9b4959d9e09b31ff0348023375ee75ec

Sharing

Copy URL Twitter E-mail

General

Target

9b4959d9e09b31ff0348023375ee75ec
Size

11.7MB
MD5

9b4959d9e09b31ff0348023375ee75ec
SHA1

8b65bb0ba315a3b59761f87453e3a7c2faf4ce86
SHA256

2f4b09f02eb86ae447160188516b9946809aee3153ec14fa8cb4c2f56dd23701
SHA512

539a501182fe9ed1ec55402fa69cfbe46c55a07db7aa1a89c69bd409ef13e9077c8040e44a459e32c919c2000be8e9f3f1f38a453e26099f11edd22321b49596
SSDEEP

196608:p+VkM5DYkgf4SkhMqeNFoyf7+peMK1tEFGNlEW0CcdZln5LtY/3yw1W4XpCgAUJ4:p4kcYHqMnip09lE5CcZtm/i8CgA4KxJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 3 IoCs

Checks for missing Authenticode signature.

resource
unpack001/GBox/GBox/gbmanager.YK001
unpack001/GBox/GBox/gbox.YK000
unpack001/GBox/GBox/unins000.YK000

Files

9b4959d9e09b31ff0348023375ee75ec
.rar
GBox/GBox/UnInstall.YK000
.exe windows:5 windows x86 arch:x86

8d14b914b780ff4ce65f0d41e0e884b2

Code Sign

33:65:50:08:79:ad:73:e2:30:b9:e0:1d:0d:7f:ac:91
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

17/11/2006, 00:00

Not After

30/12/2020, 23:59

Subject

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

09:7e:d4:aa:54:da:96:dd:a0:b6:31:ef:1d:ce:7f:03
Certificate

Issuer

CN=Thawte Code Signing CA - G2,O=Thawte\, Inc.,C=US

Not Before

27/11/2012, 00:00

Not After

27/11/2013, 23:59

Subject

CN=Wuhan Yu Ku of Network Technology Co.\, Ltd,OU=Ministry of Technology,O=Wuhan Yu Ku of Network Technology Co.\, Ltd,L=wuhan,ST=hubei,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10/05/2010, 00:00

Not After

10/05/2015, 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:97:4d:78:73:a5:bc:ab:0d:2f:b3:70:19:2f:ce:5e
Certificate

Issuer

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=Thawte Code Signing CA - G2,O=Thawte\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

31:7f:66:d1:d6:c1:b5:c4:af:33:49:1f:4b:4b:c1:dc:67:3e:72:6d
Signer

Actual PE Digest

31:7f:66:d1:d6:c1:b5:c4:af:33:49:1f:4b:4b:c1:dc:67:3e:72:6d

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Backup\我的文档\Visual Studio 2010\Projects\AutoPackTool\99UnInstall-For2012\Release\XKUnInstall.pdb

Imports

kernel32

InitializeCriticalSection
LocalFree
CreateThread
SetFileAttributesW
FindNextFileW
FindClose
FindFirstFileW
DeleteCriticalSection
lstrcmpiW
EnterCriticalSection
GetProcAddress
RaiseException
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
LoadLibraryW
GetModuleHandleW
InterlockedDecrement
InterlockedIncrement
LoadLibraryExW
FreeLibrary
GetCurrentProcessId
DeleteFileW
CloseHandle
RemoveDirectoryW
LockResource
GetLastError
GetTempPathW
lstrlenW
MultiByteToWideChar
CreateFileW
GetModuleFileNameW
SizeofResource
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
GetCurrentDirectoryW
SetCurrentDirectoryW
GetTickCount
GetACP
FreeResource
ExitProcess
GetFileSize
ReadFile
DosDateTimeToFileTime
SetFilePointer
SystemTimeToFileTime
GetCurrentProcess
WriteFile
GetFileType
DuplicateHandle
MulDiv
EncodePointer
DecodePointer
GetCommandLineA
HeapSetInformation
GetStartupInfoW
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlUnwind
HeapCreate
GetStdHandle
Sleep
GetLocaleInfoW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
GetCPInfo
GetOEMCP
IsValidCodePage
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
QueryPerformanceCounter
IsProcessorFeaturePresent
LCMapStringW
GetStringTypeW
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
SetStdHandle
FlushFileBuffers
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
SetEndOfFile
WriteConsoleW
CompareStringW
SetEnvironmentVariableA
CopyFileW
WideCharToMultiByte
OpenProcess
WaitForSingleObject
CreateProcessW
LoadResource
FindResourceW
FindResourceExW
lstrlenA

user32

GetUpdateRect
BeginPaint
EndPaint
IsRectEmpty
InvalidateRect
MapWindowPoints
GetCursorPos
GetFocus
SetTimer
KillTimer
SetCapture
ReleaseCapture
PtInRect
LoadIconW
LoadStringW
OffsetRect
InflateRect
UnionRect
wvsprintfW
SetCursor
GetMonitorInfoW
MonitorFromWindow
IsZoomed
MessageBoxW
IntersectRect
CreateCaret
ShowCaret
GetKeyState
SetCaretPos
ClientToScreen
GetMenu
FillRect
DrawTextW
SetRect
CharPrevW
SetWindowTextW
GetWindowTextLengthW
GetWindowTextW
InvalidateRgn
CreateAcceleratorTableW
MoveWindow
TranslateMessage
SetFocus
GetMessageW
EnableWindow
GetWindow
IsWindow
SetWindowLongW
CreateWindowExW
DefWindowProcW
AdjustWindowRectEx
DispatchMessageW
PostMessageW
GetPropW
wsprintfW
GetDC
ReleaseDC
HideCaret
DestroyWindow
SetPropW
CallWindowProcW
GetWindowLongW
ShowWindow
CharNextW
GetClientRect
IsIconic
PostQuitMessage
GetWindowRect
RegisterClassExW
GetClassInfoExW
RegisterClassW
LoadCursorW
GetSystemMetrics
LoadImageW
SetWindowPos
SystemParametersInfoW
GetParent
SendMessageW
SetWindowRgn
ScreenToClient
GetSysColor

gdi32

CreateRectRgn
GetPixel
CombineRgn
PtInRegion
GetDeviceCaps
SelectClipRgn
GetClipBox
CreateRectRgnIndirect
ExtSelectClipRgn
CreateDIBSection
StretchBlt
SetStretchBltMode
SetBkColor
CreateSolidBrush
CreatePenIndirect
MoveToEx
LineTo
RoundRect
SetBkMode
SetTextColor
GetCharABCWidthsW
SaveDC
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
DeleteDC
CreatePen
GetObjectW
SetWindowOrgEx
Rectangle
BitBlt
RestoreDC
GetObjectA
GdiFlush
TextOutW
GetTextExtentPoint32W
CreateRoundRectRgn
DeleteObject
CreateFontIndirectW
GetStockObject
ExtTextOutW
GetTextMetricsW

advapi32

RegCloseKey
RegDeleteValueW
RegQueryValueExW
RegSetValueExW
RegCreateKeyExW
RegQueryInfoKeyW
RegDeleteKeyW
RegEnumKeyExW
RegOpenKeyExW

shell32

SHGetPathFromIDListW
SHGetMalloc
SHGetSpecialFolderLocation
SHFileOperationW
ShellExecuteW
Shell_NotifyIconW

ole32

CoTaskMemAlloc
CoTaskMemFree
OleUninitialize
OleInitialize
CoTaskMemRealloc
CoCreateInstance
CoInitialize
CoUninitialize
CLSIDFromProgID
CLSIDFromString
OleLockRunning

oleaut32

SysFreeString
VarUI4FromStr
SysAllocString
VariantInit
VariantClear

shlwapi

PathFileExistsW
SHDeleteKeyW

wininet

InternetReadFile
InternetOpenUrlW
InternetOpenW
InternetCloseHandle

winmm

timeSetEvent
timeKillEvent
timeEndPeriod
timeGetDevCaps
timeBeginPeriod

comctl32

ord17
ImageList_LoadImageW
ImageList_GetIcon
_TrackMouseEvent

gdiplus

GdipDrawString
GdipCloneBrush
GdipAlloc
GdipFree
GdipDeleteBrush
GdiplusStartup
GdiplusShutdown
GdipCreateFontFromDC
GdipCreateFontFromLogfontA
GdipDeleteFont
GdipCreateFromHDC
GdipDeleteGraphics
GdipSetTextRenderingHint
GdipCreateStringFormat
GdipDeleteStringFormat
GdipSetStringFormatAlign
GdipSetStringFormatLineAlign
GdipCreateLineBrushI

