98cb8ef214610f7be93afac417422b79

Sharing

Copy URL Twitter E-mail

General

Target

98cb8ef214610f7be93afac417422b79
Size

6.4MB
MD5

98cb8ef214610f7be93afac417422b79
SHA1

b3e625370a5432f39382c75d6a82804e32b44d9c
SHA256

2b0853a01d52b04fceb5a31eb64bb25d25202c3071a46d26512fa3c4510fba32
SHA512

794d8f79041ca16514b852f4c27098d6e54bc3b2b5fabcfd0f4a78cf5e3f8cf4f9edaabc9dfd9848ff89813ff69eac02e1fd52d05001dd2d1cfa3a72c982e37f
SSDEEP

98304:7e00UpiC+AE6ZIztqr6nNvaszCAcyzOIitBqEK2s0GaUePwtVcYhzxGWLJTCj4Ud:tpiC+AtmI6nNvaszCAcAE60GDtjNKc4

Score

7^/10

upx

Malware Config

Signatures

ACProtect 1.3x - 1.4x DLL software 1 IoCs

Detects file using ACProtect software.

resource	yara_rule
static1/unpack001/FlashGet 3/dbghelp.dll	acprotect

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/FlashGet 3/dbghelp.dll	upx

Unsigned PE 36 IoCs

Checks for missing Authenticode signature.

resource
unpack001/FlashGet 3/@绿化工具.exe
unpack002/$PLUGINSDIR/ButtonEvent.dll
unpack002/$PLUGINSDIR/InstallOptions.dll
unpack002/$PLUGINSDIR/KillProcDLL.dll
unpack002/$PLUGINSDIR/System.dll
unpack002/$PLUGINSDIR/linker.dll
unpack001/FlashGet 3/FGResDetector/FGResDetector.exe
unpack003/components/FlashgetXpi.dll
unpack001/FlashGet 3/Flashget3.exe
unpack001/FlashGet 3/P2PCore.dll
unpack001/FlashGet 3/P2SCore.dll
unpack001/FlashGet 3/RdOldDb.dll
unpack001/FlashGet 3/RealMediaSplitter.ax
unpack001/FlashGet 3/SnapShot.dll
unpack001/FlashGet 3/VodCore.dll
unpack001/FlashGet 3/adns.dll
unpack001/FlashGet 3/btcoreu.dll
unpack001/FlashGet 3/ckcore.dll
unpack001/FlashGet 3/commonlib.dll
unpack001/FlashGet 3/componentskrnl.dll
unpack001/FlashGet 3/corestat.dll
unpack001/FlashGet 3/dbghelp.dll
unpack001/FlashGet 3/fnsArchive.dll
unpack001/FlashGet 3/fnsDirectuix.dll
unpack001/FlashGet 3/fnsLanguage.dll
unpack001/FlashGet 3/fnsLanguage_en.dll
unpack001/FlashGet 3/fnsScheduler.dll
unpack001/FlashGet 3/fnsSecurity.dll
unpack001/FlashGet 3/fnsSkinX.dll
unpack001/FlashGet 3/fnsStatistics.dll
unpack001/FlashGet 3/id3lib.dll
unpack001/FlashGet 3/libem.dll
unpack001/FlashGet 3/pncrt.dll
unpack001/FlashGet 3/storage.dll
unpack001/FlashGet 3/unrar.dll
unpack001/FlashGet 3/zlib.dll

NSIS installer 2 IoCs

installer

resource	yara_rule
static1/unpack001/FlashGet 3/@绿化工具.exe	nsis_installer_1
static1/unpack001/FlashGet 3/@绿化工具.exe	nsis_installer_2

Files

98cb8ef214610f7be93afac417422b79
.rar
FlashGet 3/@绿化工具.exe
.exe windows:4 windows x86 arch:x86

1c042238f43557c055fca8642de8a074

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
GetWindowsDirectoryA
SetFileTime
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
CreateFileA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
SetFilePointer
MulDiv
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetTempPathA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetAsyncKeyState
IsDlgButtonChecked
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
RegisterClassA
OpenClipboard
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
wvsprintfA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
ShowWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
EmptyClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
SetForegroundWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 296KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 360KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ButtonEvent.dll
.dll windows:4 windows x86 arch:x86

0ece15e7d9bb35972aec701f46192460

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcmpiA
GlobalAlloc
lstrcpyA
lstrcpynA
GlobalFree

user32

PostMessageA
CallWindowProcA
GetDlgItem
FindWindowExA
SetWindowLongA
wsprintfA

Exports

Exports

AddEventHandler
Unload
UnsetEventHandler
WhichButtonId

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 503B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 220B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/InstallOptions.dll
.dll windows:4 windows x86 arch:x86

0b51ce6ce6bf8d5c68b3ea9f3ac1bf2c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetCurrentDirectoryA
GetCurrentDirectoryA
MultiByteToWideChar
GetPrivateProfileIntA
GlobalLock
GetModuleHandleA
lstrcmpiA
GetPrivateProfileStringA
lstrcatA
lstrcpynA
WritePrivateProfileStringA
lstrlenA
lstrcpyA
GlobalFree
GlobalUnlock
GlobalAlloc

user32

MapWindowPoints
GetDlgCtrlID
CloseClipboard
GetClipboardData
OpenClipboard
PtInRect
SetWindowRgn
LoadIconA
LoadImageA
SetWindowLongA
CreateWindowExA
MapDialogRect
SetWindowPos
GetWindowRect
CreateDialogParamA
ShowWindow
EnableMenuItem
GetSystemMenu
EnableWindow
GetDlgItem
DestroyIcon
DestroyWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
LoadCursorA
SetCursor
DrawTextA
GetWindowLongA
DrawFocusRect
MessageBoxA
CallWindowProcA
PostMessageA
CharNextA
wsprintfA
GetWindowTextA
SetWindowTextA
SendMessageA
GetClientRect

gdi32

SetTextColor
CreateCompatibleDC
GetObjectA
GetDIBits
CreateRectRgn
CombineRgn
DeleteObject
SelectObject

shell32

SHBrowseForFolderA
SHGetDesktopFolder
SHGetPathFromIDListA
ShellExecuteA

comdlg32

GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError

ole32

CoTaskMemFree

Exports

Exports

dialog
initDialog
show

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/KillProcDLL.dll
.dll windows:4 windows x86 arch:x86

153027ec3b10bcea606b777657dd3402

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetVersionExA
TerminateProcess
OpenProcess
LoadLibraryA
CloseHandle
GetProcAddress
FreeLibrary
GlobalFree
lstrcpyA
DisableThreadLibraryCalls

msvcrt

strcmp
_strupr
toupper
strlen
free
_initterm
malloc
_adjust_fdiv
strcpy
_itoa

Exports

Exports

KillProc

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 172B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

4ec328f99bdd944fc98d8a5cf11f7a62

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
lstrcpyA
lstrcpynA
FreeLibrary
lstrcatA
GetProcAddress
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
GetLastError
VirtualAlloc
VirtualProtect

user32

wsprintfA

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 92B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 446B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/linker.dll
.dll windows:4 windows x86 arch:x86

5b9be84907034b8f0152e51177ceafc3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GetModuleHandleA
lstrcpynA
lstrcpyA
GlobalFree

user32

UpdateWindow
InvalidateRect
SetCapture
SetFocus
PtInRect
GetWindowRect
GetDC
ReleaseCapture
EndPaint
BeginPaint
SetCursor
LoadCursorA
CallWindowProcA
DestroyCursor
SetWindowLongA
CreateCursor
IsWindow
ReleaseDC
SetWindowPos
GetWindowLongA
SendMessageA
GetClientRect
FillRect
GetFocus
DrawFocusRect
DrawTextA
ClientToScreen

gdi32

SetBkMode
SetTextColor
CreateFontIndirectA
GetObjectA
GetStockObject
DeleteObject
SelectObject

shell32

ShellExecuteA

Exports

Exports

Link
Unload

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 276B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/modern-header.bmp
$PLUGINSDIR/www.greendown.cn.ini
FlashGet 3/FGResDetector/FGResDetector.exe
.exe windows:4 windows x86 arch:x86

79399baf06462f3e053b5d235bf286d8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryExW
GetModuleHandleW
CloseHandle
WaitForSingleObject
CreateEventW
FreeResource
GlobalFree
WideCharToMultiByte
GetVersionExW
FindNextFileW
FindClose
lstrlenA
GetFullPathNameW
FindFirstFileW
FlushFileBuffers
WriteFile
CreateFileW
ReadFile
GetFileSize
WritePrivateProfileStringW
GetPrivateProfileStringW
lstrcmpA
GetTickCount
GetStringTypeExW
GetProcessHeap
HeapAlloc
HeapFree
HeapReAlloc
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
DeleteFileW
CreateDirectoryW
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileTime
Sleep
WriteProcessMemory
VirtualAlloc
ReadProcessMemory
VirtualProtect
IsBadCodePtr
IsBadReadPtr
SetEnvironmentVariableA
CompareStringW
CompareStringA
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
MultiByteToWideChar
GetStringTypeA
GetConsoleMode
GetConsoleCP
SetFilePointer
GetCurrentProcessId
QueryPerformanceCounter
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineW
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
LCMapStringW
LCMapStringA
IsValidCodePage
GetOEMCP
GetCPInfo
GetTimeZoneInformation
GetModuleFileNameA
GetStdHandle
HeapCreate
ExitProcess
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStartupInfoW
VirtualQuery
GetSystemInfo
GetModuleHandleA
GetSystemTimeAsFileTime
CreateThread
ExitThread
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
RtlUnwind
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
HeapSize
HeapDestroy
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
InterlockedCompareExchange
GetVersionExA
SetEvent
LoadLibraryW
GetProcAddress
OutputDebugStringW
FreeLibrary
InterlockedDecrement
InterlockedIncrement
GetModuleFileNameW
MulDiv
lstrcmpW
GetLastError
DeleteCriticalSection
InitializeCriticalSection
GlobalAlloc
GlobalLock
GlobalUnlock
lstrcmpiW
SetLastError
GetCurrentThreadId
GetCurrentProcess
FlushInstructionCache
lstrlenW
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
RaiseException
LeaveCriticalSection
EnterCriticalSection
GetStringTypeW

user32

DialogBoxParamW
GetActiveWindow
AppendMenuW
RemoveMenu
DestroyWindow
EndDialog
SetWindowLongW
CreatePopupMenu
SetWindowPos
GetClientRect
CharNextA
GetParent
GetDlgItem
MapWindowPoints
SystemParametersInfoW
GetWindowRect
GetWindow
MessageBoxW
LoadStringW
SetMenuDefaultItem
PostQuitMessage
LoadStringA
TrackPopupMenuEx
MessageBeep
PtInRect
CheckDlgButton
GetDlgItemInt
IsDlgButtonChecked
SetDlgItemInt
EnableWindow
IsWindowEnabled
DrawTextW
CopyRect
InflateRect
GetWindowLongW
CharLowerBuffW
TranslateAcceleratorW
IsWindowVisible
SetMenu
SetRect
SetMenuItemInfoW
SetDlgItemTextW
CreateDialogParamW
GetWindowTextW
GetWindowTextLengthW
PostMessageW
ShowWindow
SendMessageW
GetClassInfoExW
LoadCursorW
DefWindowProcW
SetWindowTextW
CallWindowProcW
RegisterClassExW
RegisterWindowMessageW
CreateWindowExW
GetSysColor
CharNextW
MoveWindow
ClientToScreen
ScreenToClient
GetDC
ReleaseDC
InvalidateRect
InvalidateRgn
UnregisterClassA
RedrawWindow
SetCapture
IsChild
GetClassNameW
ReleaseCapture
FillRect
EndPaint
BeginPaint
GetDesktopWindow
DestroyAcceleratorTable
SetFocus
GetFocus
IsWindow
CreateAcceleratorTableW
wvsprintfW
DispatchMessageW
GetMenuItemID
IsMenu
GetMenuItemInfoW
GetMenuItemCount
GetSubMenu
TrackPopupMenu
MonitorFromPoint
GetMonitorInfoW
DestroyMenu
PostThreadMessageW
LoadMenuW
LoadAcceleratorsW
LoadImageW
PeekMessageW
GetMessageW
TranslateMessage

gdi32

SetBkMode
SetViewportOrgEx
CreateFontIndirectW
SetBkColor
ExtTextOutW
GetStockObject
GetObjectW
CreateSolidBrush
GetDeviceCaps
BitBlt
CreateCompatibleDC
DeleteDC
DeleteObject
CreateCompatibleBitmap
SelectObject

advapi32

RegDeleteKeyW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegSetValueExW
RegQueryValueExW
RegEnumKeyExW
RegQueryInfoKeyW
RegDeleteValueW

shell32

ShellExecuteW
SHGetFileInfoW

ole32

CoInitialize
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CoCreateInstance
CLSIDFromString
CLSIDFromProgID
CoGetClassObject
OleLockRunning
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
StringFromGUID2
CoUninitialize

oleaut32

SysAllocString
SysFreeString
VariantInit
VarUI4FromStr
LoadTypeLi
LoadRegTypeLi
OleCreateFontIndirect
SysStringByteLen
DispCallFunc
VariantClear
SysAllocStringLen
SysStringLen

shlwapi

PathRemoveFileSpecW
PathFileExistsW
PathIsDirectoryW

comctl32

ImageList_Create
_TrackMouseEvent
ImageList_AddMasked
InitCommonControlsEx

msimg32

AlphaBlend

ws2_32

WSACleanup
recv
__WSAFDIsSet
select
connect
htons
gethostbyname
socket
send
closesocket
inet_addr
freeaddrinfo
getaddrinfo
WSASetLastError
WSASocketW
WSACreateEvent
WSASetEvent
WSAEventSelect
WSARecv
WSAResetEvent
WSASend
WSAGetOverlappedResult
WSAConnect
WSAGetLastError
WSAEnumNetworkEvents
WSACloseEvent
WSAStartup

gdiplus

GdipAlloc
GdipFree
GdipDisposeImage
GdipCreateBitmapFromFile
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromStream
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromResource
GdipCreateHBITMAPFromBitmap
GdipCloneImage
GdiplusStartup

Sections

.text
Size: 360KB - Virtual size: 356KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
FlashGet 3/FGResDetector/data/css/lightbox.css
FlashGet 3/FGResDetector/data/default.htm
.html
FlashGet 3/FGResDetector/data/images/banner.gif
.gif
FlashGet 3/FGResDetector/data/images/bullet.gif
.gif
FlashGet 3/FGResDetector/data/images/close.gif
.gif
FlashGet 3/FGResDetector/data/images/closelabel.gif
.gif
FlashGet 3/FGResDetector/data/images/download-icon.gif
.gif
FlashGet 3/FGResDetector/data/images/explorer.gif
.gif
FlashGet 3/FGResDetector/data/images/ftp.gif
.gif
FlashGet 3/FGResDetector/data/images/ftp_1.gif
.gif
FlashGet 3/FGResDetector/data/images/ftp_2.gif
.gif
FlashGet 3/FGResDetector/data/images/ftp_3.gif
.gif
FlashGet 3/FGResDetector/data/images/image.gif
.gif
FlashGet 3/FGResDetector/data/images/image_1.gif
.gif
FlashGet 3/FGResDetector/data/images/image_2.gif
.gif
FlashGet 3/FGResDetector/data/images/image_3.gif
.gif
FlashGet 3/FGResDetector/data/images/introTextBg.gif
.gif
FlashGet 3/FGResDetector/data/images/loading.gif
.gif
FlashGet 3/FGResDetector/data/images/nextlabel.gif
.gif
FlashGet 3/FGResDetector/data/images/prevlabel.gif
.gif
FlashGet 3/FGResDetector/data/images/software.gif
.gif
FlashGet 3/FGResDetector/data/images/software_1.gif
.gif
FlashGet 3/FGResDetector/data/images/software_2.gif
.gif
FlashGet 3/FGResDetector/data/images/software_3.gif
.gif
FlashGet 3/FGResDetector/data/images/vod.gif
.gif
FlashGet 3/FGResDetector/data/images/vod_1.gif
.gif
FlashGet 3/FGResDetector/data/images/vod_2.gif
.gif
FlashGet 3/FGResDetector/data/images/vod_3.gif
.gif
FlashGet 3/FGResDetector/data/js/builder.js
.js
FlashGet 3/FGResDetector/data/js/effects.js
.js
FlashGet 3/FGResDetector/data/js/lightbox.js
.js
FlashGet 3/FGResDetector/data/js/prototype.js
.js
FlashGet 3/FGResDetector/data/js/scriptaculous.js
.js
FlashGet 3/FGResDetector/image/about.png
.png
FlashGet 3/FGResDetector/image/ftplist_tree_icon.png
.png
FlashGet 3/FGResDetector/image/option_icon.png
.png
FlashGet 3/FGResDetector/image/quickop_hide.png
.png
FlashGet 3/FGResDetector/image/quickop_show.png
.png
FlashGet 3/FGResDetector/image/statusbar_bk.png
.png
FlashGet 3/FGResDetector/image/tasktab_close.png
.png
FlashGet 3/FGResDetector/image/toolbar_back.png
.png
FlashGet 3/FGResDetector/image/toolbar_bk.png
.png
FlashGet 3/FGResDetector/image/toolbar_close.png
.png
FlashGet 3/FGResDetector/image/toolbar_forward.png
.png
FlashGet 3/FGResDetector/image/toolbar_refresh.png
.png
FlashGet 3/FGResDetector/lang/l.chs.xml
.xml
FlashGet 3/FlashGet3.xpi
.zip
META-INF/manifest.mf
META-INF/zigbert.rsa
META-INF/zigbert.sf
chrome.manifest
chrome/FlashGet3.jar
.zip
content/contents.rdf
.xml
content/flashgetcommon.js
.js
content/flashgetmenu.js
.js
content/flashgetmenu.xul
content/icon.bmp
content/saveas.js
.js
content/saveas.xul
.xml
content/vssver.scc
flashget.rar
.rar
content/contents.rdf
.xml
content/flashgetcommon.js
.js
content/flashgetmenu.js
.js
content/flashgetmenu.xul
content/icon.bmp
content/saveas.js
.js
content/saveas.xul
.xml
content/vssver.scc
locale/en-US/common.dtd
locale/en-US/common.properties
locale/en-US/menu.dtd
locale/en-US/menu.properties
locale/en-US/saveas.dtd
locale/zh-CN/common.dtd
locale/zh-CN/common.properties
locale/zh-CN/menu.dtd
locale/zh-CN/menu.properties
locale/zh-CN/saveas.dtd
locale/en-US/common.dtd
locale/en-US/common.properties
locale/en-US/menu.dtd
locale/en-US/menu.properties
locale/en-US/saveas.dtd
locale/zh-CN/common.dtd
locale/zh-CN/common.properties
locale/zh-CN/menu.dtd
locale/zh-CN/menu.properties
locale/zh-CN/saveas.dtd
vssver.scc
components/FlashgetXpi.dll
.dll windows:4 windows x86 arch:x86

3c7f25ebfdc48a8afed9b4fb1400647d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

InterlockedDecrement
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
SetConsoleCtrlHandler
LoadLibraryA
GetProcAddress
GetOEMCP
GetACP
GetCPInfo
UnhandledExceptionFilter
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
HeapSize
WriteFile
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
lstrlenW
GetLastError
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
LocalFree
RtlUnwind
HeapFree
HeapAlloc
GetCommandLineA
GetVersion
RaiseException
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetCurrentThread
HeapDestroy
HeapCreate
VirtualFree
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
FatalAppExitA
VirtualAlloc
HeapReAlloc
IsBadWritePtr
TerminateProcess
GetCurrentProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA

ole32

CoCreateInstance
OleRun
CoUninitialize
CoInitialize

oleaut32

SysAllocString
SetErrorInfo
SafeArrayDestroy
CreateErrorInfo
VariantChangeType
SysFreeString
SafeArrayCreate
VariantInit
VariantClear
SysStringByteLen
SysAllocStringByteLen
SafeArrayPutElement
GetErrorInfo

xpcom

NS_Alloc
NS_GetMemoryManager
NS_GetServiceManager
NS_GetComponentManager

nspr4

PR_AtomicDecrement
PR_AtomicIncrement

Exports

Exports

??RnsCreateInstanceByCID@@UBEIABUnsID@@PAPAX@Z
??RnsCreateInstanceByContractID@@UBEIABUnsID@@PAPAX@Z
??RnsCreateInstanceFromFactory@@UBEIABUnsID@@PAPAX@Z
??RnsGetClassObjectByCID@@UBEIABUnsID@@PAPAX@Z
??RnsGetClassObjectByContractID@@UBEIABUnsID@@PAPAX@Z
NSGetModule

Sections

.text
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
components/IFlashgetXpi.xpt
install.rdf
.xml
FlashGet 3/FlashGet3_Flash.exe
.exe windows:4 windows x86 arch:x86

61747ec2159f40d49b1b703556bd6e87

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

15:e8:ac:e7:89:3d:48:73:8c:35:06:a5:02:ac:63:8d
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

29/06/2009, 00:00

Not After

29/06/2011, 23:59

Subject

CN=Trend Media Corporation Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Trend Media Corporation Limited,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
GetCurrentThreadId
lstrlenA
lstrlenW
HeapReAlloc
InterlockedIncrement
InterlockedDecrement
lstrcmpiW
GlobalUnlock
GlobalLock
SetLastError
GlobalFree
GlobalHandle
lstrcmpW
MulDiv
GetModuleFileNameW
LoadLibraryExW
GetModuleHandleW
DeleteFileW
LoadLibraryW
SetProcessWorkingSetSize
IsBadWritePtr
MapViewOfFile
CreateFileMappingW
CloseHandle
FindResourceExW
InterlockedExchange
GetACP
SetEndOfFile
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
CreateFileA
FlushFileBuffers
SetStdHandle
GetConsoleMode
GetConsoleCP
HeapFree
GetStringTypeW
GetStringTypeA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineW
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
Sleep
ReadFile
RtlUnwind
LCMapStringW
LCMapStringA
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetOEMCP
GetCPInfo
GetModuleFileNameA
GetStdHandle
WriteFile
ExitProcess
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
HeapCreate
HeapAlloc
GetProcessHeap
WaitForSingleObject
GlobalAlloc
GetSystemDirectoryA
LoadLibraryA
FreeLibrary
GetProcAddress
GetCurrentProcess
FindResourceW
FlushInstructionCache
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetLastError
RaiseException
SetFilePointer
GetStartupInfoW
VirtualQuery
GetSystemInfo
GetModuleHandleA
GetLocaleInfoA
VirtualProtect
LocalFree
HeapSize
HeapDestroy
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
InterlockedCompareExchange
GetVersionExA
GetThreadLocale
WideCharToMultiByte

user32

UnregisterClassA
CharNextW
SetWindowTextW
GetWindowTextW
GetWindowTextLengthW
DestroyWindow
RegisterClassExW
LoadCursorW
GetClassInfoExW
RegisterWindowMessageW
DialogBoxIndirectParamW
GetSysColor
MoveWindow
SetWindowPos
GetClientRect
ClientToScreen
ScreenToClient
GetDC
DefWindowProcW
InvalidateRect
InvalidateRgn
RedrawWindow
SetCapture
GetWindowLongW
IsChild
GetParent
GetDlgItem
GetClassNameW
ReleaseCapture
FillRect
CallWindowProcW
EndPaint
BeginPaint
GetDesktopWindow
DestroyAcceleratorTable
GetWindow
GetFocus
SetFocus
SetWindowLongW
ReleaseDC
UnhookWindowsHookEx
GetSystemMetrics
LoadImageW
SetWindowsHookExW
PostMessageW
GetWindowRect
SystemParametersInfoW
MapWindowPoints
KillTimer
SetTimer
EndDialog
CallNextHookEx
FindWindowW
IsWindowVisible
GetActiveWindow
MessageBoxW
CreateAcceleratorTableW
MapDialogRect
SetWindowContextHelpId
CreateWindowExW
IsWindow
SendMessageW

gdi32

GetObjectW
CreateSolidBrush
GetDeviceCaps
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
DeleteDC
SelectObject
DeleteObject
GetStockObject

advapi32

RegQueryValueExW
RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW

shell32

ShellExecuteW

ole32

CoUninitialize
CoInitialize
CLSIDFromString
CLSIDFromProgID
CoGetClassObject
OleLockRunning
StringFromGUID2
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CoCreateInstance

oleaut32

SysStringLen
SysFreeString
SysAllocString
SysAllocStringLen
VarUI4FromStr
SysStringByteLen
VariantInit
VariantClear
OleCreateFontIndirect
LoadRegTypeLi
LoadTypeLi
DispCallFunc

shlwapi

PathRemoveFileSpecW

comctl32

InitCommonControlsEx

ws2_32

WSAEventSelect
WSAGetLastError
gethostbyname
inet_ntoa
htonl
getservbyname
htons
gethostbyaddr
getservbyport
ntohs
WSASetLastError
WSACleanup
WSACloseEvent
WSAEnumNetworkEvents
WSASocketW
closesocket
WSAStartup
WSACreateEvent
WSASetEvent
inet_addr
WSARecv
WSAResetEvent
WSASend
WSAGetOverlappedResult
WSAConnect

Sections

.text
Size: 156KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
FlashGet 3/FlashGetBHO3.dll
.dll regsvr32 windows:4 windows x86 arch:x86

9a5ec64f9a3df27b3890a568545d97dc

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

15:e8:ac:e7:89:3d:48:73:8c:35:06:a5:02:ac:63:8d
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

29/06/2009, 00:00

Not After

29/06/2011, 23:59

Subject

CN=Trend Media Corporation Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Trend Media Corporation Limited,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\CommLib\FlashGetBHO\release\FlashGetBHO3.pdb

Imports

kernel32

GetModuleHandleW
GetSystemDefaultLangID
RaiseException
InitializeCriticalSection
DeleteCriticalSection
lstrcmpiW
CloseHandle
InterlockedIncrement
InterlockedDecrement
EnterCriticalSection
LeaveCriticalSection
FreeLibrary
LoadLibraryExW
WritePrivateProfileStringW
SetThreadLocale
GetThreadLocale
GetPrivateProfileStringW
DisableThreadLibraryCalls
GetProcAddress
GetCurrentProcess
GetCurrentProcessId
GetFileAttributesW
IsBadWritePtr
MapViewOfFile
CreateFileMappingW
FindClose
FindFirstFileW
UnmapViewOfFile
WriteFile
GetModuleFileNameW
IsBadReadPtr
GetExitCodeThread
WaitForSingleObject
CreateThread
GetCurrentThreadId
lstrcmpW
VirtualAlloc
CreateFileA
FlushFileBuffers
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetConsoleMode
GetConsoleCP
GetStringTypeW
GetStringTypeA
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
lstrlenA
WideCharToMultiByte
MultiByteToWideChar
lstrlenW
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
SetFilePointer
GetLastError
SetHandleCount
Sleep
LCMapStringW
LCMapStringA
GetOEMCP
GetCPInfo
SetLastError
TlsFree
TlsSetValue
GetACP
GetLocaleInfoA
GetVersionExA
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
LoadLibraryA
VirtualFree
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlUnwind
GetSystemTimeAsFileTime
GetCommandLineA
HeapCreate
GetModuleHandleA
ExitProcess
GetStdHandle
GetModuleFileNameA
TlsGetValue
TlsAlloc
InterlockedExchange

user32

SendMessageTimeoutW
PostMessageW
FindWindowW
IsWindow
SendMessageW
GetWindowTextLengthW
GetClassNameW
RegisterWindowMessageW
ScreenToClient
UnregisterClassA
CharNextW
GetKeyState
GetWindow
FindWindowExW
KillTimer
SetTimer
GetWindowTextW
LoadStringW
CharUpperBuffW
SetWindowsHookExW
UnhookWindowsHookEx
CallNextHookEx
GetWindowModuleFileNameW

advapi32

RegQueryInfoKeyW
RegDeleteValueW
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
RegEnumKeyExW
RegCloseKey
RegDeleteKeyW

shell32

ShellExecuteW

ole32

ProgIDFromCLSID
CoTaskMemAlloc
CoCreateInstance
StringFromGUID2
CoTaskMemRealloc
CoGetClassObject
CoTaskMemFree

oleaut32

SafeArrayGetDim
SafeArrayGetElemsize
RegisterTypeLi
UnRegisterTypeLi
SysAllocString
LoadTypeLi
LoadRegTypeLi
DispCallFunc
VarUI4FromStr
SysStringByteLen
VarBstrCat
VariantChangeType
VariantCopy
VariantClear
VariantInit
SysFreeString
SysStringLen
BSTR_UserSize
BSTR_UserMarshal
BSTR_UserUnmarshal
BSTR_UserFree
VARIANT_UserSize
CreateErrorInfo
SysAllocStringByteLen
VARIANT_UserMarshal
VARIANT_UserUnmarshal
VARIANT_UserFree
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayLock
SetErrorInfo

shlwapi

SHDeleteValueW
SHSetValueW
PathRemoveFileSpecW

rpcrt4

IUnknown_Release_Proxy
NdrCStdStubBuffer2_Release
NdrStubCall2
NdrStubForwardingFunction
NdrOleFree
NdrOleAllocate
NdrDllRegisterProxy
IUnknown_AddRef_Proxy
IUnknown_QueryInterface_Proxy
NdrDllGetClassObject
NdrDllCanUnloadNow
NdrDllUnregisterProxy

urlmon

CoInternetGetSession

oleacc

ObjectFromLresult

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

ws2_32

gethostbyname

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 208KB - Virtual size: 205KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.orpc
Size: 4KB - Virtual size: 844B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
FlashGet 3/Flashget3.exe
.exe windows:4 windows x86 arch:x86

