5ba8182417d0f72ff509b22c0e20110d856321f754e69b7f299d497d73704bb3[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

5ba8182417d0f72ff509b22c0e20110d856321f754e69b7f299d497d73704bb3.exe
Size

6.6MB
MD5

2c337ec80626ce49ca4380ead23aedf6
SHA1

a840d90efe74a00daec2b4470f09a4836e23f308
SHA256

5ba8182417d0f72ff509b22c0e20110d856321f754e69b7f299d497d73704bb3
SHA512

ba2b0c66921a6573f00360f997c1448adc537494cda094590e819825ad3f2d8f6e803f035a8a5cd3eb1dbefabfdda6adb33b9415e3ad4e90c15a27179c70d588
SSDEEP

98304:kAJxhy+cH2ZWB+H4GSMt8Cex42YztzAcQXvVqBIEfCIdA2hrEKVQZ0YRORflPiYk:k8xJWKlex4pxAHXUBIEfrYH0eOR0CAik

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/$PLUGINSDIR/NSISPlugin.dll

NSIS installer 2 IoCs

installer

resource	yara_rule
sample	nsis_installer_1
sample	nsis_installer_2

Files

5ba8182417d0f72ff509b22c0e20110d856321f754e69b7f299d497d73704bb3.exe
.exe windows:4 windows x86 arch:x86

06d235e1d95999f62a9f41eec8fe85b5

Code Sign

0e:33:12:30:52:5a:25:a7:f8:10:e5:34:88:b0:aa:40
Certificate

Issuer

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

25/11/2020, 00:00

Not After

22/02/2024, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,O=Tencent Technology(Shenzhen) Company Limited,L=Shenzhen,ST=Guangdong Province,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0f:a8:49:06:15:d7:00:a0:be:21:76:fd:c5:ec:6d:bd
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

11/02/2011, 12:00

Not After

10/02/2026, 12:00

Subject

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:a7:f6:86:bc:40:35:4a:70:f2:c2:97:c1:31:5e:f6
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

25/11/2020, 00:00

Not After

22/02/2024, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,O=Tencent Technology(Shenzhen) Company Limited,L=Shenzhen,ST=Guangdong Province,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

cf:59:db:fe:54:ed:86:1f:e6:f8:10:f1:d7:0f:c2:de:d6:f9:7e:1a:0a:f6:2f:d3:df:7c:8c:0f:b7:fe:08:09
Signer

Actual PE Digest

cf:59:db:fe:54:ed:86:1f:e6:f8:10:f1:d7:0f:c2:de:d6:f9:7e:1a:0a:f6:2f:d3:df:7c:8c:0f:b7:fe:08:09

Digest Algorithm

sha256

PE Digest Matches

true

3e:f1:ae:d6:a4:c9:34:e7:9a:15:ab:45:ca:8b:ab:be:bd:dc:d6:bf
Signer

Actual PE Digest

3e:f1:ae:d6:a4:c9:34:e7:9a:15:ab:45:ca:8b:ab:be:bd:dc:d6:bf

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegEnumValueA
RegEnumKeyA
RegQueryValueExA
RegSetValueExA
RegCloseKey
RegDeleteValueA
RegDeleteKeyA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegOpenKeyExA
RegCreateKeyExA

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
SHFileOperationA
ShellExecuteExA

ole32

OleUninitialize
OleInitialize
IIDFromString
CoCreateInstance
CoTaskMemFree

comctl32

ImageList_Destroy
ord17
ImageList_AddMasked
ImageList_Create

user32

GetDlgItemTextA
SetDlgItemTextA
GetSystemMetrics
CreatePopupMenu
AppendMenuA
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
IsWindowVisible
CallWindowProcA
GetMessagePos
IsDlgButtonChecked
GetAsyncKeyState
CheckDlgButton
LoadCursorA
SetCursor
GetSysColor
SetWindowPos
GetWindowLongA
IsWindowEnabled
SetClassLongA
GetSystemMenu
EnableMenuItem
GetWindowRect
ScreenToClient
EndDialog
RegisterClassA
SystemParametersInfoA
GetClassInfoA
DialogBoxParamA
CharNextA
ExitWindowsEx
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
ShowWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
ReleaseDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
PeekMessageA
DispatchMessageA
wvsprintfA
CharPrevA
CreateWindowExA
MessageBoxIndirectA
TrackPopupMenu

gdi32

GetDeviceCaps
SetBkColor
SelectObject
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor

kernel32

CreateProcessA
RemoveDirectoryA
GetTempFileNameA
CreateDirectoryA
CreateThread
GlobalLock
GlobalUnlock
GetDiskFreeSpaceA
lstrcpynA
SetErrorMode
GetVersionExA
lstrlenA
GetCommandLineA
GetTempPathA
GetWindowsDirectoryA
SetEnvironmentVariableA
ExitProcess
CopyFileA
WriteFile
ReadFile
GetModuleFileNameA
GetFileSize
CreateFileA
GetTickCount
Sleep
SetFileAttributesA
GetFileAttributesA
SetCurrentDirectoryA
GetLastError
MoveFileA
GetFullPathNameA
GetShortPathNameA
SearchPathA
CompareFileTime
SetFileTime
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
GetModuleHandleA
LoadLibraryExA
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
MulDiv
lstrcpyA
MoveFileExA
lstrcatA
WideCharToMultiByte
GetSystemDirectoryA
GetProcAddress
GetExitCodeProcess
WaitForSingleObject
GetCurrentProcess

Sections

.text
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 40KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 201KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/NSISPlugin.dll
.dll windows:4 windows x86 arch:x86

