566be0ef6cc1bc42bf7d931c953e5246

Sharing

Copy URL Twitter E-mail

General

Target

566be0ef6cc1bc42bf7d931c953e5246
Size

5.4MB
MD5

566be0ef6cc1bc42bf7d931c953e5246
SHA1

eebe69be98cfb08ba7ecb38a0a56866401a36c9c
SHA256

3d7589f604d19a175738976975783c93a8f4713e8e50339c5ab5fa9f78fb5fc1
SHA512

6f60670d44ab9067415dcecef680d926043a6d45bcc1c29e4ef6373e63dbb3cff36adcc909338291e10f207525212181658bcf8c2d15baa8e12072650d9b3f97
SSDEEP

98304:8+bL1gR5s2rf9u6FMInphWv2gzgaXpxXfggWCHmqmGinlOYpKFyxHn1bJUbyicDh:8+bqR5Zf9ux0pwv4aXpxXfgelgsYpKg/

Score

7^/10

upx

Malware Config

Signatures

ACProtect 1.3x - 1.4x DLL software 1 IoCs

Detects file using ACProtect software.

resource	yara_rule
static1/unpack002/plugin/fileserver/antivirus/kingsoft/kaeunpack.dat	acprotect

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack002/plugin/fileserver/antivirus/kingsoft/kaeunpack.dat	upx

Unsigned PE 42 IoCs

Checks for missing Authenticode signature.

resource
unpack001/PCDoctor-v2.1.0.20.exe
unpack002/$PLUGINSDIR/System.dll
unpack002/$PLUGINSDIR/nsDialogs.dll
unpack002/$PLUGINSDIR/processwork.dll
unpack002/DriverUtil.exe
unpack002/Kisdoctor.exe
unpack002/QEnumDisk.dll
unpack002/QEnumEmailClient.dll
unpack002/QHideFileUtil.dll
unpack002/QHook.dll
unpack002/Uninstall.exe
unpack003/$PLUGINSDIR/System.dll
unpack003/$PLUGINSDIR/nsDialogs.dll
unpack002/atl71.dll
unpack002/audio.dll
unpack002/bootstrap.dll
unpack002/core.dll
unpack002/fltk.dll
unpack002/msvcp71.dll
unpack002/msvcr71.dll
unpack002/netdiag.dll
unpack002/ntio518vista.sys
unpack002/ntio518xp.sys
unpack002/plugin/agent/agent.dll
unpack002/plugin/fileserver/antivirus/kingsoft/kaemaldt.dll
unpack002/plugin/fileserver/antivirus/kingsoft/kaememex.dll
unpack002/plugin/fileserver/antivirus/kingsoft/kaeprev.dll
unpack002/plugin/fileserver/antivirus/kingsoft/kaeremov.dll
unpack002/plugin/fileserver/antivirus/kingsoft/kaeunpack.dat
unpack004/out.upx
unpack002/plugin/fileserver/antivirus/kingsoft/kisscan.dll
unpack002/plugin/fileserver/fileserver.dll
unpack002/plugin/terms/terms.dll
unpack002/plugin/vncserverlib/vncServerLib.dll
unpack002/plugin/winsshd/SSHDSession.exe
unpack002/plugin/winsshd/SSHDShell.exe
unpack002/plugin/winsshd/WinSSHD.dll
unpack002/plugin/winsshd/cl32.dll
unpack002/plugin/winsshd/tools/vim.exe
unpack002/privacyguard.dll
unpack002/update.exe
unpack002/vnchooks.dll

NSIS installer 4 IoCs

installer

resource	yara_rule
static1/unpack001/PCDoctor-v2.1.0.20.exe	nsis_installer_1
static1/unpack001/PCDoctor-v2.1.0.20.exe	nsis_installer_2
static1/unpack002/Uninstall.exe	nsis_installer_1
static1/unpack002/Uninstall.exe	nsis_installer_2

Files

566be0ef6cc1bc42bf7d931c953e5246
.zip
PCDoctor-v2.1.0.20.exe
.exe windows:4 windows x86 arch:x86

099c0646ea7282d232219f8807883be0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
CreateFileA
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
SetFileTime
GetTempPathA
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetWindowsDirectoryA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 92KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 161KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

2017f2acbdaa42ab3e4adeb8b4c37e7b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
GetLastError
lstrcpyA
lstrcpynA
FreeLibrary
lstrcatA
GetProcAddress
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
VirtualAlloc
VirtualProtect

user32

wsprintfA

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 520B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/modern-header.bmp
$PLUGINSDIR/modern-wizard.bmp
$PLUGINSDIR/nsDialogs.dll
.dll windows:4 windows x86 arch:x86

1e2884056e655f2b7bc5a904e352fc80

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpyA
GetFileAttributesA
lstrcmpiA
MulDiv
lstrlenA
HeapFree
GetCurrentDirectoryA
HeapAlloc
HeapReAlloc
GlobalFree
lstrcpynA
GlobalAlloc
GetProcessHeap
SetCurrentDirectoryA

user32

GetPropA
DestroyWindow
CallWindowProcA
SetCursor
LoadCursorA
RemovePropA
CharPrevA
GetWindowLongA
DrawTextA
GetWindowTextA
GetDlgItem
SetWindowLongA
SetWindowPos
CreateDialogParamA
MapWindowPoints
GetWindowRect
SetPropA
CreateWindowExA
IsWindow
SetTimer
KillTimer
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
ShowWindow
wsprintfA
MapDialogRect
GetClientRect
CharNextA
SendMessageA
DrawFocusRect

gdi32

SetTextColor

shell32

SHBrowseForFolderA
SHGetPathFromIDListA

comdlg32

GetSaveFileNameA
GetOpenFileNameA
CommDlgExtendedError

ole32

CoTaskMemFree

Exports

Exports

Create
CreateControl
CreateItem
CreateTimer
GetUserData
KillTimer
OnBack
OnChange
OnClick
OnNotify
SelectFileDialog
SelectFolderDialog
SetRTL
SetUserData
Show

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 572B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/processwork.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

CloseProcess
ExistsProcess
KillProcess
QuitProcess

Sections

CODE
Size: 200KB - Virtual size: 200KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 147B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 47B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
DriverUtil.exe
.exe windows:4 windows x86 arch:x86

faa9d66500ccc5e89f0857ff5b386203

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemInfo
GetModuleFileNameA
GetLastError
GetCurrentProcess
CloseHandle
VirtualProtect
ExitProcess
GetModuleHandleA
GetCommandLineA
GetVersionExA
HeapAlloc
RaiseException
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetACP
GetOEMCP
GetCPInfo
GetProcAddress
TerminateProcess
WriteFile
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
VirtualAlloc
HeapReAlloc
HeapSize
SetUnhandledExceptionFilter
SetFilePointer
LoadLibraryA
RtlUnwind
InterlockedExchange
VirtualQuery
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadCodePtr
SetStdHandle
FlushFileBuffers
GetLocaleInfoA

user32

ExitWindowsEx

advapi32

RegEnumKeyExA
OpenSCManagerA
CreateServiceA
CloseServiceHandle
StartServiceA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegDeleteKeyA
RegCloseKey
RegOpenKeyExA

Sections

.text
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
DriverUtil.exe.manifest
Kisdoctor.chm
.chm
Kisdoctor.exe
.exe windows:4 windows x86 arch:x86

c6e72b8fe12e930b3b16edfc66e88c7a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

fltk

?handle@Group@fltk@@UAEHH@Z
?draw@Group@fltk@@UAEXXZ
?create_impl@CaptionWindow@fltk@@SAXPAV12@H@Z
??0WebBrowserWindow@fltk@@QAE@HHHHPBD0@Z
?setWidget@Splitter@fltk@@QAEXW4WidgetIndex@12@PAVWidget@2@@Z
??0Splitter@fltk@@QAE@HHHHW4Direction@01@HM@Z
?layout@Group@fltk@@UAEXXZ
??0StaticWidget@fltk@@QAE@HHHHPBD@Z
?insert_column@Browser@fltk@@QAEHHPBDH@Z
?leading@Widget@fltk@@QAEXM@Z
??0TitleWidget@fltk@@QAE@HHHHPBD@Z
??0TabGroupEx@fltk@@QAE@HHHH@Z
??1CenterGroup@fltk@@UAE@XZ
??1Splitter@fltk@@UAE@XZ
??0HeaderWidget@fltk@@QAE@HHHHPBD@Z
??0Input@fltk@@QAE@HHHHPBD@Z
??1TabGroupEx@fltk@@UAE@XZ
??1TitleWidget@fltk@@UAE@XZ
??1StaticWidget@fltk@@UAE@XZ
??1HeaderWidget@fltk@@UAE@XZ
??1WebBrowserWindow@fltk@@UAE@XZ
??0NamedStyle@fltk@@QAE@PBDP6AXPAVStyle@1@@ZPAPAU01@@Z
?default_style@Browser@fltk@@2PAUNamedStyle@2@A
?take_focus@Widget@fltk@@QAE_NXZ
?draw@Image@fltk@@QBEXABVRectangle@2@@Z
?labelfont@Widget@fltk@@QAEXPAUFont@2@@Z
?SONGTI_BOLD@fltk@@3QAUFont@1@A
?labelsize@Widget@fltk@@QAEXM@Z
?redraw_label@Widget@fltk@@QAEXXZ
?handle@HyperLink@fltk@@UAEHH@Z
?draw@HyperLink@fltk@@UAEXXZ
?setHyperColor@HyperLink@fltk@@QAEXIIII@Z
??0HyperLink@fltk@@QAE@HHHHPBD@Z
??1HyperLink@fltk@@UAE@XZ
?webbrowser_interface@WebBrowserWindow@fltk@@QAEPAXXZ
?show@Window@fltk@@QAEXXZ
?next@Window@fltk@@QAEPAV12@XZ
?first@Window@fltk@@SAPAV12@XZ
?setWorkingPane@NavigatorWorking@fltk@@QAEXPAVWidget@2@@Z
?clearAllSelected@NavigatorPane@fltk@@QAEXXZ
?trayicon@Window@fltk@@QAEXHPBDP6AXPAVWidget@2@PAX@Z2@Z
?remove_timeout@fltk@@YAXP6AXPAX@Z0@Z
?append@RichEdit@fltk@@QAEXPBDAAUCharFormat@2@@Z
?set_text@WaitAddonGroup@fltk@@QAEXPBD00@Z
??0WaitAddonGroup@fltk@@QAE@HHHHII@Z
?add_timeout@fltk@@YAXMP6AXPAX@Z0@Z
??1WaitAddonGroup@fltk@@UAE@XZ
?repeat_timeout@fltk@@YAXMP6AXPAX@Z0@Z
?text@TextBuffer@fltk@@QAEPBDXZ
?layout@TextDisplay@fltk@@UAEXXZ
?handle@TextEditor@fltk@@UAEHH@Z
?draw@TextDisplay@fltk@@UAEXXZ
?wrap_mode@TextDisplay@fltk@@QAEX_NH@Z
??0TextEditor@fltk@@QAE@HHHHPBD@Z
??1TextEditor@fltk@@UAE@XZ
?run@fltk@@YAHXZ
?load_dictionary@fltk@@YA_NPBD@Z
?insert_page@TabGroupEx@fltk@@QAEHHPAVWidget@2@IPAVImage@2@@Z
?draw@TabGroupEx@fltk@@UAEXXZ
?handle@TabGroupEx@fltk@@UAEHH@Z
?layout@TabGroupEx@fltk@@UAEXXZ
?draw@TitleWidget@fltk@@UAEXXZ
?layout@CenterGroup@fltk@@UAEXXZ
?draw@StaticWidget@fltk@@UAEXXZ
?draw@HeaderWidget@fltk@@UAEXXZ
?handle@Splitter@fltk@@UAEHH@Z
?layout@Splitter@fltk@@MAEXXZ
?handle@WebBrowserWindow@fltk@@UAEHH@Z
?create@WebBrowserWindow@fltk@@MAEXXZ
?deactivate@Browser@fltk@@QAEXXZ
?redraw@fltk@@YAXXZ
?activate@Browser@fltk@@QAEXXZ
?clear@Group@fltk@@QAEXXZ
?add_group@Menu@fltk@@QAEPAVGroup@2@PBDPAV32@PAX@Z
?set_item_selected@Browser@fltk@@QAE_N_NH@Z
?current_page@TabGroupEx@fltk@@QAEXH@Z
?awake@fltk@@YAXPAX@Z
?addCall@MainThreadCall@fltk@@QAEXPAVWidget@2@HHH@Z
?goto_top@Browser@fltk@@QAEPAVWidget@2@XZ
?next@Browser@fltk@@QAEPAVWidget@2@XZ
?lock@fltk@@YAXXZ
?goto_mark@Browser@fltk@@QAEPAVWidget@2@ABVMark@12@@Z
?unlock@fltk@@YAXXZ
?navigator@WebBrowserWindow@fltk@@QAEXPBD@Z
??1Symbol@fltk@@UAE@XZ
?drawflags_@fltk@@3HA
?set@Rectangle@fltk@@QAEXABV12@HHH@Z
?draw@Image@fltk@@QBEXHH@Z
??0Symbol@fltk@@QAE@PBD@Z
?_measure@Symbol@fltk@@UBEXAAH0@Z
?draw_symbol_overlay@Symbol@fltk@@UBEXABVRectangle@2@@Z
?inset@Symbol@fltk@@UBEXAAVRectangle@2@@Z
?fills_rectangle@Symbol@fltk@@UBE_NXZ
?is_frame@Symbol@fltk@@UBE_NXZ
?e_clicks@fltk@@3HA
??1RadioButton@fltk@@UAE@XZ
??0RadioButton@fltk@@QAE@HHHHPBD@Z
?QMessageBox@fltk@@YAHPBD0II@Z
??1CheckButton@fltk@@UAE@XZ
??0CheckButton@fltk@@QAE@HHHHPBD@Z
?draw@CheckButton@fltk@@UAEXXZ
??1Input@fltk@@UAE@XZ
?state@Widget@fltk@@QAE_N_N@Z
?text@Input@fltk@@QAE_NPBD@Z
?activate@Widget@fltk@@QAEXXZ
?deactivate@Widget@fltk@@QAEXXZ
?asynCall@Widget@fltk@@UAEXHHH@Z
?draw@Input@fltk@@UAEXXZ
?handle@Input@fltk@@UAEHH@Z
?replace@Input@fltk@@UAE_NHHPBDH@Z
?in_main_thread@fltk@@YA_NXZ
?get@MainThreadCall@fltk@@SAAAV12@XZ
?addCall@MainThreadCall@fltk@@QAEXP6AXHHH@ZHHH@Z
?remove_all@Group@fltk@@QAEXXZ
?add_leaf@Menu@fltk@@QAEPAVWidget@2@PBDPAVGroup@2@PAX@Z
?resize@Widget@fltk@@QAE_NHH@Z
??1Browser@fltk@@UAE@XZ
??0Browser@fltk@@QAE@HHHHPBD@Z
?BORDER_BOX@fltk@@3QAVSymbol@1@A
?draw@Browser@fltk@@UAEXXZ
?handle@Browser@fltk@@UAEHH@Z
?layout@Browser@fltk@@UAEXXZ
?event_key_state@fltk@@YA_NI@Z
?focused@Widget@fltk@@QBE_NXZ
?handle@Window@fltk@@UAEHH@Z
??1RichEdit@fltk@@UAE@XZ
??1ImageWidget@fltk@@UAE@XZ
??0Window@fltk@@QAE@HHPBD@Z
?measure@Symbol@fltk@@QBEXAAH0@Z
??0ImageWidget@fltk@@QAE@HHHH@Z
?setImageName@ImageWidget@fltk@@QAEXPBD@Z
??0RichEdit@fltk@@QAE@HHHH_N00@Z
?CURSOR_HAND@fltk@@3QAUCursor@1@A
?tooltip@Widget@fltk@@QAEXPBD@Z
?add_key_event_call@RichEdit@fltk@@QAEXP6A_NHPAX@Z0@Z
?FLAT_BOX@fltk@@3QAVSymbol@1@A
?color@Widget@fltk@@QAEXI@Z
?labelcolor@Widget@fltk@@QAEXI@Z
?draw@ImageWidget@fltk@@UAEXXZ
?handle@ImageWidget@fltk@@UAEHH@Z
?draw@Window@fltk@@UAEXXZ
?handle@RichEdit@fltk@@UAEHH@Z
?layout@RichEdit@fltk@@UAEXXZ
?on_create@RichEdit@fltk@@UAEXXZ
?getText@RichEdit@fltk@@QAE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?setText@RichEdit@fltk@@QAEXPBD@Z
??1Window@fltk@@UAE@XZ
?draw_overlay@Window@fltk@@UAEXXZ
?destroy@Window@fltk@@UAEXXZ
?flush@Window@fltk@@UAEXXZ
?on_create@Window@fltk@@UAEXXZ
?on_notify@Window@fltk@@UAEXII@Z
?create@Window@fltk@@MAEXXZ
?add@Group@fltk@@QAEXAAVWidget@2@@Z
?show@Widget@fltk@@QAEXXZ
?find@Group@fltk@@QBEHPBVWidget@2@@Z
?remove@Group@fltk@@QAEXH@Z
?relayout@Widget@fltk@@QAEXXZ
?resize@Widget@fltk@@QAE_NHHHH@Z
?layout@Window@fltk@@UAEXXZ
?copy_label@Widget@fltk@@QAEXPBD@Z
?label@Window@fltk@@QAEXPBD@Z
?redraw@Widget@fltk@@QAEXXZ
?get@ImageManager@fltk@@SAAAV12@XZ
?fromBinary@ImageManager@fltk@@QAEPAVImage@2@PBDHV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?getImage@ImageManager@fltk@@SAPAVImage@2@PBDH_N@Z
?do_callback@Widget@fltk@@QAEXXZ
?draw_outside_label@Group@fltk@@IBEXAAVWidget@2@@Z
?update_child@Group@fltk@@IBEXAAVWidget@2@@Z
?setcolor@fltk@@YAXI@Z
?drawtext@fltk@@YAXPBDABVRectangle@1@H@Z
?e_y_root@fltk@@3HA
?e_x_root@fltk@@3HA
??1Button@fltk@@UAE@XZ
??1Group@fltk@@UAE@XZ
??1InvisibleBox@fltk@@UAE@XZ
??1Widget@fltk@@UAE@XZ
?translate_text@fltk@@YAPBDII@Z
?current_@Group@fltk@@0PAV12@A
?loadIconImage@ImageManager@fltk@@SAPAVImage@2@PBDHH@Z
??0Widget@fltk@@QAE@HHHHPBD@Z
?NO_BOX@fltk@@3QAVSymbol@1@A
?box@Widget@fltk@@QAEXPAVSymbol@2@@Z
??0InvisibleBox@fltk@@QAE@HHHHPBD@Z
??0Group@fltk@@QAE@HHHHPBD_N@Z
?THIN_DOWN_BOX@fltk@@3QAVSymbol@1@A
??0Button@fltk@@QAE@HHHHPBD@Z
?all@Monitor@fltk@@SAABV12@XZ
?position@Widget@fltk@@QAE_NHH@Z
?exec@Window@fltk@@QAE_NPBV12@_N@Z
?draw@Widget@fltk@@UAEXXZ
?handle@Widget@fltk@@UAEHH@Z
?layout@Widget@fltk@@UAEXXZ
?setRootPath@ImageManager@fltk@@SAXPBD@Z
?draw@ProgressBar@fltk@@MAEXXZ
??0ProgressBar@fltk@@QAE@HHHHPBD@Z
??1ProgressBar@fltk@@UAE@XZ
??0CaptionWindow@fltk@@QAE@HHHHPBDPAVNonClientFactory@1@@Z
??1CaptionWindow@fltk@@UAE@XZ
?release_impl@CaptionWindow@fltk@@SAXPAVCaptionWinImpl@2@@Z
?e_keysym@fltk@@3IA
?hide@Widget@fltk@@QAEXXZ
?handle@Button@fltk@@UAEHH@Z
?draw@Button@fltk@@UAEXXZ
?draw@InvisibleBox@fltk@@UAEXXZ
?handle@InvisibleBox@fltk@@UAEHH@Z

ws2_32

connect
WSAGetLastError
closesocket
recv
ioctlsocket
select
__WSAFDIsSet
htons
send
inet_addr
ntohl
WSACleanup
WSAStartup
WSACreateEvent
WSAEventSelect
WSAWaitForMultipleEvents
WSAEnumNetworkEvents
gethostname
WSACloseEvent
htonl
socket
gethostbyname
getsockopt

wininet

FtpPutFileW
InternetCloseHandle
InternetOpenW
InternetConnectW

privacyguard

?QInitPrivacyGuardDriver@@YAHXZ
?QReleasePrivacyGuard@@YAXXZ
?QInitPrivacyGuard@@YA_NXZ
?QShowPrivacyGuard@@YA_N_N@Z

netdiag

?NetDiag@@YAXPBD00G@Z

shlwapi

PathFindFileNameW

kernel32

SetUnhandledExceptionFilter
GetModuleFileNameA
GetVersionExW
LocalFree
lstrlenA
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetStartupInfoW
GetModuleHandleA
InterlockedIncrement
InterlockedDecrement
DeleteFileW
GetTickCount
Sleep
CreateDirectoryA
GetPrivateProfileStringA
GetPrivateProfileIntA
WaitForSingleObject
SetEvent
CreateEventW
GetModuleFileNameW
CreateThread
WideCharToMultiByte
DeviceIoControl
CreateFileA
OutputDebugStringA
GetLocalTime
LockResource
SizeofResource
LoadResource
FindResourceW
CreateMutexW
CopyFileA
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ReleaseSemaphore
CreateSemaphoreA
TlsGetValue
SetThreadPriority
TlsSetValue
DuplicateHandle
GetCurrentThread
TlsAlloc
MultiByteToWideChar
CreateFileW
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
CloseHandle
GetLastError
FreeLibrary
ExitProcess
LoadLibraryW
GetModuleHandleW
ResumeThread
GetProcAddress

user32

DestroyMenu
GetCursorPos
MessageBoxW
TrackPopupMenuEx
GetWindowRect
PostMessageW
FlashWindow
ExitWindowsEx
AppendMenuW
CreatePopupMenu
LoadImageW
IsWindowVisible
ShowWindow
SetForegroundWindow

comdlg32

GetOpenFileNameA

advapi32

RegOpenKeyA
RegEnumKeyA
RegDeleteValueW
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
RegOpenKeyExW
RegSetValueExW
RegCloseKey

shell32

ShellExecuteExA
SHGetPathFromIDListA
SHGetMalloc
ShellExecuteW
Shell_NotifyIconW
ShellExecuteA
SHGetSpecialFolderLocation

ole32

CoUninitialize
CoSetProxyBlanket
CoCreateInstance
CoInitialize

oleaut32

SysStringByteLen
SysAllocStringByteLen
VariantClear
SysFreeString
SysAllocString

msvcr71

_access
fopen
atoi
sprintf
memmove
_purecall
_waccess
wcscpy
_wfopen
fwrite
fclose
??0exception@@QAE@XZ
??1exception@@UAE@XZ
strrchr
??2@YAPAXI@Z
??3@YAXPAX@Z
wcsrchr
wcsncpy
_stricmp
_open
_filelength
_close
wcslen
time
localtime
wcsftime
wcsncat
_snwprintf
_CxxThrowException
__CxxFrameHandler
??0exception@@QAE@ABV0@@Z
??_U@YAPAXI@Z
fgets
fread
strtok
fprintf
wcscmp
_wtol
_splitpath
_controlfp
?terminate@@YAXXZ
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__wgetmainargs
_amsg_exit
_wcmdln
exit
_cexit
_XcptFilter
_exit
_c_exit
_onexit
__dllonexit
??1type_info@@UAE@XZ
_except_handler3
__security_error_handler
_vscprintf
rewind
strchr
strncmp
isalnum
isalpha
tolower
isspace
fputc
_snprintf
malloc
free
ftell
fseek
strftime
_beginthread
_wcsicmp
toupper
_endthreadex
_beginthreadex
_vsnprintf
??_V@YAXPAX@Z

msvcp71

??4?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@PBG@Z
?find_last_of@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIGI@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
?erase@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
?npos@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@2IB
?rfind@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIGI@Z
?substr@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBE?AV12@II@Z
??Y?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@PBG@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBG@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV01@@Z
??Y?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@ABV01@@Z
??1?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??4?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?find_last_not_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?find_first_not_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDI@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@Vconst_iterator@01@0@Z
?begin@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AVconst_iterator@12@XZ
?end@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AVconst_iterator@12@XZ
?end@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AViterator@12@XZ
?begin@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AViterator@12@XZ
?replace@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@IIABV12@@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?reserve@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
?get@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEHXZ
?peek@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEHXZ
?_Xran@_String_base@std@@QBEXXZ
?resize@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z

Sections

.text
Size: 216KB - Virtual size: 214KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.SharedD
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 164KB - Virtual size: 163KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Kisdoctor.exe.manifest
Kisdoctor.ver
.xml
PrivacyGuard.policy
QEnumDisk.dll
.dll windows:4 windows x86 arch:x86

6b7018139333af67acc0e827d04ca5fd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetLastError
GetVolumeInformationW
GetDriveTypeW
GetLogicalDriveStringsW
GetSystemDirectoryW
OutputDebugStringW

msvcp71

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??1?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
?compare@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEHABV12@@Z
??4?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@ABV01@@Z
??4?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@PBG@Z
?_Nomemory@std@@YAXXZ

msvcr71

??1exception@@UAE@XZ
??0exception@@QAE@XZ
__CxxFrameHandler
??3@YAXPAX@Z
??_V@YAXPAX@Z
_vsnwprintf
??0exception@@QAE@ABV0@@Z
_CxxThrowException
memmove
wcslen
_wcsupr
malloc
_callnewh
??1type_info@@UAE@XZ
free
_initterm
_adjust_fdiv
__CppXcptFilter
_except_handler3
?terminate@@YAXXZ
__dllonexit
_onexit

Exports

Exports

EnumPolicyItem

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 542B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
QEnumEmailClient.dll
.dll windows:4 windows x86 arch:x86

1e817cb76fccd6cf5e1ad8e8f45abb82

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

RegQueryValueW
RegEnumKeyW
RegOpenKeyW
RegCloseKey

msvcp71

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
?substr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV12@II@Z
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
?_Nomemory@std@@YAXXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??$?M_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z

msvcr71

memmove
malloc
_callnewh
??1type_info@@UAE@XZ
__security_error_handler
_except_handler3
free
_initterm
_adjust_fdiv
__CppXcptFilter
?terminate@@YAXXZ
__dllonexit
_onexit
_CxxThrowException
??0exception@@QAE@ABV0@@Z
??3@YAXPAX@Z
__CxxFrameHandler
??0exception@@QAE@XZ
??1exception@@UAE@XZ

kernel32

DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
ExitProcess

Exports

Exports

EnumPolicyItem

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 208B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
QHideFileUtil.dll
.dll windows:4 windows x86 arch:x86

a891eb1ee60d6bce5ba6c16e342a1dca

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FindNextFileW
FindFirstFileW
FreeLibrary
GetProcAddress
FindClose
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
GetFileAttributesExW
GetLogicalDriveStringsW
GetDriveTypeW
DeviceIoControl
GetModuleFileNameW
GetVersionExW
GetLastError
GetSystemTime
CreateFileW
CloseHandle
LoadLibraryW
OutputDebugStringW
QueryPerformanceCounter
ExitProcess
GetSystemTimeAsFileTime

user32

SetWindowsHookExW
UnhookWindowsHookEx

advapi32

RegQueryValueExW
RegSetValueExW
RegOpenKeyExW
RegDeleteValueW
RegCloseKey
OpenSCManagerW
CreateServiceW
CloseServiceHandle
OpenServiceW
StartServiceW
RegCreateKeyExW

msvcp71

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
?_Nomemory@std@@YAXXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

msvcr71

??3@YAXPAX@Z
??_V@YAXPAX@Z
_vsnwprintf
swprintf
wcscpy
wcsrchr
??0exception@@QAE@ABV0@@Z
_CxxThrowException
memmove
wcslen
wcscat
malloc
_callnewh
__security_error_handler
_except_handler3
??1type_info@@UAE@XZ
__dllonexit
_onexit
free
_initterm
_adjust_fdiv
__CppXcptFilter
?terminate@@YAXXZ
??1exception@@UAE@XZ
??0exception@@QAE@XZ
__CxxFrameHandler

shlwapi

StrStrIW

Exports

Exports

HideFile

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
QHook.dll
.dll windows:4 windows x86 arch:x86

fc2cb07d8850185e623e75631df9407d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentProcessId
CreateToolhelp32Snapshot
GetTickCount
QueryPerformanceCounter
ExitProcess
Module32FirstW
GetLastError
GetCurrentThreadId
OutputDebugStringW
GetSystemTimeAsFileTime

user32

MessageBoxW
PostMessageW
CallNextHookEx
GetWindowThreadProcessId

advapi32

RegQueryValueExW
RegCloseKey
RegOpenKeyExW

shlwapi

StrStrIW

msvcr71

__CppXcptFilter
??3@YAXPAX@Z
_onexit
??2@YAPAXI@Z
__security_error_handler
_except_handler3
free
_initterm
malloc
_adjust_fdiv
_vsnwprintf
__dllonexit

