webplugin[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

webplugin.exe
Size

2.7MB
MD5

0d66df26dba800b17e5a2fb962c6a256
SHA1

9d3a1f83c02de43c319451b908ef04402835edb2
SHA256

ad1bea8169e4739090149018324837024e34a7db0a4124eb83294fc126b6cf8d
SHA512

c0459fa9efc298e005bafd479da7fff93b1b79aef690ff1dee9cc6e67bd75f4c72c89f8367eb99a03ac762779e85667af9170c8b7237c13d0cfb46cf9e6b5583
SSDEEP

49152:wNxGze+vuv8rk2Cklg5jMcAn0RP7I5C/c1P7wRC7kr+A9W3wqlRRSaxVDV:M47J4LucPNr01TwRC7k6A9oXkEZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/$PLUGINSDIR/nsExec.dll

NSIS installer 2 IoCs

installer

resource	yara_rule
sample	nsis_installer_1
sample	nsis_installer_2

Files

webplugin.exe
.exe windows:4 windows x86 arch:x86

57e98d9a5a72c8d7ad8fb7a6a58b3daf

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

67:18:35:8e:47:95:3c:27:ab:33:8c:2c
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

13/12/2018, 02:03

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

67:18:35:8e:47:95:3c:27:ab:33:8c:2c
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

13/12/2018, 02:03

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

a2:b0:d5:c5:e9:e6:63:16:d0:72:c5:35:e6:8e:1d:5c:20:28:b6:f5:9d:75:4d:62:d7:f4:01:10:05:ad:17:b2
Signer

Actual PE Digest

a2:b0:d5:c5:e9:e6:63:16:d0:72:c5:35:e6:8e:1d:5c:20:28:b6:f5:9d:75:4d:62:d7:f4:01:10:05:ad:17:b2

Digest Algorithm

sha256

PE Digest Matches

true

64:aa:4c:d0:0b:fa:8e:5f:8f:25:61:fa:db:5c:e3:a3:de:d2:6a:97
Signer

Actual PE Digest

64:aa:4c:d0:0b:fa:8e:5f:8f:25:61:fa:db:5c:e3:a3:de:d2:6a:97

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEnvironmentVariableA
CreateFileA
GetFileSize
GetModuleFileNameA
ReadFile
GetCurrentProcess
CopyFileA
Sleep
GetTickCount
GetWindowsDirectoryA
GetTempPathA
GetCommandLineA
lstrlenA
GetVersion
SetErrorMode
lstrcpynA
ExitProcess
SetCurrentDirectoryA
GlobalLock
CreateThread
GetLastError
CreateDirectoryA
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
WriteFile
lstrcpyA
MoveFileExA
lstrcatA
GetSystemDirectoryA
GetProcAddress
GetExitCodeProcess
WaitForSingleObject
CompareFileTime
SetFileAttributesA
GetFileAttributesA
GetShortPathNameA
MoveFileA
GetFullPathNameA
SetFileTime
SearchPathA
CloseHandle
lstrcmpiA
GlobalUnlock
GetDiskFreeSpaceA
lstrcmpA
FindFirstFileA
FindNextFileA
DeleteFileA
SetFilePointer
GetPrivateProfileStringA
FindClose
MultiByteToWideChar
FreeLibrary
MulDiv
WritePrivateProfileStringA
LoadLibraryExA
GetModuleHandleA
GlobalAlloc
GlobalFree
ExpandEnvironmentStringsA

user32

ScreenToClient
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
PostQuitMessage
GetWindowRect
EnableMenuItem
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
ReleaseDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndDialog
RegisterClassA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
ExitWindowsEx
GetDC
CreateDialogParamA
SetTimer
GetDlgItem
SetWindowLongA
SetForegroundWindow
LoadImageA
IsWindow
SendMessageTimeoutA
FindWindowExA
OpenClipboard
TrackPopupMenu
AppendMenuA
EndPaint
DestroyWindow
wsprintfA
ShowWindow
SetWindowTextA

gdi32

SelectObject
SetBkMode
CreateFontIndirectA
SetTextColor
DeleteObject
GetDeviceCaps
CreateBrushIndirect
SetBkColor

shell32

SHGetSpecialFolderLocation
ShellExecuteExA
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
SHFileOperationA

advapi32

AdjustTokenPrivileges
RegCreateKeyExA
RegOpenKeyExA
SetFileSecurityA
OpenProcessToken
LookupPrivilegeValueA
RegEnumValueA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegSetValueExA
RegQueryValueExA
RegEnumKeyA

comctl32

ImageList_Create
ImageList_AddMasked
ImageList_Destroy
ord17

ole32

OleUninitialize
OleInitialize
CoTaskMemFree
CoCreateInstance

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/nsExec.dll
.dll windows:4 windows x86 arch:x86

46f8b6973f33717335c0f6d8087de67b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
lstrlenA
GetExitCodeProcess
WaitForSingleObject
Sleep
TerminateProcess
GlobalReAlloc
GlobalUnlock
GlobalSize
lstrcpynA
ReadFile
PeekNamedPipe
GetTickCount
lstrcpyA
CreateProcessA
GetStartupInfoA
GetProcAddress
GetVersion
DeleteFileA
lstrcmpiA
GetCurrentProcess
CloseHandle
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
CreateFileA
CopyFileA
GetTempFileNameA
GlobalFree
GlobalAlloc
GetModuleFileNameA
ExitProcess
GetCommandLineA
CreatePipe
GlobalLock
lstrcatA

user32

SendMessageA
OemToCharBuffA
FindWindowExA
CharNextA
wsprintfA
CharPrevA

advapi32

InitializeSecurityDescriptor
SetSecurityDescriptorDacl

Exports

Exports

Exec
ExecToLog
ExecToStack

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 458B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
FisheyeCtrl.dll
.dll windows:4 windows x86 arch:x86

e2080d6f3bf865f99b72312d928b0564

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

67:18:35:8e:47:95:3c:27:ab:33:8c:2c
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

13/12/2018, 02:03

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

67:18:35:8e:47:95:3c:27:ab:33:8c:2c
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

13/12/2018, 02:03

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

4e:6c:f8:61:e1:06:c5:34:8b:2e:6b:77:99:09:4a:15:45:a5:dd:7a:53:7e:ca:09:76:c2:46:0e:8d:36:03:0d
Signer

Actual PE Digest

4e:6c:f8:61:e1:06:c5:34:8b:2e:6b:77:99:09:4a:15:45:a5:dd:7a:53:7e:ca:09:76:c2:46:0e:8d:36:03:0d

Digest Algorithm

sha256

PE Digest Matches

true

44:fa:66:b5:29:8b:b4:d1:dc:2a:10:f9:9c:5d:63:00:3c:2b:bf:9d
Signer

Actual PE Digest

44:fa:66:b5:29:8b:b4:d1:dc:2a:10:f9:9c:5d:63:00:3c:2b:bf:9d

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

??1type_info@@UAE@XZ
_adjust_fdiv
malloc
_initterm
free
_onexit
__dllonexit
fabs
pow
atan
_purecall
sscanf
strlen
sqrt
vsprintf
memcpy
abs
sprintf
_ftol
memset
??2@YAPAXI@Z
__CxxFrameHandler
??3@YAXPAX@Z

msvcp60

?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0_Lockit@std@@QAE@XZ
??1_Lockit@std@@QAE@XZ

winmm

timeGetTime

mfc42

ord1176
ord1575
ord1168
ord1577
ord1182
ord342
ord1243
ord1197
ord1570
ord1116
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord3953
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord561
ord815
ord6055
ord4078
ord1776
ord4407
ord5241
ord2385
ord1253
ord6374
ord4353
ord5290
ord3798
ord4837
ord4441
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5261
ord2446
ord5277
ord4627
ord3742
ord818
ord2124
ord2864
ord6467
ord567
ord4275
ord4299
ord6215
ord755
ord470
ord6880
ord269
ord826
ord600
ord1578
ord1255
ord5163

kernel32

LocalFree
GetTickCount
GetModuleHandleA
LoadLibraryA
FreeLibrary
GetProcessHeap
HeapAlloc
GetProcAddress
GetLastError
OutputDebugStringA
ReleaseMutex
CreateMutexA
SetThreadPriority
TerminateThread
CreateThread
WaitForSingleObject
ResetEvent
SetEvent
CloseHandle
CreateEventA
LocalAlloc

user32

CallNextHookEx
ClientToScreen
GetSystemMetrics
EnableWindow
UnhookWindowsHookEx
GetClientRect
SendMessageA
SetWindowsHookExA
IsWindow
ScreenToClient

Exports

Exports

CreateFisheye
ReleaseFisheye

Sections

.text
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IVSJsonSdk.dll
.dll windows:4 windows x86 arch:x86

b694d28733e6dc3f68a2376e0884525a

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

67:18:35:8e:47:95:3c:27:ab:33:8c:2c
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

13/12/2018, 02:03

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

67:18:35:8e:47:95:3c:27:ab:33:8c:2c
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

13/12/2018, 02:03

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

c7:e7:c8:4a:60:2d:70:39:cc:69:43:31:d6:1f:3e:e5:17:40:b6:ff:9f:b4:79:85:65:ae:9b:1b:18:b9:ce:c8
Signer

Actual PE Digest

c7:e7:c8:4a:60:2d:70:39:cc:69:43:31:d6:1f:3e:e5:17:40:b6:ff:9f:b4:79:85:65:ae:9b:1b:18:b9:ce:c8

Digest Algorithm

sha256

PE Digest Matches

true

ca:b6:a7:60:3b:2c:29:f0:e1:c8:55:c0:dc:21:d5:6a:b1:4d:40:33
Signer

Actual PE Digest

ca:b6:a7:60:3b:2c:29:f0:e1:c8:55:c0:dc:21:d5:6a:b1:4d:40:33

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WideCharToMultiByte
MultiByteToWideChar
OutputDebugStringA
DisableThreadLibraryCalls

msvcp60

??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
?size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDABV?$allocator@D@1@@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?compare@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEHIIPBDI@Z
?nothrow@std@@3Unothrow_t@1@B
?compare@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEHABV12@@Z
?resize@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBDABV10@@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
??0_Lockit@std@@QAE@XZ
??1_Lockit@std@@QAE@XZ
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBD0@Z
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??_7runtime_error@std@@6B@
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
??0runtime_error@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@@Z
??1runtime_error@std@@UAE@XZ
??0runtime_error@std@@QAE@ABV01@@Z
??1_Winit@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ
?_Freeze@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ

msvcrt

__dllonexit
_onexit
_adjust_fdiv
_initterm
?terminate@@YAXXZ
_except_handler3
_callnewh
malloc
free
_ftol
atoi
strcpy
memcpy
strcmp
__CxxFrameHandler
strncpy
sprintf
strlen
??2@YAPAXI@Z
memset
_purecall
??0exception@@QAE@ABV0@@Z
fputs
_iob
_CxxThrowException
??1exception@@UAE@XZ
??0exception@@QAE@ABQBD@Z
sscanf
??1type_info@@UAE@XZ

Exports

Exports

IVS_CLIENT_PacketData
IVS_CLIENT_ParseData

Sections

.text
Size: 152KB - Virtual size: 150KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IvsDrawer.dll
.dll windows:4 windows x86 arch:x86

b18f8c3e7977b21b32614ddfbbd24ea9

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

67:18:35:8e:47:95:3c:27:ab:33:8c:2c
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

13/12/2018, 02:03

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

67:18:35:8e:47:95:3c:27:ab:33:8c:2c
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

13/12/2018, 02:03

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

d3:1e:46:1c:68:51:6a:4d:35:79:90:93:76:06:a1:f7:75:22:48:8f:35:e1:c9:0d:71:07:b2:39:ae:99:15:55
Signer

Actual PE Digest

d3:1e:46:1c:68:51:6a:4d:35:79:90:93:76:06:a1:f7:75:22:48:8f:35:e1:c9:0d:71:07:b2:39:ae:99:15:55