113bfc7886d2a6fb29af8c5aceec28e5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FindNextFileW
FindFirstFileW
MoveFileW
lstrlenA
MultiByteToWideChar
LeaveCriticalSection
EnterCriticalSection
MoveFileExW
SetFileAttributesW
GetModuleFileNameW
FreeLibrary
GetProcAddress
LoadLibraryW
DeleteFileA
WritePrivateProfileStringW
GetVolumeInformationW
GetVersionExW
GetCurrentProcessId
SystemTimeToFileTime
GetCurrentDirectoryW
LocalFileTimeToFileTime
CreateDirectoryW
SetFileTime
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalSize
LockResource
FindClose
SizeofResource
SetFileAttributesA
CopyFileA
FindFirstFileA
FindNextFileA
CreateFileA
CreateEventA
GetFullPathNameA
CreateThread
ResetEvent
SetEvent
TerminateThread
DeleteCriticalSection
InitializeCriticalSection
OutputDebugStringA
VirtualAlloc
VirtualFree
GlobalFree
lstrcpyW
lstrcpynW
SleepEx
GetTickCount
GetSystemTimeAsFileTime
LoadLibraryA
SetEndOfFile
Process32Next
Process32First
GetSystemInfo
CreateProcessW
GetDiskFreeSpaceExW
GetPrivateProfileIntW
GetPrivateProfileStringW
GetFileAttributesW
DeleteFileW
WideCharToMultiByte
lstrlenW
TerminateProcess
WaitForSingleObject
GetLogicalDriveStringsW
QueryDosDeviceW
OutputDebugStringW
CreateToolhelp32Snapshot
Process32FirstW
OpenProcess
Process32NextW
OpenFileMappingW
MapViewOfFile
UnmapViewOfFile
GetLastError
CreateFileW
CloseHandle
WriteFile
SetFilePointer
GetFileSize
LoadResource
ReadFile
GetVersionExA
GetLocalTime
Module32First
LockFile
LockFileEx
UnlockFile
UnlockFileEx
FlushFileBuffers
CreateDirectoryA
GenerateConsoleCtrlEvent
ExitProcess
GetFileAttributesA

user32

CharUpperW
SendMessageW
FindWindowW
KillTimer
SetTimer
GetDlgItem
FindWindowExW
ShowWindow
BringWindowToTop
CreateWindowExW
RegisterClassW
LoadCursorW
UnregisterClassW
DestroyWindow
IsWindow
DefWindowProcW
GetUpdateRect
wsprintfW
GetDC
GetWindowInfo
EnableMenuItem
GetSystemMenu
CallWindowProcW
ReleaseDC
GetIconInfo
DrawTextW
LoadIconW

gdi32

CombineRgn
CreateFontIndirectW
SetTextColor
SetBkMode
StretchDIBits
RectVisible
CreateBitmap
SetBkColor
StretchBlt
GetClipBox
CreateRectRgnIndirect
ExtSelectClipRgn
SetStretchBltMode
SetDIBitsToDevice
DeleteObject
GetObjectW
RealizePalette
GetDIBits
CreateDIBSection
DeleteDC
CreateDIBitmap
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
BitBlt
GetStockObject
CreateRectRgn

psapi

GetProcessImageFileNameW
GetModuleFileNameExW

msvcrt

_CxxThrowException
swprintf
_CIpow
div
_CIacos
_CIfmod
longjmp
_setjmp3
__CxxLongjmpUnwind
printf
isprint
strncmp
abort
sprintf
gmtime
strtod
sscanf
getenv
_mbsnbicmp
_mbsnbcpy
_mbsnbcat
_mbslwr
floor
memmove
_mbsicmp
_mbsnbcmp
remove
_rmdir
_access
_mbsrchr
_mkdir
_mbschr
_assert
vsprintf
_msize
rand
srand
_snprintf
_except_handler3
?terminate@@YAXXZ
__dllonexit
_onexit
_initterm
_adjust_fdiv
??1type_info@@UAE@XZ
realloc
strlen
strcmp
calloc
toupper
strcat
malloc
free
fgetc
fwscanf
_wcsupr
wcscmp
wcstok
wcsstr
time
localtime
fseek
strncpy
wcscat
memcmp
_itow
_wtol
strcpy
wcsrchr
_wcsicmp
wcscpy
_snwprintf
_ftol
_wcsnicmp
_wtoi
wcschr
fputc
fflush
fwrite
fread
fopen
__CxxFrameHandler
_purecall
_vsnwprintf
_wcslwr
wcsncat
wcslen
wcsncpy
??3@YAXPAX@Z
_wfopen
fclose
_waccess
ftell
_vsnprintf
fprintf
atoi
strspn
__mb_cur_max
_isctype
_pctype
tolower
_iob
fwprintf
putc
getc
exit
memcpy
??2@YAPAXI@Z
memset
strchr
memchr
strstr
_errno
asctime
_lseeki64
_pipe
_popen
_pclose
_get_osfhandle
_fullpath
strrchr
signal
fscanf
_getcwd
_chdir
_stat
_fstat
strtol
atof
mbstowcs
setlocale
wcstombs
mktime
vfprintf
_utime
_close
_open
_strdup
_stricmp
wcsftime
_strnicmp

mfc42u

ord6066
ord6130
ord4125
ord2859
ord668
ord4053
ord2773
ord2762
ord356
ord640
ord1633
ord323
ord6132

msvcp60

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
??Mstd@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
??0_Lockit@std@@QAE@XZ
??1_Lockit@std@@QAE@XZ
??Hstd@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@ABV10@G@Z
?find@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIPBGI@Z
?npos@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@2IB
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV01@@Z
?_Eos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
??A?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEABGI@Z
??Hstd@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@ABV10@PBG@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV?$allocator@G@1@@Z
??4?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@PBG@Z
?substr@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBE?AV12@II@Z
??4?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@ABV01@@Z
??Y?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@PBG@Z
?c_str@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEPBGXZ
??1?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBGABV?$allocator@G@1@@Z
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
??Mstd@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?_Split@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?_Xran@std@@YAXXZ
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?compare@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEHIIPBDI@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$allocator@D@1@@Z
?_Copy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?_Xlen@std@@YAXXZ
?size@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIXZ
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z

ws2_32

inet_addr
select
ntohs
__WSAFDIsSet
ntohl
inet_ntoa
htons
gethostbyname
WSAStartup
WSACleanup
socket
setsockopt
ioctlsocket
listen
bind
WSAGetLastError
connect
accept
closesocket
send
recv
getsockopt
htonl