3f068c7594fa4d7c3316189cd3fe2dff

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\project\FlashGet_3_Xeon\FlashGet_3_Xeon\output\Flashget3.pdb

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

TrackPopupMenu

gdi32

PatBlt

comdlg32

GetOpenFileNameW

advapi32

RegCloseKey

shell32

DragQueryFileW

ole32

CoInitialize

oleaut32

SysFreeString

commonlib

?utf8towc@@YAHPBDIPA_WI@Z

shlwapi

PathFileExistsW

comctl32

ImageList_Destroy

msimg32

GradientFill

gdiplus

GdipDeletePen

winmm

PlaySoundW

version

GetFileVersionInfoSizeW

psapi

GetProcessMemoryInfo

wininet

InternetSetCookieW

ws2_32

htons

urlmon

URLDownloadToFileW

Sections

.MyCrack
Size: 559KB - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
FlashGet 3/GetAllUrl.htm
.html .vbs polyglot
FlashGet 3/GetUrl.htm
.html .js polyglot
FlashGet 3/P2PCore.dll
.dll windows:4 windows x86 arch:x86

9e4d1bb4a4f5c7a839981b08e8e17062

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\project\ProtKrnl\src\Build\P2PCore.pdb

Imports

kernel32

FindResourceW
GetLocalTime
LoadResource
WideCharToMultiByte
CreateFileA
WriteFile
CloseHandle
FlushFileBuffers
LockResource
SizeofResource
FindResourceExW
CreateFileW
RaiseException
LocalFree
SetFilePointer
MultiByteToWideChar
GetModuleFileNameA
GetFileAttributesExA
FormatMessageW
GetLastError
GetVolumeInformationA
lstrlenW
GetFileSize
ReadFile
GetModuleFileNameW
GetSystemDirectoryA
GetFileSizeEx
DeleteFileW
LeaveCriticalSection
InitializeCriticalSection
EnterCriticalSection
DeleteCriticalSection
GetCurrentThreadId
DisableThreadLibraryCalls
WaitForSingleObject
CreateEventW
GetTickCount
IsBadCodePtr
lstrlenA
SetEvent
GlobalFree
Sleep
GlobalAlloc
GetCommandLineA
WritePrivateProfileStringW
GetPrivateProfileStringW
GetCurrentProcessId
CopyFileW
GetSystemDirectoryW
IsBadWritePtr
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
WaitForMultipleObjectsEx
WaitForMultipleObjects
ReadFileEx
CancelIo
InterlockedIncrement
FreeLibrary
GetProcAddress
LoadLibraryW
GetFileType
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
SetHandleCount
LoadLibraryA
GetConsoleMode
GetStringTypeW
GetStringTypeA
GetConsoleCP
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
ExitThread
CreateThread
RtlUnwind
HeapCreate
VirtualFree
VirtualAlloc
GetModuleHandleA
ExitProcess
GetStdHandle
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
InterlockedDecrement
GetCPInfo
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
GetStartupInfoA

ws2_32

inet_ntoa
inet_addr
sendto
WSACleanup
WSAStartup
bind
closesocket
htonl
WSAEventSelect
socket
gethostbyname
setsockopt
WSAWaitForMultipleEvents
recvfrom
ntohl
WSAGetLastError
ntohs
htons

shlwapi

PathFileExistsA

iphlpapi

GetAdaptersInfo

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

user32

UnregisterClassA

Exports

Exports

create_p2p_task
delete_p2p_task
get_p2p_id
get_p2phandle_peerinfo
get_p2phandle_serverlist
get_p2phandle_serverlog
p2p_add_share
p2p_delete_share
p2p_find_share
p2p_get_handle_info
p2p_get_netinfo
p2p_get_share_filelist
p2p_get_uplist
p2p_initialize
p2p_move_share
p2p_notify_new_finish
p2p_pause_share
p2p_pause_upload
p2p_reload_option
p2p_task_limit_speed
p2p_uninitialize
set_auto_reload_sharelist
set_p2p_allow_add_share
set_p2p_debug_flag
set_p2p_debug_supernode
set_p2p_downloader_mode
set_p2p_ini_filename
set_p2p_local_share
set_p2p_no_submit_share
set_p2p_temp_mode
set_p2p_upload_english_ver
set_p2p_upload_speed_control
set_p2p_upload_speed_max
set_p2p_uploader_mode
start_p2p_task

Sections

.text
Size: 232KB - Virtual size: 231KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 840B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
FlashGet 3/P2SCore.dll
.dll windows:4 windows x86 arch:x86

9f9cc77a3816d5181ce985bd41a9ec4d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\project\ProtKrnl\src\build\P2SCore.pdb

Imports

kernel32

FreeLibrary
WaitForSingleObject
GetTickCount
GetProcAddress
DeleteCriticalSection
LeaveCriticalSection
SetEvent
EnterCriticalSection
LoadLibraryW
GetExitCodeThread
InitializeCriticalSection
CloseHandle
CreateEventW
LockResource
FindResourceExW
WideCharToMultiByte
FindResourceW
Sleep
LoadResource
MultiByteToWideChar
WaitForMultipleObjects
SizeofResource
lstrlenW
GetLastError
UnmapViewOfFile
GetFileSize
ReadFile
CreateFileMappingW
GetOverlappedResult
SetFilePointer
CreateFileW
FlushFileBuffers
WriteFile
GetSystemInfo
MapViewOfFile
GetLocalTime
SetEndOfFile
RaiseException
GetOEMCP
GetModuleFileNameW
CreateDirectoryW
OutputDebugStringW
OutputDebugStringA
lstrlenA
InterlockedIncrement
GetDiskFreeSpaceExW
DeleteFileW
GetCurrentThreadId
ResetEvent
InterlockedDecrement
SetFileTime
MoveFileW
GetUserDefaultLCID
SystemTimeToFileTime
GetFileAttributesW
SetLastError
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleHandleA
GetCPInfo
LCMapStringW
LCMapStringA
RtlUnwind
GetCommandLineA
GetTimeZoneInformation
GetSystemTimeAsFileTime
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
CreateThread
ExitThread
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
SetEnvironmentVariableA
CompareStringW
CompareStringA
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetConsoleMode
GetConsoleCP
LoadLibraryA
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
HeapAlloc
GetStartupInfoA
GetFileType
SetHandleCount
GetStringTypeW
GetStringTypeA
GetModuleFileNameA
GetStdHandle
HeapCreate
VirtualAlloc
VirtualFree
IsValidCodePage
HeapDestroy
GetVersionExA
ExitProcess
TlsFree

user32

MessageBoxW
SetWindowTextW
GetWindowTextW
PostMessageW
GetScrollPos
SendMessageW
UnregisterClassA

shlwapi

PathIsDirectoryW
PathFileExistsW
UrlGetPartA
StrTrimA
StrRChrA
PathStripPathA
StrStrIA

wininet

InternetCanonicalizeUrlA
InternetCrackUrlA
InternetTimeToSystemTimeA
InternetGetCookieA

ws2_32

htonl
WSAGetLastError
WSAStartup
bind
WSASend
WSAAccept
WSASocketW
closesocket
getsockname
ioctlsocket
htons
WSAConnect
WSARecv
ntohs
WSAEnumNetworkEvents
WSAWaitForMultipleEvents
setsockopt
inet_ntoa
WSACleanup
gethostbyname
inet_addr
ntohl
WSAEventSelect
listen

p2pcore

p2p_task_limit_speed
p2p_get_handle_info
get_p2p_id
set_p2p_local_share
p2p_get_netinfo
ord1
set_p2p_upload_speed_control
p2p_find_share
p2p_pause_upload
set_p2p_uploader_mode
get_p2phandle_serverlist
set_p2p_upload_speed_max
ord2
set_p2p_downloader_mode
set_p2p_ini_filename
p2p_move_share
set_p2p_no_submit_share
start_p2p_task
p2p_add_share
get_p2phandle_peerinfo
create_p2p_task
delete_p2p_task
set_p2p_temp_mode
get_p2phandle_serverlog

winmm

timeGetTime

Exports

Exports

??0P2SP@@QAE@XZ
??1P2SP@@QAE@XZ
??4P2SP@@QAEAAV0@ABV0@@Z
?AsyncReportPartHash@P2SP@@SAHPAE0_J0H@Z
?CheckFinish@P2SP@@QAE_N_JHPAD_N@Z
?DebugDisableLoadLive@P2SP@@SAXXZ
?DelResumeInfo@P2SP@@SAHAAUst_TASK_PARAMS@@@Z
?DelTempFile@P2SP@@SAHAAUst_TASK_PARAMS@@@Z
?Delete@P2SP@@QAE_NXZ
?GetBlockInfo@P2SP@@QAEHPAHHAAH@Z
?GetFilenameByURL@P2SP@@SAXPB_WPA_WH@Z
?GetFilesizeByURL@P2SP@@SA_JPB_W@Z
?GetServerList@P2SP@@QAEKPAUtagP2SServerItem@@K@Z
?GetServerLog@P2SP@@QAEKPA_WK@Z
?GetSourceList@P2SP@@QAEKPAUP2SP_SOURCE_LIST@@K@Z
?GetSourceLog@P2SP@@QAEKPA_WKH@Z
?GetTaskLog@P2SP@@QAEHPA_WHAAK1AAH@Z
?GetTaskPartHash@P2SP@@QAEKPAEH@Z
?Init@P2SP@@SAHXZ
?InitOther@P2SP@@SAXXZ
?LimitDownloadSpeed@P2SP@@QAEXH@Z
?NotifyExternalSpeed@P2SP@@QAEXH@Z
?ParseResume@P2SP@@SAHPA_W0AAUst_TASK_PARAMS@@AAUst_TASK_INFO@@@Z
?Quit@P2SP@@SAXXZ
?SearchTest@P2SP@@SAXPB_WAAUP2S_SEARCH_RESULT@@@Z
?SendLiveStat@P2SP@@QAEHPAULIVE_INFO_CORE_STAT@@@Z
?SetCacheSize@P2SP@@SAXH@Z
?SetDU@P2SP@@SAXH@Z
?SetP2sTz@P2SP@@QAEXXZ
?SetProxy@P2SP@@SAXHIPA_W00@Z
?SetRetry@P2SP@@SAXHHH@Z
?SetUseServerTime@P2SP@@SAXH@Z
?Start@P2SP@@QAEXAAUst_TASK_PARAMS@@@Z
?StopAsync@P2SP@@QAEXXZ
?StopSync@P2SP@@QAEXXZ
?UpdateDebugConsole@P2SP@@QAEKPA_WK@Z
?UpdateInfo@P2SP@@QAEXAAUst_TASK_INFO@@@Z
?get_complete@P2SP@@QAEPAEAAH@Z
?get_p2p_user_complete@P2SP@@QAEHKPA_J0HAAH@Z
p2s_enable_p4s
p2s_get_p2p_id
p2s_get_sharefile_url
p2s_hash_cid
p2s_make_upload
p2s_p2p_add_share
p2s_p2p_get_network_traffic
p2s_p2p_get_upload_speed
p2s_p2p_move_share
p2s_p2p_no_submit_share
p2s_p2p_pause_upload
p2s_p2p_set_downloader_mode
p2s_p2p_set_ini_filename
p2s_p2p_set_local_share
p2s_p2p_set_temp_mode
p2s_p2p_set_upload_speed_control
p2s_p2p_set_upload_speed_max
p2s_p2p_set_uploader_mode
p2s_report_url_fgid

Sections

.text
Size: 404KB - Virtual size: 401KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 840B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
FlashGet 3/RdOldDb.dll
.dll windows:4 windows x86 arch:x86

1fbfe21fee50eebe878e5101bb587c01

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord3953
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord561
ord825
ord815
ord5731
ord5651
ord3127
ord3616
ord3663
ord2393
ord1969
ord800
ord603
ord2740
ord273
ord354
ord823
ord860
ord540
ord350
ord1168
ord879
ord1176
ord1575
ord1577
ord1182
ord342
ord1243
ord1197
ord1570
ord1253
ord1255
ord6467
ord2512
ord4486
ord2554
ord6375
ord2801
ord4274
ord269
ord826
ord600
ord1578
ord1116

msvcrt

_adjust_fdiv
malloc
_initterm
free
?terminate@@YAXXZ
_except_handler3
??1type_info@@UAE@XZ
_onexit
__dllonexit
__CxxFrameHandler

kernel32

LocalFree
LocalAlloc

advapi32

RegQueryValueExA
RegOpenKeyExA

Exports

Exports

Get196DataBaseJobInfo
GetCount

Sections

.text
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 904B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 970B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
FlashGet 3/RealMediaSplitter.ax
.dll regsvr32 windows:4 windows x86 arch:x86

e55045fafe5ca0e8458178d6994851c2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\code_temp\guliverkli\trunk\guliverkli\src\filters\parser\realmediasplitter\Release\RealMediaSplitter.pdb

Imports

kernel32

FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileAttributesA
GetFileTime
LocalAlloc
GlobalReAlloc
GlobalHandle
TlsGetValue
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
lstrcatA
GlobalFlags
lstrcmpW
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetCPInfo
GetOEMCP
HeapAlloc
HeapFree
ExitProcess
RtlUnwind
VirtualProtect
VirtualQuery
GetCommandLineA
HeapReAlloc
SetStdHandle
GetFileType
HeapSize
TerminateProcess
HeapDestroy
HeapCreate
IsBadWritePtr
QueryPerformanceCounter
GetSystemTimeAsFileTime
LCMapStringA
LCMapStringW
SetHandleCount
GetStdHandle
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
UnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
GetTimeZoneInformation
IsBadReadPtr
IsBadCodePtr
SetEnvironmentVariableA
GetFullPathNameA
lstrcpyA
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
lstrcmpA
SetLastError
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
lstrcpynA
LocalFree
Sleep
CreateFileA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcessId
CreateThread
GetTickCount
SetThreadPriority
GetModuleHandleA
VirtualAlloc
GetCurrentThreadId
GetCurrentProcess
DuplicateHandle
VirtualFree
GetSystemInfo
WaitForSingleObject
ResetEvent
SetEvent
CreateEventA
CloseHandle
InterlockedDecrement
InterlockedIncrement
DisableThreadLibraryCalls
CompareStringW
CompareStringA
lstrlenA
lstrcmpiA
GetVersion
GetLastError
RaiseException
LoadLibraryA
GetProcAddress
GetModuleFileNameA
SetCurrentDirectoryA
FreeLibrary
WideCharToMultiByte
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
MultiByteToWideChar
FindResourceA
LoadResource
LockResource
SizeofResource
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange

user32

DrawTextExA
DrawTextA
TabbedTextOutA
WinHelpA
GetCapture
CreateWindowExA
GetClassLongA
GetClassInfoExA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
LoadIconA
MapWindowPoints
SetForegroundWindow
GetClientRect
GetMenu
PostMessageA
AdjustWindowRectEx
GetClassInfoA
RegisterClassA
DefWindowProcA
CallWindowProcA
SystemParametersInfoA
IsIconic
CopyRect
SetMenuItemBitmaps
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
SetWindowPos
SetWindowLongA
GetDlgItem
ClientToScreen
GetDlgCtrlID
GetWindowRect
PtInRect
GetFocus
SetWindowTextA
GetClassNameA
SetWindowsHookExA
CallNextHookEx
GetKeyState
ValidateRect
GetWindowTextA
LoadCursorA
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
GetSystemMetrics
UnhookWindowsHookEx
SendMessageA
MessageBoxA
PostQuitMessage
DestroyMenu
GetWindowPlacement
GrayStringA
GetParent
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
EnableWindow
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
DispatchMessageA
RegisterWindowMessageA
PeekMessageA
UnregisterClassA
CharUpperA
GetWindow

gdi32

ScaleWindowExtEx
DeleteDC
GetStockObject
SetWindowExtEx
TextOutA
RectVisible
PtVisible
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
GetClipBox
CreateBitmap
DeleteObject
GetDeviceCaps
SetMapMode
RestoreDC
SaveDC
SetBkColor
SetTextColor
ExtTextOutA

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RegCreateKeyExA
RegEnumKeyExA
RegSetValueA
RegCreateKeyA
RegDeleteKeyA

comctl32

ord17

shlwapi

PathStripToRootA
PathFindFileNameA
PathFileExistsA
PathRemoveFileSpecA
PathAddBackslashA
PathIsUNCA

ole32

CLSIDFromString
StringFromGUID2
CoFreeUnusedLibraries
CoUninitialize
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
CoInitialize

oleaut32

SysAllocStringLen
VariantChangeType
VariantClear
VariantInit
SysFreeString

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 188KB - Virtual size: 184KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
FlashGet 3/SnapShot.dll
.dll windows:4 windows x86 arch:x86

8da8f6357e4ab4aee1848f7a5083f8ff

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\project\ProtKrnl\src\build\SnapShot.pdb

Imports

kernel32

SizeofResource
LockResource
LoadResource
FindResourceExA
EnterCriticalSection
LeaveCriticalSection
InterlockedIncrement
InterlockedDecrement
GetModuleHandleA
GetModuleFileNameA
InitializeCriticalSection
LoadLibraryExA
IsDBCSLeadByte
OutputDebugStringA
CloseHandle
CreateThread
ResumeThread
SuspendThread
WaitForSingleObject
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
GetFileSize
CreateFileA
GetSystemInfo
DeleteFileA
ReadFile
WriteFile
SetFilePointer
SetEndOfFile
FlushFileBuffers
GetLocalTime
GetSystemDefaultLCID
CreateFileW
CreateDirectoryW
GetModuleFileNameW
CreateMutexA
ReleaseMutex
GetPrivateProfileStringA
GetTickCount
GetFileType
DuplicateHandle
GetCurrentProcess
SystemTimeToFileTime
GetCurrentDirectoryA
DosDateTimeToFileTime
CreateDirectoryA
SetFileTime
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
RaiseException
DeleteCriticalSection
GetCurrentThreadId
SetThreadPriority
Sleep
GetLastError
FreeLibrary
LoadLibraryA
GetProcAddress
lstrlenA
GetEnvironmentVariableW
lstrcmpiA
lstrcmpiW
GetStringTypeExA
GetTimeZoneInformation
SetEnvironmentVariableA
GetLocaleInfoW
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetStringTypeExW
WideCharToMultiByte
lstrlenW
CompareStringA
CompareStringW
GetEnvironmentVariableA
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetDateFormatA
GetTimeFormatA
SetConsoleCtrlHandler
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
MultiByteToWideChar
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStringTypeW
GetStringTypeA
GetStartupInfoA
SetHandleCount
GetConsoleMode
GetConsoleCP
LCMapStringW
LCMapStringA
IsValidCodePage
GetOEMCP
GetCPInfo
GetStdHandle
HeapCreate
VirtualFree
FatalAppExitA
ExitProcess
GetCurrentThread
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetCommandLineA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
VirtualQuery
VirtualAlloc
VirtualProtect
RtlUnwind
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
InterlockedExchange
GetVersion
FindResourceA
HeapDestroy

user32

IsWindow
wsprintfW
CharNextA
DestroyWindow
CharUpperA
CharUpperW
CharLowerA
CharLowerW
UnregisterClassA

advapi32

RegEnumKeyExA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA
RegQueryInfoKeyA
RegDeleteKeyA

ole32

CoUninitialize
CoInitialize
CoCreateInstance
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc

oleaut32

VarUI4FromStr
SysAllocStringLen
SysFreeString

shlwapi

PathFileExistsA

unrar

RARProcessFile
RARReadHeaderEx
RAROpenArchive
RARCloseArchive

id3lib

?Find@ID3_Tag@@QBEPAVID3_Frame@@W4ID3_FrameID@@@Z
?Contains@ID3_Frame@@QBE_NW4ID3_FieldID@@@Z
?Link@ID3_Tag@@QAEIPBDG@Z
?GetFileSize@ID3_Tag@@QBEIXZ
?GetMp3HeaderInfo@ID3_Tag@@QBEPBUMp3_Headerinfo@@XZ
?HasV1Tag@ID3_Tag@@QBE_NXZ
?HasV2Tag@ID3_Tag@@QBE_NXZ
?GetID@ID3_Frame@@QBE?AW4ID3_FrameID@@XZ
?GetDataSize@ID3_Frame@@QBEIXZ
?GetField@ID3_Frame@@QBEPAVID3_Field@@W4ID3_FieldID@@@Z
?Clear@ID3_Tag@@QAEXXZ
??0ID3_Tag@@QAE@PBD@Z
??1ID3_Tag@@UAE@XZ
?CreateIterator@ID3_Tag@@QAEPAVIterator@1@XZ

ws2_32

getsockname
send
recv
shutdown
sendto
accept
htonl
bind
listen
closesocket
htons
inet_addr
gethostbyname
socket
WSAGetLastError
setsockopt
getsockopt
WSAAsyncSelect
ioctlsocket
connect
select
WSACleanup
WSAStartup
ntohl
ntohs

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

avifil32

AVIFileCreateStreamA
AVIStreamSetFormat
AVIStreamStart
AVIStreamLength
AVIStreamRead
AVIStreamWrite
AVIFileExit
AVIFileRelease
AVIStreamInfoA
AVIStreamReadFormat
AVIFileGetStream
AVIFileOpenA
AVIFileInit
AVIStreamRelease

Exports

Exports

BTSnapshot
P2SSnapshot
StopSnapshot

Sections

.text
Size: 544KB - Virtual size: 541KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 104KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
FlashGet 3/SysOptimize.exe
.exe windows:4 windows x86 arch:x86

9b36c1fcfcbfa9f260bc4f4e706ea073

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

15:e8:ac:e7:89:3d:48:73:8c:35:06:a5:02:ac:63:8d
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

29/06/2009, 00:00

Not After

29/06/2011, 23:59

Subject

CN=Trend Media Corporation Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Trend Media Corporation Limited,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemDirectoryA
SetFilePointer
GetVersionExA
EnterCriticalSection
LeaveCriticalSection
FlushInstructionCache
CompareStringA
lstrcmpiA
GetSystemDefaultLangID
ExitProcess
GetCurrentThreadId
InitializeCriticalSection
DeleteCriticalSection
MultiByteToWideChar
WideCharToMultiByte
lstrlenW
IsDBCSLeadByte
SetLastError
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
GetModuleHandleA
GetModuleFileNameA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
FlushFileBuffers
GetConsoleMode
GetConsoleCP
LCMapStringW
LCMapStringA
GetSystemTimeAsFileTime
GetCurrentProcessId
OutputDebugStringA
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
Sleep
HeapSize
HeapCreate
HeapDestroy
GetStdHandle
WriteFile
GetStringTypeW
GetStringTypeA
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
IsValidCodePage
GetOEMCP
GetCPInfo
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoA
GetCommandLineA
VirtualQuery
GetSystemInfo
VirtualProtect
HeapReAlloc
RtlUnwind
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
GetLastError
DebugBreak
InterlockedIncrement
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
CreateFileA
GetFileSize
ReadFile
lstrlenA
InterlockedDecrement
RaiseException
GetVersion
LoadLibraryA
GetProcAddress
FreeLibrary
CreateRemoteThread
WaitForSingleObject
OpenProcess
CreateToolhelp32Snapshot
Process32First
Process32Next
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
GetCurrentProcess
CloseHandle
GetTickCount

user32

CharNextA
DestroyWindow
SetWindowLongA
LoadStringA
GetWindowLongA
SetWindowTextA
GetWindowTextA
GetWindowTextLengthA
SendMessageA
SetWindowPos
GetClientRect
GetDlgItemTextA
CreateWindowExA
CallWindowProcA
FindWindowA
CreateDialogParamA
PeekMessageA
GetMessageA
TranslateMessage
DispatchMessageA
ShowWindow
GetSystemMetrics
LoadImageA
SetForegroundWindow
GetSysColor
GetFocus
GetCapture
ReleaseCapture
EndPaint
BeginPaint
GetCursorPos
SetCursor
DrawFocusRect
FillRect
PtInRect
UnregisterClassA
GetDlgCtrlID
SetCapture
IsWindowEnabled
InvalidateRect
UpdateWindow
ScreenToClient
GetClassNameA
LoadCursorA
SetRectEmpty
IsDialogMessageA
OffsetRect
ReleaseDC
GetDC
DefWindowProcA
PostQuitMessage
EnableWindow
SetFocus
ExitWindowsEx
DrawTextA
GetWindow
GetWindowRect
SystemParametersInfoA
MapWindowPoints
IsWindow
MessageBoxA
GetDlgItem
GetParent
SetDlgItemTextA

gdi32

SetTextColor
SetBkMode
GetStockObject
CreateFontIndirectA
SelectObject
GetObjectA
DeleteObject

advapi32

RegDeleteKeyA
LookupPrivilegeValueA
OpenProcessToken
RegEnumKeyExA
RegQueryInfoKeyA
RegCreateKeyExA
RegDeleteValueA
AdjustTokenPrivileges
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey

shell32

ShellExecuteA

ole32

CoTaskMemAlloc
CoTaskMemRealloc
CoCreateInstance
CoTaskMemFree
CoUninitialize
CoInitialize

oleaut32

VarUI4FromStr

shlwapi

PathFileExistsA

comctl32

InitCommonControlsEx
_TrackMouseEvent

imagehlp

CheckSumMappedFile
ImageNtHeader

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

Sections

.text
Size: 76KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
FlashGet 3/VodCore.dll
.dll windows:4 windows x86 arch:x86