Digest Algorithm

sha256

PE Digest Matches

true

f0:01:bf:e5:d7:e3:fc:78:b6:3d:1f:1d:fb:8d:90:53:b4:19:12:3d
Signer

Actual PE Digest

f0:01:bf:e5:d7:e3:fc:78:b6:3d:1f:1d:fb:8d:90:53:b4:19:12:3d

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryExA
DeleteCriticalSection
GetModuleFileNameA
FreeLibrary
GetProcAddress
InitializeCriticalSection
WideCharToMultiByte
MultiByteToWideChar
LeaveCriticalSection
EnterCriticalSection

user32

PtInRect
GetClientRect
GetWindowRect
FillRect
DrawTextA

gdi32

DeleteObject
CreateRectRgn
FillRgn
Ellipse
CreateSolidBrush
GetStockObject
GetBkMode
SetBkMode
CreatePen
MoveToEx
LineTo
SetTextColor
CreateFontIndirectA
Polyline
TextOutW
CreateCompatibleDC
CreateCompatibleBitmap
TextOutA
CreateBrushIndirect
SelectObject

msvcp60

?str@?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIABV12@I@Z
?length@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
??Mstd@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?nothrow@std@@3Unothrow_t@1@B
??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@XZ
??_F?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDABV?$allocator@D@1@@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$allocator@D@1@@Z
??8std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??_D?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
?size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBD@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
??0?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
?empty@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE_NXZ
??9std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAADI@Z

msvcrt

_adjust_fdiv
_initterm
?terminate@@YAXXZ
memset
memcpy
strlen
_snprintf
__CxxFrameHandler
_ftol
??2@YAPAXI@Z
sprintf
strncpy
strcmp
memcmp
strcpy
atoi
mktime
gmtime
_purecall
sin
cos
abs
atan2
sqrt
atan
strncat
free
_callnewh
malloc
__dllonexit
_onexit
_except_handler3

msimg32

AlphaBlend

Exports

Exports

DRAW_Clean
DRAW_Cleanup
DRAW_Close
DRAW_Draw
DRAW_GetLastError
DRAW_Idle
DRAW_InputAlarmData
DRAW_InputAlarmDataEx
DRAW_InputJpegData
DRAW_InputJsonData
DRAW_InputMoveCheckData
DRAW_InputRuleData
DRAW_InputTextData
DRAW_InputTrackData
DRAW_InputTrackDataEx2
DRAW_Ioctl
DRAW_Open
DRAW_Refresh
DRAW_Reset
DRAW_SetDrawOneTrackCallback
DRAW_SetEnable
DRAW_SetFrameNum
DRAW_SetLifeCount
DRAW_SetPen
DRAW_SetRuleColor
DRAW_SetRuleNameConfig
DRAW_SetRuleTrackAlarm
DRAW_SetShowTrackType
DRAW_SetShowType
DRAW_SetTime
DRAW_SetTrackEX2Sharp
DRAW_SetTrackEx2Config
DRAW_SetTrackObjectColor
DRAW_SetTranslateCallback
DRAW_Startup

Sections

.text
Size: 104KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 736B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IvsLogic.dll
.dll windows:4 windows x86 arch:x86

7a46ae122c44537b25f283799bf7451c

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

67:18:35:8e:47:95:3c:27:ab:33:8c:2c
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

13/12/2018, 02:03

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

67:18:35:8e:47:95:3c:27:ab:33:8c:2c
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

13/12/2018, 02:03

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

fe:f8:d0:b2:a3:71:d2:f0:c9:f7:b9:9f:a5:31:93:48:d7:d7:8f:a0:73:f6:c9:a4:81:ed:2d:4b:26:2c:6c:b5
Signer

Actual PE Digest

fe:f8:d0:b2:a3:71:d2:f0:c9:f7:b9:9f:a5:31:93:48:d7:d7:8f:a0:73:f6:c9:a4:81:ed:2d:4b:26:2c:6c:b5

Digest Algorithm

sha256

PE Digest Matches

true

6a:52:f6:58:a0:04:48:a3:a2:e8:d0:a0:13:cc:aa:67:e8:e5:be:d0
Signer

Actual PE Digest

6a:52:f6:58:a0:04:48:a3:a2:e8:d0:a0:13:cc:aa:67:e8:e5:be:d0

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
WaitForSingleObject
CreateMutexA
ReleaseMutex
FreeLibrary
OutputDebugStringA
GetLastError
LoadLibraryExA
GetModuleFileNameA
VirtualQuery
GetProcAddress
DisableThreadLibraryCalls

msvcp60

??0_Lockit@std@@QAE@XZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDABV?$allocator@D@1@@Z
??9std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@0@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??8std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??1_Lockit@std@@QAE@XZ
??8std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??8std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??9std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??Mstd@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z

msvcrt

sin
cos
atan
fabs
sqrt
__CxxFrameHandler
??2@YAPAXI@Z
_purecall
sprintf
strcat
strlen
memset
abs
strcmp
strncpy
memcpy
atoi
memcmp
printf
strcpy
free
__dllonexit
_onexit
_initterm
malloc
_adjust_fdiv
_ftol

Exports

Exports

CreateIvslogic
ReleaseIvsLogic
_IVS_CLIENT_PacketData@20
_IVS_CLIENT_ParseData@20

Sections

.text
Size: 132KB - Virtual size: 130KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
StreamClient.dll
.dll windows:4 windows x86 arch:x86

ea2593203304e493c91bfb4f315f5529

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

67:18:35:8e:47:95:3c:27:ab:33:8c:2c
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

13/12/2018, 02:03

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

67:18:35:8e:47:95:3c:27:ab:33:8c:2c
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

13/12/2018, 02:03

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

ed:f9:77:4a:87:9e:76:d9:08:cd:36:02:19:42:e0:8a:fc:8c:c4:96:5b:8c:20:dc:f5:46:85:e7:73:19:1c:1f
Signer

Actual PE Digest

ed:f9:77:4a:87:9e:76:d9:08:cd:36:02:19:42:e0:8a:fc:8c:c4:96:5b:8c:20:dc:f5:46:85:e7:73:19:1c:1f

Digest Algorithm

sha256

PE Digest Matches

true

9d:8f:2f:34:bb:0f:69:72:f4:a2:69:42:20:3b:0a:d8:4a:27:d9:02
Signer

Actual PE Digest

9d:8f:2f:34:bb:0f:69:72:f4:a2:69:42:20:3b:0a:d8:4a:27:d9:02

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

EnterCriticalSection
TryEnterCriticalSection
LeaveCriticalSection
InterlockedIncrement
InterlockedDecrement
QueryPerformanceCounter
QueryPerformanceFrequency
GetLocalTime
GetSystemTime
SetLocalTime
GetCurrentThreadId
Sleep
ExitThread
GetLastError
SetThreadPriority
CloseHandle
GetDiskFreeSpaceExA
InterlockedExchange
GetProcAddress
LoadLibraryA
TlsAlloc
TlsSetValue
TlsGetValue
TlsFree
GetTimeZoneInformation
CreateSemaphoreA
ReleaseSemaphore
CreateProcessA
GetCurrentProcessId
DeleteCriticalSection
GetModuleHandleA
GetSystemInfo
FreeLibrary
GetSystemDirectoryA
SetThreadAffinityMask
GetCurrentThread
WriteFile
GetFileSize
SetFilePointer
CreateFileA
MoveFileA
DeleteFileA
SetLastError
SystemTimeToFileTime
MultiByteToWideChar
GetVersion
GetFileType
FindNextFileA
FindFirstFileA
FindClose
GetTickCount
GlobalMemoryStatus
FlushConsoleInputBuffer
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetEndOfFile
IsValidLocale
EnumSystemLocalesA
InitializeCriticalSection
OutputDebugStringA
GetStdHandle
GetConsoleScreenBufferInfo
GetExitCodeThread
SetConsoleTextAttribute
WaitForSingleObject
VirtualQuery
FormatMessageA
GetModuleFileNameA
GetUserDefaultLCID
GetStringTypeW
GetStringTypeA
GetLocaleInfoW
GetLocaleInfoA
GetConsoleOutputCP
WriteConsoleA
DebugBreak
LCMapStringW
LCMapStringA
CreateFileW
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
SetStdHandle
FlushFileBuffers
GetCurrentDirectoryA
GetFullPathNameA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
SetHandleCount
LoadLibraryW
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetConsoleCP
WideCharToMultiByte
HeapSize
GetConsoleMode
SetConsoleMode
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapFree
WriteConsoleW
GetModuleFileNameW
CreateThread
GetCommandLineA
GetVersionExA
HeapAlloc
GetProcessHeap
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
RaiseException
RtlUnwind
ReadFile
CreateDirectoryA
RemoveDirectoryA
GetFileAttributesA
GetSystemTimeAsFileTime
HeapReAlloc
ExitProcess
SetConsoleCtrlHandler
ReadConsoleInputA

user32

GetUserObjectInformationW
MessageBoxA
GetProcessWindowStation

advapi32

ReportEventA
DeregisterEventSource
RegisterEventSourceA

ws2_32

getservbyport
gethostbyaddr
getservbyname
WSAStartup
WSACleanup
ntohl
inet_addr
htonl
WSAAddressToStringA
ntohs
htons
select
accept
recv
WSASetLastError
WSASend
send
setsockopt
getsockopt
socket
bind
connect
ioctlsocket
WSAGetLastError
getpeername
getsockname
closesocket
inet_ntoa
gethostname
gethostbyname
listen
sendto
recvfrom
shutdown
__WSAFDIsSet
WSAStringToAddressA

