
CreateBitmap
CopyEnhMetaFileW
CloseMetaFile
CloseEnhMetaFile
BitBlt

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

mpr

WNetGetUserW

ole32

IsEqualGUID
CLSIDFromString
CreateStreamOnHGlobal
GetHGlobalFromStream
OleRegEnumVerbs
OleRegGetUserType
IsAccelerator
CreateOleAdviseHolder
OleDraw
OleSetMenuDescriptor
OleUninitialize
OleInitialize
CreateBindCtx
CreateDataAdviseHolder
CoTaskMemFree
CoTaskMemAlloc
ProgIDFromCLSID
StringFromCLSID
CoCreateInstance
CoLockObjectExternal
CoDisconnectObject
CoRevokeClassObject
CoRegisterClassObject
CoGetClassObject
CoUninitialize
CoInitialize
IsEqualGUID

comctl32

InitializeFlatSB
FlatSB_SetScrollProp
FlatSB_SetScrollPos
FlatSB_SetScrollInfo
FlatSB_GetScrollPos
FlatSB_GetScrollInfo
_TrackMouseEvent
ImageList_SetIconSize
ImageList_GetIconSize
ImageList_Write
ImageList_Read
ImageList_GetDragImage
ImageList_DragShowNolock
ImageList_DragMove
ImageList_DragLeave
ImageList_DragEnter
ImageList_EndDrag
ImageList_BeginDrag
ImageList_Remove
ImageList_DrawEx
ImageList_Draw
ImageList_GetBkColor
ImageList_SetBkColor
ImageList_Add
ImageList_SetImageCount
ImageList_GetImageCount
ImageList_Destroy
ImageList_Create
InitCommonControls

urlmon

CoInternetGetSession
CreateURLMoniker
CreateURLMonikerEx

wininet

InternetReadFile
InternetOpenUrlW
InternetOpenW
InternetCrackUrlW
InternetCloseHandle

shell32

SHFileOperationW
SHAppBarMessage

comdlg32

GetSaveFileNameW
GetOpenFileNameW

winmm

timeGetTime

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 20KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 169B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 115KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Controls/mscomct2.ocx
.dll regsvr32 windows:4 windows x86 arch:x86

71e4dc10f7cc0c7bb2b43714bb9f46c1

Code Sign

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

04/12/2003, 00:00

Not After

03/12/2008, 23:59

Subject

CN=VeriSign Time Stamping Services Signer,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

6a:0b:99:4f:c0:00:de:aa:11:d4:d8:40:9a:a8:be:e6
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/12/2000, 08:00

Not After

12/11/2005, 08:00

Subject

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

61:0e:7d:a7:00:00:00:00:00:48
Certificate

Issuer

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

25/10/2003, 05:59

Not After

25/01/2005, 06:09

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

f3:8a:eb:ca:d3:84:50:9f:6f:92:6a:b6:cb:f7:e6:bb:9c:34:2a:93
Signer

Actual PE Digest

f3:8a:eb:ca:d3:84:50:9f:6f:92:6a:b6:cb:f7:e6:bb:9c:34:2a:93

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
VirtualFree
GetCPInfo
GetOEMCP
VirtualAlloc
FlushFileBuffers
SetStdHandle
SetFilePointer
GetFileType
GetStdHandle
SetHandleCount
TlsGetValue
SetLastError
TlsFree
TlsAlloc
TlsSetValue
GetCurrentProcess
TerminateProcess
ExitProcess
RtlUnwind
GetCommandLineA
IsBadReadPtr
GlobalReAlloc
UnmapViewOfFile
GetFileSize
CreateFileMappingA
MapViewOfFile
GetSystemDefaultLCID
GetCurrentThreadId
GetCurrentProcessId
HeapCreate
HeapDestroy
FreeResource
LocalSize
RtlMoveMemory
CreateThread
Sleep
WaitForSingleObject
GetTimeFormatA
GlobalHandle
lstrcmpA
GetThreadLocale
MulDiv
LocalAlloc
GetProfileIntA
LocalReAlloc
LocalFree
GetTickCount
GetModuleHandleA
GlobalAddAtomA
GetACP
CompareStringW
CompareStringA
GlobalSize
GetVersionExA
IsDBCSLeadByte
lstrcpynA
GetFileAttributesA
GetVersion
DisableThreadLibraryCalls
FindResourceA
LoadResource
LockResource
GetLastError
lstrcmpiA
HeapReAlloc
InterlockedDecrement
InterlockedIncrement
GetProcAddress
LoadLibraryA
GetWindowsDirectoryA
lstrcatA
GetModuleFileNameA
MultiByteToWideChar
IsBadWritePtr
GetDateFormatA
lstrcpyA
GetLocaleInfoA
GetLocalTime
CreateFileA
CloseHandle
GlobalAlloc
WriteFile
GlobalLock
HeapAlloc
DeleteCriticalSection
WideCharToMultiByte
lstrlenW
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
HeapFree
FreeLibrary
lstrlenA
GetProcessHeap
GlobalFree
GlobalUnlock