61f8f240f431dfc592be41e53b0eff24

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

i:\Work\Soruce\ProtKrnl\src\Build\VodCore.pdb

Imports

kernel32

GetTickCount
GetFileAttributesA
GetFileSize
CreateFileA
ReadFile
SetFilePointer
GlobalAddAtomA
GlobalDeleteAtom
InterlockedExchange
ResetEvent
WaitForMultipleObjects
CreateThread
LoadLibraryA
GetCurrentProcessId
GetProcAddress
WriteFile
MoveFileA
GetFileSizeEx
CreateDirectoryA
GetVersionExA
IsBadWritePtr
GetPrivateProfileStringA
GetPrivateProfileIntA
ResumeThread
GlobalFree
FreeResource
LCMapStringA
GetOEMCP
GetCPInfo
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStdHandle
ExitProcess
HeapCreate
GetCommandLineA
GetSystemTimeAsFileTime
CreateEventA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
ExitThread
RtlUnwind
VirtualQuery
GetSystemInfo
VirtualProtect
HeapSize
HeapReAlloc
HeapDestroy
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
GetThreadLocale
GetLocaleInfoA
GetACP
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
GetUserDefaultLCID
SetEvent
GetModuleHandleA
LoadLibraryExA
FreeLibrary
Sleep
WriteConsoleW
FlushFileBuffers
CreateEventW
CreateSemaphoreW
lstrcmpW
ReleaseSemaphore
GetModuleFileNameA
MulDiv
lstrcmpA
SetLastError
LCMapStringW
IsDBCSLeadByte
GlobalAlloc
GlobalLock
GlobalUnlock
lstrcmpiA
lstrlenA
InterlockedDecrement
InterlockedIncrement
GetLastError
lstrlenW
GetCurrentThreadId
WideCharToMultiByte
GetCurrentProcess
FlushInstructionCache
WaitForSingleObject
SuspendThread
CloseHandle
FindResourceExA
FindResourceA
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
RaiseException
IsDebuggerPresent
MultiByteToWideChar

user32

GetDlgCtrlID
SetTimer
UpdateWindow
GetClassInfoA
AdjustWindowRectEx
EnableWindow
IsWindowEnabled
GetMenu
GetCapture
DrawFocusRect
DrawEdge
InflateRect
UnregisterClassA
SetForegroundWindow
PostQuitMessage
GetSystemMetrics
LoadImageA
SetLayeredWindowAttributes
GetKeyState
TrackPopupMenu
GetCursorPos
MonitorFromWindow
ShowCursor
DrawTextA
SystemParametersInfoA
MapWindowPoints
IsDialogMessageA
GetClassLongA
EndDeferWindowPos
SetPropA
BeginDeferWindowPos
DeferWindowPos
GetDialogBaseUnits
wsprintfW
MessageBoxA
UpdateLayeredWindow
EqualRect
KillTimer
IsWindowVisible
GetWindowRect
BringWindowToTop
IsZoomed
IsIconic
CopyRect
SetRect
PtInRect
MonitorFromPoint
GetMonitorInfoA
DestroyMenu
AppendMenuA
CreatePopupMenu
CreateMenu
CreateAcceleratorTableA
CreateWindowExA
IsWindow
SendMessageA
GetDesktopWindow
SetFocus
GetFocus
GetWindow
DestroyAcceleratorTable
BeginPaint
EndPaint
CallWindowProcA
FillRect
ReleaseCapture
GetClassNameA
GetDlgItem
GetParent
IsChild
SetCapture
RedrawWindow
InvalidateRgn
InvalidateRect
ReleaseDC
GetDC
ScreenToClient
ClientToScreen
GetClientRect
SetWindowPos
MoveWindow
GetSysColor
CreateDialogParamA
RegisterWindowMessageA
GetClassInfoExA
LoadCursorA
RegisterClassExA
DestroyWindow
GetWindowTextLengthA
GetWindowTextA
SetWindowTextA
CharNextA
DefWindowProcA
PeekMessageA
GetMessageA
TranslateMessage
DispatchMessageA
ShowWindow
GetWindowLongA
SetWindowLongA
PostMessageA
SetCursor

gdi32

GetTextMetricsA
ExtTextOutA
GetTextExtentPoint32A
CreateBitmap
CreateDIBSection
DPtoLP
CreateFontIndirectW
StretchBlt
SetTextColor
CreateFontIndirectA
SetBkMode
GetStockObject
GetObjectA
CreateSolidBrush
GetDeviceCaps
BitBlt
CreateCompatibleDC
DeleteObject
SelectObject
SetBkColor
CreateCompatibleBitmap
DeleteDC

advapi32

RegEnumKeyExA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegDeleteKeyA
RegQueryInfoKeyA
RegSetValueExA

shell32

SHGetSpecialFolderPathA
ShellExecuteA

ole32

OleCreate
OleSetContainedObject
OleDraw
CreateItemMoniker
GetRunningObjectTable
StringFromCLSID
CoInitialize
CoUninitialize
CLSIDFromString
CLSIDFromProgID
CoGetClassObject
OleLockRunning
StringFromGUID2
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
CoTaskMemFree
CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc
CoFreeUnusedLibraries

oleaut32

VariantInit
SysAllocStringLen
SysAllocString
SysStringLen
OleLoadPicture
LoadTypeLi
LoadRegTypeLi
OleCreateFontIndirect
VariantClear
VarUI4FromStr
SysStringByteLen
SysFreeString

shlwapi

PathRemoveFileSpecA
PathCombineA
PathFileExistsA

comctl32

ImageList_LoadImageA
ImageList_Destroy
ImageList_Draw
ImageList_GetIconSize
_TrackMouseEvent

wininet

InternetOpenUrlA
InternetSetOptionA
HttpQueryInfoA
InternetReadFile
InternetSetCookieA
InternetOpenA
InternetCloseHandle

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Exports

Exports

live_cleanup
live_finish
live_start
live_stop

Sections

.text
Size: 256KB - Virtual size: 255KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
FlashGet 3/adns.dll
.dll windows:4 windows x86 arch:x86

5ce2a94a3785640706550e7640f4c432

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\project\adns\bin\adns.pdb

Imports

kernel32

GetCurrentProcessId
GetSystemTimeAsFileTime
SystemTimeToFileTime
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
WaitForSingleObject
SetEvent
CloseHandle
ResetEvent
WaitForMultipleObjects
CreateEventA
SetEndOfFile
GetSystemInfo
VirtualProtect
LCMapStringW
LCMapStringA
IsBadCodePtr
IsBadReadPtr
CreateFileA
SetStdHandle
ReadFile
GetLocaleInfoA
GetStringTypeW
ExitProcess
HeapFree
HeapReAlloc
HeapAlloc
RtlUnwind
RaiseException
ExitThread
GetCurrentThreadId
GetLastError
CreateThread
GetCommandLineA
GetVersionExA
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
GetModuleFileNameA
QueryPerformanceCounter
GetTickCount
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetHandleCount
GetFileType
GetStartupInfoA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
HeapSize
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
GetACP
GetOEMCP
GetCPInfo
LoadLibraryA
InterlockedExchange
VirtualQuery
SetFilePointer
FlushFileBuffers
GetStringTypeA
MultiByteToWideChar

iphlpapi

GetNetworkParams

ws2_32

sendto
ioctlsocket
ntohl
htonl
__WSAFDIsSet
recvfrom
ntohs
inet_ntoa
recv
getprotobyname
socket
htons
connect
closesocket
inet_addr
WSASetLastError
send
WSAGetLastError

Exports

Exports

adns_lib_init
adns_lib_quit
adns_lib_resolve
adns_lib_result
adns_lib_result2

Sections

.text
Size: 72KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 800B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
FlashGet 3/backup_list.swf
FlashGet 3/btcoreu.dll
.dll regsvr32 windows:4 windows x86 arch:x86

db368a2c93a3ce7702d6d6aaec7a731a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\project\ProtKrnl\src\Build\btcoreu.pdb

Imports

ws2_32

bind
inet_addr
closesocket
setsockopt
WSAGetLastError
sendto
ntohs
ntohl
htons
socket
listen
inet_ntoa
WSACleanup
WSAStartup
WSASetLastError
accept
htonl
getsockopt
getsockname
recv
send
connect
select
gethostname
gethostbyname
__WSAFDIsSet
recvfrom
ioctlsocket

rpcrt4

UuidCreate

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

wininet

InternetGetCookieW

iphlpapi

GetIfEntry
GetBestInterface
GetAdaptersInfo

kernel32

GetConsoleOutputCP
WriteConsoleA
GetLocaleInfoW
GetStringTypeW
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
LoadLibraryA
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetDateFormatA
GetTimeFormatA
SetStdHandle
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
LCMapStringW
LCMapStringA
HeapDestroy
GetStartupInfoA
GetFileType
SetHandleCount
GetConsoleMode
GetConsoleCP
IsValidCodePage
GetACP
GetModuleFileNameA
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetProcAddress
LoadLibraryW
FreeLibrary
GetVolumeInformationW
GetTickCount
GlobalMemoryStatus
GetDiskFreeSpaceExW
Sleep
CopyFileW
FileTimeToSystemTime
GetFileAttributesExW
lstrlenW
WaitForSingleObject
GetCurrentThread
IsBadReadPtr
ReleaseMutex
CreateMutexW
CloseHandle
GetCurrentThreadId
WriteConsoleW
GetLastError
CreateDirectoryW
GetModuleFileNameW
WriteFile
CreateFileW
SetFilePointer
GetFileSize
GetLocalTime
DeleteFileW
ReadFile
FlushFileBuffers
SetEndOfFile
GetSystemInfo
CreateFileMappingW
UnmapViewOfFile
MapViewOfFile
GetOverlappedResult
DeviceIoControl
SetFileAttributesW
MoveFileW
IsBadWritePtr
GetFileTime
CompareFileTime
CreateEventW
ResetEvent
SetEvent
GetModuleHandleW
MultiByteToWideChar
WideCharToMultiByte
GetVersionExW
lstrcatW
GetSystemDirectoryW
GetUserDefaultLangID
GetOEMCP
RemoveDirectoryW
InterlockedDecrement
InterlockedIncrement
MoveFileExW
FindClose
FindNextFileW
FindFirstFileW
GetDiskFreeSpaceW
CreateSemaphoreW
ResumeThread
SetThreadPriority
CreateThread
SystemTimeToTzSpecificLocalTime
ExitProcess
GetModuleHandleA
GetProcessHeap
HeapAlloc
GetVersionExA
GetCommandLineA
ExitThread
HeapFree
GetSystemTimeAsFileTime
GetTimeZoneInformation
RaiseException
IsDebuggerPresent
CreateFileA
CompareStringA
CompareStringW
GetFileAttributesW
SetEnvironmentVariableA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStdHandle
HeapSize
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
RtlUnwind
GetCPInfo

user32

SetTimer
IsWindow
EnumThreadWindows
GetClassNameW
GetWindowTextW
GetDlgItem
CharNextW
MessageBoxW
PostMessageW
SendMessageW
KillTimer

advapi32

OpenServiceW
QueryServiceStatus
CloseServiceHandle
OpenSCManagerW

shell32

SHGetSpecialFolderPathW
SHFileOperationW
ShellExecuteW

ole32

CoCreateInstance
CoInitializeSecurity
CoInitialize
CoUninitialize
CoTaskMemFree
CoTaskMemAlloc

oleaut32

VariantClear
VariantInit

shlwapi

PathFileExistsW
PathStripPathW

p2pcore

p2p_move_share
ord1
ord2
p2p_add_share
start_p2p_task
create_p2p_task
delete_p2p_task
get_p2phandle_peerinfo
get_p2phandle_serverlist
get_p2phandle_serverlog
p2p_task_limit_speed
p2p_notify_new_finish

p2score

p2s_p2p_get_network_traffic
?GetTaskPartHash@P2SP@@QAEKPAEH@Z
?AsyncReportPartHash@P2SP@@SAHPAE0_J0H@Z
??1P2SP@@QAE@XZ
?Start@P2SP@@QAEXAAUst_TASK_PARAMS@@@Z
?StopAsync@P2SP@@QAEXXZ
?StopSync@P2SP@@QAEXXZ
?UpdateInfo@P2SP@@QAEXAAUst_TASK_INFO@@@Z
?GetSourceList@P2SP@@QAEKPAUP2SP_SOURCE_LIST@@K@Z
?LimitDownloadSpeed@P2SP@@QAEXH@Z
??0P2SP@@QAE@XZ

Exports

Exports

BITS_AddProxy
BITS_ClearMakeThreads
BITS_CoreInfo
BITS_CreateConfiguration
BITS_DeleteDownload
BITS_FindProxyByName
BITS_FreeBuffer
BITS_FreeHandle
BITS_FreeString
BITS_GapDump
BITS_GetDefaultProfile
BITS_GetDownloadInfo
BITS_GetDownloadUploadSpeed
BITS_GetFileItem
BITS_GetFileListByTorrent
BITS_GetFileStatus
BITS_GetFileStatusByID
BITS_GetFinishedBitField
BITS_GetGapList
BITS_GetJobProfile
BITS_GetLogLine
BITS_GetMemoryUsage
BITS_GetPartialPiece
BITS_GetPeerCount
BITS_GetPeerIdList
BITS_GetPeerInfo
BITS_GetPeerLog
BITS_GetPeerPiece
BITS_GetPeerStatus
BITS_GetPieceBlock
BITS_GetPieceGap
BITS_GetPieceStatus
BITS_GetPreferrence
BITS_GetRunning
BITS_GetServerInfo
BITS_GetStatusDescription
BITS_GetTorrentInfo
BITS_GetTrackerLog
BITS_GetTrackerStatus
BITS_GetUniqueID
BITS_GetUniqueID16
BITS_Initialize
BITS_IsJobActive
BITS_MakeTorrent
BITS_ObjDel
BITS_ObjNew
BITS_PackMemoryPool
BITS_ParseTorrent
BITS_ParseTorrentFile
BITS_ParseTorrentFileList
BITS_ParseTorrentInfo
BITS_RegisterCallback
BITS_ReleaseTagFileByID
BITS_ResetDownloadPath
BITS_SetBitTorrentId
BITS_SetDefaultProfile
BITS_SetDownloadFlags
BITS_SetDownloadPath
BITS_SetFileSelection
BITS_SetFileSelectionByID
BITS_SetJobProfile
BITS_SetJobTrackers
BITS_SetLogDevice
BITS_SetPreferrence
BITS_SetProtocol
BITS_SetProxyActive
BITS_SetSpeed
BITS_StartDownload
BITS_StartDownloadByHandle
BITS_StartDownloadByTorrent
BITS_StopDownload
BITS_Uninitialize
BITS_UpdateProxy
BITS_WriteFile
DllRegisterServer

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 184KB - Virtual size: 182KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 988B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
FlashGet 3/ckcore.dll
.dll windows:4 windows x86 arch:x86

940bc3e599e81a3e79324de4a0509e3c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

x:\CkCore\bin\ckcore.pdb

Imports

kernel32

LoadLibraryA
FreeLibrary
RaiseException
GetCurrentThreadId
InterlockedIncrement
InterlockedDecrement
IsDBCSLeadByte
FlushInstructionCache
GetCurrentProcess
LoadLibraryExA
GetModuleHandleA
GetModuleFileNameA
SetLastError
GetVersionExA
Sleep
SuspendThread
WaitForSingleObject
SetThreadPriority
GetCurrentThread
lstrcmpA
MulDiv
GlobalUnlock
GlobalLock
GlobalAlloc
IsValidCodePage
GetOEMCP
GetCPInfo
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStdHandle
ExitProcess
HeapCreate
GetCommandLineA
CreateThread
ExitThread
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
RtlUnwind
GetProcAddress
GetSystemInfo
VirtualProtect
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
InterlockedCompareExchange
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
GetThreadLocale
GetLocaleInfoA
GetACP
LCMapStringW
GetStringTypeA
GetStringTypeW
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
ReadProcessMemory
WriteProcessMemory
GetTickCount
WriteFile
FlushFileBuffers
CloseHandle
CreateFileA
SetFilePointer
LeaveCriticalSection
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
LCMapStringA
WriteConsoleW
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
FindResourceExA
FindResourceA
LoadResource
LockResource
SizeofResource
lstrcmpiA
lstrlenW
lstrlenA
GetLastError
WideCharToMultiByte
MultiByteToWideChar
VirtualQuery
InterlockedExchange

user32

GetMessageA
TranslateMessage
DispatchMessageA
LoadImageA
GetWindow
ScreenToClient
PostMessageA
PeekMessageA
PtInRect
MessageBeep
RemoveMenu
ChildWindowFromPoint
InvalidateRgn
IsChild
GetDlgItem
GetClassNameA
FillRect
EndPaint
BeginPaint
DestroyAcceleratorTable
CreateAcceleratorTableA
GetWindowTextA
GetWindowTextLengthA
RegisterWindowMessageA
KillTimer
MoveWindow
TrackPopupMenuEx
CreatePopupMenu
GetWindowRect
LoadStringW
PostQuitMessage
LoadStringA
TranslateAcceleratorA
SetMenuItemInfoA
MapWindowPoints
CreateWindowExA
ReleaseCapture
GetClassInfoExA
DestroyWindow
GetFocus
GetSystemMetrics
GetDesktopWindow
RegisterClassExA
InflateRect
GetSysColor
ReleaseDC
GetDC
AdjustWindowRectEx
GetKeyState
SetFocus
SetMenuDefaultItem
CheckMenuRadioItem
GetMenuItemID
EnableMenuItem
DeleteMenu
AppendMenuA
LoadCursorA
SetCursor
GetMenuItemInfoA
GetMenuItemCount
CallWindowProcA
IsWindow
GetDlgCtrlID
SetCapture
RedrawWindow
ShowWindow
InvalidateRect
UpdateWindow
ClientToScreen
GetClientRect
SetWindowPos
GetWindowLongA
SetWindowLongA
CharNextA
DefWindowProcA
DestroyMenu
GetParent
SendMessageA
SetWindowTextA
SetTimer
UnregisterClassA

gdi32

GetObjectA
GetStockObject
CreateCompatibleDC
SelectObject
SetViewportOrgEx
CreateCompatibleBitmap
DeleteObject
Polygon
CreatePen
CreateSolidBrush
DeleteDC
GetDeviceCaps
BitBlt

advapi32

RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegCloseKey
RegDeleteValueA
RegDeleteKeyA
RegEnumKeyExA
RegQueryValueExA
RegQueryInfoKeyA

ole32

OleInitialize
CreateStreamOnHGlobal
CLSIDFromProgID
OleLockRunning
StringFromGUID2
CoInitialize
CoUninitialize
CoTaskMemFree
CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc
CoGetClassObject
CLSIDFromString
OleUninitialize

oleaut32

VariantChangeType
LoadTypeLi
LoadRegTypeLi
OleCreateFontIndirect
SysStringByteLen
SysAllocStringByteLen
SysAllocString
SysAllocStringLen
VariantClear
VariantInit
VarBstrCat
SysStringLen
VarUI4FromStr
SysFreeString
DispCallFunc

comctl32

ImageList_Destroy
ImageList_AddMasked
ImageList_BeginDrag
ImageList_EndDrag
ImageList_DragMove
ImageList_DragShowNolock
ImageList_DragEnter
ImageList_DragLeave
ImageList_Create

ws2_32

recvfrom
WSAGetLastError
socket
WSAAsyncSelect
closesocket
htons
sendto
inet_addr
gethostbyname
WSAStartup
WSACleanup

winmm

timeGetTime

Exports

Exports

ack_Stat
ack_StatBin
ack_end
ack_set_server
ack_start

Sections

.text
Size: 184KB - Virtual size: 182KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 816B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
FlashGet 3/commonlib.dll
.dll windows:4 windows x86 arch:x86

66e652e7d2d53665e1d9fc9d85416023

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\project\FlashGet_3_Xeon\FlashGet_3_Xeon\output\commonlib.pdb

Imports

kernel32

MultiByteToWideChar
GetFileAttributesA
lstrlenA
GetSystemDirectoryA
GetVolumeInformationA
InitializeCriticalSection
DeleteCriticalSection
IsBadReadPtr
EnterCriticalSection
LeaveCriticalSection
IsBadWritePtr
GetVersionExW
CreateDirectoryW
GetModuleFileNameW
IsBadStringPtrW
GetFullPathNameW
FindFirstFileW
FindNextFileW
SetFileAttributesW
DeleteFileW
GetLastError
SetLastError
RemoveDirectoryW
GetFileAttributesW
WaitForSingleObject
ReleaseMutex
GetCurrentThreadId
DebugBreak
CreateFileW
CloseHandle
GetFileSize
ReadFile
DuplicateHandle
GetCurrentProcess
GetFileType
SetFilePointer
SystemTimeToFileTime
GetCurrentDirectoryW
DosDateTimeToFileTime
WriteFile
SetFileTime
WideCharToMultiByte
lstrlenW
FindResourceExW
LoadResource
LockResource
SizeofResource
FindResourceW
FindClose
DisableThreadLibraryCalls
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetTimeZoneInformation
LoadLibraryA
FreeLibrary
SetConsoleCtrlHandler
GetConsoleMode
GetConsoleCP
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetDateFormatA
GetTimeFormatA
GetStringTypeW
GetStringTypeA
RtlUnwind
GetLocaleInfoW
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
CompareStringW
CompareStringA
FlushFileBuffers
CreateFileA
RaiseException
GetVersionExA
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
GetCommandLineA
GetModuleHandleA
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
InterlockedDecrement
GetCurrentThread
GetCPInfo
GetOEMCP
IsValidCodePage
HeapCreate
VirtualFree
FatalAppExitA
VirtualAlloc
ExitProcess
GetStdHandle
GetModuleFileNameA
Sleep
LCMapStringA
LCMapStringW
SetHandleCount
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings

advapi32

RegCloseKey
RegEnumKeyExW
RegDeleteKeyW
RegOpenKeyExW
RegSetValueExW
RegQueryValueExW
RegCreateKeyExW
RegDeleteValueW

shell32

SHGetSpecialFolderPathW

oleaut32

SysFreeString

shlwapi

PathFileExistsW
PathRelativePathToA
PathAppendA
PathStripToRootA
PathStripPathA
PathRemoveFileSpecA
PathRemoveFileSpecW
PathAddBackslashA
PathCombineW
PathFindExtensionA
PathIsFileSpecA
StrStrIA
StrRChrA
UrlGetPartA
StrTrimA
PathRemoveBackslashA
PathIsRelativeA

