hetman_partition_recovery (1)[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

hetman_partition_recovery (1).exe
Size

14.4MB
MD5

2e38acafdd1217158022eb20bfb375dc
SHA1

9409779c5c5b1c435621fe092f1cdedd6cf0444e
SHA256

66e9f4d03e67dbcbd9d3a13bfc45b2c11e712b677e990e8ea1b405b60a3a40b2
SHA512

e6f8b3021fee20d4dfdda272f63ec4a23d61809b4b83b7fcfb8bcd8e7d3e554f7f103e14f748d060c2839fe537c04cf8a0f6dfa8244fcb570d8e6ba7e465201e
SSDEEP

393216:BI4dmkHNSQu2lFIEoLKjEGUln1jQdDSrzYlBEHZ:BJHNS7rEoLCP6BCfY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/$PLUGINSDIR/InstallOptions.dll

Files

hetman_partition_recovery (1).exe
.exe windows:5 windows x86 arch:x86

be41bf7b8cc010b614bd36bbca606973

Code Sign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10-05-2010 00:00

Not After

10-05-2015 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

cd:5d:11:0f:fb:97:fa:9e:bb:c2:ed:ee:b7:2c:c1:6a
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

13-04-2015 00:00

Not After

12-04-2016 23:59

Subject

CN=Hetman Software,O=Hetman Software,POSTALCODE=07500,STREET=Komsomolskaya street\, 13/2,L=Baryshevka,ST=Kievskaya,C=UA

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

27:66:ee:56:eb:49:f3:8e:ab:d7:70:a2:fc:84:de:22
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

30-05-2000 10:48

Not After

30-05-2020 10:48

Subject

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09-05-2013 00:00

Not After

08-05-2028 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:72:1a:79:87:32:8a:56:35:5d:cf:fc:2e:1a:35:b8:11:49:66:11
Signer

Actual PE Digest

0e:72:1a:79:87:32:8a:56:35:5d:cf:fc:2e:1a:35:b8:11:49:66:11

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileTime
CompareFileTime
SearchPathW
GetShortPathNameW
GetFullPathNameW
MoveFileW
SetCurrentDirectoryW
GetFileAttributesW
GetLastError
CreateDirectoryW
SetFileAttributesW
Sleep
GetTickCount
GetFileSize
GetModuleFileNameW
GetCurrentProcess
CopyFileW
ExitProcess
GetWindowsDirectoryW
GetTempPathW
GetCommandLineW
SetErrorMode
lstrcpynA
CloseHandle
lstrcpynW
GetDiskFreeSpaceW
GlobalUnlock
GlobalLock
CreateThread
LoadLibraryW
CreateProcessW
lstrcmpiA
CreateFileW
GetTempFileNameW
lstrcatW
GetProcAddress
LoadLibraryA
GetModuleHandleA
OpenProcess
lstrcpyW
GetVersionExW
GetSystemDirectoryW
GetVersion
lstrcpyA
RemoveDirectoryW
lstrcmpA
lstrcmpiW
lstrcmpW
ExpandEnvironmentStringsW
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GlobalFree
GetModuleHandleW
LoadLibraryExW
FreeLibrary
WritePrivateProfileStringW
GetPrivateProfileStringW
WideCharToMultiByte
lstrlenA
MulDiv
WriteFile
ReadFile
MultiByteToWideChar
SetFilePointer
FindClose
FindNextFileW
FindFirstFileW
DeleteFileW
lstrlenW

user32

GetAsyncKeyState
IsDlgButtonChecked
ScreenToClient
GetMessagePos
CallWindowProcW
IsWindowVisible
LoadBitmapW
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
TrackPopupMenu
GetWindowRect
AppendMenuW
CreatePopupMenu
GetSystemMetrics
EndDialog
EnableMenuItem
GetSystemMenu
SetClassLongW
IsWindowEnabled
SetWindowPos
DialogBoxParamW
CheckDlgButton
CreateWindowExW
SystemParametersInfoW
RegisterClassW
SetDlgItemTextW
GetDlgItemTextW
MessageBoxIndirectW
CharNextA
CharUpperW
CharPrevW
wvsprintfW
DispatchMessageW
PeekMessageW
wsprintfA
DestroyWindow
CreateDialogParamW
SetTimer
SetWindowTextW
PostQuitMessage
SetForegroundWindow
ShowWindow
wsprintfW
SendMessageTimeoutW
LoadCursorW
SetCursor
GetWindowLongW
GetSysColor
CharNextW
GetClassInfoW
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongW
LoadImageW
GetDC
EnableWindow
InvalidateRect
SendMessageW
DefWindowProcW
BeginPaint
GetClientRect
FillRect
DrawTextW
EndPaint
FindWindowExW

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectW
SetBkMode
SetTextColor
SelectObject

shell32

SHBrowseForFolderW
SHGetPathFromIDListW
SHGetFileInfoW
ShellExecuteW
SHFileOperationW
SHGetSpecialFolderLocation

advapi32

RegEnumKeyW
RegOpenKeyExW
RegCloseKey
RegDeleteKeyW
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
RegQueryValueExW
RegEnumValueW

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

Sections

.text
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 415KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 580KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/InstallOptions.dll
.dll windows:5 windows x86 arch:x86

cd90e33ffbc335413a25300c682c83df

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcmpiW
GetModuleHandleW
GlobalLock
GlobalUnlock
GetCurrentDirectoryW
SetCurrentDirectoryW
GetPrivateProfileIntW
GetPrivateProfileStringW
lstrcatW
WritePrivateProfileStringW
lstrcpynW
lstrlenW
lstrcpyW
GlobalFree
GlobalAlloc

user32

OpenClipboard
DestroyIcon
LoadCursorW
DispatchMessageW
TranslateMessage
GetMessageW
IsDialogMessageW
ShowWindow
SetWindowLongW
GetClientRect
SetWindowRgn
LoadIconW
LoadImageW
CreateWindowExW
MapDialogRect
GetClipboardData
GetWindowRect
CreateDialogParamW
EnableMenuItem
GetSystemMenu
EnableWindow
GetDlgItem
SetCursor
DrawTextW
GetWindowLongW
DrawFocusRect
CallWindowProcW
PostMessageW
wsprintfW
CharNextW
MessageBoxW
CloseClipboard
GetDlgCtrlID
MapWindowPoints
SetWindowPos
PtInRect
GetWindowTextW
SetWindowTextW
SendMessageW
DestroyWindow

gdi32

SelectObject
CreateRectRgn
GetObjectW
CombineRgn
DeleteObject
CreateCompatibleDC
GetDIBits
SetTextColor

shell32

SHBrowseForFolderW
SHGetPathFromIDListW
ShellExecuteW
SHGetDesktopFolder

comdlg32

GetOpenFileNameW
CommDlgExtendedError
GetSaveFileNameW

ole32

CoTaskMemFree

Exports

Exports

dialog
initDialog
show

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/Options_English.ini
$PLUGINSDIR/ioSpecial.ini
$PLUGINSDIR/modern-wizard.bmp
Hetman Partition Recovery.chm
.chm
Hetman Partition Recovery.exe
.exe windows:5 windows x86 arch:x86

581756560dd3961ceef1582573677d79

Code Sign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10-05-2010 00:00

Not After

10-05-2015 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

cd:5d:11:0f:fb:97:fa:9e:bb:c2:ed:ee:b7:2c:c1:6a
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

13-04-2015 00:00

Not After

12-04-2016 23:59

Subject

CN=Hetman Software,O=Hetman Software,POSTALCODE=07500,STREET=Komsomolskaya street\, 13/2,L=Baryshevka,ST=Kievskaya,C=UA

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

27:66:ee:56:eb:49:f3:8e:ab:d7:70:a2:fc:84:de:22
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

30-05-2000 10:48

Not After

30-05-2020 10:48

Subject

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09-05-2013 00:00

Not After

08-05-2028 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

7e:b2:a0:8b:60:c1:03:f7:d1:80:7b:8d:3c:af:14:56:69:aa:03:19
Signer

Actual PE Digest

7e:b2:a0:8b:60:c1:03:f7:d1:80:7b:8d:3c:af:14:56:69:aa:03:19

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

oleaut32

SysFreeString
SysReAllocStringLen
SysAllocStringLen
CreateErrorInfo
GetErrorInfo
SetErrorInfo
GetActiveObject
UnRegisterTypeLib
RegisterTypeLib
LoadTypeLib
VariantInit
SafeArrayCopy
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayRedim
SafeArrayDestroy
SafeArrayDestroyDescriptor
SafeArrayCreate
SafeArrayAllocData
SafeArrayAllocDescriptor
SysStringByteLen
SysFreeString
SysAllocString
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayGetElement
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayCreate
VariantChangeType
VariantCopyInd
VariantCopy
VariantClear
VariantInit

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCloseKey
RegUnLoadKeyW
RegSetValueExA
RegSetValueExW
RegSaveKeyW
RegRestoreKeyW
RegReplaceKeyW
RegQueryValueExA
RegQueryValueExW
RegQueryValueW
RegQueryInfoKeyW
RegOpenKeyExA
RegOpenKeyExW
RegLoadKeyW
RegFlushKey
RegEnumValueW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyA
RegDeleteKeyW
RegCreateKeyExA
RegCreateKeyExW
RegConnectRegistryW
RegCloseKey
OpenThreadToken
OpenProcessToken
GetUserNameW
GetTokenInformation
FreeSid
EqualSid
AllocateAndInitializeSid

user32

LoadStringW
MessageBoxA
CharNextW
CreateWindowExW
WindowFromPoint
WinHelpW
WaitMessage
ValidateRect
UpdateWindow
UnregisterClassW
UnionRect
UnhookWindowsHookEx
TranslateMessage
TranslateMDISysAccel
TrackPopupMenu
ToAscii
SystemParametersInfoW
SubtractRect
ShowWindow
ShowScrollBar
ShowOwnedPopups
ShowCaret
SetWindowRgn
SetWindowsHookExW
SetWindowTextW
SetWindowPos
SetWindowPlacement
SetWindowLongW
SetTimer
SetScrollRange
SetScrollPos
SetScrollInfo
SetRect
SetPropW
SetParent
SetMenuItemInfoW
SetMenu
SetKeyboardState
SetForegroundWindow
SetFocus
SetCursorPos
SetCursor
SetClipboardData
SetClassLongW
SetCaretPos
SetCapture
SetActiveWindow
SendMessageA
SendMessageW
ScrollWindowEx
ScrollWindow
ScrollDC
ScreenToClient
RemovePropW
RemoveMenu
ReleaseDC
ReleaseCapture
RegisterWindowMessageW
RegisterClipboardFormatW
RegisterClassW
RedrawWindow
PtInRect
PostQuitMessage
PostMessageW
PeekMessageA
PeekMessageW
OpenClipboard
OffsetRect
OemToCharA
NotifyWinEvent
MsgWaitForMultipleObjectsEx
MsgWaitForMultipleObjects
MoveWindow
MessageBoxA
MessageBoxW
MessageBeep
MapWindowPoints
MapVirtualKeyW
LockWindowUpdate
LoadStringA
LoadStringW
LoadKeyboardLayoutW
LoadIconW
LoadCursorW
LoadBitmapW
KillTimer
IsZoomed
IsWindowVisible
IsWindowUnicode
IsWindowEnabled
IsWindow
IsRectEmpty
IsIconic
IsDialogMessageA
IsDialogMessageW
IsClipboardFormatAvailable
IsChild
IsCharAlphaNumericW
IsCharAlphaW
InvertRect
InvalidateRect
IntersectRect
InsertMenuItemW
InsertMenuW
InflateRect
HideCaret
GetWindowThreadProcessId
GetWindowTextW
GetWindowRect
GetWindowPlacement
GetWindowLongA
GetWindowLongW
GetWindowDC
GetUpdateRect
GetTopWindow
GetSystemMetrics
GetSystemMenu
GetSysColorBrush
GetSysColor
GetSubMenu
GetScrollRange
GetScrollPos
GetScrollInfo
GetPropW
GetParent
GetWindow
GetMessageTime
GetMessagePos
GetMessageExtraInfo
GetMenuStringW
GetMenuState
GetMenuItemInfoW
GetMenuItemID
GetMenuItemCount
GetMenu
GetLastActivePopup
GetKeyboardState
GetKeyboardLayoutNameW
GetKeyboardLayoutList
GetKeyboardLayout
GetKeyState
GetKeyNameTextW
GetIconInfo
GetForegroundWindow
GetFocus
GetDoubleClickTime
GetDlgItem
GetDlgCtrlID
GetDesktopWindow
GetDCEx
GetDC
GetCursorPos
GetCursor
GetClipboardFormatNameW
GetClipboardData
GetClientRect
GetClassNameW
GetClassLongW
GetClassInfoW
GetCaretPos
GetCapture
GetAsyncKeyState
GetActiveWindow
FrameRect
FindWindowExW
FindWindowW
FillRect
EqualRect
EnumWindows
EnumThreadWindows
EnumClipboardFormats
EnumChildWindows
EndPaint
EndMenu
EndDeferWindowPos
EnableWindow
EnableScrollBar
EnableMenuItem
EmptyClipboard
DrawTextExW
DrawTextW
DrawStateW
DrawMenuBar
DrawIconEx
DrawIcon
DrawFrameControl
DrawFocusRect
DrawEdge
DispatchMessageA
DispatchMessageW
DestroyWindow
DestroyMenu
DestroyIcon
DestroyCursor
DestroyCaret
DeleteMenu
DeferWindowPos
DefWindowProcW
DefMDIChildProcW
DefFrameProcW
CreatePopupMenu
CreateMenu
CreateIcon
CreateCaret
CreateAcceleratorTableW
CountClipboardFormats
CopyImage
CopyIcon
CloseClipboard
ClientToScreen
ChildWindowFromPoint
CheckMenuItem
CharUpperBuffW
CharUpperW
CharNextW
CharLowerBuffW
CharLowerW
CallWindowProcW
CallNextHookEx
BeginPaint
BeginDeferWindowPos
CharNextA
CharLowerBuffA
CharLowerA
CharUpperBuffA
CharUpperA
AdjustWindowRectEx
ActivateKeyboardLayout
EnumDisplayMonitors
GetMonitorInfoW
MonitorFromPoint
MonitorFromRect
MonitorFromWindow

kernel32

lstrcmpiA
LoadLibraryA
LocalFree
LocalAlloc
Sleep
VirtualFree
VirtualAlloc
SwitchToThread
GetACP
GetSystemInfo
GetTickCount
QueryPerformanceCounter
GetVersion
GetCurrentThreadId
VirtualQuery
WideCharToMultiByte
SetCurrentDirectoryW
MultiByteToWideChar
lstrlenW
lstrcpynW
LoadLibraryExW
IsValidLocale
GetSystemDefaultUILanguage
GetStartupInfoA
GetProcAddress
GetModuleHandleW
GetModuleFileNameW
GetUserDefaultUILanguage
GetLocaleInfoW
GetLastError
GetCurrentDirectoryW
GetCommandLineW
FreeLibrary
FindFirstFileW
FindClose
ExitProcess
ExitThread
CreateThread
CompareStringW
WriteFile
UnhandledExceptionFilter
SetFilePointer
SetEndOfFile
RtlUnwind
ReadFile
RaiseException
GetStdHandle
GetFileSize
GetFileType
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
CreateFileW
CloseHandle
TlsSetValue
TlsGetValue
LocalAlloc
GetModuleHandleW
lstrlenA
lstrlenW
lstrcpynA
lstrcpyA
lstrcmpiA
lstrcmpA
lstrcmpW
lstrcatA
WriteProcessMemory
WritePrivateProfileStringW
WriteFile
WideCharToMultiByte
WaitForSingleObject
WaitForMultipleObjectsEx
WaitForMultipleObjects
VirtualQueryEx
VirtualQuery
VirtualFree
VirtualAlloc
TryEnterCriticalSection
TerminateThread
SystemTimeToFileTime
SwitchToThread
SuspendThread
Sleep
SizeofResource
SetThreadPriority
SetThreadLocale
SetLastError
SetFileTime
SetFilePointer
SetEvent
SetErrorMode
SetEnvironmentVariableA
SetEnvironmentVariableW
SetEndOfFile
SetCurrentDirectoryW
ResumeThread
ResetEvent
RemoveDirectoryW
ReleaseMutex
ReadProcessMemory
ReadFile
RaiseException
QueryPerformanceFrequency
QueryPerformanceCounter
QueryDosDeviceA
IsDebuggerPresent
OutputDebugStringA
OutputDebugStringW
OpenMutexW
OpenEventW
MultiByteToWideChar
MulDiv
MoveFileExW
LockResource
LocalFree
LocalFileTimeToFileTime
LoadResource
LoadLibraryExA
LoadLibraryExW
LoadLibraryA
LoadLibraryW
LeaveCriticalSection
LCMapStringW
IsValidLocale
IsDBCSLeadByte
InitializeCriticalSectionAndSpinCount
InitializeCriticalSection
GlobalUnlock
GlobalSize
GlobalHandle
GlobalLock
GlobalFree
GlobalFindAtomW
GlobalDeleteAtom
GlobalAlloc
GlobalAddAtomW
GetVolumeInformationA
GetVolumeInformationW
GetVersionExW
GetVersion
GetUserDefaultLCID
GetTimeZoneInformation
GetTickCount
GetThreadPriority
GetThreadLocale
GetTempPathA
GetTempPathW
GetTempFileNameA
GetSystemTimeAsFileTime
GetSystemInfo
GetSystemDirectoryA
GetStringTypeExA
GetStringTypeExW
GetStdHandle
GetProcAddress
GetPrivateProfileStringW
GetModuleHandleA
GetModuleHandleW
GetModuleFileNameA
GetModuleFileNameW
GetMailslotInfo
GetLogicalDrives
GetLocaleInfoA
GetLocaleInfoW
GetLocalTime
GetLastError
GetFullPathNameW
GetFileSize
GetFileAttributesExW
GetFileAttributesW
GetExitCodeThread
GetEnvironmentVariableW
GetDriveTypeW
GetDiskFreeSpaceExA
GetDiskFreeSpaceW
GetDateFormatW
GetCurrentThreadId
GetCurrentThread
GetCurrentProcessId
GetCurrentProcess
GetCurrentDirectoryA
GetComputerNameW
GetCPInfoExW
GetCPInfo
GetACP
FreeResource
InterlockedExchangeAdd
InterlockedExchange
InterlockedCompareExchange
FreeLibrary
FormatMessageA
FormatMessageW
FlushFileBuffers
FindResourceW
FindNextFileW
FindNextChangeNotification
FindFirstFileA
FindFirstFileW
FindFirstChangeNotificationA
FindFirstChangeNotificationW
FindCloseChangeNotification
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
FileTimeToDosDateTime
EnumSystemLocalesW
EnumSystemCodePagesA
EnumCalendarInfoW
EnterCriticalSection
DeviceIoControl
DeleteFileW
DeleteCriticalSection
CreateThread
CreateMutexW
CreateMailslotW
CreateFileA
CreateFileW
CreateEventW
CreateDirectoryW
CopyFileA
CopyFileW
CompareStringA
CompareStringW
CloseHandle
Sleep
MulDiv
GetVersionExW

msimg32

AlphaBlend

gdi32

UnrealizeObject
TextOutW
StrokePath
StretchDIBits
StretchBlt
StartPage
StartDocW
SetWindowOrgEx
SetWindowExtEx
SetWinMetaFileBits
SetViewportOrgEx
SetViewportExtEx
SetTextJustification
SetTextCharacterExtra
SetTextColor
SetTextAlign
SetStretchBltMode
SetROP2
SetPixel
SetMapMode
SetEnhMetaFileBits
SetDIBits
SetDIBColorTable
SetBrushOrgEx
SetBkMode
SetBkColor
SetAbortProc
SelectPalette
SelectObject
SelectClipRgn
SaveDC
RoundRect
RestoreDC
ResizePalette
ResetDCW
Rectangle
RectVisible
RealizePalette
PtInRegion
Polyline
Polygon
PolyPolyline
PolyBezierTo
PolyBezier
PlayEnhMetaFile
Pie
PatBlt
OffsetRgn
MoveToEx
MaskBlt
LineTo
LPtoDP
IntersectClipRect
GetWindowOrgEx
GetWindowExtEx
GetWinMetaFileBits
GetViewportExtEx
GetTextMetricsA
GetTextMetricsW
GetTextExtentPointW
GetTextExtentPoint32W
GetTextExtentExPointA
GetTextExtentExPointW
GetTextColor
GetTextAlign
GetSystemPaletteEntries
GetStockObject
GetRgnBox
GetPixel
GetPaletteEntries
GetObjectW
GetNearestPaletteIndex
GetMapMode
GetEnhMetaFilePaletteEntries
GetEnhMetaFileHeader
GetEnhMetaFileDescriptionW
GetEnhMetaFileBits
GetDeviceCaps
GetDIBits
GetDIBColorTable
GetCurrentPositionEx
GetCurrentObject
GetClipRgn
GetClipBox
GetBrushOrgEx
GetBkColor
GetBitmapBits
GdiFlush
FrameRgn
FillRgn
ExtTextOutW
ExtFloodFill
ExtCreateRegion
ExtCreatePen
ExcludeClipRect
EnumFontsW
EnumFontFamiliesExW
EndPath
EndPage
EndDoc
Ellipse
DeleteObject
DeleteEnhMetaFile
DeleteDC
DPtoLP
CreateSolidBrush
CreateRoundRectRgn
CreateRectRgnIndirect
CreateRectRgn
CreatePolygonRgn
CreatePenIndirect
CreatePen
CreatePatternBrush
CreatePalette
CreateICW
CreateHalftonePalette
CreateFontIndirectW
CreateEnhMetaFileW
CreateEllipticRgnIndirect
CreateDIBitmap
CreateDIBSection
CreateDCW
CreateCompatibleDC
CreateCompatibleBitmap
CreateBrushIndirect
CreateBitmap
CopyEnhMetaFileW
CombineRgn
CloseFigure
CloseEnhMetaFile
Chord
BitBlt
BeginPath
ArcTo
Arc
AngleArc
AbortDoc
GetRandomRgn

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

ole32

CreateStreamOnHGlobal
CreateILockBytesOnHGlobal
OleRegEnumVerbs
IsAccelerator
ReleaseStgMedium
OleDraw
OleSetMenuDescriptor
OleFlushClipboard
OleGetClipboard
OleSetClipboard
DoDragDrop
RevokeDragDrop
RegisterDragDrop
OleUninitialize
OleInitialize
StgIsStorageFile
StgOpenStorageOnILockBytes
StgOpenStorage
CreateDataAdviseHolder
CoTaskMemFree
CoTaskMemAlloc
StringFromGUID2
ProgIDFromCLSID
CLSIDFromString
StringFromCLSID
CoCreateInstance
CoGetClassObject
CoUninitialize
CoInitialize
IsEqualGUID
CoCreateGuid

comctl32

InitializeFlatSB
FlatSB_SetScrollProp
FlatSB_SetScrollPos
FlatSB_SetScrollInfo
FlatSB_GetScrollPos
FlatSB_GetScrollInfo
_TrackMouseEvent
ImageList_GetImageInfo
ImageList_SetIconSize
ImageList_GetIconSize
ImageList_Write
ImageList_Read
ImageList_GetDragImage
ImageList_DragShowNolock
ImageList_DragMove
ImageList_DragLeave
ImageList_DragEnter
ImageList_EndDrag
ImageList_BeginDrag
ImageList_Copy
ImageList_LoadImageW
ImageList_GetIcon
ImageList_Remove
ImageList_DrawEx
ImageList_Replace
ImageList_Draw
ImageList_SetOverlayImage
ImageList_GetBkColor
ImageList_SetBkColor
ImageList_ReplaceIcon
ImageList_Add
ImageList_SetImageCount
ImageList_GetImageCount
ImageList_Destroy
ImageList_Create
InitCommonControls
InitCommonControls

winspool.drv

OpenPrinterW
EnumPrintersW
DocumentPropertiesW
ClosePrinter
GetDefaultPrinterW

shell32

SHGetFileInfoW
SHFileOperationW
ShellExecuteW
DragQueryFileW
DragFinish
DragAcceptFiles
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetMalloc
SHGetDesktopFolder
SHBrowseForFolderW

comdlg32

GetSaveFileNameW
GetOpenFileNameW

oleacc

LresultFromObject

winmm

timeGetTime
timeEndPeriod
timeBeginPeriod
sndPlaySoundW
mciSendCommandW

ntdll

RtlInitUnicodeString
ZwWaitForSingleObject
ZwOpenFile
ZwDeviceIoControlFile
ZwClose

resources\starburn

StarBurn_CdvdBurnerGrabber_GetDiscUsedSpace
StarBurn_CdvdBurnerGrabber_GetDiscFreeSpace
StarBurn_StarPort_GetVersion
StarBurn_CdvdBurnerGrabber_GetDiscFileSystem
StarBurn_UpStartEx
StarBurn_DownShut
StarBurn_CdvdBurnerGrabber_GetRPC
StarBurn_SetFastReadTOC
StarBurn_ISO9660JolietFileTree_GetFileSizeInUCHARs
StarBurn_CdvdBurnerGrabber_DiscAtOnceRawPWFromTree
StarBurn_CdvdBurnerGrabber_DiscAtOncePQFromTree
StarBurn_ISO9660JolietFileTree_ImportTrack
StarBurn_ISO9660JolietFileTree_SetBootImage
StarBurn_CdvdBurnerGrabber_Cancel
StarBurn_CdvdBurnerGrabber_GetInsertedDiscType
StarBurn_FindDevice
StarBurn_CdvdBurnerGrabber_ProbeSupportedWriteModes
StarBurn_CdvdBurnerGrabber_ProbeSupportedReadModes
StarBurn_CdvdBurnerGrabber_GetTOCInformation
StarBurn_CdvdBurnerGrabber_GetDiscInformation
StarBurn_CdvdBurnerGrabber_GetTrackInformation
StarBurn_CdvdBurnerGrabber_Blank
StarBurn_CdvdBurnerGrabber_Release
StarBurn_CdvdBurnerGrabber_Lock
StarBurn_CdvdBurnerGrabber_Eject
StarBurn_CdvdBurnerGrabber_CloseSession
StarBurn_CdvdBurnerGrabber_DiscAtOnceRawPWFromFile
StarBurn_CdvdBurnerGrabber_DiscAtOncePQFromFile
StarBurn_CdvdBurnerGrabber_TrackAtOnceFromFile
StarBurn_CdvdBurnerGrabber_TrackAtOnceFromTree
StarBurn_CdvdBurnerGrabber_SessionAtOnce
StarBurn_CdvdBurnerGrabber_SendOPC
StarBurn_CdvdBurnerGrabber_SetSpeeds
StarBurn_CdvdBurnerGrabber_GetSpeeds
StarBurn_CdvdBurnerGrabber_SetBUP
StarBurn_CdvdBurnerGrabber_GetBUP
StarBurn_CdvdBurnerGrabber_TestUnitReady
StarBurn_CdvdBurnerGrabber_GetSupportedMediaFormatsExEx
StarBurn_CdvdBurnerGrabber_GetSupportedMediaFormats
StarBurn_CdvdBurnerGrabber_GetDeviceInformation
StarBurn_CdvdBurnerGrabber_CreateEx
StarBurn_CdvdBurnerGrabber_Create
StarBurn_ISO9660JolietFileTree_SeekToBegin
StarBurn_ISO9660JolietFileTree_Read
StarBurn_ISO9660JolietFileTree_GetSizeInUCHARs
StarBurn_ISO9660JolietFileTree_BuildImage
StarBurn_ISO9660JolietFileTree_GetNextKid
StarBurn_ISO9660JolietFileTree_GetNames
StarBurn_ISO9660JolietFileTree_GetAttributes
StarBurn_ISO9660JolietFileTree_GetFirstKid
StarBurn_ISO9660JolietFileTree_GetRoot
StarBurn_ISO9660JolietFileTree_GetLevel
StarBurn_ISO9660JolietFileTree_Add
StarBurn_ISO9660JolietFileTree_Create
StarBurn_GetDeviceNameByDeviceAddress
StarBurn_Destroy
StarBurn_GetVersion

wsock32

WSACleanup
WSAStartup
WSAGetLastError
WSACancelAsyncRequest
WSAAsyncGetHostByName
gethostname
socket
shutdown
setsockopt
send
recv
ntohs
listen
ioctlsocket
inet_ntoa
inet_addr
htons
closesocket