shlwapi

PathFileExistsW
StrTrimW

wininet

InternetOpenW
InternetOpenUrlW
InternetCloseHandle

ole32

CoInitialize
CoCreateInstance
CoUninitialize

winmm

timeKillEvent
timeBeginPeriod
timeGetDevCaps
timeSetEvent

Exports

Exports

??0CxExifInfo@CxImageJPG@@QAE@PAUtag_ExifInfo@1@@Z
??0CxFile@@QAE@ABV0@@Z
??0CxFile@@QAE@XZ
??0CxIOFile@@QAE@ABV0@@Z
??0CxIOFile@@QAE@PAU_iobuf@@@Z
??0CxImage@@QAE@ABV0@_N11@Z
??0CxImage@@QAE@K@Z
??0CxImage@@QAE@KKKK@Z
??0CxImage@@QAE@PAEKK@Z
??0CxImage@@QAE@PAU_iobuf@@K@Z
??0CxImage@@QAE@PAVCxFile@@K@Z
??0CxImage@@QAE@PBGK@Z
??0CxImageGIF@@QAE@ABV0@@Z
??0CxImageGIF@@QAE@XZ
??0CxImageJPG@@QAE@ABV0@@Z
??0CxImageJPG@@QAE@XZ
??0CxMemFile@@QAE@ABV0@@Z
??0CxMemFile@@QAE@PAEK@Z
??0CxPoint2@@QAE@ABV0@@Z
??0CxPoint2@@QAE@MM@Z
??0CxPoint2@@QAE@XZ
??0CxRect2@@QAE@ABV0@@Z
??0CxRect2@@QAE@MMMM@Z
??0CxRect2@@QAE@XZ
??1CxExifInfo@CxImageJPG@@QAE@XZ
??1CxFile@@UAE@XZ
??1CxIOFile@@UAE@XZ
??1CxImage@@UAE@XZ
??1CxImageGIF@@UAE@XZ
??1CxImageJPG@@UAE@XZ
??1CxMemFile@@UAE@XZ
??4CxExifInfo@CxImageJPG@@QAEAAV01@ABV01@@Z
??4CxFile@@QAEAAV0@ABV0@@Z
??4CxIOFile@@QAEAAV0@ABV0@@Z
??4CxImage@@QAEAAV0@ABV0@@Z
??4CxImageGIF@@QAEAAV0@ABV0@@Z
??4CxImageJPG@@QAEAAV0@ABV0@@Z
??4CxMemFile@@QAEAAV0@ABV0@@Z
??4CxPoint2@@QAEAAV0@ABV0@@Z
??4CxRect2@@QAEAAV0@ABV0@@Z
??_7CxFile@@6B@
??_7CxIOFile@@6B@
??_7CxImage@@6B@
??_7CxImageGIF@@6B@
??_7CxImageJPG@@6B@
??_7CxMemFile@@6B@
??_FCxExifInfo@CxImageJPG@@QAEXXZ
??_FCxIOFile@@QAEXXZ
??_FCxImage@@QAEXXZ
??_FCxMemFile@@QAEXXZ
??_OCxImage@@QAEXABV0@@Z
?AddAveragingCont@CxImage@@IAEXABUtagRGBQUAD@@MAAM111@Z
?Alloc@CxMemFile@@IAEXK@Z
?AlphaClear@CxImage@@QAEXXZ
?AlphaCopy@CxImage@@QAE_NAAV1@@Z
?AlphaCreate@CxImage@@QAEXXZ
?AlphaDelete@CxImage@@QAEXXZ
?AlphaFlip@CxImage@@QAE_NXZ
?AlphaGet@CxImage@@QAEEJJ@Z
?AlphaGetMax@CxImage@@QBEEXZ
?AlphaGetPointer@CxImage@@QAEPAEJJ@Z
?AlphaInvert@CxImage@@QAEXXZ
?AlphaIsValid@CxImage@@QAE_NXZ
?AlphaMirror@CxImage@@QAE_NXZ
?AlphaPaletteClear@CxImage@@QAEXXZ
?AlphaPaletteEnable@CxImage@@QAEX_N@Z
?AlphaPaletteIsEnabled@CxImage@@QAE_NXZ
?AlphaPaletteIsValid@CxImage@@QAE_NXZ
?AlphaPaletteSplit@CxImage@@QAE_NPAV1@@Z
?AlphaSet@CxImage@@QAEXABJ0ABE@Z
?AlphaSet@CxImage@@QAEXE@Z
?AlphaSet@CxImage@@QAE_NAAV1@@Z
?AlphaSetMax@CxImage@@QAEXE@Z
?AlphaSplit@CxImage@@QAE_NPAV1@@Z
?AlphaStrip@CxImage@@QAEXXZ
?Bitfield2RGB@CxImage@@IAEXPAEGGGE@Z
?BlendPalette@CxImage@@QAEXKJ@Z
?BlendPixelColor@CxImage@@QAEXJJUtagRGBQUAD@@M_N@Z
?BlindAlphaGet@CxImage@@IAEEJJ@Z
?BlindGetPixelColor@CxImage@@IAE?AUtagRGBQUAD@@JJ@Z
?BlindGetPixelIndex@CxImage@@IAEEJJ@Z
?BlindGetPixelPointer@CxImage@@IAEPAXJJ@Z
?Center@CxRect2@@QBE?AVCxPoint2@@XZ
?CircleTransform@CxImage@@QAE_NHJM@Z
?Clear@CxImage@@QAEXE@Z
?Close@CxIOFile@@UAE_NXZ
?Close@CxMemFile@@UAE_NXZ
?CompareColors@CxImage@@KAHPBX0@Z
?ConvertAnyFormat@CxExifInfo@CxImageJPG@@IAENPAXH@Z
?Copy@CxImage@@QAEXABV1@_N11@Z
?CopyInfo@CxImage@@IAEXABV1@@Z
?CopyToHandle@CxImage@@QAEPAXXZ
?Create@CxImage@@QAEPAXKKKK@Z
?CreateFromArray@CxImage@@QAE_NPAEKKKK_N@Z
?CreateFromHANDLE@CxImage@@QAE_NPAX@Z
?CreateFromHBITMAP@CxImage@@QAE_NPAUHBITMAP__@@PAUHPALETTE__@@@Z
?CreateFromHICON@CxImage@@QAE_NPAUHICON__@@@Z
?CreateFromMatrix@CxImage@@QAE_NPAPAEKKKK_N@Z
?Crop@CxImage@@QAE_NABUtagRECT@@PAV1@@Z
?Crop@CxImage@@QAE_NJJJJPAV1@@Z
?CropRotatedRectangle@CxImage@@QAE_NJJJJMPAV1@@Z
?CrossSection@CxRect2@@QBE?AV1@ABV1@@Z
?Decode@CxImage@@QAE_NPAEKK@Z
?Decode@CxImage@@QAE_NPAU_iobuf@@K@Z
?Decode@CxImage@@QAE_NPAVCxFile@@K@Z
?Decode@CxImageGIF@@QAE_NPAU_iobuf@@@Z
?Decode@CxImageGIF@@QAE_NPAVCxFile@@@Z
?Decode@CxImageJPG@@QAE_NPAU_iobuf@@@Z
?Decode@CxImageJPG@@QAE_NPAVCxFile@@@Z