user32

GrayStringA
HideCaret
DestroyCaret
CreateCaret
GetAsyncKeyState
SetCaretPos
DrawTextExA
SetRectEmpty
GetShellWindow
SetKeyboardState
GetKeyboardState
MapVirtualKeyA
ShowCaret
GetUpdateRgn
DestroyCursor
GetWindowRgn
ValidateRect
GetDCEx
LockWindowUpdate
CharNextExA
GetIconInfo
GetCursor
GetForegroundWindow
InvalidateRgn
GetKeyboardLayout
GetUpdateRect
DeferWindowPos
BeginDeferWindowPos
FindWindowA
TrackPopupMenu
GetKeyNameTextA
RemovePropA
SendNotifyMessageA
FrameRect
ChildWindowFromPoint
DrawIcon
TranslateMessage
DispatchMessageA
MessageBeep
UnregisterClassA
CreateDialogIndirectParamA
IsChild
GetNextDlgTabItem
IsDialogMessageA
WinHelpA
ScrollWindowEx
InvalidateRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetClipboardFormatNameA
RegisterClipboardFormatA
RegisterWindowMessageA
PeekMessageA
ScreenToClient
PostMessageW
PeekMessageW
RedrawWindow
InflateRect
AdjustWindowRectEx
CreatePopupMenu
DestroyMenu
DrawTextA
DrawFocusRect
AppendMenuA
AdjustWindowRect
IsZoomed
EnumChildWindows
GetDesktopWindow
ShowScrollBar
SetScrollRange
SetScrollPos
GetMessageA
GetScrollPos
IsRectEmpty
CallMsgFilterA
GetMessagePos
GetDoubleClickTime
InvertRect
GetSysColorBrush
SetCursor
GetWindowDC
UnionRect
SetTimer
SetScrollInfo
EnableScrollBar
UpdateWindow
KillTimer
LoadCursorA
GetMessageTime
GetDlgCtrlID
GetWindowThreadProcessId
WindowFromPoint
EndDeferWindowPos
EndDialog
ReleaseCapture
PtInRect
SetWindowRgn
IntersectRect
EqualRect
OffsetRect
GetParent
ClientToScreen
GetWindowRect
GetActiveWindow
GetWindow
MoveWindow
BeginPaint
EndPaint
SetParent
IsWindowVisible
CreateWindowExA
DestroyWindow
CharNextA
GetPropA
GetCursorPos
SetCursorPos
MapWindowPoints
DefWindowProcA
SetPropA
IsWindow
SetDlgItemTextA
CheckDlgButton
IsWindowEnabled
GetDlgItemTextA
GetDC
ReleaseDC
SetWindowPos
SetWindowLongA
GetWindowLongA
SendDlgItemMessageA
IsDlgButtonChecked
GetClientRect
GetFocus
LoadIconA
FillRect
DrawIconEx
ShowWindow
DestroyIcon
SetDlgItemInt
GetDlgItemInt
MessageBoxA
SetFocus
GetWindowTextLengthA
SetWindowTextA
GetWindowTextA
EnableWindow
SendMessageA
DialogBoxParamA
GetKeyState
SetCapture
GetCapture
CallWindowProcA
PostMessageA
GetSysColor
SetRect
DrawEdge
GetSystemMetrics
GetClassInfoA
RegisterClassA
GetDlgItem
LoadStringA
wsprintfA
GetScrollInfo
GetClassNameA
DrawFrameControl
CopyRect

ole32

OleLoadFromStream
ReleaseStgMedium
DoDragDrop
RegisterDragDrop
RevokeDragDrop
OleSaveToStream
CreateOleAdviseHolder
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree

advapi32

RegEnumKeyExA
RegCreateKeyA
RegOpenKeyA
RegQueryValueA
RegQueryValueExA
RegDeleteValueA
RegDeleteKeyA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

oleaut32

SafeArrayCopy
SafeArrayGetElement
SafeArrayCreate
SafeArrayPutElement
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayGetLBound
VariantCopy
SafeArrayUnaccessData
OleCreateFontIndirect
GetErrorInfo
OleCreatePictureIndirect
UnRegisterTypeLi
RegisterTypeLi
LoadTypeLibEx
SetErrorInfo
LoadTypeLi
CreateErrorInfo
VariantCopyInd
SafeArrayCreateVector
OleCreatePropertyFrame
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
OleTranslateColor
VariantChangeTypeEx
VariantChangeType
SysAllocStringLen
VariantInit
SysStringLen
SysAllocString
LoadRegTypeLi
VariantClear
SafeArrayRedim
SysFreeString

gdi32

ExcludeClipRect
SetBrushOrgEx
GetClipRgn
OffsetRgn
GetDIBColorTable
SetDIBColorTable
CreateDIBSection
OffsetWindowOrgEx
ExtTextOutW
GetTextExtentPointW
CreateHalftonePalette
GetTextAlign
SetTextAlign
DeleteObject
GetDeviceCaps
SelectObject
CreateSolidBrush
PatBlt
Polyline
CreatePen
StretchDIBits
GetDIBits
GetSystemPaletteEntries
GetObjectA
CreateBitmap
DeleteDC
CreateCompatibleDC
CreateDCA
SetBkColor
GetStockObject
GetTextExtentPoint32A
CreateFontIndirectA
GetCurrentObject
GetTextMetricsA
SetViewportOrgEx
SetWindowOrgEx
CreateRectRgnIndirect
GetViewportExtEx
GetWindowExtEx
LPtoDP
SetMapMode
SetViewportExtEx
SetWindowExtEx
SetTextColor
SelectClipRgn
CreateRectRgn
Rectangle
StretchBlt
CreateICA
CopyMetaFileA
CopyEnhMetaFileA
GetPaletteEntries
RealizePalette
SelectPalette
CreateDIBitmap
GetBitmapBits
CreatePalette
GetNearestColor
GetClipBox
TextOutA
SetBkMode
CreateFontA
CreatePatternBrush
ExtTextOutA
RestoreDC
IntersectClipRect
SaveDC
GetBkColor
GetCharWidthA
GetTextExtentPointA
Arc
RectVisible
Ellipse
LineTo
MoveToEx
GetPixel
CreateCompatibleBitmap
BitBlt
CombineRgn
GetTextColor

Exports

Exports

DLLGetDocumentation
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 468KB - Virtual size: 466KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 112KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Controls/mscomctl.ocx
.dll regsvr32 windows:4 windows x86 arch:x86

ce21923007044b1701a0b2dc4ac9396b

Code Sign

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

04/12/2003, 00:00

Not After

03/12/2008, 23:59

Subject

CN=VeriSign Time Stamping Services Signer,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

6a:0b:99:4f:c0:00:0c:ab:11:d8:22:ef:7d:6c:79:7e
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