Exports

Exports

EXECryptor_AntiDebug
EXECryptor_DecodeSerialNumber
EXECryptor_DecodeSerialNumberW
EXECryptor_DecryptStr
EXECryptor_DecryptStrW
EXECryptor_EncryptStr
EXECryptor_EncryptStrW
EXECryptor_FN_0
EXECryptor_FN_1
EXECryptor_FN_10
EXECryptor_FN_11
EXECryptor_FN_12
EXECryptor_FN_13
EXECryptor_FN_14
EXECryptor_FN_15
EXECryptor_FN_16
EXECryptor_FN_2
EXECryptor_FN_3
EXECryptor_FN_4
EXECryptor_FN_5
EXECryptor_FN_6
EXECryptor_FN_7
EXECryptor_FN_8
EXECryptor_FN_9
EXECryptor_GetDate
EXECryptor_GetEXECryptorVersion
EXECryptor_GetHardwareID
EXECryptor_GetProcAddr
EXECryptor_GetReleaseDate
EXECryptor_GetTrialDaysLeft
EXECryptor_GetTrialRunsLeft
EXECryptor_IsAppProtected
EXECryptor_IsRegistered
EXECryptor_MessageBox
EXECryptor_ProtectImport
EXECryptor_RegConst_0
EXECryptor_RegConst_1
EXECryptor_RegConst_2
EXECryptor_RegConst_3
EXECryptor_RegConst_4
EXECryptor_RegConst_5
EXECryptor_RegConst_6
EXECryptor_RegConst_7
EXECryptor_SecureRead
EXECryptor_SecureReadW
EXECryptor_SecureWrite
EXECryptor_SecureWriteW
EXECryptor_VerifySerialNumber
EXECryptor_VerifySerialNumberW
EXECryptor_halt

Sections

.text
Size: 8.9MB - Virtual size: 8.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 276KB - Virtual size: 276KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 588KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: - Virtual size: 92B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 624KB - Virtual size: 624KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 5.8MB - Virtual size: 5.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Language/Arabic.lng
Language/Chinese.lng
Language/Deutsch.lng
Language/English.lng
Language/French.lng
Language/Italian.lng
Language/Japanese.lng
Language/Russian.lng
Language/Spanish.lng
Language/Ukrainian.lng
Language/common/Arabic.lng
Language/common/Chinese.lng
Language/common/Deutsch.lng
Language/common/English.lng
Language/common/French.lng
Language/common/Italian.lng
Language/common/Japanese.lng
Language/common/Russian.lng
Language/common/Spanish.lng
Language/common/Ukrainian.lng
Resources/DSKImageMenu.dll
.dll regsvr32 windows:5 windows x86 arch:x86

51df91f12a054d4e3e7e9bd236c72b6a

Code Sign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10-05-2010 00:00

Not After

10-05-2015 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

cd:5d:11:0f:fb:97:fa:9e:bb:c2:ed:ee:b7:2c:c1:6a
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

13-04-2015 00:00

Not After

12-04-2016 23:59

Subject

CN=Hetman Software,O=Hetman Software,POSTALCODE=07500,STREET=Komsomolskaya street\, 13/2,L=Baryshevka,ST=Kievskaya,C=UA

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

27:66:ee:56:eb:49:f3:8e:ab:d7:70:a2:fc:84:de:22
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

30-05-2000 10:48

Not After

30-05-2020 10:48

Subject

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09-05-2013 00:00

Not After

08-05-2028 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

cb:95:77:83:40:28:00:52:5d:b5:20:b3:b1:2b:4f:23:19:60:9b:39
Signer

Actual PE Digest

cb:95:77:83:40:28:00:52:5d:b5:20:b3:b1:2b:4f:23:19:60:9b:39

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

oleaut32

SysFreeString
SysReAllocStringLen
SysAllocStringLen
CreateErrorInfo
GetErrorInfo
SetErrorInfo
RegisterTypeLib
LoadTypeLibEx
SysFreeString
SafeArrayPtrOfIndex
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayCreate
VariantChangeType
VariantCopy
VariantClear
VariantInit

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCloseKey
RegUnLoadKeyW
RegSetValueExW
RegSaveKeyW
RegRestoreKeyW
RegReplaceKeyW
RegQueryValueExW
RegQueryInfoKeyW
RegOpenKeyExW
RegLoadKeyW
RegFlushKey
RegEnumValueW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegConnectRegistryW
RegCloseKey

user32

LoadStringW
MessageBoxA
CharNextW
SetMenuItemBitmaps
ReleaseDC
PostThreadMessageW
PeekMessageW
MsgWaitForMultipleObjects
MessageBoxW
LoadStringW
LoadIconW
InsertMenuW
GetSysColor
GetDC
FrameRect
FillRect
DrawTextExW
DrawFocusRect
CharUpperW
CharNextW

kernel32

lstrcmpiA
LoadLibraryA
LocalFree
LocalAlloc
Sleep
VirtualFree
VirtualAlloc
SwitchToThread
GetACP
GetSystemInfo
GetTickCount
QueryPerformanceCounter
GetVersion
GetCurrentThreadId
VirtualQuery
WideCharToMultiByte
MultiByteToWideChar
lstrlenW
lstrcpynW
LoadLibraryExW
IsValidLocale
GetSystemDefaultUILanguage
GetStartupInfoA
GetProcAddress
GetModuleHandleW
GetModuleFileNameW
GetUserDefaultUILanguage
GetLocaleInfoW
GetLastError
GetCommandLineW
FreeLibrary
FindFirstFileW
FindClose
ExitProcess
ExitThread
CreateThread
CompareStringW
WriteFile
UnhandledExceptionFilter
RtlUnwind
RaiseException
GetStdHandle
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
CloseHandle
TlsSetValue
TlsGetValue
TlsFree
TlsAlloc
LocalFree
LocalAlloc
WriteFile
WinExec
WideCharToMultiByte
WaitForSingleObject
VirtualQueryEx
VirtualQuery
VirtualFree
SwitchToThread
SuspendThread
Sleep
SizeofResource
SetThreadPriority
SetLastError
SetFilePointer
SetEvent
SetErrorMode
SetEndOfFile
ResumeThread
ResetEvent
ReadFile
RaiseException
IsDebuggerPresent
MultiByteToWideChar
MulDiv
LockResource
LocalFree
LoadResource
LoadLibraryW
LeaveCriticalSection
IsValidLocale
InitializeCriticalSection
GetVersionExW
GetThreadPriority
GetThreadLocale
GetStdHandle
GetShortPathNameW
GetProcAddress
GetModuleHandleW
GetModuleFileNameW
GetLocaleInfoW
GetLocalTime
GetLastError
GetFullPathNameW
GetExitCodeThread
GetDiskFreeSpaceW
GetDateFormatW
GetCurrentThreadId
GetCurrentThread
GetCurrentProcess
GetCPInfoExW
GetCPInfo
GetACP
FreeResource
InterlockedIncrement
InterlockedExchangeAdd
InterlockedExchange
InterlockedDecrement
InterlockedCompareExchange
FreeLibrary
FormatMessageW
FindResourceW
FindFirstFileW
FindClose
EnumSystemLocalesW
EnumCalendarInfoW
EnterCriticalSection
DeleteCriticalSection
CreateFileW
CreateEventW
CompareStringW
CloseHandle
Sleep

msimg32

AlphaBlend

gdi32

UnrealizeObject
StretchBlt
SetTextColor
SetStretchBltMode
SetROP2
SetPixel
SetDIBColorTable
SetBrushOrgEx
SetBkMode
SetBkColor
SelectPalette
SelectObject
RoundRect
Rectangle
RealizePalette
Polyline
Polygon
PolyBezierTo
PolyBezier
Pie
PatBlt
MoveToEx
MaskBlt
LineTo
GetWindowOrgEx
GetTextMetricsW
GetTextExtentPoint32W
GetSystemPaletteEntries
GetStockObject
GetPixel
GetPaletteEntries
GetObjectW
GetDeviceCaps
GetDIBits
GetDIBColorTable
GetCurrentPositionEx
GetClipBox
GetBrushOrgEx
ExtTextOutW
ExtFloodFill
Ellipse
DeleteObject
DeleteDC
CreatePenIndirect
CreatePalette
CreateHalftonePalette
CreateFontIndirectW
CreateDIBitmap
CreateDIBSection
CreateCompatibleDC
CreateCompatibleBitmap
CreateBrushIndirect
CreateBitmap
Chord
BitBlt
ArcTo
Arc
AngleArc

ole32

ReleaseStgMedium
CoTaskMemFree
StringFromCLSID
CoLockObjectExternal
CoDisconnectObject
CoRevokeClassObject
CoRegisterClassObject
CoUninitialize
CoInitialize
IsEqualGUID

shell32

DragQueryFileW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 372KB - Virtual size: 371KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 20KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didata
Size: 512B - Virtual size: 154B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 169B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Resources/DiskMenu.dll
.dll regsvr32 windows:5 windows x86 arch:x86

01cf1876343fa55725ca413b08c58322

Code Sign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10-05-2010 00:00

Not After

10-05-2015 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

cd:5d:11:0f:fb:97:fa:9e:bb:c2:ed:ee:b7:2c:c1:6a
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

13-04-2015 00:00

Not After

12-04-2016 23:59

Subject

CN=Hetman Software,O=Hetman Software,POSTALCODE=07500,STREET=Komsomolskaya street\, 13/2,L=Baryshevka,ST=Kievskaya,C=UA

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

27:66:ee:56:eb:49:f3:8e:ab:d7:70:a2:fc:84:de:22
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

30-05-2000 10:48

Not After

30-05-2020 10:48

Subject

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09-05-2013 00:00

Not After

08-05-2028 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

8e:73:ac:d0:c4:a4:42:60:7b:a7:da:d7:02:c6:f7:7d:d7:c8:18:f5
Signer

Actual PE Digest

8e:73:ac:d0:c4:a4:42:60:7b:a7:da:d7:02:c6:f7:7d:d7:c8:18:f5

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

oleaut32

SysFreeString
SysReAllocStringLen
SysAllocStringLen
CreateErrorInfo
GetErrorInfo
SetErrorInfo
RegisterTypeLib
LoadTypeLibEx
SysFreeString
SafeArrayPtrOfIndex
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayCreate
VariantChangeType
VariantCopy
VariantClear
VariantInit

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCloseKey
RegUnLoadKeyW
RegSetValueExW
RegSaveKeyW
RegRestoreKeyW
RegReplaceKeyW
RegQueryValueExW
RegQueryInfoKeyW
RegOpenKeyExW
RegLoadKeyW
RegFlushKey
RegEnumValueW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegConnectRegistryW
RegCloseKey

user32

LoadStringW
MessageBoxA
CharNextW
SetMenuItemBitmaps
ReleaseDC
PostThreadMessageW
PeekMessageW
MsgWaitForMultipleObjects
MessageBoxW
LoadStringW
LoadIconW
InsertMenuW
GetSysColor
GetDC
FrameRect
FillRect
DrawTextExW
DrawFocusRect
CharUpperW
CharNextW

kernel32

lstrcmpiA
LoadLibraryA
LocalFree
LocalAlloc
Sleep
VirtualFree
VirtualAlloc
SwitchToThread
GetACP
GetSystemInfo
GetTickCount
QueryPerformanceCounter
GetVersion
GetCurrentThreadId
VirtualQuery
WideCharToMultiByte
MultiByteToWideChar
lstrlenW
lstrcpynW
LoadLibraryExW
IsValidLocale
GetSystemDefaultUILanguage
GetStartupInfoA
GetProcAddress
GetModuleHandleW
GetModuleFileNameW
GetUserDefaultUILanguage
GetLocaleInfoW
GetLastError
GetCommandLineW
FreeLibrary
FindFirstFileW
FindClose
ExitProcess
ExitThread
CreateThread
CompareStringW
WriteFile
UnhandledExceptionFilter
RtlUnwind
RaiseException
GetStdHandle
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
CloseHandle
TlsSetValue
TlsGetValue
TlsFree
TlsAlloc
LocalFree
LocalAlloc
WriteFile
WinExec
WideCharToMultiByte
WaitForSingleObject
VirtualQueryEx
VirtualQuery
VirtualFree
SwitchToThread
SuspendThread
Sleep
SizeofResource
SetThreadPriority
SetLastError
SetFilePointer
SetEvent
SetErrorMode
SetEndOfFile
ResumeThread
ResetEvent
ReadFile
RaiseException
IsDebuggerPresent
MultiByteToWideChar
MulDiv
LockResource
LocalFree
LoadResource
LoadLibraryW
LeaveCriticalSection
IsValidLocale
InitializeCriticalSection
GetVersionExW
GetThreadPriority
GetThreadLocale
GetStdHandle
GetShortPathNameW
GetProcAddress
GetModuleHandleW
GetModuleFileNameW
GetLocaleInfoW
GetLocalTime
GetLastError
GetFullPathNameW
GetExitCodeThread
GetDriveTypeW
GetDiskFreeSpaceW
GetDateFormatW
GetCurrentThreadId
GetCurrentThread
GetCurrentProcess
GetCPInfoExW
GetCPInfo
GetACP
FreeResource
InterlockedIncrement
InterlockedExchangeAdd
InterlockedExchange
InterlockedDecrement
InterlockedCompareExchange
FreeLibrary
FormatMessageW
FindResourceW
FindFirstFileW
FindClose
EnumSystemLocalesW
EnumCalendarInfoW
EnterCriticalSection
DeleteCriticalSection
CreateFileW
CreateEventW
CompareStringW
CloseHandle
Sleep

msimg32

AlphaBlend

gdi32

UnrealizeObject
StretchBlt
SetTextColor
SetStretchBltMode
SetROP2
SetPixel
SetDIBColorTable
SetBrushOrgEx
SetBkMode
SetBkColor
SelectPalette
SelectObject
RoundRect
Rectangle
RealizePalette
Polyline
Polygon
PolyBezierTo
PolyBezier
Pie
PatBlt
MoveToEx
MaskBlt
LineTo
GetWindowOrgEx
GetTextMetricsW
GetTextExtentPoint32W
GetSystemPaletteEntries
GetStockObject
GetPixel
GetPaletteEntries
GetObjectW
GetDeviceCaps
GetDIBits
GetDIBColorTable
GetCurrentPositionEx
GetClipBox
GetBrushOrgEx
ExtTextOutW
ExtFloodFill
Ellipse
DeleteObject
DeleteDC
CreatePenIndirect
CreatePalette
CreateHalftonePalette
CreateFontIndirectW
CreateDIBitmap
CreateDIBSection
CreateCompatibleDC
CreateCompatibleBitmap
CreateBrushIndirect
CreateBitmap
Chord
BitBlt
ArcTo
Arc
AngleArc

ole32

ReleaseStgMedium
CoTaskMemFree
StringFromCLSID
CoLockObjectExternal
CoDisconnectObject
CoRevokeClassObject
CoRegisterClassObject
CoUninitialize
CoInitialize
IsEqualGUID

shell32

DragQueryFileW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 370KB - Virtual size: 370KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 20KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didata
Size: 512B - Virtual size: 154B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 165B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Resources/FileExt.dll
.dll windows:1 windows x86 arch:x86

Code Sign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10-05-2010 00:00

Not After

10-05-2015 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

cd:5d:11:0f:fb:97:fa:9e:bb:c2:ed:ee:b7:2c:c1:6a
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

13-04-2015 00:00

Not After

12-04-2016 23:59

Subject

CN=Hetman Software,O=Hetman Software,POSTALCODE=07500,STREET=Komsomolskaya street\, 13/2,L=Baryshevka,ST=Kievskaya,C=UA

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

27:66:ee:56:eb:49:f3:8e:ab:d7:70:a2:fc:84:de:22
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

30-05-2000 10:48

Not After

30-05-2020 10:48

Subject

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09-05-2013 00:00

Not After

08-05-2028 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

52:6c:10:0e:08:59:7f:6d:15:74:8f:c8:68:e4:0a:e4:24:d2:cc:23
Signer

Actual PE Digest

52:6c:10:0e:08:59:7f:6d:15:74:8f:c8:68:e4:0a:e4:24:d2:cc:23

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 200B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 820B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 373KB - Virtual size: 376KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Resources/LoadRAW.dll
.dll windows:4 windows x86 arch:x86

308343f319894f4aa30ec1ea62e0045b

Code Sign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10-05-2010 00:00

Not After

10-05-2015 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

cd:5d:11:0f:fb:97:fa:9e:bb:c2:ed:ee:b7:2c:c1:6a
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

13-04-2015 00:00

Not After

12-04-2016 23:59

Subject

CN=Hetman Software,O=Hetman Software,POSTALCODE=07500,STREET=Komsomolskaya street\, 13/2,L=Baryshevka,ST=Kievskaya,C=UA

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

27:66:ee:56:eb:49:f3:8e:ab:d7:70:a2:fc:84:de:22
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

30-05-2000 10:48

Not After

30-05-2020 10:48

Subject

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09-05-2013 00:00

Not After

08-05-2028 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

28:85:a1:5d:60:d6:55:ce:fa:65:3f:e2:62:67:7f:41:1b:7a:16:62
Signer

Actual PE Digest

28:85:a1:5d:60:d6:55:ce:fa:65:3f:e2:62:67:7f:41:1b:7a:16:62

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleFileNameA
GetTempPathA
GetEnvironmentVariableA
GetVersionExA
GetLocalTime
GetSystemTime
SetEnvironmentVariableW
ExitProcess
TerminateProcess
GetCurrentProcess
HeapAlloc
HeapFree
GetLastError
DeleteFileA
RtlUnwind
GetCommandLineA
GetVersion
GetProcAddress
GetModuleHandleA
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
RaiseException
WriteFile
WideCharToMultiByte
GetTimeZoneInformation
CloseHandle
CreateFileA
GetCurrentProcessId
SetFilePointer
GetTempFileNameA
SetEndOfFile
SetStdHandle
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
ReadFile
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
FlushFileBuffers
LocalFileTimeToFileTime
SystemTimeToFileTime
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA
LCMapStringA
LCMapStringW
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetCurrentDirectoryA
GetFullPathNameA
GetDriveTypeA
SetFileTime

ws2_32

htons
ntohs
ntohl
htonl

Exports

Exports

DummyCall_Get
DummyCall_Set
ExtractThumbnail
FromRawToPSD
MSDCRAW_Version
RawInfo
nMSdcRAW

Sections

.text
Size: 192KB - Virtual size: 188KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 339KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Resources/MagicPDF.dll
.dll windows:5 windows x86 arch:x86

cfffa640694082a03aeca64533a2322d

Code Sign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10-05-2010 00:00

Not After

10-05-2015 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

cd:5d:11:0f:fb:97:fa:9e:bb:c2:ed:ee:b7:2c:c1:6a
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

13-04-2015 00:00

Not After

12-04-2016 23:59

Subject

CN=Hetman Software,O=Hetman Software,POSTALCODE=07500,STREET=Komsomolskaya street\, 13/2,L=Baryshevka,ST=Kievskaya,C=UA

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

27:66:ee:56:eb:49:f3:8e:ab:d7:70:a2:fc:84:de:22
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

30-05-2000 10:48

Not After

30-05-2020 10:48

Subject

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09-05-2013 00:00

Not After

08-05-2028 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

4e:78:80:03:f2:4d:2d:af:cc:5d:99:bc:38:cd:5f:f6:7c:67:a3:21
Signer

Actual PE Digest

4e:78:80:03:f2:4d:2d:af:cc:5d:99:bc:38:cd:5f:f6:7c:67:a3:21

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

oleaut32

SysFreeString
SysReAllocStringLen
SysAllocStringLen
GetErrorInfo
SysFreeString
SafeArrayPtrOfIndex
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayCreate
VariantChangeType
VariantCopy
VariantClear
VariantInit

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCloseKey
RegUnLoadKeyW
RegSetValueExW
RegSaveKeyW
RegRestoreKeyW
RegReplaceKeyW
RegQueryValueExW
RegQueryInfoKeyW
RegOpenKeyExW
RegLoadKeyW
RegFlushKey
RegEnumValueW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegConnectRegistryW
RegCloseKey

user32

LoadStringW
MessageBoxA
CharNextW
CreateWindowExW
WindowFromPoint
WaitMessage
UpdateWindow
UnregisterClassW
UnhookWindowsHookEx
TranslateMessage
TranslateMDISysAccel
TrackPopupMenu
SystemParametersInfoW
ShowWindow
ShowScrollBar
ShowOwnedPopups
SetWindowsHookExW
SetWindowTextW
SetWindowPos
SetWindowPlacement
SetWindowLongW
SetTimer
SetScrollRange
SetScrollPos
SetScrollInfo
SetRect
SetPropW
SetParent
SetMenuItemInfoW
SetMenu
SetForegroundWindow
SetFocus
SetCursorPos
SetCursor
SetClipboardData
SetClassLongW
SetCapture
SetActiveWindow
SendMessageA
SendMessageW
ScrollWindow
ScreenToClient
RemovePropW
RemoveMenu
ReleaseDC
ReleaseCapture
RegisterWindowMessageW
RegisterClipboardFormatW
RegisterClassW
RedrawWindow
PostQuitMessage
PostMessageW
PeekMessageA
PeekMessageW
OpenClipboard
OffsetRect
MsgWaitForMultipleObjectsEx
MsgWaitForMultipleObjects
MessageBoxW
MessageBeep
MapWindowPoints
MapVirtualKeyW
LoadStringW
LoadKeyboardLayoutW
LoadIconW
LoadCursorW
LoadBitmapW
KillTimer
IsZoomed
IsWindowVisible
IsWindowUnicode
IsWindowEnabled
IsWindow
IsIconic
IsDialogMessageA
IsDialogMessageW
IsClipboardFormatAvailable
IsChild
InvalidateRect
IntersectRect
InsertMenuItemW
InsertMenuW
InflateRect
GetWindowThreadProcessId
GetWindowTextW
GetWindowRect
GetWindowPlacement
GetWindowLongW
GetWindowDC
GetTopWindow
GetSystemMetrics
GetSystemMenu
GetSysColorBrush
GetSysColor
GetSubMenu
GetScrollRange
GetScrollPos
GetScrollInfo
GetPropW
GetParent
GetWindow
GetMessagePos
GetMessageExtraInfo
GetMenuStringW
GetMenuState
GetMenuItemInfoW
GetMenuItemID
GetMenuItemCount
GetMenu
GetLastActivePopup
GetKeyboardState
GetKeyboardLayoutNameW
GetKeyboardLayoutList
GetKeyboardLayout
GetKeyState
GetKeyNameTextW
GetIconInfo
GetForegroundWindow
GetFocus
GetDesktopWindow
GetDCEx
GetDC
GetCursorPos
GetCursor
GetClipboardData
GetClientRect
GetClassLongW
GetClassInfoW
GetCapture
GetActiveWindow
FrameRect
FindWindowExW
FindWindowW
FillRect
EnumWindows
EnumThreadWindows
EnumClipboardFormats
EnumChildWindows
EndPaint
EnableWindow
EnableScrollBar
EnableMenuItem
EmptyClipboard
DrawTextExW
DrawTextW
DrawMenuBar
DrawIconEx
DrawIcon
DrawFrameControl
DrawFocusRect
DrawEdge
DispatchMessageA
DispatchMessageW
DestroyWindow
DestroyMenu
DestroyIcon
DestroyCursor
DeleteMenu
DefWindowProcW
DefMDIChildProcW
DefFrameProcW
CreatePopupMenu
CreateMenu
CreateIcon
CreateAcceleratorTableW
CountClipboardFormats
CopyIcon
CloseClipboard
ClientToScreen
CheckMenuItem
CharUpperBuffW
CharNextW
CharLowerBuffW
CharLowerW
CallWindowProcW
CallNextHookEx
BeginPaint
AdjustWindowRectEx
ActivateKeyboardLayout

kernel32

lstrcmpiA
LoadLibraryA
LocalFree
LocalAlloc
GetACP
Sleep
VirtualFree
VirtualAlloc
GetSystemInfo
GetTickCount
QueryPerformanceCounter
GetVersion
GetCurrentThreadId
VirtualQuery
WideCharToMultiByte
SetCurrentDirectoryW
MultiByteToWideChar
lstrlenW
lstrcpynW
LoadLibraryExW
IsValidLocale
GetSystemDefaultUILanguage
GetStartupInfoA
GetProcAddress
GetModuleHandleW
GetModuleFileNameW
GetUserDefaultUILanguage
GetLocaleInfoW
GetLastError
GetCommandLineW
FreeLibrary
FindFirstFileW
FindClose
ExitProcess
ExitThread
CreateThread
CompareStringW
WriteFile
UnhandledExceptionFilter
SetFilePointer
SetEndOfFile
RtlUnwind
ReadFile
RaiseException
GetStdHandle
GetFileSize
GetFileType
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
CreateFileW
CloseHandle
TlsSetValue
TlsGetValue
TlsFree
TlsAlloc
LocalFree
LocalAlloc
lstrcpyW
lstrcmpW
WriteFile
WideCharToMultiByte
WaitForSingleObject
WaitForMultipleObjectsEx
VirtualQueryEx
VirtualQuery
VirtualFree
VirtualAlloc
TryEnterCriticalSection
TlsSetValue
TlsGetValue
SwitchToThread
SuspendThread
Sleep
SizeofResource
SignalObjectAndWait
SetThreadPriority
SetThreadLocale
SetLastError
SetFilePointer
SetFileAttributesW
SetEvent
SetErrorMode
SetEndOfFile
ResumeThread
ResetEvent
ReadFile
RaiseException
IsDebuggerPresent
OutputDebugStringW
MultiByteToWideChar
MulDiv
MoveFileW
LockResource
LoadResource
LoadLibraryW
LeaveCriticalSection
IsValidLocale
InitializeCriticalSection
GlobalUnlock
GlobalSize
GlobalLock
GlobalFree
GlobalFindAtomW
GlobalDeleteAtom
GlobalAlloc
GlobalAddAtomW
GetVersionExW
GetVersion
GetTickCount
GetThreadPriority
GetThreadLocale
GetTempPathW
GetTempFileNameW
GetSystemDefaultLCID
GetStdHandle
GetProcAddress
GetModuleHandleW
GetModuleFileNameW
GetLocaleInfoW
GetLocalTime
GetLastError
GetFullPathNameW
GetFileAttributesW
GetExitCodeThread
GetDiskFreeSpaceW
GetDateFormatW
GetCurrentThreadId
GetCurrentThread
GetCurrentProcessId
GetCurrentProcess
GetCPInfo
FreeResource
InterlockedIncrement
InterlockedExchangeAdd
InterlockedExchange
InterlockedDecrement
InterlockedCompareExchange
FreeLibrary
FormatMessageW
FindResourceW
FindNextFileW
FindFirstFileW
FindClose
FileTimeToLocalFileTime
FileTimeToDosDateTime
EnumCalendarInfoW
EnterCriticalSection
DeleteFileW
DeleteCriticalSection
CreateThread
CreateProcessW
CreateFileW
CreateEventW
CompareStringW
CloseHandle
Sleep

msimg32

AlphaBlend

gdi32

UnrealizeObject
StrokePath
StrokeAndFillPath
StretchDIBits
StretchBlt
StartPage
StartDocW
SetWorldTransform
SetWindowOrgEx
SetWindowExtEx
SetWinMetaFileBits
SetViewportOrgEx
SetViewportExtEx
SetTextColor
SetTextAlign
SetStretchBltMode
SetROP2
SetPolyFillMode
SetPixel
SetMapMode
SetGraphicsMode
SetEnhMetaFileBits
SetDIBits
SetDIBColorTable
SetBrushOrgEx
SetBkMode
SetBkColor
SetAbortProc
SelectPalette
SelectObject
SelectClipRgn
SaveDC
RoundRect
RestoreDC
ResizePalette
ResetDCW
Rectangle
RectVisible
RealizePalette
Polyline
Polygon
PolyBezierTo
PolyBezier
PlayEnhMetaFile
Pie
PatBlt
MoveToEx
MaskBlt
LineTo
IntersectClipRect
GetWindowOrgEx
GetWinMetaFileBits
GetTextMetricsW
GetTextExtentPointW
GetTextExtentPoint32A
GetTextExtentPoint32W
GetSystemPaletteEntries
GetStockObject
GetRgnBox
GetPixel
GetPaletteEntries
GetObjectA
GetObjectW
GetNearestPaletteIndex
GetFontData
GetEnhMetaFilePaletteEntries
GetEnhMetaFileHeader
GetEnhMetaFileDescriptionW
GetEnhMetaFileBits
GetDeviceCaps
GetDIBits
GetDIBColorTable
GetDCOrgEx
GetCurrentPositionEx
GetClipBox
GetBrushOrgEx
GetBitmapBits
GdiFlush
FrameRgn
FillPath
ExtTextOutW
ExtFloodFill
ExcludeClipRect
Escape
EnumFontsW
EnumFontFamiliesExW
EndPath
EndPage
EndDoc
Ellipse
DeleteObject
DeleteEnhMetaFile
DeleteDC
CreateSolidBrush
CreateRectRgn
CreatePenIndirect
CreatePalette
CreateICW
CreateHalftonePalette
CreateFontIndirectW
CreateFontW
CreateEnhMetaFileW
CreateDIBitmap
CreateDIBSection
CreateDCW
CreateCompatibleDC
CreateCompatibleBitmap
CreateBrushIndirect
CreateBitmap
CopyEnhMetaFileW
CloseFigure
CloseEnhMetaFile
Chord
BitBlt
BeginPath
Arc
AbortDoc