?DecodeExif@CxExifInfo@CxImageJPG@@QAE_NPAVCxFile@@H@Z
?DecodeExif@CxImageJPG@@QAE_NPAU_iobuf@@@Z
?DecodeExif@CxImageJPG@@QAE_NPAVCxFile@@@Z
?DecodeExtension@CxImageGIF@@IAE_NPAVCxFile@@@Z
?DecreaseBpp@CxImage@@QAE_NK_NPAUtagRGBQUAD@@K@Z
?Destroy@CxImage@@QAE_NXZ
?DiscardAllButExif@CxExifInfo@CxImageJPG@@QAEXXZ
?Distance@CxPoint2@@QAEMMM@Z
?Distance@CxPoint2@@QAEMV1@@Z
?Dither@CxImage@@QAE_NJ@Z
?Draw2@CxImage@@QAEJPAUHDC__@@ABUtagRECT@@@Z
?Draw2@CxImage@@QAEJPAUHDC__@@JJJJ@Z
?Draw@CxImage@@QAEJPAUHDC__@@ABUtagRECT@@PAU3@_N@Z
?Draw@CxImage@@QAEJPAUHDC__@@JJJJPAUtagRECT@@_N@Z
?DrawLine@CxImage@@QAEXHHHHK@Z
?DrawLine@CxImage@@QAEXHHHHUtagRGBQUAD@@_N@Z
?DrawString@CxImage@@QAEJPAUHDC__@@JJPBGUtagRGBQUAD@@1JJEE_N@Z
?DrawStringEx@CxImage@@QAEJPAUHDC__@@JJPAUtagCxTextInfo@1@_N@Z
?Enable@CxImage@@QAEX_N@Z
?Encode2RGBA@CxImage@@QAE_NAAPAEAAJ@Z
?Encode2RGBA@CxImage@@QAE_NPAVCxFile@@@Z
?Encode@CxImage@@QAE_NAAPAEAAJK@Z
?Encode@CxImage@@QAE_NPAU_iobuf@@K@Z
?Encode@CxImage@@QAE_NPAU_iobuf@@PAPAV1@HK@Z
?Encode@CxImage@@QAE_NPAVCxFile@@K@Z
?Encode@CxImage@@QAE_NPAVCxFile@@PAPAV1@HK@Z
?Encode@CxImageGIF@@QAE_NPAU_iobuf@@@Z
?Encode@CxImageGIF@@QAE_NPAU_iobuf@@PAPAVCxImage@@H_N@Z
?Encode@CxImageGIF@@QAE_NPAVCxFile@@@Z
?Encode@CxImageGIF@@QAE_NPAVCxFile@@PAPAVCxImage@@H_N@Z
?Encode@CxImageJPG@@QAE_NPAU_iobuf@@@Z
?Encode@CxImageJPG@@QAE_NPAVCxFile@@@Z
?EncodeBody@CxImageGIF@@IAEXPAVCxFile@@_N@Z
?EncodeComment@CxImageGIF@@IAEXPAVCxFile@@@Z
?EncodeExif@CxExifInfo@CxImageJPG@@QAE_NPAVCxFile@@@Z
?EncodeExtension@CxImageGIF@@IAEXPAVCxFile@@@Z
?EncodeHeader@CxImageGIF@@IAEXPAVCxFile@@@Z
?EncodeLoopExtension@CxImageGIF@@IAEXPAVCxFile@@@Z
?EncodeRGB@CxImageGIF@@IAE_NPAVCxFile@@@Z
?EncodeSafeCheck@CxImage@@IAE_NPAVCxFile@@@Z
?Eof@CxIOFile@@UAE_NXZ
?Eof@CxMemFile@@UAE_NXZ
?Error@CxIOFile@@UAEJXZ
?Error@CxMemFile@@UAEJXZ
?Expand@CxImage@@QAE_NJJJJUtagRGBQUAD@@PAV1@@Z
?Expand@CxImage@@QAE_NJJUtagRGBQUAD@@PAV1@@Z
?FindSection@CxExifInfo@CxImageJPG@@IAEPAXH@Z
?Flip@CxImage@@QAE_NXZ
?Flush@CxIOFile@@UAE_NXZ
?Flush@CxMemFile@@UAE_NXZ
?Free@CxMemFile@@IAEXXZ
?FreeMemory@CxImage@@QAEXPAX@Z
?Get16m@CxExifInfo@CxImageJPG@@IAEHPAX@Z
?Get16u@CxExifInfo@CxImageJPG@@IAEHPAX@Z
?Get32s@CxExifInfo@CxImageJPG@@IAEJPAX@Z
?Get32u@CxExifInfo@CxImageJPG@@IAEKPAX@Z
?GetAreaColorInterpolated@CxImage@@QAE?AUtagRGBQUAD@@MMMMW4InterpolationMethod@1@W4OverflowMethod@1@QAU2@@Z
?GetBits@CxImage@@QAEPAEK@Z
?GetBpp@CxImage@@QBEGXZ
?GetBuffer@CxMemFile@@QAEPAE_N@Z
?GetC@CxIOFile@@UAEJXZ
?GetC@CxMemFile@@UAEJXZ
?GetClrImportant@CxImage@@QBEKXZ
?GetCodecOption@CxImage@@QAEKK@Z
?GetColorType@CxImage@@QAEEXZ
?GetComment@CxImageGIF@@QAEXPAD@Z
?GetDIB@CxImage@@QBEPAXXZ
?GetDisposalMethod@CxImageGIF@@QAEJXZ
?GetEffWidth@CxImage@@QBEKXZ
?GetEscape@CxImage@@QBEJXZ
?GetFlags@CxImage@@QBEKXZ
?GetFrame@CxImage@@QBEJXZ
?GetFrameDelay@CxImage@@QBEKXZ
?GetHeight@CxImage@@QBEKXZ
?GetJpegQuality@CxImage@@QBEEXZ
?GetJpegScale@CxImage@@QBEEXZ
?GetLastError@CxImage@@QAEPBDXZ
?GetLoops@CxImageGIF@@QAEJXZ
?GetNearestIndex@CxImage@@QAEEUtagRGBQUAD@@@Z
?GetNumColors@CxImage@@QBEKXZ
?GetNumFrames@CxImage@@QBEJXZ
?GetOffset@CxImage@@QAEXPAJ0@Z
?GetPalette@CxImage@@QBEPAUtagRGBQUAD@@XZ
?GetPaletteColor@CxImage@@QAE?AUtagRGBQUAD@@E@Z
?GetPaletteColor@CxImage@@QAE_NEPAE00@Z
?GetPaletteSize@CxImage@@QAEKXZ
?GetPixelColor@CxImage@@QAE?AUtagRGBQUAD@@JJ_N@Z
?GetPixelColorInterpolated@CxImage@@QAE?AUtagRGBQUAD@@MMW4InterpolationMethod@1@W4OverflowMethod@1@QAU2@@Z
?GetPixelColorWithOverflow@CxImage@@QAE?AUtagRGBQUAD@@JJW4OverflowMethod@1@QAU2@@Z
?GetPixelGray@CxImage@@QAEEJJ@Z
?GetPixelIndex@CxImage@@QAEEJJ@Z
?GetProgress@CxImage@@QBEJXZ