Exports

Exports

??0?$CDelegate@VCCalendarUI@UiLib@@V12@J@UiLib@@QAE@ABV01@@Z
??0?$CDelegate@VCCalendarUI@UiLib@@V12@J@UiLib@@QAE@PAVCCalendarUI@1@P821@AE_NPAUtagTNotifyUI@1@JI@ZPB_WJI@Z
??0?$CDelegate@VCControlUI@UiLib@@V12@PAUtagTActionGroup@2@@UiLib@@QAE@ABV01@@Z
??0?$CDelegate@VCControlUI@UiLib@@V12@PAUtagTActionGroup@2@@UiLib@@QAE@PAVCControlUI@1@P821@AE_NPAUtagTEventUI@1@PAUtagTActionGroup@1@I@ZI2I@Z
??0?$CDelegate@VCControlUI@UiLib@@V12@PAUtagTActionGroup@2@@UiLib@@QAE@PAVCControlUI@1@P821@AE_NPAUtagTNotifyUI@1@PAUtagTActionGroup@1@I@ZPB_W2I@Z
??0?$CDelegate@VCTreeViewUI@UiLib@@V12@J@UiLib@@QAE@ABV01@@Z
??0?$CDelegate@VCTreeViewUI@UiLib@@V12@J@UiLib@@QAE@PAVCTreeViewUI@1@P821@AE_NPAUtagTNotifyUI@1@JI@ZPB_WJI@Z
??0?$DelegatingObject@VCActiveXCtrl@UiLib@@@UiLib@@QAE@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0?$DelegatingObject@VCButtonUI@UiLib@@@UiLib@@QAE@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0?$DelegatingObject@VCCalendarUI@UiLib@@@UiLib@@QAE@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0?$DelegatingObject@VCChartViewUI@UiLib@@@UiLib@@QAE@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0?$DelegatingObject@VCCheckBoxUI@UiLib@@@UiLib@@QAE@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0?$DelegatingObject@VCChildLayoutUI@UiLib@@@UiLib@@QAE@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0?$DelegatingObject@VCComboBoxUI@UiLib@@@UiLib@@QAE@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0?$DelegatingObject@VCComboUI@UiLib@@@UiLib@@QAE@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0?$DelegatingObject@VCContainerUI@UiLib@@@UiLib@@QAE@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0?$DelegatingObject@VCControlUI@UiLib@@@UiLib@@QAE@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0?$DelegatingObject@VCEditUI@UiLib@@@UiLib@@QAE@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0?$DelegatingObject@VCFadeButtonUI@UiLib@@@UiLib@@QAE@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0?$DelegatingObject@VCFlashUI@UiLib@@@UiLib@@QAE@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0?$DelegatingObject@VCHorizontalLayoutUI@UiLib@@@UiLib@@QAE@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0?$DelegatingObject@VCLabelUI@UiLib@@@UiLib@@QAE@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0?$DelegatingObject@VCListContainerElementUI@UiLib@@@UiLib@@QAE@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0?$DelegatingObject@VCListHeaderItemUI@UiLib@@@UiLib@@QAE@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0?$DelegatingObject@VCListHeaderUI@UiLib@@@UiLib@@QAE@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0?$DelegatingObject@VCListImageTextElementUI@UiLib@@@UiLib@@QAE@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0?$DelegatingObject@VCListLabelElementUI@UiLib@@@UiLib@@QAE@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0?$DelegatingObject@VCListTextElementUI@UiLib@@@UiLib@@QAE@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0?$DelegatingObject@VCListUI@UiLib@@@UiLib@@QAE@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0?$DelegatingObject@VCOptionUI@UiLib@@@UiLib@@QAE@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0?$DelegatingObject@VCProgressUI@UiLib@@@UiLib@@QAE@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0?$DelegatingObject@VCRadioBoxUI@UiLib@@@UiLib@@QAE@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0?$DelegatingObject@VCRichEditUI@UiLib@@@UiLib@@QAE@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0?$DelegatingObject@VCScrollBarUI@UiLib@@@UiLib@@QAE@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0?$DelegatingObject@VCSliderUI@UiLib@@@UiLib@@QAE@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0?$DelegatingObject@VCTabLayoutUI@UiLib@@@UiLib@@QAE@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0?$DelegatingObject@VCTextUI@UiLib@@@UiLib@@QAE@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0?$DelegatingObject@VCTileLayoutUI@UiLib@@@UiLib@@QAE@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0?$DelegatingObject@VCTreeNodeUI@UiLib@@@UiLib@@QAE@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0?$DelegatingObject@VCTreeViewUI@UiLib@@@UiLib@@QAE@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0?$DelegatingObject@VCVerticalLayoutUI@UiLib@@@UiLib@@QAE@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0?$DelegatingObject@VCWebBrowserUI@UiLib@@@UiLib@@QAE@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0?$TDuiTimer@VCControlUI@UiLib@@V12@PAUtagTActionGroup@2@@UiLib@@QAE@ABV01@@Z
??0?$TDuiTimer@VCControlUI@UiLib@@V12@PAUtagTActionGroup@2@@UiLib@@QAE@PAVCControlUI@1@P821@AEXPAVIDuiTimer@1@PAUtagTActionGroup@1@@Z2HH_N44@Z
??0?$TDuiTimer@VCControlUI@UiLib@@V12@PAUtagTProperty@2@@UiLib@@QAE@ABV01@@Z
??0?$TDuiTimer@VCControlUI@UiLib@@V12@PAUtagTProperty@2@@UiLib@@QAE@PAVCControlUI@1@P821@AEXPAVIDuiTimer@1@PAUtagTProperty@1@@Z2HH_N44@Z
??0?$TDuiTimer@VCDuiTrayIcon@UiLib@@V12@PAX@UiLib@@QAE@ABV01@@Z
??0?$TDuiTimer@VCDuiTrayIcon@UiLib@@V12@PAX@UiLib@@QAE@PAVCDuiTrayIcon@1@P821@AEXPAVIDuiTimer@1@@ZHH_N33@Z
??0?$TStdPtrArray@PAUtagTProperty@UiLib@@@UiLib@@QAE@H@Z
??0?$TStdPtrArray@PAVCChartItem@UiLib@@@UiLib@@QAE@ABV01@@Z
??0?$TStdPtrArray@PAVCChartItem@UiLib@@@UiLib@@QAE@H@Z
??0?$TStdPtrArray@PAVCChartSeries@UiLib@@@UiLib@@QAE@ABV01@@Z
??0?$TStdPtrArray@PAVCChartSeries@UiLib@@@UiLib@@QAE@H@Z
??0?$TStdPtrArray@PAVCDelegateBase@UiLib@@@UiLib@@QAE@ABV01@@Z
??0?$TStdPtrArray@PAVCDelegateBase@UiLib@@@UiLib@@QAE@H@Z
??0?$TStdPtrArray@PAVCDuiString@UiLib@@@UiLib@@QAE@ABV01@@Z
??0?$TStdPtrArray@PAVCDuiString@UiLib@@@UiLib@@QAE@H@Z
??0?$TStdStringPtrMap@PAUtagActionPropertys@UiLib@@@UiLib@@QAE@H@Z
??0?$TStdStringPtrMap@PAUtagTActionGroup@UiLib@@@UiLib@@QAE@H@Z
??0?$TStdValArray@HH@UiLib@@QAE@HH@Z
??0?$TStdValArray@VCDuiString@UiLib@@PB_W@UiLib@@QAE@HH@Z
??0CActiveXUI@UiLib@@QAE@ABV01@@Z
??0CActiveXUI@UiLib@@QAE@XZ
??0CAnimationData@UiLib@@QAE@HHHH@Z
??0CButtonUI@UiLib@@QAE@ABV01@@Z
??0CButtonUI@UiLib@@QAE@XZ
??0CChartItem@UiLib@@QAE@N@Z
??0CChartSeries@UiLib@@QAE@ABV01@@Z
??0CChartSeries@UiLib@@QAE@PB_W00@Z
??0CChartSeries@UiLib@@QAE@PB_WKK@Z
??0CChartViewUI@UiLib@@QAE@ABV01@@Z
??0CChartViewUI@UiLib@@QAE@XZ
??0CChartXYAxis@UiLib@@QAE@ABV01@@Z
??0CChartXYAxis@UiLib@@QAE@XZ
??0CCheckBoxUI@UiLib@@QAE@ABV01@@Z
??0CCheckBoxUI@UiLib@@QAE@XZ
??0CChildLayoutUI@UiLib@@QAE@ABV01@@Z
??0CChildLayoutUI@UiLib@@QAE@XZ
??0CComboBoxUI@UiLib@@QAE@ABV01@@Z
??0CComboBoxUI@UiLib@@QAE@XZ
??0CComboUI@UiLib@@QAE@ABV01@@Z
??0CComboUI@UiLib@@QAE@XZ
??0CContainerUI@UiLib@@QAE@ABV01@@Z
??0CContainerUI@UiLib@@QAE@XZ
??0CControlUI@UiLib@@QAE@ABV01@@Z
??0CControlUI@UiLib@@QAE@XZ
??0CDelegateBase@UiLib@@QAE@ABV01@@Z
??0CDelegateBase@UiLib@@QAE@PAXP6A_N0JI@ZJI@Z
??0CDelegateBase@UiLib@@QAE@PAXP6A_NPAUtagTEventUI@1@JI@ZIJI@Z
??0CDelegateBase@UiLib@@QAE@PAXP6A_NPAUtagTNotifyUI@1@JI@ZPB_WJI@Z
??0CDelegateStatic@UiLib@@QAE@ABV01@@Z
??0CDelegateStatic@UiLib@@QAE@P6A_NPAUtagTEventUI@1@JI@ZIJI@Z
??0CDelegateStatic@UiLib@@QAE@P6A_NPAUtagTNotifyUI@1@JI@ZPB_WJI@Z
??0CDelegateStatic@UiLib@@QAE@P6A_NPAXJI@ZJI@Z
??0CDialogBuilder@UiLib@@QAE@XZ
??0CDuiAutoComplete@UiLib@@QAE@ABV01@@Z
??0CDuiAutoComplete@UiLib@@QAE@XZ
??0CDuiRect@UiLib@@QAE@ABUtagRECT@@@Z
??0CDuiRect@UiLib@@QAE@HHHH@Z
??0CDuiRect@UiLib@@QAE@XZ
??0CDuiString@UiLib@@QAE@ABV01@@Z
??0CDuiString@UiLib@@QAE@PB_WH@Z
??0CDuiString@UiLib@@QAE@XZ
??0CDuiString@UiLib@@QAE@_W@Z
??0CDuiTimer@UiLib@@QAE@ABV01@@Z
??0CDuiTimer@UiLib@@QAE@PAUHWND__@@JIHH_N11@Z
??0CDuiTimer@UiLib@@QAE@XZ
??0CDuiTimerBase@UiLib@@QAE@ABV01@@Z
??0CDuiTimerBase@UiLib@@QAE@PAUHWND__@@JIHH_N11@Z
??0CDuiTimerBase@UiLib@@QAE@PAX00HH_N11@Z
??0CDuiTimerBase@UiLib@@QAE@PAX0HH_N11@Z
??0CDuiTimerBase@UiLib@@QAE@PAX0PAUHWND__@@JIHH_N22@Z
??0CDuiTimerBase@UiLib@@QAE@XZ
??0CDuiTrayIcon@UiLib@@QAE@XZ
??0CEditUI@UiLib@@QAE@ABV01@@Z
??0CEditUI@UiLib@@QAE@XZ
??0CEventSource@UiLib@@QAE@ABV01@@Z
??0CEventSource@UiLib@@QAE@XZ
??0CFadeButtonUI@UiLib@@QAE@ABV01@@Z
??0CFadeButtonUI@UiLib@@QAE@XZ
??0CFlashUI@UiLib@@QAE@ABV01@@Z