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

ole32

OleUninitialize
OleInitialize
CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance
CoUninitialize
CoInitialize
IsEqualGUID

comctl32

InitializeFlatSB
FlatSB_SetScrollProp
FlatSB_SetScrollPos
FlatSB_SetScrollInfo
FlatSB_GetScrollPos
FlatSB_GetScrollInfo
_TrackMouseEvent
ImageList_GetImageInfo
ImageList_SetIconSize
ImageList_GetIconSize
ImageList_Write
ImageList_Read
ImageList_GetDragImage
ImageList_DragShowNolock
ImageList_DragMove
ImageList_DragLeave
ImageList_DragEnter
ImageList_EndDrag
ImageList_BeginDrag
ImageList_Copy
ImageList_LoadImageW
ImageList_GetIcon
ImageList_Remove
ImageList_DrawEx
ImageList_Replace
ImageList_Draw
ImageList_SetOverlayImage
ImageList_GetBkColor
ImageList_SetBkColor
ImageList_ReplaceIcon
ImageList_Add
ImageList_SetImageCount
ImageList_GetImageCount
ImageList_Destroy
ImageList_Create
InitCommonControls

shell32

ShellExecuteW

comdlg32

PrintDlgW

winspool.drv

OpenPrinterW
EnumPrintersW
DocumentPropertiesW
ClosePrinter
GetDefaultPrinterW

gdiplus

GdipDrawCachedBitmap
GdipSetStringFormatMeasurableCharacterRanges
GdipGetStringFormatMeasurableCharacterRangeCount
GdipGetStringFormatDigitSubstitution
GdipSetStringFormatDigitSubstitution
GdipGetStringFormatTabStopCount
GdipGetStringFormatTabStops
GdipSetStringFormatTabStops
GdipGetStringFormatHotkeyPrefix
GdipSetStringFormatHotkeyPrefix
GdipGetStringFormatTrimming
GdipSetStringFormatTrimming
GdipGetStringFormatLineAlign
GdipSetStringFormatLineAlign
GdipGetStringFormatAlign
GdipSetStringFormatAlign
GdipGetStringFormatFlags
GdipSetStringFormatFlags
GdipCloneStringFormat
GdipDeleteStringFormat
GdipStringFormatGetGenericTypographic
GdipStringFormatGetGenericDefault
GdipCreateStringFormat
GdipMeasureDriverString
GdipDrawDriverString
GdipMeasureCharacterRanges
GdipMeasureString
GdipDrawString
GdipGetLogFontW
GdipGetLogFontA
GdipGetFontHeightGivenDPI
GdipGetFontHeight
GdipGetFontUnit
GdipGetFontSize
GdipGetFontStyle
GdipGetFamily
GdipDeleteFont
GdipCloneFont
GdipCreateFont
GdipCreateFontFromLogfontW
GdipCreateFontFromLogfontA
GdipCreateFontFromDC
GdipGetLineSpacing
GdipGetCellDescent
GdipGetCellAscent
GdipGetEmHeight
GdipIsStyleAvailable
GdipGetFamilyName
GdipGetGenericFontFamilyMonospace
GdipGetGenericFontFamilySerif
GdipGetGenericFontFamilySansSerif
GdipCloneFontFamily
GdipDeleteFontFamily
GdipCreateFontFamilyFromName
GdipComment
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipEndContainer
GdipBeginContainer2
GdipBeginContainerI
GdipBeginContainer
GdipRestoreGraphics
GdipSaveGraphics
GdipIsVisibleRectI
GdipIsVisibleRect
GdipIsVisiblePointI
GdipIsVisiblePoint
GdipIsVisibleClipEmpty
GdipGetVisibleClipBoundsI
GdipGetVisibleClipBounds
GdipIsClipEmpty
GdipGetClipBoundsI
GdipGetClipBounds
GdipGetClip
GdipTranslateClipI
GdipTranslateClip
GdipResetClip
GdipSetClipHrgn
GdipSetClipRegion
GdipSetClipPath
GdipSetClipRectI
GdipSetClipRect
GdipSetClipGraphics
GdipEnumerateMetafileSrcRectDestPointsI
GdipEnumerateMetafileSrcRectDestPoints
GdipEnumerateMetafileSrcRectDestRectI
GdipEnumerateMetafileSrcRectDestRect
GdipEnumerateMetafileSrcRectDestPointI
GdipEnumerateMetafileSrcRectDestPoint
GdipEnumerateMetafileDestPointsI
GdipEnumerateMetafileDestPoints
GdipEnumerateMetafileDestRectI
GdipEnumerateMetafileDestRect
GdipEnumerateMetafileDestPointI
GdipEnumerateMetafileDestPoint
GdipDrawImagePointsRectI
GdipDrawImagePointsRect
GdipDrawImageRectRectI
GdipDrawImageRectRect
GdipDrawImagePointRectI
GdipDrawImagePointRect
GdipDrawImagePointsI
GdipDrawImagePoints
GdipDrawImageRectI
GdipDrawImageRect
GdipDrawImageI
GdipDrawImage
GdipFillRegion
GdipFillClosedCurve2I
GdipFillClosedCurve2
GdipFillClosedCurveI
GdipFillClosedCurve
GdipFillPath
GdipFillPieI
GdipFillPie
GdipFillEllipseI
GdipFillEllipse
GdipFillPolygonI
GdipFillPolygon
GdipFillRectanglesI
GdipFillRectangles
GdipFillRectangleI
GdipFillRectangle
GdipGraphicsClear
GdipDrawClosedCurve2I
GdipDrawClosedCurve2
GdipDrawClosedCurveI
GdipDrawClosedCurve
GdipDrawCurve3I
GdipDrawCurve3
GdipDrawCurve2I
GdipDrawCurve2
GdipDrawCurveI
GdipDrawCurve
GdipDrawPath
GdipDrawPolygonI
GdipDrawPolygon
GdipDrawPieI
GdipDrawPie
GdipDrawEllipseI
GdipDrawEllipse
GdipDrawRectanglesI
GdipDrawRectangles
GdipDrawRectangleI
GdipDrawRectangle
GdipDrawBeziersI
GdipDrawBeziers
GdipDrawBezierI
GdipDrawBezier
GdipDrawArcI
GdipDrawArc
GdipDrawLinesI
GdipDrawLines
GdipDrawLineI
GdipDrawLine
GdipCreateHalftonePalette
GdipGetNearestColor
GdipTransformPointsI
GdipTransformPoints
GdipGetDpiY
GdipGetDpiX
GdipSetPageScale
GdipSetPageUnit
GdipGetPageScale
GdipGetPageUnit
GdipGetWorldTransform
GdipRotateWorldTransform
GdipScaleWorldTransform
GdipTranslateWorldTransform
GdipMultiplyWorldTransform
GdipResetWorldTransform
GdipSetWorldTransform
GdipGetInterpolationMode
GdipSetInterpolationMode
GdipGetTextContrast
GdipSetTextContrast
GdipGetTextRenderingHint
GdipSetTextRenderingHint
GdipGetPixelOffsetMode
GdipSetPixelOffsetMode
GdipGetSmoothingMode
GdipSetSmoothingMode
GdipGetCompositingQuality
GdipSetCompositingQuality
GdipGetRenderingOrigin
GdipSetRenderingOrigin
GdipGetCompositingMode
GdipSetCompositingMode
GdipReleaseDC
GdipGetDC
GdipDeleteGraphics
GdipCreateFromHWNDICM
GdipCreateFromHWND
GdipCreateFromHDC2
GdipCreateFromHDC
GdipFlush
GdipBitmapSetResolution
GdipBitmapSetPixel
GdipBitmapGetPixel
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCloneBitmapAreaI
GdipCloneBitmapArea
GdipCreateBitmapFromResource
GdipCreateHICONFromBitmap
GdipCreateBitmapFromHICON
GdipCreateHBITMAPFromBitmap
GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromGdiDib
GdipCreateBitmapFromGraphics
GdipCreateBitmapFromScan0
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromFile
GdipCreateBitmapFromStream
GdipSetPropertyItem
GdipRemovePropertyItem
GdipGetAllPropertyItems
GdipGetPropertySize
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipGetPropertyIdList
GdipGetPropertyCount
GdipGetImagePaletteSize
GdipSetImagePalette
GdipGetImagePalette
GdipImageRotateFlip
GdipImageSelectActiveFrame
GdipImageGetFrameCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameDimensionsCount
GdipGetEncoderParameterList
GdipGetEncoderParameterListSize
GdipGetImageThumbnail
GdipGetImagePixelFormat
GdipGetImageRawFormat
GdipGetImageFlags
GdipGetImageVerticalResolution
GdipGetImageHorizontalResolution
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageType
GdipGetImageDimension
GdipGetImageBounds
GdipGetImageGraphicsContext
GdipSaveAddImage
GdipSaveAdd
GdipSaveImageToStream
GdipSaveImageToFile
GdipDisposeImage
GdipCloneImage
GdipLoadImageFromFileICM
GdipLoadImageFromStreamICM
GdipLoadImageFromFile
GdipLoadImageFromStream
GdipGetCustomLineCapWidthScale
GdipSetCustomLineCapWidthScale
GdipGetCustomLineCapBaseInset
GdipSetCustomLineCapBaseInset
GdipGetCustomLineCapBaseCap
GdipSetCustomLineCapBaseCap
GdipGetCustomLineCapStrokeJoin
GdipSetCustomLineCapStrokeJoin
GdipGetCustomLineCapStrokeCaps
GdipSetCustomLineCapStrokeCaps
GdipCloneCustomLineCap
GdipDeleteCustomLineCap
GdipCreateCustomLineCap
GdipGetPenCompoundArray
GdipSetPenCompoundArray
GdipGetPenCompoundCount
GdipGetPenDashArray
GdipSetPenDashArray
GdipGetPenDashCount
GdipSetPenDashOffset
GdipGetPenDashOffset
GdipSetPenDashStyle
GdipGetPenDashStyle
GdipGetPenFillType
GdipGetPenBrushFill
GdipSetPenBrushFill
GdipGetPenColor
GdipSetPenColor
GdipRotatePenTransform
GdipScalePenTransform
GdipTranslatePenTransform
GdipMultiplyPenTransform
GdipResetPenTransform
GdipGetPenTransform
GdipSetPenTransform
GdipGetPenMode
GdipSetPenMode
GdipGetPenMiterLimit
GdipSetPenMiterLimit
GdipGetPenCustomEndCap
GdipSetPenCustomEndCap
GdipGetPenCustomStartCap
GdipSetPenCustomStartCap
GdipGetPenLineJoin
GdipSetPenLineJoin
GdipGetPenDashCap197819
GdipGetPenEndCap
GdipGetPenStartCap
GdipSetPenDashCap197819
GdipSetPenEndCap
GdipSetPenStartCap
GdipSetPenLineCap197819
GdipGetPenWidth
GdipSetPenWidth
GdipDeletePen
GdipClonePen
GdipCreatePen2
GdipCreatePen1
GdipSetPathGradientFocusScales
GdipGetPathGradientFocusScales
GdipRotatePathGradientTransform
GdipScalePathGradientTransform
GdipTranslatePathGradientTransform
GdipMultiplyPathGradientTransform
GdipResetPathGradientTransform
GdipSetPathGradientTransform
GdipGetPathGradientTransform
GdipSetPathGradientWrapMode
GdipGetPathGradientWrapMode
GdipSetPathGradientLinearBlend
GdipSetPathGradientSigmaBlend
GdipSetPathGradientPresetBlend
GdipGetPathGradientPresetBlend
GdipGetPathGradientPresetBlendCount
GdipSetPathGradientBlend
GdipGetPathGradientBlend
GdipGetPathGradientBlendCount
GdipGetPathGradientGammaCorrection
GdipSetPathGradientGammaCorrection
GdipGetPathGradientSurroundColorCount
GdipGetPathGradientPointCount
GdipGetPathGradientRectI
GdipGetPathGradientRect
GdipSetPathGradientCenterPointI
GdipSetPathGradientCenterPoint
GdipGetPathGradientCenterPointI
GdipGetPathGradientCenterPoint
GdipSetPathGradientPath
GdipGetPathGradientPath
GdipSetPathGradientSurroundColorsWithCount
GdipGetPathGradientSurroundColorsWithCount
GdipSetPathGradientCenterColor
GdipGetPathGradientCenterColor
GdipCreatePathGradientFromPath
GdipCreatePathGradientI
GdipCreatePathGradient
GdipRotateLineTransform
GdipScaleLineTransform
GdipTranslateLineTransform
GdipMultiplyLineTransform
GdipResetLineTransform
GdipSetLineTransform
GdipGetLineTransform
GdipGetLineWrapMode
GdipSetLineWrapMode
GdipSetLineLinearBlend
GdipSetLineSigmaBlend
GdipSetLinePresetBlend
GdipGetLinePresetBlend
GdipGetLinePresetBlendCount
GdipSetLineBlend
GdipGetLineBlend
GdipGetLineBlendCount
GdipGetLineGammaCorrection
GdipSetLineGammaCorrection
GdipGetLineRectI
GdipGetLineRect
GdipGetLineColors
GdipSetLineColors
GdipCreateLineBrushFromRectWithAngleI
GdipCreateLineBrushFromRectWithAngle
GdipCreateLineBrushFromRectI
GdipCreateLineBrushFromRect
GdipCreateLineBrushI
GdipCreateLineBrush
GdipGetSolidFillColor
GdipSetSolidFillColor
GdipCreateSolidFill
GdipGetTextureImage
GdipGetTextureWrapMode
GdipSetTextureWrapMode
GdipRotateTextureTransform
GdipScaleTextureTransform
GdipTranslateTextureTransform
GdipMultiplyTextureTransform
GdipResetTextureTransform
GdipSetTextureTransform
GdipGetTextureTransform
GdipCreateTextureIAI
GdipCreateTexture2I
GdipCreateTextureIA
GdipCreateTexture2
GdipCreateTexture
GdipGetHatchBackgroundColor
GdipGetHatchForegroundColor
GdipGetHatchStyle
GdipCreateHatchBrush
GdipGetBrushType
GdipDeleteBrush
GdipCloneBrush
GdipGetRegionScansI
GdipGetRegionScans
GdipGetRegionScansCount
GdipIsVisibleRegionRectI
GdipIsVisibleRegionRect
GdipIsVisibleRegionPointI
GdipIsVisibleRegionPoint
GdipGetRegionData
GdipGetRegionDataSize
GdipIsEqualRegion
GdipIsInfiniteRegion
GdipIsEmptyRegion
GdipGetRegionHRgn
GdipGetRegionBoundsI
GdipGetRegionBounds
GdipTransformRegion
GdipTranslateRegionI
GdipTranslateRegion
GdipCombineRegionRegion
GdipCombineRegionPath
GdipCombineRegionRectI
GdipCombineRegionRect
GdipSetEmpty
GdipSetInfinite
GdipDeleteRegion
GdipCloneRegion
GdipCreateRegionHrgn
GdipCreateRegionRgnData
GdipCreateRegionPath
GdipCreateRegionRectI
GdipCreateRegionRect
GdipCreateRegion
GdipIsMatrixEqual
GdipIsMatrixIdentity
GdipIsMatrixInvertible
GdipGetMatrixElements
GdipVectorTransformMatrixPointsI
GdipVectorTransformMatrixPoints
GdipTransformMatrixPointsI
GdipTransformMatrixPoints
GdipInvertMatrix
GdipShearMatrix
GdipRotateMatrix
GdipScaleMatrix
GdipTranslateMatrix
GdipMultiplyMatrix
GdipSetMatrixElements
GdipDeleteMatrix
GdipCloneMatrix
GdipCreateMatrix3I
GdipCreateMatrix3
GdipCreateMatrix2
GdipCreateMatrix
GdipIsOutlineVisiblePathPointI
GdipIsOutlineVisiblePathPoint
GdipIsVisiblePathPointI
GdipIsVisiblePathPoint
GdipGetPathWorldBoundsI
GdipGetPathWorldBounds
GdipTransformPath
GdipWarpPath
GdipWidenPath
GdipWindingModeOutline
GdipFlattenPath
GdipAddPathPolygonI
GdipAddPathPieI
GdipAddPathEllipseI
GdipAddPathRectanglesI
GdipAddPathRectangleI
GdipAddPathClosedCurve2I
GdipAddPathClosedCurveI
GdipAddPathCurve3I
GdipAddPathCurve2I
GdipAddPathCurveI
GdipAddPathBeziersI
GdipAddPathBezierI
GdipAddPathArcI
GdipAddPathLine2I
GdipAddPathLineI
GdipAddPathStringI
GdipAddPathString
GdipAddPathPath
GdipAddPathPolygon
GdipAddPathPie
GdipAddPathEllipse
GdipAddPathRectangles
GdipAddPathRectangle
GdipAddPathClosedCurve2
GdipAddPathClosedCurve
GdipAddPathCurve3
GdipAddPathCurve2
GdipAddPathCurve
GdipAddPathBeziers
GdipAddPathBezier
GdipAddPathArc

Exports

Exports

pdfGetInfoW
pdfMakeImage
pdfMakeImageW
pdfMakeJPEG
pdfPrint
pdfPrintW
wpdfCheckViewer
wpdfSetLicense
wpdfSetViewer

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 110KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 280KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didata
Size: 1024B - Virtual size: 806B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 260B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 157KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 117KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Resources/StarBurn.dll
.dll windows:6 windows x86 arch:x86

ea720829252e09062268736bb8fda232

Code Sign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10-05-2010 00:00

Not After

10-05-2015 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

cd:5d:11:0f:fb:97:fa:9e:bb:c2:ed:ee:b7:2c:c1:6a
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

13-04-2015 00:00

Not After

12-04-2016 23:59

Subject

CN=Hetman Software,O=Hetman Software,POSTALCODE=07500,STREET=Komsomolskaya street\, 13/2,L=Baryshevka,ST=Kievskaya,C=UA

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

27:66:ee:56:eb:49:f3:8e:ab:d7:70:a2:fc:84:de:22
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

30-05-2000 10:48

Not After

30-05-2020 10:48

Subject

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09-05-2013 00:00

Not After

08-05-2028 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

53:a6:bf:9a:93:27:11:f6:e4:d0:38:56:70:9e:a4:dd:53:18:62:16
Signer

Actual PE Digest

53:a6:bf:9a:93:27:11:f6:e4:d0:38:56:70:9e:a4:dd:53:18:62:16

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\starburn\Bin\Dynamic\Debug\i386\StarBurn.pdb

Imports

msvcrt

??1type_info@@UAE@XZ
_adjust_fdiv
_amsg_exit
_initterm
_XcptFilter
_wcsupr
_errno
__CxxFrameHandler
_statusfp
_clearfp
_controlfp
_strnicmp
fwrite
fread
ferror
feof
_iob
vfprintf
_strerror
fseek
ftell
_stricmp
calloc
_wcsicmp
_purecall
printf
ctime
swprintf
memcpy
free
malloc
srand
rand
time
localtime
toupper
_splitpath
_CxxThrowException
_snprintf
wcsncpy
??2@YAPAXI@Z
sprintf
memmove
fopen
fprintf
wcsstr
_wfopen
fflush
fclose
strncmp
strncpy
_strupr
strstr
??3@YAXPAX@Z
memset
vsprintf

kernel32

GlobalFree
GlobalAlloc
FindFirstFileW
IsBadWritePtr
CloseHandle
GetFileSize
GetLastError
CreateFileA
IsBadReadPtr
IsBadCodePtr
FindNextFileW
InterlockedDecrement
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
RtlUnwind
InterlockedCompareExchange
InterlockedExchange
GetFileAttributesA
CreateThread
GetTickCount
FlushFileBuffers
InterlockedIncrement
ResetEvent
WaitForSingleObject
CreateEventA
FindFirstFileA
FindClose
FindNextFileA
CreateFileW
GetCurrentProcess
DuplicateHandle
SetEvent
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
LoadLibraryA
GetProcAddress
GetLogicalDrives
DeviceIoControl
QueryDosDeviceA
GetFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
GetTimeZoneInformation
DeleteFileA
WriteFile
GetModuleHandleA
GetModuleFileNameA
GetFullPathNameA
ReadFile
SetFilePointer
VirtualAlloc
VirtualFree
MultiByteToWideChar
GetSystemTime
SystemTimeToFileTime
WideCharToMultiByte
FreeLibrary
Sleep
CreatePipe
GetVersionExA
OutputDebugStringA