Exports

Exports

QShellProc

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 260B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Uninstall.exe
.exe windows:4 windows x86 arch:x86

099c0646ea7282d232219f8807883be0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
CreateFileA
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
SetFileTime
GetTempPathA
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetWindowsDirectoryA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 92KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 161KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

2017f2acbdaa42ab3e4adeb8b4c37e7b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
GetLastError
lstrcpyA
lstrcpynA
FreeLibrary
lstrcatA
GetProcAddress
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
VirtualAlloc
VirtualProtect

user32

wsprintfA

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 520B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/modern-header.bmp
$PLUGINSDIR/modern-wizard.bmp
$PLUGINSDIR/nsDialogs.dll
.dll windows:4 windows x86 arch:x86

1e2884056e655f2b7bc5a904e352fc80

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpyA
GetFileAttributesA
lstrcmpiA
MulDiv
lstrlenA
HeapFree
GetCurrentDirectoryA
HeapAlloc
HeapReAlloc
GlobalFree
lstrcpynA
GlobalAlloc
GetProcessHeap
SetCurrentDirectoryA

user32

GetPropA
DestroyWindow
CallWindowProcA
SetCursor
LoadCursorA
RemovePropA
CharPrevA
GetWindowLongA
DrawTextA
GetWindowTextA
GetDlgItem
SetWindowLongA
SetWindowPos
CreateDialogParamA
MapWindowPoints
GetWindowRect
SetPropA
CreateWindowExA
IsWindow
SetTimer
KillTimer
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
ShowWindow
wsprintfA
MapDialogRect
GetClientRect
CharNextA
SendMessageA
DrawFocusRect

gdi32

SetTextColor

shell32

SHBrowseForFolderA
SHGetPathFromIDListA

comdlg32

GetSaveFileNameA
GetOpenFileNameA
CommDlgExtendedError

ole32

CoTaskMemFree

Exports

Exports

Create
CreateControl
CreateItem
CreateTimer
GetUserData
KillTimer
OnBack
OnChange
OnClick
OnNotify
SelectFileDialog
SelectFolderDialog
SetRTL
SetUserData
Show

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 572B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
atl71.dll
.dll windows:4 windows x86 arch:x86

a0bd0cbc6c3c1f3095dd9342b630fcb9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExW
RaiseException
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetCurrentThreadId
lstrlenW
lstrcpyW
GetLastError
DisableThreadLibraryCalls
GetVersionExA
InterlockedIncrement
InterlockedDecrement
FreeLibrary
MultiByteToWideChar
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
lstrcmpiW
lstrcpynW
CloseHandle
ReadFile
GetFileSize
CreateFileW
GetModuleHandleW
GetModuleFileNameW
WideCharToMultiByte
WaitForSingleObject
GlobalAlloc
FindResourceA
MulDiv
lstrcatW
FlushInstructionCache
GetCurrentProcess
GlobalUnlock
GlobalLock
lstrcmpW
SetLastError
GlobalFree
GlobalHandle
LockResource
lstrcmpA
GetModuleHandleA
GetTickCount
LocalAlloc
VirtualQuery
HeapFree
GetProcessHeap
InterlockedCompareExchange
HeapAlloc
GetProcAddress
LoadLibraryA
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
ExitProcess
HeapSize
DebugBreak
HeapReAlloc
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
lstrcatA
lstrcpyA
lstrlenA
GetModuleFileNameA
RtlUnwind

shlwapi

PathFindExtensionW

Exports

Exports

AtlAdvise
AtlAxAttachControl
AtlAxCreateControl
AtlAxCreateControlEx
AtlAxCreateControlLic
AtlAxCreateControlLicEx
AtlAxCreateDialogA
AtlAxCreateDialogW
AtlAxDialogBoxA
AtlAxDialogBoxW
AtlAxGetControl
AtlAxGetHost
AtlAxWinInit
AtlCallTermFunc
AtlComModuleGetClassObject
AtlComModuleRegisterClassObjects
AtlComModuleRegisterServer
AtlComModuleRevokeClassObjects
AtlComModuleUnregisterServer
AtlComPtrAssign
AtlComQIPtrAssign
AtlCreateRegistrar
AtlCreateTargetDC
AtlDevModeW2A
AtlFreeMarshalStream
AtlGetObjectSourceInterface
AtlGetVersion
AtlHiMetricToPixel
AtlIPersistPropertyBag_Load
AtlIPersistPropertyBag_Save
AtlIPersistStreamInit_Load
AtlIPersistStreamInit_Save
AtlInternalQueryInterface
AtlLoadTypeLib
AtlMarshalPtrInProc
AtlModuleAddTermFunc
AtlPixelToHiMetric
AtlRegisterClassCategoriesHelper
AtlRegisterTypeLib
AtlSetErrorInfo
AtlUnRegisterTypeLib
AtlUnadvise
AtlUnmarshalPtr
AtlUpdateRegistryFromResourceD
AtlWaitWithMessageLoop
AtlWinModuleAddCreateWndData
AtlWinModuleExtractCreateWndData
AtlWinModuleInit
AtlWinModuleRegisterClassExA
AtlWinModuleRegisterClassExW
AtlWinModuleRegisterWndClassInfoA
AtlWinModuleRegisterWndClassInfoW
AtlWinModuleTerm

Sections

.text
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
audio.dll
.dll windows:4 windows x86 arch:x86

a5b1842d5eca654a2893fb008e562f47

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

fltk

?draw@Button@fltk@@UAEXXZ
?handle@Button@fltk@@UAEHH@Z
?value_damage@Valuator@fltk@@UAEXXZ
?handle@Widget@fltk@@UAEHH@Z
?setImageName@ImageWidget@fltk@@QAEXPBD@Z
?format@Valuator@fltk@@UAEHPAD@Z
?handle@Slider@fltk@@UAEHH@Z
?draw@Slider@fltk@@UAEXXZ
?layout@Widget@fltk@@UAEXXZ
?handle@ImageWidget@fltk@@UAEHH@Z
?draw@ImageWidget@fltk@@UAEXXZ
?box@Widget@fltk@@QAEXPAVSymbol@2@@Z
?NO_BOX@fltk@@3QAVSymbol@1@A
??0Widget@fltk@@QAE@HHHHPBD@Z
??0Button@fltk@@QAE@HHHHPBD@Z
?translate_text@fltk@@YAPBDII@Z
?deactivate@Widget@fltk@@QAEXXZ
?value@Valuator@fltk@@QAE_NN@Z
??0Slider@fltk@@QAE@HHHHPBD@Z
??0ImageWidget@fltk@@QAE@HHHH@Z
?current_@Group@fltk@@0PAV12@A
??0Group@fltk@@QAE@HHHHPBD_N@Z
??1ImageWidget@fltk@@UAE@XZ
??1Slider@fltk@@UAE@XZ
??1Button@fltk@@UAE@XZ
??1Widget@fltk@@UAE@XZ
?unlock@fltk@@YAXXZ
?lock@fltk@@YAXXZ
??1WaitAddonGroup@fltk@@UAE@XZ
?set_text@WaitAddonGroup@fltk@@QAEXPBD00@Z
??0WaitAddonGroup@fltk@@QAE@HHHHII@Z
?addCall@MainThreadCall@fltk@@QAEXP6AXHHH@ZHHH@Z
?get@MainThreadCall@fltk@@SAAAV12@XZ
?e_keysym@fltk@@3IA
?redraw@fltk@@YAXXZ
?state@Widget@fltk@@QAE_N_N@Z
?draw@Widget@fltk@@UAEXXZ
??1Group@fltk@@UAE@XZ
?draw@Group@fltk@@UAEXXZ
?handle@Group@fltk@@UAEHH@Z
?layout@Group@fltk@@UAEXXZ
?asynCall@Widget@fltk@@UAEXHHH@Z

kernel32

QueryPerformanceFrequency
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
ExitProcess
SetEvent
WaitForMultipleObjects
GetVersionExA
GetEnvironmentVariableA
ResetEvent
CreateEventA
FormatMessageA
LocalFree
QueryPerformanceCounter
GlobalFree
GlobalAlloc
ResumeThread
TlsAlloc
GetCurrentProcess
GetCurrentThread
DuplicateHandle
GetCurrentThreadId
TlsSetValue
SetThreadPriority
Sleep
TlsGetValue
CreateSemaphoreA
CreateMutexW
GetLastError
InterlockedDecrement
InterlockedIncrement
DeleteCriticalSection
CreateThread
OutputDebugStringA
WaitForSingleObject
TerminateThread
CloseHandle
InitializeCriticalSection
EnterCriticalSection
lstrcmpW
LeaveCriticalSection

msvcr71

??0exception@@QAE@XZ
_snprintf
_vsnprintf
_ftol
_CIacos
_endthreadex
_stricmp
fflush
vfprintf
_iob
atoi
??1type_info@@UAE@XZ
__dllonexit
_onexit
__security_error_handler
_except_handler3
_initterm
_adjust_fdiv
__CppXcptFilter
?terminate@@YAXXZ
??1exception@@UAE@XZ
_CIpow
memmove
strncpy
printf
??_U@YAPAXI@Z
??_V@YAXPAX@Z
free
malloc
??3@YAXPAX@Z
_purecall
_CxxThrowException
__CxxFrameHandler
??0exception@@QAE@ABV0@@Z
??2@YAPAXI@Z
_beginthreadex

msvcp71

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

winmm

mixerClose
waveInGetNumDevs
waveOutGetNumDevs
waveInPrepareHeader
waveOutPrepareHeader
waveOutReset
waveInReset
waveOutPause
waveInStart
waveOutRestart
waveOutGetPosition
waveOutWrite
waveInAddBuffer
waveInUnprepareHeader
waveOutUnprepareHeader
waveInClose
waveOutClose
waveOutGetDevCapsA
waveInGetDevCapsA
waveOutOpen
waveOutGetErrorTextA
waveInOpen
waveInGetErrorTextA
timeGetTime
mixerSetControlDetails
mixerGetControlDetailsW
mixerGetLineControlsW
mixerGetNumDevs
mixerGetLineInfoW
mixerOpen
mixerGetDevCapsW

Exports

Exports

DllCouldUnloadNow
DllGetClassFactory

Sections

.text
Size: 104KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
bootstrap.dll
.dll windows:4 windows x86 arch:x86

c01ff5510ee281e132db6e98bc6f2138

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleFileNameW
InterlockedIncrement
InterlockedDecrement
FreeLibrary
FindClose
FindNextFileW
FindFirstFileW
SetEnvironmentVariableW
GetEnvironmentVariableW
GetProcAddress
LoadLibraryW
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
ExitProcess
GetSystemTimeAsFileTime

msvcp71

??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??1?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
??Y?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV01@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBG@Z
??Y?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@PBG@Z
?erase@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@II@Z
?npos@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@2IB
?find_last_of@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIGI@Z
??4?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@PBG@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
??$?MGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
??4?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@ABV01@@Z
??$?9GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z
?find_last_of@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIPBGI@Z
??$?8GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z
?_Nomemory@std@@YAXXZ

msvcr71

??1exception@@UAE@XZ
??0exception@@QAE@XZ
??3@YAXPAX@Z
_purecall
memmove
??_V@YAXPAX@Z
malloc
_callnewh
??1type_info@@UAE@XZ
__security_error_handler
_except_handler3
__dllonexit
_onexit
free
_initterm
_adjust_fdiv
__CppXcptFilter
?terminate@@YAXXZ
__CxxFrameHandler
??0exception@@QAE@ABV0@@Z
_CxxThrowException

Exports

Exports

DllCouldUnloadNow
DllGetComponentLoader

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 304B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
core.dll
.dll windows:4 windows x86 arch:x86

14d22741c9180d3b9992432a5879ff32

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ws2_32

gethostbyname
inet_addr
connect
recv
send
listen
htons
bind
socket
WSAGetLastError
closesocket

kernel32

SetThreadPriority
UnmapViewOfFile
CreateFileMappingW
MapViewOfFile
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
ExitProcess
GetTempPathW
InterlockedIncrement
InterlockedDecrement
TerminateThread
Sleep
GetLastError
CreateThread
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
CreateSemaphoreA
CloseHandle
TlsSetValue
GetCurrentThreadId
DuplicateHandle
GetCurrentThread
GetCurrentProcess
TlsAlloc
SetFileAttributesW
GetFileAttributesW
GetDriveTypeW
CreateDirectoryW
WideCharToMultiByte
MultiByteToWideChar
GetDiskFreeSpaceExW
GetCurrentDirectoryW
SetVolumeLabelW
DeleteFileW
MoveFileW
SetEndOfFile
SetFilePointer
GetTempFileNameW

msvcp71

?substr@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBE?AV12@II@Z
?find_last_not_of@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIGI@Z
?at@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEABGI@Z
?compare@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEHPBG@Z
?_Nomemory@std@@YAXXZ
?find_first_not_of@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIPBGI@Z
?find_first_not_of@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIGI@Z
?at@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAGI@Z
?find_last_not_of@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIPBGI@Z
?_Register@facet@locale@std@@QAEXXZ
?_Incref@facet@locale@std@@QAEXXZ
?_Getfacet@locale@std@@QBEPBVfacet@12@I@Z
?_Id_cnt@id@locale@std@@0HA
??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@H@Z
?_Getcat@?$ctype@G@std@@SAIPAPBVfacet@locale@2@@Z
?id@?$ctype@G@std@@2V0locale@2@A
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??1?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
??Y?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV01@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBG@Z
??Y?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@PBG@Z
??Y?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@G@Z
??1locale@std@@QAE@XZ
?resize@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEXI@Z
?erase@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@II@Z
?npos@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@2IB
??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
?erase@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE?AViterator@12@V312@0@Z
?begin@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE?AViterator@12@XZ
?end@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE?AViterator@12@XZ
??4?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@ABV01@@Z
?tolower@?$ctype@G@std@@QBEGG@Z
??0locale@std@@QAE@XZ
?assign@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@PBG@Z
?assign@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@ABV12@@Z
?_Xran@_String_base@std@@QBEXXZ

msvcr71

__dllonexit
_onexit
?terminate@@YAXXZ
_chsize
_close
_write
_read
_lseek
_tell
??0exception@@QAE@ABV0@@Z
??0bad_cast@@QAE@ABV0@@Z
??1bad_cast@@UAE@XZ
??0bad_cast@@QAE@PBD@Z
__CxxFrameHandler
_CxxThrowException
_purecall
??3@YAXPAX@Z
??1exception@@UAE@XZ
??0exception@@QAE@XZ
??_V@YAXPAX@Z
memmove
__RTDynamicCast
sprintf
printf
_except_handler3
free
?what@exception@@UBEPBDXZ
malloc
realloc
time
_wstat
_wutime
_wchdir
_waccess
wcslen
_wsopen
_commit
_get_osfhandle
wcscoll
_errno
_vsnwprintf
_wsplitpath
mktime
localtime
_wcsicoll
_wcsicmp
_findclose
_wfindnexti64
_wfindfirsti64
rand
srand
_callnewh
??1type_info@@UAE@XZ
__security_error_handler
_initterm
_adjust_fdiv
__CppXcptFilter

Exports

Exports

DllGetClassFactory

Sections

.text
Size: 116KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
dictionary/Kisdoctor.dic
dictionary/agent.dic
dictionary/audio.dic
dictionary/fileserver.dic
dictionary/fltk.dic
dictionary/netdiag.dic
dictionary/privacyguard.dic
dictionary/vncserver.dic
fltk.dll
.dll windows:4 windows x86 arch:x86

150d672e9e39337080cbf5eaa9aa672b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ws2_32

WSAAsyncSelect

msimg32

AlphaBlend

atl71

ord40
ord42

kernel32

GetVersionExA
GetModuleFileNameA
FindClose
FindNextFileA
FindFirstFileA
LoadLibraryW
FreeLibrary
GlobalAlloc
lstrlenA
GlobalUnlock
GlobalLock
GlobalSize
GetLogicalDriveStringsA
LocalFree
FormatMessageA
GetLastError
GetProcAddress
GetCurrentThreadId
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
CreateFileA
CreateFileMappingA
MapViewOfFile
GetFileSize
UnmapViewOfFile
GetStringTypeA
LCMapStringW
GetUserDefaultLCID
LCMapStringA
GetStringTypeW
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
ExitProcess
Sleep
LoadLibraryA
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
MultiByteToWideChar
OutputDebugStringA
GetModuleHandleA
IsDBCSLeadByte
GetModuleHandleW
WideCharToMultiByte
GetTickCount
InterlockedIncrement
InterlockedDecrement
DeleteCriticalSection
RaiseException
SizeofResource
LockResource
LoadResource
FindResourceW
EnumResourceNamesW
LoadLibraryExA
TryEnterCriticalSection
ReleaseSemaphore
CreateSemaphoreA
CloseHandle
WaitForSingleObject
TlsGetValue
GetSystemTime
SetThreadPriority
TlsSetValue
DuplicateHandle
GetCurrentThread
GetCurrentProcess
TlsAlloc
ResumeThread

user32

CreateWindowExW
SetWindowLongW
DestroyWindow
ReleaseCapture
OpenIcon
BringWindowToTop
SetRect
InflateRect
BeginPaint
EndPaint
LoadCursorW
UnregisterClassA
DefWindowProcW
PostMessageW
DispatchMessageW
GetMessageW
PeekMessageW
SetWindowTextW
SetForegroundWindow
WindowFromPoint
LoadCursorFromFileA
SetActiveWindow
MsgWaitForMultipleObjects
TranslateMessage
MessageBoxA
SetWindowTextA
CreateWindowExA
IsIconic
PeekMessageA
GetMessageA
DispatchMessageA
PostMessageA
DefWindowProcA
RegisterClassExA
SetFocus
TrackMouseEvent
SetCapture
InvalidateRgn
GetUpdateRgn
ValidateRgn
ClientToScreen
GetWindowRect
SetWindowRgn
InvalidateRect
RegisterClassExW
LoadImageA
LoadIconA
RegisterHotKey
SetWindowPos
AdjustWindowRectEx
GetWindowLongA
SetWindowLongA
LoadCursorA
SetCursor
ShowWindow
SendMessageW
GetParent
GetClipboardData
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
SetCursorPos
GetCursorPos
GetMonitorInfoA
EnumDisplaySettingsA
GetSystemMetrics
GetDC
EnumDisplayMonitors
OffsetRect
MessageBeep
PostThreadMessageA
LoadStringA
CharLowerW
ReleaseDC
DrawTextW
GetSysColor
SystemParametersInfoA
RegisterWindowMessageA
GetClientRect
EnableWindow
GetAsyncKeyState
MessageBoxW
GetKeyState
CallWindowProcW
GetWindowTextA
MoveWindow
GetWindowLongW

gdi32

CreateBitmapIndirect
CreatePatternBrush
PatBlt
ExtTextOutW
CreatePalette
SelectPalette
RealizePalette
CreateSolidBrush
ExtCreatePen
CreatePen
GetStockObject
GetRandomRgn
OffsetRgn
GetTextMetricsW
CreateFontIndirectW
GetTextMetricsA
CreateFontIndirectA
CreateCompatibleBitmap
UpdateColors
SetTextAlign
SetBkMode
GetDeviceCaps
GetObjectA
GetPixel
Pie
Chord
PolyPolygon
Polygon
Arc
Polyline
EnumFontFamiliesExW
EnumFontFamiliesExA
EnumFontFamiliesW
EnumFontFamiliesA
SetDIBitsToDevice
CreateCompatibleDC
BitBlt
CreateDIBSection
GdiFlush
DeleteDC
SetTextColor
TextOutW
GetTextExtentPoint32W
SelectObject
SetROP2
MoveToEx
LineTo
SetPixel
PolyDraw
SetBkColor
ExtTextOutA
CreateFontW
EqualRgn
GetRgnBox
RectInRegion
CreateRectRgn
CombineRgn
DeleteObject
SelectClipRgn
CreateRectRgnIndirect

advapi32

RegOpenKeyA
RegQueryValueExA
RegCloseKey

shell32

DragQueryFileA
DragQueryFileW
SHGetFileInfoW
ord74
Shell_NotifyIconW
DragAcceptFiles

ole32

CoInitialize
ReleaseStgMedium
CoUninitialize
RegisterDragDrop
CoCreateInstance
OleInitialize
CoCreateGuid
DoDragDrop

oleaut32

VariantInit
SysAllocStringLen
SysFreeString

msvcr71

fgets
fopen
memcmp
isalnum
isspace
strtod
printf
atol
_vsnprintf
exit
sprintf
_stricmp
floor
strtol
getc
fread
ftell
fseek
toupper
_strnicmp
qsort
realloc
wcslen
strncpy
strstr
fprintf
_iob
log10
_snprintf
isdigit
strcspn
strrchr
_mkdir
_access
fputc
fwrite
free
_except_handler3
calloc
malloc
log
exp
vsprintf
_purecall
ispunct
isprint
modf
_splitpath
fgetc
_setjmp3
_fdopen
_errno
fflush
rewind
strcat
longjmp
pow
gmtime
_endthreadex
_beginthreadex
??1type_info@@UAE@XZ
?terminate@@YAXXZ
__security_error_handler
__dllonexit
_onexit
_initterm
_adjust_fdiv
__CppXcptFilter
atoi
fclose
atan2
strcmp
sscanf
strncmp
time
localtime
abs
memmove
atof
strlen
strcpy
strtok
??_U@YAPAXI@Z
memcpy
tolower
??0bad_cast@@QAE@PBD@Z
??1bad_cast@@UAE@XZ
??0bad_cast@@QAE@ABV0@@Z
??0exception@@QAE@XZ
??1exception@@UAE@XZ
_CxxThrowException
??0exception@@QAE@ABV0@@Z
??_V@YAXPAX@Z
__CxxFrameHandler
memset
??3@YAXPAX@Z
cos
sin
fabs
sqrt
acos
ceil
??2@YAPAXI@Z
strchr

msvcp71

?snextc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QAEGXZ
?eof@?$char_traits@G@std@@SAGXZ
?eq_int_type@?$char_traits@G@std@@SA_NABG0@Z
?to_char_type@?$char_traits@G@std@@SAGABG@Z
?is@?$ctype@G@std@@QBE_NFG@Z
?append@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@IG@Z
?setstate@?$basic_ios@GU?$char_traits@G@std@@@std@@QAEXH_N@Z
?uncaught_exception@std@@YA_NXZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?sgetc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QAEGXZ
?rdbuf@?$basic_ios@GU?$char_traits@G@std@@@std@@QBEPAV?$basic_streambuf@GU?$char_traits@G@std@@@2@XZ
?erase@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@II@Z
?npos@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@2IB
?_Ipfx@?$basic_istream@GU?$char_traits@G@std@@@std@@QAE_N_N@Z
?_Unlock@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QAEXXZ
?_Lock@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QAEXXZ
?_Getcat@?$ctype@G@std@@SAIPAPBVfacet@locale@2@@Z
?id@?$ctype@G@std@@2V0locale@2@A
?widen@?$basic_ios@GU?$char_traits@G@std@@@std@@QBEGD@Z
?size@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIXZ
?sbumpc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QAEGXZ
?to_int_type@?$char_traits@G@std@@SAGABG@Z
??A?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEABGI@Z
?sputc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QAEGG@Z
?fill@?$basic_ios@GU?$char_traits@G@std@@@std@@QBEGXZ
?flush@?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV12@XZ
?tie@?$basic_ios@GU?$char_traits@G@std@@@std@@QBEPAV?$basic_ostream@GU?$char_traits@G@std@@@2@XZ
?_Osfx@?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEXXZ
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAADI@Z
?replace@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@IIPBD@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
?rbegin@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AV?$reverse_iterator@Viterator@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@XZ
?empty@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE_NXZ
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?length@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?_Unlock@_Mutex@std@@QAEXXZ
?_Lock@_Mutex@std@@QAEXXZ
?_Id_cnt@id@locale@std@@0HA
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDI@Z
?clear@ios_base@std@@QAEXH_N@Z
??$?NDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?compare@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEHPBG@Z
??4?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD0@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??4?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@PBG@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBG0@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBGI@Z
?reserve@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEXI@Z
??$?MGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
??$?8GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
??$?PGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
??$?NGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
??4?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@G@Z
?compare@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEHIIPBDI@Z
?reserve@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBD0@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@@Z
?begin@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AVconst_iterator@12@XZ
?end@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AVconst_iterator@12@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@Vconst_iterator@01@0@Z
?end@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AViterator@12@XZ
?max_size@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIXZ
?begin@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AViterator@12@XZ
??$?PDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?find_last_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?good@ios_base@std@@QBE_NXZ
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?flags@ios_base@std@@QBEHXZ
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEABDI@Z
?to_int_type@?$char_traits@D@std@@SAHABD@Z
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDD@Z
??0_Lockit@std@@QAE@H@Z
?id@?$ctype@D@std@@2V0locale@2@A
??Bid@locale@std@@QAEIXZ
?_Getfacet@locale@std@@QBEPBVfacet@12@I@Z
?_Getcat@?$ctype@D@std@@SAIPAPBVfacet@locale@2@@Z
?_Incref@facet@locale@std@@QAEXXZ
?_Register@facet@locale@std@@QAEXXZ
??1_Lockit@std@@QAE@XZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE_N_N@Z
?getloc@ios_base@std@@QBE?AVlocale@2@XZ
??1locale@std@@QAE@XZ
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
?width@ios_base@std@@QBEHXZ
?max_size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?eof@?$char_traits@D@std@@SAHXZ
?eq_int_type@?$char_traits@D@std@@SA_NABH0@Z
?to_char_type@?$char_traits@D@std@@SADABH@Z
?is@?$ctype@D@std@@QBE_NFD@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?width@ios_base@std@@QAEHH@Z
??Y?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@G@Z
??Y?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@PBG@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@IG@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBG@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV01@@Z
??Y?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@ABV01@@Z
??1?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ID@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ

rpcrt4

UuidToStringA
RpcStringFreeA

shlwapi

StrFormatByteSize64A

Exports

Exports

??0AlignGroup@fltk@@QAE@HHHHPBDE_NHEE@Z
??0AnimationWidget@fltk@@QAE@HHHH@Z
??0BarGroup@fltk@@QAE@HHHHPBD_N@Z
??0BorderWidget@fltk@@QAE@HHHHHPAVWindow@1@_N@Z
??0Browser@fltk@@QAE@HHHHPBD@Z
??0Button@fltk@@QAE@HHHHPBD@Z
??0CColor@fltk@@QAE@I@Z
??0CaptionBar@fltk@@QAE@HHHHHPAVCaptionWinImpl@1@@Z
??0CaptionWinImpl@fltk@@QAE@HHPBDPAVCaptionWindow@1@HPAVNonClientFactory@1@@Z
??0CaptionWindow@fltk@@QAE@HHHHPBDPAVNonClientFactory@1@@Z
??0CenterGroup@fltk@@QAE@HHHHPBD@Z
??0CenterLayGroup@fltk@@QAE@HHHH_N@Z
??0CheckButton@fltk@@QAE@HHHHPBD@Z
??0Choice@fltk@@QAE@HHHHPBD@Z
??0CircleImg@fltk@@QAE@HHHHPBD@Z
??0Clock@fltk@@QAE@HHHHPBD@Z
??0ClockOutput@fltk@@QAE@HHHHPBD@Z
??0ComboBox@fltk@@QAE@HHHHPBD@Z
??0ComboBrowser@fltk@@QAE@HHHH@Z
??0CycleButton@fltk@@QAE@HHHHPBD@Z
??0Dial@fltk@@QAE@HHHHPBD@Z
??0Divider@fltk@@QAE@XZ
??0Edit@fltk@@QAE@HHHH_N@Z
??0EngravedLabel@fltk@@QAE@ABV01@@Z
??0EngravedLabel@fltk@@QAE@PBDQAY02$$CBH@Z
??0ExplorerWidget@fltk@@QAE@HHHH_N@Z
??0FileInput@fltk@@QAE@HHHHPBD@Z
??0FlashGroup@fltk@@QAE@HHHHPBD@Z
??0FlatBox@fltk@@QAE@PBD@Z
??0FlatButton@fltk@@QAE@HHHHPBD@Z
??0FloatInput@fltk@@QAE@HHHHPBD@Z
??0FolderTree@fltk@@QAE@HHHH@Z
??0FolderTreeWin@fltk@@QAE@XZ
??0FrameBox@fltk@@QAE@PBDHHHH0PBVSymbol@1@@Z
??0GSave@fltk@@QAE@XZ
??0Group@fltk@@QAE@HHHHPBD_N@Z
??0HeaderWidget@fltk@@QAE@HHHHPBD@Z
??0HighlightBox@fltk@@QAE@PBDPBVSymbol@1@@Z
??0HighlightButton@fltk@@QAE@HHHHPBD@Z
??0HyperLink@fltk@@QAE@HHHHPBD@Z
??0Image@fltk@@QAE@HHPBD@Z
??0Image@fltk@@QAE@PBD@Z
??0Image@fltk@@QAE@PBEW4PixelType@1@HH@Z
??0Image@fltk@@QAE@PBEW4PixelType@1@HHH@Z
??0Image@fltk@@QAE@W4PixelType@1@HHPBD@Z
??0ImageManager@fltk@@AAE@XZ
??0ImageWidget@fltk@@QAE@HHHH@Z
??0Input@fltk@@QAE@HHHHPBD@Z
??0InputBrowser@fltk@@QAE@HHHHPBD@Z
??0InvisibleBox@fltk@@QAE@HHHHPBD@Z
??0InvisibleBox@fltk@@QAE@PAVSymbol@1@HHHHPBD@Z
??0Item@fltk@@QAE@PBD@Z
??0Item@fltk@@QAE@PBDHP6AXPAVWidget@1@PAX@Z2H@Z
??0Item@fltk@@QAE@PBDPBVSymbol@1@@Z
??0ItemGroup@fltk@@QAE@PBDPBVSymbol@1@_N@Z
??0ItemGroup@fltk@@QAE@PBD_N@Z
??0LabelType@fltk@@QAE@ABV01@@Z
??0LabelType@fltk@@QAE@PBD@Z
??0LightButton@fltk@@QAE@HHHHPBD@Z
??0LineBuffer@fltk@@QAE@ABV01@@Z
??0LineBuffer@fltk@@QAE@PBDH@Z
??0List@fltk@@QAE@ABV01@@Z
??0List@fltk@@QAE@XZ
??0MainThreadCall@fltk@@QAE@XZ
??0Mark@Browser@fltk@@QAE@ABV012@@Z
??0Mark@Browser@fltk@@QAE@XZ
??0Menu@fltk@@QAE@HHHHPBD_N@Z
??0MenuBar@fltk@@QAE@HHHHPBD@Z
??0MenuSection@fltk@@QAE@PBD@Z
??0MenuSection@fltk@@QAE@PBDPBVSymbol@1@@Z
??0MenuTabPager@@QAE@ABV0@@Z
??0MenuTabPager@@QAE@XZ
??0MenuWindow@fltk@@QAE@HHHHPBD@Z
??0MenuWindow@fltk@@QAE@HHPBD@Z
??0Monitor@fltk@@QAE@ABV01@@Z
??0Monitor@fltk@@QAE@XZ
??0MultiBrowser@fltk@@QAE@HHHHPBD@Z
??0MultiImage@fltk@@QAE@ABVSymbol@1@@Z
??0MultiImage@fltk@@QAE@ABVSymbol@1@H0@Z
??0MultiImage@fltk@@QAE@ABVSymbol@1@H0H0@Z
??0MultiImage@fltk@@QAE@ABVSymbol@1@H0H0H0@Z
??0MultiImage@fltk@@QAE@ABVSymbol@1@H0H0H0H0@Z
??0MultiImage@fltk@@QAE@ABVSymbol@1@H0H0H0H0H0@Z
??0MultiImage@fltk@@QAE@ABVSymbol@1@H0H0H0H0H0H0@Z
??0MultiImage@fltk@@QAE@ABVSymbol@1@H0H0H0H0H0H0H0@Z
??0MultiImage@fltk@@QAE@IPBVSymbol@1@PAD@Z
??0MultiImage@fltk@@QAE@XZ
??0Name@Preferences@fltk@@QAA@PBDZZ
??0Name@Preferences@fltk@@QAE@H@Z
??0NamedStyle@fltk@@QAE@PBDP6AXPAVStyle@1@@ZPAPAU01@@Z
??0Navigator@fltk@@AAE@PBD@Z
??0NavigatorPane@fltk@@QAE@HHHH@Z
??0NavigatorWorking@fltk@@QAE@HHHH@Z
??0NoLabel@@QAE@ABV0@@Z
??0NoLabel@@QAE@PBD@Z
??0NonClientFactory@fltk@@QAE@ABV01@@Z
??0NonClientFactory@fltk@@QAE@XZ
??0NumericInput@fltk@@QAE@HHHHPBD@Z
??0Output@fltk@@QAE@HHHHPBD@Z
??0PackedGroup@fltk@@QAE@HHHHPBD_N@Z
??0PopupMenu@fltk@@QAE@HHHHPBD@Z
??0Preferences@fltk@@QAE@AAV01@PBD@Z
??0Preferences@fltk@@QAE@PAV01@PBD@Z
??0Preferences@fltk@@QAE@PBD00@Z
??0Preferences@fltk@@QAE@W4Root@01@PBD1@Z
??0ProgressBar@fltk@@QAE@HHHHPBD@Z
??0QWaitingWidget@fltk@@QAE@HHHHPBD_NM@Z
??0RadioButton@fltk@@QAE@HHHHPBD@Z
??0Rectangle@fltk@@QAE@ABV01@@Z
??0Rectangle@fltk@@QAE@ABV01@HHH@Z
??0Rectangle@fltk@@QAE@HH@Z
??0Rectangle@fltk@@QAE@HHHH@Z
??0Rectangle@fltk@@QAE@XZ
??0RepeatButton@fltk@@QAE@HHHHPBD@Z
??0ReturnButton@fltk@@QAE@HHHHPBD@Z
??0RichEdit@fltk@@QAE@HHHH_N00@Z
??0ScrollGroup@fltk@@QAE@HHHHPBD_N@Z
??0Scrollbar@fltk@@QAE@HHHHPBD@Z
??0ShrinkTabPager@@QAE@ABV0@@Z
??0ShrinkTabPager@@QAE@XZ
??0Slider@fltk@@QAE@HHHHPBD@Z
??0Splitter@fltk@@QAE@HHHHW4Direction@01@HM@Z
??0Static@fltk@@QAE@HHHHPBDI@Z
??0StaticWidget@fltk@@QAE@HHHHPBD@Z
??0StatusBarGroup@fltk@@QAE@H@Z
??0StatusBarGroup@fltk@@QAE@HHHHPBD_N@Z
??0StringArray@fltk@@QAE@ABV01@@Z
??0StringArray@fltk@@QAE@PBD@Z
??0StringArray@fltk@@QAE@PBQBD@Z
??0StringArray@fltk@@QAE@PBQBDH@Z
??0StringArray@fltk@@QAE@XZ
??0StringHierarchy@fltk@@QAE@ABV01@@Z
??0StringHierarchy@fltk@@QAE@XZ
??0StringList@fltk@@QAE@ABV01@@Z
??0StringList@fltk@@QAE@XZ
??0Style@fltk@@QAE@XZ
??0StyleSet@fltk@@QAE@XZ
??0Symbol@fltk@@QAE@PBD@Z
??0TabGroup@fltk@@QAE@HHHHPBD_N@Z
??0TabGroupEx@fltk@@QAE@HHHH@Z
??0TabGroupPager@fltk@@QAE@ABV01@@Z
??0TabGroupPager@fltk@@QAE@XZ
??0TextAttrib@fltk@@QAE@PAUFont@1@HI@Z
??0TextAttrib@fltk@@QAE@XZ
??0TextBuffer@fltk@@QAE@H@Z
??0TextDisplay@fltk@@QAE@HHHHPBD@Z
??0TextEditor@fltk@@QAE@HHHHPBD@Z
??0TextSelection@fltk@@QAE@XZ
??0ThumbWheel@fltk@@QAE@HHHHPBD@Z
??0TiledGroup@fltk@@QAE@HHHHPBD_N@Z
??0TitleWidget@fltk@@QAE@HHHHPBD@Z
??0ToolBar@fltk@@QAE@HHHHH@Z
??0ToolDivider@fltk@@QAE@XZ
??0Tooltip@fltk@@QAE@XZ
??0Valuator@fltk@@QAE@HHHHPBD@Z
??0ValueInput@fltk@@QAE@HHHHPBD@Z
??0ValueOutput@fltk@@QAE@HHHHPBD@Z
??0ValueSlider@fltk@@QAE@HHHHPBD@Z
??0WaitAddonGroup@fltk@@QAE@HHHHII@Z
??0WebBrowserWindow@fltk@@QAE@HHHHPBD0@Z
??0Widget@fltk@@QAE@HHHHPBD@Z
??0Window@fltk@@QAE@HHHHPBD_N@Z
??0Window@fltk@@QAE@HHPBD@Z
??0WizardGroup@fltk@@QAE@HHHHPBD_N@Z
??0gifImage@fltk@@AAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0gifImage@fltk@@AAE@PBEH@Z
??0icoImage@fltk@@AAE@PBDPBE@Z
??0pngImage@fltk@@AAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0pngImage@fltk@@AAE@PBE@Z
??1AlignGroup@fltk@@UAE@XZ
??1AnimationWidget@fltk@@UAE@XZ
??1BarGroup@fltk@@UAE@XZ
??1BorderWidget@fltk@@UAE@XZ
??1Browser@fltk@@UAE@XZ
??1Button@fltk@@UAE@XZ
??1CaptionBar@fltk@@UAE@XZ
??1CaptionWinImpl@fltk@@UAE@XZ
??1CaptionWindow@fltk@@UAE@XZ
??1CenterGroup@fltk@@UAE@XZ
??1CenterLayGroup@fltk@@UAE@XZ
??1CheckButton@fltk@@UAE@XZ
??1Choice@fltk@@UAE@XZ
??1CircleImg@fltk@@UAE@XZ
??1Clock@fltk@@UAE@XZ
??1ClockOutput@fltk@@UAE@XZ
??1ComboBox@fltk@@UAE@XZ
??1ComboBrowser@fltk@@UAE@XZ
??1CycleButton@fltk@@UAE@XZ
??1Dial@fltk@@UAE@XZ
??1Divider@fltk@@UAE@XZ
??1Edit@fltk@@UAE@XZ
??1EngravedLabel@fltk@@UAE@XZ
??1ExplorerWidget@fltk@@UAE@XZ
??1FileInput@fltk@@UAE@XZ
??1FlashGroup@fltk@@UAE@XZ
??1FlatBox@fltk@@UAE@XZ
??1FlatButton@fltk@@UAE@XZ
??1FloatInput@fltk@@UAE@XZ
??1FolderTree@fltk@@UAE@XZ
??1FolderTreeWin@fltk@@QAE@XZ
??1FrameBox@fltk@@UAE@XZ
??1GSave@fltk@@QAE@XZ
??1Group@fltk@@UAE@XZ
??1HeaderWidget@fltk@@UAE@XZ
??1HighlightBox@fltk@@UAE@XZ
??1HighlightButton@fltk@@UAE@XZ
??1HyperLink@fltk@@UAE@XZ
??1Image@fltk@@UAE@XZ
??1ImageManager@fltk@@QAE@XZ
??1ImageWidget@fltk@@UAE@XZ
??1Input@fltk@@UAE@XZ
??1InputBrowser@fltk@@UAE@XZ
??1InvisibleBox@fltk@@UAE@XZ
??1Item@fltk@@UAE@XZ
??1ItemGroup@fltk@@UAE@XZ
??1LabelType@fltk@@UAE@XZ
??1LightButton@fltk@@UAE@XZ
??1LineBuffer@fltk@@QAE@XZ
??1List@fltk@@UAE@XZ
??1MainThreadCall@fltk@@QAE@XZ
??1Mark@Browser@fltk@@QAE@XZ
??1Menu@fltk@@UAE@XZ
??1MenuBar@fltk@@UAE@XZ
??1MenuSection@fltk@@QAE@XZ
??1MenuWindow@fltk@@UAE@XZ
??1MultiBrowser@fltk@@UAE@XZ
??1MultiImage@fltk@@UAE@XZ
??1Name@Preferences@fltk@@QAE@XZ
??1Navigator@fltk@@EAE@XZ
??1NavigatorPane@fltk@@UAE@XZ
??1NavigatorWorking@fltk@@UAE@XZ
??1NoLabel@@UAE@XZ
??1NumericInput@fltk@@UAE@XZ
??1Output@fltk@@UAE@XZ
??1PackedGroup@fltk@@UAE@XZ
??1PopupMenu@fltk@@UAE@XZ
??1Preferences@fltk@@QAE@XZ
??1ProgressBar@fltk@@UAE@XZ
??1QWaitingWidget@fltk@@UAE@XZ
??1RadioButton@fltk@@UAE@XZ
??1RepeatButton@fltk@@UAE@XZ
??1ReturnButton@fltk@@UAE@XZ
??1RichEdit@fltk@@UAE@XZ
??1ScrollGroup@fltk@@UAE@XZ
??1Scrollbar@fltk@@UAE@XZ
??1Slider@fltk@@UAE@XZ
??1Splitter@fltk@@UAE@XZ
??1Static@fltk@@UAE@XZ
??1StaticWidget@fltk@@UAE@XZ
??1StatusBarGroup@fltk@@UAE@XZ
??1StringArray@fltk@@UAE@XZ
??1StringHierarchy@fltk@@UAE@XZ
??1StringList@fltk@@UAE@XZ
??1StyleSet@fltk@@QAE@XZ
??1Symbol@fltk@@UAE@XZ
??1TabGroup@fltk@@UAE@XZ
??1TabGroupEx@fltk@@UAE@XZ
??1TextAttrib@fltk@@QAE@XZ
??1TextBuffer@fltk@@QAE@XZ
??1TextDisplay@fltk@@UAE@XZ
??1TextEditor@fltk@@UAE@XZ
??1ThumbWheel@fltk@@UAE@XZ
??1TiledGroup@fltk@@UAE@XZ
??1TitleWidget@fltk@@UAE@XZ
??1ToolBar@fltk@@UAE@XZ
??1ToolDivider@fltk@@UAE@XZ
??1Tooltip@fltk@@UAE@XZ
??1Valuator@fltk@@UAE@XZ
??1ValueInput@fltk@@UAE@XZ
??1ValueOutput@fltk@@UAE@XZ
??1ValueSlider@fltk@@UAE@XZ
??1WaitAddonGroup@fltk@@UAE@XZ
??1WebBrowserWindow@fltk@@UAE@XZ
??1Widget@fltk@@UAE@XZ
??1Window@fltk@@UAE@XZ
??1WizardGroup@fltk@@UAE@XZ
??1gifImage@fltk@@EAE@XZ
??1icoImage@fltk@@UAE@XZ
??1pngImage@fltk@@UAE@XZ
??4CColor@fltk@@QAEAAV01@ABV01@@Z
??4CreatedWindow@fltk@@QAEAAV01@ABV01@@Z
??4EngravedLabel@fltk@@QAEAAV01@ABV01@@Z
??4Fl_Menu_Item@@QAEAAU0@ABU0@@Z
??4FolderTreeWin@fltk@@QAEAAV01@ABV01@@Z
??4Font@fltk@@QAEAAU01@ABU01@@Z
??4GSave@fltk@@QAEAAV01@ABV01@@Z
??4LabelType@fltk@@QAEAAV01@ABV01@@Z
??4LineBuffer@fltk@@QAEAAV01@ABV01@@Z
??4List@fltk@@QAEAAV01@ABV01@@Z
??4Mark@Browser@fltk@@QAEABV012@ABV012@@Z
??4MenuSection@fltk@@QAEAAV01@ABV01@@Z
??4MenuTabPager@@QAEAAV0@ABV0@@Z
??4Monitor@fltk@@QAEAAV01@ABV01@@Z
??4Name@Preferences@fltk@@QAEAAV012@ABV012@@Z
??4NamedStyle@fltk@@QAEAAU01@ABU01@@Z
??4NoLabel@@QAEAAV0@ABV0@@Z
??4NonClientFactory@fltk@@QAEAAV01@ABV01@@Z
??4Rectangle@fltk@@QAEAAV01@ABV01@@Z
??4ShrinkTabPager@@QAEAAV0@ABV0@@Z
??4StringArray@fltk@@QAEAAV01@ABV01@@Z
??4StringHierarchy@fltk@@QAEAAV01@ABV01@@Z
??4StringList@fltk@@QAEAAV01@ABV01@@Z
??4Style@fltk@@QAEAAV01@ABV01@@Z
??4StyleSet@fltk@@QAEAAV01@ABV01@@Z
??4TabGroupPager@fltk@@QAEAAV01@ABV01@@Z
??4TextAttrib@fltk@@QAEAAV01@ABV01@@Z
??4TextBuffer@fltk@@QAEAAV01@ABV01@@Z
??4TextSelection@fltk@@QAEAAV01@ABV01@@Z
??8TextAttrib@fltk@@QAE_NABV01@@Z
??BCColor@fltk@@QBEIXZ
??BName@Preferences@fltk@@QAEPBDXZ
??_7AlignGroup@fltk@@6B@
??_7AnimationWidget@fltk@@6B@
??_7BarGroup@fltk@@6B@
??_7BorderWidget@fltk@@6B@
??_7Browser@fltk@@6B@
??_7Button@fltk@@6B@
??_7CaptionBar@fltk@@6B@
??_7CaptionWinImpl@fltk@@6B@
??_7CaptionWindow@fltk@@6B@
??_7CenterGroup@fltk@@6B@
??_7CenterLayGroup@fltk@@6B@
??_7CheckButton@fltk@@6B@
??_7Choice@fltk@@6B@
??_7CircleImg@fltk@@6B@
??_7Clock@fltk@@6B@
??_7ClockOutput@fltk@@6B@
??_7ComboBox@fltk@@6B@
??_7ComboBrowser@fltk@@6B@
??_7CycleButton@fltk@@6B@
??_7Dial@fltk@@6B@
??_7Divider@fltk@@6B@
??_7Edit@fltk@@6B@
??_7EngravedLabel@fltk@@6B@
??_7ExplorerWidget@fltk@@6B@
??_7FileInput@fltk@@6B@
??_7FlashGroup@fltk@@6B@
??_7FlatBox@fltk@@6B@
??_7FlatButton@fltk@@6B@
??_7FloatInput@fltk@@6B@
??_7FolderTree@fltk@@6B@
??_7FrameBox@fltk@@6B@
??_7Group@fltk@@6B@
??_7HeaderWidget@fltk@@6B@
??_7HighlightBox@fltk@@6B@
??_7HighlightButton@fltk@@6B@
??_7HyperLink@fltk@@6B@
??_7Image@fltk@@6B@
??_7ImageWidget@fltk@@6B@
??_7Input@fltk@@6B@
??_7InputBrowser@fltk@@6B@
??_7InvisibleBox@fltk@@6B@
??_7Item@fltk@@6B@
??_7ItemGroup@fltk@@6B@
??_7LabelType@fltk@@6B@
??_7LightButton@fltk@@6B@
??_7List@fltk@@6B@
??_7Menu@fltk@@6B@
??_7MenuBar@fltk@@6B@
??_7MenuTabPager@@6B@
??_7MenuWindow@fltk@@6B@
??_7MultiBrowser@fltk@@6B@
??_7MultiImage@fltk@@6B@
??_7Navigator@fltk@@6B@
??_7NavigatorPane@fltk@@6B@
??_7NavigatorWorking@fltk@@6B@
??_7NoLabel@@6B@
??_7NonClientFactory@fltk@@6B@
??_7NumericInput@fltk@@6B@
??_7Output@fltk@@6B@
??_7PackedGroup@fltk@@6B@
??_7PopupMenu@fltk@@6B@
??_7ProgressBar@fltk@@6B@
??_7QWaitingWidget@fltk@@6B@
??_7RadioButton@fltk@@6B@
??_7RepeatButton@fltk@@6B@
??_7ReturnButton@fltk@@6B@
??_7RichEdit@fltk@@6B@
??_7ScrollGroup@fltk@@6B@
??_7Scrollbar@fltk@@6B@
??_7ShrinkTabPager@@6B@
??_7Slider@fltk@@6B@
??_7Splitter@fltk@@6B@
??_7Static@fltk@@6B@
??_7StaticWidget@fltk@@6B@
??_7StatusBarGroup@fltk@@6B@
??_7StringArray@fltk@@6B@
??_7StringHierarchy@fltk@@6B@
??_7StringList@fltk@@6B@
??_7Symbol@fltk@@6B@
??_7TabGroup@fltk@@6B@
??_7TabGroupEx@fltk@@6B@
??_7TabGroupPager@fltk@@6B@
??_7TextDisplay@fltk@@6B@
??_7TextEditor@fltk@@6B@
??_7ThumbWheel@fltk@@6B@
??_7TiledGroup@fltk@@6B@
??_7TitleWidget@fltk@@6B@
??_7ToolBar@fltk@@6B@
??_7ToolDivider@fltk@@6B@
??_7Tooltip@fltk@@6B@
??_7Valuator@fltk@@6B@
??_7ValueInput@fltk@@6B@
??_7ValueOutput@fltk@@6B@
??_7ValueSlider@fltk@@6B@
??_7WaitAddonGroup@fltk@@6B@
??_7WebBrowserWindow@fltk@@6B@
??_7Widget@fltk@@6B@
??_7Window@fltk@@6B@
??_7WizardGroup@fltk@@6B@
??_7gifImage@fltk@@6B@
??_7icoImage@fltk@@6B@
??_7pngImage@fltk@@6B@
??_FCColor@fltk@@QAEXXZ
??_FImage@fltk@@QAEXXZ
??_FItem@fltk@@QAEXXZ
??_FItemGroup@fltk@@QAEXXZ
??_FMenuSection@fltk@@QAEXXZ
??_FStatusBarGroup@fltk@@QAEXXZ
??_FSymbol@fltk@@QAEXXZ
??_FTextBuffer@fltk@@QAEXXZ
?AskMessageBox@fltk@@YAHPBDH@Z
?BORDER_BOX@fltk@@3QAVSymbol@1@A
?BORDER_FRAME@fltk@@3QAVSymbol@1@A
?BUTTON_BOX@fltk@@3QAVSymbol@1@A
?CURSOR_ARROW@fltk@@3QAUCursor@1@A
?CURSOR_CROSS@fltk@@3QAUCursor@1@A
?CURSOR_DEFAULT@fltk@@3QAUCursor@1@A
?CURSOR_HAND@fltk@@3QAUCursor@1@A
?CURSOR_HELP@fltk@@3QAUCursor@1@A
?CURSOR_INSERT@fltk@@3QAUCursor@1@A
?CURSOR_MOVE@fltk@@3QAUCursor@1@A
?CURSOR_NESW@fltk@@3QAUCursor@1@A
?CURSOR_NO@fltk@@3QAUCursor@1@A
?CURSOR_NONE@fltk@@3QAUCursor@1@A
?CURSOR_NS@fltk@@3QAUCursor@1@A
?CURSOR_NWSE@fltk@@3QAUCursor@1@A
?CURSOR_WAIT@fltk@@3QAUCursor@1@A
?CURSOR_WE@fltk@@3QAUCursor@1@A
?ClearSubLine@LineBuffer@fltk@@QAEXXZ
?DIAMOND_DOWN_BOX@fltk@@3QAVSymbol@1@A
?DIAMOND_UP_BOX@fltk@@3QAVSymbol@1@A
?DOWN_BOX@fltk@@3QAVSymbol@1@A
?DisableInput@ComboBox@fltk@@QAEXXZ
?DisableInput@ExplorerWidget@fltk@@QAEXXZ
?DisableInput@Input@fltk@@QAEXXZ
?EMBOSSED_BOX@fltk@@3QAVSymbol@1@A
?EMBOSSED_LABEL@fltk@@3QAVLabelType@1@A
?ENGRAVED_BOX@fltk@@3QAVSymbol@1@A
?ENGRAVED_LABEL@fltk@@3QAVLabelType@1@A
?FLAT_BOX@fltk@@3QAVSymbol@1@A
?GRADIENT_LINER_BOX@fltk@@3QAVSymbol@1@A
?GRADIENT_SPLIT_BOX@fltk@@3QAVSymbol@1@A
?GetBlue@CColor@fltk@@QBEHXZ
?GetControlItem@LineBuffer@fltk@@QAEPAUControl@12@H@Z
?GetGreen@CColor@fltk@@QBEHXZ
?GetHue@CColor@fltk@@QBEMXZ
?GetLuminance@CColor@fltk@@QBEMXZ
?GetRed@CColor@fltk@@QBEHXZ
?GetSaturation@CColor@fltk@@QBEMXZ
?GetSubLineCnt@LineBuffer@fltk@@QAEHXZ
?HIGHLIGHT_DOWN_BOX@fltk@@3QAVSymbol@1@A
?HIGHLIGHT_UP_BOX@fltk@@3QAVSymbol@1@A
?InsertSubLine@LineBuffer@fltk@@QAEXHHH@Z
?IsNumber_@Browser@fltk@@CA_NAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?KillNonThreadMessageBox@fltk@@YAHXZ
?NORMAL_LABEL@fltk@@3QAVLabelType@1@A
?NO_BOX@fltk@@3QAVSymbol@1@A
?NO_LABEL@fltk@@3QAVLabelType@1@A
?NumberCompare@Browser@fltk@@CAHAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0@Z
?OFLAT_BOX@fltk@@3QAVSymbol@1@A
?OSHADOW_BOX@fltk@@3QAVSymbol@1@A
?OVAL_BOX@fltk@@3QAVSymbol@1@A
?PLASTIC_DOWN_BOX@fltk@@3QAVSymbol@1@A
?PLASTIC_UP_BOX@fltk@@3QAVSymbol@1@A
?ParseControl@LineBuffer@fltk@@QAEXXZ
?QMessageBox@fltk@@YAHPBD0II@Z
?RBGGRD_BOX@fltk@@3QAVSymbol@1@A
?RFLATARC_BOX@fltk@@3QAVSymbol@1@A
?RFLAT_BOX@fltk@@3QAVSymbol@1@A
?ROUNDED_BOX@fltk@@3QAVSymbol@1@A
?ROUND_DOWN_BOX@fltk@@3QAVSymbol@1@A
?ROUND_UP_BOX@fltk@@3QAVSymbol@1@A
?RSHADOW_BOX@fltk@@3QAVSymbol@1@A
?SCROLLBAR_BOX@fltk@@3QAVSymbol@1@A
?SHADOW_BOX@fltk@@3QAVSymbol@1@A
?SHADOW_LABEL@fltk@@3QAVLabelType@1@A
?SONGTI@fltk@@3QAUFont@1@A
?SONGTI_BOLD@fltk@@3QAUFont@1@A
?SONGTI_BOLD_ITALIC@fltk@@3QAUFont@1@A
?SONGTI_ITALIC@fltk@@3QAUFont@1@A
?SYMBOL_LABEL@fltk@@3QAVLabelType@1@A
?SetBlue@CColor@fltk@@QAEXH@Z
?SetGreen@CColor@fltk@@QAEXH@Z
?SetHLS@CColor@fltk@@QAEXMMM@Z
?SetHue@CColor@fltk@@QAEXM@Z
?SetLuminance@CColor@fltk@@QAEXM@Z
?SetRGB@CColor@fltk@@QAEXHHH@Z
?SetRed@CColor@fltk@@QAEXH@Z
?SetSaturation@CColor@fltk@@QAEXM@Z

Sections

.text
Size: 884KB - Virtual size: 881KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 196KB - Virtual size: 192KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
images/account_hover.png
.png
images/account_normal.png
.png
images/account_pressed.png
.png
images/account_selected_normal.png
.png
images/antivirus_hover.png
.png
images/antivirus_normal.png
.png
images/antivirus_pressed.png
.png
images/audio/mic_mute_normal.png
.png
images/audio/mic_normal.png
.png
images/audio/volume_mute_normal.png
.png
images/audio/volume_normal.png
.png
images/audio_hover.png
.png
images/audio_normal.png
.png
images/audio_pressed.png
.png
images/call_disable.png
.png
images/call_hover.png
.png
images/call_normal.png
.png
images/call_pressed.png
.png
images/charge_hover.png
.png
images/charge_normal.png
.png
images/charge_pressed.png
.png
images/charge_selected_normal.png
.png
images/chat_normal.png
.png
images/close_normal.gif
.gif
images/csi_bg_normal.png
.png
images/desk_hover.png
.png
images/desk_normal.png
.png
images/desk_pressed.png
.png
images/engImg_normal.png
.png
images/fileserver/scan_normal.gif
.gif
images/fltk/Error_normal.gif
.gif
images/fltk/Information_normal.gif
.gif
images/fltk/Question_normal.gif
.gif
images/fltk/Warning_normal.gif
.gif
images/fltk/rchecked_hover.png
.png
images/fltk/rchecked_normal.png
.png
images/fltk/rchecked_pressed.png
.png
images/fltk/refresh_hover.png
.png
images/fltk/refresh_normal.png
.png
images/fltk/refresh_pressed.png
.png
images/fltk/runcheck_hover.png
.png
images/fltk/runcheck_normal.png
.png
images/fltk/runcheck_pressed.png
.png
images/fltk/sm_close1_hover.png
.png
images/fltk/sm_close1_normal.png
.png
images/fltk/sm_close1_pressed.png
.png
images/fltk/sm_close_hover.png
.png
images/fltk/sm_close_normal.png
.png
images/fltk/sm_close_pressed.png
.png
images/fltk/sm_max_hover.png
.png
images/fltk/sm_max_normal.png
.png
images/fltk/sm_max_pressed.png
.png
images/fltk/sm_min_hover.png
.png
images/fltk/sm_min_normal.png
.png
images/fltk/sm_min_pressed.png
.png
images/fltk/titlebg_normal.png
.png
images/fltk/up_hover.png
.png
images/fltk/up_normal.png
.png
images/fltk/up_pressed.png
.png
images/fltk/waiting_normal.gif
.gif
images/help_hover.png
.png
images/help_normal.png
.png
images/help_pressed.png
.png
images/help_selected_normal.png
.png
images/lm_disable.png
.png
images/lm_hover.png
.png
images/lm_normal.png
.png
images/lm_pressed.png
.png
images/main_close_hover.png
.png
images/main_close_normal.png
.png
images/main_close_pressed.png
.png
images/main_min_hover.png
.png
images/main_min_normal.png
.png
images/main_min_pressed.png
.png
images/main_normal.png
.png
images/message_hover.png
.png
images/message_normal.png
.png
images/message_pressed.png
.png
images/message_selected_normal.png
.png
images/msn_normal.png
.png
images/netdiag/Fail_normal.png
.png
images/netdiag/Pass_normal.png
.png
images/netdiag/Unknown_normal.gif
.gif
images/open_normal.gif
.gif
images/privacy_hover.png
.png
images/privacy_normal.png
.png
images/privacy_pressed.png
.png
images/privacyguard/0_normal.gif
.gif
images/privacyguard/1_normal.gif
.gif
images/privacyguard/2_normal.gif
.gif
images/privacyguard/3_normal.gif
.gif
images/privacyguard/4_normal.gif
.gif
images/privacyguard/5_normal.gif
.gif
images/privacyguard/Num1_normal.gif
.gif
images/privacyguard/Num2_normal.gif
.gif
images/privacyguard/key_logo_normal.png
.png
images/privacyguard/key_normal.gif
.gif
images/privacyguard/lock_normal.gif
.gif
images/privacyguard/logo_normal.gif
.gif
images/privacyguard/unlock_normal.gif
.gif
images/refresh_disable.png
.png
images/refresh_hover.png
.png
images/refresh_normal.png
.png
images/refresh_pressed.png
.png
images/send_hover.png
.png
images/send_normal.png
.png
images/send_pressed.png
.png
images/service_normal.png
.png
images/splitter_normal.png
.png
images/stop_hover.png
.png
images/stop_normal.png
.png
images/stop_pressed.png
.png
images/update_normal.png
.png
images/user_normal.png
.png
images/userauth_hover.png
.png
images/userauth_normal.png
.png
images/userauth_pressed.png
.png
images/userauth_selected_normal.png
.png
images/waiting_normal.gif
.gif
images/words_hover.png
.png
images/words_normal.png
.png
images/words_pressed.png
.png
msvcp71.dll
.dll windows:4 windows x86 arch:x86

5e2398adb60a70c7ab04e7cba75a7983

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcr71

setvbuf
fflush
ungetc
fgetc
fwrite
fputc
_Getdays
_Getmonths
fgetpos
fseek
fsetpos
fclose
__iob_func
fopen
atan2
cos
exp
ldexp
log
pow
sin
sqrt
tan
fgetwc
fputwc
ungetwc
strtol
_errno
_Strftime
strcspn
strtoul
_strtoi64
_strtoui64
sprintf
abort
realloc
setlocale
_CxxThrowException
??0exception@@QAE@XZ
malloc
?what@exception@@UBEPBDXZ
??0exception@@QAE@ABQBD@Z
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
__uncaught_exception
towlower
towupper
strcmp
__pctype_func
___lc_codepage_func
___lc_handle_func
_unlock
_lock
___setlc_active_func
___unguarded_readlc_active_add_func
_except_handler3
_local_unwind2
__crtCompareStringA
___lc_collate_cp_func
__crtLCMapStringA
isupper
islower
__crtGetStringTypeW
__crtLCMapStringW
_callnewh
__crtCompareStringW
strtod
??1type_info@@UAE@XZ
?terminate@@YAXXZ
__security_error_handler
__dllonexit
_onexit
_initterm
_adjust_fdiv
__CppXcptFilter
??0bad_cast@@QAE@PBD@Z
??1bad_cast@@UAE@XZ
??0bad_cast@@QAE@ABV0@@Z
??0exception@@QAE@ABV0@@Z
__CxxFrameHandler
___mb_cur_max_func
??_V@YAXPAX@Z
??3@YAXPAX@Z
_Gettnames
localeconv
free
memset
memchr
strlen
memcmp
wcslen
memmove
??1exception@@UAE@XZ
memcpy

kernel32

GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
ExitProcess
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetLocaleInfoA
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
MultiByteToWideChar
DisableThreadLibraryCalls

Exports

Exports

??$?5DU?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAC@Z
??$?5DU?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAD@Z
??$?5DU?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAE@Z
??$?5DU?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@PAC@Z
??$?5DU?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@PAD@Z
??$?5DU?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@PAE@Z
??$?5DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??$?5GU?$char_traits@G@std@@@std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@0@AAV10@AAG@Z
??$?5GU?$char_traits@G@std@@@std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@0@AAV10@PAG@Z
??$?5GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@0@AAV10@AAV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
??$?5MDU?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$complex@M@0@@Z
??$?5MGU?$char_traits@G@std@@@std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@0@AAV10@AAV?$complex@M@0@@Z
??$?5M_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_istream@_WU?$char_traits@_W@std@@@0@AAV10@AAV?$complex@M@0@@Z
??$?5NDU?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$complex@N@0@@Z
??$?5NGU?$char_traits@G@std@@@std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@0@AAV10@AAV?$complex@N@0@@Z
??$?5N_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_istream@_WU?$char_traits@_W@std@@@0@AAV10@AAV?$complex@N@0@@Z
??$?5ODU?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$complex@O@0@@Z
??$?5OGU?$char_traits@G@std@@@std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@0@AAV10@AAV?$complex@O@0@@Z
??$?5O_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_istream@_WU?$char_traits@_W@std@@@0@AAV10@AAV?$complex@O@0@@Z
??$?5_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_istream@_WU?$char_traits@_W@std@@@0@AAV10@AA_W@Z
??$?5_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_istream@_WU?$char_traits@_W@std@@@0@AAV10@PA_W@Z
??$?5_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YAAAV?$basic_istream@_WU?$char_traits@_W@std@@@0@AAV10@AAV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??$?6DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??$?6GU?$char_traits@G@std@@@std@@YAAAV?$basic_ostream@GU?$char_traits@G@std@@@0@AAV10@G@Z
??$?6GU?$char_traits@G@std@@@std@@YAAAV?$basic_ostream@GU?$char_traits@G@std@@@0@AAV10@PBG@Z
??$?6GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YAAAV?$basic_ostream@GU?$char_traits@G@std@@@0@AAV10@ABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
??$?6MDU?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$complex@M@0@@Z
??$?6MGU?$char_traits@G@std@@@std@@YAAAV?$basic_ostream@GU?$char_traits@G@std@@@0@AAV10@ABV?$complex@M@0@@Z
??$?6M_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_ostream@_WU?$char_traits@_W@std@@@0@AAV10@ABV?$complex@M@0@@Z
??$?6NDU?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$complex@N@0@@Z
??$?6NGU?$char_traits@G@std@@@std@@YAAAV?$basic_ostream@GU?$char_traits@G@std@@@0@AAV10@ABV?$complex@N@0@@Z
??$?6N_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_ostream@_WU?$char_traits@_W@std@@@0@AAV10@ABV?$complex@N@0@@Z
??$?6ODU?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$complex@O@0@@Z
??$?6OGU?$char_traits@G@std@@@std@@YAAAV?$basic_ostream@GU?$char_traits@G@std@@@0@AAV10@ABV?$complex@O@0@@Z
??$?6O_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_ostream@_WU?$char_traits@_W@std@@@0@AAV10@ABV?$complex@O@0@@Z
??$?6U?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@C@Z
??$?6U?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@D@Z
??$?6U?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@E@Z
??$?6U?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBC@Z
??$?6U?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBD@Z
??$?6U?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBE@Z
??$?6_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_ostream@_WU?$char_traits@_W@std@@@0@AAV10@PB_W@Z
??$?6_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_ostream@_WU?$char_traits@_W@std@@@0@AAV10@_W@Z
??$?6_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YAAAV?$basic_ostream@_WU?$char_traits@_W@std@@@0@AAV10@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??$?8GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
??$?8GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z
??$?8GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NPBGABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
??$?8M@std@@YA_NABMABV?$complex@M@0@@Z
??$?8M@std@@YA_NABV?$complex@M@0@0@Z
??$?8M@std@@YA_NABV?$complex@M@0@ABM@Z
??$?8N@std@@YA_NABNABV?$complex@N@0@@Z
??$?8N@std@@YA_NABV?$complex@N@0@0@Z
??$?8N@std@@YA_NABV?$complex@N@0@ABN@Z
??$?8O@std@@YA_NABOABV?$complex@O@0@@Z
??$?8O@std@@YA_NABV?$complex@O@0@0@Z
??$?8O@std@@YA_NABV?$complex@O@0@ABO@Z
??$?8_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??$?8_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
??$?8_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NPB_WABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??$?9GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
??$?9GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z
??$?9GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NPBGABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
??$?9M@std@@YA_NABMABV?$complex@M@0@@Z
??$?9M@std@@YA_NABV?$complex@M@0@0@Z
??$?9M@std@@YA_NABV?$complex@M@0@ABM@Z
??$?9N@std@@YA_NABNABV?$complex@N@0@@Z
??$?9N@std@@YA_NABV?$complex@N@0@0@Z
??$?9N@std@@YA_NABV?$complex@N@0@ABN@Z
??$?9O@std@@YA_NABOABV?$complex@O@0@@Z
??$?9O@std@@YA_NABV?$complex@O@0@0@Z
??$?9O@std@@YA_NABV?$complex@O@0@ABO@Z
??$?9_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??$?9_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
??$?9_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NPB_WABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??$?DM@std@@YA?AV?$complex@M@0@ABMABV10@@Z
??$?DM@std@@YA?AV?$complex@M@0@ABV10@0@Z
??$?DM@std@@YA?AV?$complex@M@0@ABV10@ABM@Z
??$?DN@std@@YA?AV?$complex@N@0@ABNABV10@@Z
??$?DN@std@@YA?AV?$complex@N@0@ABV10@0@Z
??$?DN@std@@YA?AV?$complex@N@0@ABV10@ABN@Z
??$?DO@std@@YA?AV?$complex@O@0@ABOABV10@@Z
??$?DO@std@@YA?AV?$complex@O@0@ABV10@0@Z
??$?DO@std@@YA?AV?$complex@O@0@ABV10@ABO@Z
??$?GM@std@@YA?AV?$complex@M@0@ABMABV10@@Z
??$?GM@std@@YA?AV?$complex@M@0@ABV10@0@Z
??$?GM@std@@YA?AV?$complex@M@0@ABV10@@Z
??$?GM@std@@YA?AV?$complex@M@0@ABV10@ABM@Z
??$?GN@std@@YA?AV?$complex@N@0@ABNABV10@@Z
??$?GN@std@@YA?AV?$complex@N@0@ABV10@0@Z
??$?GN@std@@YA?AV?$complex@N@0@ABV10@@Z
??$?GN@std@@YA?AV?$complex@N@0@ABV10@ABN@Z
??$?GO@std@@YA?AV?$complex@O@0@ABOABV10@@Z
??$?GO@std@@YA?AV?$complex@O@0@ABV10@0@Z
??$?GO@std@@YA?AV?$complex@O@0@ABV10@@Z
??$?GO@std@@YA?AV?$complex@O@0@ABV10@ABO@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@0@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@D@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@DABV10@@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBDABV10@@Z
??$?HGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@ABV10@0@Z
??$?HGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@ABV10@G@Z
??$?HGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@ABV10@PBG@Z
??$?HGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@GABV10@@Z
??$?HGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBGABV10@@Z
??$?HM@std@@YA?AV?$complex@M@0@ABMABV10@@Z
??$?HM@std@@YA?AV?$complex@M@0@ABV10@0@Z
??$?HM@std@@YA?AV?$complex@M@0@ABV10@@Z
??$?HM@std@@YA?AV?$complex@M@0@ABV10@ABM@Z
??$?HN@std@@YA?AV?$complex@N@0@ABNABV10@@Z
??$?HN@std@@YA?AV?$complex@N@0@ABV10@0@Z
??$?HN@std@@YA?AV?$complex@N@0@ABV10@@Z
??$?HN@std@@YA?AV?$complex@N@0@ABV10@ABN@Z
??$?HO@std@@YA?AV?$complex@O@0@ABOABV10@@Z
??$?HO@std@@YA?AV?$complex@O@0@ABV10@0@Z
??$?HO@std@@YA?AV?$complex@O@0@ABV10@@Z
??$?HO@std@@YA?AV?$complex@O@0@ABV10@ABO@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@0@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@PB_W@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@_W@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_WABV10@@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@_WABV10@@Z
??$?KM@std@@YA?AV?$complex@M@0@ABMABV10@@Z
??$?KM@std@@YA?AV?$complex@M@0@ABV10@0@Z
??$?KM@std@@YA?AV?$complex@M@0@ABV10@ABM@Z
??$?KN@std@@YA?AV?$complex@N@0@ABNABV10@@Z
??$?KN@std@@YA?AV?$complex@N@0@ABV10@0@Z
??$?KN@std@@YA?AV?$complex@N@0@ABV10@ABN@Z
??$?KO@std@@YA?AV?$complex@O@0@ABOABV10@@Z
??$?KO@std@@YA?AV?$complex@O@0@ABV10@0@Z
??$?KO@std@@YA?AV?$complex@O@0@ABV10@ABO@Z
??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??$?MGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
??$?MGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z
??$?MGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NPBGABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
??$?M_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??$?M_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
??$?M_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NPB_WABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??$?NDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??$?NDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??$?NDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??$?NGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
??$?NGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z
??$?NGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NPBGABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
??$?N_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??$?N_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
??$?N_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NPB_WABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??$?ODU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??$?ODU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??$?ODU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??$?OGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
??$?OGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z
??$?OGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NPBGABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
??$?O_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??$?O_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
??$?O_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NPB_WABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??$?PDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??$?PDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??$?PDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??$?PGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
??$?PGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z
??$?PGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NPBGABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
??$?P_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??$?P_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
??$?P_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NPB_WABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??$_Fabs@M@std@@YAMABV?$complex@M@0@PAH@Z
??$_Fabs@N@std@@YANABV?$complex@N@0@PAH@Z
??$_Fabs@O@std@@YAOABV?$complex@O@0@PAH@Z
??$abs@M@std@@YAMABV?$complex@M@0@@Z
??$abs@N@std@@YANABV?$complex@N@0@@Z
??$abs@O@std@@YAOABV?$complex@O@0@@Z
??$arg@M@std@@YAMABV?$complex@M@0@@Z
??$arg@N@std@@YANABV?$complex@N@0@@Z
??$arg@O@std@@YAOABV?$complex@O@0@@Z
??$conj@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$conj@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$conj@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$cos@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$cos@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$cos@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$cosh@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$cosh@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$cosh@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$exp@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$exp@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$exp@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$getline@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??$getline@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@D@Z
??$getline@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@0@AAV10@AAV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
??$getline@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@0@AAV10@AAV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@G@Z
??$getline@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@YAAAV?$basic_istream@_WU?$char_traits@_W@std@@@0@AAV10@AAV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??$getline@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@YAAAV?$basic_istream@_WU?$char_traits@_W@std@@@0@AAV10@AAV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@_W@Z
??$imag@M@std@@YAMABV?$complex@M@0@@Z
??$imag@N@std@@YANABV?$complex@N@0@@Z
??$imag@O@std@@YAOABV?$complex@O@0@@Z
??$log10@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$log10@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$log10@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$log@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$log@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$log@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$norm@M@std@@YAMABV?$complex@M@0@@Z
??$norm@N@std@@YANABV?$complex@N@0@@Z
??$norm@O@std@@YAOABV?$complex@O@0@@Z
??$polar@M@std@@YA?AV?$complex@M@0@ABM0@Z
??$polar@M@std@@YA?AV?$complex@M@0@ABM@Z
??$polar@N@std@@YA?AV?$complex@N@0@ABN0@Z
??$polar@N@std@@YA?AV?$complex@N@0@ABN@Z
??$polar@O@std@@YA?AV?$complex@O@0@ABO0@Z
??$polar@O@std@@YA?AV?$complex@O@0@ABO@Z
??$pow@M@std@@YA?AV?$complex@M@0@ABMABV10@@Z
??$pow@M@std@@YA?AV?$complex@M@0@ABV10@0@Z
??$pow@M@std@@YA?AV?$complex@M@0@ABV10@ABM@Z
??$pow@M@std@@YA?AV?$complex@M@0@ABV10@H@Z
??$pow@N@std@@YA?AV?$complex@N@0@ABNABV10@@Z
??$pow@N@std@@YA?AV?$complex@N@0@ABV10@0@Z
??$pow@N@std@@YA?AV?$complex@N@0@ABV10@ABN@Z
??$pow@N@std@@YA?AV?$complex@N@0@ABV10@H@Z
??$pow@O@std@@YA?AV?$complex@O@0@ABOABV10@@Z
??$pow@O@std@@YA?AV?$complex@O@0@ABV10@0@Z
??$pow@O@std@@YA?AV?$complex@O@0@ABV10@ABO@Z
??$pow@O@std@@YA?AV?$complex@O@0@ABV10@H@Z
??$real@M@std@@YAMABV?$complex@M@0@@Z
??$real@N@std@@YANABV?$complex@N@0@@Z
??$real@O@std@@YAOABV?$complex@O@0@@Z
??$sin@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$sin@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$sin@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$sinh@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$sinh@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$sinh@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$sqrt@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$sqrt@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$sqrt@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$tan@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$tan@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$tan@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$tanh@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$tanh@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$tanh@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??0?$_Complex_base@MU_C_float_complex@@@std@@QAE@ABM0@Z
??0?$_Complex_base@NU_C_double_complex@@@std@@QAE@ABN0@Z
??0?$_Complex_base@OU_C_ldouble_complex@@@std@@QAE@ABO0@Z
??0?$_Mpunct@D@std@@QAE@ABV_Locinfo@1@I_N@Z
??0?$_Mpunct@D@std@@QAE@I_N@Z
??0?$_Mpunct@G@std@@QAE@ABV_Locinfo@1@I_N@Z
??0?$_Mpunct@G@std@@QAE@I_N@Z
??0?$_Mpunct@_W@std@@QAE@ABV_Locinfo@1@I_N@Z
??0?$_Mpunct@_W@std@@QAE@I_N@Z
??0?$_String_val@DV?$allocator@D@std@@@std@@IAE@V?$allocator@D@1@@Z
??0?$_String_val@DV?$allocator@D@std@@@std@@QAE@ABV01@@Z
??0?$_String_val@GV?$allocator@G@std@@@std@@IAE@V?$allocator@G@1@@Z
??0?$_String_val@GV?$allocator@G@std@@@std@@QAE@ABV01@@Z
??0?$_String_val@_WV?$allocator@_W@std@@@std@@IAE@V?$allocator@_W@1@@Z
??0?$_String_val@_WV?$allocator@_W@std@@@std@@QAE@ABV01@@Z
??0?$allocator@X@std@@QAE@ABV01@@Z
??0?$allocator@X@std@@QAE@XZ
??0?$basic_filebuf@DU?$char_traits@D@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_filebuf@DU?$char_traits@D@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_filebuf@GU?$char_traits@G@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_filebuf@GU?$char_traits@G@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_filebuf@_WU?$char_traits@_W@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_filebuf@_WU?$char_traits@_W@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_fstream@DU?$char_traits@D@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_fstream@DU?$char_traits@D@std@@@std@@QAE@PBDHH@Z
??0?$basic_fstream@DU?$char_traits@D@std@@@std@@QAE@XZ
??0?$basic_fstream@GU?$char_traits@G@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_fstream@GU?$char_traits@G@std@@@std@@QAE@PBDHH@Z
??0?$basic_fstream@GU?$char_traits@G@std@@@std@@QAE@XZ
??0?$basic_fstream@_WU?$char_traits@_W@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_fstream@_WU?$char_traits@_W@std@@@std@@QAE@PBDHH@Z
??0?$basic_fstream@_WU?$char_traits@_W@std@@@std@@QAE@XZ
??0?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAE@PBDHH@Z
??0?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAE@XZ
??0?$basic_ifstream@GU?$char_traits@G@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_ifstream@GU?$char_traits@G@std@@@std@@QAE@PBDHH@Z
??0?$basic_ifstream@GU?$char_traits@G@std@@@std@@QAE@XZ
??0?$basic_ifstream@_WU?$char_traits@_W@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_ifstream@_WU?$char_traits@_W@std@@@std@@QAE@PBDHH@Z
??0?$basic_ifstream@_WU?$char_traits@_W@std@@@std@@QAE@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??0?$basic_ios@GU?$char_traits@G@std@@@std@@IAE@XZ
??0?$basic_ios@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IAE@XZ
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??0?$basic_iostream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N1@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N1@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N1@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_istringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@H@Z
??0?$basic_istringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??0?$basic_istringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@1@H@Z
??0?$basic_istringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@H@Z
??0?$basic_istringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@1@H@Z
??0?$basic_istringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@H@Z
??0?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAE@PBDHH@Z
??0?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAE@XZ
??0?$basic_ofstream@GU?$char_traits@G@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_ofstream@GU?$char_traits@G@std@@@std@@QAE@PBDHH@Z
??0?$basic_ofstream@GU?$char_traits@G@std@@@std@@QAE@XZ
??0?$basic_ofstream@_WU?$char_traits@_W@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_ofstream@_WU?$char_traits@_W@std@@@std@@QAE@PBDHH@Z
??0?$basic_ofstream@_WU?$char_traits@_W@std@@@std@@QAE@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N@Z
??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@H@Z
??0?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??0?$basic_ostringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@1@H@Z
??0?$basic_ostringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@H@Z
??0?$basic_ostringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@1@H@Z
??0?$basic_ostringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@H@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@W4_Uninitialized@1@@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAE@W4_Uninitialized@1@@Z
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAE@XZ
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@W4_Uninitialized@1@@Z
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@II@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@IIABV?$allocator@D@1@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$allocator@D@1@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ID@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@IDABV?$allocator@D@1@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD0@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDABV?$allocator@D@1@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDI@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDIABV?$allocator@D@1@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@Vconst_iterator@01@0@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV01@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV01@II@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV01@IIABV?$allocator@G@1@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV?$allocator@G@1@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@IG@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@IGABV?$allocator@G@1@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBG0@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBG@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBGABV?$allocator@G@1@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBGI@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBGIABV?$allocator@G@1@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@Vconst_iterator@01@0@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@II@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@IIABV?$allocator@_W@1@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV?$allocator@_W@1@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@I_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@I_WABV?$allocator@_W@1@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W0@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_WABV?$allocator@_W@1@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_WI@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_WIABV?$allocator@_W@1@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@Vconst_iterator@01@0@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_stringbuf@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@H@Z
??0?$basic_stringbuf@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??0?$basic_stringbuf@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@1@H@Z
??0?$basic_stringbuf@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@H@Z
??0?$basic_stringbuf@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@1@H@Z
??0?$basic_stringbuf@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@H@Z
??0?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@H@Z
??0?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??0?$basic_stringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@1@H@Z
??0?$basic_stringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@H@Z
??0?$basic_stringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@1@H@Z
??0?$basic_stringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@H@Z
??0?$codecvt@DDH@std@@QAE@ABV_Locinfo@1@I@Z
??0?$codecvt@DDH@std@@QAE@I@Z
??0?$codecvt@GDH@std@@QAE@ABV_Locinfo@1@I@Z
??0?$codecvt@GDH@std@@QAE@I@Z
??0?$codecvt@_WDH@std@@QAE@ABV_Locinfo@1@I@Z
??0?$codecvt@_WDH@std@@QAE@I@Z
??0?$collate@D@std@@QAE@ABV_Locinfo@1@I@Z
??0?$collate@D@std@@QAE@I@Z
??0?$collate@G@std@@QAE@ABV_Locinfo@1@I@Z
??0?$collate@G@std@@QAE@I@Z
??0?$collate@_W@std@@QAE@ABV_Locinfo@1@I@Z
??0?$collate@_W@std@@QAE@I@Z
??0?$complex@M@std@@QAE@ABM0@Z
??0?$complex@M@std@@QAE@ABU_C_float_complex@@@Z
??0?$complex@M@std@@QAE@ABV?$complex@N@1@@Z
??0?$complex@M@std@@QAE@ABV?$complex@O@1@@Z
??0?$complex@N@std@@QAE@ABN0@Z
??0?$complex@N@std@@QAE@ABU_C_double_complex@@@Z
??0?$complex@N@std@@QAE@ABV?$complex@M@1@@Z
??0?$complex@N@std@@QAE@ABV?$complex@O@1@@Z
??0?$complex@O@std@@QAE@ABO0@Z
??0?$complex@O@std@@QAE@ABU_C_ldouble_complex@@@Z
??0?$complex@O@std@@QAE@ABV?$complex@M@1@@Z
??0?$complex@O@std@@QAE@ABV?$complex@N@1@@Z
??0?$ctype@D@std@@QAE@ABV_Locinfo@1@I@Z
??0?$ctype@D@std@@QAE@PBF_NI@Z
??0?$ctype@G@std@@QAE@ABV_Locinfo@1@I@Z
??0?$ctype@G@std@@QAE@I@Z
??0?$ctype@_W@std@@QAE@ABV_Locinfo@1@I@Z
??0?$ctype@_W@std@@QAE@I@Z
??0?$messages@D@std@@QAE@ABV_Locinfo@1@I@Z
??0?$messages@D@std@@QAE@I@Z
??0?$messages@G@std@@QAE@ABV_Locinfo@1@I@Z
??0?$messages@G@std@@QAE@I@Z
??0?$messages@_W@std@@QAE@ABV_Locinfo@1@I@Z
??0?$messages@_W@std@@QAE@I@Z
??0?$money_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$money_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$money_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$money_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$money_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$money_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z
??0?$money_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$money_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$money_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$money_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$money_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$money_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z
??0?$moneypunct@D$00@std@@QAE@ABV_Locinfo@1@I@Z
??0?$moneypunct@D$00@std@@QAE@I@Z
??0?$moneypunct@D$0A@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$moneypunct@D$0A@@std@@QAE@I@Z
??0?$moneypunct@G$00@std@@QAE@ABV_Locinfo@1@I@Z
??0?$moneypunct@G$00@std@@QAE@I@Z
??0?$moneypunct@G$0A@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$moneypunct@G$0A@@std@@QAE@I@Z
??0?$moneypunct@_W$00@std@@QAE@ABV_Locinfo@1@I@Z
??0?$moneypunct@_W$00@std@@QAE@I@Z
??0?$moneypunct@_W$0A@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$moneypunct@_W$0A@@std@@QAE@I@Z
??0?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z
??0?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z
??0?$numpunct@D@std@@QAE@ABV_Locinfo@1@I@Z
??0?$numpunct@D@std@@QAE@I@Z
??0?$numpunct@G@std@@QAE@ABV_Locinfo@1@I@Z
??0?$numpunct@G@std@@QAE@I@Z
??0?$numpunct@_W@std@@QAE@ABV_Locinfo@1@I@Z
??0?$numpunct@_W@std@@QAE@I@Z
??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z
??0?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z
??0Init@ios_base@std@@QAE@XZ
??0_Locimp@locale@std@@AAE@ABV012@@Z
??0_Locinfo@std@@QAE@HPBD@Z
??0_Locinfo@std@@QAE@PBD@Z
??0_Lockit@std@@QAE@H@Z
??0_Lockit@std@@QAE@XZ
??0_Mutex@std@@QAE@XZ
??0_Timevec@std@@QAE@ABV01@@Z
??0_Timevec@std@@QAE@PAX@Z
??0_UShinit@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??0codecvt_base@std@@QAE@I@Z
??0ctype_base@std@@QAE@I@Z
??0facet@locale@std@@IAE@I@Z
??0id@locale@std@@QAE@I@Z
??0ios_base@std@@IAE@XZ
??0ios_base@std@@QAE@ABV01@@Z
??0locale@std@@AAE@PAV_Locimp@01@@Z
??0locale@std@@QAE@ABV01@0H@Z
??0locale@std@@QAE@ABV01@@Z
??0locale@std@@QAE@ABV01@PBDH@Z
??0locale@std@@QAE@PBDH@Z

Sections

.text
Size: 192KB - Virtual size: 189KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 268KB - Virtual size: 266KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
msvcr71.dll
.dll windows:4 windows x86 arch:x86

7acc8c379c768a1ecd81ec502ff5f33e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleFileNameA
GetModuleFileNameW
ExitProcess
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
GetCurrentThreadId
GetCommandLineA
GetVersionExA
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
ExitThread
CloseHandle
GetLastError
ResumeThread
CreateThread
TlsAlloc
SetLastError
GetCurrentThread
TlsFree
TlsSetValue
TlsGetValue
FindNextFileA
FindFirstFileA
FindClose
FindNextFileW
FindFirstFileW
HeapAlloc
HeapFree
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
SetHandleCount
GetFileType
GetStartupInfoA
GetACP
GetOEMCP
GetCPInfo
LoadLibraryA
MultiByteToWideChar
GetCommandLineW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
InitializeCriticalSection
RtlUnwind
UnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetConsoleCtrlHandler
InterlockedExchange
VirtualQuery
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
SetEnvironmentVariableA
SetEnvironmentVariableW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetLocaleInfoW
GetTimeFormatA
GetDateFormatA
GetTimeZoneInformation
HeapSize
VirtualProtect
GetSystemInfo
FlushFileBuffers
SetFilePointer
SetStdHandle
CompareStringA
CompareStringW
Sleep
Beep
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDiskFreeSpaceA
GetLogicalDrives
SetErrorMode
GetFileAttributesA
GetCurrentDirectoryA
SetCurrentDirectoryA
SetFileAttributesA
GetFullPathNameA
GetDriveTypeA
CreateDirectoryA
RemoveDirectoryA
DeleteFileA
GetFileAttributesW
GetCurrentDirectoryW
SetCurrentDirectoryW
SetFileAttributesW
GetFullPathNameW
CreateDirectoryW
DeleteFileW
MoveFileW
RemoveDirectoryW
GetDriveTypeW
MoveFileA
RaiseException
IsBadReadPtr
SetUnhandledExceptionFilter
IsBadCodePtr
GetExitCodeProcess
WaitForSingleObject
FreeLibrary
CreateProcessA
CreateProcessW
HeapValidate
HeapCompact
HeapWalk
ReadConsoleA
SetConsoleMode
GetConsoleMode
IsDBCSLeadByteEx
GetConsoleCP
ReadConsoleW
SetEndOfFile
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
DuplicateHandle
GetFileInformationByHandle
PeekNamedPipe
ReadConsoleInputA
PeekConsoleInputA
GetNumberOfConsoleInputEvents
ReadConsoleInputW
LockFile
UnlockFile
CreateFileA
CreatePipe
ReadFile
CreateFileW
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
GetLocalTime
SetLocalTime

Exports

Exports

$I10_OUTPUT
??0__non_rtti_object@@QAE@ABV0@@Z
??0__non_rtti_object@@QAE@PBD@Z
??0bad_cast@@AAE@PBQBD@Z
??0bad_cast@@QAE@ABQBD@Z
??0bad_cast@@QAE@ABV0@@Z
??0bad_cast@@QAE@PBD@Z
??0bad_typeid@@QAE@ABV0@@Z
??0bad_typeid@@QAE@PBD@Z
??0exception@@QAE@ABQBD@Z
??0exception@@QAE@ABV0@@Z
??0exception@@QAE@XZ
??1__non_rtti_object@@UAE@XZ
??1bad_cast@@UAE@XZ
??1bad_typeid@@UAE@XZ
??1exception@@UAE@XZ
??1type_info@@UAE@XZ
??2@YAPAXI@Z
??3@YAXPAX@Z
??4__non_rtti_object@@QAEAAV0@ABV0@@Z
??4bad_cast@@QAEAAV0@ABV0@@Z
??4bad_typeid@@QAEAAV0@ABV0@@Z
??4exception@@QAEAAV0@ABV0@@Z
??8type_info@@QBEHABV0@@Z
??9type_info@@QBEHABV0@@Z
??_7__non_rtti_object@@6B@
??_7bad_cast@@6B@
??_7bad_typeid@@6B@
??_7exception@@6B@
??_Fbad_cast@@QAEXXZ
??_Fbad_typeid@@QAEXXZ
??_U@YAPAXI@Z
??_V@YAXPAX@Z
?_query_new_handler@@YAP6AHI@ZXZ
?_query_new_mode@@YAHXZ
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
?_set_new_mode@@YAHH@Z
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
?before@type_info@@QBEHABV1@@Z
?name@type_info@@QBEPBDXZ
?raw_name@type_info@@QBEPBDXZ
?set_new_handler@@YAP6AXXZP6AXXZ@Z
?set_terminate@@YAP6AXXZP6AXXZ@Z
?set_unexpected@@YAP6AXXZP6AXXZ@Z
?swprintf@@YAHPAGIPBGZZ
?swprintf@@YAHPA_WIPB_WZZ
?terminate@@YAXXZ
?unexpected@@YAXXZ
?vswprintf@@YAHPAGIPBGPAD@Z
?vswprintf@@YAHPA_WIPB_WPAD@Z
?what@exception@@UBEPBDXZ
_CIacos
_CIasin
_CIatan
_CIatan2
_CIcos
_CIcosh
_CIexp
_CIfmod
_CIlog
_CIlog10
_CIpow
_CIsin
_CIsinh
_CIsqrt
_CItan
_CItanh
_CRT_RTC_INIT
_CxxThrowException
_EH_prolog
_Getdays
_Getmonths
_Gettnames
_HUGE
_Strftime
_XcptFilter
__CppXcptFilter
__CxxCallUnwindDtor
__CxxCallUnwindVecDtor
__CxxDetectRethrow
__CxxExceptionFilter
__CxxFrameHandler
__CxxLongjmpUnwind
__CxxQueryExceptionSize
__CxxRegisterExceptionObject
__CxxUnregisterExceptionObject
__DestructExceptionObject
__RTCastToVoid
__RTDynamicCast
__RTtypeid
__STRINGTOLD
___lc_codepage_func
___lc_collate_cp_func
___lc_handle_func
___mb_cur_max_func
___setlc_active_func
___unguarded_readlc_active_add_func
__argc
__argv
__badioinfo
__buffer_overrun
__crtCompareStringA
__crtCompareStringW
__crtGetLocaleInfoW
__crtGetStringTypeW
__crtLCMapStringA
__crtLCMapStringW
__dllonexit
__doserrno
__fpecode
__getmainargs
__initenv
__iob_func
__isascii
__iscsym
__iscsymf
__lc_clike
__lc_codepage
__lc_collate_cp
__lc_handle
__lconv_init
__mb_cur_max
__p___argc
__p___argv
__p___initenv
__p___mb_cur_max
__p___wargv
__p___winitenv
__p__acmdln
__p__amblksiz
__p__commode
__p__daylight
__p__dstbias
__p__environ
__p__fileinfo
__p__fmode
__p__iob
__p__mbcasemap
__p__mbctype
__p__osver
__p__pctype
__p__pgmptr
__p__pwctype
__p__timezone
__p__tzname
__p__wcmdln
__p__wenviron
__p__winmajor
__p__winminor
__p__winver
__p__wpgmptr
__pctype_func
__pioinfo
__pwctype_func
__pxcptinfoptrs
__security_error_handler
__set_app_type
__set_buffer_overrun_handler
__setlc_active
__setusermatherr
__threadhandle
__threadid
__toascii
__unDName
__unDNameEx
__uncaught_exception
__unguarded_readlc_active
__wargv
__wcserror
__wgetmainargs
__winitenv
_abnormal_termination
_access
_acmdln
_adj_fdiv_m16i
_adj_fdiv_m32
_adj_fdiv_m32i
_adj_fdiv_m64
_adj_fdiv_r
_adj_fdivr_m16i
_adj_fdivr_m32
_adj_fdivr_m32i
_adj_fdivr_m64
_adj_fpatan
_adj_fprem
_adj_fprem1
_adj_fptan
_adjust_fdiv
_aexit_rtn
_aligned_free
_aligned_malloc
_aligned_offset_malloc
_aligned_offset_realloc
_aligned_realloc
_amsg_exit
_assert
_atodbl
_atoi64
_atoldbl
_beep
_beginthread
_beginthreadex
_c_exit
_cabs
_callnewh
_cexit
_cgets
_cgetws
_chdir
_chdrive
_chgsign
_chkesp
_chmod
_chsize
_clearfp
_close
_commit
_commode
_control87
_controlfp
_copysign
_cprintf
_cputs
_cputws
_creat
_cscanf
_ctime64
_cwait
_cwprintf
_cwscanf
_daylight
_dstbias
_dup
_dup2
_ecvt
_endthread
_endthreadex
_environ
_eof
_errno
_except_handler2
_except_handler3
_execl
_execle
_execlp
_execlpe
_execv
_execve
_execvp
_execvpe
_exit
_expand
_fcloseall
_fcvt
_fdopen
_fgetchar
_fgetwchar
_filbuf
_fileinfo
_filelength
_filelengthi64
_fileno
_findclose
_findfirst
_findfirst64
_findfirsti64
_findnext
_findnext64
_findnexti64
_finite
_flsbuf
_flushall
_fmode
_fpclass
_fpieee_flt
_fpreset
_fputchar
_fputwchar
_fsopen
_fstat
_fstat64
_fstati64
_ftime
_ftime64
_ftol
_fullpath
_futime
_futime64
_gcvt
_get_heap_handle
_get_osfhandle
_get_sbh_threshold
_getch
_getche
_getcwd
_getdcwd
_getdiskfree
_getdllprocaddr
_getdrive
_getdrives
_getmaxstdio
_getmbcp
_getpid
_getsystime
_getw
_getwch
_getwche
_getws
_global_unwind2
_gmtime64
_heapadd
_heapchk
_heapmin
_heapset
_heapused
_heapwalk
_hypot
_i64toa
_i64tow
_initterm
_inp
_inpd
_inpw
_iob
_isatty
_isctype
_ismbbalnum
_ismbbalpha
_ismbbgraph
_ismbbkalnum
_ismbbkana
_ismbbkprint
_ismbbkpunct
_ismbblead
_ismbbprint
_ismbbpunct
_ismbbtrail
_ismbcalnum
_ismbcalpha
_ismbcdigit
_ismbcgraph
_ismbchira
_ismbckata
_ismbcl0
_ismbcl1
_ismbcl2
_ismbclegal
_ismbclower
_ismbcprint
_ismbcpunct
_ismbcspace
_ismbcsymbol
_ismbcupper
_ismbslead
_ismbstrail
_isnan
_itoa
_itow
_j0
_j1
_jn
_kbhit
_lfind
_loaddll
_local_unwind2
_localtime64
_lock
_locking
_logb
_longjmpex
_lrotl
_lrotr
_lsearch
_lseek
_lseeki64
_ltoa
_ltow
_makepath
_mbbtombc
_mbbtype
_mbcasemap
_mbccpy
_mbcjistojms
_mbcjmstojis
_mbclen
_mbctohira
_mbctokata
_mbctolower
_mbctombb
_mbctoupper
_mbctype
_mbsbtype
_mbscat
_mbschr
_mbscmp
_mbscoll
_mbscpy
_mbscspn
_mbsdec
_mbsdup
_mbsicmp
_mbsicoll
_mbsinc
_mbslen
_mbslwr
_mbsnbcat
_mbsnbcmp
_mbsnbcnt
_mbsnbcoll
_mbsnbcpy
_mbsnbicmp
_mbsnbicoll
_mbsnbset
_mbsncat
_mbsnccnt
_mbsncmp
_mbsncoll
_mbsncpy
_mbsnextc
_mbsnicmp
_mbsnicoll
_mbsninc
_mbsnset
_mbspbrk
_mbsrchr
_mbsrev
_mbsset
_mbsspn
_mbsspnp
_mbsstr
_mbstok
_mbstrlen
_mbsupr
_memccpy
_memicmp
_mkdir
_mktemp
_mktime64
_msize
_nextafter
_onexit
_open
_open_osfhandle
_osplatform
_osver
_outp
_outpd
_outpw
_pclose
_pctype
_pgmptr
_pipe
_popen
_purecall
_putch
_putenv
_putw
_putwch
_putws
_pwctype
_read
_resetstkoflw
_rmdir
_rmtmp
_rotl
_rotr
_safe_fdiv
_safe_fdivr
_safe_fprem
_safe_fprem1
_scalb
_scprintf
_scwprintf
_searchenv
_seh_longjmp_unwind
_set_SSE2_enable
_set_error_mode
_set_purecall_handler
_set_sbh_threshold
_set_security_error_handler
_seterrormode
_setjmp
_setjmp3
_setmaxstdio
_setmbcp
_setmode
_setsystime
_sleep
_snprintf
_snscanf
_snwprintf
_snwscanf
_sopen
_spawnl
_spawnle
_spawnlp
_spawnlpe
_spawnv
_spawnve
_spawnvp

Sections

.text
Size: 228KB - Virtual size: 227KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 952B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
netdiag.dll
.dll windows:4 windows x86 arch:x86

e877f29948d05269561749d9d6f0bbf8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

fltk

?layout@Widget@fltk@@UAEXXZ
?draw@Button@fltk@@UAEXXZ
?handle@Button@fltk@@UAEHH@Z
?lock@fltk@@YAXXZ
?copy_label@Widget@fltk@@QAEXPBD@Z
?redraw_label@Widget@fltk@@QAEXXZ
?unlock@fltk@@YAXXZ
?awake@fltk@@YAXPAX@Z
?activate@Widget@fltk@@QAEXXZ
?translate_text@fltk@@YAPBDII@Z
?QMessageBox@fltk@@YAHPBD0II@Z
?hide@Widget@fltk@@QAEXXZ
?e_keysym@fltk@@3IA
?release_impl@CaptionWindow@fltk@@SAXPAVCaptionWinImpl@2@@Z
??1CaptionWindow@fltk@@UAE@XZ
??0CaptionWindow@fltk@@QAE@HHHHPBDPAVNonClientFactory@1@@Z
?create_impl@CaptionWindow@fltk@@SAXPAV12@H@Z
?draw@Group@fltk@@UAEXXZ
?draw@Widget@fltk@@UAEXXZ
?exec@Window@fltk@@QAE_NPBV12@_N@Z
?position@Widget@fltk@@QAE_NHH@Z
?all@Monitor@fltk@@SAABV12@XZ
?deactivate@Widget@fltk@@QAEXXZ
??0Button@fltk@@QAE@HHHHPBD@Z
?NO_BOX@fltk@@3QAVSymbol@1@A
??0Widget@fltk@@QAE@HHHHPBD@Z
?box@Widget@fltk@@QAEXPAVSymbol@2@@Z
?BORDER_BOX@fltk@@3QAVSymbol@1@A
??0Group@fltk@@QAE@HHHHPBD_N@Z
?current_@Group@fltk@@0PAV12@A
??1Group@fltk@@UAE@XZ
??1Widget@fltk@@UAE@XZ
??1Button@fltk@@UAE@XZ
?handle@AnimationWidget@fltk@@UAEHH@Z
?draw@AnimationWidget@fltk@@UAEXXZ
?handle@ImageWidget@fltk@@UAEHH@Z
?draw@ImageWidget@fltk@@UAEXXZ
?setImage@AnimationWidget@fltk@@QAEXPBD@Z
??0AnimationWidget@fltk@@QAE@HHHH@Z
?setImageName@ImageWidget@fltk@@QAEXPBD@Z
??0ImageWidget@fltk@@QAE@HHHH@Z
??1ImageWidget@fltk@@UAE@XZ
??1AnimationWidget@fltk@@UAE@XZ
?show@Widget@fltk@@QAEXXZ
?handle@Group@fltk@@UAEHH@Z
?layout@Group@fltk@@UAEXXZ
?handle@Widget@fltk@@UAEHH@Z
?asynCall@Widget@fltk@@UAEXHHH@Z

iphlpapi

GetAdaptersInfo
GetPerAdapterInfo

ws2_32

WSAGetLastError
ntohs
recvfrom
__WSAFDIsSet
select
sendto
inet_addr
htons
ioctlsocket
socket
recv
send
connect
gethostbyname
WSAStartup
WSACleanup
closesocket

kernel32

GetSystemTimeAsFileTime
QueryPerformanceCounter
ExitProcess
GetCurrentProcess
GetCurrentThread
DuplicateHandle
GetCurrentThreadId
TlsSetValue
SetThreadPriority
TlsGetValue
CloseHandle
CreateSemaphoreA
GetLastError
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetTickCount
GetCurrentProcessId
Sleep
ResumeThread
TlsAlloc

msvcp71

??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBG@Z
??1?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??$?9GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
??4?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@PBG@Z
??4?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@ABV01@@Z
?_Nomemory@std@@YAXXZ
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV01@@Z

msvcr71

??0exception@@QAE@XZ
__CxxFrameHandler
??3@YAXPAX@Z
??0exception@@QAE@ABV0@@Z
_CxxThrowException
memmove
_purecall
sprintf
free
malloc
??_V@YAXPAX@Z
wcstombs
setlocale
mbstowcs
__CppXcptFilter
_adjust_fdiv
?terminate@@YAXXZ
_initterm
_onexit
__dllonexit
_except_handler3
__security_error_handler
??1type_info@@UAE@XZ
_callnewh
_beginthreadex
_endthreadex
??1exception@@UAE@XZ

Exports

Exports

?AutoNetDiag@@YA_NPBD@Z
?CheckNetworkConnexity@@YA_NXZ
?DetectServer@@YAHPBDG@Z
?DiagnoseDBProxy@@YA_NPBD@Z
?DiagnoseDns@@YA_NXZ
?DiagnoseGateway@@YA_NXZ
?DiagnoseHostFile@@YA_NXZ
?DiagnoseLocalIp@@YA_NXZ
?DiagnoseTcpIp@@YA_NXZ
?GetDiagnosisError@@YAPBDXZ
?NetDiag@@YAXPBD00G@Z

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 948B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ntio518vista.sys
.sys windows:4 windows x86 arch:x86

7a7c3a6f5f2e5862746cda8c4d16e71f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

memset
ExAllocatePoolWithTag
ExFreePoolWithTag
IoCreateSymbolicLink
IoCreateDevice
RtlInitUnicodeString
IoDeleteSymbolicLink
IoDeleteDevice
IoDetachDevice
IofCompleteRequest
swprintf
ExAllocatePool
KeWaitForSingleObject
IofCallDriver
memcpy
KeInitializeEvent
memmove
RtlCompareMemory
KeSetEvent
ObfDereferenceObject
IoAttachDeviceToDeviceStackSafe
IoGetRelatedDeviceObject
ZwClose
ObReferenceObjectByHandle
ZwCreateFile
RtlCopyUnicodeString
ObQueryNameString
KeGetCurrentThread
IoAllocateIrp
IoFreeIrp

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 231B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 568B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 1024B - Virtual size: 758B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 406B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ntio518xp.sys
.sys windows:4 windows x86 arch:x86

ede04dc229ff473864f2b89e488e4b7b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

memset
ExAllocatePoolWithTag
ExFreePoolWithTag
IoCreateSymbolicLink
IoCreateDevice
RtlInitUnicodeString
IoDeleteSymbolicLink
IoDeleteDevice
IoDetachDevice
IofCompleteRequest
swprintf
KeWaitForSingleObject
IofCallDriver
memcpy
KeInitializeEvent
memmove
RtlCompareMemory
KeSetEvent
ObfDereferenceObject
IoAttachDeviceToDeviceStack
IoGetRelatedDeviceObject
ZwClose
ObReferenceObjectByHandle
ZwCreateFile
RtlCopyUnicodeString
ObQueryNameString
KeGetCurrentThread
IoAllocateIrp
IoFreeIrp

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 225B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 504B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 1024B - Virtual size: 732B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 394B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
plugin/agent/agent.dll
.dll windows:4 windows x86 arch:x86

c9c2677287687c8b4ed7a2b2d5fae8ef

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

fltk

?layout@Group@fltk@@UAEXXZ
?handle@Group@fltk@@UAEHH@Z
?draw@Group@fltk@@UAEXXZ
??1WaitAddonGroup@fltk@@UAE@XZ
?translate_text@fltk@@YAPBDII@Z
?get@MainThreadCall@fltk@@SAAAV12@XZ
?addCall@MainThreadCall@fltk@@QAEXP6AXHHH@ZHHH@Z
??0WaitAddonGroup@fltk@@QAE@HHHHII@Z
?set_text@WaitAddonGroup@fltk@@QAEXPBD00@Z

kernel32

InterlockedIncrement
InterlockedDecrement
GetProcessHeap
HeapFree
DeleteCriticalSection
CloseHandle
TerminateThread
WaitForSingleObject
SetEvent
LeaveCriticalSection
EnterCriticalSection
HeapAlloc
CreateThread
CreateEventW
InitializeCriticalSection
GetProcAddress
GetSystemTimeAsFileTime
LoadLibraryA
FreeLibrary
GetLastError
GetCurrentProcess
WideCharToMultiByte
Module32FirstW
CreateToolhelp32Snapshot
Sleep
CreateSemaphoreA
TlsGetValue
SetThreadPriority
TlsSetValue
GetCurrentThreadId
DuplicateHandle
GetCurrentThread
TlsAlloc
ResumeThread
MultiByteToWideChar
GetCurrentProcessId
GetTickCount
GetModuleHandleW
ExitProcess
QueryPerformanceCounter

advapi32

LookupPrivilegeValueW
AdjustTokenPrivileges
OpenProcessToken

ole32

CoCreateInstance
CoInitialize
CoUninitialize
CoSetProxyBlanket

oleaut32

VariantTimeToSystemTime
SysFreeString
SysAllocString

msvcp71

??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??1?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
?append@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@IG@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
?_Tidy@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@IAEX_NI@Z
??0?$_String_val@GV?$allocator@G@std@@@std@@IAE@V?$allocator@G@1@@Z
?reserve@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEXI@Z
?begin@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AVconst_iterator@12@XZ
?end@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AVconst_iterator@12@XZ
?_Nomemory@std@@YAXXZ

msvcr71

malloc
strtol
isspace
_strtoi64
_errno
_callnewh
??1type_info@@UAE@XZ
__security_error_handler
_except_handler3
_initterm
_adjust_fdiv
__CppXcptFilter
__dllonexit
_onexit
?terminate@@YAXXZ
free
wcslen
_beginthreadex
_endthreadex
_wtol
_wtoi
_wtoi64
sprintf
??_V@YAXPAX@Z
??0exception@@QAE@XZ
??1exception@@UAE@XZ
??3@YAXPAX@Z
_purecall
_CxxThrowException
__CxxFrameHandler
??0exception@@QAE@ABV0@@Z

Exports

Exports

DllGetClassFactory

Sections

.text
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
plugin/fileserver/antivirus/kingsoft/Signs.ini
plugin/fileserver/antivirus/kingsoft/filelist.ini
plugin/fileserver/antivirus/kingsoft/kaearcha.dat
.dll windows:4 windows x86 arch:x86

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

cf:fe:97:77:b5:33:5c:fc:b6:0e:7b:37:ec:9f:6b
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

03/07/2008, 00:00

Not After

03/07/2009, 23:59

Subject

CN=Zhuhai Kingsoft Software Co.\,Ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Kingsoft Research,O=Zhuhai Kingsoft Software Co.\,Ltd,L=ZHUHAI,ST=GUANGDONG,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

01:c9:c0:c4:62:ba:f5:37:7a:7f:7c:3c:d6:8b:8a:46:6b:38:be:96
Signer

Actual PE Digest

01:c9:c0:c4:62:ba:f5:37:7a:7f:7c:3c:d6:8b:8a:46:6b:38:be:96

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

KSCOMComponentReg
KSCOMComponentUnReg
KSSetCOMOperatorFunction

Sections

.text
Size: 532KB - Virtual size: 528KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 4KB - Virtual size: 275B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
plugin/fileserver/antivirus/kingsoft/kaeboot.dat
.dll windows:4 windows x86 arch:x86

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

cf:fe:97:77:b5:33:5c:fc:b6:0e:7b:37:ec:9f:6b
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

03/07/2008, 00:00

Not After

03/07/2009, 23:59

Subject

CN=Zhuhai Kingsoft Software Co.\,Ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Kingsoft Research,O=Zhuhai Kingsoft Software Co.\,Ltd,L=ZHUHAI,ST=GUANGDONG,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

22:a3:6b:6e:01:ef:d8:2c:19:75:c5:97:d1:64:ae:a7:51:3f:5b:fb
Signer

Actual PE Digest

22:a3:6b:6e:01:ef:d8:2c:19:75:c5:97:d1:64:ae:a7:51:3f:5b:fb

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

KSCOMComponentInit
KSCOMComponentReg
KSCOMComponentUnInit
KSCOMComponentUnReg
KSCOMGetClassObject
KSSetCOMOperatorFunction

Sections

.text
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 612B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1004B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
plugin/fileserver/antivirus/kingsoft/kaecore.dat
.dll windows:4 windows x86 arch:x86

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

cf:fe:97:77:b5:33:5c:fc:b6:0e:7b:37:ec:9f:6b
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

03/07/2008, 00:00

Not After

03/07/2009, 23:59

Subject

CN=Zhuhai Kingsoft Software Co.\,Ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Kingsoft Research,O=Zhuhai Kingsoft Software Co.\,Ltd,L=ZHUHAI,ST=GUANGDONG,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

c2:4c:39:cc:15:ab:13:c0:cc:42:67:a6:64:9f:99:c6:44:e8:fc:64
Signer

Actual PE Digest

c2:4c:39:cc:15:ab:13:c0:cc:42:67:a6:64:9f:99:c6:44:e8:fc:64

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

KSCOMComponentInit
KSCOMComponentReg
KSCOMComponentUnInit
KSCOMComponentUnReg
KSCOMGetClassObject
KSSetCOMOperatorFunction

Sections

.text
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
plugin/fileserver/antivirus/kingsoft/kaecorea.dat
.dll windows:4 windows x86 arch:x86

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

cf:fe:97:77:b5:33:5c:fc:b6:0e:7b:37:ec:9f:6b
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

03/07/2008, 00:00

Not After

03/07/2009, 23:59

Subject

CN=Zhuhai Kingsoft Software Co.\,Ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Kingsoft Research,O=Zhuhai Kingsoft Software Co.\,Ltd,L=ZHUHAI,ST=GUANGDONG,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3e:dd:ba:5b:f8:f7:95:38:4a:1a:3c:f9:15:cd:e4:c9:0b:22:00:bc
Signer

Actual PE Digest

3e:dd:ba:5b:f8:f7:95:38:4a:1a:3c:f9:15:cd:e4:c9:0b:22:00:bc

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

KSCOMComponentReg
KSCOMComponentUnReg
KSSetCOMOperatorFunction

Sections

.text
Size: 284KB - Virtual size: 281KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
plugin/fileserver/antivirus/kingsoft/kaemaldt.dll
.dll windows:4 windows x86 arch:x86

106b16af79fcef19495af713f6b61f11

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wininet

InternetCloseHandle
HttpOpenRequestA
InternetReadFile
InternetOpenA
HttpSendRequestA
InternetConnectA

kernel32

SetEndOfFile
GetCurrentProcess
GetFullPathNameA
HeapFree
HeapAlloc
VirtualAlloc
HeapReAlloc
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
GetProcessHeap
RtlUnwind
RaiseException
HeapSize
HeapDestroy
HeapCreate
VirtualFree
GetStdHandle
GetACP
LCMapStringA
LCMapStringW
Sleep
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
SetStdHandle
GetStringTypeA
GetStringTypeW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
FlushFileBuffers
WriteFile
GetCurrentDirectoryA
GetOEMCP
GetCPInfo
GetLocaleInfoA
GlobalFlags
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcmpW
GetCurrentProcessId
GetThreadLocale
lstrcmpA
GlobalGetAtomNameA
SetErrorMode
GetCurrentThreadId
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
FreeLibrary
GetModuleFileNameW
FileTimeToLocalFileTime
FindNextFileA
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
LocalFree
GetVersionExA
FormatMessageA
GetComputerNameA
LoadLibraryA
GetProcAddress
SetLastError
lstrcpynA
GetPrivateProfileStringA
SearchPathA
GetLogicalDriveStringsA
GetSystemDirectoryA
ReadFile
GetDriveTypeA
GetWindowsDirectoryA
SetFilePointer
InterlockedDecrement
InterlockedIncrement
lstrcpyA
GetVersion
CloseHandle
CompareStringA
GetModuleHandleA
GetModuleFileNameA
LockResource
FindClose
lstrcmpiA
GetLastError
FindFirstFileA
InterlockedExchange
MultiByteToWideChar
CompareStringW
FileTimeToSystemTime
SizeofResource
WideCharToMultiByte
LoadResource
lstrlenA
FindResourceA
GetFileSize
CreateFileA
ExitProcess

user32

PostQuitMessage
DestroyMenu
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
ClientToScreen
SetWindowTextA
RegisterWindowMessageA
LoadIconA
WinHelpA
GetCapture
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
IsWindow
GetForegroundWindow
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetForegroundWindow
GetClientRect
GetMenu
PostMessageA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
CopyRect
PtInRect
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetWindow
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
GetFocus
ModifyMenuA
EnableMenuItem
CheckMenuItem
LoadCursorA
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
GetWindowThreadProcessId
GetParent
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
EnableWindow
MessageBoxA
GetWindowTextA
UnregisterClassA
SetWindowsHookExA
CallNextHookEx
DispatchMessageA
GetKeyState
PeekMessageA
ValidateRect
UnhookWindowsHookEx
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
CharNextA
SendMessageA
GetSystemMetrics
wsprintfA
CharLowerA
SetWindowLongA

gdi32

GetStockObject
PtVisible
DeleteDC
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
GetDeviceCaps
SetMapMode
RestoreDC
SaveDC
DeleteObject
RectVisible

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

ControlService
QueryServiceConfigA
OpenSCManagerA
QueryServiceStatus
ChangeServiceConfigA
StartServiceA
CreateServiceA
DeleteService
CloseServiceHandle
OpenServiceA
GetUserNameA
IsValidSid
LookupAccountNameA
RegQueryInfoKeyA
RegEnumKeyExA
RegCloseKey
RegEnumValueA
RegOpenKeyExA
RegQueryValueExA

shlwapi

PathFindFileNameA
PathFindExtensionA

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

oleaut32

VariantChangeType
VariantClear
VariantInit

Exports

Exports

DllCanUnloadNow
DllGetClassObject

Sections

.text
Size: 164KB - Virtual size: 161KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 896B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
plugin/fileserver/antivirus/kingsoft/kaememex.dll
.dll windows:4 windows x86 arch:x86

9a9bbbf7e71f70befc7a91f619d84461

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateFileA
GetFileSize
SetFilePointer
ReadFile
CloseHandle
InterlockedIncrement
InterlockedDecrement
DisableThreadLibraryCalls
WideCharToMultiByte
MultiByteToWideChar
GetLastError
HeapFree
HeapAlloc
GetCurrentThreadId
GetCommandLineA
GetVersionExA
GetProcessHeap
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
WriteFile
GetStdHandle
GetModuleFileNameA
GetProcAddress
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
HeapDestroy
HeapCreate
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
ExitProcess
Sleep
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapSize
LoadLibraryA
GetCPInfo
GetACP
GetOEMCP
GetLocaleInfoA
InitializeCriticalSection
RtlUnwind
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW

Exports

Exports

DllCanUnloadNow
DllGetClassObject

Sections

.text
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 872B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
plugin/fileserver/antivirus/kingsoft/kaengcfg.dat
plugin/fileserver/antivirus/kingsoft/kaengine.dat
.dll windows:4 windows x86 arch:x86

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

cf:fe:97:77:b5:33:5c:fc:b6:0e:7b:37:ec:9f:6b
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

03/07/2008, 00:00

Not After

03/07/2009, 23:59

Subject

CN=Zhuhai Kingsoft Software Co.\,Ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Kingsoft Research,O=Zhuhai Kingsoft Software Co.\,Ltd,L=ZHUHAI,ST=GUANGDONG,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

d6:f1:10:fc:f2:fc:40:2b:e1:2b:4a:cf:c2:a2:7f:37:85:4d:36:7b
Signer

Actual PE Digest

d6:f1:10:fc:f2:fc:40:2b:e1:2b:4a:cf:c2:a2:7f:37:85:4d:36:7b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

KSCOMComponentInit
KSCOMComponentReg
KSCOMComponentUnInit
KSCOMComponentUnReg
KSCOMGetClassObject
KSSetCOMOperatorFunction

Sections

.text
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
plugin/fileserver/antivirus/kingsoft/kaentrya.dat
.dll windows:4 windows x86 arch:x86

Code Sign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

cf:fe:97:77:b5:33:5c:fc:b6:0e:7b:37:ec:9f:6b
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

03/07/2008, 00:00

Not After

03/07/2009, 23:59

Subject

CN=Zhuhai Kingsoft Software Co.\,Ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Kingsoft Research,O=Zhuhai Kingsoft Software Co.\,Ltd,L=ZHUHAI,ST=GUANGDONG,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1c:3a:d8:1d:53:c9:bf:60:c3:25:72:37:29:2b:74:51:44:d0:5b:2e
Signer

Actual PE Digest

1c:3a:d8:1d:53:c9:bf:60:c3:25:72:37:29:2b:74:51:44:d0:5b:2e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

KSCOMComponentReg
KSCOMComponentUnReg
KSSetCOMOperatorFunction

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 432B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 388B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
plugin/fileserver/antivirus/kingsoft/kaeolea.dat
.dll windows:4 windows x86 arch:x86

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

cf:fe:97:77:b5:33:5c:fc:b6:0e:7b:37:ec:9f:6b
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

03/07/2008, 00:00

Not After

03/07/2009, 23:59

Subject

CN=Zhuhai Kingsoft Software Co.\,Ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Kingsoft Research,O=Zhuhai Kingsoft Software Co.\,Ltd,L=ZHUHAI,ST=GUANGDONG,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:09:b5:51:c9:4a:01:ae:ba:6e:8f:d1:fc:7f:38:34:e3:0a:3d:54
Signer

Actual PE Digest

0c:09:b5:51:c9:4a:01:ae:ba:6e:8f:d1:fc:7f:38:34:e3:0a:3d:54

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

KSCOMComponentReg
KSCOMComponentUnReg
KSSetCOMOperatorFunction

Sections

.text
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 874B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
plugin/fileserver/antivirus/kingsoft/kaeplat.dll
.dll windows:4 windows x86 arch:x86

eb862e1b45c71cb2db29cdaf7db820eb

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

cf:fe:97:77:b5:33:5c:fc:b6:0e:7b:37:ec:9f:6b
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

03/07/2008, 00:00

Not After

03/07/2009, 23:59

Subject

CN=Zhuhai Kingsoft Software Co.\,Ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Kingsoft Research,O=Zhuhai Kingsoft Software Co.\,Ltd,L=ZHUHAI,ST=GUANGDONG,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

2b:52:b6:eb:46:23:4b:6a:6e:40:df:e4:11:ec:7e:1b:cd:d2:de:12
Signer

Actual PE Digest

2b:52:b6:eb:46:23:4b:6a:6e:40:df:e4:11:ec:7e:1b:cd:d2:de:12

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleFileNameA
FreeLibrary
GetProcAddress
LoadLibraryA
CreateEventA
CloseHandle
WaitForSingleObject
SetEvent
VirtualProtect
GetCommandLineA
GetVersion
EnterCriticalSection
LeaveCriticalSection
HeapFree
GetLastError
ReadFile
InitializeCriticalSection
HeapAlloc
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
WriteFile
SetFilePointer
VirtualAlloc
HeapReAlloc
RtlUnwind
SetStdHandle
FlushFileBuffers
CreateFileA
InterlockedDecrement
InterlockedIncrement
GetCPInfo
GetACP
GetOEMCP
SetEndOfFile
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW

Exports

Exports

GetEngineFileVersion
GetSignFileVersion
KSCOMComponentInit
KSCOMComponentUnInit
KSCoCreateInstance
KSCoFreeUnusedLibraries
KSCoGetClassObject
KSCoRegisterClassObject
KSCoRegisterComponent
KSCoUnRegisterClassObject
KSCoUnRegisterComponent
KSLoadSign
KSLoadSignEx
KSUnLoadSign

Sections

.text
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
plugin/fileserver/antivirus/kingsoft/kaeplata.dll
.dll windows:4 windows x86 arch:x86

ff876403acdc52d87861595907023ed0

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

cf:fe:97:77:b5:33:5c:fc:b6:0e:7b:37:ec:9f:6b
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

03/07/2008, 00:00

Not After

03/07/2009, 23:59

Subject

CN=Zhuhai Kingsoft Software Co.\,Ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Kingsoft Research,O=Zhuhai Kingsoft Software Co.\,Ltd,L=ZHUHAI,ST=GUANGDONG,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

5b:86:15:e2:f0:99:e1:38:db:ed:8c:57:5c:a8:3b:65:3a:ee:9d:c6
Signer

Actual PE Digest

5b:86:15:e2:f0:99:e1:38:db:ed:8c:57:5c:a8:3b:65:3a:ee:9d:c6

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FindFirstFileA
FindNextFileW
FindFirstFileW
MultiByteToWideChar
WideCharToMultiByte
CreateFileA
CloseHandle
DeviceIoControl
VirtualFree
WriteFile
ReadFile
VirtualAlloc
SetFilePointer
SetCurrentDirectoryA
GetCurrentDirectoryA
GetModuleFileNameA
GetVersionExA
GetLocalTime
GetTempFileNameA
CreateDirectoryA
GetFileAttributesA
GetDriveTypeA
GetEnvironmentVariableA
GetTempPathA
RemoveDirectoryA
OpenProcess
TerminateProcess
ReadProcessMemory
WriteProcessMemory
FindNextFileA
GetProcAddress
FreeLibrary
GetComputerNameA
GetTickCount
GetSystemTime
SetFileTime
SetFileAttributesA
DeleteFileA
GetFileAttributesW
SetFileAttributesW
MoveFileW
DeleteFileW
CreateDirectoryW
RemoveDirectoryW
SetEndOfFile
GetFileSize
FlushFileBuffers
FileTimeToSystemTime
GetFileTime
SystemTimeToFileTime
GetVersion
GetLastError
MoveFileA
GetShortPathNameA
CreateFileW
GetShortPathNameW
OutputDebugStringA
VirtualProtect
LoadLibraryA
FindClose
GetCommandLineA
HeapAlloc
HeapFree
HeapReAlloc
InterlockedDecrement
InterlockedIncrement
RtlUnwind
ExitProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetCurrentThread
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetModuleHandleA
HeapDestroy
HeapCreate
IsBadWritePtr
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
FatalAppExitA
Sleep
UnhandledExceptionFilter
GetCPInfo
GetACP
GetOEMCP
LCMapStringA
LCMapStringW
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
SetStdHandle
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA

advapi32

GetUserNameA

Exports

Exports

KSCOMComponentReg
KSCOMComponentUnReg
KSSetCOMOperatorFunction

Sections

.text
Size: 112KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
plugin/fileserver/antivirus/kingsoft/kaeprev.dll
.dll windows:4 windows x86 arch:x86

ff4993055dfdf68c1dea2d9264341631

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetSystemDirectoryW
WideCharToMultiByte
ReadProcessMemory
GetFileAttributesW
TerminateProcess
GetModuleFileNameW
CreateFileW
MultiByteToWideChar
GetLastError
VirtualProtectEx
WinExec
CloseHandle
GetWindowsDirectoryW
GetCurrentProcessId
SetFileAttributesW
GetLocalTime
OutputDebugStringA
SetEndOfFile
WriteFile
OpenProcess
SetLastError
GetProcAddress
LoadLibraryA
VirtualQueryEx
GetSystemInfo
DebugBreak
Sleep
FreeLibrary
LoadLibraryW
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetModuleHandleW
WaitForSingleObject
GetCurrentProcess
DisableThreadLibraryCalls
InterlockedDecrement
InterlockedIncrement
ReadFile
SetFilePointer
GetFileSize
CreateFileA
InitializeCriticalSection
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EnterCriticalSection
LeaveCriticalSection
GetCurrentThreadId
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
RaiseException
GetStdHandle
GetModuleFileNameA
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
GetCPInfo
GetACP
GetOEMCP
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
ExitProcess
RtlUnwind
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
HeapSize
VirtualAlloc
HeapReAlloc
GetLocaleInfoA
SetStdHandle
GetConsoleCP
GetConsoleMode
FlushFileBuffers
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW

user32

FindWindowW
CharUpperW
PostMessageW

advapi32

RegCloseKey
RegCreateKeyExW
RegQueryValueExW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken

psapi

GetModuleFileNameExW
EnumProcessModules
EnumProcesses

Exports

Exports

DllCanUnloadNow
DllGetClassObject

Sections

.text
Size: 88KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
plugin/fileserver/antivirus/kingsoft/kaeremov.dll
.dll windows:4 windows x86 arch:x86

ce20ee99c701218108e6fcbb48ea52f4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
SetFilePointer
InterlockedIncrement
InterlockedDecrement
DisableThreadLibraryCalls
FindFirstFileW
GetLogicalDrives
WideCharToMultiByte
FindClose
FindNextFileW
GetWindowsDirectoryW
GetComputerNameA
CreateFileA
GetTickCount
GetFileAttributesA
GetShortPathNameA
FindFirstFileA
GetPrivateProfileStringA
GetLocalTime
CreateFileW
DeleteFileA
GetFileAttributesW
DeleteFileW
SetFileAttributesW
lstrlenA
lstrcpynW
MultiByteToWideChar
GetLastError
SetLastError
lstrcmpiA
GetProcAddress
LoadLibraryA
lstrcpyA
RtlUnwind
ReadFile
WriteFile
GetFileSize
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCurrentThreadId
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetCPInfo
GetACP
GetOEMCP
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
RaiseException
GetStdHandle
GetModuleFileNameA
ExitProcess
Sleep
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
LeaveCriticalSection
EnterCriticalSection
GetLocaleInfoA
HeapSize
VirtualAlloc
HeapReAlloc
InitializeCriticalSection

user32

CharLowerW
CharNextW

advapi32

GetUserNameA

Exports

Exports

DllCanUnloadNow
DllGetClassObject

Sections

.text
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 832B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
plugin/fileserver/antivirus/kingsoft/kaesgnld.dll
.dll windows:4 windows x86 arch:x86

fed9d171b01ea47a9a10b71df20ea6c4

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

cf:fe:97:77:b5:33:5c:fc:b6:0e:7b:37:ec:9f:6b
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

03/07/2008, 00:00

Not After

03/07/2009, 23:59

Subject

CN=Zhuhai Kingsoft Software Co.\,Ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Kingsoft Research,O=Zhuhai Kingsoft Software Co.\,Ltd,L=ZHUHAI,ST=GUANGDONG,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

c9:75:77:69:89:a8:3b:f1:af:0f:e0:f7:3c:16:7a:e4:3c:ec:c6:c8
Signer

Actual PE Digest

c9:75:77:69:89:a8:3b:f1:af:0f:e0:f7:3c:16:7a:e4:3c:ec:c6:c8

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

InterlockedIncrement
InterlockedDecrement
GetSystemInfo
InitializeCriticalSection
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
RtlUnwind
GetCommandLineA
GetVersion
HeapFree
HeapAlloc
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
GetCurrentThread
ExitProcess
TerminateProcess
GetCurrentProcess
HeapReAlloc
HeapSize
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
WriteFile
CloseHandle
ReadFile
SetFilePointer
IsBadWritePtr
FatalAppExitA
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
UnhandledExceptionFilter
GetCPInfo
GetACP
GetOEMCP
GetProcAddress
LoadLibraryA
SetStdHandle
FlushFileBuffers
CreateFileA
SetConsoleCtrlHandler
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
Sleep
SetEndOfFile
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
GetTimeZoneInformation
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA
RaiseException

Exports

Exports

KSAppendSign
KSCOMComponentReg
KSCOMComponentUnReg
KSCreateSign
KSDestroySign
KSLoadSign
KSLoadSignBuffer
KSLoadSignEx
KSSetCOMOperatorFunction
KSUnLoadSign
KSUnLoadSignBuffer

Sections

.text
Size: 148KB - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
plugin/fileserver/antivirus/kingsoft/kaeunpack.dat
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

KSCOMComponentInit
KSCOMComponentReg
KSCOMComponentUnInit
KSCOMComponentUnReg
KSCOMGetClassObject
KSSetCOMOperatorFunction

Sections

UPX0
Size: - Virtual size: 944KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 327KB - Virtual size: 328KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 960KB - Virtual size: 959KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 168KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 80KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
plugin/fileserver/antivirus/kingsoft/kaext2.dat
.dll windows:4 windows x86 arch:x86

b1c84d10548138c310a3c8964e4f8b6b

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

cf:fe:97:77:b5:33:5c:fc:b6:0e:7b:37:ec:9f:6b
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

03/07/2008, 00:00

Not After

03/07/2009, 23:59

Subject

CN=Zhuhai Kingsoft Software Co.\,Ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Kingsoft Research,O=Zhuhai Kingsoft Software Co.\,Ltd,L=ZHUHAI,ST=GUANGDONG,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

ea:b9:b9:5c:1a:6d:c4:74:4b:f5:17:e9:9f:cb:80:a5:1b:3e:02:f8
Signer

Actual PE Digest

ea:b9:b9:5c:1a:6d:c4:74:4b:f5:17:e9:9f:cb:80:a5:1b:3e:02:f8

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

Sleep
VirtualProtect
VirtualAlloc
VirtualFree
GetCurrentThreadId
OutputDebugStringA
GetCommandLineA
GetVersion
HeapFree
ExitProcess
TerminateProcess
GetCurrentProcess
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
GetCurrentThread
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
WriteFile
HeapAlloc
GetProcAddress
EnterCriticalSection
LeaveCriticalSection
HeapReAlloc
IsBadWritePtr
InitializeCriticalSection
FatalAppExitA
RtlUnwind
UnhandledExceptionFilter
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA
InterlockedDecrement
InterlockedIncrement
SetFilePointer
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetConsoleCtrlHandler
FlushFileBuffers
SetStdHandle
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
CloseHandle
GetTimeZoneInformation
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA

Exports

Exports

KSCOMComponentInit
KSCOMComponentReg
KSCOMComponentUnInit
KSCOMComponentUnReg
KSCOMGetClassObject
KSSetCOMOperatorFunction

Sections

.text
Size: 252KB - Virtual size: 250KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
plugin/fileserver/antivirus/kingsoft/kaextend.dat
.dll windows:4 windows x86 arch:x86

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

cf:fe:97:77:b5:33:5c:fc:b6:0e:7b:37:ec:9f:6b
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

03/07/2008, 00:00

Not After

03/07/2009, 23:59

Subject

CN=Zhuhai Kingsoft Software Co.\,Ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Kingsoft Research,O=Zhuhai Kingsoft Software Co.\,Ltd,L=ZHUHAI,ST=GUANGDONG,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

27:c0:57:98:26:7f:d8:b2:9f:89:49:42:ca:58:da:7d:86:5d:2b:f4
Signer

Actual PE Digest

27:c0:57:98:26:7f:d8:b2:9f:89:49:42:ca:58:da:7d:86:5d:2b:f4

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

KSCOMComponentInit
KSCOMComponentReg
KSCOMComponentUnInit
KSCOMComponentUnReg
KSCOMGetClassObject
KSSetCOMOperatorFunction

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 404KB - Virtual size: 400KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 992B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
plugin/fileserver/antivirus/kingsoft/karchive.dat
.dll windows:4 windows x86 arch:x86

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

cf:fe:97:77:b5:33:5c:fc:b6:0e:7b:37:ec:9f:6b
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

03/07/2008, 00:00

Not After

03/07/2009, 23:59

Subject

CN=Zhuhai Kingsoft Software Co.\,Ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Kingsoft Research,O=Zhuhai Kingsoft Software Co.\,Ltd,L=ZHUHAI,ST=GUANGDONG,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

d5:43:62:39:cf:17:7b:cb:93:b1:ac:6a:25:30:b5:4a:41:ee:95:53
Signer

Actual PE Digest

d5:43:62:39:cf:17:7b:cb:93:b1:ac:6a:25:30:b5:4a:41:ee:95:53

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

KSCOMComponentInit
KSCOMComponentReg
KSCOMComponentUnInit
KSCOMComponentUnReg
KSCOMGetClassObject
KSSetCOMOperatorFunction

Sections

.text
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 788B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
plugin/fileserver/antivirus/kingsoft/kavpe.ini
plugin/fileserver/antivirus/kingsoft/kisscan.dll
.dll windows:4 windows x86 arch:x86

05988e479834b037c350736382546e37

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleFileNameW
GetProcAddress
FreeLibrary
SetCurrentDirectoryW
LoadLibraryW
LoadResource
FindResourceExW
CreateEventW
CloseHandle
WaitForSingleObject
ResetEvent
SetEvent
MultiByteToWideChar
FindResourceW
SizeofResource
LockResource
SetFilePointer
FindFirstFileW
FindNextFileW
FindClose
IsBadReadPtr
WriteFile
FlushFileBuffers
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetConsoleMode
GetConsoleCP
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
RaiseException
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetVersionExA
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetLastError
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCurrentThreadId
GetCommandLineA
RtlUnwind
GetStdHandle
GetModuleFileNameA
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
Sleep
ExitProcess
HeapCreate
VirtualFree
VirtualAlloc
GetCPInfo
GetOEMCP
IsValidCodePage
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LoadLibraryA
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW

user32

UnregisterClassA

shlwapi

PathIsRootW
PathFindFileNameW
PathIsDirectoryW
PathAddBackslashW
PathCommonPrefixW

Exports

Exports

CreateInstance

Sections

.text
Size: 56KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
plugin/fileserver/antivirus/kingsoft/ksgmerge.dll
.dll windows:4 windows x86 arch:x86

f6ca8512772f637051b84f7fc44521af

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

cf:fe:97:77:b5:33:5c:fc:b6:0e:7b:37:ec:9f:6b
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

03/07/2008, 00:00

Not After

03/07/2009, 23:59

Subject

CN=Zhuhai Kingsoft Software Co.\,Ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Kingsoft Research,O=Zhuhai Kingsoft Software Co.\,Ltd,L=ZHUHAI,ST=GUANGDONG,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

62:8f:ef:0c:33:4a:63:ea:06:65:df:5e:a6:83:39:d9:8c:7f:18:af
Signer

Actual PE Digest

62:8f:ef:0c:33:4a:63:ea:06:65:df:5e:a6:83:39:d9:8c:7f:18:af

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateDirectoryW
GetFileAttributesW
GetLastError
FindFirstFileW
FindClose
WideCharToMultiByte
MultiByteToWideChar
lstrlenW
DeleteFileW
FindNextFileW
Sleep
lstrlenA
MoveFileExW
GetPrivateProfileStringW
HeapFree
ReadFile
HeapAlloc
HeapReAlloc
CloseHandle
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCommandLineA
GetVersionExA
GetProcessHeap
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
GetModuleHandleA
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetFileType
CreateFileA
CreateFileW
HeapDestroy
HeapCreate
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
SetFilePointer
SetHandleCount
GetStdHandle
GetStartupInfoA
SetStdHandle
HeapSize
WriteFile
GetModuleFileNameA
RaiseException
LCMapStringA
LCMapStringW
RtlUnwind
GetConsoleCP
GetConsoleMode
FlushFileBuffers
GetTimeZoneInformation
ExitProcess
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
SetEndOfFile
InterlockedExchange
InitializeCriticalSection
LoadLibraryA
GetLocaleInfoW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetThreadLocale
CopyFileW
GetTempFileNameW

Exports

Exports

CreateSignMergeInstance
CreateSignMergeObj
CreateWithRemoveSignMergeObj
CreateWithReportSignMergeObj

Sections

.text
Size: 230KB - Virtual size: 229KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
plugin/fileserver/antivirus/kingsoft/ktmemdb.dat
plugin/fileserver/antivirus/kingsoft/kunpamgr.dat
.dll windows:4 windows x86 arch:x86

Code Sign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

cf:fe:97:77:b5:33:5c:fc:b6:0e:7b:37:ec:9f:6b
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

03/07/2008, 00:00

Not After

03/07/2009, 23:59

Subject

CN=Zhuhai Kingsoft Software Co.\,Ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Kingsoft Research,O=Zhuhai Kingsoft Software Co.\,Ltd,L=ZHUHAI,ST=GUANGDONG,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

01:1f:bf:3a:a7:de:67:9d:5a:3b:99:21:f6:b6:cf:2c:85:e9:6f:fa
Signer

Actual PE Digest

01:1f:bf:3a:a7:de:67:9d:5a:3b:99:21:f6:b6:cf:2c:85:e9:6f:fa

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

KSCOMComponentInit
KSCOMComponentReg
KSCOMComponentUnInit
KSCOMComponentUnReg
KSCOMGetClassObject
KSSetCOMOperatorFunction

Sections

.text
Size: 144KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 4KB - Virtual size: 275B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
plugin/fileserver/antivirus/kingsoft/kuplive.exe
.exe windows:4 windows x86 arch:x86

5b42311dca92bbd3a1782da3b27ccc4f

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0b:a4:bc:43:99:30:34:6b:95:69:4b:4c:7f:2b:98:1b
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

22/06/2009, 00:00

Not After

21/06/2012, 23:59

Subject

CN=Zhuhai Kingsoft Software Co.\,Ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Zhuhai Kingsoft Software Co.\,Ltd,L=Zhuhai,ST=Guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:bf:cc:c5:5c:a2:36:c7:1a:02:b8:1a:12:bc:2e:db:f6:32:c0:31
Signer

Actual PE Digest

61:bf:cc:c5:5c:a2:36:c7:1a:02:b8:1a:12:bc:2e:db:f6:32:c0:31

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSAStartup
inet_ntoa
inet_addr
ntohl
listen
__WSAFDIsSet
ioctlsocket
setsockopt
getsockopt
WSACleanup

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

kernel32

GetVersionExA
lstrcmpW
LoadLibraryA
CompareStringW
GlobalDeleteAtom
GlobalFindAtomW
GlobalAddAtomW
GetModuleHandleA
GetCurrentProcessId
CompareStringA
GetLocaleInfoW
EnumResourceLanguagesW
GetVersion
ConvertDefaultLocale
GetCurrentThread
LocalAlloc
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
SetErrorMode
GlobalFlags
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapReAlloc
RtlUnwind
RaiseException
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
ExitThread
ExitProcess
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetSystemTimeAsFileTime
SetEnvironmentVariableA
SetEnvironmentVariableW
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
SetStdHandle
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetFullPathNameW
GetVolumeInformationW
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
GetThreadLocale
SetFileTime
SystemTimeToFileTime
LocalFileTimeToFileTime
FileTimeToLocalFileTime
GlobalLock
GlobalUnlock
LocalFree
MulDiv
HeapAlloc
FormatMessageW
HeapFree
GetProcessHeap
GetCurrentThreadId
WaitForMultipleObjects
PeekNamedPipe
DuplicateHandle
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetFileTime
FileTimeToSystemTime
MoveFileW
IsBadStringPtrW
GetTickCount
IsBadReadPtr
SleepEx
GetExitCodeThread
ExpandEnvironmentStringsW
GetFileInformationByHandle
GetDriveTypeA
FindFirstFileA
GetFullPathNameA
GetCurrentDirectoryA
SuspendThread
CreateDirectoryW
lstrlenA
SetThreadPriority
ResumeThread
InterlockedExchange
ResetEvent
CopyFileW
GetVersionExW
GetDriveTypeW
GetLogicalDriveStringsW
CreateFileA
GetFileAttributesW
WritePrivateProfileStringW
MoveFileExW
SetEvent
MapViewOfFile
CreateFileMappingW
CreateMutexW
TerminateProcess
CreateEventW
Process32NextW
OpenProcess
Process32FirstW
CreateToolhelp32Snapshot
TerminateThread
GetLocalTime
GetCurrentDirectoryW
GetSystemDirectoryW
GetWindowsDirectoryW
FreeResource
CreateThread
ReleaseMutex
UnmapViewOfFile
GetTempPathW
InterlockedDecrement
InterlockedIncrement
GetModuleHandleW
GetPrivateProfileStringW
GetPrivateProfileSectionNamesW
GetPrivateProfileIntW
Sleep
GetStartupInfoW
GetModuleFileNameW
lstrcpynW
lstrlenW
WideCharToMultiByte
FindResourceW
LoadResource
LockResource
SizeofResource
GetCurrentProcess
SetLastError
SetFilePointer
GetFileSize
WriteFile
GetSystemTimeAdjustment
MultiByteToWideChar
FreeLibrary
GetProcAddress
DeleteFileW
SetFileAttributesW
GetTimeZoneInformation
FindClose
FindNextFileW
LoadLibraryW
FindFirstFileW
WaitForSingleObject
CreateProcessW
GlobalFree
GlobalAlloc
ReadFile
CloseHandle
GetLastError
CreateFileW
HeapSize

user32

EnableMenuItem
CheckMenuItem
GetWindowThreadProcessId
EndPaint
BeginPaint
GetWindowDC
IsWindowEnabled
SetWindowTextW
IsDialogMessageW
SetDlgItemTextW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetFocus
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
GetDlgItem
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
GetKeyState
GetMenuCheckMarkDimensions
CreateWindowExW
GetClassInfoExW
RegisterClassW
EqualRect
GetScrollInfo
LoadStringW
CreatePopupMenu
GetDlgCtrlID
CallWindowProcW
SystemParametersInfoA
GetWindowPlacement
CharUpperW
GetMenuState
GetMenuStringW
GetMenuItemID
GetMenuItemCount
GetSubMenu
ModifyMenuW
GetSystemMenu
DispatchMessageW
TranslateMessage
GetMessageW
SetActiveWindow
SetWindowPos
LoadImageW
IsWindowVisible
PostQuitMessage
MapDialogRect
SetWindowContextHelpId
RegisterClipboardFormatW
GetMenuItemInfoW
DestroyMenu
DestroyIcon
LoadIconW
LoadBitmapW
RedrawWindow
GrayStringW
DrawTextExW
TabbedTextOutW
GetSysColor
SetMenuItemBitmaps
EndDialog
GetNextDlgTabItem
CreateDialogIndirectParamW
GetActiveWindow
GetDesktopWindow
WindowFromPoint
ValidateRect
CreateMenu
UnregisterClassA
ClientToScreen
GetMenu
GetWindowLongW
AdjustWindowRectEx
GetWindow
MoveWindow
GetTopWindow
SetParent
UpdateWindow
GetDC
UnregisterClassW
CopyAcceleratorTableW
IsRectEmpty
SetRect
InvalidateRgn
SetCapture
ReleaseCapture
GetNextDlgGroupItem
MessageBeep
DrawTextW
IntersectRect
ReleaseDC
UnionRect
CharNextW
DefWindowProcW
GetClassInfoW
wsprintfW
RegisterWindowMessageW
MessageBoxW
IsWindow
SetForegroundWindow
ShowWindow
IsIconic
PeekMessageW
DrawFocusRect
InflateRect
OffsetRect
CopyRect
ScreenToClient
GetCursorPos
GetSystemMetrics
SetTimer
KillTimer
PtInRect
SetWindowLongW
GetClientRect
SendMessageW
SetCursor
LoadCursorW
GetParent
PostMessageW
EnableWindow
GetSysColorBrush
InvalidateRect
GetWindowRect
ExitWindowsEx
AppendMenuW
PostThreadMessageW

gdi32

CreateBitmap
CreateRectRgnIndirect
GetMapMode
GetBkColor
GetTextColor
GetRgnBox
DeleteDC
CreateFontW
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
GetWindowExtEx
GetViewportExtEx
SelectClipRgn
BitBlt
GetTextExtentPoint32W
DeleteObject
GetObjectW
GetStockObject
CreateFontIndirectW
CreateSolidBrush
MoveToEx
LineTo
SetMapMode
SetBkMode
RestoreDC
SaveDC
SetBkColor
SetTextColor
GetClipBox
Rectangle
Escape
CreateRectRgn
ExtTextOutW
TextOutW
RectVisible
PtVisible
GetTextMetricsW
GetDeviceCaps
CreatePen
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegQueryValueW
RegSetValueExW
RegCloseKey
RegQueryValueExW
OpenSCManagerW
OpenProcessToken
ConvertSidToStringSidW
LookupAccountNameW
RegEnumKeyW
RegOpenKeyW
GetUserNameW
RegDeleteKeyW
RegCreateKeyExW
AdjustTokenPrivileges
RegOpenKeyExW
LookupPrivilegeValueW

shell32

SHGetFolderPathW
SHGetSpecialFolderPathW
SHBrowseForFolderW
SHGetPathFromIDListW
ShellExecuteW
SHFileOperationW
DoEnvironmentSubstW

comctl32

UninitializeFlatSB
FlatSB_EnableScrollBar
_TrackMouseEvent
FlatSB_SetScrollInfo

shlwapi

PathIsUNCW
PathStripToRootW
PathIsRootW
PathIsDirectoryW
PathFindFileNameW
PathFindExtensionW
PathRemoveFileSpecW
PathFileExistsW

oledlg

OleUIBusyW

ole32

CoTaskMemAlloc
CLSIDFromProgID
CLSIDFromString
OleRun
CoCreateInstance
CoTaskMemFree
StringFromCLSID
CoCreateGuid
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
OleUninitialize

oleaut32

OleCreateFontIndirect
SystemTimeToVariantTime
VariantTimeToSystemTime
SysAllocString
SysFreeString
VariantInit
VariantCopy
VariantClear
VariantChangeType
SafeArrayCreate
SafeArrayPutElement
SysStringLen
SysAllocStringLen
GetErrorInfo
SafeArrayDestroy

iphlpapi

GetAdaptersAddresses
GetNetworkParams
GetAdaptersInfo

wsock32

recvfrom
sendto
connect
WSASetLastError
getsockname
WSAGetLastError
bind
select
socket
accept
htons
closesocket
gethostbyname
ntohs
send
recv

rasapi32

RasSetEntryPropertiesW
RasEnumConnectionsW
RasValidateEntryNameW
RasHangUpW
RasDialW
RasGetErrorStringW

winmm

timeGetTime

Sections

.text
Size: 584KB - Virtual size: 584KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 149KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 194KB - Virtual size: 194KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
plugin/fileserver/antivirus/kingsoft/lang/chs/uplive.svr
plugin/fileserver/antivirus/kingsoft/oem/0x00000040/binfilefordownload.dat
plugin/fileserver/antivirus/kingsoft/oem/0x00000040/oem.dat
plugin/fileserver/fileserver.dll
.dll windows:4 windows x86 arch:x86

33ba341e6d5136f3a7e7b17cbcb19f96

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ws2_32

gethostbyname

fltk

?set_text@WaitAddonGroup@fltk@@QAEXPBD00@Z
??1WaitAddonGroup@fltk@@UAE@XZ
?layout@Group@fltk@@UAEXXZ
?resize@Widget@fltk@@QAE_NHHHH@Z
?setText@Static@fltk@@QAEXPBD@Z
??1Static@fltk@@UAE@XZ
??1AnimationWidget@fltk@@UAE@XZ
??1Widget@fltk@@UAE@XZ
??0Group@fltk@@QAE@HHHHPBD_N@Z
?current_@Group@fltk@@0PAV12@A
??0Widget@fltk@@QAE@HHHHPBD@Z
?NO_BOX@fltk@@3QAVSymbol@1@A
?box@Widget@fltk@@QAEXPAVSymbol@2@@Z
??0AnimationWidget@fltk@@QAE@HHHH@Z
?in_main_thread@fltk@@YA_NXZ
??0Static@fltk@@QAE@HHHHPBDI@Z
??1Group@fltk@@UAE@XZ
?draw@Group@fltk@@UAEXXZ
?handle@Group@fltk@@UAEHH@Z
?get@MainThreadCall@fltk@@SAAAV12@XZ
?addCall@MainThreadCall@fltk@@QAEXP6AXHHH@ZHHH@Z
?asynCall@Widget@fltk@@UAEXHHH@Z
?draw@Widget@fltk@@UAEXXZ
?handle@Widget@fltk@@UAEHH@Z
?layout@Widget@fltk@@UAEXXZ
?draw@AnimationWidget@fltk@@UAEXXZ
?handle@AnimationWidget@fltk@@UAEHH@Z
?draw@Window@fltk@@UAEXXZ
?handle@Static@fltk@@UAEHH@Z
?layout@Static@fltk@@UAEXXZ
?draw_overlay@Window@fltk@@UAEXXZ
?destroy@Window@fltk@@UAEXXZ
?flush@Window@fltk@@UAEXXZ
?on_create@Static@fltk@@UAEXXZ
?on_notify@Window@fltk@@UAEXII@Z
?create@Window@fltk@@MAEXXZ
?translate_text@fltk@@YAPBDII@Z
?QMessageBox@fltk@@YAHPBD0II@Z
?setImage@AnimationWidget@fltk@@QAEXPBD@Z
??0WaitAddonGroup@fltk@@QAE@HHHHII@Z

kernel32

FindClose
WideCharToMultiByte
MultiByteToWideChar
ResumeThread
TlsAlloc
GetCurrentProcess
GetCurrentThread
DuplicateHandle
GetCurrentThreadId
TlsSetValue
SetThreadPriority
TlsGetValue
CreateSemaphoreA
ReleaseSemaphore
GetLastError
LeaveCriticalSection
TryEnterCriticalSection
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
ExitProcess
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
LoadLibraryW
FreeLibrary
InterlockedIncrement
InterlockedDecrement
FindNextFileW
FindFirstFileW
GetDiskFreeSpaceA
GetProcAddress
GetModuleHandleA
GetDriveTypeA
GetLogicalDriveStringsA
TerminateThread
TerminateProcess
GetModuleFileNameW
GetModuleFileNameA
SetEvent
CloseHandle
WaitForSingleObject
OpenProcess
Sleep
CreateProcessW
WaitForMultipleObjects
CreateThread
CreateEventW

user32

wsprintfW

shell32

SHGetFileInfoW

msvcp71

?_Nomemory@std@@YAXXZ
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z
??1?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV01@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBG@Z
??Y?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@PBG@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?erase@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@II@Z
?npos@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@2IB
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?rbegin@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AV?$reverse_iterator@Viterator@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@XZ
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??4?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@ABV01@@Z
?find_last_of@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIGI@Z
??4?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@PBG@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?reserve@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?get@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEHXZ
?peek@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEHXZ
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?_Xran@_String_base@std@@QBEXXZ

msvcr71

_onexit
__dllonexit
_except_handler3
__security_error_handler
?terminate@@YAXXZ
__CppXcptFilter
_adjust_fdiv
??0exception@@QAE@ABV0@@Z
__CxxFrameHandler
_CxxThrowException
_purecall
??3@YAXPAX@Z
??_V@YAXPAX@Z
_access
fclose
difftime
fwrite
time
fopen
??1exception@@UAE@XZ
??0exception@@QAE@XZ
wcscpy
wcscmp
strrchr
sprintf
_endthreadex
_beginthreadex
wcslen
_vsnprintf
free
malloc
_snprintf
fread
ftell
fseek
fprintf
atoi
isspace
tolower
isalpha
isalnum
strncmp
strchr
_vscprintf
??1type_info@@UAE@XZ
_callnewh
_initterm

psapi

EnumProcesses
GetModuleBaseNameW

shlwapi

PathFileExistsW
PathIsDirectoryW

Exports

Exports

DllCouldUnloadNow
DllGetClassFactory

Sections

.text
Size: 68KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
plugin/terms/terms.dll
.dll windows:4 windows x86 arch:x86

d2a90d0f7ca5e9b8808e65f78e6d8027

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shlwapi

SHDeleteKeyW

kernel32

DuplicateHandle
GetCurrentProcess
GetCurrentThreadId
GetLastError
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
CreateSemaphoreA
TlsGetValue
SetThreadPriority
TlsSetValue
GetCurrentThread
TlsAlloc
ResumeThread
MultiByteToWideChar
CloseHandle
InterlockedDecrement
InterlockedIncrement
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
ExitProcess
FreeLibrary

advapi32

RegEnumValueA
RegOpenKeyA
RegSetValueExA
RegCloseKey
RegDeleteValueA
RegEnumKeyA

msvcp71

??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
?_Nomemory@std@@YAXXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

msvcr71

_onexit
__dllonexit
__CppXcptFilter
_adjust_fdiv
_initterm
__security_error_handler
??1type_info@@UAE@XZ
_callnewh
malloc
free
_beginthreadex
_endthreadex
_except_handler3
memmove
??_V@YAXPAX@Z
??0exception@@QAE@XZ
??1exception@@UAE@XZ
??3@YAXPAX@Z
_purecall
_CxxThrowException
__CxxFrameHandler
??0exception@@QAE@ABV0@@Z
?terminate@@YAXXZ

Exports

Exports

DllCouldUnloadNow
DllGetClassFactory

Sections

.text
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
plugin/vncserverlib/vncServerLib.dll
.dll windows:4 windows x86 arch:x86

73e6ed8f5fd3bf0508edb48f669079f0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ws2_32

WSAStartup
WSAGetLastError
htons
htonl
WSACleanup
inet_ntoa
gethostname
inet_addr
gethostbyname

winmm

timeGetTime

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

fltk

?translate_text@fltk@@YAPBDII@Z
?KillNonThreadMessageBox@fltk@@YAHXZ
?addCall@MainThreadCall@fltk@@QAEXP6AXHHH@ZHHH@Z
?get@MainThreadCall@fltk@@SAAAV12@XZ
?layout@Group@fltk@@UAEXXZ
?handle@Group@fltk@@UAEHH@Z
?draw@Group@fltk@@UAEXXZ
??1WaitAddonGroup@fltk@@UAE@XZ
?set_text@WaitAddonGroup@fltk@@QAEXPBD00@Z
??0WaitAddonGroup@fltk@@QAE@HHHHII@Z

kernel32

Beep
CreateFileA
GetSystemDirectoryA
GetCurrentProcessId
GetSystemTime
SetFilePointer
ReadFile
CreateDirectoryA
SetErrorMode
SetFileTime
SystemTimeToFileTime
FlushFileBuffers
SetEndOfFile
WriteFile
MoveFileA
lstrlenA
GetDriveTypeA
GetLogicalDriveStringsA
FileTimeToSystemTime
GetFileTime
WaitForSingleObject
SetThreadPriority
GetCurrentThread
OpenEventA
GlobalUnlock
GlobalLock
GlobalAlloc
TerminateProcess
CreateProcessA
SetProcessShutdownParameters
LockResource
LoadResource
SizeofResource
FindResourceA
ReleaseMutex
CreateMutexA
WriteConsoleA
GetStdHandle
FormatMessageA
MoveFileExA
AllocConsole
GlobalDeleteAtom
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFree
SearchPathA
EnterCriticalSection
TryEnterCriticalSection
LeaveCriticalSection
ReleaseSemaphore
CreateSemaphoreA
DuplicateHandle
GetTickCount
QueryPerformanceCounter
ExitProcess
GetModuleHandleA
DeviceIoControl
Sleep
GetExitCodeThread
CreateThread
InterlockedIncrement
InterlockedDecrement
TlsGetValue
OutputDebugStringA
GetLastError
SetLastError
GetProcAddress
LoadLibraryA
GetCurrentThreadId
GetModuleFileNameA
TlsSetValue
WritePrivateProfileStringA
GetPrivateProfileStringA
FreeLibrary
TlsAlloc
WideCharToMultiByte
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
CopyFileA
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
RaiseException
InitializeCriticalSection
GetSystemTimeAsFileTime
DeleteCriticalSection
OpenProcess
GetCurrentProcess
CloseHandle
GetComputerNameA
ResumeThread
IsBadWritePtr
IsBadReadPtr

user32

PostThreadMessageA
EnumWindowStationsA
OpenWindowStationA
GetProcessWindowStation
SetProcessWindowStation
CloseWindowStation
GetUserObjectInformationA
ExitWindowsEx
GetDlgItemInt
IsDlgButtonChecked
CheckDlgButton
EnableWindow
SetDlgItemInt
DestroyMenu
LoadMenuA
GetSubMenu
SetMenuDefaultItem
GetMenuItemID
ToAscii
VkKeyScanA
GetAsyncKeyState
MapVirtualKeyA
SetRect
WaitMessage
IsIconic
RegisterWindowMessageA
GetIconInfo
SetClipboardViewer
EnumWindows
ChangeClipboardChain
WaitForInputIdle
GetClipboardOwner
GetClipboardData
IsWindowVisible
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
DrawIconEx
GetWindowTextA
OpenDesktopA
EnumDesktopWindows
GetClassNameA
mouse_event
InvalidateRect
wsprintfA
GetKeyboardState
keybd_event
GetForegroundWindow
SetActiveWindow
MessageBeep
FlashWindow
GetThreadDesktop
OpenInputDesktop
SetThreadDesktop
CloseDesktop
SetCursorPos
GetDC
EnumDisplaySettingsA
DialogBoxParamA
EndDialog
SetWindowTextA
LoadStringA
GetDlgItemTextA
SetFocus
SetDlgItemTextA
GetScrollInfo
SendDlgItemMessageA
SetForegroundWindow
FindWindowA
GetWindowThreadProcessId
UnregisterClassA
SendMessageA
LoadIconA
RegisterClassExA
AdjustWindowRect
CreateWindowExA
KillTimer
PostQuitMessage
SetTimer
DefWindowProcA
GetSystemMetrics
IsRectEmpty
LoadImageA
SystemParametersInfoA
GetMessageA
MessageBoxA
CreateDialogParamA
UpdateWindow
SetWindowLongA
PeekMessageA
IsWindow
IsDialogMessageA
TranslateMessage
DispatchMessageA
GetWindowLongA
SetWindowPos
GetWindowRect
PtInRect
WindowFromPoint
GetDesktopWindow
ScreenToClient
RealChildWindowFromPoint
GetWindowDC
ReleaseDC
GetCursorPos
ReleaseCapture
RedrawWindow
GetParent
PostMessageA
DestroyWindow
LoadCursorA
SetCursor
SetCapture
GetDlgItem
ShowWindow
TrackPopupMenu

gdi32

GdiFlush
GetPixel
CreateCompatibleBitmap
GetObjectA
CreateDIBSection
CreatePalette
SelectPalette
RealizePalette
SetDIBColorTable
GetDeviceCaps
BitBlt
ExtEscape
GetSystemPaletteEntries
EqualRgn
GetRgnBox
OffsetRgn
SetRectRgn
CombineRgn
GetRegionData
CreateRectRgn
SetBkMode
GetStockObject
GetClipBox
LineTo
MoveToEx
SelectObject
CreatePen
DeleteDC
GetDIBits
CreateDCA
DeleteObject
StretchBlt
PatBlt
GetBitmapBits
CreateCompatibleDC
CreateSolidBrush

advapi32

RegisterServiceCtrlHandlerA
SetServiceStatus
GetUserNameA
RegisterEventSourceA
ReportEventA
DeregisterEventSource
RegOpenKeyA
RegDeleteValueA
ControlService
QueryServiceStatus
DeleteService
CreateServiceA
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExA
DuplicateToken
OpenSCManagerA
OpenServiceA
CloseServiceHandle
RegCreateKeyA
RegCloseKey
RegSetValueExA
GetTokenInformation
AllocateAndInitializeSid
EqualSid
FreeSid
RevertToSelf
ImpersonateLoggedOnUser
OpenProcessToken
StartServiceCtrlDispatcherA

shell32

SHAppBarMessage
SHGetSpecialFolderLocation
SHGetPathFromIDListA

ole32

CoInitialize
CoUninitialize
CoCreateInstance

msvcr71

_CxxThrowException
memset
memcpy
printf
sprintf
localtime
time
??_U@YAPAXI@Z
strlen
??_V@YAXPAX@Z
_except_handler3
atoi
srand
rand
wcslen
strrchr
free
_stricmp
memmove
??1exception@@UAE@XZ
??0exception@@QAE@XZ
_snprintf
strstr
clock
malloc
strncpy
sscanf
strncat
strncmp
strchr
tolower
calloc
exit
fprintf
_iob
_vsnprintf
ctime
fflush
_fdopen
_dup2
_open_osfhandle
fclose
_endthreadex
_beginthreadex
realloc
getenv
__security_error_handler
??1type_info@@UAE@XZ
__dllonexit
_onexit
_initterm
_adjust_fdiv
__CppXcptFilter
?terminate@@YAXXZ
??1bad_cast@@UAE@XZ
??0bad_cast@@QAE@ABV0@@Z
??0exception@@QAE@ABV0@@Z
_purecall
_strdup
_getpid
_strnicmp
??0bad_cast@@QAE@PBD@Z
__CxxFrameHandler
??3@YAXPAX@Z
??2@YAPAXI@Z
memcmp

msvcp71

?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?width@ios_base@std@@QAEHH@Z
??Y?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@G@Z
??Y?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@PBG@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@IG@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBG@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV01@@Z
??Y?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@ABV01@@Z
??1?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ID@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
?is@?$ctype@D@std@@QBE_NFD@Z
?to_char_type@?$char_traits@D@std@@SADABH@Z
?eq_int_type@?$char_traits@D@std@@SA_NABH0@Z
?eof@?$char_traits@D@std@@SAHXZ
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
?max_size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
??1locale@std@@QAE@XZ
?getloc@ios_base@std@@QBE?AVlocale@2@XZ
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE_N_N@Z
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ
??1_Lockit@std@@QAE@XZ
?_Register@facet@locale@std@@QAEXXZ
?_Incref@facet@locale@std@@QAEXXZ
?_Getcat@?$ctype@D@std@@SAIPAPBVfacet@locale@2@@Z
?_Getfacet@locale@std@@QBEPBVfacet@12@I@Z
??Bid@locale@std@@QAEIXZ
?id@?$ctype@D@std@@2V0locale@2@A
??0_Lockit@std@@QAE@H@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDD@Z
?size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?to_int_type@?$char_traits@D@std@@SAHABD@Z
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEABDI@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDXZ
?flags@ios_base@std@@QBEHXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
?good@ios_base@std@@QBE_NXZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?uncaught_exception@std@@YA_NXZ
?setstate@?$basic_ios@GU?$char_traits@G@std@@@std@@QAEXH_N@Z
?append@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@IG@Z
?is@?$ctype@G@std@@QBE_NFG@Z
?eq_int_type@?$char_traits@G@std@@SA_NABG0@Z
?_Unlock@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QAEXXZ
?_Lock@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QAEXXZ
?_Getcat@?$ctype@G@std@@SAIPAPBVfacet@locale@2@@Z
?id@?$ctype@G@std@@2V0locale@2@A
?widen@?$basic_ios@GU?$char_traits@G@std@@@std@@QBEGD@Z
?size@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIXZ
?sbumpc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QAEGXZ
?to_int_type@?$char_traits@G@std@@SAGABG@Z
??A?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEABGI@Z
?sputc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QAEGG@Z
?fill@?$basic_ios@GU?$char_traits@G@std@@@std@@QBEGXZ
?flush@?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV12@XZ
?tie@?$basic_ios@GU?$char_traits@G@std@@@std@@QBEPAV?$basic_ostream@GU?$char_traits@G@std@@@2@XZ
?_Osfx@?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEXXZ
?_Unlock@_Mutex@std@@QAEXXZ
?_Lock@_Mutex@std@@QAEXXZ
?_Id_cnt@id@locale@std@@0HA
?clear@ios_base@std@@QAEXH_N@Z
?eof@?$char_traits@G@std@@SAGXZ
?snextc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QAEGXZ
?sgetc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QAEGXZ
?width@ios_base@std@@QBEHXZ
?_Ipfx@?$basic_istream@GU?$char_traits@G@std@@@std@@QAE_N_N@Z
?npos@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@2IB
?erase@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@II@Z
?to_char_type@?$char_traits@G@std@@SAGABG@Z
?rdbuf@?$basic_ios@GU?$char_traits@G@std@@@std@@QBEPAV?$basic_streambuf@GU?$char_traits@G@std@@@2@XZ
?max_size@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIXZ

Exports

Exports

DllGetClassFactory
GetVNCServerInstance
Test

Sections

.text
Size: 380KB - Virtual size: 378KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
plugin/winsshd/SSHDSession.exe
.exe windows:4 windows x86 arch:x86

e12b3ebcb7f2f17fec3a5f096680dc1e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

cl32

cryptAlgoFromString
cryptDestroyContext
cryptSetAttribute
cryptCreateSession
cryptKeysetClose
cryptGetPrivateKey
cryptKeysetOpen
cryptSetAlgoList
cryptDestroySession
cryptGetAttribute
cryptGetAttributeString
cryptPopData
cryptFlushData
cryptPushData
cryptInit
cryptEnd
cryptAddRandom

ws2_32

gethostbyname
gethostbyaddr
htons
connect
send
select
shutdown
recv
closesocket
WSACleanup
WSAGetLastError
WSASocketA
ntohs
getpeername
inet_ntoa
WSAStartup
socket

userenv

DestroyEnvironmentBlock
CreateEnvironmentBlock
LoadUserProfileA

netapi32

NetUserChangePassword

wininet

InternetConnectA
InternetOpenA
InternetCloseHandle
FtpPutFileA

kernel32

SetStdHandle
WaitForSingleObject
GetStringTypeW
GetStringTypeA
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
IsBadCodePtr
IsBadReadPtr
GetStartupInfoA
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
FlushFileBuffers
SetFilePointer
IsBadWritePtr
VirtualFree
HeapCreate
HeapDestroy
GetFileAttributesA
FreeLibrary
SetUnhandledExceptionFilter
GetProcAddress
LoadLibraryA
ExitProcess
CloseHandle
GetLastError
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
CreateFileA
GetModuleFileNameA
SetCurrentDirectoryA
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetLocaleInfoW
SetEnvironmentVariableA
GetCurrentDirectoryA
GetCommandLineA
SetConsoleCtrlHandler
OpenProcess
GetConsoleScreenBufferInfo
GetStdHandle
GetEnvironmentVariableA
OutputDebugStringA
GetModuleHandleA
GetPrivateProfileStringA
GetTickCount
CreateThread
CreateNamedPipeA
GetOverlappedResult
ConnectNamedPipe
CreateEventA
ReadFile
WriteFile
CancelIo
DisconnectNamedPipe
SetConsoleWindowInfo
SetConsoleScreenBufferSize
Sleep
GetConsoleTitleA
SetConsoleTitleA
DeleteFileA
FindClose
FindFirstFileA
TerminateProcess
GetExitCodeProcess
WriteConsoleA
LocalFree
FormatMessageA
SetConsoleCursorPosition
SetConsoleTextAttribute
ReadConsoleInputA
FindNextFileA
CreateProcessA
CreatePipe
SetEnvironmentVariableW
WideCharToMultiByte
MultiByteToWideChar
ReadConsoleA
SetConsoleMode
MoveFileA
CreateDirectoryA
RemoveDirectoryA
FileTimeToSystemTime
WriteConsoleInputW
GenerateConsoleCtrlEvent
ReadConsoleOutputW
WriteConsoleW
PeekNamedPipe
HeapSize
HeapReAlloc
QueryPerformanceCounter
VirtualQuery
GetSystemInfo
CompareStringA
CompareStringW
GetLocalTime
InterlockedIncrement
InterlockedDecrement
InterlockedExchange
DeleteCriticalSection
GetTimeFormatA
GetDateFormatA
GetSystemTimeAsFileTime
RtlUnwind
RaiseException
HeapFree
HeapAlloc
GetVersionExA
LCMapStringA
LCMapStringW
GetCPInfo
GetACP
GetOEMCP
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
GetTimeZoneInformation
VirtualProtect
VirtualAlloc
SetEndOfFile

user32

MessageBoxA
FindWindowA
PostMessageW
MapVirtualKeyA

advapi32

ImpersonateLoggedOnUser
RevertToSelf

Sections

.text
Size: 484KB - Virtual size: 481KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
plugin/winsshd/SSHDShell.exe
.exe windows:4 windows x86 arch:x86

1d4d811124f8fed5d04911fd3d0c0a83

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateProcessA
OutputDebugStringA
GetModuleFileNameA
ExitProcess
GetModuleHandleA
GetCommandLineA
GetVersionExA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetProcAddress
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
SetFilePointer
HeapAlloc
LoadLibraryA
RtlUnwind
InterlockedExchange
VirtualQuery
GetACP
GetOEMCP
GetCPInfo
VirtualAlloc
HeapReAlloc
SetStdHandle
HeapSize
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
FlushFileBuffers
GetLocaleInfoA
VirtualProtect
GetSystemInfo
CloseHandle

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
plugin/winsshd/WinSSHD.dll
.dll windows:4 windows x86 arch:x86

618d6933a6a4283eb13747360af608c4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentProcess
TlsAlloc
ResumeThread
DuplicateHandle
GetCurrentThreadId
TlsSetValue
SetThreadPriority
Sleep
TlsGetValue
CloseHandle
CreateSemaphoreA
GetLastError
LeaveCriticalSection
EnterCriticalSection
CreateProcessA
GetExitCodeProcess
SetConsoleCtrlHandler
DisconnectNamedPipe
CancelIo
WriteFile
ReadFile
CreateFileA
GetPrivateProfileStringA
GetEnvironmentVariableA
GetModuleFileNameA
LocalFree
GetLocalTime
TerminateProcess
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
ExitProcess
DeleteCriticalSection
InitializeCriticalSection
GetModuleHandleA
GetCurrentDirectoryA
SetCurrentDirectoryA
OpenProcess
CreateThread
OutputDebugStringA
WaitForSingleObject
TerminateThread
InterlockedIncrement
InterlockedDecrement
GetCurrentThread

msvcp71

?_Nomemory@std@@YAXXZ
?endl@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
?resize@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXID@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AA_N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_N@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAH@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?replace@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@IIPBD@Z
?find_last_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?str@?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??0?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAE@XZ
?open@?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAEXPBDHH@Z
?close@?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAEXXZ
??_D?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAEXXZ
?setw@std@@YA?AU?$_Smanip@H@1@H@Z
??$?6U?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBD@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@G@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
?clear@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
?push_back@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXD@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
??0?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@K@Z
?str@?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
?replace@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@IIABV12@@Z
??_D?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
?_Unlock@_Mutex@std@@QAEXXZ
?_Lock@_Mutex@std@@QAEXXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?clear@ios_base@std@@QAEXH_N@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?uncaught_exception@std@@YA_NXZ
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ID@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

msvcr71

__security_error_handler
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
memmove
??0exception@@QAE@XZ
??1exception@@UAE@XZ
_purecall
??3@YAXPAX@Z
??0exception@@QAE@ABV0@@Z
__CxxFrameHandler
_CxxThrowException
??_V@YAXPAX@Z
printf
_except_handler3
?terminate@@YAXXZ
__CppXcptFilter
_adjust_fdiv
_initterm
free
_onexit
__dllonexit
_stricmp
??1type_info@@UAE@XZ
_callnewh
malloc
_beginthreadex
_endthreadex

cl32

cryptCreateContext
cryptSetAttributeString
cryptGenerateKey
cryptKeysetOpen
cryptAddPrivateKey
cryptKeysetClose
cryptGetAttribute
cryptSetAttribute
cryptDestroySession
cryptInit
cryptEnd
cryptAddRandom

psapi

GetModuleBaseNameA

ws2_32

WSAStartup
WSAGetLastError
accept
closesocket
recv
shutdown
inet_ntoa
getpeername
ntohs
WSADuplicateSocketA
listen
bind
socket
inet_addr
htonl
htons

advapi32

FreeSid
GetNamedSecurityInfoA
AllocateAndInitializeSid
SetEntriesInAclA
SetNamedSecurityInfoA

Exports

Exports

DllGetClassFactory

Sections

.text
Size: 64KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 608B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
plugin/winsshd/cl32.dll
.dll regsvr32 windows:4 windows x86 arch:x86

c73f6cb3fb34fecc277701358feb9bfe

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WriteFile
FlushFileBuffers
SetFilePointer
SetFileTime
SetEndOfFile
GetFileSize
CreateDirectoryA
GetFileAttributesA
GetWindowsDirectoryA
GetVersionExA
GlobalFree
GetCurrentThreadId
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualLock
VirtualUnlock
ReadFile
WaitForSingleObject
Sleep
QueryPerformanceCounter
DisableThreadLibraryCalls
GetModuleHandleA
UnmapViewOfFile
MapViewOfFile
OpenFileMappingA
GetStartupInfoA
GetProcessWorkingSetSize
GetProcessTimes
GetThreadTimes
GlobalMemoryStatus
GetTickCount
GetProcessHeap
GetCurrentProcessId
DeviceIoControl
CreateFileA
GetFileType
SetErrorMode
DeleteFileA
GetFullPathNameA
GetDriveTypeA
GetCurrentThread
GetCurrentProcess
CloseHandle
GetLastError
LoadLibraryA
GetProcAddress
FreeLibrary
IsBadReadPtr
GetSystemInfo
IsBadWritePtr

user32

GetActiveWindow
GetCapture
GetClipboardOwner
GetClipboardViewer
GetDesktopWindow
GetFocus
GetMessagePos
GetMessageTime
GetOpenClipboardWindow
GetProcessWindowStation
GetCaretPos
GetCursorPos
MessageBoxA
GetInputState

advapi32

GetSidSubAuthority
InitializeSid
LookupAccountSidA
GetTokenInformation
OpenProcessToken
OpenThreadToken
SetSecurityDescriptorDacl
AddAccessAllowedAce
InitializeAcl
SetSecurityDescriptorOwner
InitializeSecurityDescriptor
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
EqualSid

msvcr71

_vsnprintf
time
mbstowcs
wcstombs
realloc
_onexit
rand
_initterm
_adjust_fdiv
__CppXcptFilter
_except_handler3
__dllonexit
mktime
free
malloc
_strnicmp
_snprintf
isdigit
toupper
isalnum
isprint
memmove
strncmp
sscanf
atoi
_stricmp
wcslen
isxdigit
tolower
isalpha
_endthreadex
_beginthreadex
strchr
strstr
gmtime

Exports

Exports

DllRegisterServer
cryptAddCertExtension
cryptAddPrivateKey
cryptAddPublicKey
cryptAddRandom
cryptAlgoFromString
cryptAsyncCancel
cryptAsyncQuery
cryptCAAddItem
cryptCACertManagement
cryptCADeleteItem
cryptCAGetItem
cryptCheckCert
cryptCheckSignature
cryptCheckSignatureEx
cryptCreateCert
cryptCreateContext
cryptCreateEnvelope
cryptCreateSession
cryptCreateSignature
cryptCreateSignatureEx
cryptDecrypt
cryptDeleteAttribute
cryptDeleteCertExtension
cryptDeleteKey
cryptDestroyCert
cryptDestroyContext
cryptDestroyEnvelope
cryptDestroyObject
cryptDestroySession
cryptDeviceClose
cryptDeviceCreateContext
cryptDeviceOpen
cryptDeviceQueryCapability
cryptEncrypt
cryptEnd
cryptExportCert
cryptExportKey
cryptExportKeyEx
cryptFlushData
cryptGenerateKey
cryptGenerateKeyAsync
cryptGetAttribute
cryptGetAttributeString
cryptGetCertExtension
cryptGetKey
cryptGetPrivateKey
cryptGetPublicKey
cryptImportCert
cryptImportKey
cryptImportKeyEx
cryptInit
cryptKeysetClose
cryptKeysetOpen
cryptLogin
cryptLogout
cryptPopData
cryptPushData
cryptQueryCapability
cryptQueryObject
cryptSetAlgoList
cryptSetAttribute
cryptSetAttributeString
cryptSignCert

Sections

.text
Size: 672KB - Virtual size: 670KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 180KB - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 800B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
plugin/winsshd/kts.ini
.vbs
plugin/winsshd/scripts/__shell.bat
.bat .vbs
plugin/winsshd/telnet.ini
plugin/winsshd/tools/vim.exe
.exe windows:4 windows x86 arch:x86

b896fa3be43f8f72c3345a2689c05e5d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocaleInfoA
IsBadReadPtr
VirtualQuery
GetSystemInfo
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
Sleep
SetConsoleTitleA
GetTickCount
GetCurrentProcessId
GetConsoleTitleA
GetModuleHandleA
MulDiv
SetConsoleTitleW
GlobalSize
LocalFree
FormatMessageA
GetModuleFileNameA
GetVersionExA
SetConsoleMode
GetConsoleMode
ReadConsoleInputA
PeekConsoleInputA
WaitForSingleObject
GetNumberOfConsoleMouseButtons
SetConsoleCursorPosition
SetConsoleCursorInfo
CreateFileA
FillConsoleOutputAttribute
FillConsoleOutputCharacterA
GetConsoleScreenBufferInfo
SetConsoleWindowInfo
ReadConsoleOutputA
WriteConsoleOutputA
SetConsoleTextAttribute
SetConsoleScreenBufferSize
GetConsoleCursorInfo
GetConsoleCP
SetErrorMode
GetComputerNameA
GetCurrentDirectoryA
GetCurrentDirectoryW
GetFileAttributesA
GetFileAttributesW
SetFileAttributesA
SetFileAttributesW
CloseHandle
GetFileInformationByHandle
CreateFileW
GetFileType
SetConsoleCtrlHandler
GetLargestConsoleWindowSize
CreateProcessA
ScrollConsoleScreenBufferA
WriteConsoleOutputAttribute
ReadConsoleOutputAttribute
WriteConsoleOutputCharacterA
DeleteFileW
GlobalMemoryStatus
GetTempFileNameW
GetFullPathNameW
MoveFileW
MoveFileA
GetFullPathNameA
WriteFile
BackupRead
BackupSeek
GetCommandLineW
SearchPathA
SearchPathW
GetStartupInfoA
CreatePipe
TerminateProcess
FindFirstFileW
FindFirstFileA
GetExitCodeProcess
RaiseException
GetOEMCP
FindNextFileW
FindNextFileA
FindClose
GetLastError
IsDBCSLeadByteEx
LoadLibraryA
GetProcAddress
GetACP
FreeLibrary
IsValidCodePage
GetCPInfo
MultiByteToWideChar
WideCharToMultiByte
GetTempPathA
GetTempFileNameA
DeleteFileA
QueryPerformanceFrequency
QueryPerformanceCounter
GetStdHandle
GetShortPathNameA
GetLocaleInfoW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
InitializeCriticalSection
SetEndOfFile
UnhandledExceptionFilter
CompareStringW
CompareStringA
HeapSize
InterlockedExchange
IsBadWritePtr
VirtualFree
HeapCreate
HeapDestroy
GetStringTypeW
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
SetHandleCount
FlushFileBuffers
GetTimeZoneInformation
LCMapStringW
LCMapStringA
FatalAppExitA
DeleteCriticalSection
TlsGetValue
TlsSetValue
TlsFree
GetCurrentThread
GetCurrentThreadId
SetLastError
TlsAlloc
SetEnvironmentVariableA
GetDriveTypeA
SetFilePointer
DuplicateHandle
ReadFile
GetCommandLineA
SetStdHandle
SetCurrentDirectoryA
SetCurrentDirectoryW
SetEnvironmentVariableW
GetDriveTypeW
FileTimeToLocalFileTime
FileTimeToSystemTime
RtlUnwind
VirtualAlloc
VirtualProtect
HeapFree
HeapAlloc
HeapReAlloc
GetCurrentProcess
ExitProcess
CreateDirectoryA
LeaveCriticalSection
GetSystemTimeAsFileTime
GetTimeFormatA
GetDateFormatA
EnterCriticalSection

advapi32

GetUserNameA

shell32

ExtractIconA
CommandLineToArgvW

gdi32

EnumFontFamiliesA
SetTextColor
GetNearestColor
SetBkColor
SetBkMode
SelectObject
TextOutA
StartPage
SetTextAlign
EndDoc
SetAbortProc
StartDocA
GetTextMetricsA
GetDeviceCaps
DeleteDC
DeleteObject
CreateFontIndirectA
EndPage
CreateDCA

comdlg32

PrintDlgA
CommDlgExtendedError

ole32

CoInitialize
CoCreateInstance
CoUninitialize

user32

RegisterClipboardFormatA
LoadKeyboardLayoutA
ToAscii
MsgWaitForMultipleObjects
RegisterClassA
CreateWindowExA
DefWindowProcA
IsClipboardFormatAvailable
GetClipboardData
GetWindowDC
ReleaseDC
IsWindow
EnumWindows
GetClassNameA
GetWindowTextA
CreateDialogParamA
SendMessageA
GetDesktopWindow
CopyRect
OffsetRect
SetDlgItemInt
SetForegroundWindow
TranslateMessage
GetSystemMetrics
PeekMessageA
IsDialogMessageA
GetParent
EnableWindow
DestroyWindow
SystemParametersInfoA
SendDlgItemMessageA
GetDlgItemTextA
SetDlgItemTextA
SetWindowTextA
GetSystemMenu
EnableMenuItem
BringWindowToTop
SetWindowPos
GetWindowRect
wsprintfA
FindWindowA
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
CharUpperBuffA
CharLowerBuffA
MapVirtualKeyA
MessageBeep
DispatchMessageA

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 164KB - Virtual size: 191KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
plugin/winsshd/utf-8.ini
privacyguard.dll
.dll windows:4 windows x86 arch:x86

bbffa3912b58fff6057ba6fc5e7fc544

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

fltk

??1Window@fltk@@UAE@XZ
??1Browser@fltk@@UAE@XZ
??1TabGroupEx@fltk@@UAE@XZ
??1Button@fltk@@UAE@XZ
??1CheckButton@fltk@@UAE@XZ
??1Widget@fltk@@UAE@XZ
??1Group@fltk@@UAE@XZ
?current_@Group@fltk@@0PAV12@A
??0Group@fltk@@QAE@HHHHPBD_N@Z
??0Widget@fltk@@QAE@HHHHPBD@Z
?FLAT_BOX@fltk@@3QAVSymbol@1@A
?box@Widget@fltk@@QAEXPAVSymbol@2@@Z
?color@Widget@fltk@@QAEXI@Z
?NO_BOX@fltk@@3QAVSymbol@1@A
??0CheckButton@fltk@@QAE@HHHHPBD@Z
?labelcolor@Widget@fltk@@QAEXI@Z
??0Button@fltk@@QAE@HHHHPBD@Z
??0TabGroupEx@fltk@@QAE@HHHH@Z
??0Browser@fltk@@QAE@HHHHPBD@Z
??0Window@fltk@@QAE@HHHHPBD_N@Z
?insert_column@Browser@fltk@@QAEHHPBDH@Z
?insert_page@TabGroupEx@fltk@@QAEHHPAVWidget@2@IPAVImage@2@@Z
?draw@Widget@fltk@@UAEXXZ
?show@Window@fltk@@QAEXXZ
?draw@CheckButton@fltk@@UAEXXZ
?handle@Button@fltk@@UAEHH@Z
?draw@Button@fltk@@UAEXXZ
?draw@TabGroupEx@fltk@@UAEXXZ
?handle@TabGroupEx@fltk@@UAEHH@Z
?layout@TabGroupEx@fltk@@UAEXXZ
?draw@Browser@fltk@@UAEXXZ
?handle@Browser@fltk@@UAEHH@Z
?layout@Browser@fltk@@UAEXXZ
?draw@Window@fltk@@UAEXXZ
?handle@Window@fltk@@UAEHH@Z
?layout@Window@fltk@@UAEXXZ
?draw_overlay@Window@fltk@@UAEXXZ
?destroy@Window@fltk@@UAEXXZ
?flush@Window@fltk@@UAEXXZ
?on_create@Window@fltk@@UAEXXZ
?on_notify@Window@fltk@@UAEXII@Z
?create@Window@fltk@@MAEXXZ
?goto_index@Browser@fltk@@QAEPAVWidget@2@H@Z
?find@Group@fltk@@QBEHPBVWidget@2@@Z
?remove@Group@fltk@@QAEXH@Z
?add_group@Menu@fltk@@QAEPAVGroup@2@PBDPAV32@PAX@Z
?getImage@ImageManager@fltk@@SAPAVImage@2@PBDH_N@Z
?add_leaf@Menu@fltk@@QAEPAVWidget@2@PBDPAVGroup@2@PAX@Z
?deactivate@Widget@fltk@@QAEXXZ
??1Input@fltk@@UAE@XZ
?show@Widget@fltk@@QAEXXZ
?current_page@TabGroupEx@fltk@@QAEXH@Z
?translate_text@fltk@@YAPBDII@Z
?handle@Widget@fltk@@UAEHH@Z
?QMessageBox@fltk@@YAHPBD0II@Z
?goto_top@Browser@fltk@@QAEPAVWidget@2@XZ
?next@Browser@fltk@@QAEPAVWidget@2@XZ
?state@Widget@fltk@@QAE_N_N@Z
?text@Input@fltk@@QAE_NPBD@Z
?hide@Widget@fltk@@QAEXXZ
?activate@Widget@fltk@@QAEXXZ
?e_keysym@fltk@@3IA
??0Input@fltk@@QAE@HHHHPBD@Z
?draw@Input@fltk@@UAEXXZ
?handle@Input@fltk@@UAEHH@Z
?layout@Widget@fltk@@UAEXXZ
?replace@Input@fltk@@UAE_NHHPBDH@Z
?release_impl@CaptionWindow@fltk@@SAXPAVCaptionWinImpl@2@@Z
??1CaptionWindow@fltk@@UAE@XZ
??0CaptionWindow@fltk@@QAE@HHHHPBDPAVNonClientFactory@1@@Z
?create_impl@CaptionWindow@fltk@@SAXPAV12@H@Z
?draw@Group@fltk@@UAEXXZ
?handle@Group@fltk@@UAEHH@Z
?layout@Group@fltk@@UAEXXZ
?asynCall@Widget@fltk@@UAEXHHH@Z

kernel32

ExitProcess
WideCharToMultiByte
GetVersionExW
GlobalFree
DeleteFileW
GetModuleFileNameW
LoadLibraryW
GetProcAddress
FreeLibrary
MultiByteToWideChar
OutputDebugStringW
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
DeleteCriticalSection
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetSystemTimeAsFileTime

user32

SendMessageW

advapi32

RegSetValueExW
RegOpenKeyW
RegQueryValueExW
RegCloseKey
RegOpenKeyExW

shell32

DragQueryFileW
SHBrowseForFolderW
SHChangeNotify
SHGetPathFromIDListW

msvcr71

??1type_info@@UAE@XZ
_initterm
_adjust_fdiv
__CppXcptFilter
?terminate@@YAXXZ
__dllonexit
_onexit
__security_error_handler
strchr
strncmp
isalnum
isalpha
tolower
isspace
fprintf
_snprintf
fopen
_purecall
malloc
free
_vsnprintf
_wcsicmp
wcslen
_waccess
strstr
_wfopen
fseek
ftell
fread
fclose
atoi
sprintf
memmove
_CxxThrowException
??0exception@@QAE@ABV0@@Z
wcsrchr
wcscpy
??_U@YAPAXI@Z
_vsnwprintf
??_V@YAXPAX@Z
??2@YAPAXI@Z
??3@YAXPAX@Z
__CxxFrameHandler
??0exception@@QAE@XZ
??1exception@@UAE@XZ
_except_handler3

msvcp71

?resize@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
?_Xran@_String_base@std@@QBEXXZ
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?peek@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEHXZ
?get@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEHXZ
?reserve@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
??4?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@PBG@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?compare@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEHABV12@@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??4?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBG@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV01@@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?assign@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@PBG@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
??1?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z

Exports

Exports

?QInitPrivacyGuard@@YA_NXZ
?QInitPrivacyGuardDriver@@YAHXZ
?QReleasePrivacyGuard@@YAXXZ
?QShowPrivacyGuard@@YA_N_N@Z

Sections

.text
Size: 56KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
shortcut.xml
update.exe
.exe windows:4 windows x86 arch:x86

d8cac6204fa7694a2299edb3f16d9e8a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileA
RemoveDirectoryA
FindClose
FindNextFileA
FindFirstFileA
CreateDirectoryA
GetLastError
CopyFileA
Sleep
GetModuleFileNameA
SetEndOfFile
ExitProcess
RtlUnwind
RaiseException
GetFileAttributesA
GetModuleHandleA
GetCommandLineA
GetVersionExA
HeapAlloc
HeapFree
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
GetCPInfo
GetACP
GetOEMCP
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
GetProcAddress
TerminateProcess
GetCurrentProcess
CloseHandle
WriteFile
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
IsBadReadPtr
IsBadCodePtr
FlushFileBuffers
SetFilePointer
HeapSize
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetStringTypeA
GetStringTypeW
VirtualProtect
GetSystemInfo
VirtualQuery
LoadLibraryA
InterlockedExchange
SetStdHandle
ReadFile
CreateFileA
GetLocaleInfoW

user32

MessageBoxA

shell32

ShellExecuteExA

Sections

.text
Size: 56KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
update.exe.manifest
vnchooks.dll
.dll windows:4 windows x86 arch:x86

f95f098afe65a021dc5f1f6db1136ed5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetTimeZoneInformation
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
LCMapStringW
VirtualProtect
GetStringTypeW
MultiByteToWideChar
GetStringTypeA
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetSystemInfo
GetLocaleInfoW
CompareStringW
CompareStringA
Sleep
GlobalAddAtomA
GetModuleHandleA
LCMapStringA
GetModuleFileNameA
HeapFree
HeapAlloc
GetCurrentThreadId
GetCommandLineA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
FatalAppExitA
EnterCriticalSection
VirtualAlloc
HeapReAlloc
IsBadWritePtr
ExitProcess
GetProcAddress
TerminateProcess
GetCurrentProcess
TlsAlloc
SetLastError
GetLastError
GetCurrentThread
TlsFree
TlsSetValue
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
UnhandledExceptionFilter
WriteFile
InitializeCriticalSection
RtlUnwind
InterlockedExchange
VirtualQuery
GetACP
GetOEMCP
GetCPInfo
LoadLibraryA
HeapSize
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
GetLocaleInfoA
SetEnvironmentVariableA

user32

RegisterWindowMessageA
GetUpdateRgn
GetPropA
SetPropA
FindWindowA
EnumWindows
SetWindowsHookExA
UnhookWindowsHookEx
CallNextHookEx
GetCursor
IsWindowVisible
GetWindowRect
PostMessageA
PostThreadMessageA
GetClientRect
ClientToScreen
RemovePropA

gdi32

GetRegionData
DeleteObject
CreateRectRgn

advapi32

RegQueryValueExA
RegCreateKeyExA
RegOpenKeyExA
RegCloseKey
RegSetValueExA

Exports

Exports

HooksType
SetCapturedWnd
SetHooks
SetKeyboardFilterHook
SetMouseFilterHook
UnSetHooks

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.SharedD
Size: 4KB - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
˵.txt
.url
.url

Sharing

General

Malware Config

Signatures

Files

099c0646ea7282d232219f8807883be0

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 23KB - Virtual size: 22KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 107KB

.ndata Size: - Virtual size: 92KB

.rsrc Size: 161KB - Virtual size: 160KB

2017f2acbdaa42ab3e4adeb8b4c37e7b

Headers

File Characteristics

Imports

kernel32

user32

ole32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 7KB

.rdata Size: 1024B - Virtual size: 784B

.data Size: 512B - Virtual size: 100B

.reloc Size: 1024B - Virtual size: 520B

1e2884056e655f2b7bc5a904e352fc80

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comdlg32

ole32

Exports

Exports

Sections

.text Size: 4KB - Virtual size: 4KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 4KB

.rsrc Size: 512B - Virtual size: 152B

.reloc Size: 1024B - Virtual size: 572B

Headers

File Characteristics

Exports

Exports

Sections

CODE Size: 200KB - Virtual size: 200KB

DATA Size: 4KB - Virtual size: 4KB

BSS Size: - Virtual size: 2KB

.idata Size: 6KB - Virtual size: 5KB

.edata Size: 512B - Virtual size: 147B

.rdata Size: 512B - Virtual size: 47B

.reloc Size: 13KB - Virtual size: 12KB

.rsrc Size: 5KB - Virtual size: 5KB

faa9d66500ccc5e89f0857ff5b386203

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 24KB - Virtual size: 22KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 4KB - Virtual size: 7KB

.text
Size: 23KB - Virtual size: 22KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 107KB

.ndata
Size: - Virtual size: 92KB

.rsrc
Size: 161KB - Virtual size: 160KB

.text
Size: 7KB - Virtual size: 7KB

.rdata
Size: 1024B - Virtual size: 784B

.data
Size: 512B - Virtual size: 100B

.reloc
Size: 1024B - Virtual size: 520B

.text
Size: 4KB - Virtual size: 4KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 4KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1024B - Virtual size: 572B

CODE
Size: 200KB - Virtual size: 200KB

DATA
Size: 4KB - Virtual size: 4KB

BSS
Size: - Virtual size: 2KB

.idata
Size: 6KB - Virtual size: 5KB

.edata
Size: 512B - Virtual size: 147B

.rdata
Size: 512B - Virtual size: 47B

.reloc
Size: 13KB - Virtual size: 12KB

.rsrc
Size: 5KB - Virtual size: 5KB

.text
Size: 24KB - Virtual size: 22KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 4KB - Virtual size: 7KB

.rsrc
Size: 4KB - Virtual size: 16B

.text
Size: 216KB - Virtual size: 214KB

.rdata
Size: 52KB - Virtual size: 50KB

.data
Size: 8KB - Virtual size: 11KB

.SharedD
Size: 4KB - Virtual size: 4B

.rsrc
Size: 164KB - Virtual size: 163KB

.text
Size: 4KB - Virtual size: 4KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 160B

.reloc
Size: 1024B - Virtual size: 542B

.text
Size: 7KB - Virtual size: 7KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 208B

.reloc
Size: 2KB - Virtual size: 1KB

.text
Size: 10KB - Virtual size: 9KB