??0CFlashUI@UiLib@@QAE@XZ
??0CHorizontalLayoutUI@UiLib@@QAE@ABV01@@Z
??0CHorizontalLayoutUI@UiLib@@QAE@XZ
??0CLabelUI@UiLib@@QAE@ABV01@@Z
??0CLabelUI@UiLib@@QAE@XZ
??0CListBodyUI@UiLib@@QAE@ABV01@@Z
??0CListBodyUI@UiLib@@QAE@PAVCListUI@1@@Z
??0CListContainerElementUI@UiLib@@QAE@ABV01@@Z
??0CListContainerElementUI@UiLib@@QAE@XZ
??0CListElementUI@UiLib@@QAE@ABV01@@Z
??0CListElementUI@UiLib@@QAE@XZ
??0CListHeaderItemUI@UiLib@@QAE@ABV01@@Z
??0CListHeaderItemUI@UiLib@@QAE@XZ
??0CListHeaderUI@UiLib@@QAE@ABV01@@Z
??0CListHeaderUI@UiLib@@QAE@XZ
??0CListImageTextElementUI@UiLib@@QAE@ABV01@@Z
??0CListImageTextElementUI@UiLib@@QAE@XZ
??0CListLabelElementUI@UiLib@@QAE@ABV01@@Z
??0CListLabelElementUI@UiLib@@QAE@XZ
??0CListTextElementUI@UiLib@@QAE@ABV01@@Z
??0CListTextElementUI@UiLib@@QAE@XZ
??0CListUI@UiLib@@QAE@ABV01@@Z
??0CListUI@UiLib@@QAE@XZ
??0CMarkup@UiLib@@QAE@PB_W@Z
??0CMarkupNode@UiLib@@AAE@PAVCMarkup@1@H@Z
??0CMarkupNode@UiLib@@AAE@XZ
??0CNotifyPump@UiLib@@QAE@ABV01@@Z
??0COptionUI@UiLib@@QAE@ABV01@@Z
??0COptionUI@UiLib@@QAE@XZ
??0CPaintManagerUI@UiLib@@QAE@ABV01@@Z
??0CPaintManagerUI@UiLib@@QAE@XZ
??0CPoint@UiLib@@QAE@ABUtagPOINT@@@Z
??0CPoint@UiLib@@QAE@HH@Z
??0CPoint@UiLib@@QAE@J@Z
??0CPoint@UiLib@@QAE@XZ
??0CProgressUI@UiLib@@QAE@ABV01@@Z
??0CProgressUI@UiLib@@QAE@XZ
??0CRadioBoxUI@UiLib@@QAE@ABV01@@Z
??0CRadioBoxUI@UiLib@@QAE@XZ
??0CRichEditUI@UiLib@@QAE@ABV01@@Z
??0CRichEditUI@UiLib@@QAE@XZ
??0CScrollBarUI@UiLib@@QAE@ABV01@@Z
??0CScrollBarUI@UiLib@@QAE@XZ
??0CSize@UiLib@@QAE@ABUtagSIZE@@@Z
??0CSize@UiLib@@QAE@HH@Z
??0CSize@UiLib@@QAE@UtagRECT@@@Z
??0CSize@UiLib@@QAE@XZ
??0CSliderUI@UiLib@@QAE@ABV01@@Z
??0CSliderUI@UiLib@@QAE@XZ
??0CStdPtrArray@UiLib@@QAE@ABV01@@Z
??0CStdPtrArray@UiLib@@QAE@H@Z
??0CStdStringPtrMap@UiLib@@QAE@H@Z
??0CStdValArray@UiLib@@QAE@HH@Z
??0CTabLayoutUI@UiLib@@QAE@ABV01@@Z
??0CTabLayoutUI@UiLib@@QAE@XZ
??0CTextUI@UiLib@@QAE@ABV01@@Z
??0CTextUI@UiLib@@QAE@XZ
??0CTileLayoutUI@UiLib@@QAE@ABV01@@Z
??0CTileLayoutUI@UiLib@@QAE@XZ
??0CTimerSource@UiLib@@QAE@ABV01@@Z
??0CTimerSource@UiLib@@QAE@XZ
??0CTreeNodeUI@UiLib@@QAE@ABV01@@Z
??0CTreeNodeUI@UiLib@@QAE@PAV01@@Z
??0CTreeViewUI@UiLib@@QAE@ABV01@@Z
??0CTreeViewUI@UiLib@@QAE@XZ
??0CUIAnimation@UiLib@@QAE@ABV01@@Z
??0CUIAnimation@UiLib@@QAE@PAVCControlUI@1@@Z
??0CVerticalLayoutUI@UiLib@@QAE@ABV01@@Z
??0CVerticalLayoutUI@UiLib@@QAE@XZ
??0CWaitCursor@UiLib@@QAE@XZ
??0CWebBrowserUI@UiLib@@QAE@ABV01@@Z
??0CWebBrowserUI@UiLib@@QAE@XZ
??0CWindowWnd@UiLib@@QAE@ABV01@@Z
??0CWindowWnd@UiLib@@QAE@XZ
??0DuiObjectMap@UiLib@@AAE@XZ
??0IDelegate@UiLib@@QAE@ABV01@@Z
??0IDelegate@UiLib@@QAE@XZ
??0IDuiTimer@UiLib@@QAE@ABV01@@Z
??0IDuiTimer@UiLib@@QAE@XZ
??0IUIAnimation@UiLib@@QAE@ABV01@@Z
??0IUIAnimation@UiLib@@QAE@XZ
??0IWindowBase@@QAE@ABV0@@Z
??0IWindowBase@@QAE@PB_W@Z
??0WindowImplBase@UiLib@@QAE@ABV01@@Z
??1?$CDelegate@VCCalendarUI@UiLib@@V12@J@UiLib@@UAE@XZ
??1?$CDelegate@VCControlUI@UiLib@@V12@PAUtagTActionGroup@2@@UiLib@@UAE@XZ
??1?$CDelegate@VCTreeViewUI@UiLib@@V12@J@UiLib@@UAE@XZ
??1?$TDuiTimer@VCControlUI@UiLib@@V12@PAUtagTActionGroup@2@@UiLib@@UAE@XZ
??1?$TDuiTimer@VCControlUI@UiLib@@V12@PAUtagTProperty@2@@UiLib@@UAE@XZ
??1?$TDuiTimer@VCDuiTrayIcon@UiLib@@V12@PAX@UiLib@@UAE@XZ
??1?$TStdPtrArray@PAUtagTProperty@UiLib@@@UiLib@@QAE@XZ
??1?$TStdPtrArray@PAVCChartItem@UiLib@@@UiLib@@QAE@XZ
??1?$TStdPtrArray@PAVCChartSeries@UiLib@@@UiLib@@QAE@XZ
??1?$TStdPtrArray@PAVCDelegateBase@UiLib@@@UiLib@@QAE@XZ
??1?$TStdPtrArray@PAVCDuiString@UiLib@@@UiLib@@QAE@XZ
??1?$TStdStringPtrMap@PAUtagActionPropertys@UiLib@@@UiLib@@QAE@XZ
??1?$TStdStringPtrMap@PAUtagTActionGroup@UiLib@@@UiLib@@QAE@XZ
??1?$TStdValArray@HH@UiLib@@QAE@XZ
??1?$TStdValArray@VCDuiString@UiLib@@PB_W@UiLib@@QAE@XZ
??1CActiveXUI@UiLib@@UAE@XZ
??1CButtonUI@UiLib@@UAE@XZ
??1CChartItem@UiLib@@QAE@XZ
??1CChartSeries@UiLib@@QAE@XZ
??1CChartViewUI@UiLib@@UAE@XZ
??1CChartXYAxis@UiLib@@QAE@XZ
??1CCheckBoxUI@UiLib@@UAE@XZ
??1CChildLayoutUI@UiLib@@UAE@XZ
??1CComboBoxUI@UiLib@@UAE@XZ
??1CComboUI@UiLib@@UAE@XZ
??1CContainerUI@UiLib@@UAE@XZ
??1CControlUI@UiLib@@UAE@XZ
??1CDelegateBase@UiLib@@UAE@XZ
??1CDelegateStatic@UiLib@@UAE@XZ
??1CDuiAutoComplete@UiLib@@QAE@XZ
??1CDuiString@UiLib@@QAE@XZ
??1CDuiTimer@UiLib@@UAE@XZ
??1CDuiTimerBase@UiLib@@UAE@XZ
??1CDuiTrayIcon@UiLib@@QAE@XZ
??1CEditUI@UiLib@@UAE@XZ
??1CEventSource@UiLib@@QAE@XZ
??1CFadeButtonUI@UiLib@@UAE@XZ
??1CFlashUI@UiLib@@UAE@XZ
??1CHorizontalLayoutUI@UiLib@@UAE@XZ
??1CLabelUI@UiLib@@UAE@XZ
??1CListBodyUI@UiLib@@UAE@XZ
??1CListContainerElementUI@UiLib@@UAE@XZ
??1CListElementUI@UiLib@@UAE@XZ
??1CListHeaderItemUI@UiLib@@UAE@XZ
??1CListHeaderUI@UiLib@@UAE@XZ
??1CListImageTextElementUI@UiLib@@UAE@XZ
??1CListLabelElementUI@UiLib@@UAE@XZ
??1CListTextElementUI@UiLib@@UAE@XZ
??1CListUI@UiLib@@UAE@XZ
??1CMarkup@UiLib@@QAE@XZ
??1COptionUI@UiLib@@UAE@XZ
??1CPaintManagerUI@UiLib@@QAE@XZ
??1CProgressUI@UiLib@@UAE@XZ
??1CRadioBoxUI@UiLib@@UAE@XZ
??1CRenderClip@UiLib@@QAE@XZ
??1CRichEditUI@UiLib@@UAE@XZ
??1CScrollBarUI@UiLib@@UAE@XZ
??1CSliderUI@UiLib@@UAE@XZ
??1CStdPtrArray@UiLib@@QAE@XZ
??1CStdStringPtrMap@UiLib@@QAE@XZ
??1CStdValArray@UiLib@@QAE@XZ
??1CTabLayoutUI@UiLib@@UAE@XZ
??1CTextUI@UiLib@@UAE@XZ
??1CTileLayoutUI@UiLib@@UAE@XZ
??1CTimerSource@UiLib@@QAE@XZ
??1CTreeNodeUI@UiLib@@UAE@XZ
??1CTreeViewUI@UiLib@@UAE@XZ
??1CUIAnimation@UiLib@@UAE@XZ
??1CVerticalLayoutUI@UiLib@@UAE@XZ
??1CWaitCursor@UiLib@@QAE@XZ
??1CWebBrowserUI@UiLib@@UAE@XZ
??1IUIAnimation@UiLib@@UAE@XZ
??1IWindowBase@@UAE@XZ
??4?$CDelegate@VCCalendarUI@UiLib@@V12@J@UiLib@@QAEAAV01@ABV01@@Z
??4?$CDelegate@VCControlUI@UiLib@@V12@PAUtagTActionGroup@2@@UiLib@@QAEAAV01@ABV01@@Z
??4?$CDelegate@VCTreeViewUI@UiLib@@V12@J@UiLib@@QAEAAV01@ABV01@@Z
??4?$DelegatingObject@VCActiveXCtrl@UiLib@@@UiLib@@QAEAAV01@ABV01@@Z
??4?$DelegatingObject@VCButtonUI@UiLib@@@UiLib@@QAEAAV01@ABV01@@Z
??4?$DelegatingObject@VCCalendarUI@UiLib@@@UiLib@@QAEAAV01@ABV01@@Z
??4?$DelegatingObject@VCChartViewUI@UiLib@@@UiLib@@QAEAAV01@ABV01@@Z
??4?$DelegatingObject@VCCheckBoxUI@UiLib@@@UiLib@@QAEAAV01@ABV01@@Z
??4?$DelegatingObject@VCChildLayoutUI@UiLib@@@UiLib@@QAEAAV01@ABV01@@Z
??4?$DelegatingObject@VCComboBoxUI@UiLib@@@UiLib@@QAEAAV01@ABV01@@Z
??4?$DelegatingObject@VCComboUI@UiLib@@@UiLib@@QAEAAV01@ABV01@@Z
??4?$DelegatingObject@VCContainerUI@UiLib@@@UiLib@@QAEAAV01@ABV01@@Z
??4?$DelegatingObject@VCControlUI@UiLib@@@UiLib@@QAEAAV01@ABV01@@Z
??4?$DelegatingObject@VCEditUI@UiLib@@@UiLib@@QAEAAV01@ABV01@@Z
??4?$DelegatingObject@VCFadeButtonUI@UiLib@@@UiLib@@QAEAAV01@ABV01@@Z
??4?$DelegatingObject@VCFlashUI@UiLib@@@UiLib@@QAEAAV01@ABV01@@Z
??4?$DelegatingObject@VCHorizontalLayoutUI@UiLib@@@UiLib@@QAEAAV01@ABV01@@Z
??4?$DelegatingObject@VCLabelUI@UiLib@@@UiLib@@QAEAAV01@ABV01@@Z
??4?$DelegatingObject@VCListContainerElementUI@UiLib@@@UiLib@@QAEAAV01@ABV01@@Z
??4?$DelegatingObject@VCListHeaderItemUI@UiLib@@@UiLib@@QAEAAV01@ABV01@@Z
??4?$DelegatingObject@VCListHeaderUI@UiLib@@@UiLib@@QAEAAV01@ABV01@@Z
??4?$DelegatingObject@VCListImageTextElementUI@UiLib@@@UiLib@@QAEAAV01@ABV01@@Z
??4?$DelegatingObject@VCListLabelElementUI@UiLib@@@UiLib@@QAEAAV01@ABV01@@Z
??4?$DelegatingObject@VCListTextElementUI@UiLib@@@UiLib@@QAEAAV01@ABV01@@Z
??4?$DelegatingObject@VCListUI@UiLib@@@UiLib@@QAEAAV01@ABV01@@Z
??4?$DelegatingObject@VCOptionUI@UiLib@@@UiLib@@QAEAAV01@ABV01@@Z
??4?$DelegatingObject@VCProgressUI@UiLib@@@UiLib@@QAEAAV01@ABV01@@Z
??4?$DelegatingObject@VCRadioBoxUI@UiLib@@@UiLib@@QAEAAV01@ABV01@@Z
??4?$DelegatingObject@VCRichEditUI@UiLib@@@UiLib@@QAEAAV01@ABV01@@Z
??4?$DelegatingObject@VCScrollBarUI@UiLib@@@UiLib@@QAEAAV01@ABV01@@Z
??4?$DelegatingObject@VCSliderUI@UiLib@@@UiLib@@QAEAAV01@ABV01@@Z
??4?$DelegatingObject@VCTabLayoutUI@UiLib@@@UiLib@@QAEAAV01@ABV01@@Z
??4?$DelegatingObject@VCTextUI@UiLib@@@UiLib@@QAEAAV01@ABV01@@Z
??4?$DelegatingObject@VCTileLayoutUI@UiLib@@@UiLib@@QAEAAV01@ABV01@@Z
??4?$DelegatingObject@VCTreeNodeUI@UiLib@@@UiLib@@QAEAAV01@ABV01@@Z
??4?$DelegatingObject@VCTreeViewUI@UiLib@@@UiLib@@QAEAAV01@ABV01@@Z
??4?$DelegatingObject@VCVerticalLayoutUI@UiLib@@@UiLib@@QAEAAV01@ABV01@@Z