?GetSize@CxImage@@QAEJXZ
?GetTransColor@CxImage@@QAE?AUtagRGBQUAD@@XZ
?GetTransIndex@CxImage@@QBEJXZ
?GetType@CxImage@@QBEKXZ
?GetVersion@CxImage@@QAEPBGXZ
?GetVersionNumber@CxImage@@QAE?BMXZ
?GetWidth@CxImage@@QBEKXZ
?GetXDPI@CxImage@@QBEJXZ
?GetYDPI@CxImage@@QBEJXZ
?Ghost@CxImage@@IAEXPAV1@@Z
?GifMix@CxImageGIF@@IAEXAAVCxImage@@AAUtag_image@1@@Z
?GifNextPixel@CxImageGIF@@IAEHXZ
?GrayScale@CxImage@@QAE_NXZ
?Height@CxRect2@@QBEMXZ
?IncreaseBpp@CxImage@@QAE_NK@Z
?InitTextInfo@CxImage@@QAEXPAUtagCxTextInfo@1@@Z
?IsEnabled@CxImage@@QBE_NXZ
?IsGrayScale@CxImage@@QAE_NXZ
?IsIndexed@CxImage@@QBE_NXZ
?IsInside@CxImage@@QAE_NJJ@Z
?IsSamePalette@CxImage@@QAE_NAAV1@_N@Z
?IsTransparent@CxImage@@QAE_NJJ@Z
?IsTransparent@CxImage@@QBE_NXZ
?IsValid@CxImage@@QBE_NXZ
?JApplyPatch@@YAHPBG00HH@Z
?KernelBSpline@CxImage@@SAMM@Z
?KernelBessel@CxImage@@SAMM@Z
?KernelBessel_J1@CxImage@@SAMM@Z
?KernelBessel_Order1@CxImage@@SAMM@Z
?KernelBessel_P1@CxImage@@SAMM@Z
?KernelBessel_Q1@CxImage@@SAMM@Z
?KernelBlackman@CxImage@@SAMM@Z
?KernelBox@CxImage@@SAMM@Z
?KernelCatrom@CxImage@@SAMM@Z
?KernelCubic@CxImage@@SAMM@Z
?KernelGaussian@CxImage@@SAMM@Z
?KernelGeneralizedCubic@CxImage@@SAMMM@Z
?KernelHamming@CxImage@@SAMM@Z
?KernelHermite@CxImage@@SAMM@Z
?KernelLanczosSinc@CxImage@@SAMMM@Z
?KernelLinear@CxImage@@SAMM@Z
?KernelMitchell@CxImage@@SAMM@Z
?KernelQuadratic@CxImage@@SAMM@Z
?KernelSinc@CxImage@@SAMM@Z
?Load@CxImage@@QAE_NPBGK@Z
?LoadBuffer@CxImage@@QAE_NPBXIK@Z
?LoadResource@CxImage@@QAE_NPAUHRSRC__@@KPAUHINSTANCE__@@@Z
?MakeBitmap@CxImage@@QAEPAUHBITMAP__@@PAUHDC__@@@Z
?Mirror@CxImage@@QAE_NXZ
?Negative@CxImage@@QAE_NXZ
?Open@CxIOFile@@QAE_NPBD0@Z
?Open@CxMemFile@@QAE_NXZ
?OverflowCoordinates@CxImage@@QAEXAAJ0W4OverflowMethod@1@@Z
?OverflowCoordinates@CxImage@@QAEXAAM0W4OverflowMethod@1@@Z
?ProcessExifDir@CxExifInfo@CxImageJPG@@IAE_NPAE0IQAUtag_ExifInfo@2@QAPAE@Z
?PutC@CxFile@@UAE_NE@Z
?PutC@CxIOFile@@UAE_NE@Z
?PutC@CxMemFile@@UAE_NE@Z
?Putword@CxImageGIF@@IAEXHPAVCxFile@@@Z
?QIShrink@CxImage@@QAE_NJJQAV1@@Z
?RGBQUADtoRGB@CxImage@@SAKUtagRGBQUAD@@@Z
?RGBtoBGR@CxImage@@IAEXPAEH@Z
?RGBtoRGBQUAD@CxImage@@SA?AUtagRGBQUAD@@K@Z
?Read@CxIOFile@@UAEIPAXII@Z
?Read@CxMemFile@@UAEIPAXII@Z
?Resample2@CxImage@@QAE_NJJW4InterpolationMethod@1@W4OverflowMethod@1@QAV1@_N@Z
?Resample@CxImage@@QAE_NJJHPAV1@@Z
?Rotate180@CxImage@@QAE_NPAV1@@Z
?Rotate2@CxImage@@QAE_NMPAV1@W4InterpolationMethod@1@W4OverflowMethod@1@PAUtagRGBQUAD@@_N4@Z
?Rotate@CxImage@@QAE_NMPAV1@@Z
?RotateLeft@CxImage@@QAE_NPAV1@@Z
?RotateRight@CxImage@@QAE_NPAV1@@Z
?Save@CxImage@@QAE_NPBGK@Z
?Seek@CxIOFile@@UAE_NJH@Z
?Seek@CxMemFile@@UAE_NJH@Z
?SelectionAddColor@CxImage@@QAE_NUtagRGBQUAD@@@Z
?SelectionAddEllipse@CxImage@@QAE_NUtagRECT@@@Z
?SelectionAddPixel@CxImage@@QAE_NHH@Z
?SelectionAddPolygon@CxImage@@QAE_NPAUtagPOINT@@J@Z
?SelectionAddRect@CxImage@@QAE_NUtagRECT@@@Z
?SelectionClear@CxImage@@QAE_NXZ
?SelectionCopy@CxImage@@QAE_NAAV1@@Z
?SelectionCreate@CxImage@@QAE_NXZ
?SelectionDelete@CxImage@@QAE_NXZ
?SelectionGetBox@CxImage@@QAEXAAUtagRECT@@@Z
?SelectionInvert@CxImage@@QAE_NXZ
?SelectionIsInside@CxImage@@QAE_NJJ@Z
?SelectionIsValid@CxImage@@QAE_NXZ
?SelectionSplit@CxImage@@QAE_NPAV1@@Z
?SelectionToHRGN@CxImage@@QAE_NAAPAUHRGN__@@@Z
?SetBuffer@CxMemFile@@QAEXPAEK@Z
?SetClrImportant@CxImage@@QAEXK@Z
?SetCodecOption@CxImage@@QAE_NKK@Z
?SetComment@CxImageGIF@@QAEXPBD@Z
?SetDisposalMethod@CxImageGIF@@QAEXH@Z
?SetEscape@CxImage@@QAEXJ@Z
?SetFlags@CxImage@@QAEXK_N@Z
?SetFrame@CxImage@@QAEXJ@Z
?SetFrameDelay@CxImage@@QAEXK@Z
?SetGrayPalette@CxImage@@QAEXXZ
?SetJpegQuality@CxImage@@QAEXE@Z
?SetJpegScale@CxImage@@QAEXE@Z