23/05/2002, 08:00

Not After

25/09/2011, 08:00

Subject

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

61:05:87:58:00:03:00:00:00:5a
Certificate

Issuer

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

05/01/2005, 23:20

Not After

05/04/2006, 23:30

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

d3:33:87:9d:a3:7d:db:aa:b4:12:4a:ae:67:2b:01:a6:0b:07:8a:fd
Signer

Actual PE Digest

d3:33:87:9d:a3:7d:db:aa:b4:12:4a:ae:67:2b:01:a6:0b:07:8a:fd

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

CreateThread
LocalReAlloc
GetProfileIntA
RtlMoveMemory
LocalSize
FreeResource
GetCurrentProcessId
MulDiv
GetTickCount
MapViewOfFile
CreateFileMappingA
UnmapViewOfFile
GlobalReAlloc
IsBadReadPtr
Sleep
WaitForSingleObject
GlobalHandle
GetThreadLocale
LocalFree
LocalAlloc
GlobalAddAtomA
SetFilePointer
SetStdHandle
FlushFileBuffers
VirtualAlloc
WriteFile
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetOEMCP
GetACP
GetCPInfo
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
TlsGetValue
SetLastError
TlsFree
TlsAlloc
TlsSetValue
GetCurrentProcess
TerminateProcess
ExitProcess
RtlUnwind
GetCommandLineA
CompareStringW
GlobalSize
CreateFileA
GetFileSize
GlobalUnlock
GlobalLock
ReadFile
CloseHandle
IsDBCSLeadByte
GetModuleHandleA
FindResourceA
LoadResource
LockResource
GetLastError
GetFileAttributesA
GetVersion
DisableThreadLibraryCalls
GetProcAddress
GetLocaleInfoA
LoadLibraryA
GetWindowsDirectoryA
lstrcatA
GetModuleFileNameA
IsBadWritePtr
lstrcmpiA
GetLocalTime
GetTimeFormatA
GetDateFormatA
lstrcmpA
GlobalAlloc
GlobalFree
GetVersionExA
GetCurrentThreadId
MultiByteToWideChar
CompareStringA
lstrcpyA
InterlockedExchange
lstrlenA
GetSystemDefaultLCID
lstrcpynA
HeapAlloc
DeleteCriticalSection
FreeLibrary
HeapFree
WideCharToMultiByte
lstrlenW
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetProcessHeap
InterlockedIncrement
InterlockedDecrement
HeapReAlloc

user32

DrawFocusRect
AdjustWindowRect
DrawFrameControl
TrackPopupMenu
GetMessageA
AdjustWindowRectEx
CopyRect
GetKeyNameTextA
ShowCaret
SetCaretPos
GrayStringA
HideCaret
DestroyCaret
CreateCaret
SetWindowTextA
SetScrollInfo
DrawTextExA
InvertRect
SetRectEmpty
GetShellWindow
SetKeyboardState
GetKeyboardState
GetScrollInfo
GetKeyboardLayout
DestroyCursor
GetUpdateRgn
GetUpdateRect
GetWindowRgn
ValidateRect
CallMsgFilterA
LockWindowUpdate
IsZoomed
GetDesktopWindow
GetIconInfo
GetCursor
GetForegroundWindow
InvalidateRgn
EndDeferWindowPos
EnumChildWindows
GetDoubleClickTime
FindWindowA
GetMessageTime
GetWindowThreadProcessId
RemovePropA
SendNotifyMessageA
SetScrollPos
SetScrollRange
GetWindowTextLengthA
EnableScrollBar
ChildWindowFromPoint
EndDialog
GetWindow
GetPropA
GetCursorPos
WindowFromPoint
GetClassNameA
GetDlgCtrlID
IsWindow
SetPropA
SetTimer
KillTimer
SendDlgItemMessageA
IsWindowVisible
UnregisterClassA
CharNextA
SetActiveWindow
CheckRadioButton
SetFocus
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
CheckDlgButton
GetDlgItem
IsWindowEnabled
GetDCEx
DrawIconEx
CreateIconIndirect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetClipboardFormatNameA
SetCursorPos
RegisterClipboardFormatA
MessageBeep
RegisterWindowMessageA
PeekMessageA
PostMessageW
PeekMessageW
VkKeyScanA
SetParent
CharUpperA
GetDlgItemInt
SetCursor
CreateDialogIndirectParamA
GetNextDlgTabItem
IsDialogMessageA
ScrollWindowEx
GetDlgItemTextA
SetWindowRgn
IntersectRect
EqualRect
MoveWindow
BeginPaint
EndPaint
DeferWindowPos
BeginDeferWindowPos
CharNextExA
DrawIcon
DestroyIcon
MapWindowPoints
CreatePopupMenu
AppendMenuA
TrackPopupMenuEx
DestroyMenu
GetActiveWindow
MessageBoxA
WinHelpA
PtInRect
DefWindowProcA
GetWindowDC
SetRect
LoadCursorA
IsRectEmpty
ClientToScreen
GetWindowRect
MapVirtualKeyA
DestroyWindow
CreateWindowExA
GetSysColorBrush
GetAsyncKeyState
EnableWindow
PostMessageA
TranslateMessage
DispatchMessageA
wsprintfA
DialogBoxParamA
UpdateWindow
GetWindowLongA
SetWindowLongA
GetDC
ReleaseDC
GetParent
OffsetRect
UnionRect
GetFocus
IsChild
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
GetMessagePos
ScreenToClient
SetWindowPos
SetCapture
GetWindowTextA
WindowFromDC
GetClientRect
CallWindowProcA
DrawEdge
GetSysColor
FrameRect
InflateRect
FillRect
DrawTextA
GetKeyState
GetCapture
ReleaseCapture
GetClassInfoA
RegisterClassA
InvalidateRect
LoadIconA
GetSystemMetrics
CopyImage
SendMessageA
LoadStringA
RedrawWindow
ShowWindow
CreateAcceleratorTableA

ole32

ReleaseStgMedium
DoDragDrop
RegisterDragDrop
RevokeDragDrop
CreateStreamOnHGlobal
OleLoadFromStream
OleSaveToStream
CreateOleAdviseHolder
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance

advapi32

RegDeleteKeyA
RegOpenKeyA
RegQueryValueA
RegQueryValueExA
RegEnumKeyExA
RegCreateKeyA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey
RegDeleteValueA

oleaut32

SafeArrayRedim
SafeArrayPutElement
SafeArrayGetElement
SafeArrayCreate
SafeArrayDestroy
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
GetErrorInfo
OleCreateFontIndirect
OleCreatePropertyFrame
LoadTypeLibEx
UnRegisterTypeLi
RegisterTypeLi
CreateErrorInfo
SetErrorInfo
LoadRegTypeLi
LoadTypeLi
VariantChangeTypeEx
SysStringByteLen
SysAllocStringByteLen
OleLoadPicture
SysAllocStringLen
VariantCopy
OleTranslateColor
VariantChangeType
OleCreatePictureIndirect
VariantCopyInd
SysStringLen
SysFreeString
VariantInit
VariantClear
SysAllocString
SafeArrayCopy