ws2_32

inet_ntoa
htonl
ntohl
inet_addr

iphlpapi

GetAdaptersInfo

user32

UnregisterClassA

Exports

Exports

??0CEntry@@QAE@ABV0@@Z
??0CEntry@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0CEntry@@QAE@ABV?$list@VCEntry@@V?$allocator@VCEntry@@@std@@@std@@@Z
??0CEntry@@QAE@ABV?$map@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@VCEntry@@U?$less@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@V?$allocator@U?$pair@$$CBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@VCEntry@@@std@@@2@@std@@@Z
??0CEntry@@QAE@AB_K@Z
??0CEntry@@QAE@W4data_type@0@@Z
??0CEntry@@QAE@XZ
??0CXMLAttribute@@QAE@ABV0@@Z
??0CXMLAttribute@@QAE@PAVCXMLElement@@PB_W@Z
??0CXMLElement@@QAE@PAV0@PB_W@Z
??0CXMLNode@@QAE@ABV0@@Z
??0CXMLNode@@QAE@PAVCXMLElement@@PB_W@Z
??0FG2BogusLink@@QAE@PBD@Z
??0FG2BogusLinkSpecialSection@@QAE@PBD@Z
??0FG2DateString@@QAE@_J@Z
??0FG2ED2KLink@@QAE@PBD@Z
??0FG2FlashgetLink@@QAE@PBD@Z
??0FG2FlashgetXLink@@QAE@PBD@Z
??0FG2GeneralUrl@@QAE@ABV0@@Z
??0FG2GeneralUrl@@QAE@PBD@Z
??0FG2MachRule@@QAE@ABV0@@Z
??0FG2MachRule@@QAE@XZ
??0FG2NormalUrlGenFileName@@QAE@PBD0@Z
??0FG2NormalUrlPath@@QAE@PBD@Z
??0FG2UrlRule@@QAE@ABV0@@Z
??0FG2UrlRule@@QAE@XZ
??0FGFileName@@QAE@PBD@Z
??0FGString@@QAE@ABV0@@Z
??0FGString@@QAE@PBD@Z
??0FGString@@QAE@XZ
??0MD5Sum@@QAE@ABV0@@Z
??0MD5Sum@@QAE@ABV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@@Z
??0MD5Sum@@QAE@PBEI@Z
??0MD5Sum@@QAE@XZ
??1CEntry@@QAE@XZ
??1CXMLAttribute@@UAE@XZ
??1CXMLElement@@UAE@XZ
??1CXMLNode@@UAE@XZ
??1FG2GeneralUrl@@QAE@XZ
??1FG2MachRule@@QAE@XZ
??1FG2UrlRule@@QAE@XZ
??1FGString@@QAE@XZ
??1MD5Sum@@QAE@XZ
??4CEntry@@QAEXABV0@@Z
??4CEntry@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??4CEntry@@QAEXABV?$list@VCEntry@@V?$allocator@VCEntry@@@std@@@std@@@Z
??4CEntry@@QAEXABV?$map@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@VCEntry@@U?$less@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@V?$allocator@U?$pair@$$CBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@VCEntry@@@std@@@2@@std@@@Z
??4CEntry@@QAEXAB_K@Z
??4CURLEncode@@QAEAAV0@ABV0@@Z
??4CXMLAttribute@@QAEAAV0@ABV0@@Z
??4CXMLNode@@QAEAAV0@ABV0@@Z
??4FG2BogusLink@@QAEAAV0@ABV0@@Z
??4FG2BogusLinkSpecialSection@@QAEAAV0@ABV0@@Z
??4FG2DateString@@QAEAAV0@ABV0@@Z
??4FG2ED2KLink@@QAEAAV0@ABV0@@Z
??4FG2ED2KScheme@@QAEAAV0@ABV0@@Z
??4FG2FlashgetLink@@QAEAAV0@ABV0@@Z
??4FG2FlashgetScheme@@QAEAAV0@ABV0@@Z
??4FG2FlashgetXLink@@QAEAAV0@ABV0@@Z
??4FG2FlashgetXScheme@@QAEAAV0@ABV0@@Z
??4FG2GeneralUrl@@QAEAAV0@ABV0@@Z
??4FG2LocalFileScheme@@QAEAAV0@ABV0@@Z
??4FG2MachRule@@QAEAAV0@ABV0@@Z
??4FG2NormalUrlGenFileName@@QAEAAV0@ABV0@@Z
??4FG2NormalUrlPath@@QAEAAV0@ABV0@@Z
??4FG2UrlRule@@QAEAAV0@ABV0@@Z
??4FGFileName@@QAEAAV0@ABV0@@Z
??4FGString@@QAEABV0@ABV0@@Z
??4MD5Sum@@QAEAAV0@ABV0@@Z
??4md5_t@@QAEAAV0@ABV0@@Z
??8CEntry@@QBE_NABV0@@Z
??ACEntry@@QAEAAV0@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??ACEntry@@QAEAAV0@PBD@Z
??ACEntry@@QBEABV0@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??ACEntry@@QBEABV0@PBD@Z
??_7CXMLAttribute@@6B@
??_7CXMLElement@@6B@
??_7CXMLNode@@6B@
??_FCXMLElement@@QAEXXZ
??_FCXMLNode@@QAEXXZ
?AddAttribute@CXMLElement@@QAEPAVCXMLAttribute@@PAV2@@Z
?AddAttribute@CXMLElement@@QAEPAVCXMLAttribute@@PB_W0@Z
?AddElement@CXMLElement@@QAEPAV1@PAV1@@Z
?AddElement@CXMLElement@@QAEPAV1@PB_W@Z
?AddItem@FG2MachRule@@QAEXPBD@Z
?AddItem@FG2UrlRule@@QAEXPBD@Z
?AddRecursiveWords@CXMLElement@@QAEXAAV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@@Z
?AsAttribute@CXMLNode@@QBEPAVCXMLAttribute@@XZ
?AsElement@CXMLNode@@QBEPAVCXMLElement@@XZ
?AsNode@CXMLNode@@QBEPAV1@XZ
?ByteStreamToWideChar@@YAHPBDIPA_WI@Z
?Calculate@MD5Sum@@QAE?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@ABV23@@Z
?Calculate@MD5Sum@@QAE?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@PBEI@Z
?ChangeFileName@FGFileName@@QAEABV1@PBD@Z
?ChangeHead@FGFileName@@QAEABV1@PBD@Z
?Clear@FG2MachRule@@QAEXXZ
?Clear@FG2UrlRule@@QAEXXZ
?Clone@CXMLAttribute@@QAEPAV1@PAVCXMLElement@@@Z
?Clone@CXMLElement@@QAEPAV1@PAV1@@Z
?CombineRelative@FGFileName@@QAEABV1@ABV1@@Z
?CopyBuffer@FGString@@AAEXPBD@Z
?Decode@CURLEncode@@QAE?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@V23@@Z
?DecodeDoubleEncodedUtf8@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@PB_W@Z
?Delete@CXMLNode@@QAEXXZ
?DeleteAllAttributes@CXMLElement@@QAEXXZ
?DeleteAllElements@CXMLElement@@QAEXXZ
?DeleteAttribute@CXMLElement@@QAEXPB_W@Z
?Detach@CXMLElement@@QAEPAV1@XZ
?DocumentFindExtension@FGFileName@@QBEPBDXZ
?DocumentHasExtension@FGFileName@@QBE_NXZ
?DocumentToName@FGFileName@@QAEABV1@XZ
?DocumentToParentDocument@FGFileName@@QAEABV1@XZ
?DocumentToParentPath@FGFileName@@QAEABV1@XZ
?DocumentToPath@FGFileName@@QAEABV1@XZ
?ElsePathToDocument@FGFileName@@QAEABV1@XZ
?ElseToDrivePath@FGFileName@@QAEABV1@XZ
?Encode@CURLEncode@@QAE?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@V23@H@Z
?EncodeUrlUtf8@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@ABV12@@Z
?Equals@CXMLAttribute@@QBEHPAV1@@Z
?Equals@CXMLElement@@QBEHPAV1@@Z
?ExtName@FGFileName@@QBEPBDXZ
?FromBytes@CXMLElement@@SAPAV1@PAEKH@Z
?FromFile@CXMLElement@@SAPAV1@PAXH@Z
?FromFile@CXMLElement@@SAPAV1@PB_WH@Z
?FromString@CXMLElement@@SAPAV1@PB_WH@Z
?GetAttribute@CXMLElement@@QBEPAVCXMLAttribute@@PB_W@Z
?GetAttributeCount@CXMLElement@@QBEHXZ
?GetAttributeIterator@CXMLElement@@QBEPAU__POSITION@@XZ
?GetAttributeValue@CXMLElement@@QBE?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@PB_W0@Z
?GetDict@CEntry@@QAEAAV?$map@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@VCEntry@@U?$less@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@V?$allocator@U?$pair@$$CBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@VCEntry@@@std@@@2@@std@@XZ
?GetDict@CEntry@@QBEABV?$map@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@VCEntry@@U?$less@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@V?$allocator@U?$pair@$$CBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@VCEntry@@@std@@@2@@std@@XZ
?GetElementByName@CXMLElement@@QAEPAV1@PB_WH@Z
?GetElementByName@CXMLElement@@QBEPAV1@PB_W@Z
?GetElementCount@CXMLElement@@QBEHXZ
?GetElementIterator@CXMLElement@@QBEPAU__POSITION@@XZ
?GetFileName@FG2GeneralUrl@@QBEPBDXZ
?GetFirstElement@CXMLElement@@QBEPAV1@XZ
?GetHash@MD5Sum@@QBE?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@XZ
?GetInteger@CEntry@@QAEAA_KXZ
?GetInteger@CEntry@@QBEAB_KXZ
?GetList@CEntry@@QAEAAV?$list@VCEntry@@V?$allocator@VCEntry@@@std@@@std@@XZ
?GetList@CEntry@@QBEABV?$list@VCEntry@@V?$allocator@VCEntry@@@std@@@std@@XZ
?GetName@CXMLNode@@QBE?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@XZ
?GetNextAttribute@CXMLElement@@QBEPAVCXMLAttribute@@AAPAU__POSITION@@@Z
?GetNextElement@CXMLElement@@QBEPAV1@AAPAU__POSITION@@@Z
?GetParent@CXMLNode@@QBEPAVCXMLElement@@XZ
?GetRawHash@MD5Sum@@QBEPBEXZ
?GetRecursiveWords@CXMLElement@@QAE?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@XZ
?GetStrSet@FG2MachRule@@QBEABV?$set@VFGString@@U?$less@VFGString@@@std@@V?$allocator@VFGString@@@3@@std@@XZ
?GetString@CEntry@@QAEAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?GetString@CEntry@@QBEABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?GetType@CXMLNode@@QBEHXZ
?GetValue@CXMLNode@@QBE?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@XZ
?IsBogusLink@FG2BogusLink@@QBEHXZ
?IsDocument@FGFileName@@QBE_NXZ
?IsDriveDocument@FGFileName@@QBE_NXZ
?IsDrivePath@FGFileName@@QBE_NXZ
?IsED2KScheme@FG2ED2KScheme@@SAHPBD@Z
?IsFileExist@FGFileName@@QBE_NXZ
?IsFlashgetScheme@FG2FlashgetScheme@@SAHPBD@Z
?IsFlashgetXScheme@FG2FlashgetXScheme@@SAHPBD@Z
?IsLocalFileScheme@FG2LocalFileScheme@@SAHPBD@Z
?IsName@FGFileName@@QBE_NXZ
?IsNamed@CXMLNode@@QBEHPB_W@Z
?IsPath@FGFileName@@QBE_NXZ
?IsRelative@FGFileName@@QBE_NXZ
?IsSectionUseful@FG2BogusLinkSpecialSection@@QBEHXZ
?IsTrueFile@FGFileName@@QBE_NXZ
?IsTruePath@FGFileName@@QBE_NXZ
?Length@FGFileName@@QBEHXZ
?Match@FG2MachRule@@QAEHPBD@Z
?Match@FG2UrlRule@@QAEHPBD@Z
?Merge@CXMLElement@@QAEHPAV1@@Z
?NewBuffer@FGString@@AAEXH@Z
?OptUtf8ToStr@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@ABV12@@Z
?OptUtf8ToStr@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@ABV?$CStringT@DV?$StrTraitATL@DV?$ChTraitsCRT@D@ATL@@@ATL@@@2@@Z
?OptUtf8ToStr@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@PBDH@Z
?ParseIdentifier@CXMLNode@@KAHAAPB_WAAV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@@Z
?ParseMatch@CXMLNode@@KAHAAPB_WPB_W@Z
?ParseString@CXMLAttribute@@QAEHAAPB_W@Z
?ParseString@CXMLElement@@QAEHAAPB_W@Z
?PathToDocument@FGFileName@@QAEABV1@XZ
?ReleaseBuffer@FGString@@AAEXXZ
?RemoveAttribute@CXMLElement@@QAEXPAVCXMLAttribute@@@Z
?RemoveElement@CXMLElement@@QAEXPAV1@@Z
?Scheme@FG2ED2KScheme@@SAPBDXZ
?Scheme@FG2FlashgetScheme@@SAPBDXZ
?Scheme@FG2FlashgetXScheme@@SAPBDXZ
?Scheme@FG2LocalFileScheme@@SAPBDXZ
?SetName@CXMLNode@@QAEXPB_W@Z
?SetValue@CXMLNode@@QAEXPB_W@Z
?SplitRelative@FGFileName@@QAEABV1@ABV1@@Z
?StrToUtf8@@YA?AV?$CStringT@DV?$StrTraitATL@DV?$ChTraitsCRT@D@ATL@@@ATL@@@ATL@@ABV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@2@@Z
?StringToValue@CXMLNode@@SA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@AAPB_WH@Z
?ToBuffer@FGString@@QAEPADXZ
?ToDocument@FGFileName@@QAEABV1@XZ
?ToDriveDocument@FGFileName@@QAEABV1@XZ
?ToDrivePath@FGFileName@@QAEABV1@XZ
?ToParentDocument@FGFileName@@QAEABV1@XZ
?ToParentPath@FGFileName@@QAEABV1@XZ
?ToPath@FGFileName@@QAEABV1@XZ
?ToString@CXMLAttribute@@QAEXAAV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@@Z
?ToString@CXMLElement@@QAE?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@HH@Z
?ToString@CXMLElement@@QAEXAAV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@H@Z
?ToString@FGFileName@@QBEPBDXZ
?UniformString@CXMLNode@@SAXAAV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@@Z
?ValueToString@CXMLNode@@SAXPB_WAAV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@@Z
?bdecode4str@@YA?AVCEntry@@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?bdecode_Ipc_Free@@YAXPBUtagIpcUrlStream@@@Z
?bdecode_str_IpcUrlStream@@YAPBUtagIpcUrlStream@@ABV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@@Z
?bencode2str@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABVCEntry@@@Z
?bencode_IpcUrlStream_str@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@ABUtagIpcUrlStream@@@Z
?build@md5_t@@SAXQAEPBXK@Z
?c_str@FGString@@QBEPBDXZ
?compare@FGString@@QBEHPBD@Z
?compareNoCase@FGString@@QBEHPBD@Z
?construct@CEntry@@AAEXW4data_type@1@@Z
?copy@CEntry@@AAEXABV1@@Z
?destruct@CEntry@@AAEXXZ
?final@md5_t@@QAEXQAE@Z
?find_key@CEntry@@QAEPAV1@PBD@Z
?find_key@CEntry@@QBEPBV1@PBD@Z
?fromUTF8@CURLEncode@@AAE_WG@Z
?init@md5_t@@QAEXXZ
?length@FGString@@QBEHXZ
?m_iReservedLen@CURLEncode@@0HA
?m_iUnsafeLen@CURLEncode@@0HA
?m_lpszReservedString@CURLEncode@@0PB_WB
?m_lpszUnsafeString@CURLEncode@@0PB_WB
?schemaName@CXMLAttribute@@2PB_WB
?toHex@CURLEncode@@AAE?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@E@Z
?toUTF8@CURLEncode@@AAEG_W@Z
?transform@md5_t@@CAXQAKQBE@Z
?type@CEntry@@QBE?AW4data_type@1@XZ
?update@md5_t@@QAEXPBEI@Z
?utf8towc@@YAHPBDIPA_WI@Z
?wc2utf8@@YA?AV?$CStringT@DV?$StrTraitATL@DV?$ChTraitsCRT@D@ATL@@@ATL@@@ATL@@ABV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@2@@Z
?xmlnsInstance@CXMLAttribute@@2PB_WB
?xmlnsSchema@CXMLAttribute@@2PB_WB
AllocateMemory
BindEd2k
BindFireFox
CheckEntryOnSerializedList
CheckIsValidUrl
CloseZipU
CovertEd2kLinkToUtf8
CreateDirectoryByPath
DeleteDirectoryEx
FindZipItemA
FindZipItemW
FormatZipMessageU
FreeMemory
GetFG3AppDataPath
GetZipItemA
GetZipItemW
HeadOfSerializedList
InitMachineInfo
InitMemoryAllocate
InitializeSerializedList
InsertAtHeadOfSerializedList
InsertAtTailOfSerializedList
IsMediaFile
IsOnSerializedList
IsSerializedListEmpty
IsZipHandleU
LockSerializedList
OpenZipU
ParseEd2kLink
ReallocateMemory
RemoveFromSerializedList
SlDequeueHead
SlDequeueTail
TailOfSerializedList
TeaDecryptECB
TeaEncryptECB
TermMemoryAllocate
TerminateSerializedList
UnBindEd2k
UnBindFirefox
UnlockSerializedList
UnzipItem
des3_cbc_decrypt
des3_cbc_encrypt
des3_decrypt
des3_encrypt
des3_set_2keys
des3_set_3keys
des_cbc_decrypt
des_cbc_encrypt
des_decrypt
des_encrypt
des_self_test
des_set_key
oi_symmetry_decrypt
oi_symmetry_decrypt2
oi_symmetry_encrypt
oi_symmetry_encrypt2

Sections

.text
Size: 328KB - Virtual size: 326KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
FlashGet 3/componentskrnl.dll
.dll windows:4 windows x86 arch:x86

a6546310966e6f77eebb27df5b579136

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\project\FlashGet_3_Xeon\FlashGet_3_Xeon\output\componentskrnl.pdb

Imports

kernel32

DisableThreadLibraryCalls
lstrlenA
LoadLibraryW
GetProcAddress
GetFullPathNameW
FreeLibrary
FindFirstFileW
FindClose
GetModuleFileNameW
SetLastError
lstrlenW
FindNextFileW
InterlockedDecrement
DebugBreak
InterlockedIncrement
OutputDebugStringW
FlushFileBuffers
CloseHandle
CreateFileA
WriteConsoleW
RaiseException
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetVersionExA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCurrentThreadId
GetCommandLineA
HeapFree
HeapAlloc
GetProcessHeap
GetLastError
HeapReAlloc
RtlUnwind
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
ExitProcess
Sleep
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
VirtualAlloc
HeapSize
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
WriteFile
SetFilePointer
GetConsoleCP
GetConsoleMode
LoadLibraryA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP

user32

LoadStringW
CharNextW
UnregisterClassA

commonlib

ord3
ord5

Exports

Exports

KeCreateInstance
KeModuleStart
KeModuleStartSpec
KeModuleStop

Sections

.text
Size: 64KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
FlashGet 3/corestat.dll
.dll windows:4 windows x86 arch:x86

e12e6b5fb213a25a40f67057c0284611

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\project\ProtKrnl\src\build\corestat.pdb

Imports

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

kernel32

WideCharToMultiByte
GetLastError
CompareStringA
CompareStringW
lstrlenA
SizeofResource
LockResource
LoadResource
FindResourceA
FindResourceExA
GetTickCount
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
DeleteCriticalSection
DeleteFileA
CloseHandle
WriteFile
CreateFileA
CreateThread
ReadFile
GetFileSize
SetEvent
CreateEventA
GetLocalTime
CreateDirectoryA
GetFileAttributesA
GetModuleFileNameA
GetModuleHandleA
ResumeThread
SetThreadPriority
WritePrivateProfileStringA
GetCurrentDirectoryA
GetPrivateProfileStringA
OutputDebugStringA
GetTimeFormatA
GetProcAddress
LoadLibraryA
FreeLibrary
Sleep
QueryPerformanceCounter
MultiByteToWideChar
GetCurrentThreadId
SetLastError
GetVolumeInformationA
GetWindowsDirectoryA
GetCurrentProcess
WaitForSingleObject
GetSystemDirectoryA
SetFilePointer
GetVersionExA
LocalFree
FormatMessageA
SetEndOfFile
GetUserDefaultLangID
GetSystemInfo
GetCurrentProcessId
GetExitCodeThread
WaitForMultipleObjects
HeapReAlloc
HeapSize
GetProcessHeap
RaiseException
VirtualAlloc
HeapFree
RtlUnwind
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
MoveFileA
GetDateFormatA
ExitThread
GetCommandLineA
VirtualFree
HeapCreate
ExitProcess
InterlockedExchange
IsBadReadPtr
GetACP
GetLocaleInfoA
GetThreadLocale
QueryPerformanceFrequency
HeapDestroy
GetStdHandle
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetEnvironmentVariableA
WriteConsoleW
GetConsoleOutputCP
HeapAlloc
WriteConsoleA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
LCMapStringW
LCMapStringA
FlushFileBuffers
GetConsoleMode
GetConsoleCP
SetStdHandle
GetStartupInfoA
GetFileType
SetHandleCount
GetTimeZoneInformation
GetStringTypeW
GetStringTypeA
IsValidCodePage
GetOEMCP
GetCPInfo
InterlockedDecrement

user32

DestroyWindow
SendMessageTimeoutA
RegisterClassExA
CreateWindowExA
SetWindowLongA
GetWindowLongA
DefWindowProcA
IsWindow
KillTimer
SetTimer
MessageBoxA
SendMessageA
GetMessageA
TranslateMessage
PostQuitMessage
PostMessageA
DispatchMessageA
UnregisterClassA

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey

shell32

ShellExecuteA
SHGetSpecialFolderPathA

shlwapi

PathFileExistsA
UrlUnescapeA

ws2_32

inet_ntoa
gethostbyname
inet_addr
WSAGetLastError
bind
socket
sendto
htons
setsockopt
recvfrom
ioctlsocket
WSASetLastError
ntohs
recv
send
connect
getpeername
WSAEventSelect
WSAWaitForMultipleEvents
WSAEnumNetworkEvents
ntohl
accept
WSAAsyncSelect
WSAAsyncGetHostByName
WSACancelAsyncRequest
htonl
listen
shutdown
closesocket

netapi32

Netbios

iphlpapi

GetIfEntry
GetBestInterface
GetTcpTable
GetTcpStatistics
GetNetworkParams
GetAdaptersInfo

pdh

PdhAddCounterA
PdhCloseQuery
PdhOpenQueryA
PdhSetDefaultRealTimeDataSource
PdhGetFormattedCounterValue
PdhCollectQueryData

wininet

InternetCanonicalizeUrlA
InternetCrackUrlA
InternetGetCookieA

Exports

Exports

??0Ccore_stat@@QAE@XZ
??4Ccore_stat@@QAEAAV0@ABV0@@Z
?fncore_stat@@YAHXZ
?ncore_stat@@3HA
CheckTaskStat
CreateProxyHandle
CreateTaskStat
DeleteProxyHandle
GetClientPerfInfo
GetCoreConfig
GetProcessPageUsage
GetProxyResult
InitStatProduct
InitUserID
IsStatMgrRunning
IsTaskStatValid
MedTagRequest
MedTagSend
RemoveTaskStat
STBackErrSrcInfo
STCloseTask
STCreateTask
STGetCltSrcInfo
STInitialize
STIsOverLimit
STPostCltSrcInfo
STReportAddFiles
STReportLogInfo
STReportOnlyLog
STSetAddress
STSetCDNInfo
STSetCltCallBack
STTerminate
SendPFPPacket
SendProxyRequest
SendStatPacket
StatCreateBT
StatCreateP2S
StatGetChannelID
StatReportClickFile
StatReportErrorP2S
StatReportFinishP2S
StatReportP2SRename
StatReportTorrentRename
StatReportTorrentUrl
StatSendEmuleCreate
StatSendEmuleInfo
StatSendLiveStat
StatShareFileInfo
StatUpdateMemory
StatUpdateSpeed
StopStatMgr
UpdateBTTaskStat
UpdateLinkTaskStat
UpdateP2PSession

Sections

.text
Size: 332KB - Virtual size: 328KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1004B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
FlashGet 3/dat/Appsetting.cfg
FlashGet 3/dat/stat/skinpreview/preview_blue3.png
.png
FlashGet 3/dat/stat/skinpreview/preview_red3.png
.png
FlashGet 3/dat/stat/skinpreview/preview_white.png
.png
FlashGet 3/dat/stat/statdata/statinfo.dat
FlashGet 3/dbghelp.dll
.dll windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DbgHelpCreateUserDump
DbgHelpCreateUserDumpW
EnumerateLoadedModules
EnumerateLoadedModules64
ExtensionApiVersion
FindDebugInfoFile
FindDebugInfoFileEx
FindExecutableImage
FindExecutableImageEx
FindFileInPath
FindFileInSearchPath
GetTimestampForLoadedLibrary
ImageDirectoryEntryToData
ImageDirectoryEntryToDataEx
ImageNtHeader
ImageRvaToSection
ImageRvaToVa
ImagehlpApiVersion
ImagehlpApiVersionEx
MakeSureDirectoryPathExists
MapDebugInformation
MiniDumpReadDumpStream
MiniDumpWriteDump
SearchTreeForFile
StackWalk
StackWalk64
SymCleanup
SymEnumSourceFiles
SymEnumSym
SymEnumSymbols
SymEnumTypes
SymEnumerateModules
SymEnumerateModules64
SymEnumerateSymbols
SymEnumerateSymbols64
SymEnumerateSymbolsW
SymEnumerateSymbolsW64
SymFindFileInPath
SymFromAddr
SymFromName
SymFunctionTableAccess
SymFunctionTableAccess64
SymGetFileLineOffsets64
SymGetLineFromAddr
SymGetLineFromAddr64
SymGetLineFromName
SymGetLineFromName64
SymGetLineNext
SymGetLineNext64
SymGetLinePrev
SymGetLinePrev64
SymGetModuleBase
SymGetModuleBase64
SymGetModuleInfo
SymGetModuleInfo64
SymGetModuleInfoW
SymGetModuleInfoW64
SymGetOptions
SymGetSearchPath
SymGetSymFromAddr
SymGetSymFromAddr64
SymGetSymFromName
SymGetSymFromName64
SymGetSymNext
SymGetSymNext64
SymGetSymPrev
SymGetSymPrev64
SymGetTypeFromName
SymGetTypeInfo
SymInitialize
SymLoadModule
SymLoadModule64
SymLoadModuleEx
SymMatchFileName
SymMatchString
SymRegisterCallback
SymRegisterCallback64
SymRegisterFunctionEntryCallback
SymRegisterFunctionEntryCallback64
SymSetContext
SymSetOptions
SymSetSearchPath
SymSetSymWithAddr64
SymUnDName
SymUnDName64
SymUnloadModule
SymUnloadModule64
UnDecorateSymbolName
UnmapDebugInformation
WinDbgExtensionDllInit
dbghelp
dh
lm
lmi
omap
srcfiles
sym
vc7fpo

Sections

UPX0
Size: - Virtual size: 312KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 203KB - Virtual size: 204KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
FlashGet 3/fnsArchive.dll
.dll windows:4 windows x86 arch:x86

bedec73e77658629b30709eeb8bcab02

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\project\FlashGet_3_Xeon\FlashGet_3_Xeon\output\fnsArchive.pdb

Imports

kernel32

IsBadWritePtr
DisableThreadLibraryCalls
ReadFile
FindResourceExW
GetLastError
FindResourceW
FreeLibrary
LoadLibraryW
CreateFileW
LoadResource
GetSystemDefaultLangID
CloseHandle
GetProcAddress
SizeofResource
MultiByteToWideChar
GetFileSize
LockResource
lstrlenA
lstrlenW
WideCharToMultiByte
SetEnvironmentVariableA
SetEndOfFile
CreateFileA
GetLocaleInfoW
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
LoadLibraryA
RaiseException
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetVersionExA
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
InterlockedIncrement
InterlockedDecrement
Sleep
InterlockedCompareExchange
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCommandLineA
RtlUnwind
GetModuleHandleA
ExitProcess
GetCPInfo
LCMapStringA
LCMapStringW
GetTimeFormatA
GetDateFormatA
CompareStringA
CompareStringW
GetStringTypeA
GetStringTypeW
HeapCreate
VirtualFree
VirtualAlloc
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetOEMCP
IsValidCodePage
GetTimeZoneInformation
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
WriteFile
GetConsoleCP
GetConsoleMode
FlushFileBuffers
SetFilePointer
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale

shell32

SHGetSpecialFolderPathW

commonlib

ord3
ord5

shlwapi

PathFileExistsW
PathFindExtensionW

user32

UnregisterClassA

Exports

Exports

?load_object_data@?$iserializer@Vxml_iarchive@archive@boost@@U?$pair@$$CB_KUtagTaskItemMini@@@std@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vxml_iarchive@archive@boost@@UtagTaskItemMini@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vxml_iarchive@archive@boost@@V?$map@_KUtagTaskItemMini@@U?$less@_K@std@@V?$allocator@U?$pair@$$CB_KUtagTaskItemMini@@@std@@@3@@std@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
DllGetClassObjectEx
DllQueryInterface
DllUnloadAndFree

Sections

.text
Size: 336KB - Virtual size: 333KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
FlashGet 3/fnsDirectuix.dll
.dll windows:4 windows x86 arch:x86

ddc60f30dbd50a8d7744c5738c9b7e2d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\project\FlashGet_3_Xeon\FlashGet_3_Xeon\output\fnsDirectuix.pdb

Imports

kernel32

GetConsoleCP
SetFilePointer
GetStringTypeW
GetStringTypeA
RtlUnwind
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
LCMapStringW
WideCharToMultiByte
LCMapStringA
Sleep
ExitProcess
GetModuleFileNameA
GetStdHandle
WriteFile
SetLastError
TlsFree
TlsSetValue
TlsAlloc
GetConsoleMode
GetModuleHandleA
IsValidCodePage
GetOEMCP
InterlockedDecrement
InterlockedIncrement
GetCPInfo
VirtualAlloc
VirtualFree
HeapCreate
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetCommandLineA
GetCurrentThreadId
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
RaiseException
GetProcessHeap
HeapSize
HeapReAlloc
LoadLibraryA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
FlushFileBuffers
CreateFileA
GetTickCount
GetModuleHandleW
GlobalUnlock
GlobalLock
FreeResource
GetProcAddress
IsBadWritePtr
DisableThreadLibraryCalls
CreateDirectoryW
GetLastError
MultiByteToWideChar
FindResourceExW
lstrlenA
IsBadReadPtr
GlobalAlloc
LoadResource
FreeLibrary
LockResource
LoadLibraryW
SizeofResource
CloseHandle
ReadFile
GetFileSize
HeapFree
HeapAlloc
HeapDestroy
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetModuleFileNameW
CreateFileW
GlobalFree
FindResourceW
TlsGetValue

user32

GetWindowRect
IsRectEmpty
GetParent
GetClientRect
FillRect
SetFocus
GetTopWindow
LoadImageW
GetSystemMetrics
LoadCursorW
RegisterClassW
GetClassInfoExW
RegisterClassExW
CallWindowProcW
SetPropW
GetPropW
SendMessageW
IsWindow
PostMessageW
EnableScrollBar
GetCursorPos
ReleaseCapture
SetCapture
MapWindowPoints
EndPaint
BeginPaint
GetUpdateRect
KillTimer
SetTimer
GetFocus
InvalidateRect
GetKeyState
GetDC
RegisterWindowMessageW
ReleaseDC
CopyRect
DestroyWindow
GetDlgItem
ScreenToClient
SetCursor
UnregisterClassA
SetScrollRange
MoveWindow
IntersectRect
GetScrollPos
SetScrollPos
GetScrollRange
GetScrollInfo
ShowScrollBar
CharNextW
GetIconInfo
InflateRect
PtInRect
OffsetRect
SetRect
DestroyIcon
DrawIconEx
GetWindow
ShowWindow
SetWindowLongW
CreateWindowExW
DefWindowProcW
GetWindowLongW

gdi32

SetWindowOrgEx
RestoreDC
GetTextMetricsW
SaveDC
CreateFontIndirectW
TextOutW
RoundRect
DeleteDC
BitBlt
CreateCompatibleDC
CreatePen
Rectangle
GetStockObject
LineTo
MoveToEx
GetTextExtentPoint32W
SelectObject
GdiFlush
ExtTextOutW
CreateDIBSection
SetBkColor
CreateCompatibleBitmap
ExtSelectClipRgn
CreateRectRgnIndirect
SetStretchBltMode
SetTextColor
GetClipBox
SetBkMode
SelectClipRgn
CreateSolidBrush
SetPixel
GetPixel
DeleteObject
GetObjectW

advapi32

IsTextUnicode

shell32

ShellExecuteW

ole32

CreateStreamOnHGlobal

commonlib

ord7
ord9
ord8
ord58
ord17
ord6
ord5
ord14
ord11
ord3
ord13

comctl32

_TrackMouseEvent
ImageList_GetIcon
ImageList_LoadImageW
ord17

gdiplus

GdipFree
GdipDisposeImage
GdipAlloc
GdiplusStartup
GdipCloneImage
GdipCreateHBITMAPFromBitmap
GdipCreateBitmapFromStream
GdipCreateBitmapFromResource
GdipCreateBitmapFromFile

winmm

timeGetTime

Exports

Exports

DllGetClassObjectEx
DllQueryInterface
DllUnloadAndFree

Sections

.text
Size: 148KB - Virtual size: 146KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
FlashGet 3/fnsLanguage.dll
.dll windows:4 windows x86 arch:x86

c7c85596b877d3d893b5543d730f9bb5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\project\FlashGet_3_Xeon\FlashGet_3_Xeon\output\fnsLanguage.pdb

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

comctl32

InitCommonControlsEx

Sections

.text
Size: 104KB - Virtual size: 196KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
FlashGet 3/fnsLanguage_en.dll
.dll windows:4 windows x86 arch:x86

09d0478591d4f788cb3e5ea416c25237

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\WorkSpace\FlashGet_3\FG3_Language\output\pdb\fnslanguage_en.pdb

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Sections

.rdata
Size: 59KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
FlashGet 3/fnsScheduler.dll
.dll windows:4 windows x86 arch:x86

1c980c471e2bbd26383f7924495b1fba

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\project\FlashGet_3_Xeon\FlashGet_3_Xeon\output\fnsScheduler.pdb