?SetLoops@CxImageGIF@@QAEXH@Z
?SetOffset@CxImage@@QAEXJJ@Z
?SetPalette@CxImage@@QAEXKPAE00@Z
?SetPalette@CxImage@@QAEXPAUrgb_color@1@K@Z
?SetPalette@CxImage@@QAEXPAUtagRGBQUAD@@K@Z
?SetPaletteColor@CxImage@@QAEXEEEEE@Z
?SetPaletteColor@CxImage@@QAEXEK@Z
?SetPaletteColor@CxImage@@QAEXEUtagRGBQUAD@@@Z
?SetPixelColor@CxImage@@QAEXJJK@Z
?SetPixelColor@CxImage@@QAEXJJUtagRGBQUAD@@_N@Z
?SetPixelIndex@CxImage@@QAEXJJE@Z
?SetProgress@CxImage@@QAEXJ@Z
?SetStdPalette@CxImage@@QAEXXZ
?SetTransColor@CxImage@@QAEXUtagRGBQUAD@@@Z
?SetTransIndex@CxImage@@QAEXJ@Z
?SetXDPI@CxImage@@QAEXJ@Z
?SetYDPI@CxImage@@QAEXJ@Z
?Size@CxIOFile@@UAEJXZ
?Size@CxMemFile@@UAEJXZ
?Skew@CxImage@@QAE_NMMJJ_N@Z
?Startup@CxImage@@IAEXK@Z
?Stretch@CxImage@@QAEJPAUHDC__@@ABUtagRECT@@1K@Z
?Stretch@CxImage@@QAEJPAUHDC__@@JJJJJJJJK@Z
?Surface@CxRect2@@QBEMXZ
?SwapIndex@CxImage@@QAEXEE@Z
?Tell@CxIOFile@@UAEJXZ
?Tell@CxMemFile@@UAEJXZ
?Thumbnail@CxImage@@QAE_NJJUtagRGBQUAD@@PAV1@@Z
?Tile@CxImage@@QAEJPAUHDC__@@PAUtagRECT@@@Z
?Transfer@CxImage@@QAE_NAAV1@@Z
?Width@CxRect2@@QBEMXZ
?Write@CxIOFile@@UAEIPBXII@Z
?Write@CxMemFile@@UAEIPBXII@Z
?char_out@CxImageGIF@@IAEXH@Z
?cl_hash@CxImageGIF@@IAEXJ@Z
?compressLZW@CxImageGIF@@IAEXHPAVCxFile@@@Z
?compressNONE@CxImageGIF@@IAEXHPAVCxFile@@@Z
?compressRLE@CxImageGIF@@IAEXHPAVCxFile@@@Z
?decoder@CxImageGIF@@IAEFPAVCxFile@@PAVCImageIterator@@FAAH@Z
?flush_char@CxImageGIF@@IAEXXZ
?get_byte@CxImageGIF@@IAEHPAVCxFile@@@Z
?get_next_code@CxImageGIF@@IAEFPAVCxFile@@@Z
?get_num_frames@CxImageGIF@@IAEHPAVCxFile@@PAUtag_TabCol@1@PAUtag_dscgif@1@@Z
?init_exp@CxImageGIF@@IAEFF@Z
?out_line@CxImageGIF@@IAEHPAVCImageIterator@@PAEH@Z
?output@CxImageGIF@@IAEXF@Z
?process_COM@CxExifInfo@CxImageJPG@@IAEXPBEH@Z
?process_EXIF@CxExifInfo@CxImageJPG@@IAE_NPAEI@Z
?process_SOFn@CxExifInfo@CxImageJPG@@IAEXPBEH@Z
?rle_block_flush@CxImageGIF@@IAEXPAUtag_RLE@1@@Z
?rle_block_out@CxImageGIF@@IAEXEPAUtag_RLE@1@@Z
?rle_clear@CxImageGIF@@IAEXPAUtag_RLE@1@@Z
?rle_compute_triangle_count@CxImageGIF@@IAEIII@Z
?rle_flush@CxImageGIF@@IAEXPAUtag_RLE@1@@Z
?rle_flush_clearorrep@CxImageGIF@@IAEXHPAUtag_RLE@1@@Z
?rle_flush_fromclear@CxImageGIF@@IAEXHPAUtag_RLE@1@@Z
?rle_flush_withtable@CxImageGIF@@IAEXHPAUtag_RLE@1@@Z
?rle_isqrt@CxImageGIF@@IAEII@Z
?rle_output@CxImageGIF@@IAEXHPAUtag_RLE@1@@Z
?rle_output_flush@CxImageGIF@@IAEXPAUtag_RLE@1@@Z
?rle_output_plain@CxImageGIF@@IAEXHPAUtag_RLE@1@@Z
?rle_reset_out_clear@CxImageGIF@@IAEXPAUtag_RLE@1@@Z
?rle_write_block@CxImageGIF@@IAEXPAUtag_RLE@1@@Z
?seek_next_image@CxImageGIF@@IAEJPAVCxFile@@J@Z
AdjustInstallDir
CheckFile
CheckOldNewFileMd5
CheckSpanFile
CheckTheFile
CreateNextSetup
DoOpterator
FormatInstallSpaceInfo
FormatLicText
GetGameName
GetIPV4
GetSYSVerison
GetVolumeFileSystemInfo
ICreateAESRWFilter
ICreateBuffer
ICreateBufferCache
ICreateCoderRWFilter
ICreateFileMapper
ICreateFileSysMgr
ICreateGeneralFileSys
ICreateHandleAlloc
ICreateLZMARWFilter
ICreateVFileSys
ICreateZlibRWFilter
IfDiskSpaceEnough
InitCheck
InitTpfManager
IsEqualFile
IsFilePaintable
IsForceShortCut
IsModuleExist
IsValidVersion
JApply
KillProcRunning
LaunchSetupByStrategy
MakeUpCmd
MegerXLP
MegerXLPC
MegerXLPCPro
MegerXLPCProWd
OpenURL
OutputString2DebugView
PaintBackGround
RegesterUserWnd
ReportInstallState
ReportType
ResetModuleName
RestartUpdate
SetBitMapToStatic
SetDiffList
SetError
SetINIValue
SetParentWindow
SetTmpDir
SgSetDeleteFile
SplitAdapterID
StopPaintBackGroud
TQosReport
UninstallReport
UpdateVFSWithPatch
VFSDefrag
VFSDeleteEnd
VFSDeleteOneFile
VFSDeleteStart
VFSUpdataFile
VFSUpdateFile
VerifyAndPatchVFS
VerifyAndPatchVFSEx
WriteString2Log