winmm

timeSetEvent
timeBeginPeriod
timeGetDevCaps
timeEndPeriod
timeKillEvent

Exports

Exports

??0FastWriter@Json@@QAE@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0FastWriterWrapper@Json@@QAE@ABVValue@1@I@Z
??0MemberNames@Json@@QAE@ABVValue@1@@Z
??0Path@Json@@QAE@ABV01@@Z
??0Path@Json@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABVPathArgument@1@1111@Z
??0PathArgument@Json@@QAE@ABV01@@Z
??0PathArgument@Json@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0PathArgument@Json@@QAE@I@Z
??0PathArgument@Json@@QAE@PBD@Z
??0PathArgument@Json@@QAE@XZ
??0Reader@Json@@QAE@ABV01@@Z
??0Reader@Json@@QAE@XZ
??0ReaderWrapper@Json@@QAE@XZ
??0StaticString@Json@@QAE@PBD@Z
??0StyledWriter@Json@@QAE@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0StyledWriter@Json@@QAE@ABV01@@Z
??0StyledWriterWrapper@Json@@QAE@ABVValue@1@I@Z
??0Value@Json@@QAE@ABV01@@Z
??0Value@Json@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0Value@Json@@QAE@ABVStaticString@1@@Z
??0Value@Json@@QAE@H@Z
??0Value@Json@@QAE@I@Z
??0Value@Json@@QAE@N@Z
??0Value@Json@@QAE@PBD0@Z
??0Value@Json@@QAE@PBD@Z
??0Value@Json@@QAE@W4ValueType@1@@Z
??0Value@Json@@QAE@_N@Z
??0ValueAllocator@Json@@QAE@ABV01@@Z
??0ValueAllocator@Json@@QAE@XZ
??0ValueConstIterator@Json@@AAE@ABViterator@?$_Tree@V?$_Tmap_traits@VCZString@Value@Json@@V23@U?$less@VCZString@Value@Json@@@std@@V?$allocator@U?$pair@$$CBVCZString@Value@Json@@V23@@std@@@5@$0A@@std@@@std@@@Z
??0ValueConstIterator@Json@@QAE@XZ
??0ValueIterator@Json@@AAE@ABViterator@?$_Tree@V?$_Tmap_traits@VCZString@Value@Json@@V23@U?$less@VCZString@Value@Json@@@std@@V?$allocator@U?$pair@$$CBVCZString@Value@Json@@V23@@std@@@5@$0A@@std@@@std@@@Z
??0ValueIterator@Json@@QAE@ABV01@@Z
??0ValueIterator@Json@@QAE@ABVValueConstIterator@1@@Z
??0ValueIterator@Json@@QAE@XZ
??0ValueIteratorBase@Json@@QAE@ABViterator@?$_Tree@V?$_Tmap_traits@VCZString@Value@Json@@V23@U?$less@VCZString@Value@Json@@@std@@V?$allocator@U?$pair@$$CBVCZString@Value@Json@@V23@@std@@@5@$0A@@std@@@std@@@Z
??0ValueIteratorBase@Json@@QAE@XZ
??1FastWriterWrapper@Json@@QAE@XZ
??1MemberNames@Json@@QAE@XZ
??1Path@Json@@QAE@XZ
??1PathArgument@Json@@QAE@XZ
??1ReaderWrapper@Json@@QAE@XZ
??1StyledWriter@Json@@QAE@XZ
??1StyledWriterWrapper@Json@@QAE@XZ
??1Value@Json@@QAE@XZ
??1ValueAllocator@Json@@UAE@XZ
??4Path@Json@@QAEAAV01@ABV01@@Z
??4PathArgument@Json@@QAEAAV01@ABV01@@Z
??4Reader@Json@@QAEAAV01@ABV01@@Z
??4StaticString@Json@@QAEAAV01@ABV01@@Z
??4Value@Json@@QAEAAV01@ABV01@@Z
??4ValueAllocator@Json@@QAEAAV01@ABV01@@Z
??4ValueConstIterator@Json@@QAEAAV01@ABV01@@Z
??4ValueConstIterator@Json@@QAEAAV01@ABVValueIteratorBase@1@@Z
??4ValueIterator@Json@@QAEAAV01@ABV01@@Z
??4ValueIteratorBase@Json@@QAEAAV01@ABV01@@Z
??7Value@Json@@QBE_NXZ
??8Value@Json@@QBE_NABV01@@Z
??8ValueIteratorBase@Json@@QBE_NABV01@@Z
??9Value@Json@@QBE_NABV01@@Z
??9ValueIteratorBase@Json@@QBE_NABV01@@Z
??AMemberNames@Json@@QBEPBDI@Z
??AValue@Json@@QAEAAV01@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??AValue@Json@@QAEAAV01@ABVStaticString@1@@Z
??AValue@Json@@QAEAAV01@I@Z
??AValue@Json@@QAEAAV01@PBD@Z
??AValue@Json@@QBEABV01@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??AValue@Json@@QBEABV01@I@Z
??AValue@Json@@QBEABV01@PBD@Z
??BStaticString@Json@@QBEPBDXZ
??DValueConstIterator@Json@@QBEABVValue@1@XZ
??DValueIterator@Json@@QBEAAVValue@1@XZ
??EValueConstIterator@Json@@QAE?AV01@H@Z
??EValueConstIterator@Json@@QAEAAV01@XZ
??EValueIterator@Json@@QAE?AV01@H@Z
??EValueIterator@Json@@QAEAAV01@XZ
??FValueConstIterator@Json@@QAE?AV01@H@Z
??FValueConstIterator@Json@@QAEAAV01@XZ
??FValueIterator@Json@@QAE?AV01@H@Z
??FValueIterator@Json@@QAEAAV01@XZ
??GValueIteratorBase@Json@@QBEHABV01@@Z
??MValue@Json@@QBE_NABV01@@Z
??NValue@Json@@QBE_NABV01@@Z
??OValue@Json@@QBE_NABV01@@Z
??PValue@Json@@QBE_NABV01@@Z
??_7ValueAllocator@Json@@6B@
??_FValue@Json@@QAEXXZ
?addComment@Reader@Json@@AAEXPBD0W4CommentPlacement@2@@Z
?addError@Reader@Json@@AAE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAVToken@12@PBD@Z
?addErrorAndRecover@Reader@Json@@AAE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAVToken@12@W4TokenType@12@@Z
?addPathInArg@Path@Json@@AAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABV?$vector@PBVPathArgument@Json@@V?$allocator@PBVPathArgument@Json@@@std@@@4@AAV?$_Vector_const_iterator@PBVPathArgument@Json@@V?$allocator@PBVPathArgument@Json@@@std@@@4@W4Kind@PathArgument@2@@Z
?append@Value@Json@@QAEAAV12@ABV12@@Z
?asBool@Value@Json@@QBE_NXZ
?asCString@Value@Json@@QBEPBDXZ
?asDouble@Value@Json@@QBENXZ
?asInt@Value@Json@@QBEHXZ
?asString@Value@Json@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?asUInt@Value@Json@@QBEIXZ
?begin@Value@Json@@QAE?AVValueIterator@2@XZ
?begin@Value@Json@@QBE?AVValueConstIterator@2@XZ
?c_str@StaticString@Json@@QBEPBDXZ
?clear@Value@Json@@QAEXXZ
?compare@Value@Json@@QAEHABV12@@Z
?computeDistance@ValueIteratorBase@Json@@IBEHABV12@@Z
?copy@ValueIteratorBase@Json@@IAEXABV12@@Z
?count@MemberNames@Json@@QBEIXZ
?currentValue@Reader@Json@@AAEAAVValue@2@XZ
?data@FastWriterWrapper@Json@@QBEPBDXZ
?data@StyledWriterWrapper@Json@@QBEPBDXZ
?decodeDouble@Reader@Json@@AAE_NAAVToken@12@@Z
?decodeNumber@Reader@Json@@AAE_NAAVToken@12@@Z
?decodeString@Reader@Json@@AAE_NAAVToken@12@@Z
?decodeString@Reader@Json@@AAE_NAAVToken@12@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?decodeUnicodeCodePoint@Reader@Json@@AAE_NAAVToken@12@AAPBDPBDAAI@Z
?decodeUnicodeEscapeSequence@Reader@Json@@AAE_NAAVToken@12@AAPBDPBDAAI@Z
?decrement@ValueIteratorBase@Json@@IAEXXZ
?deref@ValueIteratorBase@Json@@IBEAAVValue@2@XZ
?empty@Value@Json@@QBE_NXZ
?end@Value@Json@@QAE?AVValueIterator@2@XZ
?end@Value@Json@@QBE?AVValueConstIterator@2@XZ
?expectToken@Reader@Json@@AAE_NW4TokenType@12@AAVToken@12@PBD@Z
?get@Value@Json@@QBE?AV12@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABV12@@Z
?get@Value@Json@@QBE?AV12@IABV12@@Z
?get@Value@Json@@QBE?AV12@PBDABV12@@Z
?getComment@Value@Json@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@W4CommentPlacement@2@@Z
?getFormatedErrorMessages@Reader@Json@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?getFormattedErrorMessages@ReaderWrapper@Json@@QBEPBDXZ
?getLocationLineAndColumn@Reader@Json@@ABE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PBD@Z
?getLocationLineAndColumn@Reader@Json@@ABEXPBDAAH1@Z
?getMemberNames@Value@Json@@QBE?AV?$vector@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$allocator@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@@std@@XZ
?getNextChar@Reader@Json@@AAEDXZ
?hasComment@Value@Json@@QBE_NW4CommentPlacement@2@@Z
?hasCommentForValue@StyledWriter@Json@@AAE_NABVValue@2@@Z
?increment@ValueIteratorBase@Json@@IAEXXZ
?indent@StyledWriter@Json@@AAEXXZ
?index@ValueIteratorBase@Json@@QBEIXZ
?invalidPath@Path@Json@@AAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H@Z
?isArray@Value@Json@@QBE_NXZ
?isBool@Value@Json@@QBE_NXZ
?isConvertibleTo@Value@Json@@QBE_NW4ValueType@2@@Z
?isDouble@Value@Json@@QBE_NXZ
?isEqual@ValueIteratorBase@Json@@IBE_NABV12@@Z
?isInt@Value@Json@@QBE_NXZ
?isIntegral@Value@Json@@QBE_NXZ
?isMember@Value@Json@@QBE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?isMember@Value@Json@@QBE_NPBD@Z
?isMultineArray@StyledWriter@Json@@AAE_NABVValue@2@@Z
?isNull@Value@Json@@QBE_NXZ
?isNumeric@Value@Json@@QBE_NXZ
?isObject@Value@Json@@QBE_NXZ
?isString@Value@Json@@QBE_NXZ
?isUInt@Value@Json@@QBE_NXZ
?isValidIndex@Value@Json@@QBE_NI@Z
?key@ValueIteratorBase@Json@@QBE?AVValue@2@XZ
?make@Path@Json@@QBEAAVValue@2@AAV32@@Z
?makePath@Path@Json@@AAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABV?$vector@PBVPathArgument@Json@@V?$allocator@PBVPathArgument@Json@@@std@@@4@@Z
?makePtr@Path@Json@@QBEPAVValue@2@AAV32@@Z
?match@Reader@Json@@AAE_NPBDH@Z
?maxInt@Value@Json@@2HB
?maxUInt@Value@Json@@2IB
?memberName@ValueIteratorBase@Json@@QBEPBDXZ
?minInt@Value@Json@@2HB
?normalizeEOL@StyledWriter@Json@@CA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABV34@@Z
?null@Value@Json@@2V12@B
?parse@Reader@Json@@QAE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAVValue@2@_N@Z
?parse@Reader@Json@@QAE_NPBD0AAVValue@2@_N@Z
?parse@ReaderWrapper@Json@@QAE_NPBD0AAVValue@2@_N@Z
?pushValue@StyledWriter@Json@@AAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?readArray@Reader@Json@@AAE_NAAVToken@12@@Z
?readCStyleComment@Reader@Json@@AAE_NXZ
?readComment@Reader@Json@@AAE_NXZ
?readCppStyleComment@Reader@Json@@AAE_NXZ
?readNumber@Reader@Json@@AAEXXZ
?readObject@Reader@Json@@AAE_NAAVToken@12@@Z
?readString@Reader@Json@@AAE_NXZ
?readToken@Reader@Json@@AAE_NAAVToken@12@@Z
?readValue@Reader@Json@@AAE_NXZ
?recoverFromError@Reader@Json@@AAE_NW4TokenType@12@@Z
?removeMember@Value@Json@@QAE?AV12@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?removeMember@Value@Json@@QAE?AV12@PBD@Z
?resize@Value@Json@@QAEXI@Z
?resolve@Path@Json@@QBE?AVValue@2@ABV32@0@Z
?resolve@Path@Json@@QBEABVValue@2@ABV32@@Z
?resolvePtr@Path@Json@@QBEPBVValue@2@ABV32@@Z
?resolveReference@Value@Json@@AAEAAV12@PBD_N@Z
?setComment@Value@Json@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@W4CommentPlacement@2@@Z
?setComment@Value@Json@@QAEXPBDW4CommentPlacement@2@@Z
?size@FastWriterWrapper@Json@@QBEIXZ
?size@StyledWriterWrapper@Json@@QBEIXZ
?size@Value@Json@@QBEIXZ
?skipCommentTokens@Reader@Json@@AAEXAAVToken@12@@Z
?skipSpaces@Reader@Json@@AAEXXZ
?swap@Value@Json@@QAEXAAV12@@Z
?toStyledString@Value@Json@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?type@Value@Json@@QBE?AW4ValueType@2@XZ
?unindent@StyledWriter@Json@@AAEXXZ
?valueToQuotedString@Json@@YAXAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PBD@Z
?valueToString@Json@@YAXAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H@Z
?valueToString@Json@@YAXAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@I@Z
?valueToString@Json@@YAXAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@N@Z
?valueToString@Json@@YAXAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@_N@Z
?write@FastWriter@Json@@QAE_NABVValue@2@@Z
?write@StyledWriter@Json@@QAE_NABVValue@2@@Z
?writeArrayValue@StyledWriter@Json@@AAEXABVValue@2@@Z
?writeCommentAfterValueOnSameLine@StyledWriter@Json@@AAEXABVValue@2@@Z
?writeCommentBeforeValue@StyledWriter@Json@@AAEXABVValue@2@@Z
?writeIndent@StyledWriter@Json@@AAEXXZ
?writeValue@FastWriter@Json@@AAEXABVValue@2@@Z
?writeValue@StyledWriter@Json@@AAEXABVValue@2@@Z
?writeWithIndent@StyledWriter@Json@@AAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
CLIENT_AES_Decrypt
CLIENT_AES_Encrypt
CLIENT_AdjustFluency
CLIENT_AudioDec
CLIENT_Cleanup
CLIENT_DownloadByRecordFile
CLIENT_DownloadByTime
CLIENT_DownloadFile
CLIENT_FastPlayBack
CLIENT_GetAiNumberStatData
CLIENT_GetBackupGainMap
CLIENT_GetBmpDataByF6
CLIENT_GetDevConfig
CLIENT_GetDownloadPos
CLIENT_GetHeatMapsDirectly
CLIENT_GetHeatmapByCGI
CLIENT_GetLastError
CLIENT_GetNucRawData
CLIENT_GetStateUpgradeEx
CLIENT_GetStatiscFlux
CLIENT_Init
CLIENT_LoginEx
CLIENT_Logout
CLIENT_OperateFaceRecognitionDB
CLIENT_PlayBackByRecordFileEx
CLIENT_PlayBackByTimeEx
CLIENT_PostHttpRequest
CLIENT_QueryDevState
CLIENT_QuerySystemInfo
CLIENT_RealLoadPictureEx
CLIENT_RealPlayEx
CLIENT_RecordStart
CLIENT_RecordStop
CLIENT_SeekPlayBack
CLIENT_SendCGIRequest
CLIENT_SendHttpRequest
CLIENT_SetAutoReconnect
CLIENT_SetCustomerInfo
CLIENT_SetDVRMessCallBack
CLIENT_SetDeviceMode
CLIENT_SetDisconnectCallBack
CLIENT_SetNetworkParam
CLIENT_SetTalkCallBack
CLIENT_SnapPictureEx
CLIENT_StartListenEx
CLIENT_StartTalkEx
CLIENT_StopCGIRequest
CLIENT_StopDownload
CLIENT_StopListen
CLIENT_StopLoadPic
CLIENT_StopPlayBack
CLIENT_StopRealPlayEx
CLIENT_StopSnapPic
CLIENT_StopTalkEx
CLIENT_StopUpgrader
CLIENT_SyncRequest
CLIENT_TalkSendData
CLIENT_TemperCorrection
CLIENT_Trans2base24Data
CLIENT_UpgraderOnline
CLIENT_UploadFile
InitSvrModule

Sections

.text
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 480KB - Virtual size: 477KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 932B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 128KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
StreamConvertor.dll
.dll windows:4 windows x86 arch:x86

ef3004a2edc8f2ff29a2cc0ca7f8972e

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

67:18:35:8e:47:95:3c:27:ab:33:8c:2c
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

13/12/2018, 02:03

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

67:18:35:8e:47:95:3c:27:ab:33:8c:2c
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