Imports

kernel32

DisableThreadLibraryCalls
IsBadWritePtr
LoadLibraryW
GetProcAddress
FreeLibrary
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetModuleHandleW
IsBadReadPtr
InitializeCriticalSection
OutputDebugStringW
FindResourceW
SizeofResource
LockResource
LoadResource
FindResourceExW
DeleteFileW
CreateFileW
CloseHandle
lstrlenW
MultiByteToWideChar
GetLastError
lstrlenA
IsBadStringPtrW
CreateEventW
SetEvent
WaitForMultipleObjectsEx
InterlockedExchange
GetTickCount
ResetEvent
SetThreadLocale
GetUserDefaultLCID
ReadFile
FlushFileBuffers
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetConsoleMode
LCMapStringA
GetCurrentProcessId
GetConsoleCP
SetFilePointer
LoadLibraryA
QueryPerformanceCounter
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
Sleep
ExitProcess
VirtualAlloc
LCMapStringW
VirtualFree
HeapCreate
GetModuleFileNameA
GetStdHandle
WriteFile
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleHandleA
IsValidCodePage
GetOEMCP
InterlockedDecrement
GetStringTypeW
GetStringTypeA
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
RaiseException
GetVersionExA
GetACP
GetLocaleInfoA
GetThreadLocale
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
ExitThread
GetCurrentThreadId
CreateThread
GetCommandLineA
RtlUnwind
GetCPInfo
InterlockedIncrement

user32

RegisterClassExW
DispatchMessageW
CreateWindowExW
PostMessageW
PostQuitMessage
DefWindowProcW
IsWindow
SendMessageW
UnregisterClassA
TranslateMessage
MsgWaitForMultipleObjects
PeekMessageW

commonlib

ord42
ord41
ord5
ord3
?OptUtf8ToStr@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@ABV12@@Z

shlwapi

PathCombineW
PathFileExistsW

p2score

p2s_get_p2p_id
p2s_enable_p4s
p2s_p2p_set_upload_speed_max
p2s_p2p_set_upload_speed_control
p2s_get_sharefile_url
p2s_make_upload
?ParseResume@P2SP@@SAHPA_W0AAUst_TASK_PARAMS@@AAUst_TASK_INFO@@@Z
?GetFilesizeByURL@P2SP@@SA_JPB_W@Z
?GetFilenameByURL@P2SP@@SAXPB_WPA_WH@Z
p2s_p2p_move_share
?SetProxy@P2SP@@SAXHIPA_W00@Z
?SetUseServerTime@P2SP@@SAXH@Z
p2s_p2p_get_network_traffic
?SetCacheSize@P2SP@@SAXH@Z
?Quit@P2SP@@SAXXZ
?Init@P2SP@@SAHXZ
?GetBlockInfo@P2SP@@QAEHPAHHAAH@Z
?GetTaskLog@P2SP@@QAEHPA_WHAAK1AAH@Z
?UpdateInfo@P2SP@@QAEXAAUst_TASK_INFO@@@Z
?StopAsync@P2SP@@QAEXXZ
?Start@P2SP@@QAEXAAUst_TASK_PARAMS@@@Z
??0P2SP@@QAE@XZ
?LimitDownloadSpeed@P2SP@@QAEXH@Z
??1P2SP@@QAE@XZ
?Delete@P2SP@@QAE_NXZ
?DelTempFile@P2SP@@SAHAAUst_TASK_PARAMS@@@Z
?SetRetry@P2SP@@SAXHHH@Z
?StopSync@P2SP@@QAEXXZ

ws2_32

inet_ntoa

Exports

Exports

DllGetClassObjectEx
DllQueryInterface
DllUnloadAndFree

Sections

.text
Size: 192KB - Virtual size: 190KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
FlashGet 3/fnsSecurity.dll
.dll windows:4 windows x86 arch:x86

f3614a45c2c91cb7c7cc9024345a63cd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\project\FlashGet_3_Xeon\FlashGet_3_Xeon\output\fnsSecurity.pdb

Imports

kernel32

SizeofResource
LockResource
LoadResource
FindResourceExW
SetLastError
FindResourceW
FindClose
GetFullPathNameW
FindFirstFileW
lstrlenW
FindNextFileW
MultiByteToWideChar
IsBadWritePtr
GetLogicalDrives
DisableThreadLibraryCalls
FlushFileBuffers
CloseHandle
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
RaiseException
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetVersionExA
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCurrentThreadId
GetCommandLineA
GetLastError
RtlUnwind
WriteFile
GetStdHandle
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
InterlockedDecrement
GetCPInfo
GetOEMCP
IsValidCodePage
LCMapStringA
WideCharToMultiByte
LCMapStringW
ExitProcess
Sleep
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
VirtualAlloc
LoadLibraryA
GetStringTypeA
GetStringTypeW
SetFilePointer
GetConsoleCP
GetConsoleMode

advapi32

RegCloseKey
RegOpenKeyExW
RegQueryValueExW

shell32

ShellExecuteW

commonlib

ord3
ord5

shlwapi

PathIsDirectoryW
PathFileExistsW

user32

UnregisterClassA

Exports

Exports

DllGetClassObjectEx
DllQueryInterface
DllUnloadAndFree

Sections

.text
Size: 72KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
FlashGet 3/fnsSkinX.dll
.dll windows:4 windows x86 arch:x86

164e8239892da78748df80226b126bcd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\project\FlashGet_3_Xeon\FlashGet_3_Xeon\output\fnsSkinX.pdb

Imports

kernel32

FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
ExitProcess
Sleep
GetModuleFileNameA
GetStdHandle
WriteFile
LCMapStringW
WideCharToMultiByte
LCMapStringA
MultiByteToWideChar
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleHandleA
IsValidCodePage
GetOEMCP
GetCPInfo
RtlUnwind
GetLastError
GetCommandLineA
GetCurrentThreadId
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetEnvironmentStringsW
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
GetProcAddress
InterlockedCompareExchange
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapCreate
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetStringTypeA
SetLastError
InterlockedDecrement
InterlockedIncrement
IsBadReadPtr
FlushInstructionCache
GetCurrentProcess
GetFullPathNameW
GetTickCount
MulDiv
lstrlenW
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
FreeResource
FindResourceExW
DisableThreadLibraryCalls
LoadResource
LockResource
SizeofResource
FindResourceW
FindClose
FindNextFileW
FindFirstFileW
HeapDestroy
GetVersionExA
DeleteCriticalSection
FlushFileBuffers
CloseHandle
CreateFileA
ReadFile
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
IsBadWritePtr
VirtualAlloc
RaiseException
GetConsoleMode
GetConsoleCP
SetFilePointer
GetStringTypeW

user32

BeginPaint
SetWindowPos
CallWindowProcW
EnumChildWindows
InvalidateRect
SetWindowsHookExW
UnhookWindowsHookEx
IsWindowEnabled
UnregisterClassA
GetClassNameW
EndDialog
GetDlgItem
RegisterWindowMessageW
SetWindowLongW
DrawTextW
GetWindowLongW
GetParent
DefWindowProcW
GetFocus
EndPaint
RedrawWindow
GetSystemMetrics
CallNextHookEx
UnionRect
GetAsyncKeyState
SetRect
SystemParametersInfoW
GetClientRect
CopyRect
SetWindowRgn
IsIconic
IsWindow
DrawIconEx
GetWindowDC
GetMonitorInfoW
MonitorFromPoint
TrackPopupMenu
PtInRect
IsMenu
DestroyMenu
GetWindowRect
SendMessageW
CharUpperW
OffsetRect
ReleaseDC
GetCursorPos
IsZoomed
GetDC
SetRectEmpty
PostMessageW
SetWindowTextW
GetWindowTextLengthW
GetWindowTextW
GetSystemMenu

gdi32

SetBkColor
CreateSolidBrush
DPtoLP
GetDeviceCaps
CombineRgn
BitBlt
GetObjectW
CreateEllipticRgnIndirect
GetTextExtentPoint32W
CreateRectRgnIndirect
ExtTextOutW
CreateFontIndirectW
ExcludeClipRect
SelectClipRgn
SetStretchBltMode
SetBkMode
GetStockObject
SetTextColor
StretchBlt
CreatePatternBrush
CreateCompatibleBitmap
DeleteObject
SelectObject
CreateCompatibleDC
DeleteDC
CreateDIBSection
CreateDCW
CreateRoundRectRgn

ole32

CreateStreamOnHGlobal

commonlib

?GetElementIterator@CXMLElement@@QBEPAU__POSITION@@XZ
?GetNextElement@CXMLElement@@QBEPAV1@AAPAU__POSITION@@@Z
?GetAttributeValue@CXMLElement@@QBE?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@PB_W0@Z
?GetElementByName@CXMLElement@@QBEPAV1@PB_W@Z
?FromFile@CXMLElement@@SAPAV1@PB_WH@Z
ord5
?IsNamed@CXMLNode@@QBEHPB_W@Z
?Detach@CXMLElement@@QAEPAV1@XZ
ord3

shlwapi

PathFileExistsW
PathRemoveFileSpecW

comctl32

_TrackMouseEvent
InitCommonControlsEx

msimg32

AlphaBlend

gdiplus

GdipAlloc
GdiplusStartup
GdipFree
GdipDisposeImage
GdipCreateBitmapFromFile
GdipCloneImage
GdipCreateHBITMAPFromBitmap
GdipCreateBitmapFromStream
GdipCreateBitmapFromResource

Exports

Exports

DllGetClassObjectEx
DllQueryInterface
DllUnloadAndFree

Sections

.text
Size: 132KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
FlashGet 3/fnsStatistics.dll
.dll windows:4 windows x86 arch:x86

db5df776cbffcfd8fab3570a6e2530d5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\project\FlashGet_3_Xeon\FlashGet_3_Xeon\output\fnsStatistics.pdb

Imports

kernel32

GetTickCount
IsBadReadPtr
VirtualFree
GetLastError
VirtualAlloc
QueueUserWorkItem
FindResourceW
IsBadStringPtrW
SizeofResource
LockResource
LoadResource
lstrlenW
FindResourceExW
GetModuleFileNameW
CreateFileW
CloseHandle
WriteFile
SetFilePointer
DeleteFileW
WaitForSingleObject
WaitForMultipleObjectsEx
MultiByteToWideChar
HeapAlloc
InitializeCriticalSection
GetSystemDefaultLangID
GetProcessHeap
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetPrivateProfileStringW
CreateEventW
SetEvent
FreeLibrary
GetProcAddress
GlobalFree
Sleep
GetLocalTime
LoadLibraryA
WritePrivateProfileStringW
GetSystemDirectoryA
GlobalAlloc
SetThreadLocale
GetUserDefaultLCID
WaitForSingleObjectEx
HeapFree
InterlockedIncrement
lstrlenA
WideCharToMultiByte
IsBadWritePtr
HeapReAlloc
DisableThreadLibraryCalls
GetVersionExA
FlushFileBuffers
CreateFileA
SetEnvironmentVariableA
CompareStringW
CompareStringA
HeapDestroy
HeapSize
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetStringTypeW
GetStringTypeA
GetConsoleMode
GetConsoleCP
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
LCMapStringW
LCMapStringA
GetDateFormatA
GetTimeFormatA
IsValidCodePage
InterlockedExchange
GetACP
GetLocaleInfoA
GetOEMCP
GetCPInfo
InterlockedDecrement
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetThreadLocale
GetModuleFileNameA
GetStdHandle
ExitProcess
HeapCreate
GetTimeZoneInformation
RtlUnwind
GetCommandLineA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
CreateThread
GetCurrentThreadId
ExitThread
VirtualQuery
GetSystemInfo
GetModuleHandleA
VirtualProtect
GetSystemTimeAsFileTime
RaiseException

advapi32

RegCloseKey
RegQueryValueExW
RegCreateKeyExW
RegOpenKeyExW

ole32

CoUninitialize
CoInitialize
CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance

commonlib

ord11
ord26
ord41
ord7
ord9
ord17
ord13
ord8
ord25
?GetValue@CXMLNode@@QBE?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@XZ
?IsNamed@CXMLNode@@QBEHPB_W@Z
?GetNextElement@CXMLElement@@QBEPAV1@AAPAU__POSITION@@@Z
?GetElementIterator@CXMLElement@@QBEPAU__POSITION@@XZ
?FromString@CXMLElement@@SAPAV1@PB_WH@Z
ord58
ord6
ord20
??1MD5Sum@@QAE@XZ
?GetHash@MD5Sum@@QBE?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@XZ
??0MD5Sum@@QAE@ABV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@@Z
?utf8towc@@YAHPBDIPA_WI@Z
?ByteStreamToWideChar@@YAHPBDIPA_WI@Z
ord4
ord5
ord3

shlwapi

PathIsURLW
PathFileExistsW

ws2_32

recv
send
getsockopt
select
connect
ioctlsocket
socket
WSASendTo
setsockopt
bind
WSARecvFrom
WSASocketW
WSACloseEvent
ntohs
closesocket
ntohl
getservbyport
gethostbyaddr
inet_addr
htons
WSASetLastError
WSAEventSelect
WSASetEvent
WSACreateEvent
inet_ntoa
WSARecv
getservbyname
WSAGetOverlappedResult
WSASend
htonl
WSAResetEvent
WSACleanup
WSAEnumNetworkEvents
WSAStartup
WSAConnect
gethostbyname
WSAGetLastError
gethostname

wininet

InternetOpenA
InternetGetConnectedState
InternetCrackUrlW
InternetCloseHandle
InternetOpenUrlW

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

user32

UnregisterClassA

Exports

Exports

DllGetClassObjectEx
DllQueryInterface
DllUnloadAndFree

Sections

.text
Size: 180KB - Virtual size: 178KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
FlashGet 3/gdiplus.dll
.dll windows:5 windows x86 arch:x86

68a82f89c3fde2fdb45bbeddb19a9697

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5c:e2:b6:e4:db:cb:ca:b9:10:d1:4d:60:0b:28:ba:55
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

07/07/2008, 00:00

Not After

07/07/2009, 23:59

Subject

CN=Trend Media Corporation Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=marketing,O=Trend Media Corporation Limited,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

microsoftwindowsgdiplus-1.0.2600.3352-gdiplus.pdb

Imports

advapi32

RegOpenKeyW
RegOpenKeyA
RegCloseKey
RegEnumValueW
RegQueryInfoKeyA
RegOpenKeyExA
RegOpenKeyExW
RegQueryInfoKeyW
RegQueryValueExA
RegQueryValueExW
RegEnumKeyExA
RegEnumKeyExW
RegCreateKeyExA
RegSetValueExW
RegSetValueExA
RegDeleteKeyW
RegDeleteKeyA
RegCreateKeyExW
RegEnumValueA

gdi32

GetDIBColorTable
FillRgn
SetMiterLimit
CreateSolidBrush
StrokePath
GetGraphicsMode
SetPolyFillMode
FillPath
StrokeAndFillPath
PolyPolyline
GetNearestPaletteIndex
ExtTextOutA
GetTextCharsetInfo
TranslateCharsetInfo
PolylineTo
Polyline
LineTo
GetCurrentPositionEx
ArcTo
SetArcDirection
SelectClipPath
GetPath
CloseFigure
AbortPath
FlattenPath
WidenPath
BeginPath
Ellipse
AngleArc
PolyBezierTo
PolyBezier
RoundRect
PolyDraw
Pie
Chord
Arc
EndPath
OffsetClipRgn
GetRgnBox
CombineRgn
SetPaletteEntries
ResizePalette
ExcludeClipRect
MoveToEx
PlayEnhMetaFile
GetWinMetaFileBits
PlgBlt
BitBlt
OffsetViewportOrgEx
StretchBlt
ScaleViewportExtEx
ScaleWindowExtEx
CombineTransform
SetMapperFlags
CreatePen
CreateDIBitmap
CreatePatternBrush
ExtSelectClipRgn
GetBkMode
GetTextAlign
ModifyWorldTransform
ExtCreateRegion
CreateCompatibleBitmap
GetNearestColor
SetStretchBltMode
StretchDIBits
SetTextAlign
SetTextJustification
PolyPolygon
PlayMetaFileRecord
ExtCreatePen
GetWorldTransform
GetROP2
SetROP2
Rectangle
Polygon
IntersectClipRect
SetBrushOrgEx
GetClipRgn
SelectClipRgn
GetBkColor
GetTextColor
CreatePenIndirect
GetObjectW
DPtoLP
CreateDIBPatternBrushPt
ExtTextOutW
SetBitmapBits
SetDIBColorTable
CreateEnhMetaFileW
GdiComment
GetMetaFileW
GetMetaFileA
SaveDC
SetWindowOrgEx
SetViewportOrgEx
SetGraphicsMode
SetWorldTransform
GetEnhMetaFileW
GetEnhMetaFileA
GetEnhMetaFileBits
CopyEnhMetaFileA
CopyMetaFileA
DeleteMetaFile
GetEnhMetaFileHeader
SetMetaFileBitsEx
SetEnhMetaFileBits
CreateEnhMetaFileA
SetMapMode
SetViewportExtEx
SetWindowExtEx
PlayMetaFile
CloseEnhMetaFile
DeleteEnhMetaFile
SetMetaRgn
GetMetaFileBitsEx
EnumMetaFile
EnumEnhMetaFile
PlayEnhMetaFileRecord
RestoreDC
GetStockObject
CreateBitmap
SetTextColor
SetBkColor
SetBkMode
CreatePalette
GetSystemPaletteEntries
GetSystemPaletteUse
GetDeviceCaps
ExtEscape
GetObjectType
GetPixel
DeleteObject
SelectPalette
GetTextFaceA
GetTextMetricsA
GetTextFaceW
GetTextMetricsW
EnumFontFamiliesExA
EnumFontFamiliesExW
SelectObject
CreateFontIndirectW
CreateFontIndirectA
GetRegionData
DeleteDC
CreateDCA
CreateICA
CreateRectRgn
GetRandomRgn
LPtoDP
GetWindowExtEx
GetViewportExtEx
GetWindowOrgEx
GetViewportOrgEx
GetMapMode
SetICMMode
Escape
GetDCOrgEx
GetObjectA
GetCurrentObject
GetDIBits
CreateCompatibleDC
CreateDIBSection
RealizePalette
GetPaletteEntries
GdiFlush
PatBlt
CreateBrushIndirect
SetDIBits

kernel32

CreateSemaphoreA
InterlockedDecrement
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
InterlockedExchange
GetCurrentThreadId
InitializeCriticalSection
DeleteCriticalSection
DisableThreadLibraryCalls
QueryPerformanceCounter
GetTickCount
RaiseException
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
Sleep
CloseHandle
WriteFile
CreateFileA
WaitForSingleObject
SetEvent
lstrcmpiA
CreateThread
CreateEventA
WideCharToMultiByte
MultiByteToWideChar
VirtualProtect
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetCPInfo
VirtualQuery
RtlUnwind
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
ExitProcess
GetCommandLineA
GetSystemInfo
HeapReAlloc
HeapFree
VirtualAlloc
IsValidLocale
ConvertDefaultLocale
GetLocaleInfoW
GetModuleFileNameW
GetModuleFileNameA
FindResourceA
LoadResource
LockResource
GetProfileIntA
GetProfileStringA
lstrcmpiW
IsDBCSLeadByteEx
LocalReAlloc
MulDiv
SetLastError
LocalAlloc
LocalFree
GetFileTime
SearchPathW
SearchPathA
GetOEMCP
InterlockedIncrement
LoadLibraryW
GetSystemDirectoryA
CreateFileMappingW
ReleaseSemaphore
GetProfileSectionA
CreateFileW
SetEndOfFile
SetFilePointer
ReadFile
UnlockFile
GetFileInformationByHandle
LockFile
FlushFileBuffers
GetLastError
VirtualFree
GlobalAlloc
GetFileSize
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
GlobalLock
GlobalSize
GlobalUnlock
GlobalFree
HeapCreate
GetModuleHandleA
GetSystemDirectoryW
GetWindowsDirectoryA
FreeLibrary
HeapDestroy
LoadLibraryA
GetVersionExA
GetACP
GetModuleHandleW
GetProcAddress
GetSystemDefaultLCID

ole32

CoTaskMemAlloc
CoTaskMemFree
CreateStreamOnHGlobal

user32

MsgWaitForMultipleObjects
LoadBitmapW
LoadBitmapA
wsprintfW
ReleaseDC
GetDC
wsprintfA
GetSysColor
UnregisterClassA
DestroyWindow
GetSystemMetrics
DefWindowProcA
CreateWindowExA
RegisterWindowMessageA
RegisterClassA
DispatchMessageA
TranslateMessage
PeekMessageA
GetClientRect
GetDesktopWindow
GetWindowRect
WindowFromDC
ClientToScreen
wvsprintfA
CreateIconIndirect
GetIconInfo
GetDCEx
GetWindowLongA
GetClassLongA
SystemParametersInfoA