Sections

.text
Size: 820KB - Virtual size: 817KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
LogConfig.ini
Minidown.ini
WeGameMiniLoader.exe
.exe windows:5 windows x86 arch:x86

3469eeab8eaf789786a13521d4618667

Code Sign

0e:33:12:30:52:5a:25:a7:f8:10:e5:34:88:b0:aa:40
Certificate

Issuer

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

25/11/2020, 00:00

Not After

22/02/2024, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,O=Tencent Technology(Shenzhen) Company Limited,L=Shenzhen,ST=Guangdong Province,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0f:a8:49:06:15:d7:00:a0:be:21:76:fd:c5:ec:6d:bd
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

11/02/2011, 12:00

Not After

10/02/2026, 12:00

Subject

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:a7:f6:86:bc:40:35:4a:70:f2:c2:97:c1:31:5e:f6
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

25/11/2020, 00:00

Not After

22/02/2024, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,O=Tencent Technology(Shenzhen) Company Limited,L=Shenzhen,ST=Guangdong Province,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

5e:69:00:b7:44:13:8e:81:32:e3:b2:82:45:d0:8c:10:f2:ce:61:80:49:1d:57:fc:f7:e5:44:fd:a1:b2:61:a7
Signer

Actual PE Digest

5e:69:00:b7:44:13:8e:81:32:e3:b2:82:45:d0:8c:10:f2:ce:61:80:49:1d:57:fc:f7:e5:44:fd:a1:b2:61:a7

Digest Algorithm

sha256

PE Digest Matches

true

8c:59:b0:e8:63:59:e5:a0:3c:7b:91:f3:a7:41:1d:a7:5c:7f:f6:6f
Signer

Actual PE Digest

8c:59:b0:e8:63:59:e5:a0:3c:7b:91:f3:a7:41:1d:a7:5c:7f:f6:6f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

F:\miniloader\MiniLoader_WeGame_SwitchRepoDev\build\bin\Release\TGPMiniLoader\WeGameMiniLoader.pdb

Imports

kernel32

ConvertThreadToFiber
ConvertFiberToThread
GetModuleHandleExW
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetSystemTime
CreateFiber
DeleteFiber
SwitchToFiber
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
ReadConsoleW
ReadConsoleA
SetConsoleMode
GetConsoleMode
GetEnvironmentVariableW
VerifyVersionInfoA
LoadLibraryA
GetSystemDirectoryA
FormatMessageA
WaitForMultipleObjects
PeekNamedPipe
GetFileType
GetStdHandle
ExpandEnvironmentStringsA
SleepEx
lstrcmpiW
lstrcpynW
GlobalAlloc
SystemTimeToFileTime
LocalFileTimeToFileTime
FormatMessageW
MulDiv
GetACP
LockResource
SizeofResource
FreeResource
LoadResource
FindResourceW
GlobalUnlock
GlobalLock
lstrlenW
GetModuleFileNameA
GetDriveTypeW
GetModuleHandleA
GetExitCodeProcess
GetFileSize
Process32FirstW
Process32NextW
CreateToolhelp32Snapshot
OpenProcess
GetProcessId
FreeLibrary
LoadLibraryW
ExitProcess
GetCommandLineA
WritePrivateProfileStringW
VerifyVersionInfoW
VerSetConditionMask
ReleaseMutex
GetVersionExW
CreateMutexW
GetLocalTime
OutputDebugStringW
GetPrivateProfileStringW
LeaveCriticalSection
WriteFile
SetLastError
InterlockedIncrement
SetEvent
CreateThread
Sleep
SetFilePointer
ReadFile
WideCharToMultiByte
MultiByteToWideChar
GetFileTime
CopyFileW
SetFilePointerEx
GetCurrentDirectoryW
DeleteFileW
GetDiskFreeSpaceExW
GetFileAttributesExW
SetFileAttributesW
GetFileAttributesW
CreateFileW
FindClose
SetEndOfFile
DeviceIoControl
FindNextFileW
FindFirstFileW
CreateDirectoryW
GetTickCount
DeleteCriticalSection
DecodePointer
RaiseException
lstrcpyW
LocalFree
GetLastError
LocalAlloc
InterlockedDecrement
SetUnhandledExceptionFilter
VirtualQuery
GetModuleHandleW
CreateProcessW
WriteConsoleW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
IsValidCodePage
FindNextFileA
FindFirstFileExA
GetTimeZoneInformation
EnumSystemLocalesW
IsValidLocale
GetTimeFormatW
GetDateFormatW
GetConsoleCP
SetStdHandle
VirtualAlloc
GetSystemInfo
HeapQueryInformation
SetConsoleCtrlHandler
GetCommandLineW
FreeLibraryAndExitThread
ExitThread
RtlUnwind
GetProcessHeap
GetCurrentProcessId
VirtualAllocEx
GetProcAddress
GetCPInfo
LCMapStringW
SwitchToThread
QueryPerformanceFrequency
GetStringTypeW
InitializeSListHead
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
UnhandledExceptionFilter
WaitForSingleObjectEx
ResetEvent
GetUserDefaultLCID
GetTempFileNameW
GetProfileIntW
GetTempPathW
GetWindowsDirectoryW
FindResourceExW
SystemTimeToTzSpecificLocalTime
GetFileSizeEx
FileTimeToLocalFileTime
VirtualProtect
HeapAlloc
CloseHandle
CreateEventW
DuplicateHandle
GetCurrentThreadId
WaitForSingleObject
SetErrorMode
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
GetModuleFileNameW
TerminateProcess
GetCurrentProcess
GetUserDefaultUILanguage
GetLocaleInfoW
GlobalFlags
UnlockFile
LockFile
GetVolumeInformationW
GetFullPathNameW
FlushFileBuffers
GlobalFindAtomW
GlobalAddAtomW
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
GetSystemDirectoryW
EncodePointer
FileTimeToSystemTime
GlobalGetAtomNameW
lstrcmpA
CompareStringW
ResumeThread
SetThreadPriority
GlobalSize
LocalReAlloc
GlobalFree
GlobalHandle
GlobalReAlloc
HeapSize
HeapReAlloc
OutputDebugStringA
EnterCriticalSection
HeapFree
WriteProcessMemory
SearchPathW