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA

user32

GetProcessWindowStation
GetUserObjectInformationA
MessageBoxA
wsprintfW

ole32

CoUninitialize
CoInitialize

Exports

Exports

A0DB34FC6FE35D429A28ADDE5467D4D7
StarBurn_CdvdBurnerGrabber_AuthorizeDVD
StarBurn_CdvdBurnerGrabber_Blank
StarBurn_CdvdBurnerGrabber_BluRayFormat
StarBurn_CdvdBurnerGrabber_BluRayFormatQuery
StarBurn_CdvdBurnerGrabber_Cancel
StarBurn_CdvdBurnerGrabber_CloseSession
StarBurn_CdvdBurnerGrabber_Create
StarBurn_CdvdBurnerGrabber_CreateEx
StarBurn_CdvdBurnerGrabber_CreateExEx
StarBurn_CdvdBurnerGrabber_DisableHardwareErrorCorrection
StarBurn_CdvdBurnerGrabber_DiscAtOncePQFromFile
StarBurn_CdvdBurnerGrabber_DiscAtOncePQFromTree
StarBurn_CdvdBurnerGrabber_DiscAtOnceRawPWFromFile
StarBurn_CdvdBurnerGrabber_DiscAtOnceRawPWFromFileAudioUnicode
StarBurn_CdvdBurnerGrabber_DiscAtOnceRawPWFromTree
StarBurn_CdvdBurnerGrabber_DiscBasicInformation_Create
StarBurn_CdvdBurnerGrabber_DiscBasicInformation_Destroy
StarBurn_CdvdBurnerGrabber_Eject
StarBurn_CdvdBurnerGrabber_ExecuteGeneric
StarBurn_CdvdBurnerGrabber_GetAdvancedSupportedMediaFormats
StarBurn_CdvdBurnerGrabber_GetBUP
StarBurn_CdvdBurnerGrabber_GetDVDProtectionSystem
StarBurn_CdvdBurnerGrabber_GetDVDRegionMask
StarBurn_CdvdBurnerGrabber_GetDeviceInformation
StarBurn_CdvdBurnerGrabber_GetDiscFileSystem
StarBurn_CdvdBurnerGrabber_GetDiscFreeSpace
StarBurn_CdvdBurnerGrabber_GetDiscInformation
StarBurn_CdvdBurnerGrabber_GetDiscUsedSpace
StarBurn_CdvdBurnerGrabber_GetInsertedDiscType
StarBurn_CdvdBurnerGrabber_GetLastAddress
StarBurn_CdvdBurnerGrabber_GetLastTrack
StarBurn_CdvdBurnerGrabber_GetMechanicalOptions
StarBurn_CdvdBurnerGrabber_GetMediaTrayStatus
StarBurn_CdvdBurnerGrabber_GetNumberOfSystemDescriptors
StarBurn_CdvdBurnerGrabber_GetRPC
StarBurn_CdvdBurnerGrabber_GetSpeeds
StarBurn_CdvdBurnerGrabber_GetSupportedMediaFormats
StarBurn_CdvdBurnerGrabber_GetSupportedMediaFormatsEx
StarBurn_CdvdBurnerGrabber_GetSupportedMediaFormatsExEx
StarBurn_CdvdBurnerGrabber_GetTOCInformation
StarBurn_CdvdBurnerGrabber_GetTrackInformation
StarBurn_CdvdBurnerGrabber_GetTrackInformationEx
StarBurn_CdvdBurnerGrabber_GrabCD
StarBurn_CdvdBurnerGrabber_GrabDVD
StarBurn_CdvdBurnerGrabber_GrabRange
StarBurn_CdvdBurnerGrabber_GrabTrack
StarBurn_CdvdBurnerGrabber_IsDiscBlank
StarBurn_CdvdBurnerGrabber_Load
StarBurn_CdvdBurnerGrabber_LoadEx
StarBurn_CdvdBurnerGrabber_Lock
StarBurn_CdvdBurnerGrabber_MSFToLBA
StarBurn_CdvdBurnerGrabber_ProbeSupportedReadModes
StarBurn_CdvdBurnerGrabber_ProbeSupportedWriteModes
StarBurn_CdvdBurnerGrabber_Read
StarBurn_CdvdBurnerGrabber_Read10
StarBurn_CdvdBurnerGrabber_ReadATIP
StarBurn_CdvdBurnerGrabber_ReadCD
StarBurn_CdvdBurnerGrabber_ReadCooked
StarBurn_CdvdBurnerGrabber_ReadEx
StarBurn_CdvdBurnerGrabber_ReadLB
StarBurn_CdvdBurnerGrabber_ReadRaw
StarBurn_CdvdBurnerGrabber_Release
StarBurn_CdvdBurnerGrabber_RestoreReadErrorRecovery
StarBurn_CdvdBurnerGrabber_SendOPC
StarBurn_CdvdBurnerGrabber_SessionAtOnce
StarBurn_CdvdBurnerGrabber_SessionAtOnceRawRawPW
StarBurn_CdvdBurnerGrabber_SessionAtOnceRawRawPWEx
StarBurn_CdvdBurnerGrabber_SetBUP
StarBurn_CdvdBurnerGrabber_SetCDTextItem
StarBurn_CdvdBurnerGrabber_SetReadSpeed
StarBurn_CdvdBurnerGrabber_SetSpeeds
StarBurn_CdvdBurnerGrabber_StopPlayScan
StarBurn_CdvdBurnerGrabber_SuperVideoCD
StarBurn_CdvdBurnerGrabber_SuperVideoCDEx
StarBurn_CdvdBurnerGrabber_SuperVideoCDExEx
StarBurn_CdvdBurnerGrabber_TestUnitReady
StarBurn_CdvdBurnerGrabber_TestUnitReadyEx
StarBurn_CdvdBurnerGrabber_TestUnitReadyExEx
StarBurn_CdvdBurnerGrabber_TrackAtOnceFromFile
StarBurn_CdvdBurnerGrabber_TrackAtOnceFromFileAudioUnicode
StarBurn_CdvdBurnerGrabber_TrackAtOnceFromFileAudioUnicodeEx
StarBurn_CdvdBurnerGrabber_TrackAtOnceFromFileEx
StarBurn_CdvdBurnerGrabber_TrackAtOnceFromMemory
StarBurn_CdvdBurnerGrabber_TrackAtOnceFromMemoryEx
StarBurn_CdvdBurnerGrabber_TrackAtOnceFromPipe
StarBurn_CdvdBurnerGrabber_TrackAtOnceFromPipeEx
StarBurn_CdvdBurnerGrabber_TrackAtOnceFromTree
StarBurn_CdvdBurnerGrabber_VerifyFile
StarBurn_CdvdBurnerGrabber_VerifyTree
StarBurn_CdvdBurnerGrabber_VerifyTreeEx
StarBurn_CdvdBurnerGrabber_VideoCD
StarBurn_CdvdBurnerGrabber_VideoCDEx
StarBurn_CdvdBurnerGrabber_VideoCDExEx
StarBurn_CorrectISO9660Name_Default
StarBurn_CorrectJolietName_Default
StarBurn_CreatePipe
StarBurn_DVDVideo_Create
StarBurn_DVDVideo_Destroy
StarBurn_DVDVideo_GetSizeInUCHARs
StarBurn_DVDVideo_GetTreePointer
StarBurn_DVDVideo_Read
StarBurn_DVDVideo_SeekToBegin
StarBurn_Destroy
StarBurn_DestroyPipe
StarBurn_DownShut
StarBurn_ExpandCookedWithRawRawPW
StarBurn_ExpandRawPQWithRawRawPW
StarBurn_ExpandRawWithRawRawPW
StarBurn_FileClose
StarBurn_FileCreate
StarBurn_FileInitialize
StarBurn_FileOpen
StarBurn_FileOpenEx
StarBurn_FileReWind
StarBurn_FileRead
StarBurn_FileSeek
StarBurn_FileSeekRead
StarBurn_FileSizeInUCHARsGet
StarBurn_FileUnicodeCreate
StarBurn_FileUnicodeOpen
StarBurn_FileUnicodeOpenEx
StarBurn_FileWrite
StarBurn_FindDevice
StarBurn_GetAudioFileStreamSizeInUCHARs
StarBurn_GetBufferUnderrunTimeOutInMs
StarBurn_GetDVDPLUSRDLCompatibleMode
StarBurn_GetDVDPadding
StarBurn_GetDeviceLetter
StarBurn_GetDeviceNameByDeviceAddress
StarBurn_GetDeviceTimeOutByDeviceAddress
StarBurn_GetEjectAfterFail
StarBurn_GetFastReadTOC
StarBurn_GetFastReadTOCLastTrack
StarBurn_GetId
StarBurn_GetIs64KBIO
StarBurn_GetIsCollisionDetectionDisabled
StarBurn_GetIsSafeGrabbingEnabled
StarBurn_GetVersion
StarBurn_GetVolumeIDs
StarBurn_ISO9660JolietFileTree_Add
StarBurn_ISO9660JolietFileTree_AddEx
StarBurn_ISO9660JolietFileTree_AddMemory
StarBurn_ISO9660JolietFileTree_AddPascalStream
StarBurn_ISO9660JolietFileTree_AddW
StarBurn_ISO9660JolietFileTree_BuildImage
StarBurn_ISO9660JolietFileTree_BuildImageEx
StarBurn_ISO9660JolietFileTree_Cancel
StarBurn_ISO9660JolietFileTree_Create
StarBurn_ISO9660JolietFileTree_GetAttributes
StarBurn_ISO9660JolietFileTree_GetFileSizeInUCHARs
StarBurn_ISO9660JolietFileTree_GetFirstKid
StarBurn_ISO9660JolietFileTree_GetFullPath
StarBurn_ISO9660JolietFileTree_GetLevel
StarBurn_ISO9660JolietFileTree_GetNames
StarBurn_ISO9660JolietFileTree_GetNamesEx
StarBurn_ISO9660JolietFileTree_GetNamesW
StarBurn_ISO9660JolietFileTree_GetNextKid
StarBurn_ISO9660JolietFileTree_GetNodeISO9660DateTime
StarBurn_ISO9660JolietFileTree_GetNodePowerInUCHARs
StarBurn_ISO9660JolietFileTree_GetNodeStartingLBA
StarBurn_ISO9660JolietFileTree_GetNodeSystemTime
StarBurn_ISO9660JolietFileTree_GetParent
StarBurn_ISO9660JolietFileTree_GetRoot
StarBurn_ISO9660JolietFileTree_GetSizeInUCHARs
StarBurn_ISO9660JolietFileTree_ImportFile
StarBurn_ISO9660JolietFileTree_ImportTrack
StarBurn_ISO9660JolietFileTree_Read
StarBurn_ISO9660JolietFileTree_Remove
StarBurn_ISO9660JolietFileTree_SeekToBegin
StarBurn_ISO9660JolietFileTree_SetAttributes
StarBurn_ISO9660JolietFileTree_SetBootImage
StarBurn_ISO9660JolietFileTree_SetBootImageEx
StarBurn_ISO9660JolietFileTree_SetCallbackContext
StarBurn_ISO9660JolietFileTree_SetNames
StarBurn_IsAudioFileSupported
StarBurn_Memory_Allocate
StarBurn_Memory_Free
StarBurn_MutilateExceptionNumber
StarBurn_SPTD_GetVersion
StarBurn_SetBufferUnderrunTimeOutInMs
StarBurn_SetDVDPLUSRDLCompatibleMode
StarBurn_SetDVDPadding
StarBurn_SetDeviceTimeOutByDeviceAddress
StarBurn_SetEjectAfterFail
StarBurn_SetFastReadTOC
StarBurn_SetFastReadTOCLastTrack
StarBurn_SetIs64KBIO
StarBurn_SetIsCollisionDetectionDisabled
StarBurn_SetIsSafeGrabbingEnabled
StarBurn_StarPort_DeviceAddLocal
StarBurn_StarPort_DeviceAddLocalEx
StarBurn_StarPort_DeviceAddRemote
StarBurn_StarPort_DeviceAddRemoteEx
StarBurn_StarPort_DeviceListQueryLocal
StarBurn_StarPort_DeviceListQueryRemote
StarBurn_StarPort_DeviceRemove
StarBurn_StarPort_GetDeviceInformation
StarBurn_StarPort_GetDeviceLetter
StarBurn_StarPort_GetDeviceSCSIAddress
StarBurn_StarPort_GetVersion
StarBurn_StarWave2_EncodeMP3OGGFromWAV
StarBurn_StarWave_CompressedFileReaderObjectBeginSeek
StarBurn_StarWave_CompressedFileReaderObjectCreate
StarBurn_StarWave_CompressedFileReaderObjectDestroy
StarBurn_StarWave_CompressedFileReaderObjectRead
StarBurn_StarWave_CompressedFileReaderObjectUncompressedSizeGet
StarBurn_StarWave_CompressedFileReaderObjectUnicodeCreate
StarBurn_StarWave_CompressedFileRecompress
StarBurn_StarWave_CompressedFileSupportedIs
StarBurn_StarWave_CompressedFileUncompress
StarBurn_StarWave_CompressedFileWriterObjectCreate
StarBurn_StarWave_CompressedFileWriterObjectDestroy
StarBurn_StarWave_CompressedFileWriterObjectWrite
StarBurn_StarWave_UncompressedFileCompress
StarBurn_StarWave_UncompressedFileSupportedIs
StarBurn_StarWave_UncompressedFileSupportedUnicodeIs
StarBurn_StarWave_VersionGet
StarBurn_UDF2_DirectoryCreate
StarBurn_UDF2_DirectoryDestroy
StarBurn_UDF2_DirectoryProcess
StarBurn_UDF2_DirectoryProcessEx
StarBurn_UDF2_DirectoryRootCreate
StarBurn_UDF2_DirectoryUnicodeCreate
StarBurn_UDF2_DirectoryUnicodeProcess
StarBurn_UDF2_DirectoryUnicodeProcessEx
StarBurn_UDF2_FileCreate
StarBurn_UDF2_FileDestroy
StarBurn_UDF2_FileDirectoryDateTimeGet
StarBurn_UDF2_FileDirectoryDateTimeSet
StarBurn_UDF2_FileMemoryCreate
StarBurn_UDF2_FileMemoryUnicodeCreate
StarBurn_UDF2_FileUnicodeCreate
StarBurn_UDF2_ISO9660FileTreeCreate
StarBurn_UDF2_ImpVolumeCreate
StarBurn_UDF2_ImpVolumeDestroy
StarBurn_UDF2_ImpVolumeImport
StarBurn_UDF2_VolumeAnchorGet
StarBurn_UDF2_VolumeCreate
StarBurn_UDF2_VolumeDestroy
StarBurn_UDF2_VolumeSeekRead
StarBurn_UDF2_VolumeSizeInUCHARsGet
StarBurn_UDF2_VolumeStore
StarBurn_UDF2_VolumeUnicodeCreate
StarBurn_UDF_Add
StarBurn_UDF_CleanUp
StarBurn_UDF_Create
StarBurn_UDF_CreateEx
StarBurn_UDF_Destroy
StarBurn_UDF_DestroyNodeAndKids
StarBurn_UDF_FormatTreeItemAsDirectory
StarBurn_UDF_FormatTreeItemAsFile
StarBurn_UDF_GetFirstChild
StarBurn_UDF_GetNextSibling
StarBurn_UDF_GetNodeObject
StarBurn_UDF_GetParent
StarBurn_UpStart
StarBurn_UpStartEx

Sections

.text
Size: 700KB - Virtual size: 700KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Resources/magic_cmp.dll
.dll windows:4 windows x86 arch:x86

71fc45db7a81ce236f432a828a4e8fcd

Code Sign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10-05-2010 00:00

Not After

10-05-2015 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

cd:5d:11:0f:fb:97:fa:9e:bb:c2:ed:ee:b7:2c:c1:6a
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

13-04-2015 00:00

Not After

12-04-2016 23:59

Subject

CN=Hetman Software,O=Hetman Software,POSTALCODE=07500,STREET=Komsomolskaya street\, 13/2,L=Baryshevka,ST=Kievskaya,C=UA

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

27:66:ee:56:eb:49:f3:8e:ab:d7:70:a2:fc:84:de:22
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

30-05-2000 10:48

Not After

30-05-2020 10:48

Subject

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09-05-2013 00:00

Not After

08-05-2028 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

db:24:a3:f8:a1:0f:56:6a:2b:72:09:d7:f5:12:28:51:fc:16:ac:f0
Signer

Actual PE Digest

db:24:a3:f8:a1:0f:56:6a:2b:72:09:d7:f5:12:28:51:fc:16:ac:f0

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

oleaut32

SysAllocString
VariantClear
VariantCopy
SysFreeString
SysAllocStringByteLen

user32

CharLowerW
CharUpperA
CharNextA
CharPrevExA
CharUpperW
CharLowerA

msvcrt

_adjust_fdiv
_initterm
?terminate@@YAXXZ
_onexit
__dllonexit
??1type_info@@UAE@XZ
_except_handler3
_beginthreadex
memset
strcmp
realloc
memcmp
_purecall
strlen
free
malloc
memmove
_CxxThrowException
memcpy
__CxxFrameHandler

kernel32

InitializeCriticalSection
ReleaseSemaphore
CreateSemaphoreA
ResetEvent
SetEvent
CreateEventA
WaitForSingleObject
VirtualFree
VirtualAlloc
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
FileTimeToLocalFileTime
DeleteCriticalSection
LocalFileTimeToFileTime
GetVersionExA
WaitForMultipleObjects
EnterCriticalSection
LeaveCriticalSection
GetSystemTime
SystemTimeToFileTime
FileTimeToDosDateTime
DosDateTimeToFileTime
GetModuleHandleA
GetProcAddress
GetSystemInfo
CompareFileTime
WriteFile
ReadFile
MultiByteToWideChar
WideCharToMultiByte
GetLastError
CloseHandle
SetFileAttributesA
DeleteFileA
GetTempPathA
GetTempFileNameA
CreateFileA

Exports

Exports

CreateObject
GetHandlerProperty
GetHandlerProperty2
GetMethodProperty
GetNumberOfFormats
GetNumberOfMethods
SetLargePageMode

Sections

.text
Size: 654KB - Virtual size: 654KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sxdata
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Resources/magic_jbig.exe
.exe windows:5 windows x86 arch:x86

d12209f9fb21829c6b138e300a2e7cae

Code Sign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10-05-2010 00:00

Not After

10-05-2015 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

cd:5d:11:0f:fb:97:fa:9e:bb:c2:ed:ee:b7:2c:c1:6a
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

13-04-2015 00:00

Not After

12-04-2016 23:59

Subject

CN=Hetman Software,O=Hetman Software,POSTALCODE=07500,STREET=Komsomolskaya street\, 13/2,L=Baryshevka,ST=Kievskaya,C=UA

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

27:66:ee:56:eb:49:f3:8e:ab:d7:70:a2:fc:84:de:22
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

30-05-2000 10:48

Not After

30-05-2020 10:48

Subject

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09-05-2013 00:00

Not After

08-05-2028 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

29:e6:18:b5:69:4d:2a:82:b3:c8:74:94:e2:90:10:9f:36:90:f2:73
Signer

Actual PE Digest

29:e6:18:b5:69:4d:2a:82:b3:c8:74:94:e2:90:10:9f:36:90:f2:73

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

S:\S\WPJbig\jbig2dec\jbig2dec\Debug\jbig2dec.pdb

Imports

msvcr100d

__setusermatherr
_commode
_fmode
__set_app_type
_amsg_exit
__getmainargs
_exit
_XcptFilter
_cexit
__initenv
_CrtSetCheckCount
_CrtDbgReportW
_configthreadlocale
_initterm_e
_crt_debugger_hook
?terminate@@YAXXZ
_controlfp_s
_invoke_watson
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
_vsnprintf
fwrite
isdigit
fgetc
sscanf
feof
memset
exit
fclose
strrchr
fread
fopen
_snprintf
atoi
realloc
strncpy
fflush
_strdup
malloc
free
memcmp
memmove
memcpy
getenv
strcmp
fprintf
__iob_func
strlen
_initterm
strncmp

kernel32

FreeLibrary
GetModuleFileNameW
GetProcessHeap
HeapAlloc
HeapFree
LoadLibraryW
GetProcAddress
lstrlenA
RaiseException
MultiByteToWideChar
WideCharToMultiByte
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DecodePointer
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
HeapSetInformation
InterlockedCompareExchange
Sleep
InterlockedExchange
EncodePointer
VirtualQuery

Sections

.text
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Resources/msvcr100d.dll
.dll windows:5 windows x86 arch:x86

0dc7b0e0b0a7b26ca080f7c56e8c0b34

Code Sign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10-05-2010 00:00

Not After

10-05-2015 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

cd:5d:11:0f:fb:97:fa:9e:bb:c2:ed:ee:b7:2c:c1:6a
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

13-04-2015 00:00

Not After

12-04-2016 23:59

Subject

CN=Hetman Software,O=Hetman Software,POSTALCODE=07500,STREET=Komsomolskaya street\, 13/2,L=Baryshevka,ST=Kievskaya,C=UA

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

27:66:ee:56:eb:49:f3:8e:ab:d7:70:a2:fc:84:de:22
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

30-05-2000 10:48

Not After

30-05-2020 10:48

Subject

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09-05-2013 00:00

Not After

08-05-2028 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:f2:82:a0:bd:59:45:d7:87:18:ae:eb:e4:51:cb:22:3b:b9:e5:81
Signer

Actual PE Digest

33:f2:82:a0:bd:59:45:d7:87:18:ae:eb:e4:51:cb:22:3b:b9:e5:81

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

msvcr100d.i386.pdb

Imports

kernel32

EncodePointer
DecodePointer
RaiseException
GetModuleFileNameA
GetModuleFileNameW
InterlockedIncrement
InterlockedDecrement
GetModuleHandleW
GetProcAddress
ExitProcess
WriteFile
GetStdHandle
GetCurrentThreadId
TlsGetValue
GetCommandLineW
GetCommandLineA
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ResumeThread
GetLastError
CreateThread
ExitThread
CloseHandle
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThread
FindNextFileA
FindFirstFileExA
FindClose
FindNextFileW
FindFirstFileExW
GetLogicalDrives
GetDiskFreeSpaceA
FileTimeToSystemTime
FileTimeToLocalFileTime
SetErrorMode
Sleep
Beep
GetFileAttributesA
SetFileAttributesA
SetEnvironmentVariableA
GetCurrentDirectoryA
SetCurrentDirectoryA
GetCurrentDirectoryW
SetCurrentDirectoryW
GetFullPathNameA
GetDriveTypeW
GetCurrentProcessId
CreateDirectoryA
MoveFileA
RemoveDirectoryA
GetDriveTypeA
DeleteFileA
GetFileAttributesW
SetEnvironmentVariableW
SetFileAttributesW
GetFullPathNameW
CreateDirectoryW
MoveFileW
RemoveDirectoryW
DeleteFileW
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
LoadLibraryA
FreeLibrary
CreateProcessW
ReadFile
DuplicateHandle
GetCurrentProcess
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetLocalTime
WideCharToMultiByte
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
SetLocalTime
InterlockedPopEntrySList
InterlockedFlushSList
InterlockedPushEntrySList
QueryDepthSList
CreateTimerQueue
CreateTimerQueueTimer
DeleteTimerQueueTimer
CreateEventW
SetEvent
SwitchToThread
SignalObjectAndWait
TryEnterCriticalSection
GetProcessAffinityMask
SetThreadAffinityMask
VirtualAlloc
SetThreadPriority
GetVersionExW
GetSystemInfo
GetTickCount
VirtualProtect
VirtualFree
InitializeSListHead
CreateSemaphoreW
WaitForMultipleObjects
ReleaseSemaphore
GetThreadPriority
LoadLibraryW
SleepEx
OutputDebugStringW
DebugBreak
GetModuleHandleA
FreeLibraryAndExitThread
GetThreadTimes
MultiByteToWideChar
GetStringTypeW
GetACP
GetOEMCP
GetCPInfo
IsValidCodePage
GetTimeFormatA
GetDateFormatA
GetTimeFormatW
GetDateFormatW
RtlUnwind
HeapCreate
HeapDestroy
HeapFree
HeapValidate
HeapCompact
HeapWalk
HeapAlloc
VirtualQuery
SetHandleCount
GetFileType
GetStartupInfoW
GetFileInformationByHandle
PeekNamedPipe
CreateFileA
CreateFileW
SetFilePointer
GetConsoleCP
GetConsoleMode
FlushFileBuffers
CreatePipe
SetStdHandle
ReadConsoleInputA
SetConsoleMode
PeekConsoleInputA
GetNumberOfConsoleInputEvents
ReadConsoleInputW
WriteConsoleW
ReadConsoleW
SetEndOfFile
GetProcessHeap
InterlockedExchange
LockFile
UnlockFile
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
IsBadReadPtr
SetConsoleCtrlHandler
GetLocaleInfoW
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
OutputDebugStringA
LCMapStringW
CompareStringW
GetLocaleInfoA
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
IsProcessorFeaturePresent
HeapReAlloc
HeapSize
HeapQueryInformation