Exports

Exports

GdipAddPathArc
GdipAddPathArcI
GdipAddPathBezier
GdipAddPathBezierI
GdipAddPathBeziers
GdipAddPathBeziersI
GdipAddPathClosedCurve
GdipAddPathClosedCurve2
GdipAddPathClosedCurve2I
GdipAddPathClosedCurveI
GdipAddPathCurve
GdipAddPathCurve2
GdipAddPathCurve2I
GdipAddPathCurve3
GdipAddPathCurve3I
GdipAddPathCurveI
GdipAddPathEllipse
GdipAddPathEllipseI
GdipAddPathLine
GdipAddPathLine2
GdipAddPathLine2I
GdipAddPathLineI
GdipAddPathPath
GdipAddPathPie
GdipAddPathPieI
GdipAddPathPolygon
GdipAddPathPolygonI
GdipAddPathRectangle
GdipAddPathRectangleI
GdipAddPathRectangles
GdipAddPathRectanglesI
GdipAddPathString
GdipAddPathStringI
GdipAlloc
GdipBeginContainer
GdipBeginContainer2
GdipBeginContainerI
GdipBitmapGetPixel
GdipBitmapLockBits
GdipBitmapSetPixel
GdipBitmapSetResolution
GdipBitmapUnlockBits
GdipClearPathMarkers
GdipCloneBitmapArea
GdipCloneBitmapAreaI
GdipCloneBrush
GdipCloneCustomLineCap
GdipCloneFont
GdipCloneFontFamily
GdipCloneImage
GdipCloneImageAttributes
GdipCloneMatrix
GdipClonePath
GdipClonePen
GdipCloneRegion
GdipCloneStringFormat
GdipClosePathFigure
GdipClosePathFigures
GdipCombineRegionPath
GdipCombineRegionRect
GdipCombineRegionRectI
GdipCombineRegionRegion
GdipComment
GdipCreateAdjustableArrowCap
GdipCreateBitmapFromDirectDrawSurface
GdipCreateBitmapFromFile
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromGdiDib
GdipCreateBitmapFromGraphics
GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromHICON
GdipCreateBitmapFromResource
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipCreateBitmapFromStreamICM
GdipCreateCachedBitmap
GdipCreateCustomLineCap
GdipCreateFont
GdipCreateFontFamilyFromName
GdipCreateFontFromDC
GdipCreateFontFromLogfontA
GdipCreateFontFromLogfontW
GdipCreateFromHDC
GdipCreateFromHDC2
GdipCreateFromHWND
GdipCreateFromHWNDICM
GdipCreateHBITMAPFromBitmap
GdipCreateHICONFromBitmap
GdipCreateHalftonePalette
GdipCreateHatchBrush
GdipCreateImageAttributes
GdipCreateLineBrush
GdipCreateLineBrushFromRect
GdipCreateLineBrushFromRectI
GdipCreateLineBrushFromRectWithAngle
GdipCreateLineBrushFromRectWithAngleI
GdipCreateLineBrushI
GdipCreateMatrix
GdipCreateMatrix2
GdipCreateMatrix3
GdipCreateMatrix3I
GdipCreateMetafileFromEmf
GdipCreateMetafileFromFile
GdipCreateMetafileFromStream
GdipCreateMetafileFromWmf
GdipCreateMetafileFromWmfFile
GdipCreatePath
GdipCreatePath2
GdipCreatePath2I
GdipCreatePathGradient
GdipCreatePathGradientFromPath
GdipCreatePathGradientI
GdipCreatePathIter
GdipCreatePen1
GdipCreatePen2
GdipCreateRegion
GdipCreateRegionHrgn
GdipCreateRegionPath
GdipCreateRegionRect
GdipCreateRegionRectI
GdipCreateRegionRgnData
GdipCreateSolidFill
GdipCreateStreamOnFile
GdipCreateStringFormat
GdipCreateTexture
GdipCreateTexture2
GdipCreateTexture2I
GdipCreateTextureIA
GdipCreateTextureIAI
GdipDeleteBrush
GdipDeleteCachedBitmap
GdipDeleteCustomLineCap
GdipDeleteFont
GdipDeleteFontFamily
GdipDeleteGraphics
GdipDeleteMatrix
GdipDeletePath
GdipDeletePathIter
GdipDeletePen
GdipDeletePrivateFontCollection
GdipDeleteRegion
GdipDeleteStringFormat
GdipDisposeImage
GdipDisposeImageAttributes
GdipDrawArc
GdipDrawArcI
GdipDrawBezier
GdipDrawBezierI
GdipDrawBeziers
GdipDrawBeziersI
GdipDrawCachedBitmap
GdipDrawClosedCurve
GdipDrawClosedCurve2
GdipDrawClosedCurve2I
GdipDrawClosedCurveI
GdipDrawCurve
GdipDrawCurve2
GdipDrawCurve2I
GdipDrawCurve3
GdipDrawCurve3I
GdipDrawCurveI
GdipDrawDriverString
GdipDrawEllipse
GdipDrawEllipseI
GdipDrawImage
GdipDrawImageI
GdipDrawImagePointRect
GdipDrawImagePointRectI
GdipDrawImagePoints
GdipDrawImagePointsI
GdipDrawImagePointsRect
GdipDrawImagePointsRectI
GdipDrawImageRect
GdipDrawImageRectI
GdipDrawImageRectRect
GdipDrawImageRectRectI
GdipDrawLine
GdipDrawLineI
GdipDrawLines
GdipDrawLinesI
GdipDrawPath
GdipDrawPie
GdipDrawPieI
GdipDrawPolygon
GdipDrawPolygonI
GdipDrawRectangle
GdipDrawRectangleI
GdipDrawRectangles
GdipDrawRectanglesI
GdipDrawString
GdipEmfToWmfBits
GdipEndContainer
GdipEnumerateMetafileDestPoint
GdipEnumerateMetafileDestPointI
GdipEnumerateMetafileDestPoints
GdipEnumerateMetafileDestPointsI
GdipEnumerateMetafileDestRect
GdipEnumerateMetafileDestRectI
GdipEnumerateMetafileSrcRectDestPoint
GdipEnumerateMetafileSrcRectDestPointI
GdipEnumerateMetafileSrcRectDestPoints
GdipEnumerateMetafileSrcRectDestPointsI
GdipEnumerateMetafileSrcRectDestRect
GdipEnumerateMetafileSrcRectDestRectI
GdipFillClosedCurve
GdipFillClosedCurve2
GdipFillClosedCurve2I
GdipFillClosedCurveI
GdipFillEllipse
GdipFillEllipseI
GdipFillPath
GdipFillPie
GdipFillPieI
GdipFillPolygon
GdipFillPolygon2
GdipFillPolygon2I
GdipFillPolygonI
GdipFillRectangle
GdipFillRectangleI
GdipFillRectangles
GdipFillRectanglesI
GdipFillRegion
GdipFlattenPath
GdipFlush
GdipFree
GdipGetAdjustableArrowCapFillState
GdipGetAdjustableArrowCapHeight
GdipGetAdjustableArrowCapMiddleInset
GdipGetAdjustableArrowCapWidth
GdipGetAllPropertyItems
GdipGetBrushType
GdipGetCellAscent
GdipGetCellDescent
GdipGetClip
GdipGetClipBounds
GdipGetClipBoundsI
GdipGetCompositingMode
GdipGetCompositingQuality
GdipGetCustomLineCapBaseCap
GdipGetCustomLineCapBaseInset
GdipGetCustomLineCapStrokeCaps
GdipGetCustomLineCapStrokeJoin
GdipGetCustomLineCapType
GdipGetCustomLineCapWidthScale
GdipGetDC
GdipGetDpiX
GdipGetDpiY
GdipGetEmHeight
GdipGetEncoderParameterList
GdipGetEncoderParameterListSize
GdipGetFamily
GdipGetFamilyName
GdipGetFontCollectionFamilyCount
GdipGetFontCollectionFamilyList
GdipGetFontHeight
GdipGetFontHeightGivenDPI
GdipGetFontSize
GdipGetFontStyle
GdipGetFontUnit
GdipGetGenericFontFamilyMonospace
GdipGetGenericFontFamilySansSerif
GdipGetGenericFontFamilySerif
GdipGetHatchBackgroundColor
GdipGetHatchForegroundColor
GdipGetHatchStyle
GdipGetHemfFromMetafile
GdipGetImageAttributesAdjustedPalette
GdipGetImageBounds
GdipGetImageDecoders
GdipGetImageDecodersSize
GdipGetImageDimension
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipGetImageFlags
GdipGetImageGraphicsContext
GdipGetImageHeight
GdipGetImageHorizontalResolution
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageRawFormat
GdipGetImageThumbnail
GdipGetImageType
GdipGetImageVerticalResolution
GdipGetImageWidth
GdipGetInterpolationMode
GdipGetLineBlend
GdipGetLineBlendCount
GdipGetLineColors
GdipGetLineGammaCorrection
GdipGetLinePresetBlend
GdipGetLinePresetBlendCount
GdipGetLineRect
GdipGetLineRectI
GdipGetLineSpacing
GdipGetLineTransform
GdipGetLineWrapMode
GdipGetLogFontA
GdipGetLogFontW
GdipGetMatrixElements
GdipGetMetafileDownLevelRasterizationLimit
GdipGetMetafileHeaderFromEmf
GdipGetMetafileHeaderFromFile
GdipGetMetafileHeaderFromMetafile
GdipGetMetafileHeaderFromStream
GdipGetMetafileHeaderFromWmf
GdipGetNearestColor
GdipGetPageScale
GdipGetPageUnit
GdipGetPathData
GdipGetPathFillMode
GdipGetPathGradientBlend
GdipGetPathGradientBlendCount
GdipGetPathGradientCenterColor
GdipGetPathGradientCenterPoint
GdipGetPathGradientCenterPointI
GdipGetPathGradientFocusScales
GdipGetPathGradientGammaCorrection
GdipGetPathGradientPath
GdipGetPathGradientPointCount
GdipGetPathGradientPresetBlend
GdipGetPathGradientPresetBlendCount
GdipGetPathGradientRect
GdipGetPathGradientRectI
GdipGetPathGradientSurroundColorCount
GdipGetPathGradientSurroundColorsWithCount
GdipGetPathGradientTransform
GdipGetPathGradientWrapMode
GdipGetPathLastPoint
GdipGetPathPoints
GdipGetPathPointsI
GdipGetPathTypes
GdipGetPathWorldBounds
GdipGetPathWorldBoundsI
GdipGetPenBrushFill
GdipGetPenColor
GdipGetPenCompoundArray
GdipGetPenCompoundCount
GdipGetPenCustomEndCap
GdipGetPenCustomStartCap
GdipGetPenDashArray
GdipGetPenDashCap197819
GdipGetPenDashCount
GdipGetPenDashOffset
GdipGetPenDashStyle
GdipGetPenEndCap
GdipGetPenFillType
GdipGetPenLineJoin
GdipGetPenMiterLimit
GdipGetPenMode
GdipGetPenStartCap
GdipGetPenTransform
GdipGetPenUnit
GdipGetPenWidth
GdipGetPixelOffsetMode
GdipGetPointCount
GdipGetPropertyCount
GdipGetPropertyIdList
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipGetPropertySize
GdipGetRegionBounds
GdipGetRegionBoundsI
GdipGetRegionData
GdipGetRegionDataSize
GdipGetRegionHRgn
GdipGetRegionScans
GdipGetRegionScansCount
GdipGetRegionScansI
GdipGetRenderingOrigin
GdipGetSmoothingMode
GdipGetSolidFillColor
GdipGetStringFormatAlign
GdipGetStringFormatDigitSubstitution
GdipGetStringFormatFlags
GdipGetStringFormatHotkeyPrefix
GdipGetStringFormatLineAlign
GdipGetStringFormatMeasurableCharacterRangeCount
GdipGetStringFormatTabStopCount
GdipGetStringFormatTabStops
GdipGetStringFormatTrimming
GdipGetTextContrast
GdipGetTextRenderingHint
GdipGetTextureImage
GdipGetTextureTransform
GdipGetTextureWrapMode
GdipGetVisibleClipBounds
GdipGetVisibleClipBoundsI
GdipGetWorldTransform
GdipGraphicsClear
GdipImageForceValidation
GdipImageGetFrameCount
GdipImageGetFrameDimensionsCount
GdipImageGetFrameDimensionsList
GdipImageRotateFlip
GdipImageSelectActiveFrame
GdipInvertMatrix
GdipIsClipEmpty
GdipIsEmptyRegion
GdipIsEqualRegion
GdipIsInfiniteRegion
GdipIsMatrixEqual
GdipIsMatrixIdentity
GdipIsMatrixInvertible
GdipIsOutlineVisiblePathPoint
GdipIsOutlineVisiblePathPointI
GdipIsStyleAvailable
GdipIsVisibleClipEmpty
GdipIsVisiblePathPoint
GdipIsVisiblePathPointI
GdipIsVisiblePoint
GdipIsVisiblePointI
GdipIsVisibleRect
GdipIsVisibleRectI
GdipIsVisibleRegionPoint
GdipIsVisibleRegionPointI
GdipIsVisibleRegionRect
GdipIsVisibleRegionRectI
GdipLoadImageFromFile
GdipLoadImageFromFileICM
GdipLoadImageFromStream
GdipLoadImageFromStreamICM
GdipMeasureCharacterRanges
GdipMeasureDriverString
GdipMeasureString
GdipMultiplyLineTransform
GdipMultiplyMatrix
GdipMultiplyPathGradientTransform
GdipMultiplyPenTransform
GdipMultiplyTextureTransform
GdipMultiplyWorldTransform
GdipNewInstalledFontCollection
GdipNewPrivateFontCollection
GdipPathIterCopyData
GdipPathIterEnumerate
GdipPathIterGetCount
GdipPathIterGetSubpathCount
GdipPathIterHasCurve
GdipPathIterIsValid
GdipPathIterNextMarker
GdipPathIterNextMarkerPath
GdipPathIterNextPathType
GdipPathIterNextSubpath
GdipPathIterNextSubpathPath
GdipPathIterRewind
GdipPlayMetafileRecord
GdipPrivateAddFontFile
GdipPrivateAddMemoryFont
GdipRecordMetafile
GdipRecordMetafileFileName
GdipRecordMetafileFileNameI
GdipRecordMetafileI
GdipRecordMetafileStream
GdipRecordMetafileStreamI
GdipReleaseDC
GdipRemovePropertyItem
GdipResetClip
GdipResetImageAttributes
GdipResetLineTransform
GdipResetPageTransform
GdipResetPath
GdipResetPathGradientTransform
GdipResetPenTransform
GdipResetTextureTransform
GdipResetWorldTransform
GdipRestoreGraphics
GdipReversePath
GdipRotateLineTransform
GdipRotateMatrix
GdipRotatePathGradientTransform
GdipRotatePenTransform
GdipRotateTextureTransform
GdipRotateWorldTransform
GdipSaveAdd
GdipSaveAddImage
GdipSaveGraphics
GdipSaveImageToFile
GdipSaveImageToStream
GdipScaleLineTransform
GdipScaleMatrix
GdipScalePathGradientTransform
GdipScalePenTransform
GdipScaleTextureTransform
GdipScaleWorldTransform
GdipSetAdjustableArrowCapFillState
GdipSetAdjustableArrowCapHeight
GdipSetAdjustableArrowCapMiddleInset
GdipSetAdjustableArrowCapWidth
GdipSetClipGraphics
GdipSetClipHrgn
GdipSetClipPath
GdipSetClipRect
GdipSetClipRectI
GdipSetClipRegion
GdipSetCompositingMode
GdipSetCompositingQuality
GdipSetCustomLineCapBaseCap
GdipSetCustomLineCapBaseInset
GdipSetCustomLineCapStrokeCaps
GdipSetCustomLineCapStrokeJoin

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Shared
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
FlashGet 3/id3lib.dll
.dll windows:4 windows x86 arch:x86

be371c9e393a085edcb9040c04c7bb17

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
SetEndOfFile
SetFilePointer
CreateFileA
EnterCriticalSection
Sleep
InitializeCriticalSection
InterlockedExchange
DeleteCriticalSection
LeaveCriticalSection
InterlockedDecrement
InterlockedIncrement
WideCharToMultiByte
MultiByteToWideChar
RtlUnwind
RaiseException
HeapFree
GetLastError
MoveFileA
DeleteFileA
GetCommandLineA
GetVersion
HeapAlloc
HeapReAlloc
ExitProcess
FatalAppExitA
LCMapStringA
LCMapStringW
GetCPInfo
CompareStringA
CompareStringW
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetCurrentThread
TerminateProcess
GetCurrentProcess
HeapSize
SetUnhandledExceptionFilter
GetModuleHandleA
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
ReadFile
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
WriteFile
GetProcAddress
FlushFileBuffers
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
IsBadReadPtr
IsBadCodePtr
UnhandledExceptionFilter
SetStdHandle
GetACP
GetOEMCP
LoadLibraryA
SetConsoleCtrlHandler
GetLocaleInfoW
SetEnvironmentVariableA