??4?$DelegatingObject@VCWebBrowserUI@UiLib@@@UiLib@@QAEAAV01@ABV01@@Z
??4?$TDuiTimer@VCControlUI@UiLib@@V12@PAUtagTActionGroup@2@@UiLib@@QAEAAV01@ABV01@@Z
??4?$TDuiTimer@VCControlUI@UiLib@@V12@PAUtagTProperty@2@@UiLib@@QAEAAV01@ABV01@@Z
??4?$TDuiTimer@VCDuiTrayIcon@UiLib@@V12@PAX@UiLib@@QAEAAV01@ABV01@@Z
??4?$TStdPtrArray@PAUtagTProperty@UiLib@@@UiLib@@QAEAAV01@ABV01@@Z
??4?$TStdPtrArray@PAVCChartItem@UiLib@@@UiLib@@QAEAAV01@ABV01@@Z
??4?$TStdPtrArray@PAVCChartSeries@UiLib@@@UiLib@@QAEAAV01@ABV01@@Z
??4?$TStdPtrArray@PAVCDelegateBase@UiLib@@@UiLib@@QAEAAV01@ABV01@@Z
??4?$TStdPtrArray@PAVCDuiString@UiLib@@@UiLib@@QAEAAV01@ABV01@@Z
??4?$TStdStringPtrMap@PAUtagActionPropertys@UiLib@@@UiLib@@QAEAAV01@ABV01@@Z
??4?$TStdStringPtrMap@PAUtagTActionGroup@UiLib@@@UiLib@@QAEAAV01@ABV01@@Z
??4?$TStdValArray@HH@UiLib@@QAEAAV01@ABV01@@Z
??4?$TStdValArray@VCDuiString@UiLib@@PB_W@UiLib@@QAEAAV01@ABV01@@Z
??4CActiveXUI@UiLib@@QAEAAV01@ABV01@@Z
??4CAnimationData@UiLib@@QAEAAV01@ABV01@@Z
??4CButtonUI@UiLib@@QAEAAV01@ABV01@@Z
??4CChartItem@UiLib@@QAEAAV01@ABV01@@Z
??4CChartSeries@UiLib@@QAEAAV01@ABV01@@Z
??4CChartViewUI@UiLib@@QAEAAV01@ABV01@@Z
??4CChartXYAxis@UiLib@@QAEAAV01@ABV01@@Z
??4CCheckBoxUI@UiLib@@QAEAAV01@ABV01@@Z
??4CChildLayoutUI@UiLib@@QAEAAV01@ABV01@@Z
??4CComboBoxUI@UiLib@@QAEAAV01@ABV01@@Z
??4CComboUI@UiLib@@QAEAAV01@ABV01@@Z
??4CContainerUI@UiLib@@QAEAAV01@ABV01@@Z
??4CControlUI@UiLib@@QAEAAV01@ABV01@@Z
??4CDelegateBase@UiLib@@QAEAAV01@ABV01@@Z
??4CDelegateStatic@UiLib@@QAEAAV01@ABV01@@Z
??4CDialogBuilder@UiLib@@QAEAAV01@ABV01@@Z
??4CDuiAutoComplete@UiLib@@QAEAAV01@ABV01@@Z
??4CDuiRect@UiLib@@QAEAAV01@ABV01@@Z
??4CDuiString@UiLib@@QAEABV01@ABV01@@Z
??4CDuiString@UiLib@@QAEABV01@PBD@Z
??4CDuiString@UiLib@@QAEABV01@PB_W@Z
??4CDuiString@UiLib@@QAEABV01@_W@Z
??4CDuiTimer@UiLib@@QAEAAV01@ABV01@@Z
??4CDuiTimerBase@UiLib@@QAEAAV01@ABV01@@Z
??4CDuiTrayIcon@UiLib@@QAEAAV01@ABV01@@Z
??4CEditUI@UiLib@@QAEAAV01@ABV01@@Z
??4CEventSource@UiLib@@QAEAAV01@ABV01@@Z
??4CFadeButtonUI@UiLib@@QAEAAV01@ABV01@@Z
??4CFlashUI@UiLib@@QAEAAV01@ABV01@@Z
??4CHorizontalLayoutUI@UiLib@@QAEAAV01@ABV01@@Z
??4CLabelUI@UiLib@@QAEAAV01@ABV01@@Z
??4CListBodyUI@UiLib@@QAEAAV01@ABV01@@Z
??4CListContainerElementUI@UiLib@@QAEAAV01@ABV01@@Z
??4CListElementUI@UiLib@@QAEAAV01@ABV01@@Z
??4CListHeaderItemUI@UiLib@@QAEAAV01@ABV01@@Z
??4CListHeaderUI@UiLib@@QAEAAV01@ABV01@@Z
??4CListImageTextElementUI@UiLib@@QAEAAV01@ABV01@@Z
??4CListLabelElementUI@UiLib@@QAEAAV01@ABV01@@Z
??4CListTextElementUI@UiLib@@QAEAAV01@ABV01@@Z
??4CListUI@UiLib@@QAEAAV01@ABV01@@Z
??4CMarkup@UiLib@@QAEAAV01@ABV01@@Z
??4CMarkupNode@UiLib@@QAEAAV01@ABV01@@Z
??4CNotifyPump@UiLib@@QAEAAV01@ABV01@@Z
??4COptionUI@UiLib@@QAEAAV01@ABV01@@Z
??4CPaintManagerUI@UiLib@@QAEAAV01@ABV01@@Z
??4CPoint@UiLib@@QAEAAV01@ABV01@@Z
??4CProgressUI@UiLib@@QAEAAV01@ABV01@@Z
??4CRadioBoxUI@UiLib@@QAEAAV01@ABV01@@Z
??4CRenderClip@UiLib@@QAEAAV01@ABV01@@Z
??4CRenderEngine@UiLib@@QAEAAV01@ABV01@@Z
??4CRichEditUI@UiLib@@QAEAAV01@ABV01@@Z
??4CScrollBarUI@UiLib@@QAEAAV01@ABV01@@Z
??4CSize@UiLib@@QAEAAV01@ABV01@@Z
??4CSliderUI@UiLib@@QAEAAV01@ABV01@@Z
??4CStdPtrArray@UiLib@@QAEAAV01@ABV01@@Z
??4CStdStringPtrMap@UiLib@@QAEAAV01@ABV01@@Z
??4CStdValArray@UiLib@@QAEAAV01@ABV01@@Z
??4CTabLayoutUI@UiLib@@QAEAAV01@ABV01@@Z
??4CTextUI@UiLib@@QAEAAV01@ABV01@@Z
??4CTileLayoutUI@UiLib@@QAEAAV01@ABV01@@Z
??4CTimerSource@UiLib@@QAEAAV01@ABV01@@Z
??4CTreeNodeUI@UiLib@@QAEAAV01@ABV01@@Z
??4CTreeViewUI@UiLib@@QAEAAV01@ABV01@@Z
??4CUIAnimation@UiLib@@QAEAAV01@ABV01@@Z
??4CVerticalLayoutUI@UiLib@@QAEAAV01@ABV01@@Z
??4CWaitCursor@UiLib@@QAEAAV01@ABV01@@Z
??4CWebBrowserUI@UiLib@@QAEAAV01@ABV01@@Z
??4CWindowWnd@UiLib@@QAEAAV01@ABV01@@Z
??4DuiObjectMap@UiLib@@QAEAAV01@ABV01@@Z
??4IDelegate@UiLib@@QAEAAV01@ABV01@@Z
??4IDuiTimer@UiLib@@QAEAAV01@ABV01@@Z
??4IUIAnimation@UiLib@@QAEAAV01@ABV01@@Z
??4IWindowBase@@QAEAAV0@ABV0@@Z
??4WindowImplBase@UiLib@@QAEAAV01@ABV01@@Z
??8CDuiString@UiLib@@QBE_NPB_W@Z
??9CDuiString@UiLib@@QBE_NPB_W@Z
??A?$TStdPtrArray@PAVCDuiString@UiLib@@@UiLib@@QBEPAVCDuiString@1@H@Z
??ACDuiString@UiLib@@QBE_WH@Z
??ACStdPtrArray@UiLib@@QBEPAXH@Z
??ACStdStringPtrMap@UiLib@@QBEPB_WH@Z
??ACStdValArray@UiLib@@QBEPAXH@Z
??BCDuiString@UiLib@@QBEPB_WXZ
??BCEventSource@UiLib@@QAE_NXZ
??BCTimerSource@UiLib@@QAE_NXZ
??BCWindowWnd@UiLib@@QBEPAUHWND__@@XZ
??HCDuiString@UiLib@@QBE?AV01@ABV01@@Z
??HCDuiString@UiLib@@QBE?AV01@PB_W@Z
??MCDuiString@UiLib@@QBE_NPB_W@Z
??NCDuiString@UiLib@@QBE_NPB_W@Z
??OCDuiString@UiLib@@QBE_NPB_W@Z
??PCDuiString@UiLib@@QBE_NPB_W@Z
??RCDelegateBase@UiLib@@QAE_NPAUtagTEventUI@1@IJI@Z
??RCDelegateBase@UiLib@@QAE_NPAUtagTNotifyUI@1@PB_WJI@Z
??RCDelegateBase@UiLib@@QAE_NPAXJI@Z
??RCDuiTimerBase@UiLib@@QAEXPAVIDuiTimer@1@@Z
??RCDuiTimerBase@UiLib@@QAEXPAVIDuiTimer@1@PAUHWND__@@JI@Z
??RCDuiTimerBase@UiLib@@QAEXPAVIDuiTimer@1@PAX@Z
??RCEventSource@UiLib@@QAE_NPAUtagTEventUI@1@@Z
??RCEventSource@UiLib@@QAE_NPAUtagTNotifyUI@1@@Z
??RCEventSource@UiLib@@QAE_NPAX@Z
??YCDuiString@UiLib@@QAEABV01@ABV01@@Z
??YCDuiString@UiLib@@QAEABV01@PBD@Z
??YCDuiString@UiLib@@QAEABV01@PB_W@Z
??YCDuiString@UiLib@@QAEABV01@_W@Z
??YCEventSource@UiLib@@QAEXABVCDelegateBase@1@@Z
??YCEventSource@UiLib@@QAEXP6A_NPAXJI@Z@Z
??YCTimerSource@UiLib@@QAEXABVCDuiTimerBase@1@@Z
??YCTimerSource@UiLib@@QAEXPAVCDuiTimerBase@1@@Z
??YCTimerSource@UiLib@@QAEXPAVIDuiTimer@1@@Z
??ZCEventSource@UiLib@@QAEXABVCDelegateBase@1@@Z
??ZCEventSource@UiLib@@QAEXP6A_NPAXJI@Z@Z
??ZCTimerSource@UiLib@@QAEXABVCDuiTimerBase@1@@Z
??ZCTimerSource@UiLib@@QAEXPAVIDuiTimer@1@@Z
??ZCTimerSource@UiLib@@QAEXPBVCDuiTimerBase@1@@Z
??_7?$CDelegate@VCCalendarUI@UiLib@@V12@J@UiLib@@6B@
??_7?$CDelegate@VCControlUI@UiLib@@V12@PAUtagTActionGroup@2@@UiLib@@6B@
??_7?$CDelegate@VCTreeViewUI@UiLib@@V12@J@UiLib@@6B@
??_7?$TDuiTimer@VCControlUI@UiLib@@V12@PAUtagTActionGroup@2@@UiLib@@6B@
??_7?$TDuiTimer@VCControlUI@UiLib@@V12@PAUtagTProperty@2@@UiLib@@6B@
??_7?$TDuiTimer@VCDuiTrayIcon@UiLib@@V12@PAX@UiLib@@6B@
??_7CActiveXUI@UiLib@@6BCControlUI@1@@
??_7CActiveXUI@UiLib@@6BIMessageFilterUI@1@@
??_7CButtonUI@UiLib@@6B@
??_7CChartViewUI@UiLib@@6BCControlUI@1@@
??_7CChartViewUI@UiLib@@6BIContainerUI@1@@
??_7CCheckBoxUI@UiLib@@6B@
??_7CChildLayoutUI@UiLib@@6BCControlUI@1@@
??_7CChildLayoutUI@UiLib@@6BIContainerUI@1@@
??_7CComboBoxUI@UiLib@@6B@
??_7CComboBoxUI@UiLib@@6BCControlUI@1@@
??_7CComboBoxUI@UiLib@@6BIContainerUI@1@@
??_7CComboUI@UiLib@@6B@
??_7CComboUI@UiLib@@6BCControlUI@1@@
??_7CComboUI@UiLib@@6BIContainerUI@1@@
??_7CContainerUI@UiLib@@6BCControlUI@1@@
??_7CContainerUI@UiLib@@6BIContainerUI@1@@
??_7CControlUI@UiLib@@6B@
??_7CDelegateBase@UiLib@@6B@
??_7CDelegateStatic@UiLib@@6B@
??_7CDuiAutoComplete@UiLib@@6B@
??_7CDuiTimer@UiLib@@6B@
??_7CDuiTimerBase@UiLib@@6B@
??_7CEditUI@UiLib@@6B@
??_7CFadeButtonUI@UiLib@@6BCButtonUI@1@@
??_7CFadeButtonUI@UiLib@@6BCUIAnimation@1@@
??_7CFlashUI@UiLib@@6BCControlUI@1@@
??_7CFlashUI@UiLib@@6BIMessageFilterUI@1@@
??_7CFlashUI@UiLib@@6BITranslateAccelerator@1@@
??_7CFlashUI@UiLib@@6B_IShockwaveFlashEvents@@@
??_7CHorizontalLayoutUI@UiLib@@6BCControlUI@1@@
??_7CHorizontalLayoutUI@UiLib@@6BIContainerUI@1@@
??_7CLabelUI@UiLib@@6B@
??_7CListBodyUI@UiLib@@6BCControlUI@1@@
??_7CListBodyUI@UiLib@@6BIContainerUI@1@@
??_7CListContainerElementUI@UiLib@@6B@
??_7CListContainerElementUI@UiLib@@6BCControlUI@1@@
??_7CListContainerElementUI@UiLib@@6BIContainerUI@1@@
??_7CListElementUI@UiLib@@6BCControlUI@1@@
??_7CListElementUI@UiLib@@6BIListItemUI@1@@
??_7CListHeaderItemUI@UiLib@@6B@
??_7CListHeaderUI@UiLib@@6BCControlUI@1@@
??_7CListHeaderUI@UiLib@@6BIContainerUI@1@@
??_7CListImageTextElementUI@UiLib@@6BCControlUI@1@@
??_7CListImageTextElementUI@UiLib@@6BIListItemUI@1@@
??_7CListLabelElementUI@UiLib@@6BCControlUI@1@@
??_7CListLabelElementUI@UiLib@@6BIListItemUI@1@@
??_7CListTextElementUI@UiLib@@6BCControlUI@1@@
??_7CListTextElementUI@UiLib@@6BIListItemUI@1@@
??_7CListUI@UiLib@@6B@
??_7CListUI@UiLib@@6BCControlUI@1@@
??_7CListUI@UiLib@@6BIContainerUI@1@@
??_7COptionUI@UiLib@@6B@