Exports

Exports

$I10_OUTPUT
??0?$_SpinWait@$00@details@Concurrency@@QAE@P6AXXZ@Z
??0?$_SpinWait@$0A@@details@Concurrency@@QAE@P6AXXZ@Z
??0SchedulerPolicy@Concurrency@@QAA@IZZ
??0SchedulerPolicy@Concurrency@@QAE@ABV01@@Z
??0SchedulerPolicy@Concurrency@@QAE@XZ
??0_NonReentrantBlockingLock@details@Concurrency@@QAE@XZ
??0_NonReentrantPPLLock@details@Concurrency@@QAE@XZ
??0_ReaderWriterLock@details@Concurrency@@QAE@XZ
??0_ReentrantBlockingLock@details@Concurrency@@QAE@XZ
??0_ReentrantLock@details@Concurrency@@QAE@XZ
??0_ReentrantPPLLock@details@Concurrency@@QAE@XZ
??0_Scoped_lock@_NonReentrantPPLLock@details@Concurrency@@QAE@AAV123@@Z
??0_Scoped_lock@_ReentrantPPLLock@details@Concurrency@@QAE@AAV123@@Z
??0_SpinLock@details@Concurrency@@QAE@ACJ@Z
??0_TaskCollection@details@Concurrency@@QAE@XZ
??0_Timer@details@Concurrency@@IAE@I_N@Z
??0__non_rtti_object@std@@QAE@ABV01@@Z
??0__non_rtti_object@std@@QAE@PBD@Z
??0bad_cast@std@@AAE@PBQBD@Z
??0bad_cast@std@@QAE@ABV01@@Z
??0bad_cast@std@@QAE@PBD@Z
??0bad_target@Concurrency@@QAE@PBD@Z
??0bad_target@Concurrency@@QAE@XZ
??0bad_typeid@std@@QAE@ABV01@@Z
??0bad_typeid@std@@QAE@PBD@Z
??0context_self_unblock@Concurrency@@QAE@PBD@Z
??0context_self_unblock@Concurrency@@QAE@XZ
??0context_unblock_unbalanced@Concurrency@@QAE@PBD@Z
??0context_unblock_unbalanced@Concurrency@@QAE@XZ
??0critical_section@Concurrency@@QAE@XZ
??0default_scheduler_exists@Concurrency@@QAE@PBD@Z
??0default_scheduler_exists@Concurrency@@QAE@XZ
??0event@Concurrency@@QAE@XZ
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@ABQBDH@Z
??0exception@std@@QAE@ABV01@@Z
??0exception@std@@QAE@XZ
??0improper_lock@Concurrency@@QAE@PBD@Z
??0improper_lock@Concurrency@@QAE@XZ
??0improper_scheduler_attach@Concurrency@@QAE@PBD@Z
??0improper_scheduler_attach@Concurrency@@QAE@XZ
??0improper_scheduler_detach@Concurrency@@QAE@PBD@Z
??0improper_scheduler_detach@Concurrency@@QAE@XZ
??0improper_scheduler_reference@Concurrency@@QAE@PBD@Z
??0improper_scheduler_reference@Concurrency@@QAE@XZ
??0invalid_link_target@Concurrency@@QAE@PBD@Z
??0invalid_link_target@Concurrency@@QAE@XZ
??0invalid_multiple_scheduling@Concurrency@@QAE@PBD@Z
??0invalid_multiple_scheduling@Concurrency@@QAE@XZ
??0invalid_operation@Concurrency@@QAE@PBD@Z
??0invalid_operation@Concurrency@@QAE@XZ
??0invalid_oversubscribe_operation@Concurrency@@QAE@PBD@Z
??0invalid_oversubscribe_operation@Concurrency@@QAE@XZ
??0invalid_scheduler_policy_key@Concurrency@@QAE@PBD@Z
??0invalid_scheduler_policy_key@Concurrency@@QAE@XZ
??0invalid_scheduler_policy_thread_specification@Concurrency@@QAE@PBD@Z
??0invalid_scheduler_policy_thread_specification@Concurrency@@QAE@XZ
??0invalid_scheduler_policy_value@Concurrency@@QAE@PBD@Z
??0invalid_scheduler_policy_value@Concurrency@@QAE@XZ
??0message_not_found@Concurrency@@QAE@PBD@Z
??0message_not_found@Concurrency@@QAE@XZ
??0missing_wait@Concurrency@@QAE@PBD@Z
??0missing_wait@Concurrency@@QAE@XZ
??0nested_scheduler_missing_detach@Concurrency@@QAE@PBD@Z
??0nested_scheduler_missing_detach@Concurrency@@QAE@XZ
??0operation_timed_out@Concurrency@@QAE@PBD@Z
??0operation_timed_out@Concurrency@@QAE@XZ
??0reader_writer_lock@Concurrency@@QAE@XZ
??0scheduler_not_attached@Concurrency@@QAE@PBD@Z
??0scheduler_not_attached@Concurrency@@QAE@XZ
??0scheduler_resource_allocation_error@Concurrency@@QAE@J@Z
??0scheduler_resource_allocation_error@Concurrency@@QAE@PBDJ@Z
??0scoped_lock@critical_section@Concurrency@@QAE@AAV12@@Z
??0scoped_lock@reader_writer_lock@Concurrency@@QAE@AAV12@@Z
??0scoped_lock_read@reader_writer_lock@Concurrency@@QAE@AAV12@@Z
??0task_canceled@details@Concurrency@@QAE@PBD@Z
??0task_canceled@details@Concurrency@@QAE@XZ
??0unsupported_os@Concurrency@@QAE@PBD@Z
??0unsupported_os@Concurrency@@QAE@XZ
??1SchedulerPolicy@Concurrency@@QAE@XZ
??1_NonReentrantBlockingLock@details@Concurrency@@QAE@XZ
??1_ReentrantBlockingLock@details@Concurrency@@QAE@XZ
??1_Scoped_lock@_NonReentrantPPLLock@details@Concurrency@@QAE@XZ
??1_Scoped_lock@_ReentrantPPLLock@details@Concurrency@@QAE@XZ
??1_SpinLock@details@Concurrency@@QAE@XZ
??1_TaskCollection@details@Concurrency@@QAE@XZ
??1_Timer@details@Concurrency@@IAE@XZ
??1__non_rtti_object@std@@UAE@XZ
??1bad_cast@std@@UAE@XZ
??1bad_typeid@std@@UAE@XZ
??1critical_section@Concurrency@@QAE@XZ
??1event@Concurrency@@QAE@XZ
??1exception@std@@UAE@XZ
??1reader_writer_lock@Concurrency@@QAE@XZ
??1scoped_lock@critical_section@Concurrency@@QAE@XZ
??1scoped_lock@reader_writer_lock@Concurrency@@QAE@XZ
??1scoped_lock_read@reader_writer_lock@Concurrency@@QAE@XZ
??1type_info@@UAE@XZ
??2@YAPAXI@Z
??2@YAPAXIHPBDH@Z
??3@YAXPAX@Z
??4?$_SpinWait@$00@details@Concurrency@@QAEAAV012@ABV012@@Z
??4?$_SpinWait@$0A@@details@Concurrency@@QAEAAV012@ABV012@@Z
??4SchedulerPolicy@Concurrency@@QAEAAV01@ABV01@@Z
??4__non_rtti_object@std@@QAEAAV01@ABV01@@Z
??4bad_cast@std@@QAEAAV01@ABV01@@Z
??4bad_typeid@std@@QAEAAV01@ABV01@@Z
??4exception@std@@QAEAAV01@ABV01@@Z
??8type_info@@QBE_NABV0@@Z
??9type_info@@QBE_NABV0@@Z
??_7__non_rtti_object@std@@6B@
??_7bad_cast@std@@6B@
??_7bad_typeid@std@@6B@
??_7exception@@6B@
??_7exception@std@@6B@
??_F?$_SpinWait@$00@details@Concurrency@@QAEXXZ
??_F?$_SpinWait@$0A@@details@Concurrency@@QAEXXZ
??_Fbad_cast@std@@QAEXXZ
??_Fbad_typeid@std@@QAEXXZ
??_U@YAPAXI@Z
??_U@YAPAXIHPBDH@Z
??_V@YAXPAX@Z
?Alloc@Concurrency@@YAPAXI@Z
?Block@Context@Concurrency@@SAXXZ
?Create@CurrentScheduler@Concurrency@@SAXABVSchedulerPolicy@2@@Z
?Create@Scheduler@Concurrency@@SAPAV12@ABVSchedulerPolicy@2@@Z
?CreateResourceManager@Concurrency@@YAPAUIResourceManager@1@XZ
?CreateScheduleGroup@CurrentScheduler@Concurrency@@SAPAVScheduleGroup@2@XZ
?CurrentContext@Context@Concurrency@@SAPAV12@XZ
?Detach@CurrentScheduler@Concurrency@@SAXXZ
?DisableTracing@Concurrency@@YAJXZ
?EnableTracing@Concurrency@@YAJXZ
?Free@Concurrency@@YAXPAX@Z
?Get@CurrentScheduler@Concurrency@@SAPAVScheduler@2@XZ
?GetExecutionContextId@Concurrency@@YAIXZ
?GetNumberOfVirtualProcessors@CurrentScheduler@Concurrency@@SAIXZ
?GetOSVersion@Concurrency@@YA?AW4OSVersion@IResourceManager@1@XZ
?GetPolicy@CurrentScheduler@Concurrency@@SA?AVSchedulerPolicy@2@XZ
?GetPolicyValue@SchedulerPolicy@Concurrency@@QBEIW4PolicyElementKey@2@@Z
?GetProcessorCount@Concurrency@@YAIXZ
?GetProcessorNodeCount@Concurrency@@YAIXZ
?GetSchedulerId@Concurrency@@YAIXZ
?GetSharedTimerQueue@details@Concurrency@@YAPAXXZ
?Id@Context@Concurrency@@SAIXZ
?Id@CurrentScheduler@Concurrency@@SAIXZ
?IsCurrentTaskCollectionCanceling@Context@Concurrency@@SA_NXZ
?Log2@details@Concurrency@@YAKI@Z
?Oversubscribe@Context@Concurrency@@SAX_N@Z
?RegisterShutdownEvent@CurrentScheduler@Concurrency@@SAXPAX@Z
?ResetDefaultSchedulerPolicy@Scheduler@Concurrency@@SAXXZ
?ScheduleGroupId@Context@Concurrency@@SAIXZ
?ScheduleTask@CurrentScheduler@Concurrency@@SAXP6AXPAX@Z0@Z
?SetConcurrencyLimits@SchedulerPolicy@Concurrency@@QAEXII@Z
?SetDefaultSchedulerPolicy@Scheduler@Concurrency@@SAXABVSchedulerPolicy@2@@Z
?SetPolicyValue@SchedulerPolicy@Concurrency@@QAEIW4PolicyElementKey@2@I@Z
?VirtualProcessorId@Context@Concurrency@@SAIXZ
?Yield@Context@Concurrency@@SAXXZ
?_Abort@_StructuredTaskCollection@details@Concurrency@@AAEXXZ
?_Acquire@_NonReentrantBlockingLock@details@Concurrency@@QAEXXZ
?_Acquire@_NonReentrantPPLLock@details@Concurrency@@QAEXPAX@Z
?_Acquire@_ReentrantBlockingLock@details@Concurrency@@QAEXXZ
?_Acquire@_ReentrantLock@details@Concurrency@@QAEXXZ
?_Acquire@_ReentrantPPLLock@details@Concurrency@@QAEXPAX@Z
?_AcquireRead@_ReaderWriterLock@details@Concurrency@@QAEXXZ
?_AcquireWrite@_ReaderWriterLock@details@Concurrency@@QAEXXZ
?_Cancel@_StructuredTaskCollection@details@Concurrency@@QAEXXZ
?_Cancel@_TaskCollection@details@Concurrency@@QAEXXZ
?_CheckTaskCollection@_UnrealizedChore@details@Concurrency@@IAEXXZ
?_ConcRT_Assert@details@Concurrency@@YAXPBD0H@Z
?_ConcRT_CoreAssert@details@Concurrency@@YAXPBD0H@Z
?_ConcRT_DumpMessage@details@Concurrency@@YAXPB_WZZ
?_ConcRT_Trace@details@Concurrency@@YAXHPB_WZZ
?_Copy_str@exception@std@@AAEXPBD@Z
?_CrtDbgReportW@@YAHHPBGH00ZZ
?_DoYield@?$_SpinWait@$00@details@Concurrency@@IAEXXZ
?_DoYield@?$_SpinWait@$0A@@details@Concurrency@@IAEXXZ
?_IsCanceling@_StructuredTaskCollection@details@Concurrency@@QAE_NXZ
?_IsCanceling@_TaskCollection@details@Concurrency@@QAE_NXZ
?_Name_base@type_info@@CAPBDPBV1@PAU__type_info_node@@@Z
?_Name_base_internal@type_info@@CAPBDPBV1@PAU__type_info_node@@@Z
?_NumberOfSpins@?$_SpinWait@$00@details@Concurrency@@IAEKXZ
?_NumberOfSpins@?$_SpinWait@$0A@@details@Concurrency@@IAEKXZ
?_Release@_NonReentrantBlockingLock@details@Concurrency@@QAEXXZ
?_Release@_NonReentrantPPLLock@details@Concurrency@@QAEXXZ
?_Release@_ReentrantBlockingLock@details@Concurrency@@QAEXXZ
?_Release@_ReentrantLock@details@Concurrency@@QAEXXZ
?_Release@_ReentrantPPLLock@details@Concurrency@@QAEXXZ
?_ReleaseRead@_ReaderWriterLock@details@Concurrency@@QAEXXZ
?_ReleaseWrite@_ReaderWriterLock@details@Concurrency@@QAEXXZ
?_Reset@?$_SpinWait@$00@details@Concurrency@@IAEXXZ
?_Reset@?$_SpinWait@$0A@@details@Concurrency@@IAEXXZ
?_RunAndWait@_StructuredTaskCollection@details@Concurrency@@QAG?AW4_TaskCollectionStatus@23@PAV_UnrealizedChore@23@@Z
?_RunAndWait@_TaskCollection@details@Concurrency@@QAG?AW4_TaskCollectionStatus@23@PAV_UnrealizedChore@23@@Z
?_Schedule@_StructuredTaskCollection@details@Concurrency@@QAEXPAV_UnrealizedChore@23@@Z
?_Schedule@_TaskCollection@details@Concurrency@@QAEXPAV_UnrealizedChore@23@@Z
?_SetSpinCount@?$_SpinWait@$00@details@Concurrency@@QAEXI@Z
?_SetSpinCount@?$_SpinWait@$0A@@details@Concurrency@@QAEXI@Z
?_ShouldSpinAgain@?$_SpinWait@$00@details@Concurrency@@IAE_NXZ
?_ShouldSpinAgain@?$_SpinWait@$0A@@details@Concurrency@@IAE_NXZ
?_SpinOnce@?$_SpinWait@$00@details@Concurrency@@QAE_NXZ
?_SpinOnce@?$_SpinWait@$0A@@details@Concurrency@@QAE_NXZ
?_SpinYield@Context@Concurrency@@SAXXZ
?_Start@_Timer@details@Concurrency@@IAEXXZ
?_Stop@_Timer@details@Concurrency@@IAEXXZ
?_Tidy@exception@std@@AAEXXZ
?_Trace_ppl_function@Concurrency@@YAXABU_GUID@@EW4ConcRT_EventType@1@@Z
?_TryAcquire@_NonReentrantBlockingLock@details@Concurrency@@QAE_NXZ
?_TryAcquire@_ReentrantBlockingLock@details@Concurrency@@QAE_NXZ
?_TryAcquire@_ReentrantLock@details@Concurrency@@QAE_NXZ
?_TryAcquireWrite@_ReaderWriterLock@details@Concurrency@@QAE_NXZ
?_Type_info_dtor@type_info@@CAXPAV1@@Z
?_Type_info_dtor_internal@type_info@@CAXPAV1@@Z
?_UnderlyingYield@details@Concurrency@@YAXXZ
?_ValidateExecute@@YAHP6GHXZ@Z
?_ValidateRead@@YAHPBXI@Z
?_ValidateWrite@@YAHPAXI@Z
?_Value@_SpinCount@details@Concurrency@@SAIXZ
?__ExceptionPtrAssign@@YAXPAXPBX@Z
?__ExceptionPtrCompare@@YA_NPBX0@Z
?__ExceptionPtrCopy@@YAXPAXPBX@Z
?__ExceptionPtrCopyException@@YAXPAXPBX1@Z
?__ExceptionPtrCreate@@YAXPAX@Z
?__ExceptionPtrCurrentException@@YAXPAX@Z
?__ExceptionPtrDestroy@@YAXPAX@Z
?__ExceptionPtrRethrow@@YAXPBX@Z
?_inconsistency@@YAXXZ
?_invalid_parameter@@YAXPBG00II@Z
?_is_exception_typeof@@YAHABVtype_info@@PAU_EXCEPTION_POINTERS@@@Z
?_name_internal_method@type_info@@QBEPBDPAU__type_info_node@@@Z
?_open@@YAHPBDHH@Z
?_query_new_handler@@YAP6AHI@ZXZ
?_query_new_mode@@YAHXZ
?_set_new_handler@@YAP6AHI@ZH@Z
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
?_set_new_mode@@YAHH@Z
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZH@Z
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
?_sopen@@YAHPBDHHH@Z
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?_wopen@@YAHPB_WHH@Z
?_wsopen@@YAHPB_WHHH@Z
?before@type_info@@QBEHABV1@@Z
?commonFlags@?1??_control87@@9@9
?get_error_code@scheduler_resource_allocation_error@Concurrency@@QBEJXZ
?lock@critical_section@Concurrency@@QAEXXZ
?lock@reader_writer_lock@Concurrency@@QAEXXZ
?lock_read@reader_writer_lock@Concurrency@@QAEXXZ
?name@type_info@@QBEPBDPAU__type_info_node@@@Z
?native_handle@critical_section@Concurrency@@QAEAAV12@XZ
?raw_name@type_info@@QBEPBDXZ
?reset@event@Concurrency@@QAEXXZ
?set@event@Concurrency@@QAEXXZ
?set_new_handler@@YAP6AXXZP6AXXZ@Z
?set_terminate@@YAP6AXXZH@Z
?set_terminate@@YAP6AXXZP6AXXZ@Z
?set_unexpected@@YAP6AXXZH@Z
?set_unexpected@@YAP6AXXZP6AXXZ@Z
?swprintf@@YAHPAGIPBGZZ
?swprintf@@YAHPA_WIPB_WZZ
?terminate@@YAXXZ
?try_lock@critical_section@Concurrency@@QAE_NXZ
?try_lock@reader_writer_lock@Concurrency@@QAE_NXZ
?try_lock_read@reader_writer_lock@Concurrency@@QAE_NXZ
?unexpected@@YAXXZ
?unlock@critical_section@Concurrency@@QAEXXZ
?unlock@reader_writer_lock@Concurrency@@QAEXXZ
?vswprintf@@YAHPA_WIPB_WPAD@Z
?wait@Concurrency@@YAXI@Z
?wait@event@Concurrency@@QAEII@Z
?wait_for_multiple@event@Concurrency@@SAIPAPAV12@I_NI@Z
?what@exception@std@@UBEPBDXZ
_CIacos
_CIasin
_CIatan
_CIatan2
_CIcos
_CIcosh
_CIexp
_CIfmod
_CIlog
_CIlog10
_CIpow
_CIsin
_CIsinh
_CIsqrt
_CItan
_CItanh
_CRT_RTC_INIT
_CRT_RTC_INITW
_CreateFrameInfo
_CrtCheckMemory
_CrtDbgBreak
_CrtDbgReport
_CrtDbgReportW
_CrtDoForAllClientObjects
_CrtDumpMemoryLeaks
_CrtGetAllocHook
_CrtGetCheckCount
_CrtGetDumpClient
_CrtGetReportHook
_CrtIsMemoryBlock
_CrtIsValidHeapPointer
_CrtIsValidPointer
_CrtMemCheckpoint
_CrtMemDifference
_CrtMemDumpAllObjectsSince
_CrtMemDumpStatistics
_CrtReportBlockType
_CrtSetAllocHook
_CrtSetBreakAlloc
_CrtSetCheckCount
_CrtSetDbgBlockType
_CrtSetDbgFlag
_CrtSetDebugFillThreshold
_CrtSetDumpClient
_CrtSetReportFile
_CrtSetReportHook
_CrtSetReportHook2
_CrtSetReportHookW2
_CrtSetReportMode
_CxxThrowException
_EH_prolog
_FindAndUnlinkFrame
_Getdays
_Getmonths
_Gettnames
_HUGE
_IsExceptionObjectToBeDestroyed
_NLG_Dispatch2
_NLG_Return
_NLG_Return2
_Strftime
_VCrtDbgReportA
_VCrtDbgReportW
_XcptFilter
__AdjustPointer
__BuildCatchObject
__BuildCatchObjectHelper
__CppXcptFilter
__CxxCallUnwindDelDtor
__CxxCallUnwindDtor
__CxxCallUnwindStdDelDtor
__CxxCallUnwindVecDtor
__CxxDetectRethrow
__CxxExceptionFilter
__CxxFrameHandler
__CxxFrameHandler2
__CxxFrameHandler3
__CxxLongjmpUnwind
__CxxQueryExceptionSize
__CxxRegisterExceptionObject
__CxxUnregisterExceptionObject
__DestructExceptionObject
__FrameUnwindFilter
__RTCastToVoid
__RTDynamicCast
__RTtypeid
__STRINGTOLD
__STRINGTOLD_L
__TypeMatch
___fls_getvalue@4
___fls_setvalue@8
___lc_codepage_func
___lc_collate_cp_func
___lc_handle_func
___mb_cur_max_func
___mb_cur_max_l_func
___setlc_active_func
___unguarded_readlc_active_add_func
__argc
__argv
__badioinfo
__clean_type_info_names_internal
__control87_2
__create_locale
__crtCompareStringA
__crtCompareStringW
__crtLCMapStringA
__crtLCMapStringW
__daylight
__dllonexit
__doserrno
__dstbias
__fpecode
__free_locale
__get_current_locale
__get_flsindex
__get_tlsindex
__getmainargs
__initenv
__iob_func
__isascii
__iscsym
__iscsymf
__iswcsym
__iswcsymf
__lconv
__lconv_init
__libm_sse2_acos
__libm_sse2_acosf
__libm_sse2_asin
__libm_sse2_asinf
__libm_sse2_atan
__libm_sse2_atan2
__libm_sse2_atanf
__libm_sse2_cos
__libm_sse2_cosf
__libm_sse2_exp
__libm_sse2_expf
__libm_sse2_log
__libm_sse2_log10
__libm_sse2_log10f
__libm_sse2_logf
__libm_sse2_pow
__libm_sse2_powf
__libm_sse2_sin
__libm_sse2_sinf
__libm_sse2_tan
__libm_sse2_tanf
__mb_cur_max
__p___argc
__p___argv
__p___initenv
__p___mb_cur_max
__p___wargv
__p___winitenv
__p__acmdln
__p__commode
__p__crtAssertBusy
__p__crtBreakAlloc
__p__crtDbgFlag
__p__daylight
__p__dstbias
__p__environ
__p__fmode
__p__iob
__p__mbcasemap
__p__mbctype
__p__pctype
__p__pgmptr
__p__pwctype
__p__timezone
__p__tzname
__p__wcmdln
__p__wenviron
__p__wpgmptr
__pctype_func
__pioinfo
__pwctype_func
__pxcptinfoptrs
__report_gsfailure
__set_app_type
__set_flsgetvalue
__setlc_active
__setusermatherr
__strncnt
__swprintf_l
__sys_errlist
__sys_nerr
__threadhandle
__threadid
__timezone
__toascii
__tzname
__unDName
__unDNameEx
__unDNameHelper
__uncaught_exception
__unguarded_readlc_active
__vswprintf_l
__wargv
__wcserror
__wcserror_s
__wcsncnt
__wgetmainargs
__winitenv
_abnormal_termination
_abs64
_access
_access_s
_acmdln
_aligned_free
_aligned_free_dbg
_aligned_malloc
_aligned_malloc_dbg
_aligned_msize
_aligned_msize_dbg
_aligned_offset_malloc
_aligned_offset_malloc_dbg
_aligned_offset_realloc
_aligned_offset_realloc_dbg
_aligned_offset_recalloc
_aligned_offset_recalloc_dbg
_aligned_realloc
_aligned_realloc_dbg
_aligned_recalloc
_aligned_recalloc_dbg
_amsg_exit
_assert

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Resources/wp_type1ttf.dll
.dll windows:5 windows x86 arch:x86

c417bb79f3b1f3040f76d57a1e05d087

Code Sign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10-05-2010 00:00

Not After

10-05-2015 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

cd:5d:11:0f:fb:97:fa:9e:bb:c2:ed:ee:b7:2c:c1:6a
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

13-04-2015 00:00

Not After

12-04-2016 23:59

Subject

CN=Hetman Software,O=Hetman Software,POSTALCODE=07500,STREET=Komsomolskaya street\, 13/2,L=Baryshevka,ST=Kievskaya,C=UA

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

27:66:ee:56:eb:49:f3:8e:ab:d7:70:a2:fc:84:de:22
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

30-05-2000 10:48

Not After

30-05-2020 10:48

Subject

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09-05-2013 00:00

Not After

08-05-2028 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

a3:aa:46:c0:a6:ed:99:3c:64:ab:6e:8c:b4:94:eb:91:19:6d:74:e9
Signer

Actual PE Digest

a3:aa:46:c0:a6:ed:99:3c:64:ab:6e:8c:b4:94:eb:91:19:6d:74:e9

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

OutputDebugStringA
RtlUnwind
GetProcAddress
GetModuleHandleW
ExitProcess
DecodePointer
GetLastError
HeapFree
HeapAlloc
HeapReAlloc
GetCurrentThreadId
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
EncodePointer
EnterCriticalSection
LeaveCriticalSection
WideCharToMultiByte
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
FreeLibrary
LoadLibraryW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
WriteFile
GetStdHandle
GetModuleFileNameW
HeapCreate
HeapDestroy
MultiByteToWideChar
ReadFile
SetHandleCount
GetFileType
GetStartupInfoW
SetFilePointer
CloseHandle
Sleep
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetConsoleCP
GetConsoleMode
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
CompareStringW
SetEnvironmentVariableA
HeapSize
CreateFileA
SetStdHandle
FlushFileBuffers
WriteConsoleW
LCMapStringW
GetStringTypeW
SetEndOfFile
GetProcessHeap
CreateFileW
RaiseException
VirtualQuery

Exports

Exports

FTC_CMapCache_Lookup
FTC_CMapCache_New
FTC_ImageCache_Lookup
FTC_ImageCache_LookupScaler
FTC_ImageCache_New
FTC_Image_Cache_Lookup
FTC_Image_Cache_New
FTC_Manager_Done
FTC_Manager_LookupFace
FTC_Manager_LookupSize
FTC_Manager_Lookup_Face
FTC_Manager_Lookup_Size
FTC_Manager_New
FTC_Manager_RemoveFaceID
FTC_Manager_Reset
FTC_Node_Unref
FTC_SBitCache_Lookup
FTC_SBitCache_LookupScaler
FTC_SBitCache_New
FTC_SBit_Cache_Lookup
FTC_SBit_Cache_New
FT_Activate_Size
FT_Add_Default_Modules
FT_Add_Module
FT_Angle_Diff
FT_Atan2
FT_Attach_File
FT_Attach_Stream
FT_Bitmap_Convert
FT_Bitmap_Copy
FT_Bitmap_Done
FT_Bitmap_Embolden
FT_Bitmap_New
FT_CeilFix
FT_ClassicKern_Free
FT_ClassicKern_Validate
FT_Cos
FT_DivFix
FT_Done_Face
FT_Done_FreeType
FT_Done_Glyph
FT_Done_Library
FT_Done_Size
FT_Face_CheckTrueTypePatents
FT_Face_GetCharVariantIndex
FT_Face_GetCharVariantIsDefault
FT_Face_GetCharsOfVariant
FT_Face_GetVariantSelectors
FT_Face_GetVariantsOfChar
FT_Face_SetUnpatentedHinting
FT_FloorFix
FT_Get_Advance
FT_Get_Advances
FT_Get_CMap_Format
FT_Get_CMap_Language_ID
FT_Get_Char_Index
FT_Get_Charmap_Index
FT_Get_FSType_Flags
FT_Get_First_Char
FT_Get_Gasp
FT_Get_Glyph
FT_Get_Glyph_Name
FT_Get_Kerning
FT_Get_MM_Var
FT_Get_Module
FT_Get_Multi_Master
FT_Get_Name_Index
FT_Get_Next_Char
FT_Get_PFR_Advance
FT_Get_PFR_Kerning
FT_Get_PFR_Metrics
FT_Get_PS_Font_Info
FT_Get_PS_Font_Private
FT_Get_Postscript_Name
FT_Get_Renderer
FT_Get_Sfnt_Name
FT_Get_Sfnt_Name_Count
FT_Get_Sfnt_Table
FT_Get_SubGlyph_Info
FT_Get_Track_Kerning
FT_Get_TrueType_Engine_Type
FT_Get_WinFNT_Header
FT_Get_X11_Font_Format
FT_GlyphSlot_Embolden
FT_GlyphSlot_Oblique
FT_GlyphSlot_Own_Bitmap
FT_Glyph_Copy
FT_Glyph_Get_CBox
FT_Glyph_Stroke
FT_Glyph_StrokeBorder
FT_Glyph_To_Bitmap
FT_Glyph_Transform
FT_Has_PS_Glyph_Names
FT_Init_FreeType
FT_Library_SetLcdFilter
FT_Library_SetLcdFilterWeights
FT_Library_Version
FT_List_Add
FT_List_Finalize
FT_List_Find
FT_List_Insert
FT_List_Iterate
FT_List_Remove
FT_List_Up
FT_Load_Char
FT_Load_Glyph
FT_Load_Sfnt_Table
FT_Matrix_Invert
FT_Matrix_Multiply
FT_MulDiv
FT_New_Face
FT_New_Library
FT_New_Memory_Face
FT_New_Size
FT_OpenType_Free
FT_OpenType_Validate
FT_Open_Face
FT_Outline_Check
FT_Outline_Copy
FT_Outline_Decompose
FT_Outline_Done
FT_Outline_Done_Internal
FT_Outline_Embolden
FT_Outline_GetInsideBorder
FT_Outline_GetOutsideBorder
FT_Outline_Get_BBox
FT_Outline_Get_Bitmap
FT_Outline_Get_CBox
FT_Outline_Get_Orientation
FT_Outline_New
FT_Outline_New_Internal
FT_Outline_Render
FT_Outline_Reverse
FT_Outline_Transform
FT_Outline_Translate
FT_Reference_Face
FT_Reference_Library
FT_Remove_Module
FT_Render_Glyph
FT_Request_Size
FT_RoundFix
FT_Select_Charmap
FT_Select_Size
FT_Set_Char_Size
FT_Set_Charmap
FT_Set_Debug_Hook
FT_Set_MM_Blend_Coordinates
FT_Set_MM_Design_Coordinates
FT_Set_Pixel_Sizes
FT_Set_Renderer
FT_Set_Transform
FT_Set_Var_Blend_Coordinates
FT_Set_Var_Design_Coordinates
FT_Sfnt_Table_Info
FT_Sin
FT_Sqrt32
FT_Stream_OpenGzip
FT_Stream_OpenLZW
FT_Stroker_BeginSubPath
FT_Stroker_ConicTo
FT_Stroker_CubicTo
FT_Stroker_Done
FT_Stroker_EndSubPath
FT_Stroker_Export
FT_Stroker_ExportBorder
FT_Stroker_GetBorderCounts
FT_Stroker_GetCounts
FT_Stroker_LineTo
FT_Stroker_New
FT_Stroker_ParseOutline
FT_Stroker_Rewind
FT_Stroker_Set
FT_Tan
FT_TrueTypeGX_Free
FT_TrueTypeGX_Validate
FT_Vector_From_Polar
FT_Vector_Length
FT_Vector_Polarize
FT_Vector_Rotate
FT_Vector_Transform
FT_Vector_Unit
TT_New_Context
TT_RunIns

Sections

.text
Size: 565KB - Virtual size: 565KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 42KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Settings.ini
Uninstall.exe.nsis
media_dll/SDL-2.dll
.dll windows:4 windows x86 arch:x86

d0e13975df147229287ce6fd6cea2383

Code Sign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10-05-2010 00:00

Not After

10-05-2015 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

cd:5d:11:0f:fb:97:fa:9e:bb:c2:ed:ee:b7:2c:c1:6a
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

13-04-2015 00:00

Not After

12-04-2016 23:59

Subject

CN=Hetman Software,O=Hetman Software,POSTALCODE=07500,STREET=Komsomolskaya street\, 13/2,L=Baryshevka,ST=Kievskaya,C=UA

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

27:66:ee:56:eb:49:f3:8e:ab:d7:70:a2:fc:84:de:22
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

30-05-2000 10:48

Not After

30-05-2020 10:48

Subject

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09-05-2013 00:00

Not After

08-05-2028 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

2d:b3:ab:6b:3a:87:3d:ed:5b:4e:a0:5f:15:af:bc:78:98:2a:d0:70
Signer

Actual PE Digest

2d:b3:ab:6b:3a:87:3d:ed:5b:4e:a0:5f:15:af:bc:78:98:2a:d0:70

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA

gdi32

BitBlt
ChoosePixelFormat
CreateCompatibleBitmap
CreateCompatibleDC
CreateDIBSection
CreatePalette
DeleteDC
DeleteObject
DescribePixelFormat
GetDIBits
GetDeviceCaps
GetDeviceGammaRamp
GetSystemPaletteEntries
GetSystemPaletteUse
RealizePalette
SelectObject
SelectPalette
SetDIBColorTable
SetDeviceGammaRamp
SetPaletteEntries
SetPixelFormat
SetSystemPaletteUse
SwapBuffers
UnrealizeObject

kernel32

CloseHandle
CreateEventA
CreateFileA
CreateFileW
CreateMutexA
CreateSemaphoreA
DeleteCriticalSection
EnterCriticalSection
FormatMessageA
FreeLibrary
GetACP
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDriveTypeA
GetEnvironmentVariableA
GetLastError
GetLocaleInfoA
GetModuleHandleA
GetProcAddress
GetSystemTimeAsFileTime
GetTickCount
GetVersionExA
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
LoadLibraryW
MultiByteToWideChar
QueryPerformanceCounter
ReadFile
ReleaseMutex
ReleaseSemaphore
SetEnvironmentVariableA
SetErrorMode
SetFilePointer
SetThreadPriority
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TerminateThread
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery
WaitForSingleObject
WideCharToMultiByte
WriteFile

msvcrt

__dllonexit
_amsg_exit
_beginthreadex
_endthreadex
_errno
_initterm
_iob
_lock
_ltoa
_onexit
_stricmp
_strlwr
_strrev
_ultoa
_unlock
abort
atof
atoi
calloc
fclose
ferror
floor
fprintf
fread
free
frexp
fseek
ftell
fwrite
ldexp
log
malloc
memcmp
memcpy
memmove
memset
qsort
raise
realloc
signal
sscanf
strchr
strcmp
strlen
strncmp
strstr
vfprintf

user32

AdjustWindowRect
AdjustWindowRectEx
BeginPaint
CallWindowProcA
ChangeDisplaySettingsA
ClientToScreen
ClipCursor
CreateCursor
CreateIconFromResourceEx
CreateWindowExA
DefWindowProcA
DestroyCursor
DestroyIcon
DestroyWindow
DispatchMessageA
EndPaint
EnumDisplaySettingsA
GetClassInfoA
GetClientRect
GetCursor
GetCursorPos
GetDC
GetDesktopWindow
GetForegroundWindow
GetKeyState
GetKeyboardLayout
GetKeyboardLayoutNameA
GetKeyboardState
GetMenu
GetMessageA
GetParent
GetSystemMetrics
GetWindowLongA
GetWindowRect
InvalidateRect
IsZoomed
KillTimer
LoadImageA
LoadKeyboardLayoutA
MapVirtualKeyA
MapVirtualKeyExA
MapWindowPoints
MsgWaitForMultipleObjects
PeekMessageA
PostMessageA
PostQuitMessage
PtInRect
RegisterClassA
ReleaseCapture
ReleaseDC
ScreenToClient
SetCapture
SetClassLongA
SetCursor
SetCursorPos
SetFocus
SetForegroundWindow
SetTimer
SetWindowLongA
SetWindowPos
SetWindowTextA
ShowWindow
ToAsciiEx
ToUnicode
TranslateMessage
UnregisterClassA
WindowFromPoint

winmm

joyGetDevCapsA
joyGetNumDevs
joyGetPosEx
mciGetErrorStringA
mciSendCommandA
timeBeginPeriod
timeEndPeriod
timeGetTime
timeKillEvent
timeSetEvent
waveOutClose
waveOutGetErrorTextA
waveOutOpen
waveOutPrepareHeader
waveOutUnprepareHeader
waveOutWrite