comdlg32

GetOpenFileNameA

gdi32

Arc
GetTextExtentPointA
GetCharWidthA
OffsetWindowOrgEx
ExtTextOutW
GetTextExtentPointW
Polyline
GetTextAlign
SetTextAlign
OffsetRgn
GetTextColor
CombineRgn
GetTextMetricsA
MoveToEx
LineTo
Ellipse
DeleteObject
SelectObject
CreateSolidBrush
SetViewportOrgEx
SetWindowOrgEx
SetViewportExtEx
SetWindowExtEx
SetMapMode
GetDeviceCaps
CreateFontIndirectA
GetObjectA
SelectClipRgn
ExcludeClipRect
RectVisible
GetClipBox
IntersectClipRect
GetClipRgn
CreateRectRgnIndirect
RealizePalette
SelectPalette
PatBlt
CreateCompatibleBitmap
CreateBitmap
CreateCompatibleDC
GetTextExtentPoint32A
TextOutA
SetBkColor
SetTextColor
SetBkMode
Rectangle
CreatePen
GetStockObject
GetViewportExtEx
GetWindowExtEx
LPtoDP
DeleteDC
CreateDCA
CreateRectRgn
StretchBlt
CreateICA
CopyMetaFileA
CopyEnhMetaFileA
GetPaletteEntries
GetDIBits
CreateDIBitmap
GetBitmapBits
CreatePalette
GetNearestColor
CreatePatternBrush
CreateDIBSection
CreateHalftonePalette
BitBlt
SetDIBColorTable
GetDIBColorTable
GetPixel
StretchDIBits
SetBrushOrgEx
GetBkColor
ExtTextOutA
RestoreDC
SaveDC
CreateFontA

Exports

Exports

DLLGetDocumentation
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 690KB - Virtual size: 690KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 279KB - Virtual size: 279KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
EMLRegistryFix.reg
IQIEReg.txt
IQURIProtocol.txt
IQURIProtocolInstall.exe
.exe windows:4 windows x86 arch:x86

b60d17ea3c5780b1e7d0d0f60c6a1d7b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

_CIcos
_adj_fptan
__vbaFreeVar
__vbaStrVarMove
__vbaFreeVarList
__vbaEnd
_adj_fdiv_m64
ord621
_adj_fprem1
__vbaStrCat
__vbaHresultCheckObj
_adj_fdiv_m32
__vbaOnError
ord595
__vbaObjSet
_adj_fdiv_m16i
_adj_fdivr_m16i
ord520
_CIsin
__vbaChkstk
__vbaFileClose
EVENT_SINK_AddRef
__vbaStrCmp
__vbaI2I4
_adj_fpatan
EVENT_SINK_Release
ord600
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord712
__vbaPrintFile
_adj_fprem
_adj_fdivr_m64
__vbaFPException
ord537
ord645
_CIlog
__vbaFileOpen
__vbaNew2
ord648
ord570
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
ord685
ord100
__vbaVarTstNe
__vbaVarDup
_CIatan
__vbaStrMove
_allmul
_CItan
_CIexp
__vbaFreeStr
__vbaFreeObj

Sections

.text
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
InfoQube.exe
.exe windows:4 windows x86 arch:x86

6a2d74fefae44f3f30253d3b3d619232

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalUnlock
GlobalSize
GlobalAlloc
GlobalLock