Sections

.text
Size: 571KB - Virtual size: 570KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 239KB - Virtual size: 239KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 204KB - Virtual size: 204KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
GBox/GBox/YK_GameManager.YK000
.exe windows:5 windows x86 arch:x86

2a3f01c62f6b125578883c5607ba36c5

Code Sign

33:65:50:08:79:ad:73:e2:30:b9:e0:1d:0d:7f:ac:91
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

17/11/2006, 00:00

Not After

30/12/2020, 23:59

Subject

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

22:17:1a:6c:13:4e:71:95:7d:ce:f3:5d:91:4c:22:d5
Certificate

Issuer

CN=Thawte Code Signing CA - G2,O=Thawte\, Inc.,C=US

Not Before

18/09/2013, 00:00

Not After

18/12/2015, 23:59

Subject

CN=Wuhan Yu Ku of Network Technology Co.\, Ltd,OU=Ministry of Technology,O=Wuhan Yu Ku of Network Technology Co.\, Ltd,L=wuhan,ST=hubei,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10/05/2010, 00:00

Not After

10/05/2015, 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:97:4d:78:73:a5:bc:ab:0d:2f:b3:70:19:2f:ce:5e
Certificate

Issuer

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=Thawte Code Signing CA - G2,O=Thawte\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

e7:79:75:a9:88:6d:7c:ce:85:43:f5:11:77:af:9f:ed:31:9e:ca:84
Signer

Actual PE Digest

e7:79:75:a9:88:6d:7c:ce:85:43:f5:11:77:af:9f:ed:31:9e:ca:84

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

F:\Works\wuliang\GameManage\Release\YK_GameManager.pdb

Imports

kernel32

SystemTimeToFileTime
GetCurrentProcess
WriteFile
GetFileType
DuplicateHandle
SetEnvironmentVariableA
SetEndOfFile
CreateFileA
SetStdHandle
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetStringTypeW
GetTimeZoneInformation
FlushFileBuffers
GetConsoleMode
GetConsoleCP
HeapCreate
IsProcessorFeaturePresent
SetHandleCount
GetLocaleInfoW
GetCurrentThreadId
SetLastError
SetFilePointer
TlsSetValue
TlsGetValue
TlsAlloc
IsValidCodePage
GetOEMCP
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
CompareStringW
GetCPInfo
LCMapStringW
RtlUnwind
GetStartupInfoW
HeapSetInformation
GetCommandLineA
GetStdHandle
WriteConsoleW
GetSystemTimeAsFileTime
GetDateFormatW
GetTimeFormatW
LocalFree
InitializeCriticalSection
DecodePointer
EncodePointer
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
DosDateTimeToFileTime
ExitProcess
GetACP
CreateFileW
ReadFile
GetFileSize
GetTickCount
MulDiv
TerminateThread
GetExitCodeProcess
FreeResource
DeleteFileW
WinExec
ReleaseMutex
DeleteCriticalSection
lstrcmpiW
EnterCriticalSection
RaiseException
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
WaitForSingleObject
InterlockedDecrement
InterlockedIncrement
LoadLibraryExW
CreateMutexW
CreateThread
FindResourceExW
GetProcAddress
GetLastError
LoadLibraryW
GetModuleHandleW
FreeLibrary
GetCurrentProcessId
CloseHandle
GetLocalTime
FindClose
GetCurrentDirectoryW
GetTempPathW
WritePrivateProfileStringW
lstrlenW
MultiByteToWideChar
GetModuleFileNameW
FileTimeToSystemTime
GetVersionExW
CopyFileW
WideCharToMultiByte
OpenProcess
GetPrivateProfileStringW
CreateDirectoryW
CreateProcessW
lstrlenA
FindFirstFileW
GetTempFileNameW
Sleep
LockResource
SizeofResource
LoadResource
FindResourceW
TlsFree

user32

RegisterClassExW
GetSystemMetrics
GetClassInfoExW
LoadImageW
GetMessageW
DrawIconEx
GetUpdateRect
KillTimer
SetTimer
SetRect
SetWindowLongW
GetWindowLongW
TranslateMessage
IsIconic
GetWindowRect
ScreenToClient
SetWindowRgn
wsprintfW
PostMessageW
MessageBoxW
CharPrevW
DrawTextW
LoadIconW
OffsetRect
InflateRect
wvsprintfW
GetClientRect
SetPropW
GetWindow
DefWindowProcW
SendMessageW
RegisterClassW
CreateWindowExW
IsWindow
ShowWindow
GetPropW
CallWindowProcW
DispatchMessageW
HideCaret
ShowCaret
SetWindowPos
SystemParametersInfoW
GetDC
LoadCursorW
GetParent
CharNextW
GetMonitorInfoW
UnregisterHotKey
IsWindowVisible
GetCursorPos
MonitorFromWindow
IsZoomed
PostQuitMessage
ClientToScreen
MoveWindow
MapWindowPoints
GetDesktopWindow
IntersectRect
SetForegroundWindow
ReleaseCapture
ReleaseDC
InvalidateRect
BeginPaint
CreateAcceleratorTableW
InvalidateRgn
SetCapture
FillRect
DestroyWindow
EndPaint
PtInRect
SetCursor
SetWindowTextW
EnableWindow
GetWindowTextW
SetFocus
GetKeyState
GetWindowTextLengthW
GetFocus
IsRectEmpty
SetCaretPos
CreateCaret
GetSysColor

gdi32

GetObjectW
GetObjectA
SetTextColor
SetBkMode
GetStockObject
CreateSolidBrush
GetTextExtentPoint32W
GetDeviceCaps
DeleteDC
CreateDIBSection
SelectObject
CreateCompatibleDC
CreateFontIndirectW
DeleteObject
CreateRoundRectRgn
GetCharABCWidthsW
ExtTextOutW
CreateRectRgnIndirect
CreatePenIndirect
SelectClipRgn
SetBkColor
StretchBlt
LineTo
MoveToEx
CreateRectRgn
GetPixel
CombineRgn
PtInRegion
SetPixel
RestoreDC
CreatePen
SaveDC
Rectangle
GetTextMetricsW
BitBlt
SetWindowOrgEx
TextOutW
ExtSelectClipRgn
RoundRect
CreateCompatibleBitmap
SetStretchBltMode
GetClipBox

comdlg32

GetOpenFileNameW

advapi32

RegEnumKeyExW
RegDeleteValueW
RegOpenKeyExW
RegCloseKey
RegDeleteKeyW
RegCreateKeyExW
RegQueryValueExW
RegQueryInfoKeyW
RegSetValueExW

shell32

Shell_NotifyIconW
ShellExecuteW
SHGetPathFromIDListW
SHGetMalloc
SHGetSpecialFolderLocation
SHGetFolderPathW

ole32

CLSIDFromString
CLSIDFromProgID
OleLockRunning
CoTaskMemAlloc
CoTaskMemFree
OleUninitialize
OleInitialize
CoTaskMemRealloc
CoInitialize
CoUninitialize
CoCreateInstance

oleaut32

VariantChangeType
VariantCopy
VariantClear
VarUI4FromStr
SysFreeString
VariantInit
SysAllocString