13/12/2018, 02:03

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

fb:b9:ec:fb:7e:b0:83:15:9a:f1:bc:1d:d9:fa:ae:41:28:04:19:cc:ed:ba:32:50:84:a0:05:12:72:fa:7b:ff
Signer

Actual PE Digest

fb:b9:ec:fb:7e:b0:83:15:9a:f1:bc:1d:d9:fa:ae:41:28:04:19:cc:ed:ba:32:50:84:a0:05:12:72:fa:7b:ff

Digest Algorithm

sha256

PE Digest Matches

true

52:af:fa:7b:cb:39:88:95:bb:ec:ab:b9:1f:78:3e:35:a1:5f:de:15
Signer

Actual PE Digest

52:af:fa:7b:cb:39:88:95:bb:ec:ab:b9:1f:78:3e:35:a1:5f:de:15

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InterlockedDecrement
GetDiskFreeSpaceExA
InterlockedIncrement
InterlockedExchange
GetProcAddress
LoadLibraryA
TryEnterCriticalSection
SetConsoleTextAttribute
GetConsoleScreenBufferInfo
GetStdHandle
OutputDebugStringA
GetCurrentThreadId
Sleep
ExitThread
GetLastError
SetThreadPriority
CloseHandle
WaitForSingleObject
TerminateThread
GetExitCodeThread
TlsAlloc
TlsSetValue
TlsGetValue
TlsFree
QueryPerformanceCounter
QueryPerformanceFrequency
GetLocalTime
GetSystemTime
SetLocalTime
CreateProcessA
GetCurrentProcessId
CreateSemaphoreA
ReleaseSemaphore
GetTimeZoneInformation
LoadLibraryExA
FreeLibrary
GetModuleFileNameA
CreateThread
RtlUnwind
HeapAlloc
HeapFree
RaiseException
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
CreateDirectoryA
GetFileAttributesA
GetCommandLineA
GetVersionExA
GetProcessHeap
ReadFile
MoveFileA
DeleteFileA
FileTimeToSystemTime
FileTimeToLocalFileTime
FindFirstFileA
FindNextFileA
FindClose
RemoveDirectoryA
GetDriveTypeA
WriteConsoleW
GetFileType
GetModuleFileNameW
GetSystemTimeAsFileTime
GetModuleHandleA
ExitProcess
WriteFile
SetLastError
GetCurrentThread
FatalAppExitA
VirtualFree
VirtualAlloc
HeapReAlloc
HeapDestroy
HeapCreate
WideCharToMultiByte
HeapSize
SetHandleCount
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetTickCount
MultiByteToWideChar
GetConsoleCP
GetConsoleMode
FlushFileBuffers
SetFilePointer
GetFullPathNameA
GetCurrentDirectoryA
SetCurrentDirectoryA
CreateFileA
CreateFileW
SetConsoleCtrlHandler
LoadLibraryW
SetStdHandle
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetLocaleInfoA
GetLocaleInfoW
WriteConsoleA
GetConsoleOutputCP
LCMapStringA
LCMapStringW
SetEndOfFile
GetStringTypeA
GetStringTypeW
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
CompareStringA
CompareStringW
SetEnvironmentVariableA

Exports

Exports

SC_Cleanup
SC_Close
SC_EndInput
SC_Init
SC_InputData
SC_Open
SC_OpenFile
SC_SetParam

Sections

.text
Size: 612KB - Virtual size: 608KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 128KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 213KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Surveillance.dll
.dll windows:4 windows x86 arch:x86

5afd105a04c6e705ee7f26c1b937b577

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

67:18:35:8e:47:95:3c:27:ab:33:8c:2c
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

13/12/2018, 02:03

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

67:18:35:8e:47:95:3c:27:ab:33:8c:2c
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

13/12/2018, 02:03

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

70:25:c9:24:2f:42:17:de:56:72:bc:96:d7:dd:24:71:15:51:f6:7e:79:b8:c8:44:94:fb:d8:cf:79:be:89:5d
Signer

Actual PE Digest

70:25:c9:24:2f:42:17:de:56:72:bc:96:d7:dd:24:71:15:51:f6:7e:79:b8:c8:44:94:fb:d8:cf:79:be:89:5d

Digest Algorithm

sha256

PE Digest Matches

true

9d:f7:4b:11:52:cc:01:d0:96:b1:1a:c2:6f:0a:02:7c:fb:46:3f:72
Signer

Actual PE Digest

9d:f7:4b:11:52:cc:01:d0:96:b1:1a:c2:6f:0a:02:7c:fb:46:3f:72

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapAlloc
GetProcessHeap
OutputDebugStringA
CreateMutexA
CloseHandle
WaitForSingleObject
ReleaseMutex
Sleep
CreateThread
GetVersionExA
CreateEventA
SetEvent
ResetEvent
TerminateThread
SetThreadPriority
GetLastError
GetProcAddress
GetEnvironmentVariableA
VirtualQuery
LoadLibraryExA
GetModuleFileNameA
FreeLibrary
GetLocalTime
WideCharToMultiByte
MultiByteToWideChar
LoadLibraryA
GetSystemDirectoryA
QueryPerformanceFrequency
QueryPerformanceCounter
WriteFile
CreateFileA
DisableThreadLibraryCalls

shell32

ShellExecuteA

msvcp60

??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
??Mstd@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1_Winit@std@@QAE@XZ
?replace@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@IIABV12@II@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??8std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@0@Z
??8std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??_F?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
?nothrow@std@@3Unothrow_t@1@B
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDABV?$allocator@D@1@@Z
?_Freeze@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??9std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??8std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?compare@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEHIIPBDI@Z
??_D?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
?str@?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBD@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
??0?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
?replace@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@IIPBDI@Z
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?insert@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@IID@Z
?_Xran@std@@YAXXZ
?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
??9std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??9std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??0logic_error@std@@QAE@ABV01@@Z
??0out_of_range@std@@QAE@ABV01@@Z
??1out_of_range@std@@UAE@XZ
??_7out_of_range@std@@6B@
??0logic_error@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
??0runtime_error@std@@QAE@ABV01@@Z
??1runtime_error@std@@UAE@XZ
??0runtime_error@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@@Z
??_7runtime_error@std@@6B@
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBD0@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBDABV10@@Z
?resize@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z

msvcrt

strtoul
_purecall
__CxxFrameHandler
strlen
??2@YAPAXI@Z
fclose
fread
memset
ftell
fseek
fopen
fflush
fwrite
strcmp
memcpy
sprintf
_ftol
abs
remove
_snprintf
strncpy
strcpy
fabs
printf
malloc
free
strstr
labs
sqrt
fgetc
isspace
strncmp
atoi
fputs
strcat
localtime
time
strtol
fprintf
_atoi64
atol
getenv
_mkdir
_chmod
calloc
strchr
strerror
_errno
strrchr
_CxxThrowException
??0exception@@QAE@ABV0@@Z
memcmp
isalnum
_iob
??1exception@@UAE@XZ
??0exception@@QAE@ABQBD@Z
sscanf
_callnewh
__dllonexit
_onexit
_except_handler3
?terminate@@YAXXZ
??1type_info@@UAE@XZ
_initterm
_adjust_fdiv
_access

ws2_32

gethostbyname
inet_addr
ntohs
getservbyport
getservbyname
WSAGetLastError
htons
inet_ntoa
htonl
gethostbyaddr
WSAAddressToStringA
WSASetLastError

winmm

timeGetTime

shlwapi

PathAppendA

Exports

Exports

?DHFR_CreateExtractor@@YAPAXPBD@Z
?DHFR_FeatureExtarct@@YAHPAXPBDAAUtagDHFRDataBase@@@Z
?DHFR_ReleaseExtractor@@YAXPAX@Z
?DHFR_init@@YAHXZ
CleanupApp
GetTransModuleImp
InitApp
KS_Pano_Destroy
KS_Pano_GetCapablities
KS_Pano_Get_Handle
KS_Pano_MainProc
KS_Pano_SetParamSavePath
ReleaseTransImp
SNRE_Create
SNRE_GetConfig
SNRE_GetMemSize
SNRE_GetVersion
SNRE_Process
SNRE_SetConfig
SNRE_delete
_CLIENT_AES_Decrypt@28
_CLIENT_AES_Encrypt@28
_CLIENT_AdjustFluency@12
_CLIENT_AudioDec@8
_CLIENT_Cleanup@0
_CLIENT_DownloadByRecordFile@32
_CLIENT_DownloadByTime@48
_CLIENT_DownloadFile@16
_CLIENT_FastPlayBack@8
_CLIENT_GetAiNumberStatData@28
_CLIENT_GetBackupGainMap@24
_CLIENT_GetBmpDataByF6@28
_CLIENT_GetDevConfig@28
_CLIENT_GetDownloadPos@12
_CLIENT_GetHeatmapByCGI@28
_CLIENT_GetLastError@0
_CLIENT_GetStateUpgradeEx@12
_CLIENT_GetStatiscFlux@8
_CLIENT_Init@0
_CLIENT_LoginEx@36
_CLIENT_Logout@4
_CLIENT_OperateFaceRecognitionDB@16
_CLIENT_PlayBackByRecordFileEx@52
_CLIENT_PlayBackByTimeEx@64
_CLIENT_PostHttpRequest@44
_CLIENT_QueryDevState@24
_CLIENT_QuerySystemInfo@24
_CLIENT_RealLoadPictureEx@28
_CLIENT_RealPlayEx@36
_CLIENT_RecordStart@0
_CLIENT_RecordStop@0
_CLIENT_SeekPlayBack@12
_CLIENT_SendCGIRequest@28
_CLIENT_SendHttpRequest@32
_CLIENT_SetAutoReconnect@24
_CLIENT_SetCustomerInfo@8
_CLIENT_SetDVRMessCallBack@12
_CLIENT_SetDeviceMode@12
_CLIENT_SetDisconnectCallBack@24
_CLIENT_SetNetworkParam@4
_CLIENT_SetTalkCallBack@12
_CLIENT_SnapPictureEx@12
_CLIENT_StartListenEx@4
_CLIENT_StartTalkEx@16
_CLIENT_StopCGIRequest@8
_CLIENT_StopDownload@4
_CLIENT_StopListen@4
_CLIENT_StopLoadPic@4
_CLIENT_StopPlayBack@4
_CLIENT_StopRealPlayEx@8
_CLIENT_StopSnapPic@8
_CLIENT_StopTalkEx@4
_CLIENT_StopUpgrader@4
_CLIENT_SyncRequest@20
_CLIENT_TalkSendData@12
_CLIENT_Trans2base24Data@16
_CLIENT_UpgraderOnline@28
_CLIENT_UploadFile@16
_CreateScenicSpot@4
_FileOperation_Check_Write@32
_FileOperation_Read@36
_FileOperation_Write@48
_IVS_CLIENT_ParseData@20
_PLAY_AdjustWaveAudio@8
_PLAY_AntiAliasEnable@8
_PLAY_CatchPicEx@12
_PLAY_CatchResizePic@20
_PLAY_ChooseAudio@12
_PLAY_ChooseFrame@8
_PLAY_CloseAudioRecord@0
_PLAY_CloseFile@4
_PLAY_CloseStream@4
_PLAY_ConvertToBmpFile@24
_PLAY_ConvertToBmpFileEx@28
_PLAY_ConvertToJpegFile@24
_PLAY_EnableLargePicAdjustment@8
_PLAY_Fast@4
_PLAY_GetAudioChooseState@12
_PLAY_GetBufferValue@8
_PLAY_GetColor@24
_PLAY_GetCurrentFrameRate@4
_PLAY_GetFileTime@4
_PLAY_GetFreePort@4
_PLAY_GetLastError@4
_PLAY_GetOverlayMode@4
_PLAY_GetPicBMP@16
_PLAY_GetPicJPEG@20
_PLAY_GetPictureSize@12
_PLAY_GetPlayPos@4
_PLAY_GetPlayedFrames@4
_PLAY_GetPlayedTime@4
_PLAY_GetSourceBufferRemain@4
_PLAY_GetVolume@4
_PLAY_InitThirdPartyLibrary@16
_PLAY_InputData@12
_PLAY_OneByOne@4
_PLAY_OneByOneBack@4
_PLAY_OpenAudioRecord@24
_PLAY_OpenFile@8
_PLAY_OpenStream@16
_PLAY_Pause@8
_PLAY_Play@8
_PLAY_PlaySound@4
_PLAY_PlaySoundShare@4
_PLAY_QueryInfo@20
_PLAY_RefreshPlay@4
_PLAY_ReleasePort@4
_PLAY_ResetBuffer@8
_PLAY_ResetSourceBuffer@4
_PLAY_RigisterDrawFun@12
_PLAY_RigisterDrawFunEx@16
_PLAY_SetAVSyncType@8
_PLAY_SetColor@24
_PLAY_SetDecCallBack@8
_PLAY_SetDecodeKey@12
_PLAY_SetDecodeThreadNum@8
_PLAY_SetDelayTime@12
_PLAY_SetDemuxCallBack@12
_PLAY_SetDisplayBuf@8
_PLAY_SetDisplayRegion@20
_PLAY_SetEngine@12
_PLAY_SetFileEndCallBack@12
_PLAY_SetFishEyeInfoCallBack@12
_PLAY_SetIVSCallBack@12
_PLAY_SetOverlayMode@12
_PLAY_SetPicQuality@8
_PLAY_SetPlayMethod@20
_PLAY_SetPlayPos@8
_PLAY_SetPlaySpeed@8
_PLAY_SetPrivacyRecover@8
_PLAY_SetSecurityKey@12
_PLAY_SetSecurityKeyEx@16
_PLAY_SetStreamOpenMode@8
_PLAY_SetVisibleDecCallBack@12
_PLAY_Slow@4
_PLAY_SplitProc@8
_PLAY_SplitProcUpdate@8
_PLAY_StartAVIConvert@16
_PLAY_StartDataRecord@12
_PLAY_StartFisheye@4
_PLAY_StartVideoStable@4
_PLAY_Stop@4
_PLAY_StopAVIConvert@4
_PLAY_StopDataRecord@4
_PLAY_StopFisheye@4
_PLAY_StopSound@0
_PLAY_StopSoundShare@4
_PLAY_StopVideoStable@4
_PLAY_VerticalSyncEnable@8
_PLAY_WriteData@12
_ReleaseScenicSpot@4