user32

FindWindowA
FindWindowW

msvbvm60

EVENT_SINK_GetIDsOfNames
__vbaVarTextTstLe
__vbaVarTstGt
__vbaVarSub
__vbaStrI2
__vbaR8ForNextCheck
__vbaVargParmRef
__vbaVarTextCmpGe
_CIcos
_adj_fptan
__vbaHresultCheck
__vbaStrI4
__vbaVarMove
__vbaVarVargNofree
__vbaRedimPreserveVar
__vbaAryMove
__vbaFreeVar
ord588
__vbaGosubReturn
__vbaStrVarMove
__vbaLateIdCall
__vbaLineInputStr
__vbaLenBstr
ord696
__vbaFreeVarList
__vbaEnd
_adj_fdiv_m64
__vbaFpCDblR8
ord698
ord512
EVENT_SINK_Invoke
__vbaVarIndexStore
ord514
ord621
__vbaRaiseEvent
__vbaNextEachVar
__vbaFreeObjList
ord516
ord517
__vbaVarIndexLoadRef
__vbaStrErrVarCopy
__vbaVarTextTstLt
_adj_fprem1
__vbaRecAnsiToUni
ord518
ord519
__vbaVarSetVarAddref
__vbaVarTextCmpGt
__vbaI2Abs
__vbaResume
__vbaCopyBytes
__vbaVarCmpNe
__vbaStrCat
__vbaForEachCollAd
ord552
ord553
__vbaLsetFixstr
__vbaCyInt
ord660
__vbaVarTextTstEq
__vbaStrDate
__vbaRecDestruct
ord661
__vbaSetSystemError
ord662
__vbaLenBstrB
__vbaHresultCheckObj
ord556
ord557
ord665
__vbaVargVarCopy
ord558
__vbaLenVar
_adj_fdiv_m32
__vbaVarTstLe
ord559
__vbaAryVar
Zombie_GetTypeInfo
__vbaAryDestruct
__vbaLateMemSt
__vbaVarIndexLoadRefLock
ord591
ord592
__vbaExitProc
__vbaStrBool
__vbaBoolStr
ord593
__vbaForEachCollObj
ord300
__vbaI4Abs
ord594
ord301
__vbaCyAdd
__vbaObjSet
__vbaOnError
ord595
ord302
__vbaVargObj
ord596
_adj_fdiv_m16i
ord303
ord597
ord702
__vbaObjSetAddref
_adj_fdivr_m16i
ord304
ord703
ord598
__vbaVarIndexLoad
ord305
__vbaFpR4
ord599
ord306
__vbaForEachCollVar
__vbaStrFixstr
ord705
__vbaBoolVar
ord520
ord307
ord521
ord308
__vbaFPFix
ord522
__vbaStrTextCmp
ord309
__vbaVarTstLt
__vbaVargVar
__vbaFpR8
__vbaRefVarAry
__vbaBoolVarNull
_CIsin
ord524
__vbaErase
ord631
ord709
__vbaLateMemStAd
__vbaVarCmpGt
__vbaVarZero
ord525
__vbaVargVarMove
ord632
__vbaNextEachCollObj
__vbaChkstk
ord526
__vbaCyVar
__vbaGosubFree
__vbaFileClose
EVENT_SINK_AddRef
ord527
__vbaVarAbs
ord528
__vbaGenerateBoundsError
__vbaCyI2
__vbaExitEachColl
__vbaStrCmp
ord529
__vbaPutOwner3
__vbaVarTstEq
__vbaAryConstruct2
__vbaR4Str
__vbaStrTextLike
ord560
__vbaDateR8
__vbaNextEachCollVar
ord561
__vbaI2I4
__vbaObjVar
ord562
DllFunctionCall
__vbaVarOr
__vbaVarLateMemSt
ord563
ord670
ord564
__vbaCySub
__vbaCastObjVar
__vbaStrR4
__vbaRedimPreserve
__vbaLbound
_adj_fpatan
__vbaR4Var
__vbaFixstrConstruct
__vbaVarTextCmpLt
__vbaLateIdCallLd
Zombie_GetTypeInfoCount
__vbaRedim
__vbaR8Cy
__vbaStrR8
__vbaRecUniToAnsi
EVENT_SINK_Release
__vbaNew
ord600
__vbaVarTextTstNe
__vbaUI1I2
ord601
_CIsqrt
ord310
__vbaLateIdCallSt
__vbaObjIs
__vbaRedimVar
__vbaVarAnd
ord311
EVENT_SINK_QueryInterface
ord710
__vbaFpCmpCy
__vbaVarMul
__vbaVarTextCmpEq
__vbaExceptHandler
ord312
ord711
ord313
__vbaPrintFile
ord605
__vbaStrToUnicode
ord712
ord314
__vbaDateStr
ord606
_adj_fprem
_adj_fdivr_m64
ord315
__vbaFailedFriend
__vbaVarDiv
__vbaR8ErrVar
__vbaLateIdStAd
ord607
__vbaGosub
__vbaI2Str
ord316
ord715
ord530
ord608
ord716
ord531
__vbaFPException
__vbaStrCompVar
ord717
__vbaInStrVar
__vbaVarTextTstGe
ord319
__vbaUbound
__vbaStrVarVal
__vbaVarCat
__vbaCheckType
__vbaDateVar
__vbaMidStmtBstrB
__vbaLsetFixstrFree
__vbaI2Var
ord537
ord644
ord538
ord645
_CIlog
ord539
__vbaErrorOverflow
ord647
__vbaFileOpen
ord570
__vbaR8Str
__vbaVarLateMemCallLdRf
__vbaNew2
__vbaInStr
ord648
__vbaVarInt
ord571
_adj_fdiv_m32i
ord572
_adj_fdivr_m32i
__vbaVarSetObj
ord573
__vbaStrCopy
ord681
__vbaI4Str
__vbaVarNot
__vbaVarCmpLt
__vbaFreeStrList
ord576
__vbaVarTextTstGt
_adj_fdivr_m32
__vbaR8Var
ord577
__vbaPowerR8
_adj_fdiv_r
ord578
ord685
ord100
ord579
__vbaVarTstNe
ord687
__vbaVarSetVar
__vbaI4Var
__vbaVarCmpEq
__vbaVarLateMemStAd
__vbaFpCy
ord610
__vbaVarAdd
__vbaLateMemCall
__vbaAryLock
ord320
ord612
__vbaFreeVarg
__vbaStrComp
__vbaStrToAnsi
__vbaVarDup
ord321
__vbaVerifyVarObj
ord613
__vbaFpI2
__vbaVarMod
__vbaCheckTypeVar
__vbaVarTstGe
ord616
__vbaVarLateMemCallLd
__vbaUnkVar
__vbaFpI4
__vbaVarCopy
__vbaRecDestructAnsi
__vbaVarSetObjAddref
ord617
__vbaLateMemCallLd
_CIatan
ord618
__vbaStrMove
__vbaCastObj
__vbaAryCopy
__vbaI2ErrVar
__vbaI4Cy
__vbaForEachVar
__vbaR8IntI4
__vbaStrVarCopy
ord619
ord542
__vbaVarNeg
ord650
_allmul
__vbaVarLateMemCallSt
__vbaLateIdSt
ord545
__vbaLateMemCallSt
ord652
__vbaVarTextCmpNe
_CItan
ord546
__vbaNextEachCollAd
__vbaFPInt
__vbaAryUnlock
_CIexp
__vbaStrCy
__vbaMidStmtBstr
ord580
__vbaI4ErrVar
__vbaFreeObj
__vbaFreeStr
ord581

Sections

.text
Size: 13.5MB - Virtual size: 13.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 196KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
InfoQube.exe.Manifest
InfoQubeClipper.exe
.exe windows:4 windows x86 arch:x86

1c89849f312e81eff909d1e35d5b2519

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

__vbaVargParmRef
_CIcos
_adj_fptan
__vbaVarMove
__vbaStrI4
__vbaVarVargNofree
__vbaFreeVar
__vbaLenBstr
__vbaStrVarMove
__vbaEnd
__vbaFreeVarList
_adj_fdiv_m64
__vbaVarIndexStore
__vbaFreeObjList
_adj_fprem1
__vbaRecAnsiToUni
__vbaVarSetVarAddref
__vbaStrCat
__vbaVarTextTstEq
__vbaSetSystemError
__vbaHresultCheckObj
_adj_fdiv_m32
__vbaVarIndexLoadRefLock
ord592
ord300
ord301
ord595
__vbaObjSet
__vbaOnError
_adj_fdiv_m16i
__vbaObjSetAddref
_adj_fdivr_m16i
__vbaVarIndexLoad
ord305
ord306
__vbaForEachCollVar
__vbaStrFixstr
ord520
ord307
__vbaStrTextCmp
__vbaRefVarAry
_CIsin
ord709
ord632
__vbaChkstk
EVENT_SINK_AddRef
__vbaGenerateBoundsError
__vbaExitEachColl
__vbaStrCmp
__vbaVarTstEq
__vbaObjVar
__vbaNextEachCollVar
__vbaI2I4
ord562
DllFunctionCall
ord670
__vbaLbound
_adj_fpatan
__vbaRecUniToAnsi
EVENT_SINK_Release
__vbaNew
ord600
_CIsqrt
__vbaRedimVar
ord311
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord313
__vbaStrToUnicode
ord712
_adj_fprem
_adj_fdivr_m64
__vbaLateIdStAd
ord608
__vbaFPException
__vbaStrCompVar
__vbaUbound
__vbaStrVarVal
__vbaVarCat
ord537
ord645
_CIlog
__vbaErrorOverflow
__vbaNew2
__vbaInStr
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
ord685
ord100
__vbaVarTstNe
__vbaVarSetVar
__vbaI4Var
__vbaVarAdd
__vbaAryLock
__vbaVarDup
__vbaStrToAnsi
__vbaVarCopy
__vbaFpI4
__vbaVarSetObjAddref
ord617
_CIatan
__vbaCastObj
__vbaStrMove
__vbaStrVarCopy
_allmul
__vbaLateIdSt
_CItan
__vbaAryUnlock
_CIexp
__vbaFreeObj
__vbaFreeStr
ord581