shlwapi

PathFileExistsW

winmm

timeBeginPeriod
timeGetDevCaps
timeKillEvent
timeEndPeriod
timeGetTime
timeSetEvent

comctl32

ord17
_TrackMouseEvent

gdiplus

GdipCreateLineBrushI
GdipSetStringFormatLineAlign
GdipCreateFontFromLogfontA
GdipCloneBrush
GdipDeleteBrush
GdipImageGetFrameCount
GdipImageGetFrameDimensionsCount
GdipGetPropertyItemSize
GdipDrawImageI
GdipGetPropertyItem
GdipImageSelectActiveFrame
GdipImageGetFrameDimensionsList
GdiplusStartup
GdipDeleteFont
GdipCreateFromHDC
GdipDisposeImage
GdipAlloc
GdipLoadImageFromFile
GdipDeleteGraphics
GdipFree
GdiplusShutdown
GdipCreateStringFormat
GdipDeleteStringFormat
GdipCreateFontFromDC
GdipCloneImage
GdipSetStringFormatAlign
GdipSetTextRenderingHint
GdipDrawString

ws2_32

htons
recv
bind
socket
closesocket
send
listen
accept
connect
WSAStartup
inet_addr
htonl

wininet

InternetCloseHandle
HttpOpenRequestW
HttpAddRequestHeadersW
InternetOpenW
InternetCrackUrlW
InternetReadFile
InternetConnectW
HttpSendRequestW
InternetCheckConnectionW

d3d9

Direct3DCreate9

Sections

.text
Size: 663KB - Virtual size: 663KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 126KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
GBox/GBox/config.YK001
GBox/GBox/game.YK016
GBox/GBox/gamedata.mdb
GBox/GBox/gamex.config.YK002
GBox/GBox/gbmanager.YK001
.dll windows:4 windows x86 arch:x86

974a05f65844fc691840aa99032564b7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\17wow项目\GBox\release\gbmanager.pdb

Imports

kernel32

InitializeCriticalSection
DeleteFileA
LeaveCriticalSection
DeleteCriticalSection
GetCurrentDirectoryA
HeapFree
GetProcessHeap
EnterCriticalSection
InterlockedDecrement
SetEnvironmentVariableA
CompareStringW
CompareStringA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
FlushFileBuffers
SetStdHandle
CreateFileA
GetLastError
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
InterlockedIncrement
InterlockedExchange
Sleep
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetFileAttributesA
GetCurrentThreadId
GetCommandLineA
GetVersionExA
HeapAlloc
RtlUnwind
RaiseException
LCMapStringA
LCMapStringW
GetCPInfo
GetModuleHandleA
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
WriteFile
GetStdHandle
GetModuleFileNameA
SetHandleCount
GetFileType
GetStartupInfoA
CloseHandle
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
GetTimeZoneInformation
ExitProcess
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
HeapSize
GetACP
GetOEMCP
IsValidCodePage
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
SetFilePointer
GetConsoleCP
GetConsoleMode
LoadLibraryA
GetLocaleInfoW

ole32

CoInitialize
CoCreateInstance
OleRun
CoUninitialize

oleaut32

VariantClear
SysFreeString
SysAllocString
VariantInit
VariantCopy
VariantChangeType
GetErrorInfo

Exports

Exports

_CreateManagerImpl@0

Sections

.text
Size: 116KB - Virtual size: 113KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
GBox/GBox/gbox.YK000
.exe windows:4 windows x86 arch:x86

a9e398c1ae502a1ed32e65092f9d3edc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\17wow项目\GBox\release\GBox.pdb

Imports

gbmanager

_CreateManagerImpl@0

kernel32

HeapFree
HeapAlloc
HeapReAlloc
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetCommandLineA
GetProcessHeap
GetStartupInfoA
RtlUnwind
RaiseException
ExitProcess
ExitThread
CreateThread
HeapSize
SetStdHandle
GetFileType
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
Sleep
HeapDestroy
HeapCreate
VirtualFree
GetACP
SetErrorMode
LCMapStringA
LCMapStringW
SetHandleCount
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
GetFileTime
GetFileAttributesA
GetOEMCP
GetCPInfo
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
TlsGetValue
CreateFileA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
LocalAlloc
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
FileTimeToLocalFileTime
FileTimeToSystemTime
GetThreadLocale
WritePrivateProfileStringA
CreateEventA
SuspendThread
SetEvent
WaitForSingleObject
ResumeThread
SetThreadPriority
CloseHandle
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
lstrcmpA
FormatMessageA
LocalFree
GetCurrentProcessId
GetModuleFileNameA
MulDiv
FreeResource
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
LoadLibraryA
lstrcmpW
GetVersionExA
FreeLibrary
InterlockedDecrement
GetModuleFileNameW
SetLastError
GetModuleHandleA
GetProcAddress
InterlockedIncrement
CompareStringW
lstrlenA
GetVersion
CompareStringA
InterlockedExchange
GetTickCount
lstrlenW
GetLastError
GetPrivateProfileStringA
GetPrivateProfileIntA
MoveFileExA
FindResourceA
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
MultiByteToWideChar
DeleteFileA
GetTempPathA
GetCurrentDirectoryA
GlobalFree
GlobalReAlloc
GlobalUnlock
GlobalLock
GlobalAlloc
IsValidCodePage

user32

MessageBeep
RegisterClipboardFormatA
UnregisterClassA
GetSysColorBrush
PostThreadMessageA
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuState
GetWindowThreadProcessId
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
MoveWindow
SetWindowTextA
IsDialogMessageA
RegisterWindowMessageA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
GetNextDlgGroupItem
DispatchMessageA
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
TrackPopupMenu
SetForegroundWindow
UpdateWindow
GetMenu
GetMenuItemID
GetMenuItemCount
MessageBoxA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
GetSysColor
AdjustWindowRectEx
GetParent
ScreenToClient
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SystemParametersInfoA
GetWindowPlacement
GetWindow
UnhookWindowsHookEx
ReleaseCapture
SetFocus
SetWindowPos
GetDesktopWindow
GetFocus
SetCapture
InvalidateRgn
ReleaseDC
GetDC
GetWindowRect
EqualRect
IntersectRect
OffsetRect
IsRectEmpty
CopyRect
IsWindowEnabled
IsWindowVisible
GetWindowLongA
IsWindow
CopyAcceleratorTableA
CharUpperA
IsIconic
WindowFromPoint
CharNextA
DestroyMenu
SetWindowContextHelpId
MapDialogRect
PtInRect
CloseClipboard
SetTimer
GetMessageA
TranslateMessage
ValidateRect
PostQuitMessage
SetActiveWindow
GetActiveWindow
SetClipboardData
ShowWindow
EmptyClipboard
FillRect
PostMessageA
OpenClipboard
GetSubMenu
SetWindowLongA
LoadMenuA
GetCursorPos
DrawIconEx
KillTimer
LoadIconA
DrawIcon
GetSystemMetrics
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
SendMessageA
LoadBitmapA
InvalidateRect
LoadCursorA
EnableWindow
SetCursor
GetClientRect
SetRect
SetWindowRgn
LoadImageA
GetKeyState
GetAsyncKeyState

gdi32

SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
CreateBitmap
GetDeviceCaps
CreateSolidBrush
GetTextColor
SetBkMode
RestoreDC
MoveToEx
LineTo
SetMapMode
CreateCompatibleDC
GetObjectA
SaveDC
SetBkColor
SetTextColor
GetClipBox
GetRgnBox
CreateRectRgnIndirect
GetStockObject
CreateRoundRectRgn
CreatePen
Escape
GetBkColor
ExtTextOutA
StretchBlt
DPtoLP
TextOutA
GetViewportExtEx
RectVisible
PtVisible
CreateFontA
GetWindowExtEx
GetMapMode
CreateCompatibleBitmap
LPtoDP
DeleteDC
DeleteObject
CombineRgn
ExtCreateRegion
BitBlt
SelectObject
CreateDIBSection

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
ClosePrinter
DocumentPropertiesA

advapi32

RegQueryValueA
RegSetValueExA
RegCreateKeyExA
RegCloseKey
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegOpenKeyA

shell32

Shell_NotifyIconA
ShellExecuteA

comctl32

_TrackMouseEvent
InitCommonControlsEx

shlwapi

PathFindFileNameA
UrlUnescapeA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

oledlg

ord8

ole32

CoRevokeClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CLSIDFromString
CLSIDFromProgID
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoTaskMemAlloc
CoTaskMemFree
CoInitialize
CoUninitialize
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter

oleaut32

VariantCopy
OleCreateFontIndirect
SysAllocStringByteLen
VariantChangeType
SysAllocString
SafeArrayDestroy
VariantClear
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
VariantInit
SysFreeString
SysAllocStringLen

urlmon

URLDownloadToFileA

ws2_32

WSAStartup
WSACleanup
WSASetLastError

wininet

InternetCanonicalizeUrlA
InternetQueryOptionA
InternetQueryDataAvailable
InternetCloseHandle
InternetGetLastResponseInfoA
InternetOpenA
InternetSetStatusCallback
InternetSetFilePointer
InternetWriteFile
InternetReadFile
InternetOpenUrlA
InternetCrackUrlA

Sections

.text
Size: 292KB - Virtual size: 288KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 416KB - Virtual size: 415KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
GBox/GBox/log.YK014
GBox/GBox/res/mainplayerbg.YK010
GBox/GBox/res/start.YK007
GBox/GBox/unins000.YK000
.exe windows:1 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 600KB - Virtual size: 600KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 5KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
GBox/GBox/unins000.YK004
GBox/GBox/ykgamerun.YK000
.exe windows:5 windows x86 arch:x86

e1e4d300073cd04a1308a97932aaa857

Code Sign

04:00:00:00:00:01:2f:4e:e1:52:d7
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

13/04/2011, 10:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

33:65:50:08:79:ad:73:e2:30:b9:e0:1d:0d:7f:ac:91
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

17/11/2006, 00:00

Not After

30/12/2020, 23:59

Subject

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:a0:b7:36:95:dd:b1:af:c2:3b:2b:9a:18:ee:54:cb
Certificate

Issuer

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=thawte SHA256 Code Signing CA,O=thawte\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

11:21:06:a0:81:d3:3f:d8:7a:e5:82:4c:c1:6b:52:09:4e:03
Certificate

Issuer

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Not Before

03/02/2015, 00:00

Not After

03/03/2026, 00:00

Subject

CN=GlobalSign TSA for MS Authenticode - G2,O=GMO GlobalSign Pte Ltd,C=SG

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

1b:08:58:86:ed:cb:dc:10:aa:9c:52:5f:79:01:79:93
Certificate

Issuer

CN=thawte SHA256 Code Signing CA,O=thawte\, Inc.,C=US

Not Before

09/12/2015, 00:00

Not After

07/01/2018, 23:59

Subject

CN=Wuhan Yu Ku of Network Technology Co.\, Ltd,OU=Ministry of Technology,O=Wuhan Yu Ku of Network Technology Co.\, Ltd,L=wuhan,ST=hubei,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

f3:3b:ed:c0:11:80:a6:71:61:26:20:ee:db:53:13:1c:db:97:61:7c
Signer

Actual PE Digest

f3:3b:ed:c0:11:80:a6:71:61:26:20:ee:db:53:13:1c:db:97:61:7c

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\svn项目大全\danjirungame\Release\GameRun.pdb