Exports

Exports

??0BStringReader@io@dami@@QAE@ABV012@@Z
??0BStringReader@io@dami@@QAE@ABV?$basic_string@EU?$char_traits@E@std@@V?$allocator@E@2@@std@@@Z
??0BStringWriter@io@dami@@QAE@AAV?$basic_string@EU?$char_traits@E@std@@V?$allocator@E@2@@std@@@Z
??0BStringWriter@io@dami@@QAE@ABV012@@Z
??0CharReader@io@dami@@QAE@AAVID3_Reader@@@Z
??0CharReader@io@dami@@QAE@ABV012@@Z
??0CompressedReader@io@dami@@QAE@AAVID3_Reader@@I@Z
??0CompressedReader@io@dami@@QAE@ABV012@@Z
??0ExitTrigger@io@dami@@QAE@AAVID3_Reader@@@Z
??0ExitTrigger@io@dami@@QAE@AAVID3_Reader@@I@Z
??0ExitTrigger@io@dami@@QAE@ABV012@@Z
??0ID3_FStreamWriter@@QAE@AAV?$basic_fstream@DU?$char_traits@D@std@@@std@@@Z
??0ID3_FStreamWriter@@QAE@ABV0@@Z
??0ID3_Field@@IAE@XZ
??0ID3_Field@@QAE@ABV0@@Z
??0ID3_Frame@@QAE@ABV0@@Z
??0ID3_Frame@@QAE@W4ID3_FrameID@@@Z
??0ID3_FrameInfo@@QAE@XZ
??0ID3_IFStreamReader@@QAE@AAV?$basic_ifstream@DU?$char_traits@D@std@@@std@@@Z
??0ID3_IFStreamReader@@QAE@ABV0@@Z
??0ID3_IOStreamWriter@@QAE@AAV?$basic_iostream@DU?$char_traits@D@std@@@std@@@Z
??0ID3_IOStreamWriter@@QAE@ABV0@@Z
??0ID3_IStreamReader@@QAE@AAV?$basic_istream@DU?$char_traits@D@std@@@std@@@Z
??0ID3_IStreamReader@@QAE@ABV0@@Z
??0ID3_MemoryReader@@QAE@ABV0@@Z
??0ID3_MemoryReader@@QAE@PBDI@Z
??0ID3_MemoryReader@@QAE@PBEI@Z
??0ID3_MemoryReader@@QAE@XZ
??0ID3_MemoryWriter@@QAE@ABV0@@Z
??0ID3_MemoryWriter@@QAE@QAEI@Z
??0ID3_MemoryWriter@@QAE@XZ
??0ID3_OFStreamWriter@@QAE@AAV?$basic_ofstream@DU?$char_traits@D@std@@@std@@@Z
??0ID3_OFStreamWriter@@QAE@ABV0@@Z
??0ID3_OStreamWriter@@QAE@AAV?$basic_ostream@DU?$char_traits@D@std@@@std@@@Z
??0ID3_OStreamWriter@@QAE@ABV0@@Z
??0ID3_Reader@@QAE@ABV0@@Z
??0ID3_Reader@@QAE@XZ
??0ID3_Tag@@QAE@ABV0@@Z
??0ID3_Tag@@QAE@PBD@Z
??0ID3_Writer@@QAE@ABV0@@Z
??0ID3_Writer@@QAE@XZ
??0LineFeedReader@io@dami@@QAE@AAVID3_Reader@@@Z
??0LineFeedReader@io@dami@@QAE@ABV012@@Z
??0StringReader@io@dami@@QAE@ABV012@@Z
??0StringReader@io@dami@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0StringWriter@io@dami@@QAE@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0StringWriter@io@dami@@QAE@ABV012@@Z
??0UnsyncedReader@io@dami@@QAE@AAVID3_Reader@@@Z
??0UnsyncedReader@io@dami@@QAE@ABV012@@Z
??0UnsyncedWriter@io@dami@@QAE@AAVID3_Writer@@@Z
??0UnsyncedWriter@io@dami@@QAE@ABV012@@Z
??0WindowedReader@io@dami@@QAE@AAVID3_Reader@@@Z
??0WindowedReader@io@dami@@QAE@AAVID3_Reader@@I@Z
??0WindowedReader@io@dami@@QAE@AAVID3_Reader@@II@Z
??0WindowedReader@io@dami@@QAE@ABV012@@Z
??1BStringReader@io@dami@@UAE@XZ
??1BStringWriter@io@dami@@UAE@XZ
??1CharReader@io@dami@@UAE@XZ
??1CompressedReader@io@dami@@UAE@XZ
??1ExitTrigger@io@dami@@UAE@XZ
??1ID3_FStreamWriter@@UAE@XZ
??1ID3_Field@@MAE@XZ
??1ID3_Frame@@UAE@XZ
??1ID3_FrameInfo@@QAE@XZ
??1ID3_IFStreamReader@@UAE@XZ
??1ID3_IOStreamWriter@@UAE@XZ
??1ID3_IStreamReader@@UAE@XZ
??1ID3_MemoryReader@@UAE@XZ
??1ID3_MemoryWriter@@UAE@XZ
??1ID3_OFStreamWriter@@UAE@XZ
??1ID3_OStreamWriter@@UAE@XZ
??1ID3_Tag@@UAE@XZ
??1LineFeedReader@io@dami@@UAE@XZ
??1StringReader@io@dami@@UAE@XZ
??1StringWriter@io@dami@@UAE@XZ
??1UnsyncedReader@io@dami@@UAE@XZ
??4CompressedReader@io@dami@@QAEAAV012@ABV012@@Z
??4ID3_Frame@@QAEAAV0@ABV0@@Z
??4ID3_FrameInfo@@QAEAAV0@ABV0@@Z
??4ID3_MemoryReader@@QAEAAV0@ABV0@@Z
??4ID3_MemoryWriter@@QAEAAV0@ABV0@@Z
??4ID3_Reader@@QAEAAV0@ABV0@@Z
??4ID3_Tag@@QAEAAV0@ABV0@@Z
??4ID3_Writer@@QAEAAV0@ABV0@@Z
??6ID3_Tag@@QAEAAV0@ABVID3_Frame@@@Z
??6ID3_Tag@@QAEAAV0@PBVID3_Frame@@@Z
??_7BStringReader@io@dami@@6B@
??_7BStringWriter@io@dami@@6B@
??_7CharReader@io@dami@@6B@
??_7CompressedReader@io@dami@@6B@
??_7ExitTrigger@io@dami@@6B@
??_7ID3_FStreamWriter@@6B@
??_7ID3_Field@@6B@
??_7ID3_Frame@@6B@
??_7ID3_IFStreamReader@@6B@
??_7ID3_IOStreamWriter@@6B@
??_7ID3_IStreamReader@@6B@
??_7ID3_MemoryReader@@6B@
??_7ID3_MemoryWriter@@6B@
??_7ID3_OFStreamWriter@@6B@
??_7ID3_OStreamWriter@@6B@
??_7ID3_Reader@@6B@
??_7ID3_Tag@@6B@
??_7ID3_Writer@@6B@
??_7LineFeedReader@io@dami@@6B@
??_7StringReader@io@dami@@6B@
??_7StringWriter@io@dami@@6B@
??_7UnsyncedReader@io@dami@@6B@
??_7UnsyncedWriter@io@dami@@6B@
??_7WindowedReader@io@dami@@6B@
??_FID3_Frame@@QAEXXZ
??_FID3_Tag@@QAEXXZ
?AddFrame@ID3_Tag@@QAEXABVID3_Frame@@@Z
?AddFrame@ID3_Tag@@QAEXPBVID3_Frame@@@Z
?AddFrames@ID3_Tag@@QAEXPBVID3_Frame@@I@Z
?AddNewFrame@ID3_Tag@@QAEXPAVID3_Frame@@@Z
?AttachFrame@ID3_Tag@@QAE_NPAVID3_Frame@@@Z
?Clear@ID3_Frame@@QAEXXZ
?Clear@ID3_Tag@@QAEXXZ
?Contains@ID3_Frame@@QBE_NW4ID3_FieldID@@@Z
?CreateIterator@ID3_Frame@@QAEPAVIterator@1@XZ
?CreateIterator@ID3_Frame@@QBEPAVConstIterator@1@XZ
?CreateIterator@ID3_Tag@@QAEPAVIterator@1@XZ
?CreateIterator@ID3_Tag@@QBEPAVConstIterator@1@XZ
?Description@ID3_FrameInfo@@QAEPBDW4ID3_FrameID@@@Z
?END_OF_READER@ID3_Reader@@2FB
?END_OF_WRITER@ID3_Writer@@2FB
?Field@ID3_Frame@@QBEAAVID3_Field@@W4ID3_FieldID@@@Z
?FieldFlags@ID3_FrameInfo@@QAEGW4ID3_FrameID@@H@Z
?FieldSize@ID3_FrameInfo@@QAEIW4ID3_FrameID@@H@Z
?FieldType@ID3_FrameInfo@@QAE?AW4ID3_FieldType@@W4ID3_FrameID@@H@Z
?Find@ID3_Tag@@QBEPAVID3_Frame@@W4ID3_FrameID@@@Z
?Find@ID3_Tag@@QBEPAVID3_Frame@@W4ID3_FrameID@@W4ID3_FieldID@@I@Z
?Find@ID3_Tag@@QBEPAVID3_Frame@@W4ID3_FrameID@@W4ID3_FieldID@@PBD@Z
?Find@ID3_Tag@@QBEPAVID3_Frame@@W4ID3_FrameID@@W4ID3_FieldID@@PBG@Z
?GetAppendedBytes@ID3_Tag@@QBEIXZ
?GetCompression@ID3_Frame@@QBE_NXZ
?GetDataSize@ID3_Frame@@QBEIXZ
?GetDescription@ID3_Frame@@QBEPBDXZ
?GetDescription@ID3_Frame@@SAPBDW4ID3_FrameID@@@Z
?GetEncryptionID@ID3_Frame@@QBEEXZ
?GetExperimental@ID3_Tag@@QBE_NXZ
?GetExtendedHeader@ID3_Tag@@QBE_NXZ
?GetField@ID3_Frame@@QBEPAVID3_Field@@W4ID3_FieldID@@@Z
?GetFileName@ID3_Tag@@QBEPBDXZ
?GetFileSize@ID3_Tag@@QBEIXZ
?GetGroupingID@ID3_Frame@@QBEEXZ
?GetID@ID3_Frame@@QBE?AW4ID3_FrameID@@XZ
?GetMp3HeaderInfo@ID3_Tag@@QBEPBUMp3_Headerinfo@@XZ
?GetPrependedBytes@ID3_Tag@@QBEIXZ
?GetSpec@ID3_Frame@@QBE?AW4ID3_V2Spec@@XZ
?GetSpec@ID3_Tag@@QBE?AW4ID3_V2Spec@@XZ
?GetTextID@ID3_Frame@@QBEPBDXZ
?GetUnsync@ID3_Tag@@QBE_NXZ
?HasChanged@ID3_Frame@@QBE_NXZ
?HasChanged@ID3_Tag@@QBE_NXZ
?HasLyrics@ID3_Tag@@QBE_NXZ
?HasTagType@ID3_Tag@@QBE_NW4ID3_TagType@@@Z
?HasV1Tag@ID3_Tag@@QBE_NXZ
?HasV2Tag@ID3_Tag@@QBE_NXZ
?ID3_AddAlbum@@YAPAVID3_Frame@@PAVID3_Tag@@PBD_N@Z
?ID3_AddArtist@@YAPAVID3_Frame@@PAVID3_Tag@@PBD_N@Z
?ID3_AddComment@@YAPAVID3_Frame@@PAVID3_Tag@@PBD11_N@Z
?ID3_AddComment@@YAPAVID3_Frame@@PAVID3_Tag@@PBD1_N@Z
?ID3_AddComment@@YAPAVID3_Frame@@PAVID3_Tag@@PBD_N@Z
?ID3_AddGenre@@YAPAVID3_Frame@@PAVID3_Tag@@I_N@Z
?ID3_AddGenre@@YAPAVID3_Frame@@PAVID3_Tag@@PBD_N@Z
?ID3_AddLyricist@@YAPAVID3_Frame@@PAVID3_Tag@@PBD_N@Z
?ID3_AddLyrics@@YAPAVID3_Frame@@PAVID3_Tag@@PBD11_N@Z
?ID3_AddLyrics@@YAPAVID3_Frame@@PAVID3_Tag@@PBD1_N@Z
?ID3_AddLyrics@@YAPAVID3_Frame@@PAVID3_Tag@@PBD_N@Z
?ID3_AddPicture@@YAPAVID3_Frame@@PAVID3_Tag@@PBD1W4ID3_PictureType@@1_N@Z
?ID3_AddPicture@@YAPAVID3_Frame@@PAVID3_Tag@@PBD1_N@Z
?ID3_AddSyncLyrics@@YAPAVID3_Frame@@PAVID3_Tag@@PBEIW4ID3_TimeStampFormat@@PBD3W4ID3_ContentType@@_N@Z
?ID3_AddSyncLyrics@@YAPAVID3_Frame@@PAVID3_Tag@@PBEIW4ID3_TimeStampFormat@@PBD3_N@Z
?ID3_AddSyncLyrics@@YAPAVID3_Frame@@PAVID3_Tag@@PBEIW4ID3_TimeStampFormat@@PBD_N@Z
?ID3_AddSyncLyrics@@YAPAVID3_Frame@@PAVID3_Tag@@PBEIW4ID3_TimeStampFormat@@_N@Z
?ID3_AddTitle@@YAPAVID3_Frame@@PAVID3_Tag@@PBD_N@Z
?ID3_AddTrack@@YAPAVID3_Frame@@PAVID3_Tag@@EE_N@Z
?ID3_AddYear@@YAPAVID3_Frame@@PAVID3_Tag@@PBD_N@Z
?ID3_FreeString@@YAXPAD@Z
?ID3_GetAlbum@@YAPADPBVID3_Tag@@@Z
?ID3_GetArtist@@YAPADPBVID3_Tag@@@Z
?ID3_GetComment@@YAPADPBVID3_Tag@@PBD@Z
?ID3_GetDescriptionOfPicType@@YAPADPAVID3_Tag@@W4ID3_PictureType@@@Z
?ID3_GetGenre@@YAPADPBVID3_Tag@@@Z
?ID3_GetGenreNum@@YAIPBVID3_Tag@@@Z
?ID3_GetLyricist@@YAPADPBVID3_Tag@@@Z
?ID3_GetLyrics@@YAPADPBVID3_Tag@@@Z
?ID3_GetMimeTypeOfPicType@@YAPADPAVID3_Tag@@W4ID3_PictureType@@@Z
?ID3_GetPictureData@@YAHPBVID3_Tag@@PBD@Z
?ID3_GetPictureDataOfPicType@@YAIPAVID3_Tag@@PBDW4ID3_PictureType@@@Z
?ID3_GetPictureMimeType@@YAPADPBVID3_Tag@@@Z
?ID3_GetString@@YAPADPBVID3_Frame@@W4ID3_FieldID@@@Z
?ID3_GetString@@YAPADPBVID3_Frame@@W4ID3_FieldID@@I@Z
?ID3_GetSyncLyrics@@YAPAVID3_Frame@@PBVID3_Tag@@PBD1AAPBEAAI@Z
?ID3_GetTitle@@YAPADPBVID3_Tag@@@Z
?ID3_GetTrack@@YAPADPBVID3_Tag@@@Z
?ID3_GetTrackNum@@YAIPBVID3_Tag@@@Z
?ID3_GetYear@@YAPADPBVID3_Tag@@@Z
?ID3_HasPicture@@YA_NPBVID3_Tag@@@Z
?ID3_IsTagHeader@@YAHQBE@Z
?ID3_RemoveAlbums@@YAIPAVID3_Tag@@@Z
?ID3_RemoveArtists@@YAIPAVID3_Tag@@@Z
?ID3_RemoveComments@@YAIPAVID3_Tag@@PBD@Z
?ID3_RemoveGenres@@YAIPAVID3_Tag@@@Z
?ID3_RemoveLyricist@@YAIPAVID3_Tag@@@Z
?ID3_RemoveLyrics@@YAIPAVID3_Tag@@@Z
?ID3_RemovePictureType@@YAIPAVID3_Tag@@W4ID3_PictureType@@@Z
?ID3_RemovePictures@@YAIPAVID3_Tag@@@Z
?ID3_RemoveTitles@@YAIPAVID3_Tag@@@Z
?ID3_RemoveTracks@@YAIPAVID3_Tag@@@Z
?ID3_RemoveYears@@YAIPAVID3_Tag@@@Z
?IsV2Tag@ID3_Tag@@SAIAAVID3_Reader@@@Z
?IsV2Tag@ID3_Tag@@SAIPBE@Z
?Link@ID3_Tag@@QAEIAAVID3_Reader@@G@Z
?Link@ID3_Tag@@QAEIPBDG@Z
?Link@ID3_Tag@@QAEIPBD_N1@Z
?LongName@ID3_FrameInfo@@QAEPADW4ID3_FrameID@@@Z
?MaxFrameID@ID3_FrameInfo@@QAEHXZ
?NumFields@ID3_Frame@@QBEIXZ
?NumFields@ID3_FrameInfo@@QAEHW4ID3_FrameID@@@Z
?NumFrames@ID3_Tag@@QBEIXZ
?Parse@ID3_Frame@@QAE_NAAVID3_Reader@@@Z
?Parse@ID3_Tag@@QAEIPBEI@Z
?Parse@ID3_Tag@@QAEIQBEPBE@Z
?Parse@ID3_Tag@@QAE_NAAVID3_Reader@@@Z
?RemoveFrame@ID3_Tag@@QAEPAVID3_Frame@@PBV2@@Z
?Render@ID3_Frame@@QBEXAAVID3_Writer@@@Z
?Render@ID3_Tag@@QBEIAAVID3_Writer@@W4ID3_TagType@@@Z
?Render@ID3_Tag@@QBEIPAEW4ID3_TagType@@@Z
?SetCompression@ID3_Frame@@QAE_N_N@Z
?SetCompression@ID3_Tag@@QAEX_N@Z
?SetEncryptionID@ID3_Frame@@QAE_NE@Z
?SetExperimental@ID3_Tag@@QAE_N_N@Z
?SetExtendedHeader@ID3_Tag@@QAE_N_N@Z
?SetGroupingID@ID3_Frame@@QAE_NE@Z
?SetID@ID3_Frame@@QAE_NW4ID3_FrameID@@@Z
?SetPadding@ID3_Tag@@QAE_N_N@Z
?SetSpec@ID3_Frame@@QAE_NW4ID3_V2Spec@@@Z
?SetSpec@ID3_Tag@@QAE_NW4ID3_V2Spec@@@Z
?SetUnsync@ID3_Tag@@QAE_N_N@Z
?ShortName@ID3_FrameInfo@@QAEPADW4ID3_FrameID@@@Z
?Size@ID3_Frame@@QAEIXZ
?Size@ID3_Tag@@QBEIXZ
?Strip@ID3_Tag@@QAEGG@Z
?Update@ID3_Tag@@QAEGG@Z
?atEnd@BStringReader@io@dami@@UAE_NXZ
?atEnd@ID3_Reader@@UAE_NXZ
?atEnd@ID3_Writer@@UAE_NXZ
?atEnd@StringReader@io@dami@@UAE_NXZ
?close@BStringReader@io@dami@@UAEXXZ
?close@BStringWriter@io@dami@@UAEXXZ
?close@CharReader@io@dami@@UAEXXZ
?close@ID3_FStreamWriter@@UAEXXZ
?close@ID3_IFStreamReader@@UAEXXZ
?close@ID3_IOStreamWriter@@UAEXXZ
?close@ID3_IStreamReader@@UAEXXZ
?close@ID3_MemoryReader@@UAEXXZ
?close@ID3_MemoryWriter@@UAEXXZ
?close@ID3_OFStreamWriter@@UAEXXZ
?close@ID3_OStreamWriter@@UAEXXZ
?close@StringReader@io@dami@@UAEXXZ
?close@StringWriter@io@dami@@UAEXXZ
?close@UnsyncedWriter@io@dami@@UAEXXZ
?close@WindowedReader@io@dami@@UAEXXZ
?convert@dami@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V23@W4ID3_TextEnc@@1@Z
?createFile@dami@@YA?AW4ID3_Err@@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAV?$basic_fstream@DU?$char_traits@D@std@@@4@@Z
?flush@BStringWriter@io@dami@@UAEXXZ
?flush@ID3_IOStreamWriter@@UAEXXZ
?flush@ID3_MemoryWriter@@UAEXXZ
?flush@ID3_OStreamWriter@@UAEXXZ
?flush@StringWriter@io@dami@@UAEXXZ
?flush@UnsyncedWriter@io@dami@@UAEXXZ
?getAlbum@v2@id3@dami@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABVID3_TagImpl@@@Z
?getArtist@v2@id3@dami@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABVID3_TagImpl@@@Z
?getBeg@BStringReader@io@dami@@UAEIXZ
?getBeg@CharReader@io@dami@@UAEIXZ
?getBeg@ID3_IOStreamWriter@@UAEIXZ
?getBeg@ID3_IStreamReader@@UAEIXZ
?getBeg@ID3_MemoryReader@@UAEIXZ
?getBeg@ID3_MemoryWriter@@UAEIXZ
?getBeg@ID3_OStreamWriter@@UAEIXZ
?getBeg@ID3_Reader@@UAEIXZ
?getBeg@ID3_Writer@@UAEIXZ
?getBeg@StringReader@io@dami@@UAEIXZ
?getBeg@UnsyncedWriter@io@dami@@UAEIXZ
?getBeg@WindowedReader@io@dami@@UAEIXZ
?getComment@v2@id3@dami@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABVID3_TagImpl@@V45@@Z
?getCur@BStringReader@io@dami@@UAEIXZ
?getCur@BStringWriter@io@dami@@UAEIXZ
?getCur@CharReader@io@dami@@UAEIXZ
?getCur@ID3_IOStreamWriter@@UAEIXZ
?getCur@ID3_IStreamReader@@UAEIXZ
?getCur@ID3_MemoryReader@@UAEIXZ
?getCur@ID3_MemoryWriter@@UAEIXZ
?getCur@ID3_OStreamWriter@@UAEIXZ
?getCur@StringReader@io@dami@@UAEIXZ
?getCur@StringWriter@io@dami@@UAEIXZ
?getCur@UnsyncedWriter@io@dami@@UAEIXZ
?getCur@WindowedReader@io@dami@@UAEIXZ
?getEnd@BStringReader@io@dami@@UAEIXZ
?getEnd@CharReader@io@dami@@UAEIXZ
?getEnd@ID3_IStreamReader@@UAEIXZ
?getEnd@ID3_MemoryReader@@UAEIXZ
?getEnd@ID3_MemoryWriter@@UAEIXZ
?getEnd@ID3_Reader@@UAEIXZ
?getEnd@ID3_Writer@@UAEIXZ
?getEnd@StringReader@io@dami@@UAEIXZ
?getEnd@UnsyncedWriter@io@dami@@UAEIXZ
?getEnd@WindowedReader@io@dami@@UAEIXZ
?getFileSize@dami@@YAIAAV?$basic_fstream@DU?$char_traits@D@std@@@std@@@Z
?getFileSize@dami@@YAIAAV?$basic_ifstream@DU?$char_traits@D@std@@@std@@@Z
?getFileSize@dami@@YAIAAV?$basic_ofstream@DU?$char_traits@D@std@@@std@@@Z
?getFrameText@v2@id3@dami@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABVID3_TagImpl@@W4ID3_FrameID@@@Z
?getGenre@v2@id3@dami@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABVID3_TagImpl@@@Z
?getGenreNum@v2@id3@dami@@YAIABVID3_TagImpl@@@Z
?getLyricist@v2@id3@dami@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABVID3_TagImpl@@@Z
?getLyrics@v2@id3@dami@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABVID3_TagImpl@@@Z
?getMaxSize@ID3_Writer@@UAEIXZ
?getNumSyncs@UnsyncedWriter@io@dami@@QBEIXZ
?getReader@ID3_IStreamReader@@IBEAAV?$basic_istream@DU?$char_traits@D@std@@@std@@XZ
?getSize@ID3_Writer@@UAEIXZ
?getString@v2@id3@dami@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PBVID3_Frame@@W4ID3_FieldID@@@Z
?getStringAtIndex@v2@id3@dami@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PBVID3_Frame@@W4ID3_FieldID@@I@Z
?getSyncLyrics@v2@id3@dami@@YA?AV?$basic_string@EU?$char_traits@E@std@@V?$allocator@E@2@@std@@ABVID3_TagImpl@@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@5@1@Z
?getTitle@v2@id3@dami@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABVID3_TagImpl@@@Z
?getTrack@v2@id3@dami@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABVID3_TagImpl@@@Z
?getTrackNum@v2@id3@dami@@YAIABVID3_TagImpl@@@Z
?getV1Comment@v2@id3@dami@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABVID3_TagImpl@@@Z
?getWriter@ID3_IOStreamWriter@@IBEAAV?$basic_iostream@DU?$char_traits@D@std@@@std@@XZ
?getWriter@ID3_OStreamWriter@@IBEAAV?$basic_ostream@DU?$char_traits@D@std@@@std@@XZ
?getYear@v2@id3@dami@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABVID3_TagImpl@@@Z
?hasAlbum@v2@id3@dami@@YAPAVID3_Frame@@ABVID3_TagImpl@@@Z
?hasArtist@v2@id3@dami@@YAPAVID3_Frame@@ABVID3_TagImpl@@@Z
?hasComment@v2@id3@dami@@YAPAVID3_Frame@@ABVID3_TagImpl@@@Z
?hasGenre@v2@id3@dami@@YAPAVID3_Frame@@ABVID3_TagImpl@@@Z
?hasLyrics@v2@id3@dami@@YAPAVID3_Frame@@ABVID3_TagImpl@@@Z
?hasSyncLyrics@v2@id3@dami@@YAPAVID3_Frame@@ABVID3_TagImpl@@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@1@Z
?hasTitle@v2@id3@dami@@YAPAVID3_Frame@@ABVID3_TagImpl@@@Z
?hasTrack@v2@id3@dami@@YAPAVID3_Frame@@ABVID3_TagImpl@@@Z
?hasV1Comment@v2@id3@dami@@YAPAVID3_Frame@@ABVID3_TagImpl@@@Z
?hasYear@v2@id3@dami@@YAPAVID3_Frame@@ABVID3_TagImpl@@@Z
?inWindow@WindowedReader@io@dami@@AAE_NI@Z
?inWindow@WindowedReader@io@dami@@QAE_NXZ
?openReadableFile@dami@@YA?AW4ID3_Err@@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAV?$basic_fstream@DU?$char_traits@D@std@@@4@@Z
?openReadableFile@dami@@YA?AW4ID3_Err@@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAV?$basic_ifstream@DU?$char_traits@D@std@@@4@@Z
?openWritableFile@dami@@YA?AW4ID3_Err@@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAV?$basic_fstream@DU?$char_traits@D@std@@@4@@Z
?openWritableFile@dami@@YA?AW4ID3_Err@@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAV?$basic_ofstream@DU?$char_traits@D@std@@@4@@Z
?peekChar@BStringReader@io@dami@@UAEFXZ
?peekChar@CharReader@io@dami@@UAEFXZ
?peekChar@ID3_IStreamReader@@UAEFXZ
?peekChar@ID3_MemoryReader@@UAEFXZ
?peekChar@StringReader@io@dami@@UAEFXZ
?peekChar@WindowedReader@io@dami@@UAEFXZ
?readAllBinary@io@dami@@YA?AV?$basic_string@EU?$char_traits@E@std@@V?$allocator@E@2@@std@@AAVID3_Reader@@@Z
?readBENumber@io@dami@@YAIAAVID3_Reader@@I@Z
?readBinary@io@dami@@YA?AV?$basic_string@EU?$char_traits@E@std@@V?$allocator@E@2@@std@@AAVID3_Reader@@I@Z
?readChar@ID3_Reader@@UAEFXZ
?readChar@LineFeedReader@io@dami@@UAEFXZ
?readChar@UnsyncedReader@io@dami@@UAEFXZ
?readChar@WindowedReader@io@dami@@UAEFXZ
?readChars@BStringReader@io@dami@@UAEIQADI@Z
?readChars@BStringReader@io@dami@@UAEIQAEI@Z
?readChars@CharReader@io@dami@@UAEIQADI@Z
?readChars@CharReader@io@dami@@UAEIQAEI@Z
?readChars@ID3_IStreamReader@@UAEIQADI@Z
?readChars@ID3_IStreamReader@@UAEIQAEI@Z
?readChars@ID3_MemoryReader@@UAEIQADI@Z
?readChars@ID3_MemoryReader@@UAEIQAEI@Z
?readChars@ID3_Reader@@UAEIQADI@Z
?readChars@StringReader@io@dami@@UAEIQADI@Z
?readChars@StringReader@io@dami@@UAEIQAEI@Z
?readChars@WindowedReader@io@dami@@UAEIQADI@Z
?readChars@WindowedReader@io@dami@@UAEIQAEI@Z
?readLENumber@io@dami@@YAIAAVID3_Reader@@I@Z
?readString@io@dami@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAVID3_Reader@@@Z
?readText@io@dami@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAVID3_Reader@@I@Z
?readTrailingSpaces@io@dami@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAVID3_Reader@@I@Z
?readUInt28@io@dami@@YAIAAVID3_Reader@@@Z
?readUnicodeString@io@dami@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAVID3_Reader@@@Z
?readUnicodeText@io@dami@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAVID3_Reader@@I@Z
?release@ExitTrigger@io@dami@@QAEXXZ
?remainingBytes@ID3_Reader@@UAEIXZ
?removeAlbums@v2@id3@dami@@YAIAAVID3_TagImpl@@@Z
?removeAllComments@v2@id3@dami@@YAIAAVID3_TagImpl@@@Z
?removeArtists@v2@id3@dami@@YAIAAVID3_TagImpl@@@Z
?removeComments@v2@id3@dami@@YAIAAVID3_TagImpl@@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?removeFrames@v2@id3@dami@@YAIAAVID3_TagImpl@@W4ID3_FrameID@@@Z
?removeGenres@v2@id3@dami@@YAIAAVID3_TagImpl@@@Z
?removeLyricists@v2@id3@dami@@YAIAAVID3_TagImpl@@@Z
?removeLyrics@v2@id3@dami@@YAIAAVID3_TagImpl@@@Z
?removeTitles@v2@id3@dami@@YAIAAVID3_TagImpl@@@Z
?removeTracks@v2@id3@dami@@YAIAAVID3_TagImpl@@@Z
?removeYears@v2@id3@dami@@YAIAAVID3_TagImpl@@@Z
?renderNumber@dami@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@II@Z
?renderNumber@dami@@YAIPAEII@Z
?setAlbum@v2@id3@dami@@YAPAVID3_Frame@@AAVID3_TagImpl@@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?setArtist@v2@id3@dami@@YAPAVID3_Frame@@AAVID3_TagImpl@@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?setBeg@WindowedReader@io@dami@@QAEII@Z
?setBuffer@ID3_MemoryReader@@IAEXPBEI@Z
?setBuffer@ID3_MemoryWriter@@IAEXPAEI@Z
?setComment@v2@id3@dami@@YAPAVID3_Frame@@AAVID3_TagImpl@@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@11@Z
?setCur@BStringReader@io@dami@@UAEII@Z
?setCur@CharReader@io@dami@@UAEII@Z
?setCur@ID3_IStreamReader@@UAEII@Z
?setCur@ID3_MemoryReader@@UAEII@Z
?setCur@StringReader@io@dami@@UAEII@Z
?setCur@WindowedReader@io@dami@@UAEII@Z
?setEnd@WindowedReader@io@dami@@QAEII@Z
?setExitPos@ExitTrigger@io@dami@@QAEXI@Z
?setFrameText@v2@id3@dami@@YAPAVID3_Frame@@AAVID3_TagImpl@@W4ID3_FrameID@@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?setGenre@v2@id3@dami@@YAPAVID3_Frame@@AAVID3_TagImpl@@I@Z
?setLyricist@v2@id3@dami@@YAPAVID3_Frame@@AAVID3_TagImpl@@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?setLyrics@v2@id3@dami@@YAPAVID3_Frame@@AAVID3_TagImpl@@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@11@Z
?setSyncLyrics@v2@id3@dami@@YAPAVID3_Frame@@AAVID3_TagImpl@@V?$basic_string@EU?$char_traits@E@std@@V?$allocator@E@2@@std@@W4ID3_TimeStampFormat@@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@7@3W4ID3_ContentType@@@Z
?setTitle@v2@id3@dami@@YAPAVID3_Frame@@AAVID3_TagImpl@@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?setTrack@v2@id3@dami@@YAPAVID3_Frame@@AAVID3_TagImpl@@EE@Z
?setWindow@WindowedReader@io@dami@@QAEXII@Z
?setYear@v2@id3@dami@@YAPAVID3_Frame@@AAVID3_TagImpl@@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?skipChars@BStringReader@io@dami@@UAEII@Z
?skipChars@ID3_Reader@@UAEII@Z
?skipChars@StringReader@io@dami@@UAEII@Z
?toString@dami@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@I@Z
?toWString@dami@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBGI@Z
?ucslen@dami@@YAIPBG@Z
?update@ExitTrigger@io@dami@@QAEXXZ
?writeBENumber@io@dami@@YAIAAVID3_Writer@@II@Z
?writeChar@ID3_IOStreamWriter@@UAEFE@Z
?writeChar@ID3_OStreamWriter@@UAEFE@Z
?writeChar@ID3_Writer@@UAEFE@Z
?writeChar@UnsyncedWriter@io@dami@@UAEFE@Z
?writeChars@BStringWriter@io@dami@@UAEIQBDI@Z
?writeChars@BStringWriter@io@dami@@UAEIQBEI@Z
?writeChars@ID3_IOStreamWriter@@UAEIQBDI@Z
?writeChars@ID3_IOStreamWriter@@UAEIQBEI@Z
?writeChars@ID3_MemoryWriter@@UAEIQBDI@Z
?writeChars@ID3_MemoryWriter@@UAEIQBEI@Z
?writeChars@ID3_OStreamWriter@@UAEIQBDI@Z
?writeChars@ID3_OStreamWriter@@UAEIQBEI@Z
?writeChars@ID3_Writer@@UAEIQBDI@Z
?writeChars@StringWriter@io@dami@@UAEIQBDI@Z
?writeChars@StringWriter@io@dami@@UAEIQBEI@Z
?writeChars@UnsyncedWriter@io@dami@@UAEIQBDI@Z
?writeChars@UnsyncedWriter@io@dami@@UAEIQBEI@Z
?writeString@io@dami@@YAIAAVID3_Writer@@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?writeText@io@dami@@YAIAAVID3_Writer@@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?writeTrailingSpaces@io@dami@@YAIAAVID3_Writer@@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@I@Z
?writeUInt28@io@dami@@YAIAAVID3_Writer@@I@Z
?writeUnicodeString@io@dami@@YAIAAVID3_Writer@@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@_N@Z
?writeUnicodeText@io@dami@@YAIAAVID3_Writer@@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@_N@Z
ID3Field_AddASCII
ID3Field_AddUNICODE
ID3Field_Clear
ID3Field_FromFile
ID3Field_GetASCII
ID3Field_GetASCIIItem
ID3Field_GetBINARY
ID3Field_GetINT
ID3Field_GetNumTextItems
ID3Field_GetUNICODE
ID3Field_GetUNICODEItem
ID3Field_SetASCII
ID3Field_SetBINARY
ID3Field_SetINT
ID3Field_SetUNICODE
ID3Field_Size
ID3Field_ToFile
ID3Frame_Clear
ID3Frame_Delete
ID3Frame_GetCompression
ID3Frame_GetField
ID3Frame_GetID
ID3Frame_New
ID3Frame_NewID
ID3Frame_SetCompression
ID3Frame_SetID
ID3TagConstIterator_Delete
ID3TagConstIterator_GetNext
ID3TagIterator_Delete
ID3TagIterator_GetNext
ID3Tag_AddFrame
ID3Tag_AddFrames
ID3Tag_AttachFrame
ID3Tag_Clear
ID3Tag_CreateConstIterator
ID3Tag_CreateIterator
ID3Tag_Delete
ID3Tag_FindFrameWithASCII
ID3Tag_FindFrameWithID
ID3Tag_FindFrameWithINT
ID3Tag_FindFrameWithUNICODE
ID3Tag_HasChanged
ID3Tag_HasTagType
ID3Tag_Link
ID3Tag_LinkWithFlags
ID3Tag_New
ID3Tag_NumFrames
ID3Tag_Parse
ID3Tag_RemoveFrame

Sections

.text
Size: 376KB - Virtual size: 372KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 80KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
FlashGet 3/libem.dll
.dll windows:4 windows x86 arch:x86

a7443f9a62f6ed470c429ba95367328a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\project\ProtKrnl\src\build\libem.pdb

Imports

kernel32

InterlockedExchange
LoadLibraryA
GetSystemDirectoryA
GetWindowsDirectoryA
GetModuleFileNameA
GetModuleHandleA
CompareStringA
ResetEvent
SetThreadPriority
TlsSetValue
TlsGetValue
RaiseException
GetFileSize
WriteFile
SetFilePointer
ReadFile
TerminateThread
DeviceIoControl
GetUserDefaultLangID
WritePrivateProfileStringA
GetPrivateProfileStringA
QueryPerformanceFrequency
QueryPerformanceCounter
GetProcessHeap
HeapAlloc
HeapFree
LocalFree
GetLocalTime
GetTimeZoneInformation
FindClose
lstrlenA
SetUnhandledExceptionFilter
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
ExitProcess
SetThreadLocale
GetSystemDefaultLCID
GetThreadLocale
ResumeThread
FreeResource
Sleep
SetLastError
FreeLibrary
GetLastError
GetTickCount
CreateThread
SetEvent
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
WaitForSingleObject
CloseHandle
LoadResource
LockResource
SizeofResource
SetEnvironmentVariableA
GetDriveTypeA
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
DebugBreak
GetEnvironmentStrings
FreeEnvironmentStringsA
GetConsoleOutputCP
WriteConsoleA
CreateFileA
GetStringTypeA
GetStartupInfoA
SetHandleCount
LCMapStringA
GetStdHandle
VirtualFree
HeapCreate
HeapDestroy
GetCurrentDirectoryA
GetOEMCP
GetACP
HeapSize
SetStdHandle
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
GetCommandLineA
ExitThread
GetDateFormatA
GetTimeFormatA
GetFileType
PeekNamedPipe
GetFileInformationByHandle
GetConsoleMode
GetConsoleCP
HeapReAlloc
GetSystemTimeAsFileTime
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
RtlUnwind
GlobalFlags
InterlockedIncrement
SetErrorMode
TlsFree
LocalReAlloc
TlsAlloc
GlobalHandle
GlobalReAlloc
LocalAlloc
GetFileTime
GlobalUnlock
GlobalLock
GlobalAlloc
SuspendThread
GlobalFree
lstrcmpA
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
DuplicateHandle
InterlockedDecrement
EnumResourceLanguagesW
GetVersion
ConvertDefaultLocale
GetCurrentThread
GlobalDeleteAtom
ReleaseMutex
GetVersionExA
FileTimeToSystemTime
FileTimeToLocalFileTime

advapi32

CryptReleaseContext
CryptGenRandom
RegCloseKey

user32

ValidateRect
GetCursorPos
GetKeyState
GetActiveWindow
TranslateMessage
CallNextHookEx
GetSubMenu
GetMenuItemCount
GetMenuItemID
GetMenuState
CheckMenuItem
EnableMenuItem
GetParent
GetFocus
SetMenuItemBitmaps
GetSystemMetrics
UnhookWindowsHookEx
GetWindow
GetWindowPlacement
IsIconic
SystemParametersInfoA
DestroyWindow
GetDlgCtrlID
PtInRect
CopyRect
AdjustWindowRectEx
GetSysColor
GetMenu
GetClientRect
UpdateWindow
SetForegroundWindow
GetMenuCheckMarkDimensions
MapWindowPoints
GetMessagePos
GetMessageTime
GetTopWindow
GetDlgItem
GetLastActivePopup
GetForegroundWindow
GetCapture
SetCursor
IsWindowEnabled
GetWindowThreadProcessId
ShowWindow
GetSysColorBrush
DestroyMenu
UnregisterClassA
ClientToScreen
GetWindowRect
GetDC
ReleaseDC
PostQuitMessage
IsWindowVisible
SetTimer
KillTimer
IsWindow
SetWindowPos

gdi32

SelectObject
DeleteDC
CreateDIBSection
CreateCompatibleDC
GetDIBits
RealizePalette
RestoreDC
GetClipBox
SaveDC
SetBkColor
CreateBitmap
RectVisible
SetBkMode
SetTextColor
GetStockObject
SetMapMode
PtVisible
Escape
SetViewportOrgEx
OffsetViewportOrgEx
DeleteObject
GetDeviceCaps
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx

winmm

timeBeginPeriod
timeGetTime
timeGetDevCaps

id3lib

?GetMp3HeaderInfo@ID3_Tag@@QBEPBUMp3_Headerinfo@@XZ
??0ID3_Tag@@QAE@PBD@Z
?Link@ID3_Tag@@QAEIPBDG@Z
?Clear@ID3_Tag@@QAEXXZ
?GetField@ID3_Frame@@QBEPAVID3_Field@@W4ID3_FieldID@@@Z
?CreateIterator@ID3_Tag@@QAEPAVIterator@1@XZ
?GetID@ID3_Frame@@QBE?AW4ID3_FrameID@@XZ
??1ID3_Tag@@UAE@XZ

shlwapi

PathMatchSpecW
PathStripPathW
PathFindFileNameW
PathStripToRootW
PathAddBackslashW
PathCanonicalizeW
PathFileExistsW
PathRemoveFileSpecW
PathCombineW
PathFindExtensionW
PathGetArgsW
PathRemoveBackslashW
PathIsUNCW
UrlUnescapeW

ole32

StgOpenStorage
CoTaskMemFree
CoCreateInstance
CoInitialize
CoInitializeSecurity
CoUninitialize

oleaut32

VariantChangeType
SysFreeString
VariantTimeToSystemTime
SystemTimeToVariantTime
VariantInit
VariantClear
SysAllocStringLen

p2pcore

start_p2p_task
delete_p2p_task
p2p_add_share
get_p2phandle_peerinfo
create_p2p_task

wininet

InternetCloseHandle
InternetReadFile
HttpQueryInfoW
InternetGetLastResponseInfoW
InternetOpenUrlW
InternetOpenW
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallbackW
InternetCrackUrlW
InternetCanonicalizeUrlW
InternetQueryOptionW
InternetQueryDataAvailable