Sections

.text
Size: 56KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
InfoQubeForUser1.bat
InfoQubeIEExtensionInstall.exe
.exe windows:4 windows x86 arch:x86

b60d17ea3c5780b1e7d0d0f60c6a1d7b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

_CIcos
_adj_fptan
__vbaFreeVar
__vbaStrVarMove
__vbaFreeVarList
__vbaEnd
_adj_fdiv_m64
ord621
_adj_fprem1
__vbaStrCat
__vbaHresultCheckObj
_adj_fdiv_m32
__vbaOnError
ord595
__vbaObjSet
_adj_fdiv_m16i
_adj_fdivr_m16i
ord520
_CIsin
__vbaChkstk
__vbaFileClose
EVENT_SINK_AddRef
__vbaStrCmp
__vbaI2I4
_adj_fpatan
EVENT_SINK_Release
ord600
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord712
__vbaPrintFile
_adj_fprem
_adj_fdivr_m64
__vbaFPException
ord537
ord645
_CIlog
__vbaFileOpen
__vbaNew2
ord648
ord570
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
ord685
ord100
__vbaVarTstNe
__vbaVarDup
_CIatan
__vbaStrMove
_allmul
_CItan
_CIexp
__vbaFreeStr
__vbaFreeObj

Sections

.text
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
InfoQubeTBExtension.xpi
.zip
chrome.manifest
chrome/content/about.xul
.xml
chrome/content/iqhelper.js
.js
chrome/content/msghandler.js
.js
chrome/content/overlay.js
.js
chrome/content/overlay3.js
.js
chrome/content/thunderbirdOverlay.js
.js
chrome/content/thunderbirdOverlay.xul
.xml
chrome/content/thunderbirdOverlay3.js
.js
chrome/content/thunderbirdOverlay3.xul
.xml
chrome/locale/en-US/about.dtd
chrome/locale/en-US/iqextension.dtd
chrome/skin/copy.png
.png
chrome/skin/copysmall.png
.png
chrome/skin/iqextension.png
.png
chrome/skin/overlay.css
install.rdf
.xml
OutlookProtocol2007.reg
OutlookProtocol2010.reg
OutlookProtocol2013.reg
OutlookProtocol2016.reg
PDFText.exe
.exe windows:5 windows x86 arch:x86

1e49ca5dc47ba4a443d669bc9b7d219c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
TlsSetValue
TlsGetValue
GetVersionExA
InitializeCriticalSection
TlsAlloc
GetFullPathNameA
GetCurrentProcessId
GetCurrentThreadId
DeleteCriticalSection
EnterCriticalSection
GetModuleFileNameA
LeaveCriticalSection
RtlUnwind
DecodePointer
EncodePointer
RaiseException
GetCommandLineA
HeapSetInformation
GetLastError
HeapFree
HeapAlloc
HeapReAlloc
GetSystemTimeAsFileTime
ReadFile
TlsFree
InterlockedIncrement
GetModuleHandleW
SetLastError
InterlockedDecrement
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
WriteFile
GetStdHandle
GetModuleFileNameW
IsProcessorFeaturePresent
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
InitializeCriticalSectionAndSpinCount
SetHandleCount
GetFileType
GetStartupInfoW
Sleep
ExitProcess
CloseHandle
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
FlushFileBuffers
MultiByteToWideChar
SetFilePointer
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
QueryPerformanceCounter
GetTickCount
LCMapStringW
HeapSize
LoadLibraryW
WriteConsoleW
SetStdHandle
CreateFileA
GetStringTypeW
CreateFileW
CompareStringW
SetEnvironmentVariableA
SetEndOfFile
GetProcessHeap

Sections

.text
Size: 579KB - Virtual size: 578KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 172KB - Virtual size: 172KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 159KB - Virtual size: 167KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
UnblockIQPortable.bat
icons/align.gif
icons/back.gif
.gif
icons/barcode.gif
icons/bullet.gif
.gif
icons/calendar.gif
.gif
icons/cd.gif
icons/check.gif
.gif
icons/cherries.gif
icons/clip.gif
.gif
icons/contact.gif
.gif
icons/cross.gif
icons/cycle.gif
.gif
icons/darrow.gif
.gif
icons/data file.gif
icons/date.gif
.gif
icons/delete.gif
.gif
icons/desert.gif
icons/dice.gif
icons/disk.gif
.gif
icons/doc.gif
.gif
icons/dotted-square.gif
icons/download.gif
icons/drive.gif
icons/drop.gif
icons/email.gif
.gif
icons/eraser.gif
icons/exclamation.gif
.gif
icons/explorer.gif
icons/favorite.gif
.gif
icons/filter.gif
.gif
icons/find file.gif
icons/flag.gif
.gif
icons/flash.gif
icons/folder.gif
.gif
icons/graph.gif
.gif
icons/graph2.gif
.gif
icons/grid.gif
icons/hammer.gif
.gif
icons/heart.gif
.gif
icons/home.gif
.gif
icons/hourglass.gif
.gif
icons/iq.gif
.gif
icons/keyboard.gif
.gif
icons/left-right.gif
.gif
icons/lens.gif
.gif
icons/lightbulb.gif
.gif
icons/link.gif
.gif
icons/list.gif
.gif
icons/lock.gif
.gif
icons/mail.gif
.gif
icons/mindmap.gif
.gif
icons/minus.gif
.gif
icons/mobile.gif
icons/money.gif
.gif
icons/mouse.gif
icons/mydoc.gif
.gif
icons/newitem.gif
.gif
icons/note.gif
.gif
icons/note2.gif
icons/orgchart.gif
.gif
icons/pen.gif
.gif
icons/pencil.gif
.gif
icons/person.gif
.gif
icons/pin.gif
icons/plus.gif
.gif
icons/push.gif
icons/question.gif
.gif
icons/rarrow.gif
.gif
icons/refresh.gif
.gif
icons/right-left.gif
.gif
icons/scales.gif
.gif
icons/search.gif
.gif
icons/sortasc.gif
.gif
icons/spellcheck.gif
.gif
icons/stop.gif
.gif
icons/tag.gif
.gif
icons/text.gif
icons/timeline.gif
.gif
icons/top-bottom.gif
.gif
icons/treeview.gif
.gif
icons/tv.gif
icons/undo.gif
icons/user.gif
icons/users.gif
icons/vbeditor.gif
.gif
icons/web.gif
.gif
icons/zoomin.gif
.gif
icons/zoomout.gif
.gif
irun.dll
.dll windows:4 windows x86 arch:x86