Exports

Exports

SDL_AddTimer
SDL_AllocRW
SDL_AudioDriverName
SDL_AudioInit
SDL_AudioQuit
SDL_BuildAudioCVT
SDL_CDClose
SDL_CDEject
SDL_CDName
SDL_CDNumDrives
SDL_CDOpen
SDL_CDPause
SDL_CDPlay
SDL_CDPlayTracks
SDL_CDResume
SDL_CDStatus
SDL_CDStop
SDL_ClearError
SDL_CloseAudio
SDL_CondBroadcast
SDL_CondSignal
SDL_CondWait
SDL_CondWaitTimeout
SDL_ConvertAudio
SDL_ConvertSurface
SDL_CreateCond
SDL_CreateCursor
SDL_CreateMutex
SDL_CreateRGBSurface
SDL_CreateRGBSurfaceFrom
SDL_CreateSemaphore
SDL_CreateThread
SDL_CreateYUVOverlay
SDL_Delay
SDL_DestroyCond
SDL_DestroyMutex
SDL_DestroySemaphore
SDL_DisplayFormat
SDL_DisplayFormatAlpha
SDL_DisplayYUVOverlay
SDL_EnableKeyRepeat
SDL_EnableUNICODE
SDL_Error
SDL_EventState
SDL_FillRect
SDL_Flip
SDL_FreeCursor
SDL_FreeRW
SDL_FreeSurface
SDL_FreeWAV
SDL_FreeYUVOverlay
SDL_GL_GetAttribute
SDL_GL_GetProcAddress
SDL_GL_LoadLibrary
SDL_GL_Lock
SDL_GL_SetAttribute
SDL_GL_SwapBuffers
SDL_GL_Unlock
SDL_GL_UpdateRects
SDL_GetAppState
SDL_GetAudioStatus
SDL_GetClipRect
SDL_GetCursor
SDL_GetError
SDL_GetEventFilter
SDL_GetGammaRamp
SDL_GetKeyName
SDL_GetKeyRepeat
SDL_GetKeyState
SDL_GetModState
SDL_GetMouseState
SDL_GetRGB
SDL_GetRGBA
SDL_GetRelativeMouseState
SDL_GetThreadID
SDL_GetTicks
SDL_GetVideoInfo
SDL_GetVideoSurface
SDL_GetWMInfo
SDL_Has3DNow
SDL_Has3DNowExt
SDL_HasAltiVec
SDL_HasMMX
SDL_HasMMXExt
SDL_HasRDTSC
SDL_HasSSE
SDL_HasSSE2
SDL_Init
SDL_InitSubSystem
SDL_JoystickClose
SDL_JoystickEventState
SDL_JoystickGetAxis
SDL_JoystickGetBall
SDL_JoystickGetButton
SDL_JoystickGetHat
SDL_JoystickIndex
SDL_JoystickName
SDL_JoystickNumAxes
SDL_JoystickNumBalls
SDL_JoystickNumButtons
SDL_JoystickNumHats
SDL_JoystickOpen
SDL_JoystickOpened
SDL_JoystickUpdate
SDL_KillThread
SDL_Linked_Version
SDL_ListModes
SDL_LoadBMP_RW
SDL_LoadFunction
SDL_LoadObject
SDL_LoadWAV_RW
SDL_LockAudio
SDL_LockSurface
SDL_LockYUVOverlay
SDL_LowerBlit
SDL_MapRGB
SDL_MapRGBA
SDL_MixAudio
SDL_NumJoysticks
SDL_OpenAudio
SDL_PauseAudio
SDL_PeepEvents
SDL_PollEvent
SDL_PumpEvents
SDL_PushEvent
SDL_Quit
SDL_QuitSubSystem
SDL_RWFromConstMem
SDL_RWFromFP
SDL_RWFromFile
SDL_RWFromMem
SDL_ReadBE16
SDL_ReadBE32
SDL_ReadBE64
SDL_ReadLE16
SDL_ReadLE32
SDL_ReadLE64
SDL_RegisterApp
SDL_RemoveTimer
SDL_SaveBMP_RW
SDL_SemPost
SDL_SemTryWait
SDL_SemValue
SDL_SemWait
SDL_SemWaitTimeout
SDL_SetAlpha
SDL_SetClipRect
SDL_SetColorKey
SDL_SetColors
SDL_SetCursor
SDL_SetError
SDL_SetEventFilter
SDL_SetGamma
SDL_SetGammaRamp
SDL_SetModState
SDL_SetModuleHandle
SDL_SetPalette
SDL_SetTimer
SDL_SetVideoMode
SDL_ShowCursor
SDL_SoftStretch
SDL_ThreadID
SDL_UnloadObject
SDL_UnlockAudio
SDL_UnlockSurface
SDL_UnlockYUVOverlay
SDL_UnregisterApp
SDL_UpdateRect
SDL_UpdateRects
SDL_UpperBlit
SDL_VideoDriverName
SDL_VideoInit
SDL_VideoModeOK
SDL_VideoQuit
SDL_WM_GetCaption
SDL_WM_GrabInput
SDL_WM_IconifyWindow
SDL_WM_SetCaption
SDL_WM_SetIcon
SDL_WM_ToggleFullScreen
SDL_WaitEvent
SDL_WaitThread
SDL_WarpMouse
SDL_WasInit
SDL_WriteBE16
SDL_WriteBE32
SDL_WriteBE64
SDL_WriteLE16
SDL_WriteLE32
SDL_WriteLE64
SDL_getenv
SDL_iconv
SDL_iconv_close
SDL_iconv_open
SDL_iconv_string
SDL_lltoa
SDL_mutexP
SDL_mutexV
SDL_putenv
SDL_snprintf
SDL_strdup
SDL_strlcat
SDL_strlcpy
SDL_strtoull
SDL_ulltoa
SDL_vsnprintf

Sections

.text
Size: 242KB - Virtual size: 241KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 31KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
media_dll/SDL.dll
.dll windows:4 windows x86 arch:x86

d0e13975df147229287ce6fd6cea2383

Code Sign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10-05-2010 00:00

Not After

10-05-2015 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

cd:5d:11:0f:fb:97:fa:9e:bb:c2:ed:ee:b7:2c:c1:6a
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

13-04-2015 00:00

Not After

12-04-2016 23:59

Subject

CN=Hetman Software,O=Hetman Software,POSTALCODE=07500,STREET=Komsomolskaya street\, 13/2,L=Baryshevka,ST=Kievskaya,C=UA

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

27:66:ee:56:eb:49:f3:8e:ab:d7:70:a2:fc:84:de:22
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

30-05-2000 10:48

Not After

30-05-2020 10:48

Subject

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09-05-2013 00:00

Not After

08-05-2028 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

2d:b3:ab:6b:3a:87:3d:ed:5b:4e:a0:5f:15:af:bc:78:98:2a:d0:70
Signer

Actual PE Digest

2d:b3:ab:6b:3a:87:3d:ed:5b:4e:a0:5f:15:af:bc:78:98:2a:d0:70

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA

gdi32

BitBlt
ChoosePixelFormat
CreateCompatibleBitmap
CreateCompatibleDC
CreateDIBSection
CreatePalette
DeleteDC
DeleteObject
DescribePixelFormat
GetDIBits
GetDeviceCaps
GetDeviceGammaRamp
GetSystemPaletteEntries
GetSystemPaletteUse
RealizePalette
SelectObject
SelectPalette
SetDIBColorTable
SetDeviceGammaRamp
SetPaletteEntries
SetPixelFormat
SetSystemPaletteUse
SwapBuffers
UnrealizeObject

kernel32

CloseHandle
CreateEventA
CreateFileA
CreateFileW
CreateMutexA
CreateSemaphoreA
DeleteCriticalSection
EnterCriticalSection
FormatMessageA
FreeLibrary
GetACP
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDriveTypeA
GetEnvironmentVariableA
GetLastError
GetLocaleInfoA
GetModuleHandleA
GetProcAddress
GetSystemTimeAsFileTime
GetTickCount
GetVersionExA
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
LoadLibraryW
MultiByteToWideChar
QueryPerformanceCounter
ReadFile
ReleaseMutex
ReleaseSemaphore
SetEnvironmentVariableA
SetErrorMode
SetFilePointer
SetThreadPriority
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TerminateThread
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery
WaitForSingleObject
WideCharToMultiByte
WriteFile

msvcrt

__dllonexit
_amsg_exit
_beginthreadex
_endthreadex
_errno
_initterm
_iob
_lock
_ltoa
_onexit
_stricmp
_strlwr
_strrev
_ultoa
_unlock
abort
atof
atoi
calloc
fclose
ferror
floor
fprintf
fread
free
frexp
fseek
ftell
fwrite
ldexp
log
malloc
memcmp
memcpy
memmove
memset
qsort
raise
realloc
signal
sscanf
strchr
strcmp
strlen
strncmp
strstr
vfprintf

user32

AdjustWindowRect
AdjustWindowRectEx
BeginPaint
CallWindowProcA
ChangeDisplaySettingsA
ClientToScreen
ClipCursor
CreateCursor
CreateIconFromResourceEx
CreateWindowExA
DefWindowProcA
DestroyCursor
DestroyIcon
DestroyWindow
DispatchMessageA
EndPaint
EnumDisplaySettingsA
GetClassInfoA
GetClientRect
GetCursor
GetCursorPos
GetDC
GetDesktopWindow
GetForegroundWindow
GetKeyState
GetKeyboardLayout
GetKeyboardLayoutNameA
GetKeyboardState
GetMenu
GetMessageA
GetParent
GetSystemMetrics
GetWindowLongA
GetWindowRect
InvalidateRect
IsZoomed
KillTimer
LoadImageA
LoadKeyboardLayoutA
MapVirtualKeyA
MapVirtualKeyExA
MapWindowPoints
MsgWaitForMultipleObjects
PeekMessageA
PostMessageA
PostQuitMessage
PtInRect
RegisterClassA
ReleaseCapture
ReleaseDC
ScreenToClient
SetCapture
SetClassLongA
SetCursor
SetCursorPos
SetFocus
SetForegroundWindow
SetTimer
SetWindowLongA
SetWindowPos
SetWindowTextA
ShowWindow
ToAsciiEx
ToUnicode
TranslateMessage
UnregisterClassA
WindowFromPoint

winmm

joyGetDevCapsA
joyGetNumDevs
joyGetPosEx
mciGetErrorStringA
mciSendCommandA
timeBeginPeriod
timeEndPeriod
timeGetTime
timeKillEvent
timeSetEvent
waveOutClose
waveOutGetErrorTextA
waveOutOpen
waveOutPrepareHeader
waveOutUnprepareHeader
waveOutWrite

Exports

Exports

SDL_AddTimer
SDL_AllocRW
SDL_AudioDriverName
SDL_AudioInit
SDL_AudioQuit
SDL_BuildAudioCVT
SDL_CDClose
SDL_CDEject
SDL_CDName
SDL_CDNumDrives
SDL_CDOpen
SDL_CDPause
SDL_CDPlay
SDL_CDPlayTracks
SDL_CDResume
SDL_CDStatus
SDL_CDStop
SDL_ClearError
SDL_CloseAudio
SDL_CondBroadcast
SDL_CondSignal
SDL_CondWait
SDL_CondWaitTimeout
SDL_ConvertAudio
SDL_ConvertSurface
SDL_CreateCond
SDL_CreateCursor
SDL_CreateMutex
SDL_CreateRGBSurface
SDL_CreateRGBSurfaceFrom
SDL_CreateSemaphore
SDL_CreateThread
SDL_CreateYUVOverlay
SDL_Delay
SDL_DestroyCond
SDL_DestroyMutex
SDL_DestroySemaphore
SDL_DisplayFormat
SDL_DisplayFormatAlpha
SDL_DisplayYUVOverlay
SDL_EnableKeyRepeat
SDL_EnableUNICODE
SDL_Error
SDL_EventState
SDL_FillRect
SDL_Flip
SDL_FreeCursor
SDL_FreeRW
SDL_FreeSurface
SDL_FreeWAV
SDL_FreeYUVOverlay
SDL_GL_GetAttribute
SDL_GL_GetProcAddress
SDL_GL_LoadLibrary
SDL_GL_Lock
SDL_GL_SetAttribute
SDL_GL_SwapBuffers
SDL_GL_Unlock
SDL_GL_UpdateRects
SDL_GetAppState
SDL_GetAudioStatus
SDL_GetClipRect
SDL_GetCursor
SDL_GetError
SDL_GetEventFilter
SDL_GetGammaRamp
SDL_GetKeyName
SDL_GetKeyRepeat
SDL_GetKeyState
SDL_GetModState
SDL_GetMouseState
SDL_GetRGB
SDL_GetRGBA
SDL_GetRelativeMouseState
SDL_GetThreadID
SDL_GetTicks
SDL_GetVideoInfo
SDL_GetVideoSurface
SDL_GetWMInfo
SDL_Has3DNow
SDL_Has3DNowExt
SDL_HasAltiVec
SDL_HasMMX
SDL_HasMMXExt
SDL_HasRDTSC
SDL_HasSSE
SDL_HasSSE2
SDL_Init
SDL_InitSubSystem
SDL_JoystickClose
SDL_JoystickEventState
SDL_JoystickGetAxis
SDL_JoystickGetBall
SDL_JoystickGetButton
SDL_JoystickGetHat
SDL_JoystickIndex
SDL_JoystickName
SDL_JoystickNumAxes
SDL_JoystickNumBalls
SDL_JoystickNumButtons
SDL_JoystickNumHats
SDL_JoystickOpen
SDL_JoystickOpened
SDL_JoystickUpdate
SDL_KillThread
SDL_Linked_Version
SDL_ListModes
SDL_LoadBMP_RW
SDL_LoadFunction
SDL_LoadObject
SDL_LoadWAV_RW
SDL_LockAudio
SDL_LockSurface
SDL_LockYUVOverlay
SDL_LowerBlit
SDL_MapRGB
SDL_MapRGBA
SDL_MixAudio
SDL_NumJoysticks
SDL_OpenAudio
SDL_PauseAudio
SDL_PeepEvents
SDL_PollEvent
SDL_PumpEvents
SDL_PushEvent
SDL_Quit
SDL_QuitSubSystem
SDL_RWFromConstMem
SDL_RWFromFP
SDL_RWFromFile
SDL_RWFromMem
SDL_ReadBE16
SDL_ReadBE32
SDL_ReadBE64
SDL_ReadLE16
SDL_ReadLE32
SDL_ReadLE64
SDL_RegisterApp
SDL_RemoveTimer
SDL_SaveBMP_RW
SDL_SemPost
SDL_SemTryWait
SDL_SemValue
SDL_SemWait
SDL_SemWaitTimeout
SDL_SetAlpha
SDL_SetClipRect
SDL_SetColorKey
SDL_SetColors
SDL_SetCursor
SDL_SetError
SDL_SetEventFilter
SDL_SetGamma
SDL_SetGammaRamp
SDL_SetModState
SDL_SetModuleHandle
SDL_SetPalette
SDL_SetTimer
SDL_SetVideoMode
SDL_ShowCursor
SDL_SoftStretch
SDL_ThreadID
SDL_UnloadObject
SDL_UnlockAudio
SDL_UnlockSurface
SDL_UnlockYUVOverlay
SDL_UnregisterApp
SDL_UpdateRect
SDL_UpdateRects
SDL_UpperBlit
SDL_VideoDriverName
SDL_VideoInit
SDL_VideoModeOK
SDL_VideoQuit
SDL_WM_GetCaption
SDL_WM_GrabInput
SDL_WM_IconifyWindow
SDL_WM_SetCaption
SDL_WM_SetIcon
SDL_WM_ToggleFullScreen
SDL_WaitEvent
SDL_WaitThread
SDL_WarpMouse
SDL_WasInit
SDL_WriteBE16
SDL_WriteBE32
SDL_WriteBE64
SDL_WriteLE16
SDL_WriteLE32
SDL_WriteLE64
SDL_getenv
SDL_iconv
SDL_iconv_close
SDL_iconv_open
SDL_iconv_string
SDL_lltoa
SDL_mutexP
SDL_mutexV
SDL_putenv
SDL_snprintf
SDL_strdup
SDL_strlcat
SDL_strlcpy
SDL_strtoull
SDL_ulltoa
SDL_vsnprintf

Sections

.text
Size: 242KB - Virtual size: 241KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 31KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
media_dll/avcodec-54.dll
.dll windows:4 windows x86 arch:x86

84b34a6f341f5339a02e4e387605288c

Code Sign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10-05-2010 00:00

Not After

10-05-2015 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

cd:5d:11:0f:fb:97:fa:9e:bb:c2:ed:ee:b7:2c:c1:6a
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

13-04-2015 00:00

Not After

12-04-2016 23:59

Subject

CN=Hetman Software,O=Hetman Software,POSTALCODE=07500,STREET=Komsomolskaya street\, 13/2,L=Baryshevka,ST=Kievskaya,C=UA

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

27:66:ee:56:eb:49:f3:8e:ab:d7:70:a2:fc:84:de:22
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

30-05-2000 10:48

Not After

30-05-2020 10:48

Subject

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09-05-2013 00:00

Not After

08-05-2028 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

17:14:4c:c9:49:4b:45:0f:50:61:33:3c:0d:2a:0d:60:2f:97:b1:4e
Signer

Actual PE Digest

17:14:4c:c9:49:4b:45:0f:50:61:33:3c:0d:2a:0d:60:2f:97:b1:4e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateEventA
CreateSemaphoreA
CreateThread
DeleteCriticalSection
EnterCriticalSection
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetLastError
GetModuleFileNameW
GetModuleHandleA
GetProcAddress
GetProcessAffinityMask
GetSystemInfo
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
IsDBCSLeadByteEx
LeaveCriticalSection
LoadLibraryW
MultiByteToWideChar
QueryPerformanceCounter
QueryPerformanceFrequency
ReleaseSemaphore
ResetEvent
SetEvent
SetThreadPriority
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery
WaitForSingleObject
WideCharToMultiByte

msvcrt

_close
_fileno
_strdup
_unlink
_write
__dllonexit
__doserrno
__mb_cur_max
__pioinfo
__setusermatherr
_aligned_free
_aligned_malloc
_amsg_exit
_beginthreadex
_errno
_exit
_filelengthi64
_fileno
_fstati64
_ftime
_initterm
_iob
_lock
_lseeki64
_onexit
_setjmp3
_snwprintf
_stricmp
_strnicmp
isxdigit
localeconv
localtime
log10
longjmp
malloc
memchr
memcmp
memcpy
memmove
memset
puts
qsort
raise
rand
realloc
rename
setlocale
signal
sprintf
srand
sscanf
strcat
strchr
strcmp
strcpy
strcspn
strerror
strftime
strlen
strncmp
strncpy
strpbrk
strspn
strstr
strtok
strtol
strtoul
_unlock
_vsnprintf
_write
abort
acos
asin
atan
atoi
bsearch
calloc
exit
fclose
feof
fflush
fgetc
fgetpos
fopen
fprintf
fputc
fread
free
frexp
fseek
fsetpos
ftell
fwprintf
fwrite
getc
getenv
islower
isspace
isupper
tan
time
tolower
toupper
ungetc
vfprintf
vsprintf
wcscpy
wcslen

user32

MessageBoxW

avutil-52

av_asprintf
av_base64_decode
av_base64_encode
av_bprint_chars
av_bprint_clear
av_bprint_finalize
av_bprint_get_buffer
av_bprint_init
av_bprintf
av_calloc
av_crc
av_crc_get_table
av_crc_init
av_ctz
av_d2q
av_default_item_name
av_dict_copy
av_dict_free
av_dict_set
av_div_q
av_evaluate_lls
av_expr_eval
av_expr_free
av_expr_parse
av_fifo_alloc
av_fifo_drain
av_fifo_free
av_fifo_generic_read
av_fifo_generic_write
av_fifo_realloc2
av_fifo_size
av_fifo_space
av_free
av_freep
av_gcd
av_get_bits_per_pixel
av_get_bytes_per_sample
av_get_channel_layout_nb_channels
av_get_channel_layout_string
av_get_cpu_flags
av_get_default_channel_layout
av_get_media_type_string
av_get_padded_bits_per_pixel
av_get_picture_type_char
av_get_pix_fmt_name
av_get_planar_sample_fmt
av_get_sample_fmt_name
av_image_alloc
av_image_check_size
av_image_copy
av_image_copy_plane
av_image_copy_to_buffer
av_image_fill_arrays
av_image_fill_linesizes
av_image_fill_pointers
av_image_get_buffer_size
av_init_lls
av_lfg_init
av_log
av_log_get_level
av_lzo1x_decode
av_malloc
av_mallocz
av_md5_alloc
av_md5_final
av_md5_init
av_md5_update
av_memcpy_backptr
av_mul_q
av_nearer_q
av_opt_free
av_opt_set
av_opt_set_defaults
av_opt_set_defaults2
av_opt_set_dict
av_parse_color
av_pix_fmt_desc_get
av_pix_fmt_get_chroma_sub_sample
av_realloc
av_realloc_f
av_reduce
av_rescale_q
av_rescale_rnd
av_sample_fmt_is_planar
av_samples_copy
av_samples_fill_arrays
av_samples_get_buffer_size
av_samples_set_silence
av_solve_lls
av_strdup
av_stristr
av_strlcat
av_strlcatf
av_strlcpy
av_strncasecmp
av_strtok
av_tempfile
av_timecode_adjust_ntsc_framenum2
av_timecode_init_from_string
av_timecode_make_mpeg_tc_string
av_update_lls
av_vlog
avpriv_cga_font
avpriv_float_dsp_init
avpriv_set_systematic_pal2
avpriv_vga16_font

Exports

Exports

audio_resample
audio_resample_close
av_audio_convert
av_audio_convert_alloc
av_audio_convert_free
av_audio_resample_init
av_bitstream_filter_close
av_bitstream_filter_filter
av_bitstream_filter_init
av_bitstream_filter_next
av_codec_get_codec_descriptor
av_codec_get_pkt_timebase
av_codec_is_decoder
av_codec_is_encoder
av_codec_next
av_codec_set_codec_descriptor
av_codec_set_pkt_timebase
av_copy_packet
av_dct_calc
av_dct_end
av_dct_init
av_destruct_packet
av_dup_packet
av_fast_malloc
av_fast_padded_malloc
av_fast_padded_mallocz
av_fast_realloc
av_fft_calc
av_fft_end
av_fft_init
av_fft_permute
av_frame_get_best_effort_timestamp
av_frame_get_channel_layout
av_frame_get_channels
av_frame_get_decode_error_flags
av_frame_get_metadata
av_frame_get_pkt_duration
av_frame_get_pkt_pos
av_frame_get_pkt_size
av_frame_get_sample_rate
av_frame_set_best_effort_timestamp
av_frame_set_channel_layout
av_frame_set_channels
av_frame_set_decode_error_flags
av_frame_set_metadata
av_frame_set_pkt_duration
av_frame_set_pkt_pos
av_frame_set_pkt_size
av_frame_set_sample_rate
av_free_packet
av_get_audio_frame_duration
av_get_bits_per_sample
av_get_codec_tag_string
av_get_exact_bits_per_sample
av_get_pcm_codec
av_get_profile_name
av_grow_packet
av_hwaccel_next
av_imdct_calc
av_imdct_half
av_init_packet
av_lockmgr_register
av_log_ask_for_sample
av_log_missing_feature
av_mdct_calc
av_mdct_end
av_mdct_init
av_new_packet
av_packet_get_side_data
av_packet_merge_side_data
av_packet_new_side_data
av_packet_shrink_side_data
av_packet_split_side_data
av_parser_change
av_parser_close
av_parser_init
av_parser_next
av_parser_parse2
av_picture_copy
av_picture_crop
av_picture_pad
av_rdft_calc
av_rdft_end
av_rdft_init
av_register_bitstream_filter
av_register_codec_parser
av_register_hwaccel
av_resample
av_resample_close
av_resample_compensate
av_resample_init
av_shrink_packet
av_xiphlacing
avcodec_align_dimensions
avcodec_align_dimensions2
avcodec_alloc_context
avcodec_alloc_context2
avcodec_alloc_context3
avcodec_alloc_frame
avcodec_close
avcodec_configuration
avcodec_copy_context
avcodec_decode_audio3
avcodec_decode_audio4
avcodec_decode_subtitle2
avcodec_decode_video2
avcodec_default_execute
avcodec_default_execute2
avcodec_default_free_buffers
avcodec_default_get_buffer
avcodec_default_get_format
avcodec_default_reget_buffer
avcodec_default_release_buffer
avcodec_descriptor_get
avcodec_descriptor_get_by_name
avcodec_descriptor_next
avcodec_encode_audio
avcodec_encode_audio2
avcodec_encode_subtitle
avcodec_encode_video
avcodec_encode_video2
avcodec_fill_audio_frame
avcodec_find_best_pix_fmt
avcodec_find_best_pix_fmt2
avcodec_find_best_pix_fmt_of_2
avcodec_find_best_pix_fmt_of_list
avcodec_find_decoder
avcodec_find_decoder_by_name
avcodec_find_encoder
avcodec_find_encoder_by_name
avcodec_flush_buffers
avcodec_free_frame
avcodec_get_chroma_sub_sample
avcodec_get_class
avcodec_get_context_defaults
avcodec_get_context_defaults2
avcodec_get_context_defaults3
avcodec_get_edge_width
avcodec_get_frame_class
avcodec_get_frame_defaults
avcodec_get_name
avcodec_get_pix_fmt_loss
avcodec_get_subtitle_rect_class
avcodec_get_type
avcodec_is_open
avcodec_license
avcodec_open
avcodec_open2
avcodec_pix_fmt_to_codec_tag
avcodec_register
avcodec_register_all
avcodec_set_dimensions
avcodec_string
avcodec_version
aver_isf_history
avpicture_alloc
avpicture_deinterlace
avpicture_fill
avpicture_free
avpicture_get_size
avpicture_layout
avpriv_aac_parse_header
avpriv_ac3_channel_layout_tab
avpriv_ac3_parse_header
avpriv_adx_decode_header
avpriv_align_put_bits
avpriv_bprint_to_extradata
avpriv_check_timecode_rate
avpriv_copy_bits
avpriv_copy_pce_data
avpriv_dca_sample_rates
avpriv_dirac_parse_sequence_header
avpriv_dnxhd_get_frame_size
avpriv_dv_codec_profile
avpriv_dv_frame_profile
avpriv_dv_frame_profile2
avpriv_flac_is_extradata_valid
avpriv_flac_parse_block_header
avpriv_flac_parse_streaminfo
avpriv_framenum_to_drop_timecode
avpriv_framenum_to_smpte_timecode
avpriv_h264_has_num_reorder_frames
avpriv_init_smpte_timecode
avpriv_lock_avformat
avpriv_mjpeg_bits_ac_chrominance
avpriv_mjpeg_bits_ac_luminance
avpriv_mjpeg_bits_dc_chrominance
avpriv_mjpeg_bits_dc_luminance
avpriv_mjpeg_val_ac_chrominance
avpriv_mjpeg_val_ac_luminance
avpriv_mjpeg_val_dc
avpriv_mpa_bitrate_tab
avpriv_mpa_decode_header
avpriv_mpa_freq_tab
avpriv_mpeg4audio_get_config
avpriv_mpeg4audio_sample_rates
avpriv_mpegaudio_decode_header
avpriv_mpv_find_start_code
avpriv_put_string
avpriv_split_xiph_headers
avpriv_tak_parse_streaminfo
avpriv_timecode_to_string
avpriv_toupper4
avpriv_unlock_avformat
avpriv_vorbis_parse_extradata
avpriv_vorbis_parse_frame
avpriv_vorbis_parse_reset
avsubtitle_free
dsputil_init
ff_aanscales
ff_dct32_fixed
ff_dct32_float
ff_dct32_float_avx
ff_dct32_float_sse
ff_dct32_float_sse2
ff_dct_common_init
ff_dct_encode_init
ff_dct_encode_init_x86
ff_dct_end
ff_dct_init
ff_dct_init_x86
ff_dct_quantize_c
ff_dnxhd_cid_table
ff_dnxhd_get_cid_table
ff_faandct
ff_faandct248
ff_faanidct
ff_faanidct_add
ff_faanidct_put
ff_fdct248_islow_10
ff_fdct248_islow_8
ff_fdct_ifast
ff_fdct_ifast248
ff_fdct_mmx
ff_fdct_mmxext
ff_fdct_sse2
ff_fft_calc_3dnow
ff_fft_calc_3dnowext
ff_fft_calc_avx
ff_fft_calc_sse
ff_fft_end
ff_fft_end_fixed
ff_fft_init
ff_fft_init_fixed
ff_fft_init_x86
ff_fft_permute_sse
ff_find_pix_fmt
ff_framenum_to_drop_timecode
ff_framenum_to_smtpe_timecode
ff_idct_xvid_mmx
ff_idct_xvid_mmx_add
ff_idct_xvid_mmx_put
ff_idct_xvid_mmxext
ff_idct_xvid_mmxext_add
ff_idct_xvid_mmxext_put
ff_idct_xvid_sse2
ff_idct_xvid_sse2_add
ff_idct_xvid_sse2_put
ff_init_smtpe_timecode
ff_jpeg_fdct_islow_10
ff_jpeg_fdct_islow_8
ff_mdct_calc_c
ff_mdct_calc_c_fixed
ff_mdct_calcw_c
ff_mdct_end
ff_mdct_end_fixed
ff_mdct_init
ff_mdct_init_fixed
ff_mdct_win_fixed
ff_mdct_win_float
ff_mmx_idct
ff_mmxext_idct
ff_raw_pix_fmt_tags
ff_rdft_end
ff_rdft_init
ff_simple_idct248_put
ff_simple_idct44_add
ff_simple_idct48_add
ff_simple_idct84_add
ff_simple_idct_10
ff_simple_idct_8
ff_simple_idct_add_10
ff_simple_idct_add_8
ff_simple_idct_add_mmx
ff_simple_idct_mmx
ff_simple_idct_put_10
ff_simple_idct_put_8
ff_simple_idct_put_mmx