Imports

kernel32

IsValidLocale
EnumSystemLocalesA
GetProcessHeap
SetEnvironmentVariableA
GetLocaleInfoA
WriteConsoleW
LCMapStringW
GetStringTypeW
IsProcessorFeaturePresent
GetConsoleMode
GetConsoleCP
GetTimeZoneInformation
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
QueryPerformanceCounter
HeapCreate
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStdHandle
SetUnhandledExceptionFilter
GetFileType
SetStdHandle
HeapSize
HeapQueryInformation
ExitProcess
HeapReAlloc
RaiseException
RtlUnwind
VirtualQuery
GetSystemInfo
VirtualAlloc
ExitThread
GetDateFormatW
GetTimeFormatW
GetSystemTimeAsFileTime
DecodePointer
EncodePointer
HeapFree
HeapAlloc
GetStartupInfoW
HeapSetInformation
GetCommandLineW
FindResourceExW
GetUserDefaultLCID
VirtualProtect
SearchPathW
Sleep
GetProfileIntW
GetTempFileNameW
GetNumberFormatW
GetWindowsDirectoryW
GetTickCount
lstrcpyW
GlobalFlags
SetErrorMode
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
InterlockedDecrement
ReleaseActCtx
CreateActCtxW
GetPrivateProfileIntW
SetThreadPriority
GetFileTime
GetFileSizeEx
GetFileAttributesW
SetFileTime
SystemTimeToFileTime
LocalFileTimeToFileTime
FileTimeToLocalFileTime
SetFileAttributesW
GetFileAttributesExW
GetCurrentProcessId
lstrcmpA
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoW
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
GetVersionExW
FreeLibrary
CompareStringW
lstrcmpW
InterlockedIncrement
GlobalGetAtomNameW
GetFullPathNameW
GetVolumeInformationW
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
ActivateActCtx
LoadLibraryW
DeactivateActCtx
DeleteFileW
GetModuleHandleW
GetProcAddress
CreateFileW
lstrcmpiW
GetThreadLocale
SetLastError
CopyFileW
GlobalSize
FormatMessageW
LocalFree
ResetEvent
SetEvent
FreeResource
GlobalAlloc
ResumeThread
GlobalFree
MulDiv
GlobalUnlock
GlobalLock
CreateEventW
WritePrivateProfileStringW
GetPrivateProfileStringW
FileTimeToSystemTime
GetModuleFileNameW
GetLocalTime
FindNextFileW
FindClose
FindFirstFileW
GetCurrentDirectoryW
InterlockedExchange
EnterCriticalSection
LeaveCriticalSection
CloseHandle
WaitForSingleObject
GetTempPathW
CreateProcessW
CreateThread
FindResourceW
LoadResource
LockResource
SizeofResource
MultiByteToWideChar
lstrlenA
GetLastError
WideCharToMultiByte
lstrlenW

user32

DeleteMenu
WaitMessage
RealChildWindowFromPoint
SystemParametersInfoW
DestroyMenu
GetMenuItemInfoW
InflateRect
ReleaseCapture
SetCapture
InvalidateRgn
IntersectRect
IsRectEmpty
CopyAcceleratorTableW
GetSysColorBrush
LoadMenuW
GetDesktopWindow
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
WindowFromPoint
DrawStateW
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
ShowOwnedPopups
GetMessageW
TranslateMessage
GetActiveWindow
ValidateRect
GetWindowThreadProcessId
SetWindowContextHelpId
MapDialogRect
PostQuitMessage
IsWindowEnabled
MoveWindow
SetWindowTextW
IsDialogMessageW
CheckDlgButton
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuW
EnableMenuItem
CheckMenuItem
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetFocus
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageW
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
DestroyWindow
NotifyWinEvent
GetMessageTime
GetMessagePos
PeekMessageW
MonitorFromWindow
GetMonitorInfoW
MapWindowPoints
ScrollWindow
SetRectEmpty
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
UpdateWindow
MessageBoxW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
DefWindowProcW
CallWindowProcW
GetMenu
SetWindowLongW
IsWindow
GetDlgItem
GetWindowLongW
OffsetRect
GetDlgCtrlID
GetWindow
CharNextW
CharUpperW
GetMenuState
GetMenuStringW
AppendMenuW
GetMenuItemID
InsertMenuW
GetAsyncKeyState
IsZoomed
UnionRect
GetMenuItemCount
GetSubMenu
EnableWindow
SetWindowRgn
LoadIconW
SendMessageW
EnableScrollBar
RemoveMenu
GetParent
CopyRect
GetSysColor
FillRect
InvalidateRect
ReleaseDC
GetDC
SetRect
LoadBitmapW
SetWindowPos
LoadCursorW
SetCursor
GetCursorPos
GetWindowRect
GetWindowRgn
UpdateLayeredWindow
DestroyCursor
MonitorFromPoint
SubtractRect
GetDoubleClickTime
GetUpdateRect
IsClipboardFormatAvailable
CreateMenu
KillTimer
IsWindowVisible
SetForegroundWindow
SetTimer
PtInRect
ScreenToClient
ShowWindow
PostMessageW
DrawIcon
GetClientRect
GetSystemMetrics
IsIconic
EnumDisplayMonitors
SetLayeredWindowAttributes
GetNextDlgGroupItem
MessageBeep
DestroyIcon
UnregisterClassW
GetSystemMenu
TrackPopupMenu
RedrawWindow
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcW
DefFrameProcW
MapVirtualKeyExW
IsCharLowerW
GetKeyNameTextW
PostThreadMessageW
CharUpperBuffW
CopyIcon
FrameRect
EmptyClipboard
CloseClipboard
SetClipboardData
OpenClipboard
LockWindowUpdate
SetCursorPos
CreateAcceleratorTableW
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
DrawFrameControl
DrawEdge
SetClassLongW
DestroyAcceleratorTable
SetParent
UnpackDDElParam
ReuseDDElParam
LoadAcceleratorsW
InsertMenuItemW
BringWindowToTop
TranslateAcceleratorW
DrawIconEx
LoadImageW
CopyImage
GetIconInfo
HideCaret
DrawFocusRect
InvertRect
MapVirtualKeyW
RegisterClipboardFormatW
GetMenuDefaultItem
SetMenuDefaultItem
CreatePopupMenu
IsMenu
UnhookWindowsHookEx

gdi32

SetMapMode
GetClipBox
ExcludeClipRect
IntersectClipRect
LineTo
MoveToEx
SetTextAlign
GetLayout
SetLayout
SelectClipRgn
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
GetPixel
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
CreatePatternBrush
SelectPalette
GetObjectType
CreatePen
CreateHatchBrush
SetStretchBltMode
GetRgnBox
CreateFontIndirectW
CreateDIBitmap
GetTextMetricsW
EnumFontFamiliesW
GetTextCharsetInfo
SetRectRgn
CombineRgn
GetMapMode
PatBlt
DPtoLP
CreateRoundRectRgn
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
CreateEllipticRgn
Polyline
Ellipse
Polygon
OffsetRgn
SetPixel
Rectangle
EnumFontFamiliesExW
ExtFloodFill
SetPaletteEntries
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
SetPixelV
GetTextFaceW
SetPolyFillMode
SetROP2
SetBkMode
RestoreDC
SaveDC
CreateBitmap
SetBkColor
SetTextColor
GetTextColor
GetBkColor
CreateDCW
CopyMetaFileW
GetTextExtentPoint32W
CreateFontW
CreateDIBSection
SetDIBColorTable
CreateCompatibleBitmap
BitBlt
GetDeviceCaps
GetObjectW
CreateCompatibleDC
GetDIBColorTable
StretchBlt
SelectObject
DeleteDC
DeleteObject
GetStockObject
CreateRectRgnIndirect
CreatePolygonRgn
CreateSolidBrush

msimg32

TransparentBlt
AlphaBlend

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegQueryValueExW
RegCloseKey
RegSetValueExW
RegCreateKeyExW
RegDeleteValueW
RegDeleteKeyW
RegEnumKeyW
RegQueryValueW
RegEnumValueW
RegOpenKeyExW
RegEnumKeyExW

shell32

DragQueryFileW
DragFinish
SHGetDesktopFolder
SHGetFileInfoW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetMalloc
SHGetFolderPathW
ShellExecuteW
SHBrowseForFolderW
SHAppBarMessage

comctl32

ord17
_TrackMouseEvent
ImageList_GetIconSize

shlwapi

UrlUnescapeW
PathFindFileNameW
PathFindExtensionW
PathIsUNCW
PathStripToRootW
StrCmpW
PathFileExistsW
PathRemoveFileSpecW

ole32

OleGetClipboard
CoUninitialize
CoInitialize
CoCreateInstance
CreateStreamOnHGlobal
CoTaskMemFree
ReleaseStgMedium
CoTaskMemAlloc
OleDuplicateData
CoCreateGuid
CLSIDFromProgID
CLSIDFromString
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoFreeUnusedLibraries
OleIsCurrentClipboard
OleFlushClipboard
DoDragDrop
CoRevokeClassObject
CoRegisterMessageFilter
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleLockRunning
OleUninitialize
OleInitialize
CoInitializeEx
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop

oleaut32

VariantChangeType
VariantInit
SysAllocString
VariantCopy
VariantClear
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
VarBstrFromDate
OleCreateFontIndirect
SysAllocStringLen
SysFreeString

oledlg

OleUIBusyW

gdiplus

GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateBitmapFromHBITMAP
GdipReleaseDC
GdipCreateFromHDC
GdipCreateBitmapFromStream
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImagePaletteSize
GdipGetImagePalette
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipCreateBitmapFromScan0
GdipCloneImage
GdipAlloc
GdipFree
GdipDisposeImage
GdipGetImageGraphicsContext
GdipDeleteGraphics
GdipDrawImageI
GdiplusShutdown
GdiplusStartup

wininet

InternetOpenW
InternetConnectW
HttpOpenRequestW
HttpAddRequestHeadersW
HttpSendRequestW
HttpQueryInfoW
InternetReadFile
InternetOpenUrlW
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallbackW
InternetGetLastResponseInfoW
InternetQueryDataAvailable
InternetQueryOptionW
InternetCanonicalizeUrlW
DeleteUrlCacheEntryW
InternetCheckConnectionW
InternetCloseHandle
InternetCrackUrlW

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundW

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 299KB - Virtual size: 298KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 801KB - Virtual size: 801KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 175KB - Virtual size: 174KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
GBox/点此安装游戏.exe
.exe windows:5 windows x86 arch:x86

8600520fca2af215fc7569a6bad4b18f

Code Sign

04:00:00:00:00:01:2f:4e:e1:52:d7
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

13/04/2011, 10:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

33:65:50:08:79:ad:73:e2:30:b9:e0:1d:0d:7f:ac:91
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

17/11/2006, 00:00

Not After

30/12/2020, 23:59

Subject

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:a0:b7:36:95:dd:b1:af:c2:3b:2b:9a:18:ee:54:cb
Certificate

Issuer

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=thawte SHA256 Code Signing CA,O=thawte\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

11:21:d6:99:a7:64:97:3e:f1:f8:42:7e:e9:19:cc:53:41:14
Certificate

Issuer

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Not Before

24/05/2016, 00:00

Not After

24/06/2027, 00:00

Subject

CN=GlobalSign TSA for MS Authenticode - G2,O=GMO GlobalSign Pte Ltd,C=SG

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

1b:08:58:86:ed:cb:dc:10:aa:9c:52:5f:79:01:79:93
Certificate

Issuer

CN=thawte SHA256 Code Signing CA,O=thawte\, Inc.,C=US

Not Before

09/12/2015, 00:00

Not After

07/01/2018, 23:59

Subject

CN=Wuhan Yu Ku of Network Technology Co.\, Ltd,OU=Ministry of Technology,O=Wuhan Yu Ku of Network Technology Co.\, Ltd,L=wuhan,ST=hubei,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

21:fb:d4:b7:80:ed:11:aa:55:5a:7b:47:4e:a7:94:6b:10:50:f6:71
Signer

Actual PE Digest

21:fb:d4:b7:80:ed:11:aa:55:5a:7b:47:4e:a7:94:6b:10:50:f6:71

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\svn项目大全\99Setup-For2014\Release\XKSetup.pdb

Imports

kernel32

DuplicateHandle
GetCurrentProcess
SystemTimeToFileTime
DosDateTimeToFileTime
SetFileTime
SetEnvironmentVariableA
SetEndOfFile
CreateFileA
SetStdHandle
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetTimeZoneInformation
GetStringTypeW
FlushFileBuffers
SetHandleCount
GetConsoleMode
GetConsoleCP
GetLocaleInfoW
IsValidCodePage
GetOEMCP
HeapCreate
GetFileType
SetLastError
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
IsProcessorFeaturePresent
TerminateProcess
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
CompareStringW
GetCPInfo
LCMapStringW
GetStartupInfoW
HeapSetInformation
GetCommandLineA
WriteConsoleW
GetSystemTimeAsFileTime
RtlUnwind
LocalFree
DecodePointer
EncodePointer
InitializeCriticalSection
Sleep
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
ExitProcess
GetACP
GetFileSize
ReadFile
GetCurrentDirectoryW
GetTickCount
MulDiv
OutputDebugStringW
GetLocalTime
CreateThread
GetTempPathW
GetVersionExW
GetLogicalDriveStringsW
GetDriveTypeW
GetDiskFreeSpaceExW
FreeResource
LoadLibraryW
LoadLibraryExW
FreeLibrary
lstrcmpiW
InterlockedDecrement
InterlockedIncrement
GetProcAddress
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
RaiseException
CreateDirectoryW
GetModuleHandleW
DeleteFileW
CopyFileW
GetCurrentProcessId
OpenProcess
FindFirstFileW
FindNextFileW
FindClose
CreateFileW
SetFilePointer
WriteFile
lstrlenA
MultiByteToWideChar
lstrlenW
WideCharToMultiByte
GetStdHandle
CreateProcessW
WaitForSingleObject
CloseHandle
GetVersion
GetModuleFileNameW
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
GetCurrentThreadId
GetLastError

user32

DestroyIcon
DrawIconEx
SetTimer
KillTimer
UpdateLayeredWindow
GetUpdateRect
DrawTextW
CharPrevW
wsprintfW
CharNextW
PostQuitMessage
CreateWindowExW
GetClientRect
ScreenToClient
SetWindowRgn
GetWindowRect
SetWindowLongW
SetRect
LoadIconW
OffsetRect
InflateRect
wvsprintfW
GetClassInfoExW
RegisterClassExW
RegisterClassW
IsIconic
GetWindowLongW
SendMessageW
SetWindowPos
ShowWindow
DestroyWindow
ReleaseDC
GetDC
ReleaseCapture
SetCapture
FillRect
InvalidateRect
InvalidateRgn
DefWindowProcW
EndPaint
BeginPaint
IntersectRect
CreateAcceleratorTableW
MoveWindow
SetCursor
LoadCursorW
PtInRect
GetMonitorInfoW
MonitorFromWindow
MapWindowPoints
IsZoomed
GetParent
GetCursorPos
GetKeyState
GetWindowTextW
GetWindowTextLengthW
SetWindowTextW
SetFocus
EnableWindow
MessageBoxW
GetFocus
IsRectEmpty
CreateCaret
HideCaret
ShowCaret
SetCaretPos
ClientToScreen
GetSysColor
IsWindow
DispatchMessageW
TranslateMessage
GetMessageW
PostMessageW
SetPropW
GetPropW
CallWindowProcW
GetWindow
SystemParametersInfoW
LoadImageW

gdi32

PtInRegion
CreateCompatibleDC
SelectObject
GetPixel
CreateRectRgn
CombineRgn
CreateFontIndirectW
GetObjectW
GetObjectA
SetBkMode
SetTextColor
CreateSolidBrush
GetStockObject
GetDeviceCaps
CreateRoundRectRgn
DeleteObject
ExtTextOutW
SetBkColor
LineTo
MoveToEx
CreatePenIndirect
RoundRect
TextOutW
GetCharABCWidthsW
BitBlt
CreateCompatibleBitmap
GetTextMetricsW
CreatePen
DeleteDC
SetWindowOrgEx
Rectangle
RestoreDC
SaveDC
CreateDIBSection
SelectClipRgn
ExtSelectClipRgn
CreateRectRgnIndirect
GetClipBox
GetTextExtentPoint32W
SetStretchBltMode
StretchBlt

advapi32

RegCreateKeyExW
RegCloseKey
RegOpenKeyExW
RegDeleteValueW
RegEnumKeyExW
RegQueryInfoKeyW
RegDeleteKeyW
RegSetValueExW
RegCreateKeyW
RegOpenKeyW
RegQueryValueExW

shell32

Shell_NotifyIconW
ShellExecuteW
SHGetSpecialFolderPathW
SHGetFolderPathW
SHGetSpecialFolderLocation
SHBrowseForFolderW
SHGetPathFromIDListW
SHGetMalloc
ShellExecuteExW
SHFileOperationW

ole32

CLSIDFromString
CLSIDFromProgID
OleLockRunning
OleInitialize
OleUninitialize
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CoInitialize
CoUninitialize
CoCreateInstance

oleaut32

OleLoadPicturePath
VariantClear
VariantInit
SysAllocString
VarUI4FromStr
SysFreeString

shlwapi

StrCmpW
StrCpyW
StrCatW
PathAppendW
PathFileExistsW

gdiplus

GdipCloneBrush
GdipCreateFontFromLogfontA
GdipCreateFontFromDC
GdipSetTextRenderingHint
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipCreateLineBrushI
GdipDeleteFont
GdipDeleteStringFormat
GdipCreateStringFormat
GdipDeleteBrush
GdipCreateFromHDC
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipImageSelectActiveFrame
GdipImageGetFrameCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameDimensionsCount
GdipLoadImageFromFileICM
GdipLoadImageFromFile
GdipCloneImage
GdiplusStartup
GdiplusShutdown
GdipDrawImageI
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipDrawString

winmm

timeSetEvent
timeGetDevCaps
timeBeginPeriod
timeKillEvent
timeEndPeriod
timeGetTime

comctl32

ord17
_TrackMouseEvent

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

wininet

InternetOpenUrlW
InternetOpenW
InternetConnectW
HttpQueryInfoW
HttpAddRequestHeadersW
HttpSendRequestW
InternetCrackUrlW
InternetReadFile
InternetCloseHandle
HttpOpenRequestW

Sections

.text
Size: 513KB - Virtual size: 512KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 126KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7.9MB - Virtual size: 7.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8d14b914b780ff4ce65f0d41e0e884b2

Code Sign

33:65:50:08:79:ad:73:e2:30:b9:e0:1d:0d:7f:ac:91Certificate

Key Usages

09:7e:d4:aa:54:da:96:dd:a0:b6:31:ef:1d:ce:7f:03Certificate

Extended Key Usages

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:beCertificate

Extended Key Usages

Key Usages

47:97:4d:78:73:a5:bc:ab:0d:2f:b3:70:19:2f:ce:5eCertificate

Extended Key Usages

Key Usages

31:7f:66:d1:d6:c1:b5:c4:af:33:49:1f:4b:4b:c1:dc:67:3e:72:6dSigner

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

wininet

winmm

comctl32

gdiplus

Exports

Exports

Sections

.text Size: 571KB - Virtual size: 570KB

.rdata Size: 239KB - Virtual size: 239KB

.data Size: 11KB - Virtual size: 23KB

.rsrc Size: 204KB - Virtual size: 204KB

.reloc Size: 38KB - Virtual size: 37KB

2a3f01c62f6b125578883c5607ba36c5

Code Sign

33:65:50:08:79:ad:73:e2:30:b9:e0:1d:0d:7f:ac:91Certificate

Key Usages

22:17:1a:6c:13:4e:71:95:7d:ce:f3:5d:91:4c:22:d5Certificate

Extended Key Usages

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:beCertificate

Extended Key Usages

Key Usages

47:97:4d:78:73:a5:bc:ab:0d:2f:b3:70:19:2f:ce:5eCertificate

Extended Key Usages

Key Usages

e7:79:75:a9:88:6d:7c:ce:85:43:f5:11:77:af:9f:ed:31:9e:ca:84Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

shlwapi

winmm

comctl32

gdiplus

ws2_32

wininet

d3d9

Sections

.text Size: 663KB - Virtual size: 663KB

.rdata Size: 126KB - Virtual size: 126KB

.data Size: 14KB - Virtual size: 38KB

33:65:50:08:79:ad:73:e2:30:b9:e0:1d:0d:7f:ac:91
Certificate

09:7e:d4:aa:54:da:96:dd:a0:b6:31:ef:1d:ce:7f:03
Certificate

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

47:97:4d:78:73:a5:bc:ab:0d:2f:b3:70:19:2f:ce:5e
Certificate

31:7f:66:d1:d6:c1:b5:c4:af:33:49:1f:4b:4b:c1:dc:67:3e:72:6d
Signer

.text
Size: 571KB - Virtual size: 570KB

.rdata
Size: 239KB - Virtual size: 239KB

.data
Size: 11KB - Virtual size: 23KB

.rsrc
Size: 204KB - Virtual size: 204KB

.reloc
Size: 38KB - Virtual size: 37KB

33:65:50:08:79:ad:73:e2:30:b9:e0:1d:0d:7f:ac:91
Certificate

22:17:1a:6c:13:4e:71:95:7d:ce:f3:5d:91:4c:22:d5
Certificate

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

47:97:4d:78:73:a5:bc:ab:0d:2f:b3:70:19:2f:ce:5e
Certificate

e7:79:75:a9:88:6d:7c:ce:85:43:f5:11:77:af:9f:ed:31:9e:ca:84
Signer

.text
Size: 663KB - Virtual size: 663KB

.rdata
Size: 126KB - Virtual size: 126KB

.data
Size: 14KB - Virtual size: 38KB

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

.reloc
Size: 52KB - Virtual size: 52KB

.text
Size: 116KB - Virtual size: 113KB

.rdata
Size: 24KB - Virtual size: 21KB

.data
Size: 8KB - Virtual size: 13KB

.rsrc
Size: 4KB - Virtual size: 176B

.reloc
Size: 12KB - Virtual size: 9KB

.rmnet
Size: 60KB - Virtual size: 60KB

.rmnet
Size: 60KB - Virtual size: 60KB

.text
Size: 292KB - Virtual size: 288KB

.rdata
Size: 76KB - Virtual size: 72KB

.data
Size: 12KB - Virtual size: 27KB

.rsrc
Size: 416KB - Virtual size: 415KB

.rmnet
Size: 60KB - Virtual size: 60KB

.rmnet
Size: 60KB - Virtual size: 60KB

CODE
Size: 600KB - Virtual size: 600KB

DATA
Size: 4KB - Virtual size: 4KB

BSS
Size: - Virtual size: 5KB

.idata
Size: 9KB - Virtual size: 9KB

.tls
Size: - Virtual size: 8B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: - Virtual size: 34KB

.rsrc
Size: 84KB - Virtual size: 84KB

04:00:00:00:00:01:2f:4e:e1:52:d7
Certificate

33:65:50:08:79:ad:73:e2:30:b9:e0:1d:0d:7f:ac:91
Certificate

71:a0:b7:36:95:dd:b1:af:c2:3b:2b:9a:18:ee:54:cb
Certificate