417a9101d0a5797c62b867054b3ac2a4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileA
DeleteCriticalSection
DeleteFileA
EnterCriticalSection
ExitProcess
FreeEnvironmentStringsA
FreeLibrary
GetACP
GetCPInfo
GetCurrentThreadId
GetEnvironmentStrings
GetFileAttributesA
GetFileType
GetLastError
GetLocalTime
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetProcAddress
GetProcessHeap
GetStartupInfoA
GetStdHandle
GetStringTypeW
GetVersion
GetVersionExA
GlobalAlloc
GlobalFree
GlobalLock
GlobalMemoryStatus
GlobalUnlock
HeapAlloc
HeapFree
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
MultiByteToWideChar
RaiseException
ReadFile
RtlUnwind
SetConsoleCtrlHandler
SetFilePointer
SetHandleCount
SetLastError
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualQuery
WideCharToMultiByte
WriteFile

user32

EnumThreadWindows
MessageBoxA
wsprintfA

Exports

Exports

EXBufferCloseSession
EXBufferConvert
EXBufferGetBody
EXBufferGetReferencedObject
EXBufferGetReferencedObjectSize
EXBufferGetReferencedObjectSizeAndType
EXBufferOpenSession
EXBufferRTF2WEB
EXFreeOutputBuffer
EXRTF2WEB
LibMain
___CPPdebugHook

Sections

.text
Size: 79KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 38KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
multimarkdown.exe
.exe windows:4 windows x64 arch:x64

8559d65438f935946f70adf78e09916c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetFileAttributesA
GetFullPathNameA
GetLastError
GetStartupInfoA
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
LeaveCriticalSection
MultiByteToWideChar
QueryPerformanceCounter
RtlAddFunctionTable
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery
__C_specific_handler

msvcrt

__dllonexit
__doserrno
__getmainargs
__initenv
__iob_func
__lconv_init
__pioinfo
__set_app_type
__setusermatherr
_acmdln
_amsg_exit
_cexit
_errno
_filelengthi64
_fileno
_findclose
_findfirst64
_fmode
_fullpath
_initterm
_localtime64
_lock
_lseeki64
_mkdir
_mktime64
_onexit
_setjmp
_time64
_unlock
_utime64
_vsnprintf
_wfopen
_write
abort
atoi
calloc
clock
exit
fclose
fflush
fgetpos
fopen
fopen_s
fprintf
fputc
fputs
fread
free
freopen_s
fsetpos
fwrite
getenv
isalnum
isalpha
iscntrl
islower
isprint
ispunct
isspace
isupper
isxdigit
localeconv
malloc
mbstowcs
memcmp
memcpy
memmove
memset
perror
printf
putchar
puts
qsort
rand
realloc
remove
setlocale
signal
sprintf
srand
strchr
strcmp
strcpy
strcspn
strftime
strlen
strncat
strncmp
strncpy
strpbrk
strrchr
strstr
strtol
tolower
toupper
vfprintf
wcstombs
_stat64
_findnext64
longjmp
_strdup
_getcwd
_chdir
_access

Sections

.text
Size: 477KB - Virtual size: 476KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 90KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 10KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/4
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/19
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/31
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/45
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/57
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/70
Size: 1024B - Virtual size: 911B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/81
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/92
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
sbdll.dll
.dll windows:1 windows x86 arch:x86

f39d216d89fd89a366584d6a552cec34

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GlobalMemoryStatus
VirtualFree
LeaveCriticalSection
GetFileAttributesA
GetCurrentThreadId
WriteFile
MapViewOfFile
ReadFile
FreeEnvironmentStringsA
GlobalUnlock
GetEnvironmentStrings
GlobalAlloc
GetFileSize
GetStartupInfoA
GetFileType
RtlUnwind
ExitProcess
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
CreateFileA
InitializeCriticalSection
CreateFileMappingA
GlobalLock
GlobalFree
CloseHandle
DeleteFileA
GetVersion
GetStdHandle
GetCommandLineA
GetLastError
RaiseException
EnterCriticalSection
SetConsoleCtrlHandler
GetLocalTime
SetFilePointer
SetHandleCount
UnhandledExceptionFilter
UnmapViewOfFile
VirtualAlloc

gdi32

RealizePalette
PlayEnhMetaFile
GetGraphicsMode
GetEnhMetaFileHeader
GetEnhMetaFileA
GetDeviceCaps
DeleteObject
DeleteEnhMetaFile
DeleteDC
CreateSolidBrush
CreateRectRgn
CreatePalette
CreateEnhMetaFileA
GetDIBits
CreateDCA
CreateCompatibleDC
CreateCompatibleBitmap
GetEnhMetaFilePaletteEntries
CloseEnhMetaFile
SetEnhMetaFileBits
SelectPalette
SelectClipRgn
SelectObject
SetWinMetaFileBits

user32

ReleaseDC
MessageBoxA
GetDC
FillRect
EnumThreadWindows

ole32

StgOpenStorage
OleLoad
OleDraw

Exports

Exports

@__lockDebuggerData$qv
@__unlockDebuggerData$qv
SBBufferWMF2GIF
SBClose
SBCreateGIFDC
SBCreateMetafile
SBDrawOle
SBGetDeviceCaps
SBGetEnhMetafile
SBGetExtent
SBGetGIF
SBInit
SBPlayMetafile
SBWMF2GIF
SBXOR
__DebuggerHookData

Sections

CODE
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
streams.exe
.exe windows:4 windows x86 arch:x86

e068200622901cf23a22e2b77cfb548c

Code Sign

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

61:47:52:ba:00:00:00:00:00:04
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16/09/2006, 01:53

Not After

16/09/2011, 02:03

Subject

CN=Microsoft Timestamping Service,OU=nCipher DSE ESN:D8A9-CFCC-579C,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

61:47:52:ba:00:00:00:00:00:04
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16/09/2006, 01:53

Not After

16/09/2011, 02:03

Subject

CN=Microsoft Timestamping Service,OU=nCipher DSE ESN:D8A9-CFCC-579C,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16/09/2006, 01:04

Not After

15/09/2019, 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

6a:0b:99:4f:c0:00:1d:ab:11:da:c4:02:a1:66:27:ba
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