Sections

.text
Size: 8.7MB - Virtual size: 8.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rotext
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 150KB - Virtual size: 150KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3.1MB - Virtual size: 3.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rodata
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

/4
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 6.6MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 146KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
media_dll/avdevice-54.dll
.dll windows:4 windows x86 arch:x86

baabff4017bc3b76ee85e20b87f6f770

Code Sign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10-05-2010 00:00

Not After

10-05-2015 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

cd:5d:11:0f:fb:97:fa:9e:bb:c2:ed:ee:b7:2c:c1:6a
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

13-04-2015 00:00

Not After

12-04-2016 23:59

Subject

CN=Hetman Software,O=Hetman Software,POSTALCODE=07500,STREET=Komsomolskaya street\, 13/2,L=Baryshevka,ST=Kievskaya,C=UA

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

27:66:ee:56:eb:49:f3:8e:ab:d7:70:a2:fc:84:de:22
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

30-05-2000 10:48

Not After

30-05-2020 10:48

Subject

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09-05-2013 00:00

Not After

08-05-2028 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

3a:b4:40:76:08:13:7f:23:cb:78:12:9b:c3:9c:e1:ea:ea:9e:a0:9e
Signer

Actual PE Digest

3a:b4:40:76:08:13:7f:23:cb:78:12:9b:c3:9c:e1:ea:ea:9e:a0:9e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

avicap32

capCreateCaptureWindowA
capGetDriverDescriptionA

kernel32

CloseHandle
CreateEventA
CreateMutexA
DeleteCriticalSection
DuplicateHandle
EnterCriticalSection
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetModuleHandleA
GetProcAddress
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
LoadLibraryW
MultiByteToWideChar
QueryPerformanceCounter
ReleaseMutex
ResetEvent
SetEvent
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte

msvcrt

_wcsdup
__dllonexit
__mb_cur_max
_amsg_exit
_errno
_initterm
_iob
_lock
_onexit
isxdigit
localeconv
malloc
memcmp
memcpy
realloc
setlocale
strchr
strcmp
strerror
strlen
strncmp
strtok
strtol
strtoul
_unlock
abort
atoi
calloc
fflush
fputc
fputs
free
getc
getenv
islower
isspace
isupper
tolower
ungetc
wcscmp
wcscpy
wcslen

ole32

CoCreateInstance
CoInitialize
CoTaskMemAlloc
CoTaskMemFree
CoUninitialize

user32

DestroyWindow
GetWindowLongA
SendMessageA
SetWindowLongA

avcodec-54

av_destruct_packet
av_get_pcm_codec
av_new_packet
av_packet_new_side_data
avcodec_find_decoder
avpicture_get_size
avpicture_layout

avfilter-3

av_abuffersink_params_alloc
av_buffersink_get_buffer_ref
av_buffersink_params_alloc
avfilter_get_by_name
avfilter_graph_alloc
avfilter_graph_config
avfilter_graph_create_filter
avfilter_graph_dump
avfilter_graph_free
avfilter_graph_parse
avfilter_inout_free
avfilter_link
avfilter_register_all
avfilter_unref_buffer

avformat-54

av_register_input_format
avformat_new_stream
avpriv_set_pts_info

avutil-52

av_bprint_chars
av_bprint_finalize
av_bprint_init
av_bprintf
av_default_item_name
av_dict_get
av_file_map
av_file_unmap
av_free
av_freep
av_get_bytes_per_sample
av_get_channel_layout_nb_channels
av_get_pix_fmt_name
av_get_sample_fmt_name
av_log
av_malloc
av_mallocz
av_parse_video_rate
av_parse_video_size
av_pix_fmt_desc_get
av_rescale_q
av_strdup

Exports

Exports

avdevice_configuration
avdevice_license
avdevice_register_all
avdevice_version

Sections

.text
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 175B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
media_dll/avfilter-3.dll
.dll windows:4 windows x86 arch:x86

5e0f51cf695a4584ad702264e31dda80

Code Sign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10-05-2010 00:00

Not After

10-05-2015 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

cd:5d:11:0f:fb:97:fa:9e:bb:c2:ed:ee:b7:2c:c1:6a
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

13-04-2015 00:00

Not After

12-04-2016 23:59

Subject

CN=Hetman Software,O=Hetman Software,POSTALCODE=07500,STREET=Komsomolskaya street\, 13/2,L=Baryshevka,ST=Kievskaya,C=UA

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

27:66:ee:56:eb:49:f3:8e:ab:d7:70:a2:fc:84:de:22
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

30-05-2000 10:48

Not After

30-05-2020 10:48

Subject

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09-05-2013 00:00

Not After

08-05-2028 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

b2:5d:10:b6:d4:e9:62:ea:10:fe:fa:c0:37:af:6b:03:98:b6:bc:7c
Signer

Actual PE Digest

b2:5d:10:b6:d4:e9:62:ea:10:fe:fa:c0:37:af:6b:03:98:b6:bc:7c

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetModuleHandleA
GetProcAddress
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
LoadLibraryW
MultiByteToWideChar
QueryPerformanceCounter
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery
WideCharToMultiByte

msvcrt

_strdup
__dllonexit
__mb_cur_max
__setusermatherr
_amsg_exit
_errno
_initterm
_iob
_lock
_onexit
isxdigit
localeconv
log10
malloc
memcmp
memcpy
memmove
memset
qsort
rand
realloc
setlocale
srand
strchr
strcmp
strcspn
strerror
strlen
strncmp
strncpy
strspn
strstr
strtol
strtoul
_unlock
abort
atan2
atof
atoi
calloc
fclose
fgets
fopen
fputc
free
fwrite
getc
getenv
isgraph
islower
isspace
isupper
tolower
ungetc
wcslen

avcodec-54

av_frame_get_best_effort_timestamp
av_frame_get_channel_layout
av_frame_get_channels
av_frame_get_metadata
av_frame_get_pkt_pos
av_frame_set_channel_layout
av_frame_set_channels
av_frame_set_pkt_pos
av_frame_set_sample_rate
av_free_packet
av_init_packet
av_rdft_calc
av_rdft_end
av_rdft_init
avcodec_alloc_context
avcodec_alloc_context3
avcodec_alloc_frame
avcodec_close
avcodec_decode_audio4
avcodec_decode_video2
avcodec_encode_video
avcodec_find_best_pix_fmt_of_2
avcodec_find_decoder
avcodec_find_encoder
avcodec_flush_buffers
avcodec_free_frame
avcodec_open
avcodec_open2
dsputil_init

avformat-54

av_find_best_stream
av_find_input_format
av_read_frame
av_register_all
av_seek_frame
avformat_close_input
avformat_find_stream_info
avformat_match_stream_specifier
avformat_open_input

avutil-52

av_adler32_update
av_asprintf
av_audio_fifo_alloc
av_audio_fifo_free
av_audio_fifo_read
av_audio_fifo_realloc
av_audio_fifo_size
av_audio_fifo_space
av_audio_fifo_write
av_bprint_channel_layout
av_bprint_chars
av_bprint_finalize
av_bprint_init
av_bprintf
av_calloc
av_channel_layout_extract_channel
av_compare_ts
av_d2q
av_default_item_name
av_dict_copy
av_dict_free
av_dict_get
av_dict_set
av_div_q
av_expr_eval
av_expr_free
av_expr_parse
av_expr_parse_and_eval
av_fifo_alloc
av_fifo_free
av_fifo_generic_read
av_fifo_generic_write
av_fifo_realloc2
av_fifo_size
av_fifo_space
av_file_map
av_file_unmap
av_free
av_freep
av_get_bits_per_pixel
av_get_bytes_per_sample
av_get_channel_layout
av_get_channel_layout_channel_index
av_get_channel_layout_nb_channels
av_get_channel_layout_string
av_get_channel_name
av_get_cpu_flags
av_get_default_channel_layout
av_get_int
av_get_media_type_string
av_get_packed_sample_fmt
av_get_picture_type_char
av_get_pix_fmt
av_get_pix_fmt_name
av_get_planar_sample_fmt
av_get_random_seed
av_get_sample_fmt
av_get_sample_fmt_name
av_get_token
av_image_alloc
av_image_check_size
av_image_copy
av_image_copy_plane
av_image_fill_max_pixsteps
av_image_get_linesize
av_lfg_init
av_log
av_malloc
av_mallocz
av_mul_q
av_opt_eval_flags
av_opt_find
av_opt_free
av_opt_set
av_opt_set_defaults
av_opt_set_from_string
av_opt_set_int
av_parse_color
av_parse_ratio
av_parse_time
av_parse_video_rate
av_parse_video_size
av_pix_fmt_desc_get
av_pix_fmt_descriptors
av_read_image_line
av_realloc
av_realloc_f
av_reduce
av_rescale
av_rescale_q
av_rescale_q_rnd
av_sample_fmt_is_planar
av_samples_alloc
av_samples_copy
av_samples_fill_arrays
av_samples_set_silence
av_set_options_string
av_strcasecmp
av_strdup
av_strerror
av_strlcatf
av_strlcpy
av_strtod
av_strtok
av_vlog
av_write_image_line
avpriv_cga_font
avpriv_float_dsp_init
avpriv_set_systematic_pal2
avpriv_vga16_font

swresample-0

swr_alloc
swr_alloc_set_opts
swr_convert
swr_free
swr_init
swr_next_pts
swr_set_channel_mapping
swr_set_matrix

swscale-2

sws_freeContext
sws_freeVec
sws_getCachedContext
sws_getContext
sws_getGaussianVec
sws_get_class
sws_isSupportedInput
sws_isSupportedOutput
sws_scale
sws_scaleVec

Exports

Exports

av_abuffersink_params_alloc
av_asrc_buffer_add_audio_buffer_ref
av_asrc_buffer_add_buffer
av_asrc_buffer_add_samples
av_buffersink_get_buffer_ref
av_buffersink_get_frame_rate
av_buffersink_params_alloc
av_buffersink_poll_frame
av_buffersink_read
av_buffersink_read_samples
av_buffersink_set_frame_size
av_buffersrc_add_frame
av_buffersrc_add_ref
av_buffersrc_buffer
av_buffersrc_get_nb_failed_requests
av_buffersrc_write_frame
av_filter_next
avfilter_add_matrix
avfilter_af_aconvert
avfilter_af_afifo
avfilter_af_aformat
avfilter_af_amerge
avfilter_af_amix
avfilter_af_anull
avfilter_af_apad
avfilter_af_aresample
avfilter_af_aselect
avfilter_af_asendcmd
avfilter_af_asetnsamples
avfilter_af_asetpts
avfilter_af_asettb
avfilter_af_ashowinfo
avfilter_af_asplit
avfilter_af_astreamsync
avfilter_af_atempo
avfilter_af_channelmap
avfilter_af_channelsplit
avfilter_af_earwax
avfilter_af_ebur128
avfilter_af_join
avfilter_af_pan
avfilter_af_silencedetect
avfilter_af_volume
avfilter_af_volumedetect
avfilter_all_channel_layouts
avfilter_asink_abuffer
avfilter_asink_abuffersink
avfilter_asink_anullsink
avfilter_asink_ffabuffersink
avfilter_asrc_abuffer
avfilter_asrc_aevalsrc
avfilter_asrc_anullsrc
avfilter_avf_concat
avfilter_avf_showspectrum
avfilter_avf_showwaves
avfilter_avsrc_amovie
avfilter_avsrc_movie
avfilter_config_links
avfilter_configuration
avfilter_copy_buf_props
avfilter_copy_buffer_ref_props
avfilter_copy_frame_props
avfilter_fill_frame_from_audio_buffer_ref
avfilter_fill_frame_from_buffer_ref
avfilter_fill_frame_from_video_buffer_ref
avfilter_free
avfilter_get_audio_buffer_ref_from_arrays
avfilter_get_audio_buffer_ref_from_arrays_channels
avfilter_get_audio_buffer_ref_from_frame
avfilter_get_buffer_ref_from_frame
avfilter_get_by_name
avfilter_get_class
avfilter_get_matrix
avfilter_get_video_buffer_ref_from_arrays
avfilter_get_video_buffer_ref_from_frame
avfilter_graph_add_filter
avfilter_graph_alloc
avfilter_graph_config
avfilter_graph_create_filter
avfilter_graph_dump
avfilter_graph_free
avfilter_graph_get_filter
avfilter_graph_parse
avfilter_graph_parse2
avfilter_graph_queue_command
avfilter_graph_request_oldest
avfilter_graph_send_command
avfilter_graph_set_auto_convert
avfilter_init_filter
avfilter_inout_alloc
avfilter_inout_free
avfilter_insert_filter
avfilter_license
avfilter_link
avfilter_link_free
avfilter_link_get_channels
avfilter_link_set_closed
avfilter_make_format64_list
avfilter_mul_matrix
avfilter_open
avfilter_pad_get_name
avfilter_pad_get_type
avfilter_process_command
avfilter_ref_buffer
avfilter_ref_get_channels
avfilter_register
avfilter_register_all
avfilter_sub_matrix
avfilter_transform
avfilter_uninit
avfilter_unref_buffer
avfilter_unref_bufferp
avfilter_version
avfilter_vf_alphaextract
avfilter_vf_alphamerge
avfilter_vf_bbox
avfilter_vf_blackdetect
avfilter_vf_blackframe
avfilter_vf_boxblur
avfilter_vf_colormatrix
avfilter_vf_copy
avfilter_vf_crop
avfilter_vf_cropdetect
avfilter_vf_decimate
avfilter_vf_delogo
avfilter_vf_deshake
avfilter_vf_drawbox
avfilter_vf_edgedetect
avfilter_vf_fade
avfilter_vf_field
avfilter_vf_fieldorder
avfilter_vf_fifo
avfilter_vf_format
avfilter_vf_fps
avfilter_vf_framestep
avfilter_vf_geq
avfilter_vf_gradfun
avfilter_vf_hflip
avfilter_vf_histeq
avfilter_vf_hqdn3d
avfilter_vf_hue
avfilter_vf_idet
avfilter_vf_kerndeint
avfilter_vf_lut
avfilter_vf_lutrgb
avfilter_vf_lutyuv
avfilter_vf_mp
avfilter_vf_negate
avfilter_vf_noformat
avfilter_vf_null
avfilter_vf_overlay
avfilter_vf_pad
avfilter_vf_pixdesctest
avfilter_vf_removelogo
avfilter_vf_scale
avfilter_vf_select
avfilter_vf_sendcmd
avfilter_vf_setdar
avfilter_vf_setfield
avfilter_vf_setpts
avfilter_vf_setsar
avfilter_vf_settb
avfilter_vf_showinfo
avfilter_vf_smartblur
avfilter_vf_split
avfilter_vf_super2xsai
avfilter_vf_swapuv
avfilter_vf_thumbnail
avfilter_vf_tile
avfilter_vf_tinterlace
avfilter_vf_transpose
avfilter_vf_unsharp
avfilter_vf_vflip
avfilter_vf_yadif
avfilter_vsink_buffer
avfilter_vsink_buffersink
avfilter_vsink_ffbuffersink
avfilter_vsink_nullsink
avfilter_vsrc_buffer
avfilter_vsrc_cellauto
avfilter_vsrc_color
avfilter_vsrc_life
avfilter_vsrc_mandelbrot
avfilter_vsrc_mptestsrc
avfilter_vsrc_nullsrc
avfilter_vsrc_rgbtestsrc
avfilter_vsrc_smptebars
avfilter_vsrc_testsrc
ff_default_query_formats
ff_filter_frame
ff_get_video_buffer
ff_make_format_list
ff_null_get_video_buffer
ff_set_common_formats

Sections

.text
Size: 489KB - Virtual size: 489KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rodata
Size: 512B - Virtual size: 112B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 23KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
media_dll/avformat-54.dll
.dll windows:4 windows x86 arch:x86

9674a183aacb4148dfbf8db0e7e51830

Code Sign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10-05-2010 00:00

Not After

10-05-2015 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

cd:5d:11:0f:fb:97:fa:9e:bb:c2:ed:ee:b7:2c:c1:6a
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

13-04-2015 00:00

Not After

12-04-2016 23:59

Subject

CN=Hetman Software,O=Hetman Software,POSTALCODE=07500,STREET=Komsomolskaya street\, 13/2,L=Baryshevka,ST=Kievskaya,C=UA

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

27:66:ee:56:eb:49:f3:8e:ab:d7:70:a2:fc:84:de:22
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

30-05-2000 10:48

Not After

30-05-2020 10:48

Subject

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09-05-2013 00:00

Not After

08-05-2028 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

8c:93:72:e9:d7:1a:37:d2:f1:11:9e:be:4c:4c:e9:5d:ca:78:77:02
Signer

Actual PE Digest

8c:93:72:e9:d7:1a:37:d2:f1:11:9e:be:4c:4c:e9:5d:ca:78:77:02

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

advapi32

DeregisterEventSource
RegisterEventSourceA
ReportEventA

avifil32

AVIFileExit
AVIFileGetStream
AVIFileInfoA
AVIFileInit
AVIFileOpenA
AVIFileRelease
AVIStreamInfoA
AVIStreamRead
AVIStreamReadFormat
AVIStreamRelease

gdi32

BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
CreateDCA
DeleteDC
DeleteObject
GetBitmapBits
GetDeviceCaps
GetObjectA
SelectObject

kernel32

CloseHandle
DeleteCriticalSection
EnterCriticalSection
FindClose
FindFirstFileA
FindNextFileA
FlushFileBuffers
FreeLibrary
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetFileSize
GetFileType
GetLastError
GetModuleFileNameW
GetModuleHandleA
GetProcAddress
GetStdHandle
GetSystemTimeAsFileTime
GetTickCount
GetVersion
GetVersionExA
GlobalMemoryStatus
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
LoadLibraryA
LoadLibraryW
MultiByteToWideChar
QueryPerformanceCounter
SetFilePointer
SetLastError
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery
WideCharToMultiByte
WriteFile

msvcrt

_access
_close
_fdopen
_fileno
_read
_rmdir
_setmode
_strdup
_unlink
_write
__dllonexit
__doserrno
__mb_cur_max
__pioinfo
_amsg_exit
_errno
_exit
_filelengthi64
_fileno
_fstati64
_ftime
_get_osfhandle
_getch
_initterm
_iob
_lock
_lseeki64
_mkdir
_onexit
_osver
_setmode
_snwprintf
_sopen
_stat
_stricmp
_strnicmp
isxdigit
localeconv
localtime
malloc
memchr
memcmp
memcpy
memmove
memset
mktime
printf
putc
qsort
raise
rand
realloc
rename
setlocale
signal
sprintf
sscanf
strcat
strchr
strcmp
strcpy
strcspn
strerror
strftime
strlen
strncmp
strncpy
strrchr
strspn
strstr
strtol
strtoul
_unlock
_vsnprintf
_wfopen
_write
_wsopen
abort
atoi
bsearch
calloc
exit
fclose
feof
ferror
fflush
fgetc
fgetpos
fgets
fopen
fprintf
fputc
fputs
fread
free
fseek
fsetpos
ftell
fwprintf
fwrite
getc
getenv
gmtime
isalnum
islower
isprint
isspace
isupper
time
tolower
toupper
ungetc
vfprintf
wcscpy
wcslen
wcsstr

user32

GetDesktopWindow
GetProcessWindowStation
GetUserObjectInformationW
MessageBoxA
MessageBoxW

winmm

timeGetTime

ws2_32

WSACleanup
WSAGetLastError
WSASetLastError
WSAStartup
__WSAFDIsSet
accept
bind
closesocket
connect
freeaddrinfo
getaddrinfo
gethostbyname
gethostname
getnameinfo
getpeername
getsockname
getsockopt
htonl
htons
inet_addr
ioctlsocket
listen
ntohl
recv
recvfrom
select
send
sendto
setsockopt
shutdown
socket

avcodec-54

av_bitstream_filter_close
av_bitstream_filter_filter
av_bitstream_filter_init
av_codec_get_codec_descriptor
av_codec_set_codec_descriptor
av_codec_set_pkt_timebase
av_destruct_packet
av_dup_packet
av_fast_malloc
av_fast_padded_malloc
av_fast_realloc
av_free_packet
av_get_audio_frame_duration
av_get_bits_per_sample
av_get_codec_tag_string
av_grow_packet
av_init_packet
av_log_ask_for_sample
av_log_missing_feature
av_new_packet
av_packet_get_side_data
av_packet_merge_side_data
av_packet_new_side_data
av_packet_split_side_data
av_parser_close
av_parser_init
av_parser_parse2
av_shrink_packet
av_xiphlacing
avcodec_alloc_context3
avcodec_alloc_frame
avcodec_close
avcodec_copy_context
avcodec_decode_audio4
avcodec_decode_subtitle2
avcodec_decode_video2
avcodec_descriptor_get
avcodec_find_decoder
avcodec_find_encoder
avcodec_free_frame
avcodec_get_chroma_sub_sample
avcodec_get_frame_defaults
avcodec_get_name
avcodec_get_type
avcodec_is_open
avcodec_open2
avcodec_pix_fmt_to_codec_tag
avcodec_register_all
avcodec_set_dimensions
avcodec_string
avpicture_get_size
avpriv_aac_parse_header
avpriv_ac3_channel_layout_tab
avpriv_ac3_parse_header
avpriv_adx_decode_header
avpriv_align_put_bits
avpriv_bprint_to_extradata
avpriv_copy_bits
avpriv_copy_pce_data
avpriv_dca_sample_rates
avpriv_dirac_parse_sequence_header
avpriv_dnxhd_get_frame_size
avpriv_dv_codec_profile
avpriv_dv_frame_profile
avpriv_flac_is_extradata_valid
avpriv_flac_parse_block_header
avpriv_flac_parse_streaminfo
avpriv_h264_has_num_reorder_frames
avpriv_lock_avformat
avpriv_mjpeg_bits_ac_chrominance
avpriv_mjpeg_bits_ac_luminance
avpriv_mjpeg_bits_dc_chrominance
avpriv_mjpeg_bits_dc_luminance
avpriv_mjpeg_val_ac_chrominance
avpriv_mjpeg_val_ac_luminance
avpriv_mjpeg_val_dc
avpriv_mpa_bitrate_tab
avpriv_mpa_decode_header
avpriv_mpa_freq_tab
avpriv_mpeg4audio_get_config
avpriv_mpeg4audio_sample_rates
avpriv_mpegaudio_decode_header
avpriv_mpv_find_start_code
avpriv_split_xiph_headers
avpriv_tak_parse_streaminfo
avpriv_toupper4
avpriv_unlock_avformat
avpriv_vorbis_parse_extradata
avpriv_vorbis_parse_frame
avpriv_vorbis_parse_reset
ff_find_pix_fmt
ff_raw_pix_fmt_tags

avutil-52

av_adler32_update
av_aes_alloc
av_aes_crypt
av_aes_init
av_base64_decode
av_base64_encode
av_basename
av_bprint_chars
av_bprint_clear
av_bprint_finalize
av_bprint_init
av_bprintf
av_calloc
av_compare_mod
av_compare_ts
av_crc
av_crc_get_table
av_d2q
av_default_item_name
av_des_crypt
av_des_init
av_des_mac
av_dict_copy
av_dict_count
av_dict_free
av_dict_get
av_dict_set
av_div_q
av_dynarray_add
av_fifo_alloc
av_fifo_drain
av_fifo_free
av_fifo_generic_read
av_fifo_generic_write
av_fifo_realloc2
av_fifo_size
av_find_info_tag
av_free
av_freep
av_gcd
av_get_bytes_per_sample
av_get_channel_layout_nb_channels
av_get_media_type_string
av_get_pix_fmt
av_get_pix_fmt_name
av_get_random_seed
av_get_token
av_gettime
av_image_check_size
av_lfg_init
av_log
av_log_get_level
av_lzo1x_decode
av_malloc
av_mallocz
av_md5_alloc
av_md5_final
av_md5_init
av_md5_sum
av_md5_update
av_mul_q
av_opt_flag_is_set
av_opt_free
av_opt_get
av_opt_get_int
av_opt_set
av_opt_set_defaults
av_opt_set_dict
av_parse_ratio
av_parse_time
av_parse_video_rate
av_parse_video_size
av_pix_fmt_desc_get
av_rc4_crypt
av_rc4_init
av_realloc
av_realloc_f
av_reduce
av_rescale
av_rescale_q
av_rescale_q_rnd
av_rescale_rnd
av_sha_alloc
av_sha_final
av_sha_init
av_sha_update
av_small_strptime
av_strcasecmp
av_strdup
av_strerror
av_stristart
av_stristr
av_strlcat
av_strlcatf
av_strlcpy
av_strncasecmp
av_strstart
av_strtod
av_strtok
av_tempfile
av_timecode_check_frame_rate
av_timecode_get_smpte_from_framenum
av_timecode_init
av_timecode_init_from_string
av_timecode_make_smpte_tc_string
av_timecode_make_string
av_timegm
av_tree_destroy
av_tree_enumerate
av_tree_find
av_tree_insert
av_tree_node_alloc
av_usleep
av_vlog

Exports

Exports

av_add_index_entry
av_append_packet
av_close_input_file
av_codec_get_id
av_codec_get_tag
av_convert_lang_to
av_demuxer_open
av_dump_format
av_filename_number_test
av_find_best_stream
av_find_default_stream_index
av_find_input_format
av_find_program_from_stream
av_find_stream_info
av_fmt_ctx_get_duration_estimation_method
av_get_frame_filename
av_get_output_timestamp
av_get_packet
av_gettime@LIBAVFORMAT_54
av_guess_codec
av_guess_format
av_guess_sample_aspect_ratio
av_hex_dump
av_hex_dump_log
av_iformat_next
av_index_search_timestamp
av_interleave_packet_per_dts
av_interleaved_write_frame
av_match_ext
av_new_program
av_new_stream
av_oformat_next
av_pkt_dump2
av_pkt_dump_log2
av_probe_input_buffer
av_probe_input_format
av_probe_input_format2
av_probe_input_format3
av_read_frame
av_read_packet
av_read_pause
av_read_play
av_register_all
av_register_input_format
av_register_output_format
av_register_rdt_dynamic_payload_handlers
av_register_rtp_dynamic_payload_handlers
av_sdp_create
av_seek_frame
av_set_pts_info
av_url_split
av_write_frame
av_write_trailer
avformat_alloc_context
avformat_alloc_output_context
avformat_alloc_output_context2
avformat_close_input
avformat_configuration
avformat_find_stream_info
avformat_free_context
avformat_get_class
avformat_get_riff_audio_tags
avformat_get_riff_video_tags
avformat_license
avformat_match_stream_specifier
avformat_network_deinit
avformat_network_init
avformat_new_stream
avformat_open_input
avformat_query_codec
avformat_queue_attached_pictures
avformat_seek_file
avformat_version
avformat_write_header
avio_alloc_context
avio_check
avio_close
avio_close_dyn_buf
avio_closep
avio_enum_protocols
avio_flush
avio_get_str
avio_get_str16be
avio_get_str16le
avio_open
avio_open2
avio_open_dyn_buf
avio_pause
avio_printf
avio_put_str
avio_put_str16le
avio_r8
avio_rb16
avio_rb24
avio_rb32
avio_rb64
avio_read
avio_rl16
avio_rl24
avio_rl32
avio_rl64
avio_seek
avio_seek_time
avio_size
avio_skip
avio_w8
avio_wb16
avio_wb24
avio_wb32
avio_wb64
avio_wl16
avio_wl24
avio_wl32
avio_wl64
avio_write
avpriv_dv_get_packet
avpriv_dv_init_demux
avpriv_dv_produce_packet
avpriv_new_chapter
avpriv_set_pts_info
ff_guess_image2_codec
ff_inet_aton
ff_mpegts_parse_close
ff_mpegts_parse_open
ff_mpegts_parse_packet
ff_rtp_get_local_rtcp_port
ff_rtp_get_local_rtp_port
ff_rtsp_parse_line
ff_socket_nonblock
ffio_open_dyn_packet_buf
ffio_set_buf_size
ffurl_close
ffurl_open
ffurl_protocol_next
ffurl_read_complete
ffurl_register_protocol
ffurl_seek
ffurl_size
ffurl_write
get_crc_table
url_feof

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 406KB - Virtual size: 405KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

/4
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
media_dll/avutil-52.dll
.dll windows:4 windows x86 arch:x86

e0df73c0f31393cc9d0c80ae058cb473

Code Sign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10-05-2010 00:00

Not After

10-05-2015 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

cd:5d:11:0f:fb:97:fa:9e:bb:c2:ed:ee:b7:2c:c1:6a
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

13-04-2015 00:00

Not After

12-04-2016 23:59

Subject

CN=Hetman Software,O=Hetman Software,POSTALCODE=07500,STREET=Komsomolskaya street\, 13/2,L=Baryshevka,ST=Kievskaya,C=UA

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

27:66:ee:56:eb:49:f3:8e:ab:d7:70:a2:fc:84:de:22
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

30-05-2000 10:48

Not After

30-05-2020 10:48

Subject

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09-05-2013 00:00

Not After

08-05-2028 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

b6:f5:0f:e6:45:29:f3:58:20:11:a4:a1:b0:62:f3:23:31:69:e0:14
Signer

Actual PE Digest

b6:f5:0f:e6:45:29:f3:58:20:11:a4:a1:b0:62:f3:23:31:69:e0:14

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

advapi32

CryptAcquireContextA
CryptGenRandom
CryptReleaseContext

kernel32

CloseHandle
CreateFileMappingA
DeleteCriticalSection
EnterCriticalSection
GetConsoleScreenBufferInfo
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetModuleHandleA
GetProcAddress
GetStdHandle
GetSystemTimeAsFileTime
GetTickCount
GetTimeZoneInformation
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
LoadLibraryW
MapViewOfFile
MultiByteToWideChar
QueryPerformanceCounter
SetConsoleTextAttribute
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
UnmapViewOfFile
VirtualProtect
VirtualQuery
WideCharToMultiByte

msvcrt

_close
_isatty
_open
_read
_tempnam
__dllonexit
__mb_cur_max
__setusermatherr
_amsg_exit
_errno
_fstati64
_get_osfhandle
_initterm
_iob
_lock
_onexit
isxdigit
localeconv
localtime
malloc
memcmp
memcpy
memmove
memset
mktime
realloc
setlocale
sinh
strchr
strcmp
strcpy
strcspn
strerror
strftime
strlen
strncmp
strrchr
strspn
strtol
strtoul
_unlock
abort
acos
asin
atan
atoi
bsearch
calloc
clock
cosh
fputc
fputs
free
frexp
getc
getenv
gmtime
islower
isspace
isupper
tan
tanh
time
tolower
toupper
ungetc
wcslen

Exports

Exports

av_add_q
av_adler32_update
av_aes_alloc
av_aes_crypt
av_aes_init
av_aes_size
av_asprintf
av_audio_fifo_alloc
av_audio_fifo_drain
av_audio_fifo_free
av_audio_fifo_read
av_audio_fifo_realloc
av_audio_fifo_reset
av_audio_fifo_size
av_audio_fifo_space
av_audio_fifo_write
av_base64_decode
av_base64_encode
av_basename
av_blowfish_crypt
av_blowfish_crypt_ecb
av_blowfish_init
av_bmg_get
av_bprint_channel_layout
av_bprint_chars
av_bprint_clear
av_bprint_finalize
av_bprint_get_buffer
av_bprint_init
av_bprint_init_for_buffer
av_bprint_strftime
av_bprintf
av_calloc
av_channel_layout_extract_channel
av_compare_mod
av_compare_ts
av_crc
av_crc_get_table
av_crc_init
av_ctz
av_d2q
av_d2str
av_dbl2ext
av_dbl2int
av_default_get_category
av_default_item_name
av_des_crypt
av_des_init
av_des_mac
av_dict_copy
av_dict_count
av_dict_free
av_dict_get
av_dict_set
av_dirname
av_div_q
av_dynarray_add
av_evaluate_lls
av_expr_eval
av_expr_free
av_expr_parse
av_expr_parse_and_eval
av_ext2dbl
av_fifo_alloc
av_fifo_drain
av_fifo_free
av_fifo_generic_read
av_fifo_generic_write
av_fifo_grow
av_fifo_realloc2
av_fifo_reset
av_fifo_size
av_fifo_space
av_file_map
av_file_unmap
av_find_info_tag
av_find_nearest_q_idx
av_find_opt
av_flt2int
av_force_cpu_flags
av_free
av_freep
av_gcd
av_get_alt_sample_fmt
av_get_bits_per_pixel
av_get_bits_per_sample_fmt
av_get_bytes_per_sample
av_get_channel_description
av_get_channel_layout
av_get_channel_layout_channel_index
av_get_channel_layout_nb_channels
av_get_channel_layout_string
av_get_channel_name
av_get_cpu_flags
av_get_default_channel_layout
av_get_double
av_get_int
av_get_media_type_string
av_get_packed_sample_fmt
av_get_padded_bits_per_pixel
av_get_picture_type_char
av_get_pix_fmt
av_get_pix_fmt_name
av_get_pix_fmt_string
av_get_planar_sample_fmt
av_get_q
av_get_random_seed
av_get_sample_fmt
av_get_sample_fmt_name
av_get_sample_fmt_string
av_get_standard_channel_layout
av_get_string
av_get_token
av_gettime
av_image_alloc
av_image_check_size
av_image_copy
av_image_copy_plane
av_image_copy_to_buffer
av_image_fill_arrays
av_image_fill_linesizes
av_image_fill_max_pixsteps
av_image_fill_pointers
av_image_get_buffer_size
av_image_get_linesize
av_init_lls
av_int2dbl
av_int2flt
av_lfg_init
av_log
av_log2
av_log2_16bit
av_log_default_callback
av_log_format_line
av_log_get_level
av_log_set_callback
av_log_set_flags
av_log_set_level
av_lzo1x_decode
av_malloc
av_mallocz
av_max_alloc
av_md5_alloc
av_md5_final
av_md5_init
av_md5_size
av_md5_sum
av_md5_update
av_memcpy_backptr
av_mul_q
av_nearer_q
av_next_option
av_opt_child_class_next
av_opt_child_next
av_opt_eval_double
av_opt_eval_flags
av_opt_eval_float
av_opt_eval_int
av_opt_eval_int64
av_opt_eval_q
av_opt_find
av_opt_find2
av_opt_flag_is_set
av_opt_free
av_opt_freep_ranges
av_opt_get
av_opt_get_double
av_opt_get_image_size
av_opt_get_int
av_opt_get_key_value
av_opt_get_pixel_fmt
av_opt_get_q
av_opt_get_sample_fmt
av_opt_next
av_opt_ptr
av_opt_query_ranges
av_opt_query_ranges_default
av_opt_set
av_opt_set_bin
av_opt_set_defaults
av_opt_set_defaults2
av_opt_set_dict
av_opt_set_double
av_opt_set_from_string
av_opt_set_image_size
av_opt_set_int
av_opt_set_pixel_fmt
av_opt_set_q
av_opt_set_sample_fmt
av_opt_show2
av_parse_color
av_parse_cpu_caps
av_parse_cpu_flags
av_parse_ratio
av_parse_time
av_parse_video_rate
av_parse_video_size
av_pix_fmt_desc_get
av_pix_fmt_desc_get_id
av_pix_fmt_desc_next
av_pix_fmt_descriptors
av_pix_fmt_get_chroma_sub_sample
av_rc4_crypt
av_rc4_init
av_read_image_line
av_realloc
av_realloc_f
av_reduce
av_rescale
av_rescale_delta
av_rescale_q
av_rescale_q_rnd
av_rescale_rnd
av_reverse
av_sample_fmt_is_planar
av_samples_alloc
av_samples_copy
av_samples_fill_arrays
av_samples_get_buffer_size
av_samples_set_silence
av_set_cpu_flags_mask
av_set_double
av_set_int
av_set_options_string
av_set_q
av_set_string3
av_sha_alloc
av_sha_final
av_sha_init
av_sha_size
av_sha_update
av_small_strptime
av_solve_lls
av_strcasecmp
av_strdup
av_strerror
av_stristart
av_stristr
av_strlcat
av_strlcatf
av_strlcpy
av_strncasecmp
av_strstart
av_strtod
av_strtok
av_sub_q
av_tempfile
av_timecode_adjust_ntsc_framenum2
av_timecode_check_frame_rate
av_timecode_get_smpte_from_framenum
av_timecode_init
av_timecode_init_from_string
av_timecode_make_mpeg_tc_string
av_timecode_make_smpte_tc_string
av_timecode_make_string
av_timegm
av_tree_destroy
av_tree_enumerate
av_tree_find
av_tree_insert
av_tree_node_alloc
av_tree_node_size
av_update_lls
av_usleep
av_vlog
av_write_image_line
av_xtea_crypt
av_xtea_init
avpriv_cga_font
avpriv_float_dsp_init
avpriv_set_systematic_pal2
avpriv_vga16_font
avutil_configuration
avutil_license
avutil_version
ff_cpu_cpuid
ff_cpu_cpuid_test
ff_cpu_xgetbv
ff_float_dsp_init_x86
ff_get_cpu_flags_x86
ff_log2_tab
ff_vector_dmul_scalar_avx
ff_vector_dmul_scalar_sse2
ff_vector_fmac_scalar_avx
ff_vector_fmac_scalar_sse
ff_vector_fmul_avx
ff_vector_fmul_scalar_sse
ff_vector_fmul_sse

Sections

.text
Size: 162KB - Virtual size: 162KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 204B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 20KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
media_dll/swresample-0.dll
.dll windows:4 windows x86 arch:x86

d8f91c2740a8964dfcb434832db800e5

Code Sign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10-05-2010 00:00

Not After

10-05-2015 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

cd:5d:11:0f:fb:97:fa:9e:bb:c2:ed:ee:b7:2c:c1:6a
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

13-04-2015 00:00

Not After

12-04-2016 23:59

Subject

CN=Hetman Software,O=Hetman Software,POSTALCODE=07500,STREET=Komsomolskaya street\, 13/2,L=Baryshevka,ST=Kievskaya,C=UA

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

27:66:ee:56:eb:49:f3:8e:ab:d7:70:a2:fc:84:de:22
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

30-05-2000 10:48

Not After

30-05-2020 10:48

Subject

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09-05-2013 00:00

Not After

08-05-2028 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:06:e2:2b:de:a4:78:7c:b9:cd:ab:ab:1b:bc:28:92:95:5e:3e:c1
Signer

Actual PE Digest

61:06:e2:2b:de:a4:78:7c:b9:cd:ab:ab:1b:bc:28:92:95:5e:3e:c1

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetModuleHandleA
GetProcAddress
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
LoadLibraryW
MultiByteToWideChar
QueryPerformanceCounter
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery
WideCharToMultiByte

msvcrt

__dllonexit
__mb_cur_max
__setusermatherr
_amsg_exit
_errno
_initterm
_iob
_lock
_onexit
localeconv
malloc
memcpy
memset
setlocale
strchr
strerror
strlen
strncmp
_unlock
abort
atoi
calloc
fputc
free
getenv
wcslen

avutil-52

av_free
av_freep
av_get_bytes_per_sample
av_get_channel_layout_nb_channels
av_get_channel_layout_string
av_get_cpu_flags
av_get_default_channel_layout
av_get_packed_sample_fmt
av_get_planar_sample_fmt
av_get_sample_fmt_name
av_log
av_malloc
av_mallocz
av_opt_set_defaults
av_opt_set_int
av_reduce
av_rescale
av_sample_fmt_is_planar

Exports

Exports

ff_float_to_int16_a_sse2
ff_float_to_int16_u_sse2
ff_float_to_int32_a_sse2
ff_float_to_int32_u_sse2
ff_int16_to_float_a_sse2
ff_int16_to_float_u_sse2
ff_int16_to_int32_a_mmx
ff_int16_to_int32_a_sse2
ff_int16_to_int32_u_mmx
ff_int16_to_int32_u_sse2
ff_int32_to_float_a_avx
ff_int32_to_float_a_sse2
ff_int32_to_float_u_avx
ff_int32_to_float_u_sse2
ff_int32_to_int16_a_mmx
ff_int32_to_int16_a_sse2
ff_int32_to_int16_u_mmx
ff_int32_to_int16_u_sse2
ff_log2_tab
ff_mix_1_1_a_float_avx
ff_mix_1_1_a_float_sse
ff_mix_1_1_a_int16_mmx
ff_mix_1_1_a_int16_sse2
ff_mix_1_1_u_float_avx
ff_mix_1_1_u_float_sse
ff_mix_1_1_u_int16_mmx
ff_mix_1_1_u_int16_sse2
ff_mix_2_1_a_float_avx
ff_mix_2_1_a_float_sse
ff_mix_2_1_a_int16_mmx
ff_mix_2_1_a_int16_sse2
ff_mix_2_1_u_float_avx
ff_mix_2_1_u_float_sse
ff_mix_2_1_u_int16_mmx
ff_mix_2_1_u_int16_sse2
ff_pack_2ch_float_to_int16_a_sse2
ff_pack_2ch_float_to_int16_u_sse2
ff_pack_2ch_float_to_int32_a_sse2
ff_pack_2ch_float_to_int32_u_sse2
ff_pack_2ch_int16_to_float_a_sse2
ff_pack_2ch_int16_to_float_u_sse2
ff_pack_2ch_int16_to_int16_a_sse2
ff_pack_2ch_int16_to_int16_u_sse2
ff_pack_2ch_int16_to_int32_a_sse2
ff_pack_2ch_int16_to_int32_u_sse2
ff_pack_2ch_int32_to_float_a_sse2
ff_pack_2ch_int32_to_float_u_sse2
ff_pack_2ch_int32_to_int16_a_sse2
ff_pack_2ch_int32_to_int16_u_sse2
ff_pack_2ch_int32_to_int32_a_sse2
ff_pack_2ch_int32_to_int32_u_sse2
ff_pack_6ch_float_to_float_a_avx
ff_pack_6ch_float_to_float_a_mmx
ff_pack_6ch_float_to_float_a_sse4
ff_pack_6ch_float_to_float_u_avx
ff_pack_6ch_float_to_float_u_mmx
ff_pack_6ch_float_to_float_u_sse4
ff_pack_6ch_float_to_int32_a_avx
ff_pack_6ch_float_to_int32_a_sse4
ff_pack_6ch_float_to_int32_u_avx
ff_pack_6ch_float_to_int32_u_sse4
ff_pack_6ch_int32_to_float_a_avx
ff_pack_6ch_int32_to_float_a_sse4
ff_pack_6ch_int32_to_float_u_avx
ff_pack_6ch_int32_to_float_u_sse4
ff_resample_int16_rounder
ff_unpack_2ch_float_to_int16_a_sse2
ff_unpack_2ch_float_to_int16_u_sse2
ff_unpack_2ch_float_to_int32_a_sse2
ff_unpack_2ch_float_to_int32_u_sse2
ff_unpack_2ch_int16_to_float_a_sse2
ff_unpack_2ch_int16_to_float_a_ssse3
ff_unpack_2ch_int16_to_float_u_sse2
ff_unpack_2ch_int16_to_float_u_ssse3
ff_unpack_2ch_int16_to_int16_a_sse2
ff_unpack_2ch_int16_to_int16_a_ssse3
ff_unpack_2ch_int16_to_int16_u_sse2
ff_unpack_2ch_int16_to_int16_u_ssse3
ff_unpack_2ch_int16_to_int32_a_sse2
ff_unpack_2ch_int16_to_int32_a_ssse3
ff_unpack_2ch_int16_to_int32_u_sse2
ff_unpack_2ch_int16_to_int32_u_ssse3
ff_unpack_2ch_int32_to_float_a_sse2
ff_unpack_2ch_int32_to_float_u_sse2
ff_unpack_2ch_int32_to_int16_a_sse2
ff_unpack_2ch_int32_to_int16_u_sse2
ff_unpack_2ch_int32_to_int32_a_sse2
ff_unpack_2ch_int32_to_int32_u_sse2
swr_alloc
swr_alloc_set_opts
swr_convert
swr_drop_output
swr_free
swr_get_class
swr_get_delay
swr_init
swr_inject_silence
swr_next_pts
swr_set_channel_mapping
swr_set_compensation
swr_set_matrix
swresample_configuration
swresample_license
swresample_version

Sections

.text
Size: 86KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 68B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rodata
Size: 512B - Virtual size: 192B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
media_dll/swscale-2.dll
.dll windows:4 windows x86 arch:x86

bdd686222e4dc451f28b77a336761e78

Code Sign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10-05-2010 00:00

Not After

10-05-2015 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

cd:5d:11:0f:fb:97:fa:9e:bb:c2:ed:ee:b7:2c:c1:6a
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

13-04-2015 00:00

Not After

12-04-2016 23:59

Subject

CN=Hetman Software,O=Hetman Software,POSTALCODE=07500,STREET=Komsomolskaya street\, 13/2,L=Baryshevka,ST=Kievskaya,C=UA

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

27:66:ee:56:eb:49:f3:8e:ab:d7:70:a2:fc:84:de:22
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

30-05-2000 10:48

Not After

30-05-2020 10:48

Subject

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09-05-2013 00:00

Not After

08-05-2028 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

5b:95:8a:00:16:41:d8:dc:39:d6:a6:e4:3e:60:a1:17:49:95:63:18
Signer

Actual PE Digest

5b:95:8a:00:16:41:d8:dc:39:d6:a6:e4:3e:60:a1:17:49:95:63:18

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetModuleHandleA
GetProcAddress
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
LoadLibraryW
MultiByteToWideChar
QueryPerformanceCounter
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WideCharToMultiByte

msvcrt

__dllonexit
__mb_cur_max
__setusermatherr
_amsg_exit
_errno
_initterm
_iob
_lock
_onexit
localeconv
malloc
memcpy
memset
setlocale
strchr
strerror
strlen
strncmp
_unlock
abort
atoi
calloc
fputc
free
getenv
wcslen

avutil-52

av_free
av_freep
av_get_bits_per_pixel
av_get_cpu_flags
av_get_pix_fmt_name
av_log
av_malloc
av_mallocz
av_opt_set_defaults
av_pix_fmt_desc_get

Exports

Exports

sws_addVec
sws_allocVec
sws_alloc_context
sws_cloneVec
sws_context_class
sws_convVec
sws_convertPalette8ToPacked24
sws_convertPalette8ToPacked32
sws_format_name
sws_freeContext
sws_freeFilter
sws_freeVec
sws_getCachedContext
sws_getCoefficients
sws_getColorspaceDetails
sws_getConstVec
sws_getContext
sws_getDefaultFilter
sws_getGaussianVec
sws_getIdentityVec
sws_get_class
sws_init_context
sws_isSupportedInput
sws_isSupportedOutput
sws_normalizeVec
sws_printVec2
sws_rgb2rgb_init
sws_scale
sws_scaleVec
sws_setColorspaceDetails
sws_shiftVec
sws_subVec
swscale_configuration
swscale_license
swscale_version

Sections

.text
Size: 308KB - Virtual size: 307KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rodata
Size: 1024B - Virtual size: 704B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 1012B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

be41bf7b8cc010b614bd36bbca606973

Code Sign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:beCertificate

Extended Key Usages

Key Usages

cd:5d:11:0f:fb:97:fa:9e:bb:c2:ed:ee:b7:2c:c1:6aCertificate

Extended Key Usages

Key Usages

27:66:ee:56:eb:49:f3:8e:ab:d7:70:a2:fc:84:de:22Certificate

Key Usages

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:afCertificate

Extended Key Usages

Key Usages

0e:72:1a:79:87:32:8a:56:35:5d:cf:fc:2e:1a:35:b8:11:49:66:11Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 27KB - Virtual size: 27KB

.rdata Size: 11KB - Virtual size: 10KB

.data Size: 512B - Virtual size: 415KB

.ndata Size: - Virtual size: 580KB

.rsrc Size: 25KB - Virtual size: 25KB

.reloc Size: 4KB - Virtual size: 3KB

cd90e33ffbc335413a25300c682c83df

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comdlg32

ole32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 6KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 1024B - Virtual size: 17KB

.rsrc Size: 512B - Virtual size: 152B

.reloc Size: 1KB - Virtual size: 1KB

581756560dd3961ceef1582573677d79

Code Sign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:beCertificate

Extended Key Usages

Key Usages

cd:5d:11:0f:fb:97:fa:9e:bb:c2:ed:ee:b7:2c:c1:6aCertificate

Extended Key Usages

Key Usages

27:66:ee:56:eb:49:f3:8e:ab:d7:70:a2:fc:84:de:22Certificate

Key Usages

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:afCertificate

Extended Key Usages

Key Usages

7e:b2:a0:8b:60:c1:03:f7:d1:80:7b:8d:3c:af:14:56:69:aa:03:19Signer

Headers

File Characteristics

Imports

oleaut32

advapi32

user32

kernel32

msimg32

gdi32

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

cd:5d:11:0f:fb:97:fa:9e:bb:c2:ed:ee:b7:2c:c1:6a
Certificate

27:66:ee:56:eb:49:f3:8e:ab:d7:70:a2:fc:84:de:22
Certificate

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

0e:72:1a:79:87:32:8a:56:35:5d:cf:fc:2e:1a:35:b8:11:49:66:11
Signer

.text
Size: 27KB - Virtual size: 27KB

.rdata
Size: 11KB - Virtual size: 10KB

.data
Size: 512B - Virtual size: 415KB

.ndata
Size: - Virtual size: 580KB

.rsrc
Size: 25KB - Virtual size: 25KB

.reloc
Size: 4KB - Virtual size: 3KB

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 1024B - Virtual size: 17KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1KB - Virtual size: 1KB

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

cd:5d:11:0f:fb:97:fa:9e:bb:c2:ed:ee:b7:2c:c1:6a
Certificate

27:66:ee:56:eb:49:f3:8e:ab:d7:70:a2:fc:84:de:22
Certificate

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

7e:b2:a0:8b:60:c1:03:f7:d1:80:7b:8d:3c:af:14:56:69:aa:03:19
Signer

.text
Size: 8.9MB - Virtual size: 8.9MB

.itext
Size: 39KB - Virtual size: 39KB

.data
Size: 276KB - Virtual size: 276KB

.bss
Size: - Virtual size: 588KB

.idata
Size: 24KB - Virtual size: 23KB

.didata
Size: 7KB - Virtual size: 7KB

.edata
Size: 2KB - Virtual size: 1KB

.tls
Size: - Virtual size: 92B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 624KB - Virtual size: 624KB

.rsrc
Size: 5.8MB - Virtual size: 5.8MB

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

cd:5d:11:0f:fb:97:fa:9e:bb:c2:ed:ee:b7:2c:c1:6a
Certificate

27:66:ee:56:eb:49:f3:8e:ab:d7:70:a2:fc:84:de:22
Certificate

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

cb:95:77:83:40:28:00:52:5d:b5:20:b3:b1:2b:4f:23:19:60:9b:39
Signer

.text
Size: 372KB - Virtual size: 371KB

.itext
Size: 3KB - Virtual size: 2KB

.data
Size: 6KB - Virtual size: 5KB

.bss
Size: - Virtual size: 20KB

.idata
Size: 7KB - Virtual size: 6KB

.didata
Size: 512B - Virtual size: 154B

.edata
Size: 512B - Virtual size: 169B

.reloc
Size: 33KB - Virtual size: 32KB

.rsrc
Size: 10KB - Virtual size: 10KB

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

cd:5d:11:0f:fb:97:fa:9e:bb:c2:ed:ee:b7:2c:c1:6a
Certificate