winspool.drv

ClosePrinter

Exports

Exports

??0CxFile@@QAE@ABV0@@Z
??0CxFile@@QAE@XZ
??0CxIOFile@@QAE@ABV0@@Z
??0CxIOFile@@QAE@PAU_iobuf@@@Z
??0CxMemFile@@QAE@ABV0@@Z
??1CxFile@@UAE@XZ
??1CxIOFile@@UAE@XZ
??1CxImage@@UAE@XZ
??4Allocator@DLL_Bridge@@QAEAAV01@ABV01@@Z
??4CxFile@@QAEAAV0@ABV0@@Z
??4CxIOFile@@QAEAAV0@ABV0@@Z
??4CxMemFile@@QAEAAV0@ABV0@@Z
??4TypeCasting@DLL_Bridge@@QAEAAV01@ABV01@@Z
??_7CxFile@@6B@
??_7CxIOFile@@6B@
??_7CxImage@@6B@
??_7CxMemFile@@6B@
??_FCxIOFile@@QAEXXZ
??_FCxImage@@QAEXXZ
??_FCxMemFile@@QAEXXZ
??_OCxImage@@QAEXAAV0@@Z
?Close@CxIOFile@@UAE_NXZ
?Eof@CxIOFile@@UAE_NXZ
?Error@CxIOFile@@UAEJXZ
?FileList@TypeCasting@DLL_Bridge@@SA_NPAUBuf_FileList@@PAX@Z
?Flush@CxIOFile@@UAE_NXZ
?GetC@CxIOFile@@UAEJXZ
?GetFileComment@Allocator@DLL_Bridge@@SAPAV?$vector@UBuf_Comment@@V?$allocator@UBuf_Comment@@@std@@@std@@PAX@Z
?GetFileList@Allocator@DLL_Bridge@@SAPAV?$vector@PAXV?$allocator@PAX@std@@@std@@PAX@Z
?GetFileSrcFrom@TypeCasting@DLL_Bridge@@SAXPAXAAUSourceFrom@@@Z
?GetItemGap@Allocator@DLL_Bridge@@SA?AUItemGap@@PAUeMuleTaskItem@@@Z
?GetLogQueue@Allocator@DLL_Bridge@@SAPAV?$deque@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@V?$allocator@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@@std@@XZ
?GetPreference@Allocator@DLL_Bridge@@SA_NPAUMuleOptions@@@Z
?GetS@CxIOFile@@UAEPADPADH@Z
?GetSearchParams@Allocator@DLL_Bridge@@SAPAUeSearchParams@@XZ
?GetServerList@Allocator@DLL_Bridge@@SAPAV?$vector@UeServerItem@@V?$allocator@UeServerItem@@@std@@@std@@XZ
?GetShareDirList@Allocator@DLL_Bridge@@SAPAV?$vector@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@V?$allocator@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@@std@@XZ
?GetShareFile@Allocator@DLL_Bridge@@SAPAV?$vector@PAXV?$allocator@PAX@std@@@std@@XZ
?GetTempFiles@Allocator@DLL_Bridge@@SA_NPAXPA_W@Z
?GetUserList@Allocator@DLL_Bridge@@SAPAV?$vector@UBuf_UserList@@V?$allocator@UBuf_UserList@@@std@@@std@@PAX@Z
?Open@CxIOFile@@QAE_NPB_W0@Z
?PickSearchResult@Allocator@DLL_Bridge@@SAPAV?$vector@UeSearchItem@@V?$allocator@UeSearchItem@@@std@@@std@@K@Z
?PutC@CxFile@@UAE_NE@Z
?PutC@CxIOFile@@UAE_NE@Z
?Read@CxIOFile@@UAEIPAXII@Z
?RefLogQueue@Allocator@DLL_Bridge@@SA_NPAV?$deque@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@V?$allocator@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@@std@@@Z
?RetFileComment@Allocator@DLL_Bridge@@SA_NPAV?$vector@UBuf_Comment@@V?$allocator@UBuf_Comment@@@std@@@std@@@Z
?RetFileList@Allocator@DLL_Bridge@@SA_NPAV?$vector@PAXV?$allocator@PAX@std@@@std@@@Z
?RetItemGap@Allocator@DLL_Bridge@@SA_NUItemGap@@@Z
?RetLogQueue@Allocator@DLL_Bridge@@SA_NPAV?$deque@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@V?$allocator@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@@std@@@Z
?RetSearchParams@Allocator@DLL_Bridge@@SA_NPAUeSearchParams@@@Z
?RetSearchResult@Allocator@DLL_Bridge@@SA_NPAV?$vector@UeSearchItem@@V?$allocator@UeSearchItem@@@std@@@std@@@Z
?RetServerList@Allocator@DLL_Bridge@@SA_NPAV?$vector@UeServerItem@@V?$allocator@UeServerItem@@@std@@@std@@@Z
?RetShareDirList@Allocator@DLL_Bridge@@SA_NPAV?$vector@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@V?$allocator@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@@std@@@Z
?RetShareFile@Allocator@DLL_Bridge@@SA_NPAV?$vector@PAXV?$allocator@PAX@std@@@std@@@Z
?RetUserList@Allocator@DLL_Bridge@@SA_NPAV?$vector@UBuf_UserList@@V?$allocator@UBuf_UserList@@@std@@@std@@@Z
?Scanf@CxIOFile@@UAEJPBDPAX@Z
?SearchItem@TypeCasting@DLL_Bridge@@SA_NPAUBuf_SearchItem@@PAUeSearchItem@@@Z
?Seek@CxIOFile@@UAE_NJH@Z
?ServerItem@TypeCasting@DLL_Bridge@@SA_NPAUBuf_ServerItem@@PAX@Z
?SetPreference@Allocator@DLL_Bridge@@SA_NPAUMuleOptions@@@Z
?ShareFile@TypeCasting@DLL_Bridge@@SA_NPAUBuf_ShareFile@@PAX@Z
?ShareInfo@TypeCasting@DLL_Bridge@@SA_NPAUBuf_ShareInfo@@PAX@Z
?Size@CxIOFile@@UAEJXZ
?TaskItem@TypeCasting@DLL_Bridge@@SA_NPAUBUF_TASKITEM@@PAUeMuleTaskItem@@@Z
?Tell@CxIOFile@@UAEJXZ
?UpdownClient@TypeCasting@DLL_Bridge@@SA_NPAUBuf_UserList@@PAX@Z
?UploadItem@TypeCasting@DLL_Bridge@@SA_NPAUBuf_UploadItem@@PAX@Z
?Write@CxIOFile@@UAEIPBXII@Z
edCompleteFileByLink
edDeleteFile
edDeleteFileByLink
edGetCoreInfo
edGetLinkBySearch
edGetLinkByServer
edGetLinkByShare
edGetPort
edGetPreference
edGetTotalTransfer
edGetUploadList
edGetUploadSpeed
edInit
edInitHookedFile
edIsFileExist
edIsFirewalled
edIsLowID
edIsPartFile
edIsReady
edIsRunning
edRelease
edSendExitMsg
edSetLog
edSetPreference
edStart
edStartMsgPump
edStop
edStringConv
kadBootstrap
kadDisconnect
kadIsConnected
kadIsConnecting
prefAddDefaultDir
prefGetListenPort
shrGetShareByLink
shrGetSharePriority
shrResetShareDir
shrSetSharePriority
srchRemoveResult
srchSetWnd
srchStartNewSearch
svrAddServer
svrAddServerToStatic
svrConnectToAnyServer
svrConnectToServer
svrDisconnect
svrGetServerCount
svrGetServerInfo
svrGetServerList
svrIsConnected
svrIsConnecting
svrRemoveAllServer
svrRemoveServer
svrRemoveServerFromStatic
svrServerPriority
svrSetWnd
svrStopConnectionTry
taskFinish
taskGetGapList
taskGetItemInfo
taskGetLogLine
taskGetRequestList
taskGetUserList
taskIsCompleted
taskIsPaused
taskIsStarted
taskIsStopped
taskPause
taskPreview
taskReadyPreview
taskStart
taskStop
trfsAddED2KLink
trfsAddHookedLink
trfsDownloadSearchFile
trfsGetTaskByLink
trfsGetTaskPriority
trfsLoadHookedLink
trfsSetPriority

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 420KB - Virtual size: 418KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 228KB - Virtual size: 227KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 148KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
FlashGet 3/lst_tz.bin
FlashGet 3/pncrt.dll
.dll windows:4 windows x86 arch:x86

828907b7a8ec04c9c4031e40ef2f76ec

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetFilePointer
RtlUnwind
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
SetUnhandledExceptionFilter
GetModuleFileNameA
GetModuleFileNameW
ExitProcess
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
GetCommandLineA
GetVersion
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetLastError
ResumeThread
CreateThread
TlsSetValue
ExitThread
CloseHandle
GetCurrentThreadId
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetCurrentThread
FindNextFileA
FindFirstFileA
FindClose
FindNextFileW
FindFirstFileW
HeapFree
HeapAlloc
HeapReAlloc
HeapValidate
HeapSize
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
SetHandleCount
GetFileType
GetStartupInfoA
GetCPInfo
GetACP
GetOEMCP
GetProcAddress
LoadLibraryA
MultiByteToWideChar
GetCommandLineW
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WideCharToMultiByte
UnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetConsoleCtrlHandler
SetEnvironmentVariableW
InterlockedDecrement
InterlockedIncrement
FlushFileBuffers
RaiseException
SetStdHandle
Sleep
CompareStringA
CompareStringW
GetLocaleInfoA
GetLocaleInfoW
IsValidLocale
IsValidCodePage
EnumSystemLocalesA
GetUserDefaultLCID
GetVersionExA
GetTimeZoneInformation
SetEnvironmentVariableA
Beep
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDiskFreeSpaceA
GetLogicalDrives
SetErrorMode
GetFileAttributesA
GetCurrentDirectoryA
SetCurrentDirectoryA
SetFileAttributesA
GetFullPathNameA
GetDriveTypeA
GetCurrentProcessId
CreateDirectoryA
RemoveDirectoryA
DeleteFileA
GetFileAttributesW
GetCurrentDirectoryW
SetCurrentDirectoryW
SetFileAttributesW
GetFullPathNameW
CreateDirectoryW
DeleteFileW
MoveFileW
RemoveDirectoryW
GetDriveTypeW
MoveFileA
GetExitCodeProcess
WaitForSingleObject
FreeLibrary
CreateProcessA
CreateProcessW
HeapCompact
HeapWalk
ReadConsoleA
SetConsoleMode
GetConsoleMode
SetEndOfFile
WriteConsoleA
DuplicateHandle
GetFileInformationByHandle
PeekNamedPipe
ReadConsoleInputA
PeekConsoleInputA
GetNumberOfConsoleInputEvents
LockFile
UnlockFile
CreateFileA
CreatePipe
ReadFile
CreateFileW
GetLocalTime
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
SetLocalTime
GetSystemTime
GetModuleHandleA

Exports

Exports

$I10_OUTPUT
??0__non_rtti_object@@QAE@ABV0@@Z
??0__non_rtti_object@@QAE@PBD@Z
??0bad_cast@@QAE@ABQBD@Z
??0bad_cast@@QAE@ABV0@@Z
??0bad_typeid@@QAE@ABV0@@Z
??0bad_typeid@@QAE@PBD@Z
??0exception@@QAE@ABQBD@Z
??0exception@@QAE@ABV0@@Z
??0exception@@QAE@XZ
??1__non_rtti_object@@UAE@XZ
??1bad_cast@@UAE@XZ
??1bad_typeid@@UAE@XZ
??1exception@@UAE@XZ
??1type_info@@UAE@XZ
??2@YAPAXI@Z
??3@YAXPAX@Z
??4__non_rtti_object@@QAEAAV0@ABV0@@Z
??4bad_cast@@QAEAAV0@ABV0@@Z
??4bad_typeid@@QAEAAV0@ABV0@@Z
??4exception@@QAEAAV0@ABV0@@Z
??8type_info@@QBEHABV0@@Z
??9type_info@@QBEHABV0@@Z
??_7__non_rtti_object@@6B@
??_7bad_cast@@6B@
??_7bad_typeid@@6B@
??_7exception@@6B@
??_E__non_rtti_object@@UAEPAXI@Z
??_Ebad_cast@@UAEPAXI@Z
??_Ebad_typeid@@UAEPAXI@Z
??_Eexception@@UAEPAXI@Z
??_G__non_rtti_object@@UAEPAXI@Z
??_Gbad_cast@@UAEPAXI@Z
??_Gbad_typeid@@UAEPAXI@Z
??_Gexception@@UAEPAXI@Z
?_query_new_handler@@YAP6AHI@ZXZ
?_query_new_mode@@YAHXZ
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
?_set_new_mode@@YAHH@Z
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
?before@type_info@@QBEHABV1@@Z
?name@type_info@@QBEPBDXZ
?raw_name@type_info@@QBEPBDXZ
?set_new_handler@@YAP6AXXZP6AXXZ@Z
?set_terminate@@YAP6AXXZP6AXXZ@Z
?set_unexpected@@YAP6AXXZP6AXXZ@Z
?terminate@@YAXXZ
?unexpected@@YAXXZ
?what@exception@@UBEPBDXZ
SetUserHeapAlloc
SetUserHeapCalloc
SetUserHeapFree
SetUserHeapReAlloc
SetUserHeapSize
SetUserHeapValidate
_CIacos
_CIasin
_CIatan
_CIatan2
_CIcos
_CIcosh
_CIexp
_CIfmod
_CIlog
_CIlog10
_CIpow
_CIsin
_CIsinh
_CIsqrt
_CItan
_CItanh
_CrtHeapAlloc
_CrtHeapCalloc
_CrtHeapFree
_CrtHeapReAlloc
_CrtHeapSize
_CrtHeapValidate
_CxxThrowException
_EH_prolog
_Getdays
_Getmonths
_Gettnames
_HUGE
_Strftime
_XcptFilter
__CxxFrameHandler
__CxxLongjmpUnwind
__RTCastToVoid
__RTDynamicCast
__RTtypeid
__STRINGTOLD
__argc
__argv
__badioinfo
__crtCompareStringA
__crtGetLocaleInfoW
__crtLCMapStringA
__dllonexit
__doserrno
__fpecode
__getmainargs
__initenv
__isascii
__iscsym
__iscsymf
__lc_codepage
__lc_handle
__lconv_init
__mb_cur_max
__p___argc
__p___argv
__p___initenv
__p___mb_cur_max
__p___wargv
__p___winitenv
__p__acmdln
__p__amblksiz
__p__commode
__p__daylight
__p__dstbias
__p__environ
__p__fileinfo
__p__fmode
__p__iob
__p__mbcasemap
__p__mbctype
__p__osver
__p__pctype
__p__pgmptr
__p__pwctype
__p__timezone
__p__tzname
__p__wcmdln
__p__wenviron
__p__winmajor
__p__winminor
__p__winver
__p__wpgmptr
__pioinfo
__pxcptinfoptrs
__set_app_type
__setlc_active
__setusermatherr
__threadhandle
__threadid
__toascii
__unDName
__unguarded_readlc_active
__wargv
__wgetmainargs
__winitenv
_abnormal_termination
_access
_acmdln
_adj_fdiv_m16i
_adj_fdiv_m32
_adj_fdiv_m32i
_adj_fdiv_m64
_adj_fdiv_r
_adj_fdivr_m16i
_adj_fdivr_m32
_adj_fdivr_m32i
_adj_fdivr_m64
_adj_fpatan
_adj_fprem
_adj_fprem1
_adj_fptan
_adjust_fdiv
_aexit_rtn
_amsg_exit
_assert
_atodbl
_atoi64
_atoldbl
_beep
_beginthread
_beginthreadex
_c_exit
_cabs
_callnewh
_cexit
_cgets
_chdir
_chdrive
_chgsign
_chmod
_chsize
_clearfp
_close
_commit
_commode
_control87
_controlfp
_copysign
_cprintf
_cputs
_creat
_cscanf
_ctype
_cwait
_daylight
_dstbias
_dup
_dup2
_ecvt
_endthread
_endthreadex
_environ
_eof
_errno
_except_handler2
_except_handler3
_execl
_execle
_execlp
_execlpe
_execv
_execve
_execvp
_execvpe
_exit
_expand
_fcloseall
_fcvt
_fdopen
_fgetchar
_fgetwchar
_filbuf
_fileinfo
_filelength
_filelengthi64
_fileno
_findclose
_findfirst
_findfirsti64
_findnext
_findnexti64
_finite
_flsbuf
_flushall
_fmode
_fpclass
_fpieee_flt
_fpreset
_fputchar
_fputwchar
_fsopen
_fstat
_fstati64
_ftime
_ftol
_fullpath
_futime
_gcvt
_get_osfhandle
_get_sbh_threshold
_getch
_getche
_getcwd
_getdcwd
_getdiskfree
_getdllprocaddr
_getdrive
_getdrives
_getmaxstdio
_getmbcp
_getpid
_getsystime
_getw
_getws
_global_unwind2
_heapadd
_heapchk
_heapmin
_heapset
_heapused
_heapwalk
_hypot
_i64toa
_i64tow
_initterm
_inp
_inpd
_inpw
_iob
_isatty
_isctype
_ismbbalnum
_ismbbalpha
_ismbbgraph
_ismbbkalnum
_ismbbkana
_ismbbkprint
_ismbbkpunct
_ismbblead
_ismbbprint
_ismbbpunct
_ismbbtrail
_ismbcalnum
_ismbcalpha
_ismbcdigit
_ismbcgraph
_ismbchira
_ismbckata
_ismbcl0
_ismbcl1
_ismbcl2
_ismbclegal
_ismbclower
_ismbcprint
_ismbcpunct
_ismbcspace
_ismbcsymbol
_ismbcupper
_ismbslead
_ismbstrail
_isnan
_itoa
_itow
_j0
_j1
_jn
_kbhit
_lfind
_loaddll
_local_unwind2
_lock
_locking
_logb
_longjmpex
_lrotl
_lrotr
_lsearch
_lseek
_lseeki64
_ltoa
_ltow
_makepath
_mbbtombc
_mbbtype
_mbcasemap
_mbccpy
_mbcjistojms
_mbcjmstojis
_mbclen
_mbctohira
_mbctokata
_mbctolower
_mbctombb
_mbctoupper
_mbctype
_mbsbtype
_mbscat
_mbschr
_mbscmp
_mbscoll
_mbscpy
_mbscspn
_mbsdec
_mbsdup
_mbsicmp
_mbsicoll
_mbsinc
_mbslen
_mbslwr
_mbsnbcat
_mbsnbcmp
_mbsnbcnt
_mbsnbcoll
_mbsnbcpy
_mbsnbicmp
_mbsnbicoll
_mbsnbset
_mbsncat
_mbsnccnt
_mbsncmp
_mbsncoll
_mbsncpy
_mbsnextc
_mbsnicmp
_mbsnicoll
_mbsninc
_mbsnset
_mbspbrk
_mbsrchr
_mbsrev
_mbsset
_mbsspn
_mbsspnp
_mbsstr
_mbstok
_mbstrlen
_mbsupr
_memccpy
_memicmp
_mkdir
_mktemp
_msize
_nextafter
_onexit
_open
_open_osfhandle
_osver
_outp
_outpd
_outpw
_pclose
_pctype
_pgmptr
_pipe
_popen
_purecall
_putch
_putenv
_putw
_putws
_pwctype
_read
_rmdir
_rmtmp
_rotl
_rotr
_safe_fdiv
_safe_fdivr
_safe_fprem
_safe_fprem1
_scalb
_searchenv
_seh_longjmp_unwind
_set_error_mode
_set_sbh_threshold
_seterrormode
_setjmp
_setjmp3
_setmaxstdio
_setmbcp
_setmode
_setsystime
_sleep
_snprintf
_snwprintf
_sopen
_spawnl
_spawnle
_spawnlp
_spawnlpe
_spawnv
_spawnve
_spawnvp
_spawnvpe
_splitpath
_stat
_stati64
_statusfp
_strcmpi
_strdate
_strdup
_strerror
_stricmp
_stricoll
_strlwr
_strncoll
_strnicmp
_strnicoll
_strnset
_strrev
_strset
_strtime
_strupr
_swab
_sys_errlist
_sys_nerr
_tell
_telli64
_tempnam
_timezone
_tolower
_toupper
_tzname
_tzset
_ui64toa
_ui64tow
_ultoa
_ultow
_umask
_ungetch
_unlink
_unloaddll
_unlock
_utime
_vsnprintf
_vsnwprintf
_waccess
_wasctime
_wchdir
_wchmod
_wcmdln
_wcreat
_wcsdup
_wcsicmp

Sections

.text
Size: 212KB - Virtual size: 211KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 896B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
FlashGet 3/pstat.dat
FlashGet 3/skin/blue/image/toolbar_backgrand.png
.png
FlashGet 3/skin/default/BarSet.png
.png
FlashGet 3/skin/default/image/SuspendLogo.png
.png
FlashGet 3/skin/default/image/SuspendNoLogo.png
.png
FlashGet 3/skin/default/image/VistaStyleListItems.bmp
FlashGet 3/skin/default/image/btn_check.png
.png
FlashGet 3/skin/default/image/btn_normal.png
.png
FlashGet 3/skin/default/image/btn_radio.png
.png
FlashGet 3/skin/default/image/desktoplink.ico
FlashGet 3/skin/default/image/login_line.png
.png
FlashGet 3/skin/default/image/menu_icon.png
.png
FlashGet 3/skin/default/image/option_line.png
.png
FlashGet 3/skin/default/image/option_page_line.png
.png
FlashGet 3/skin/default/image/skin.png
.png
FlashGet 3/skin/default/image/statusbar_ad_bk.png
.png
FlashGet 3/skin/default/image/statusbar_ad_bk_long.png
.png
FlashGet 3/skin/default/image/toolbar_backgrand.png
.png
FlashGet 3/skin/default/image/toolbar_cancle.png
.png
FlashGet 3/skin/default/image/toolbar_catgroy.png
.png
FlashGet 3/skin/default/image/toolbar_group.png
.png
FlashGet 3/skin/default/image/toolbar_new.png
.png
FlashGet 3/skin/default/image/toolbar_open.png
.png
FlashGet 3/skin/default/image/toolbar_option.png
.png
FlashGet 3/skin/default/image/toolbar_pause.png
.png
FlashGet 3/skin/default/image/toolbar_recly.png
.png
FlashGet 3/skin/default/image/toolbar_start.png
.png
FlashGet 3/skin/default/image/toolbarbutton_left.png
.png
FlashGet 3/skin/default/image/toolbarbutton_middle.png
.png
FlashGet 3/skin/default/image/toolbarbutton_right.png
.png
FlashGet 3/skin/default/image/top_logotitle.gif
.gif
FlashGet 3/skin/default/image/torrent.ico
FlashGet 3/skin/default/image/userinfo_head.png
.png
FlashGet 3/skin/default/preview.png
.png
FlashGet 3/skin/default/skin.xml
.xml
FlashGet 3/skin/default/sound/loginfailed.wav
FlashGet 3/skin/default/sound/loginsucc.wav
FlashGet 3/skin/default/sound/msgnotify.wav
FlashGet 3/skin/default/sound/notify.wav
FlashGet 3/skin/default/topmain.png
.png
FlashGet 3/skin/default/tray_bk.png
.png
FlashGet 3/skin/default/tray_icon.png
.png
FlashGet 3/skin/red/image/toolbar_backgrand.png
.png
FlashGet 3/skin/white/image/toolbar_backgrand.png
.png
FlashGet 3/storage.dll
.dll windows:4 windows x86 arch:x86

cc5dbbcb9a0ef8c437b327072fc56053

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetFileAttributesA
Sleep
InterlockedExchange
GetLastError
MoveFileA
MoveFileExA
CloseHandle
FlushFileBuffers
SetEndOfFile
WriteFile
SetFilePointer
CreateFileA
GetSystemTime
GetFileInformationByHandle
GetTempPathA
GetVersion
GetSystemInfo
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
OpenFileMappingA
RtlUnwind
HeapFree
RaiseException
InterlockedDecrement
InterlockedIncrement
GetCommandLineA
HeapAlloc
HeapReAlloc
SetStdHandle
GetFileType
FileTimeToSystemTime
FileTimeToLocalFileTime
PeekNamedPipe
GetTimeZoneInformation
GetLocalTime
GetCurrentDirectoryA
GetFullPathNameA
GetDriveTypeA
GetSystemTimeAsFileTime
FindFirstFileA
FindNextFileA
FindClose
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetCurrentThread
GetModuleHandleA
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
ExitProcess
FatalAppExitA
TerminateProcess
GetCurrentProcess
HeapSize
SetUnhandledExceptionFilter
GetProcAddress
ReadFile
SetHandleCount
GetStdHandle
GetStartupInfoA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
UnhandledExceptionFilter
GetCPInfo
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
GetACP
GetOEMCP
LoadLibraryA
CompareStringA
CompareStringW
SetEnvironmentVariableA
SetConsoleCtrlHandler
GetLocaleInfoW
GetCurrentProcessId
DeleteFileA
SetCurrentDirectoryA

Exports

Exports

ExportFGXStorage

Sections

.text
Size: 500KB - Virtual size: 497KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 992B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
FlashGet 3/unrar.dll
.dll windows:4 windows x86 arch:x86

244d2f9772f4886a651db44514a2a29b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
SetFileSecurityA
SetFileSecurityW

kernel32

CloseHandle
CompareStringA
CompareStringW
CreateDirectoryA
CreateDirectoryW
CreateFileA
CreateFileW
DeleteFileA
DeleteFileW
DeviceIoControl
ExitProcess
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstFileA
FindFirstFileW
FindNextFileA
FindNextFileW
FreeEnvironmentStringsA
FreeLibrary
GetACP
GetCPInfo
GetCurrentProcess
GetCurrentThreadId
GetEnvironmentStrings
GetFileAttributesA
GetFileAttributesW
GetFileType
GetFullPathNameA
GetLastError
GetLocalTime
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetProcAddress
GetProcessHeap
GetStartupInfoA
GetStdHandle
GetStringTypeW
GetVersion
GetVersionExA
GlobalMemoryStatus
HeapAlloc
HeapFree
IsDBCSLeadByte
LCMapStringA
LoadLibraryA
LocalFileTimeToFileTime
MoveFileA
MultiByteToWideChar
RaiseException
ReadFile
RtlUnwind
SetConsoleCtrlHandler
SetEndOfFile
SetFileAttributesA
SetFileAttributesW
SetFilePointer
SetFileTime
SetHandleCount
Sleep
SystemTimeToFileTime
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
WideCharToMultiByte
WriteFile

user32

CharLowerA
CharLowerW
CharToOemA
CharToOemBuffA
CharUpperA
CharUpperW
EnumThreadWindows
MessageBoxA
OemToCharA
OemToCharBuffA
wsprintfA

Exports

Exports

RARCloseArchive
RARGetDllVersion
RAROpenArchive
RAROpenArchiveEx
RARProcessFile
RARProcessFileW
RARReadHeader
RARReadHeaderEx
RARSetCallback
RARSetChangeVolProc
RARSetPassword
RARSetProcessDataProc
___CPPdebugHook

Sections

.text
Size: 134KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
FlashGet 3/zlib.dll
.dll windows:4 windows x86 arch:x86

e5c5650f0b0c0414d7e983aacdedc6c6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

crtdll

fwrite
fread
_errno
fclose
free
vsprintf
fflush
fseek
rewind
fputc
malloc
ftell
fprintf
_fdopen
fopen
sprintf
calloc
_initterm

kernel32

GlobalAlloc
GetVersion
GlobalFree

Exports

Exports

adler32
compress
compress2
crc32
deflate
deflateCopy
deflateEnd
deflateInit2_
deflateInit_
deflateParams
deflateReset
deflateSetDictionary
get_crc_table
gzclose
gzdopen
gzeof
gzerror
gzflush
gzgetc
gzgets
gzopen
gzprintf
gzputc
gzputs
gzread
gzrewind
gzseek
gzsetparams
gztell
gzwrite
inflate
inflateEnd
inflateInit2_
inflateInit_
inflateReset
inflateSetDictionary
inflateSync
inflateSyncPoint
uncompress
unzClose
unzCloseCurrentFile
unzGetCurrentFileInfo
unzGetGlobalComment
unzGetGlobalInfo
unzGetLocalExtrafield
unzGoToFirstFile
unzGoToNextFile
unzLocateFile
unzOpen
unzOpen2
unzOpenCurrentFile
unzOpenCurrentFile2
unzReadCurrentFile
unzStringFileNameCompare
unzeof
unztell
zError
zipClose
zipCloseFileInZip
zipCloseFileInZipRaw
zipOpen
zipOpenNewFileInZip
zipOpenNewFileInZip2
zipWriteInFileInZip
zlibVersion

Sections

.text
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 880B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 692B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
FlashGet 3/新云软件.url
.url

Sharing

General

Malware Config

Signatures

Files

1c042238f43557c055fca8642de8a074

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 25KB - Virtual size: 25KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 3KB - Virtual size: 296KB

.ndata Size: - Virtual size: 360KB

.rsrc Size: 88KB - Virtual size: 88KB

0ece15e7d9bb35972aec701f46192460

Headers

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: 1KB - Virtual size: 1KB

.rdata Size: 512B - Virtual size: 503B

.data Size: 512B - Virtual size: 128B

.reloc Size: 512B - Virtual size: 220B

0b51ce6ce6bf8d5c68b3ea9f3ac1bf2c

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comdlg32

ole32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 6KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 2KB - Virtual size: 10KB

.rsrc Size: 512B - Virtual size: 152B

.reloc Size: 1KB - Virtual size: 1KB

153027ec3b10bcea606b777657dd3402

Headers

File Characteristics

Imports

kernel32

msvcrt

Exports

Exports

Sections

.text Size: 2KB - Virtual size: 2KB

.reloc Size: 512B - Virtual size: 172B

4ec328f99bdd944fc98d8a5cf11f7a62

Headers

File Characteristics

Imports

kernel32

user32

ole32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 7KB

.rdata Size: 1024B - Virtual size: 784B

.data Size: 512B - Virtual size: 92B

.reloc Size: 512B - Virtual size: 446B

5b9be84907034b8f0152e51177ceafc3

.text
Size: 25KB - Virtual size: 25KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 3KB - Virtual size: 296KB

.ndata
Size: - Virtual size: 360KB

.rsrc
Size: 88KB - Virtual size: 88KB

.text
Size: 1KB - Virtual size: 1KB

.rdata
Size: 512B - Virtual size: 503B

.data
Size: 512B - Virtual size: 128B

.reloc
Size: 512B - Virtual size: 220B

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 10KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1KB - Virtual size: 1KB

.text
Size: 2KB - Virtual size: 2KB

.reloc
Size: 512B - Virtual size: 172B

.text
Size: 7KB - Virtual size: 7KB

.rdata
Size: 1024B - Virtual size: 784B

.data
Size: 512B - Virtual size: 92B

.reloc
Size: 512B - Virtual size: 446B

.text
Size: 2KB - Virtual size: 2KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 276B

.reloc
Size: 512B - Virtual size: 256B

.text
Size: 360KB - Virtual size: 356KB

.rdata
Size: 40KB - Virtual size: 39KB

.data
Size: 36KB - Virtual size: 45KB

.rsrc
Size: 28KB - Virtual size: 27KB

.text
Size: 32KB - Virtual size: 29KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 968B

.reloc
Size: 4KB - Virtual size: 2KB

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

15:e8:ac:e7:89:3d:48:73:8c:35:06:a5:02:ac:63:8d
Certificate