Sections

.text
Size: 380KB - Virtual size: 377KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
VideoAnalyse.dll
.dll windows:4 windows x86 arch:x86

96406513adbd08463227ca50fefcb8a6

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

67:18:35:8e:47:95:3c:27:ab:33:8c:2c
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

13/12/2018, 02:03

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

67:18:35:8e:47:95:3c:27:ab:33:8c:2c
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

13/12/2018, 02:03

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

8f:ce:5d:0d:89:2a:18:35:d9:11:a6:c6:ad:e7:94:8b:58:70:da:dd:4e:bc:f4:49:a6:6b:4a:b6:0f:30:c2:64
Signer

Actual PE Digest

8f:ce:5d:0d:89:2a:18:35:d9:11:a6:c6:ad:e7:94:8b:58:70:da:dd:4e:bc:f4:49:a6:6b:4a:b6:0f:30:c2:64

Digest Algorithm

sha256

PE Digest Matches

true

6d:12:59:c3:92:65:92:4a:e5:5b:94:87:93:6a:e6:fd:7e:a1:a5:06
Signer

Actual PE Digest

6d:12:59:c3:92:65:92:4a:e5:5b:94:87:93:6a:e6:fd:7e:a1:a5:06

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WaitForSingleObject
ReleaseMutex
CreateEventA
CloseHandle
SetEvent
ResetEvent
CreateThread
TerminateThread
SetThreadPriority
CreateMutexA
Sleep
OutputDebugStringA

msvcp60

??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDABV?$allocator@D@1@@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
?size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$allocator@D@1@@Z
??Mstd@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
?empty@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE_NXZ
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
?find_last_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
??8std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBD0@Z
??_7runtime_error@std@@6B@
??0runtime_error@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@@Z
??1runtime_error@std@@UAE@XZ
??0runtime_error@std@@QAE@ABV01@@Z
??1_Winit@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBDABV10@@Z
?resize@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
?_Freeze@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z

msvcrt

_CxxThrowException
??1exception@@UAE@XZ
??0exception@@QAE@ABQBD@Z
sscanf
__dllonexit
_onexit
_initterm
_adjust_fdiv
_except_handler3
?terminate@@YAXXZ
??1type_info@@UAE@XZ
__CxxFrameHandler
??2@YAPAXI@Z
_iob
fputs
??0exception@@QAE@ABV0@@Z
malloc
free
_purecall
atan
sin
fabs
sprintf
strncpy
memcpy
abs
strlen
memset
atoi
_ftol
strcpy
strcmp
cos

winmm

timeGetTime

Exports

Exports

AddVideoAnalyseShape
CreateMainVideoAnalyseShape
CreateVideoAnalyseContainer
DeleteAllVideoAnalyseShape
DeleteVideoAnalyseShape
EnableVideoAnalyseContainer
EnableVideoAnalyseShape
GetContainerDrawEventHandler
GetContainerWinMouseEventHandler
GetSelectedVideoAnalyseShapeID
GetVideoAnalyseShapeConfigData
InvalidateAllShape
RedrawVideoAnalyseShape
ReleaseVideoAnalyseContainer
SelectVideoAnalyseShape
SetAdjustBoxbShow
SetAdjustPointCoordinateDelegate
SetContainerNotifyEventDelegate
SetContainerTranslateDelegate
SetCtrlContainerWinMouseCaptureDelegate
SetGetContainerRectClientDelegate
SetPixelCount
SetVideoAnalyseContainerTip
SetVideoAnalyseShapeColor
SetVideoAnalyseShapeDirection
SetVideoAnalyseShapeMaxPtNum
SetVideoAnalyseShapeShowName
ShowVideoAnalyseShape

Sections

.text
Size: 304KB - Virtual size: 300KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
VideoStable.dll
.dll windows:5 windows x86 arch:x86

72b905b73fa6193fe031dc07fc56e4f6

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

67:18:35:8e:47:95:3c:27:ab:33:8c:2c
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

13/12/2018, 02:03

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

67:18:35:8e:47:95:3c:27:ab:33:8c:2c
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

13/12/2018, 02:03

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

3a:dd:ea:4f:77:b5:83:f4:b5:04:93:b1:1b:22:d8:f0:aa:54:6e:f3:8a:1e:91:d7:29:4e:94:16:c1:ed:f0:ec
Signer

Actual PE Digest

3a:dd:ea:4f:77:b5:83:f4:b5:04:93:b1:1b:22:d8:f0:aa:54:6e:f3:8a:1e:91:d7:29:4e:94:16:c1:ed:f0:ec

Digest Algorithm

sha256

PE Digest Matches

true

7d:99:88:9e:77:f3:46:13:b8:64:7e:40:35:42:8c:26:ef:98:45:c3
Signer

Actual PE Digest

7d:99:88:9e:77:f3:46:13:b8:64:7e:40:35:42:8c:26:ef:98:45:c3

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcr90

__dllonexit
_unlock
_onexit
_except_handler4_common
__clean_type_info_names_internal
_crt_debugger_hook
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_decode_pointer
_encoded_null
_malloc_crt
_encode_pointer
malloc
_lock
free
memset
memcpy

kernel32

GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
GetSystemTimeAsFileTime

Exports

Exports

EIS
EIS_CreateHandle
EIS_DeleteHandle

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 860B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 374B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
VideoWindow.dll
.dll windows:4 windows x86 arch:x86

2ce9dd956c9b62ff4b19aeef9cf0b10c

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

67:18:35:8e:47:95:3c:27:ab:33:8c:2c
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

13/12/2018, 02:03

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

67:18:35:8e:47:95:3c:27:ab:33:8c:2c
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

13/12/2018, 02:03

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

b0:77:45:a1:05:f4:1e:b4:95:df:61:29:d8:44:56:78:4f:46:a5:34:11:28:07:a0:9d:0d:42:dc:bc:38:6e:36
Signer

Actual PE Digest

b0:77:45:a1:05:f4:1e:b4:95:df:61:29:d8:44:56:78:4f:46:a5:34:11:28:07:a0:9d:0d:42:dc:bc:38:6e:36

Digest Algorithm

sha256

PE Digest Matches

true

0b:04:e2:f2:33:1d:f5:a1:0b:72:da:25:2c:ce:6b:4e:30:09:fc:8c
Signer

Actual PE Digest

0b:04:e2:f2:33:1d:f5:a1:0b:72:da:25:2c:ce:6b:4e:30:09:fc:8c

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winmm

timeGetTime

mfc42

ord2864
ord5981
ord2379
ord755
ord2915
ord2818
ord2859
ord470
ord3815
ord665
ord1979
ord5442
ord3318
ord353
ord4234
ord6215
ord4299
ord6880
ord3693
ord3626
ord2414
ord472
ord4133
ord4297
ord5788
ord1641
ord3663
ord2567
ord3619
ord5875
ord5787
ord2860
ord283
ord6170
ord1601
ord922
ord4129
ord5683
ord860
ord3571
ord640
ord2405
ord2753
ord5785
ord1640
ord323
ord539
ord2078
ord6172
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord3953
ord4622
ord3738
ord561
ord815
ord4287
ord2575
ord3402
ord4396
ord3574
ord609
ord556
ord809
ord2754
ord3874
ord6358
ord1088
ord2122
ord1146
ord4275
ord825
ord567
ord823
ord537
ord6467
ord2124
ord4284
ord818
ord800
ord3742
ord4424
ord4627
ord4080
ord3079
ord3825
ord3831
ord3830
ord2976
ord3081
ord2985
ord3262
ord3136
ord4465
ord3259
ord3147
ord2982
ord5277
ord2446
ord5261
ord1727
ord5065
ord3749
ord6376
ord2055
ord2648
ord4441
ord4837
ord3798
ord5290
ord4353
ord6374
ord5163
ord2385
ord5241
ord4407
ord1776
ord4078
ord6055
ord1116
ord540
ord1176
ord1575
ord1168
ord1577
ord1182
ord342
ord1243
ord1197
ord1570
ord1253
ord1255
ord1578
ord600
ord826
ord269

msvcrt

??1type_info@@UAE@XZ
_adjust_fdiv
_initterm
_strlwr
__dllonexit
rename
wcslen
sprintf
fseek
fread
fopen
fwrite
fclose
strchr
pow
memcpy
strcmp
atan
malloc
wcscmp
free
sqrt
atan2
cos
sin
abs
_purecall
strcpy
_ftol
__CxxFrameHandler
strlen
memset
_onexit

kernel32

GetModuleHandleA
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
OutputDebugStringA
GetLastError
GlobalUnlock
GlobalLock
GlobalAlloc
MultiByteToWideChar
DeleteFileA
CopyFileA
MulDiv
GetCurrentThreadId
LocalFree
LocalAlloc
InitializeCriticalSection

user32

GetCursorPos
WindowFromPoint
DrawEdge
DrawFocusRect
DestroyCursor
GetSysColor
GetWindowDC
GetCapture
LoadCursorA
SetCursor
IsWindow
GetSystemMetrics
SetParent
SetFocus
SetWindowPos
MessageBoxA
ClientToScreen
LoadImageA
InflateRect
LoadBitmapA
UnhookWindowsHookEx
DeferWindowPos
InvalidateRect
SetCapture
GetWindowRect
ReleaseCapture
ScreenToClient
DrawTextA
ReleaseDC
FillRect
GetClientRect
GetDC
CallNextHookEx
SendMessageA
GetForegroundWindow
SetWindowsHookExA
EnableWindow
GetParent
KillTimer
SetTimer
EndDeferWindowPos
BeginDeferWindowPos
MoveWindow
CopyRect
GetDesktopWindow

gdi32

CreateFontA
CreatePen
ExtCreatePen
CreateSolidBrush
GetObjectA
CreateCompatibleDC
SelectObject
Rectangle
CreateFontIndirectA
SetBkMode
SetTextColor
DeleteObject
GetTextExtentPoint32A
GetPixel
Arc
TextOutW
BitBlt
Ellipse
GetTextMetricsA
ExtTextOutA
CreateICA
CreateDIBSection
DeleteDC
GetDeviceCaps
StretchBlt
CreateCompatibleBitmap
TextOutA
GetStockObject

comctl32

_TrackMouseEvent

ole32

CreateStreamOnHGlobal

olepro32

ord251

oleaut32

SysFreeString
SysStringLen

gdiplus

GdipLoadImageFromFileICM
GdipCloneImage
GdipGetImageWidth
GdipGetImageHeight
GdipDrawImageRectRect
GdiplusStartup
GdiplusShutdown
GdipCreateBitmapFromHBITMAP
GdipFillRectangleI
GdipCreateLineBrushI
GdipDeletePen
GdipCreatePen1
GdipSetLinePresetBlend
GdipDrawLineI
GdipLoadImageFromFile
GdipCreateFontFamilyFromName
GdipCreateFont
GdipDeleteFontFamily
GdipMeasureString
GdipDrawString
GdipCreateSolidFill
GdipCloneBrush
GdipGetImageEncodersSize
GdipGetImageEncoders
GdipCreateBitmapFromFile
GdipScaleWorldTransform
GdipDrawImageI
GdipDisposeImage
GdipSaveImageToFile
GdipCreateStringFormat
GdipSetStringFormatAlign
GdipDeleteStringFormat
GdipDeleteFont
GdipCreateBitmapFromScan0
GdipGetImageGraphicsContext
GdipAlloc
GdipCreateFromHDC
GdipFillPolygonI
GdipDeleteBrush
GdipDeleteGraphics
GdipFree
GdipDrawImageRectI

msvcp60

?resize@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXID@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??0_Lockit@std@@QAE@XZ
??1_Lockit@std@@QAE@XZ
??8std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