04/04/2006, 17:44

Not After

26/04/2012, 07:00

Subject

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

61:46:9e:cb:00:04:00:00:00:65
Certificate

Issuer

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/04/2006, 19:43

Not After

04/10/2007, 19:53

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

6c:d3:cc:fd:d1:aa:0e:8c:59:58:04:20:58:80:09:5b:b8:ed:45:c5
Signer

Actual PE Digest

6c:d3:cc:fd:d1:aa:0e:8c:59:58:04:20:58:80:09:5b:b8:ed:45:c5

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
HeapSize
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetProcAddress
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindNextFileW
CreateFileW
FindClose
CloseHandle
DeleteFileW
GetCurrentProcess
GetLastError
FormatMessageW
LocalAlloc
LoadLibraryW
LocalFree
GetModuleHandleW
HeapAlloc
HeapFree
EnterCriticalSection
LeaveCriticalSection
GetModuleHandleA
ExitProcess
GetVersionExA
GetProcessHeap
DeleteCriticalSection
VirtualFree
VirtualAlloc
HeapReAlloc
HeapDestroy
HeapCreate
WriteFile
GetStdHandle
GetModuleFileNameA
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
FlushFileBuffers
SetHandleCount
GetFileType
GetStartupInfoA
Sleep
LoadLibraryA
InitializeCriticalSection
GetModuleFileNameW
FreeEnvironmentStringsA
MultiByteToWideChar
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
RtlUnwind
SetFilePointer
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA

user32

DialogBoxIndirectParamW
GetDlgItem
GetSysColorBrush
EndDialog
SetWindowTextW
LoadCursorW
SetCursor
InflateRect
SendMessageW

gdi32

SetMapMode
StartDocW
StartPage
EndPage
EndDoc
GetDeviceCaps

comdlg32

PrintDlgW

advapi32

LookupPrivilegeValueW
AdjustTokenPrivileges
RegCreateKeyW
RegQueryValueExW
RegSetValueExW
RegCloseKey
OpenProcessToken

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 980B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate

Extended Key Usages

Key Usages

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate

Extended Key Usages

Key Usages

31:a9:54:4a:3c:a4:e7:5c:fc:05:69:0f:97:ec:63:9fCertificate

Extended Key Usages

Key Usages

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7Certificate

Extended Key Usages

Key Usages

21:83:31:30:53:16:32:ca:e6:b4:40:b0:49:74:0d:21:e3:df:6d:1fSigner

Headers

File Characteristics

Sections

.rsrc Size: 15KB - Virtual size: 15KB

.reloc Size: 512B - Virtual size: 12B

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate

Extended Key Usages

Key Usages

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate

Extended Key Usages

Key Usages

31:a9:54:4a:3c:a4:e7:5c:fc:05:69:0f:97:ec:63:9fCertificate

Extended Key Usages

Key Usages

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7Certificate

Extended Key Usages

Key Usages

cb:8b:f8:d0:85:f7:02:7a:dd:e6:f8:f4:bb:f4:5c:bb:75:18:56:a9Signer

Headers

File Characteristics

Sections

.rsrc Size: 496KB - Virtual size: 495KB

.reloc Size: 512B - Virtual size: 12B

988f29c1eb8054253091352741683c76

Code Sign

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate

Extended Key Usages

Key Usages

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88Certificate

Extended Key Usages

Key Usages

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40Certificate

6a:0b:99:4f:c0:00:de:aa:11:d4:d8:40:9a:a8:be:e6Certificate

Extended Key Usages

Key Usages

61:0e:7d:a7:00:00:00:00:00:48Certificate

Extended Key Usages

Key Usages

30:04:be:c7:7e:04:0a:8e:9c:44:86:a8:95:a7:50:5e:ca:0f:22:ecSigner

Headers

File Characteristics

Imports

kernel32

user32

ole32

advapi32

oleaut32

comdlg32

gdi32

Exports

Exports

Sections

.text Size: 72KB - Virtual size: 69KB

.data Size: 4KB - Virtual size: 3KB

.rsrc Size: 52KB - Virtual size: 51KB

.reloc Size: 8KB - Virtual size: 5KB

f3fd03e8d29a5ed882c90e54aca992a7

Headers

DLL Characteristics

File Characteristics

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

31:a9:54:4a:3c:a4:e7:5c:fc:05:69:0f:97:ec:63:9f
Certificate

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

21:83:31:30:53:16:32:ca:e6:b4:40:b0:49:74:0d:21:e3:df:6d:1f
Signer

.rsrc
Size: 15KB - Virtual size: 15KB

.reloc
Size: 512B - Virtual size: 12B

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

31:a9:54:4a:3c:a4:e7:5c:fc:05:69:0f:97:ec:63:9f
Certificate

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

cb:8b:f8:d0:85:f7:02:7a:dd:e6:f8:f4:bb:f4:5c:bb:75:18:56:a9
Signer

.rsrc
Size: 496KB - Virtual size: 495KB

.reloc
Size: 512B - Virtual size: 12B

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88
Certificate

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

6a:0b:99:4f:c0:00:de:aa:11:d4:d8:40:9a:a8:be:e6
Certificate

61:0e:7d:a7:00:00:00:00:00:48
Certificate

30:04:be:c7:7e:04:0a:8e:9c:44:86:a8:95:a7:50:5e:ca:0f:22:ec
Signer

.text
Size: 72KB - Virtual size: 69KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 52KB - Virtual size: 51KB

.reloc
Size: 8KB - Virtual size: 5KB

.text
Size: 5.6MB - Virtual size: 5.6MB

.rdata
Size: 1.5MB - Virtual size: 1.5MB

.data
Size: 410KB - Virtual size: 432KB

.rsrc
Size: 616KB - Virtual size: 615KB

.reloc
Size: 494KB - Virtual size: 493KB

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

31:a9:54:4a:3c:a4:e7:5c:fc:05:69:0f:97:ec:63:9f
Certificate

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

85:47:fb:13:f8:d7:6d:c3:59:18:c5:23:e5:e2:9a:cc:7c:da:cc:be
Signer

.text
Size: 1.6MB - Virtual size: 1.6MB

.rdata
Size: 332KB - Virtual size: 329KB

.data
Size: 92KB - Virtual size: 105KB

.rsrc
Size: 356KB - Virtual size: 355KB

.reloc
Size: 168KB - Virtual size: 166KB

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

31:a9:54:4a:3c:a4:e7:5c:fc:05:69:0f:97:ec:63:9f
Certificate

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate