Extracted

Extracted

• bde21a5d29bc98590e62e5f20bfe088a

  .exe windows:4 windows x86 arch:x86

  7bc6ae0cda8ff6b0700dd634cde5c01f

  
  

  Code Sign

  38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5

  Certificate

  Issuer

  CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

  Not Before

  15/06/2007, 00:00

  Not After

  14/06/2012, 23:59

  Subject

  CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

  Extended Key Usages

  ExtKeyUsageTimeStamping

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageContentCommitment

  47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4

  Certificate

  Issuer

  CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

  Not Before

  04/12/2003, 00:00

  Not After

  03/12/2013, 23:59

  Subject

  CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

  Extended Key Usages

  ExtKeyUsageTimeStamping

  Key Usages

  KeyUsageCertSign

  KeyUsageCRLSign

  41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2

  Certificate

  Issuer

  OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

  Not Before

  16/07/2004, 00:00

  Not After

  15/07/2014, 23:59

  Subject

  CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

  Extended Key Usages

  ExtKeyUsageClientAuth

  ExtKeyUsageCodeSigning

  Key Usages

  KeyUsageCertSign

  KeyUsageCRLSign

  61:0c:12:06:00:00:00:00:00:1b

  Certificate

  Issuer

  CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Not Before

  23/05/2006, 17:01

  Not After

  23/05/2016, 17:11

  Subject

  OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  59:8b:48:92:bd:19:55:eb:9a:88:8f:f3:93:b8:52:37

  Certificate

  Issuer

  CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

  Not Before

  26/10/2006, 00:00

  Not After

  15/12/2009, 23:59

  Subject

  CN=F-Secure Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Research and Development,O=F-Secure Corporation,L=Helsinki,ST=Helsinki,C=FI

  Extended Key Usages

  ExtKeyUsageCodeSigning

  Key Usages

  KeyUsageDigitalSignature

  fd:81:a9:84:09:e9:66:23:46:60:2e:aa:52:31:af:23:f1:48:cd:9c

  Signer

  Actual PE Digest

  fd:81:a9:84:09:e9:66:23:46:60:2e:aa:52:31:af:23:f1:48:cd:9c

  Digest Algorithm

  sha1

  PE Digest Matches

  false

  Headers

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  PDB Paths

  e:\Projects\Repository\hips\hips\blacklight\beta\Release\beta.pdb

  Imports

  version

  GetFileVersionInfoSizeW

  GetFileVersionInfoW

  VerQueryValueW

  userenv

  ExpandEnvironmentStringsForUserW

  kernel32

  TlsFree

  GlobalFlags

  InterlockedIncrement

  FileTimeToSystemTime

  SetErrorMode

  FileTimeToLocalFileTime

  GetFileTime

  WritePrivateProfileStringW

  GetStartupInfoW

  HeapFree

  TerminateProcess

  RtlUnwind

  HeapAlloc

  HeapReAlloc

  VirtualQuery

  ExitThread

  LocalReAlloc

  GetStdHandle

  GetModuleFileNameA

  UnhandledExceptionFilter

  FreeEnvironmentStringsA

  GetEnvironmentStrings

  FreeEnvironmentStringsW

  GetEnvironmentStringsW

  GetCommandLineA

  SetHandleCount

  GetFileType

  GetStartupInfoA

  HeapDestroy

  HeapCreate

  QueryPerformanceCounter

  IsBadWritePtr

  SetUnhandledExceptionFilter

  LCMapStringA

  LCMapStringW

  GetTimeZoneInformation

  GetOEMCP

  GetCPInfo

  IsBadReadPtr

  IsBadCodePtr

  GetStringTypeA

  GetStringTypeW

  SetStdHandle

  CompareStringA

  CompareStringW

  SetEnvironmentVariableA

  TlsSetValue

  TlsAlloc

  TlsGetValue

  GlobalHandle

  GlobalReAlloc

  LocalAlloc

  SetThreadPriority

  lstrcmpA

  lstrcmpiA

  ConvertDefaultLocale

  GetVersion

  EnumResourceLanguagesW

  GetLocaleInfoW

  GetFullPathNameW

  GetVolumeInformationW

  DuplicateHandle

  SetEndOfFile

  UnlockFile

  LockFile

  FlushFileBuffers

  lstrcmpiW

  WideCharToMultiByte

  InterlockedDecrement

  SetLastError

  GlobalFree

  MulDiv

  lstrcpyW

  GlobalAlloc

  GlobalLock

  GlobalUnlock

  FormatMessageW

  lstrcpynW

  LocalFree

  FreeResource

  GlobalAddAtomW

  GlobalFindAtomW

  GlobalDeleteAtom

  lstrlenA

  LoadLibraryA

  lstrlenW

  lstrcatW

  lstrcmpW

  GetVersionExA

  GetTempFileNameW

  QueryDosDeviceW

  ExpandEnvironmentStringsW

  GetSystemTimeAsFileTime

  TerminateThread

  FindFirstFileW

  FindNextFileW

  FindClose

  EnterCriticalSection

  LeaveCriticalSection

  DeleteCriticalSection

  InitializeCriticalSection

  RaiseException

  VirtualProtect

  GetSystemInfo

  ReadProcessMemory

  GetExitCodeProcess

  GetProcessTimes

  GetLogicalDriveStringsW

  DeviceIoControl

  OpenMutexW

  GetTickCount

  ProcessIdToSessionId

  Process32FirstW

  Module32FirstW

  Process32NextW

  CreateRemoteThread

  VirtualAllocEx

  VirtualQueryEx

  WriteProcessMemory

  VirtualFreeEx

  GetSystemTime

  GetFileSize

  SetFilePointer

  OutputDebugStringW

  GetSystemDirectoryW

  ResumeThread

  GetCurrentProcessId

  CreateToolhelp32Snapshot

  Thread32First

  OpenThread

  SuspendThread

  Thread32Next

  CreateFileMappingW

  MapViewOfFile

  UnmapViewOfFile

  GetModuleHandleA

  WriteFile

  GetTempPathW

  GetDriveTypeW

  GetFileAttributesW

  CreateDirectoryW

  OpenProcess

  ReadFile

  ResetEvent

  WaitForMultipleObjects

  ReleaseMutex

  CreateMutexW

  CreateFileW

  DeleteFileW

  GetPrivateProfileStringW

  GetCommandLineW

  VirtualAlloc

  GetModuleFileNameW

  ExitProcess

  CreateProcessW

  VirtualFree

  GetModuleHandleW

  WaitForSingleObject

  GetCurrentThread

  LoadLibraryW

  GetProcAddress

  FreeLibrary

  GetSystemWindowsDirectoryW

  GetLongPathNameW

  CreateEventW

  CreateThread

  GetCurrentProcess

  GetLastError

  OpenEventW

  SetEvent

  CloseHandle

  GetLocalTime

  MultiByteToWideChar

  FindResourceW

  LoadResource

  LockResource

  SizeofResource

  GetCurrentThreadId

  Sleep

  GetVersionExW

  GetThreadLocale

  GetLocaleInfoA

  GetACP

  InterlockedExchange

  HeapSize

  user32

  WindowFromPoint

  DestroyMenu

  GetMessageW

  TranslateMessage

  GetCursorPos

  ValidateRect

  GetDesktopWindow

  GetActiveWindow

  CreateDialogIndirectParamW

  GetNextDlgTabItem

  EndDialog

  PostQuitMessage

  wsprintfW

  CharUpperW

  SetMenuItemBitmaps

  ModifyMenuW

  CheckMenuItem

  GetMenuCheckMarkDimensions

  LoadBitmapW

  IsWindowEnabled

  ShowWindow

  MoveWindow

  SetWindowTextW

  IsDialogMessageW

  SetDlgItemTextW

  EndPaint

  BeginPaint

  ClientToScreen

  GrayStringW

  DrawTextExW

  DrawTextW

  TabbedTextOutW

  GetMenuState

  WinHelpW

  GetCapture

  CreateWindowExW

  GetClassInfoExW

  GetClassLongW

  GetClassNameW

  SetPropW

  GetPropW

  RemovePropW

  SendDlgItemMessageW

  SendDlgItemMessageA

  GetFocus

  SetFocus

  GetWindowTextLengthW

  GetLastActivePopup

  DispatchMessageW

  GetDlgItem

  DestroyWindow

  GetMessageTime

  PeekMessageW

  MapWindowPoints

  MessageBoxW

  GetKeyState

  UpdateWindow

  GetMenu

  PostMessageW

  GetSubMenu

  GetMenuItemID

  GetMenuItemCount

  AdjustWindowRectEx

  GetParent

  ScreenToClient

  GetClassInfoW

  RegisterClassW

  DefWindowProcW

  CallWindowProcW

  SetWindowPos

  SystemParametersInfoA

  GetWindowPlacement

  CopyRect

  PtInRect

  UnregisterClassW

  GetSystemMetrics

  GetForegroundWindow

  GetWindowThreadProcessId

  GetSysColorBrush

  DestroyIcon

  IsChild

  IsIconic

  DrawIcon

  SetRect

  IsWindowVisible

  GetWindowLongW

  IsWindow

  GetSysColor

  WindowFromDC

  GetDlgCtrlID

  ExitWindowsEx

  LoadIconW

  KillTimer

  SetTimer

  RedrawWindow

  GetSystemMenu

  EnableMenuItem

  SendMessageW

  IsRectEmpty

  GetWindowRect

  SetForegroundWindow

  GetTopWindow

  GetWindowTextW

  GetWindow

  SetActiveWindow

  GetDC

  ReleaseDC

  SetWindowLongW

  LoadCursorW

  SetCursor

  EnableWindow

  InvalidateRect

  GetClientRect

  EqualRect

  SetRectEmpty

  SetWindowsHookExW

  CallNextHookEx

  UnhookWindowsHookEx

  GetMessagePos

  RegisterWindowMessageW

  gdi32

  DPtoLP

  SelectPalette

  SetMapMode

  SetBkMode

  RestoreDC

  SaveDC

  SetBkColor

  SetTextColor

  GetClipBox

  CreateFontIndirectW

  CreateRoundRectRgn

  DeleteDC

  ExtSelectClipRgn

  ScaleWindowExtEx

  SetWindowExtEx

  SetWindowOrgEx

  ScaleViewportExtEx

  SetViewportExtEx

  OffsetViewportOrgEx

  SetViewportOrgEx

  Escape

  TextOutW

  RectVisible

  PtVisible

  DeleteObject

  MoveToEx

  LineTo

  IntersectClipRect

  GetObjectW

  ResizePalette

  GetNearestPaletteIndex

  SetPaletteEntries

  GetPaletteEntries

  CreateBitmap

  CreateCompatibleDC

  GetDeviceCaps

  RealizePalette

  BitBlt

  StretchBlt

  CreatePalette

  GetTextExtentPoint32W

  ExtTextOutW

  GetWindowOrgEx

  CreateCompatibleBitmap

  CreatePen

  SelectObject

  GetTextExtentExPointW

  GetStockObject

  CreateSolidBrush

  RoundRect

  GetSystemPaletteEntries

  CreateDIBitmap

  ExcludeClipRect

  comdlg32

  GetFileTitleW

  winspool.drv

  ClosePrinter

  DocumentPropertiesW

  OpenPrinterW

  advapi32

  RegCloseKey

  RegQueryValueExW

  RegCreateKeyExW

  AdjustTokenPrivileges

  LookupPrivilegeValueW

  OpenProcessToken

  OpenThreadToken

  CloseServiceHandle

  OpenSCManagerW

  FreeSid

  CheckTokenMembership

  AllocateAndInitializeSid

  RegQueryValueW

  RegEnumKeyW

  RegDeleteKeyW

  RegOpenKeyW

  RegQueryInfoKeyW

  RegEnumValueW

  RegEnumKeyExW

  RegSaveKeyW

  RegSetValueExW

  RegOpenCurrentUser

  RegOpenKeyExW

  QueryServiceStatusEx

  DuplicateToken

  ControlService

  StartServiceW

  DeleteService

  CreateServiceW

  OpenServiceW

  ChangeServiceConfigW

  ImpersonateLoggedOnUser

  RevertToSelf

  shell32

  ExtractIconExW

  CommandLineToArgvW

  ShellExecuteW

  comctl32

  ord17

  ImageList_ReplaceIcon

  ImageList_Destroy

  ImageList_Create

  shlwapi

  PathIsUNCW

  PathFindExtensionW

  PathStripToRootW

  PathFindFileNameW

  ole32

  CoCreateInstance

  CoUninitialize

  CoInitialize

  oleaut32

  VariantClear

  VariantInit

  VariantChangeType

  psapi

  EnumProcessModules

  GetModuleBaseNameA

  GetModuleFileNameExW

  Sections

  .text

  Size: 260KB - Virtual size: 258KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 88KB - Virtual size: 87KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 12KB - Virtual size: 28KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 524KB - Virtual size: 520KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