Exports

Exports

CreateVideoWindow
ReleaseVideoWindow

Sections

.text
Size: 72KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 216KB - Virtual size: 213KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
WebActiveX3.3.16559.0.exe
.exe windows:4 windows x86 arch:x86

8a0149dc6538408f26ce2da65726f248

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

67:18:35:8e:47:95:3c:27:ab:33:8c:2c
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

13/12/2018, 02:03

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

67:18:35:8e:47:95:3c:27:ab:33:8c:2c
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

13/12/2018, 02:03

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

2b:19:f0:21:6d:de:31:35:24:74:ac:44:76:e3:16:36:c3:65:d7:4e:ed:74:3f:69:7a:c3:c6:95:6c:77:9a:c3
Signer

Actual PE Digest

2b:19:f0:21:6d:de:31:35:24:74:ac:44:76:e3:16:36:c3:65:d7:4e:ed:74:3f:69:7a:c3:c6:95:6c:77:9a:c3

Digest Algorithm

sha256

PE Digest Matches

true

f5:5a:4d:b8:9e:25:a3:f4:d2:2c:76:7d:9b:62:85:fe:71:ed:3b:ed
Signer

Actual PE Digest

f5:5a:4d:b8:9e:25:a3:f4:d2:2c:76:7d:9b:62:85:fe:71:ed:3b:ed

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalUnlock
GlobalLock
GlobalAlloc
FlushInstructionCache
lstrlenA
InterlockedIncrement
LocalFree
GetStartupInfoA
GetModuleHandleA
GetCommandLineA
lstrcmpiA
Sleep
CreateThread
InterlockedDecrement
GetLastError
GetModuleFileNameA
VirtualQuery
WaitForSingleObject
GetDiskFreeSpaceExA
HeapFree
SetEvent
lstrlenW
OpenProcess
GetCurrentProcess
TerminateProcess
GetExitCodeProcess
GetCurrentProcessId
EnterCriticalSection
LeaveCriticalSection
CloseHandle
OutputDebugStringA
DeleteCriticalSection
HeapAlloc
InitializeCriticalSection
CreateEventA
GetCurrentThreadId
MultiByteToWideChar
WideCharToMultiByte
LoadLibraryExA
GetProcAddress
FreeLibrary
GlobalFree
GetProcessHeap

user32

GetMessageA
PostMessageA
DestroyWindow
SetWindowLongA
GetWindowThreadProcessId
GetParent
CreateWindowExA
CallWindowProcA
IntersectRect
EqualRect
OffsetRect
SetWindowRgn
SetWindowPos
DefWindowProcA
PtInRect
GetKeyState
InvalidateRect
ShowWindow
SetFocus
IsWindow
BeginPaint
GetClientRect
EndPaint
GetFocus
IsChild
UnionRect
DispatchMessageA
CharNextA
PostThreadMessageA
SendMessageA
GetWindowLongA

gdi32

CreateMetaFileA
SetWindowExtEx
CloseMetaFile
DeleteMetaFile
CreateRectRgnIndirect
GetDeviceCaps
LPtoDP
SaveDC
SetMapMode
TextOutA
SetTextAlign
Rectangle
RestoreDC
DeleteDC
SetViewportOrgEx
SetWindowOrgEx

comdlg32

GetSaveFileNameA
GetOpenFileNameA

shell32

SHBrowseForFolderA
SHGetPathFromIDListA

ole32

OleRegGetUserType
CoTaskMemFree
CoTaskMemAlloc
CreateDataAdviseHolder
CreateOleAdviseHolder
OleRegGetMiscStatus
OleRegEnumVerbs
CoInitialize
CoUninitialize

oleaut32

SysAllocStringLen
SysFreeString
SysAllocString
VariantInit
CreateErrorInfo
VariantChangeType
OleCreatePropertyFrame
VariantClear
SysStringLen
LoadRegTypeLi

videowindow

CreateVideoWindow
ReleaseVideoWindow

surveillance

CleanupApp
ReleaseTransImp
GetTransModuleImp
InitApp

atl

ord31
ord46
ord30
ord58
ord27
ord26
ord32
ord16
ord17
ord57
ord18
ord20
ord21
ord23
ord50
ord44
ord43
ord51

msvcp60

??1Init@ios_base@std@@QAE@XZ
?_Freeze@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?find_last_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??0Init@ios_base@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1_Winit@std@@QAE@XZ
??_D?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAEXXZ
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?getline@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@1@AAV21@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@@Z
??0?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAE@PBDH@Z
??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@XZ
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB

msvcrt

memset
strlen
??2@YAPAXI@Z
malloc
atoi
sprintf
memcpy
realloc
_CxxThrowException
__CxxFrameHandler
memcmp
strcat
strcpy
_access
abs
strstr
free
_ftol
strncpy
__dllonexit
_onexit
??1type_info@@UAE@XZ
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
wcslen
strcmp

winmm

timeBeginPeriod
PlaySoundA
timeKillEvent
timeSetEvent

shlwapi

PathAppendA
PathRemoveFileSpecA
PathAddBackslashA

Sections

.text
Size: 64KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
aacdec.dll
.dll windows:5 windows x86 arch:x86

9179040b23612d91f905e0c7dfd88147

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

67:18:35:8e:47:95:3c:27:ab:33:8c:2c
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

13/12/2018, 02:03

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

67:18:35:8e:47:95:3c:27:ab:33:8c:2c
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

13/12/2018, 02:03

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

55:eb:0a:23:f2:ae:d3:52:47:d7:9b:af:29:d0:a5:a1:53:e4:aa:78:88:69:90:8b:3e:dd:4d:8b:72:b8:48:12
Signer

Actual PE Digest

55:eb:0a:23:f2:ae:d3:52:47:d7:9b:af:29:d0:a5:a1:53:e4:aa:78:88:69:90:8b:3e:dd:4d:8b:72:b8:48:12

Digest Algorithm

sha256

PE Digest Matches

true

72:60:67:c4:3b:df:58:f3:73:88:fa:48:1b:8a:89:14:96:34:2f:be
Signer

Actual PE Digest

72:60:67:c4:3b:df:58:f3:73:88:fa:48:1b:8a:89:14:96:34:2f:be

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetLastError
HeapFree
HeapAlloc
GetCurrentThreadId
DecodePointer
GetCommandLineA
HeapCreate
HeapDestroy
GetProcAddress
GetModuleHandleW
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameW
EncodePointer
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
Sleep
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
LoadLibraryW
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapReAlloc
RtlUnwind
HeapSize
LCMapStringW
MultiByteToWideChar
GetStringTypeW

Exports

Exports

AACDec_GetVersion
AAC_DEC_Cleanup
AAC_DEC_Decode
AAC_DEC_Init

Sections

.text
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
dhplay.dll
.dll windows:4 windows x86 arch:x86

ee1aa65efb3e922b315efca491985d42

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

67:18:35:8e:47:95:3c:27:ab:33:8c:2c
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

13/12/2018, 02:03

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

67:18:35:8e:47:95:3c:27:ab:33:8c:2c
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

13/12/2018, 02:03

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

f0:eb:d7:0f:cf:ca:fb:cb:2b:4f:5a:78:48:69:68:4b:f4:b1:c7:af:ff:e8:d6:c6:11:f7:0d:1a:88:57:e7:7f
Signer

Actual PE Digest

f0:eb:d7:0f:cf:ca:fb:cb:2b:4f:5a:78:48:69:68:4b:f4:b1:c7:af:ff:e8:d6:c6:11:f7:0d:1a:88:57:e7:7f

Digest Algorithm

sha256

PE Digest Matches

true

52:82:8c:46:5e:a1:28:d7:e2:49:05:1d:28:96:3e:71:14:8f:c7:f9
Signer

Actual PE Digest

52:82:8c:46:5e:a1:28:d7:e2:49:05:1d:28:96:3e:71:14:8f:c7:f9

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
FreeLibrary
GetModuleFileNameA
SystemTimeToFileTime
GetLocalTime
Sleep
CreateThread
TerminateThread
GetCurrentThreadId
OutputDebugStringA
GetLastError
GetVersionExA
GetModuleHandleA
lstrcpyA
InterlockedExchange
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetEndOfFile
FlushFileBuffers
SetStdHandle
LoadLibraryA
GetStringTypeW
LoadLibraryExA
GetTickCount
LeaveCriticalSection
TryEnterCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
QueryPerformanceFrequency
QueryPerformanceCounter
GetSystemInfo
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
SetFilePointer
ReadFile
WriteFile
CreateFileA
GetCurrentDirectoryA
FindFirstFileA
DeleteFileA
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
IsBadCodePtr
IsBadReadPtr
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetOEMCP
GetACP
GetCPInfo
GetFileAttributesA
GetFullPathNameA
FindClose
CreateDirectoryA
HeapSize
IsBadWritePtr
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
SetUnhandledExceptionFilter
WideCharToMultiByte
TlsGetValue
SetLastError
TlsFree
TlsAlloc
TlsSetValue
GetSystemTime
GetTimeZoneInformation
InterlockedDecrement
InterlockedIncrement
SetEvent
WaitForSingleObject
ReleaseMutex
CreateEventA
CreateMutexA
CloseHandle
RtlUnwind
RaiseException
HeapAlloc
HeapFree
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess

user32

IsWindow
GetClientRect
MonitorFromWindow
ClientToScreen
ReleaseDC
GetDC
GetSystemMetrics
GetWindowRect
GetWindowPlacement
IsIconic
SystemParametersInfoA
DrawTextA
PostMessageA

gdi32

SetDIBits
CreateFontIndirectA
CreatePen
SetTextColor
GetBkMode
SetBkMode
TextOutA
GetDIBits
SwapBuffers
ChoosePixelFormat
SetPixelFormat
CreateCompatibleDC
CreateDIBSection
DeleteDC
SelectObject
SetStretchBltMode
StretchDIBits
StretchBlt
DeleteObject

winmm

waveOutUnprepareHeader
waveOutGetPosition
waveInOpen
waveOutWrite
waveOutReset
waveOutClose
waveOutGetVolume
waveOutOpen
waveOutSetVolume
waveInClose
timeBeginPeriod
waveInAddBuffer
waveInReset
waveInStart
waveOutPrepareHeader
waveInPrepareHeader
waveInStop
waveInUnprepareHeader

ddraw

DirectDrawEnumerateExA
DirectDrawCreateEx

opengl32

wglCreateContext
wglDeleteContext
wglMakeCurrent
glDeleteTextures
glViewport
glDrawElements
glEnable
glDepthFunc
glClearColor
glClear
glTexImage2D
glGenTextures
glBindTexture
glTexParameteri
glGetIntegerv
wglGetProcAddress
wglGetCurrentDC
glGetString

avifil32

AVIFileCreateStreamA
AVIStreamSetFormat
AVIStreamWrite
AVIFileExit
AVIStreamRelease
AVIFileRelease
AVIFileInit
AVIFileOpenA

Exports

Exports

?PLAY_CloseYuvRender@@YGHH@Z
?PLAY_GetDriveSpaceInfo@@YGHPAI0@Z
?PLAY_OpenYuvRender@@YGHHPAUHWND__@@P6GXHPAUHDC__@@@Z@Z
?PLAY_OutsideRender@@YGHJHHHHI@Z
?PLAY_QueryEventRecord@@YGHPADPAUEVENT_RECORD_ALL@@@Z
?PLAY_RenderYuv@@YGHHPAE00HH@Z
PLAY_AddToPlayGroup
PLAY_AdjustFluency
PLAY_AdjustWaveAudio
PLAY_AntiAliasEnable
PLAY_Back
PLAY_BackOne
PLAY_CatchPic
PLAY_CatchPicEx
PLAY_CatchResizePic
PLAY_ChangeRate
PLAY_ChooseAudio
PLAY_ChooseFrame
PLAY_CloseAudioRecord
PLAY_CloseFile
PLAY_ClosePlayGroup
PLAY_CloseStream
PLAY_CloseStreamEx
PLAY_ConvertToBmpFile
PLAY_ConvertToBmpFileEx
PLAY_ConvertToJpegFile
PLAY_CreateFile
PLAY_CreateInstance
PLAY_CreateStream
PLAY_CutFileSegment
PLAY_DelFromPlayGroup
PLAY_DestroyFile
PLAY_DestroyStream
PLAY_EnableAudioChannel
PLAY_EnableLargePicAdjustment
PLAY_EnableRecitfy
PLAY_Fast
PLAY_FisheyeEptzUpdate
PLAY_FisheyeGetPosition
PLAY_FisheyeSecondRegion
PLAY_FisheyeTrancFormCoordinate
PLAY_FisheyeTrancFormCurve
PLAY_FisheyeTrancFormTrackFrame
PLAY_Flush
PLAY_FormatDisk
PLAY_GetAudioChannels
PLAY_GetAudioChooseState
PLAY_GetAudioRecScaling
PLAY_GetAudioRenderScaling
PLAY_GetBufferValue
PLAY_GetCaps
PLAY_GetCapsEx
PLAY_GetColor
PLAY_GetColorKey
PLAY_GetCurrentFrameNum
PLAY_GetCurrentFrameRate
PLAY_GetCurrentFrameRateEx
PLAY_GetDDrawDeviceInfo
PLAY_GetDDrawDeviceTotalNums
PLAY_GetDisplayBuf
PLAY_GetDisplayType
PLAY_GetDoubleRegion
PLAY_GetFileHeadLength
PLAY_GetFileTime
PLAY_GetFileTotalFrames
PLAY_GetFreePort
PLAY_GetIRefValue
PLAY_GetInt32
PLAY_GetKeyFramePos
PLAY_GetKeyFramePosByAbsTime
PLAY_GetLastError
PLAY_GetLastErrorEx
PLAY_GetLastYUVFrame
PLAY_GetMDPosition
PLAY_GetNextKeyFramePos
PLAY_GetNextKeyFramePosByAbsTime
PLAY_GetOverlayMode
PLAY_GetPicBMP
PLAY_GetPicBMPEx
PLAY_GetPicJPEG
PLAY_GetPicTIFF
PLAY_GetPictureQuality
PLAY_GetPictureSize
PLAY_GetPlayPos
PLAY_GetPlayedFrames
PLAY_GetPlayedTime
PLAY_GetPlayedTimeEx
PLAY_GetRealFrameBitRate
PLAY_GetRefValue
PLAY_GetSdkVersion
PLAY_GetSourceBufferRemain
PLAY_GetStreamOpenMode
PLAY_GetTimePicture
PLAY_GetTimerType
PLAY_GetVideoPerTimer
PLAY_GetVolume
PLAY_InitDDraw
PLAY_InitDDrawDevice
PLAY_InitDisk
PLAY_InitThirdPartyLibrary
PLAY_InputAudioData
PLAY_InputData
PLAY_InputVideoData
PLAY_OldFisheyeEptzUpdate
PLAY_OneByOne
PLAY_OneByOneBack
PLAY_OpenAudioRecord
PLAY_OpenFile
PLAY_OpenPlayGroup
PLAY_OpenStream
PLAY_OpenStreamEx
PLAY_OptFisheyeParams
PLAY_Pause
PLAY_PausePlayGroup
PLAY_Play
PLAY_PlaySound
PLAY_PlaySoundShare
PLAY_QueryFileList
PLAY_QueryGroupPlayingTime
PLAY_QueryInfo
PLAY_QueryTagInfo
PLAY_RealeseDDraw
PLAY_RefreshPlay
PLAY_RefreshPlayEx
PLAY_Register3rdDecryptHook
PLAY_Release
PLAY_ReleaseDDrawDevice
PLAY_ReleasePort
PLAY_RenderPrivateData
PLAY_ResetBuffer
PLAY_ResetSourceBufFlag
PLAY_ResetSourceBuffer
PLAY_ResolutionScale
PLAY_RigisterDrawFun
PLAY_RigisterDrawFunEx
PLAY_SeekPlayGroup
PLAY_Set264EncodeInfoCallBack
PLAY_SetAVSyncType
PLAY_SetAudioCallBack
PLAY_SetAudioRecScaling
PLAY_SetAudioRenderScaling
PLAY_SetColor
PLAY_SetCurrentFrameNum
PLAY_SetDDrawDevice
PLAY_SetDDrawDeviceEx
PLAY_SetDataCallBack
PLAY_SetDeNoiseParams
PLAY_SetDecCBStream
PLAY_SetDecCallBack
PLAY_SetDecCallBackEx
PLAY_SetDecInfoCallBack
PLAY_SetDecodeCallBack
PLAY_SetDecodeDataProcessCallBack
PLAY_SetDecodeKey
PLAY_SetDecodeStrategy
PLAY_SetDecodeThreadNum
PLAY_SetDehazeParams
PLAY_SetDelayTime
PLAY_SetDemuxCallBack
PLAY_SetDigitalSignCallBack
PLAY_SetDisplayBuf
PLAY_SetDisplayCallBack
PLAY_SetDisplayRegion
PLAY_SetDisplayRegionEx
PLAY_SetDisplayType
PLAY_SetDoubleVisibleDecCallBack
PLAY_SetEncChangeMsg
PLAY_SetEncTypeChangeCallBack
PLAY_SetEncTypeChangeCallBackEx
PLAY_SetEngine
PLAY_SetFileEndCallBack
PLAY_SetFileEndMsg
PLAY_SetFileIndexProgressCallBack
PLAY_SetFileRefCallBack
PLAY_SetFileRefCallBackEx
PLAY_SetFileTimeDoneCallBack
PLAY_SetFishEyeInfoCallBack
PLAY_SetFisheyeParams
PLAY_SetGPSCallBack
PLAY_SetIVSCallBack
PLAY_SetIVSEParams
PLAY_SetInt32
PLAY_SetMDRange
PLAY_SetMDThreShold
PLAY_SetMultiFrameCallBack
PLAY_SetMultiFrameDecCallBack
PLAY_SetMultiSensorCallBack
PLAY_SetOSDInfoCallBack
PLAY_SetOverlayMode
PLAY_SetPandoraWaterMarkCallBack
PLAY_SetPercentCallBack
PLAY_SetPicQuality
PLAY_SetPlayDirection
PLAY_SetPlayGroupBaseChannel
PLAY_SetPlayGroupDirection
PLAY_SetPlayGroupSpeed
PLAY_SetPlayMethod
PLAY_SetPlayPos
PLAY_SetPlayPosByFileOffset
PLAY_SetPlaySpeed
PLAY_SetPlayedAbsTime
PLAY_SetPlayedTimeEx
PLAY_SetPrintLogLevel
PLAY_SetPrivacyRecover
PLAY_SetRefValue
PLAY_SetRenderMode
PLAY_SetRotateAngle
PLAY_SetSEnhanceMode
PLAY_SetSecurityKey
PLAY_SetSecurityKeyEx
PLAY_SetSourceBufCallBack
PLAY_SetStereoEyeMoveDistance
PLAY_SetStereoPerspectiveFovy
PLAY_SetStereoRotate
PLAY_SetStereoView
PLAY_SetStereoViewMode
PLAY_SetStreamOpenMode
PLAY_SetTimerType
PLAY_SetVerifyCallBack
PLAY_SetVideoPerTimer
PLAY_SetVisibleDecCallBack
PLAY_SetVisibleDecodeCallBack
PLAY_SetVolume
PLAY_SetWaterMarkCallBack
PLAY_SetWaterMarkCallBackEx
PLAY_SetYUVOSDInfo
PLAY_SetupPrepareTime
PLAY_Slow
PLAY_SplitProc
PLAY_SplitProcUpdate
PLAY_StartAVIConvert
PLAY_StartAVIResizeConvert
PLAY_StartDataRecord
PLAY_StartDataRecordEx
PLAY_StartDeHaze
PLAY_StartDeNoise
PLAY_StartFisheye
PLAY_StartFisheyeEx
PLAY_StartFisheyeMPTZ
PLAY_StartIVSE
PLAY_StartMosaic
PLAY_StartPrepareRecord
PLAY_StartVideoStable
PLAY_StepPlayGroup
PLAY_Stop
PLAY_StopAVIConvert
PLAY_StopAVIResizeConvert
PLAY_StopDataRecord
PLAY_StopDeHaze
PLAY_StopDeNoise
PLAY_StopFisheye
PLAY_StopIVSE
PLAY_StopMosaic
PLAY_StopPrepareRecord
PLAY_StopSound
PLAY_StopSoundShare
PLAY_StopVideoStable
PLAY_SurfaceChange
PLAY_ThrowBFrameNum
PLAY_VerticalSyncEnable
PLAY_WriteData
_PLAY_CleanScreen@24
_PLAY_GetScale@8
_PLAY_GetTranslateX@8
_PLAY_GetTranslateY@8
_PLAY_QueryChannelInfo@8
_PLAY_Scale@12
_PLAY_SetAnalyzePositionCallback@12
_PLAY_SetAudioPlayMethod@8
_PLAY_SetCalibratMode@8
_PLAY_SetDisplayScale@12
_PLAY_SetFileInfoFrameCallback@16
_PLAY_SetIdentity@8
_PLAY_SetMemMinimized@4
_PLAY_SetSpeakerAutoEnable@4
_PLAY_SetStatisticCallBack@12
_PLAY_SetViewProportion@12
_PLAY_StartEdgeEnhance@12
_PLAY_StartFileFrameDetect@8
_PLAY_StopEdgeEnhance@4
_PLAY_StopFileFrameDetect@4
_PLAY_Translate@16
_PLAY_ViewResolutionChanged@16

Sections

.text
Size: 560KB - Virtual size: 558KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 124KB - Virtual size: 269KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
fisheye.dll
.dll windows:5 windows x86 arch:x86

9f29e79baf93efa40808003becf34946

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

67:18:35:8e:47:95:3c:27:ab:33:8c:2c
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

13/12/2018, 02:03

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

67:18:35:8e:47:95:3c:27:ab:33:8c:2c
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

13/12/2018, 02:03

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:ae:2e:47:17:95:7a:18:b3:53:55:24:11:dd:47:21:02:c7:ec:95:e6:9e:14:b8:60:50:fb:74:73:5b:71:fb
Signer

Actual PE Digest

07:ae:2e:47:17:95:7a:18:b3:53:55:24:11:dd:47:21:02:c7:ec:95:e6:9e:14:b8:60:50:fb:74:73:5b:71:fb

Digest Algorithm

sha256

PE Digest Matches

true

f2:96:6f:bf:3a:31:66:ce:d1:28:ec:e2:6e:9f:84:a5:ca:d2:40:f3
Signer

Actual PE Digest

f2:96:6f:bf:3a:31:66:ce:d1:28:ec:e2:6e:9f:84:a5:ca:d2:40:f3

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
LoadLibraryW
FreeLibrary
Sleep
GetLastError
HeapFree
RaiseException
RtlUnwind
EnterCriticalSection
LeaveCriticalSection
GetCurrentThreadId
DecodePointer
GetCommandLineA
EncodePointer
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapCreate
HeapDestroy
HeapAlloc
InterlockedIncrement
InterlockedDecrement
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
SetLastError
GetCurrentThread
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
ExitProcess
FatalAppExitA
WriteFile
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
FlushFileBuffers
ReadFile
SetFilePointer
CloseHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetModuleFileNameW
HeapSize
MultiByteToWideChar
HeapReAlloc
SetConsoleCtrlHandler
InterlockedExchange
GetLocaleInfoW
WriteConsoleW
SetStdHandle
LCMapStringW
GetStringTypeW
CreateFileW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
InterlockedCompareExchange
InitializeCriticalSection
CreateFileA
SetEndOfFile
GetProcessHeap

Exports

Exports

AC_CreateHandle
AC_DeleteHandle
AC_Process
AC_SetParameter
Fisheye_CreateHandle
Fisheye_DeWarp
Fisheye_DeleteHandle
Fisheye_EptzUpdate
Fisheye_GetMemSize
Fisheye_GetParam
Fisheye_GetVersion
Fisheye_SetParam
Fisheye_TrancForm_Coordinate
Fisheye_TrancForm_Coordinate_EX
Fisheye_TrancForm_Curve
Fisheye_TrancForm_TrackFrame
Fisheye_resetSrcDst

Sections

.text
Size: 312KB - Virtual size: 311KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
h264dec.dll
.dll windows:5 windows x86 arch:x86

13367371e424ece9feea1e9283a17b29

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

67:18:35:8e:47:95:3c:27:ab:33:8c:2c
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

13/12/2018, 02:03

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

67:18:35:8e:47:95:3c:27:ab:33:8c:2c
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

13/12/2018, 02:03

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

37:27:40:96:0e:90:48:d4:8c:56:1a:8f:97:c3:d8:8d:a5:b6:27:1d:25:3c:b3:9a:41:8f:45:66:ee:da:1e:93
Signer

Actual PE Digest

37:27:40:96:0e:90:48:d4:8c:56:1a:8f:97:c3:d8:8d:a5:b6:27:1d:25:3c:b3:9a:41:8f:45:66:ee:da:1e:93

Digest Algorithm

sha256

PE Digest Matches

true

37:43:e0:9d:80:d5:a8:be:e9:07:a2:42:45:a2:1e:8f:67:de:05:d4
Signer

Actual PE Digest

37:43:e0:9d:80:d5:a8:be:e9:07:a2:42:45:a2:1e:8f:67:de:05:d4

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

InterlockedExchangeAdd
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InterlockedCompareExchange
CloseHandle
WaitForSingleObject
CreateEventA
CreateSemaphoreA
ResetEvent
ReleaseSemaphore
SetEvent
GetProcAddress
GetModuleHandleA
GetProcessAffinityMask
GetCurrentProcess
MultiByteToWideChar
GetConsoleScreenBufferInfo
GetStdHandle
SetConsoleTextAttribute
Sleep
HeapAlloc
GetLastError
HeapFree
ExitThread
GetCurrentThreadId
CreateThread
GetFileType
CreateFileW
HeapReAlloc
GetCommandLineA
IsProcessorFeaturePresent
GetModuleHandleW
ExitProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
WriteFile
GetModuleFileNameW
HeapCreate
HeapDestroy
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetStartupInfoW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
WideCharToMultiByte
SetStdHandle
GetConsoleCP
GetConsoleMode
SetFilePointer
ReadFile
RaiseException
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LoadLibraryW
RtlUnwind
FlushFileBuffers
LCMapStringW
GetStringTypeW
WriteConsoleW
CompareStringW
SetEnvironmentVariableA
HeapSize

Exports

Exports

H264_Dec_Close
H264_Dec_DeInit
H264_Dec_Decode
H264_Dec_GetCPUCaps
H264_Dec_GetInfo
H264_Dec_Init
H264_Dec_Open

Sections

.text
Size: 417KB - Virtual size: 417KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 95KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rodata
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
hevcdec.dll
.dll windows:5 windows x86 arch:x86

7471177a7869f60d6dd28075e1501b1c

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

67:18:35:8e:47:95:3c:27:ab:33:8c:2c
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

13/12/2018, 02:03

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

67:18:35:8e:47:95:3c:27:ab:33:8c:2c
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

13/12/2018, 02:03

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

05:ee:6b:35:75:36:67:b5:e8:77:13:8a:17:3b:bf:e4:a0:e9:5a:25:73:ef:96:47:4a:91:d3:85:d6:60:d2:36
Signer

Actual PE Digest

05:ee:6b:35:75:36:67:b5:e8:77:13:8a:17:3b:bf:e4:a0:e9:5a:25:73:ef:96:47:4a:91:d3:85:d6:60:d2:36

Digest Algorithm

sha256

PE Digest Matches

true

80:be:f5:ba:ed:d6:d7:0d:58:83:7b:1a:9b:80:cf:40:e4:a6:a3:9b
Signer

Actual PE Digest

80:be:f5:ba:ed:d6:d7:0d:58:83:7b:1a:9b:80:cf:40:e4:a6:a3:9b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

InterlockedExchangeAdd
InterlockedCompareExchange
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetProcessAffinityMask
GetCurrentProcess
MultiByteToWideChar
CloseHandle
WaitForSingleObject
CreateEventW
CreateSemaphoreW
ResetEvent
ReleaseSemaphore
SetEvent
GetProcAddress
GetModuleHandleW
GetFileType
GetLastError
CreateFileW
HeapAlloc
HeapReAlloc
HeapFree
GetSystemTimeAsFileTime
ExitThread
GetCurrentThreadId
CreateThread
DecodePointer
GetCommandLineA
ExitProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
TerminateProcess
IsProcessorFeaturePresent
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetStartupInfoW
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetLastError
Sleep
WideCharToMultiByte
GetTimeZoneInformation
RaiseException
SetStdHandle
WriteFile
GetConsoleCP
GetConsoleMode
SetFilePointer
GetModuleFileNameW
HeapCreate
HeapDestroy
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
LoadLibraryW
RtlUnwind
LCMapStringW
GetStringTypeW
FlushFileBuffers
WriteConsoleW
CompareStringW
SetEnvironmentVariableA
HeapSize

Exports

Exports

Hevc_Dec_Close
Hevc_Dec_DeInit
Hevc_Dec_Decode
Hevc_Dec_Init
Hevc_Dec_Open
Hevc_Dec_get_version

Sections

.text
Size: 899KB - Virtual size: 898KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rodata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 153KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
mjpegdec.dll
.dll windows:5 windows x86 arch:x86

9ffdfefef24b46755a185ca74791660e

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

67:18:35:8e:47:95:3c:27:ab:33:8c:2c
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

13/12/2018, 02:03

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

67:18:35:8e:47:95:3c:27:ab:33:8c:2c
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

13/12/2018, 02:03

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

47:34:bc:2f:2e:0d:68:b1:9e:66:d1:68:96:c6:b3:c5:f5:87:a2:35:d1:c4:12:14:73:7d:e8:aa:64:84:33:b3
Signer

Actual PE Digest

47:34:bc:2f:2e:0d:68:b1:9e:66:d1:68:96:c6:b3:c5:f5:87:a2:35:d1:c4:12:14:73:7d:e8:aa:64:84:33:b3

Digest Algorithm

sha256

PE Digest Matches

true

8d:b8:c7:66:8f:25:b1:d9:72:7d:35:d8:5a:78:68:5f:61:2f:70:d6
Signer

Actual PE Digest

8d:b8:c7:66:8f:25:b1:d9:72:7d:35:d8:5a:78:68:5f:61:2f:70:d6

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapAlloc
GetLastError
HeapFree
HeapReAlloc
GetCurrentThreadId
DecodePointer
GetCommandLineA
GetProcAddress
GetModuleHandleW
ExitProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
TerminateProcess
GetCurrentProcess
EnterCriticalSection
LeaveCriticalSection
IsProcessorFeaturePresent
WriteFile
GetStdHandle
GetModuleFileNameW
HeapCreate
HeapDestroy
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
Sleep
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LoadLibraryW
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
RtlUnwind
HeapSize
GetConsoleCP
GetConsoleMode
FlushFileBuffers
LCMapStringW
MultiByteToWideChar
GetStringTypeW
SetFilePointer
CloseHandle
WriteConsoleW
SetStdHandle
CreateFileW

Exports

Exports

JPEG_Dec_Close
JPEG_Dec_DeInit
JPEG_Dec_Decode
JPEG_Dec_Init
JPEG_Dec_Open
JPEG_Dec_lib_get_version
JPEG_Parser_Close
JPEG_Parser_Open
JPEG_Parser_Start
MJPEG_Dec_Close
MJPEG_Dec_DeInit
MJPEG_Dec_Decode
MJPEG_Dec_Init
MJPEG_Dec_Open

Sections

.text
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
npmedia3.3.16559.0.dll
.dll windows:4 windows x86 arch:x86

d7fabc89d249f6b50de37b45baf6f03d

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

67:18:35:8e:47:95:3c:27:ab:33:8c:2c
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

13/12/2018, 02:03

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

67:18:35:8e:47:95:3c:27:ab:33:8c:2c
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

13/12/2018, 02:03

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

94:c1:97:b0:3a:d9:4c:c3:6f:78:d4:0c:13:4a:d6:05:88:3b:46:e5:cf:eb:72:73:45:8e:92:93:05:48:1c:5d
Signer

Actual PE Digest

94:c1:97:b0:3a:d9:4c:c3:6f:78:d4:0c:13:4a:d6:05:88:3b:46:e5:cf:eb:72:73:45:8e:92:93:05:48:1c:5d

Digest Algorithm

sha256

PE Digest Matches

true

db:a0:05:c5:04:d5:8e:55:af:1b:41:09:58:92:b5:f5:50:12:c8:f4
Signer

Actual PE Digest

db:a0:05:c5:04:d5:8e:55:af:1b:41:09:58:92:b5:f5:50:12:c8:f4

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapAlloc
GetProcessHeap
GlobalFree
TerminateProcess
GetCurrentProcess
OutputDebugStringA
HeapFree
GetDiskFreeSpaceExA
VirtualQuery
GetModuleFileNameA
GetLastError
GetProcAddress
LoadLibraryExA
FreeLibrary
WideCharToMultiByte
MultiByteToWideChar
LocalFree
LocalAlloc

user32

GetWindowLongA
SendMessageA
PostMessageA
SetWindowLongA

comdlg32

GetOpenFileNameA
GetSaveFileNameA

shell32

SHBrowseForFolderA
SHGetPathFromIDListA

surveillance

GetTransModuleImp
CleanupApp
InitApp
ReleaseTransImp

videowindow

ReleaseVideoWindow
CreateVideoWindow

msvcp60

??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_Freeze@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?find_last_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??0Init@ios_base@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1_Winit@std@@QAE@XZ
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@XZ
??_D?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAEXXZ
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
??0?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAE@PBDH@Z
?getline@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@1@AAV21@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@@Z

msvcrt

memset
strlen
__CxxFrameHandler
??2@YAPAXI@Z
atoi
strcmp
printf
memcpy
sprintf
_ftol
strstr
abs
strcpy
_purecall
_access
strcat
remove
free
__dllonexit
_onexit
_initterm
malloc
_adjust_fdiv
??1type_info@@UAE@XZ
strncpy

winmm

PlaySoundA

shlwapi

PathAppendA
PathRemoveFileSpecA
PathAddBackslashA

mfc42

ord269
ord1116
ord1176
ord1575
ord1168
ord1577
ord1182
ord342
ord1243
ord1197
ord1570
ord1253
ord1255
ord6467
ord1578
ord600
ord826

Exports

Exports

NP_GetEntryPoints
NP_Initialize
NP_Shutdown

Sections

.text
Size: 80KB - Virtual size: 77KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
plugin.data
uninst.exe.nsis
web_IVS_setup_HISI_S3LM_ssl.nsi

Sharing

General

Malware Config

Signatures

Files

57e98d9a5a72c8d7ad8fb7a6a58b3daf

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate

Extended Key Usages

Key Usages

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cdCertificate

Extended Key Usages

Key Usages

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate

Extended Key Usages

Key Usages

67:18:35:8e:47:95:3c:27:ab:33:8c:2cCertificate

Extended Key Usages

Key Usages

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cdCertificate

Extended Key Usages

Key Usages

67:18:35:8e:47:95:3c:27:ab:33:8c:2cCertificate

Extended Key Usages

Key Usages

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12Certificate

Extended Key Usages

Key Usages

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12Certificate

Extended Key Usages

Key Usages

a2:b0:d5:c5:e9:e6:63:16:d0:72:c5:35:e6:8e:1d:5c:20:28:b6:f5:9d:75:4d:62:d7:f4:01:10:05:ad:17:b2Signer

64:aa:4c:d0:0b:fa:8e:5f:8f:25:61:fa:db:5c:e3:a3:de:d2:6a:97Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

Sections

.text Size: 24KB - Virtual size: 24KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 106KB

.ndata Size: - Virtual size: 36KB

.rsrc Size: 17KB - Virtual size: 16KB

46f8b6973f33717335c0f6d8087de67b

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Exports

Exports

Sections

.text Size: 3KB - Virtual size: 2KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 458B

e2080d6f3bf865f99b72312d928b0564

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate

Extended Key Usages

Key Usages

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cdCertificate

Extended Key Usages

Key Usages

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate

Extended Key Usages

Key Usages

67:18:35:8e:47:95:3c:27:ab:33:8c:2cCertificate

Extended Key Usages

Key Usages

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cdCertificate

Extended Key Usages

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

67:18:35:8e:47:95:3c:27:ab:33:8c:2c
Certificate

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

67:18:35:8e:47:95:3c:27:ab:33:8c:2c
Certificate

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

a2:b0:d5:c5:e9:e6:63:16:d0:72:c5:35:e6:8e:1d:5c:20:28:b6:f5:9d:75:4d:62:d7:f4:01:10:05:ad:17:b2
Signer

64:aa:4c:d0:0b:fa:8e:5f:8f:25:61:fa:db:5c:e3:a3:de:d2:6a:97
Signer

.text
Size: 24KB - Virtual size: 24KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 106KB

.ndata
Size: - Virtual size: 36KB

.rsrc
Size: 17KB - Virtual size: 16KB

.text
Size: 3KB - Virtual size: 2KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 458B

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

67:18:35:8e:47:95:3c:27:ab:33:8c:2c
Certificate

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

67:18:35:8e:47:95:3c:27:ab:33:8c:2c
Certificate

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

4e:6c:f8:61:e1:06:c5:34:8b:2e:6b:77:99:09:4a:15:45:a5:dd:7a:53:7e:ca:09:76:c2:46:0e:8d:36:03:0d
Signer

44:fa:66:b5:29:8b:b4:d1:dc:2a:10:f9:9c:5d:63:00:3c:2b:bf:9d
Signer

.text
Size: 60KB - Virtual size: 57KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 4KB - Virtual size: 5KB

.rsrc
Size: 4KB - Virtual size: 960B

.reloc
Size: 8KB - Virtual size: 4KB

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

67:18:35:8e:47:95:3c:27:ab:33:8c:2c
Certificate

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

67:18:35:8e:47:95:3c:27:ab:33:8c:2c
Certificate

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

c7:e7:c8:4a:60:2d:70:39:cc:69:43:31:d6:1f:3e:e5:17:40:b6:ff:9f:b4:79:85:65:ae:9b:1b:18:b9:ce:c8
Signer

ca:b6:a7:60:3b:2c:29:f0:e1:c8:55:c0:dc:21:d5:6a:b1:4d:40:33
Signer

.text
Size: 152KB - Virtual size: 150KB

.rdata
Size: 16KB - Virtual size: 12KB

.data
Size: 12KB - Virtual size: 8KB

.reloc
Size: 12KB - Virtual size: 9KB