user32

GetMenu
AdjustWindowRectEx
GetPropW
SetPropW
CallWindowProcW
GetClassInfoExW
RegisterClassW
LoadCursorW
GetSystemMetrics
GetParent
SetCapture
GetFocus
IsZoomed
DispatchMessageW
TranslateMessage
InvalidateRect
GetSysColor
ReleaseCapture
PtInRect
OffsetRect
MonitorFromWindow
GetMonitorInfoW
MapWindowPoints
IntersectRect
IsWindowVisible
UnionRect
SetCursor
GetUpdateRect
EndPaint
BeginPaint
SetFocus
GetWindow
GetActiveWindow
GetDC
ReleaseDC
CharNextW
GetKeyState
SetTimer
PostMessageW
ScreenToClient
RegisterClassExW
CreateWindowExW
ClientToScreen
GetCaretBlinkTime
CreatePopupMenu
AppendMenuW
EnableMenuItem
DestroyMenu
IsWindowEnabled
EqualRect
SetWindowTextW
GetWindowTextLengthW
GetWindowTextW
InvalidateRgn
CreateAcceleratorTableW
InflateRect
SetCaretPos
GetCaretPos
HideCaret
ShowCaret
CreateCaret
CharPrevW
SetRect
DrawTextW
FillRect
GetWindowRgn
UpdateLayeredWindow
MoveWindow
IsRectEmpty
MessageBoxW
KillTimer
LoadMenuW
GetWindowRect
SetWindowPos
ShowWindow
IsWindow
UpdateWindow
GetMessageW
CallNextHookEx
PeekMessageW
UnhookWindowsHookEx
SetWindowsHookExW
DestroyWindow
DefWindowProcW
SetForegroundWindow
FindWindowW
GetCursorPos
GetGUIThreadInfo
wsprintfA
DrawTextA
SetWindowRgn
MapVirtualKeyExW
LoadImageW
PostQuitMessage
GetClientRect
BringWindowToTop
GetSubMenu
GetWindowThreadProcessId
GetLastActivePopup
GetMenuStringW
GetMenuState
GetMenuItemID
GetMenuItemCount
InsertMenuW
RemoveMenu
ValidateRect
GetSysColorBrush
CheckMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoW
LoadBitmapW
GetMessagePos
GetMessageTime
GetClassInfoW
IsMenu
IsChild
SetWindowPlacement
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
GetDlgItem
GetDlgCtrlID
GetCapture
SetMenu
SetActiveWindow
GetForegroundWindow
RedrawWindow
ScrollWindow
SetScrollPos
GetScrollPos
SetScrollRange
GetScrollRange
ShowScrollBar
RemovePropW
CopyRect
GetClassLongW
GetClassNameW
GetTopWindow
LoadIconW
SetScrollInfo
GetScrollInfo
WinHelpW
CheckDlgButton
IsDialogMessageW
DestroyIcon
CharUpperW
GetDesktopWindow
RealChildWindowFromPoint
DrawTextExW
GrayStringW
TabbedTextOutW
GetWindowDC
GetMenuItemInfoW
SystemParametersInfoW
CopyImage
SendDlgItemMessageA
SetRectEmpty
CreateDialogIndirectParamW
EndDialog
GetNextDlgTabItem
GetAsyncKeyState
MapDialogRect
TrackMouseEvent
ShowOwnedPopups
DeleteMenu
GetNextDlgGroupItem
WindowFromPoint
DrawFocusRect
DrawIconEx
GetIconInfo
MessageBeep
EnableScrollBar
InvertRect
NotifyWinEvent
GetMenuDefaultItem
MapVirtualKeyW
SetLayeredWindowAttributes
EnumDisplayMonitors
SetClassLongW
SetParent
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
DrawStateW
DrawEdge
GetKeyboardLayout
GetSystemMenu
SetCursorPos
CopyIcon
FrameRect
DrawIcon
LoadAcceleratorsW
TranslateAcceleratorW
InsertMenuItemW
UnpackDDElParam
ReuseDDElParam
GetComboBoxInfo
WaitMessage
IsCharLowerW
ToUnicodeEx
GetKeyboardState
DestroyAcceleratorTable
CopyAcceleratorTableW
LockWindowUpdate
SetMenuDefaultItem
GetDoubleClickTime
ModifyMenuW
RegisterClipboardFormatW
CharUpperBuffW
IsClipboardFormatAvailable
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
SubtractRect
CreateMenu
DestroyCursor
TrackPopupMenu
GetWindowPlacement
MonitorFromPoint
PostThreadMessageW
RegisterWindowMessageW
GetWindowLongW
UnregisterClassW
SetWindowLongW
IsIconic
EnableWindow
DrawFrameControl
GetKeyNameTextW
GetUserObjectInformationW
GetProcessWindowStation
SendMessageW

gdi32

CopyMetaFileW
CreateDCW
CreateBitmap
CreateHatchBrush
Escape
ExcludeClipRect
PatBlt
SetBitmapBits
GetBitmapBits
GetTextExtentPointA
CreatePatternBrush
GdiFlush
TextOutW
GetTextExtentPoint32W
GetCharABCWidthsW
SetBkColor
SetTextColor
SetBkMode
GetObjectA
LineTo
MoveToEx
CreateSolidBrush
SetStretchBltMode
StretchBlt
CombineRgn
CreateRoundRectRgn
ExtSelectClipRgn
CreateRectRgnIndirect
GetClipBox
SelectClipRgn
PtInRegion
CreateRectRgn
CreateDIBSection
PlayEnhMetaFile
CreateCompatibleBitmap
GetDeviceCaps
GetEnhMetaFileHeader
GetObjectType
AddFontMemResourceEx
GetTextMetricsW
CloseEnhMetaFile
CreateEnhMetaFileW
SetWindowOrgEx
Rectangle
RestoreDC
BitBlt
SaveDC
SelectObject
CreateCompatibleDC
DeleteDC
RemoveFontMemResourceEx
DeleteObject
CreatePen
CreateFontIndirectW
GetStockObject
GetObjectW
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
PtVisible
RectVisible
SelectPalette
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
SetRectRgn
ExtTextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
OffsetViewportOrgEx
GetPixel
CreateDIBitmap
ScaleWindowExtEx
ScaleViewportExtEx
CreatePenIndirect
GetTextFaceW
GetViewportOrgEx
GetWindowOrgEx
SetPixelV
SetPaletteEntries
ExtFloodFill
GetBoundsRect
FrameRgn
FillRgn
RoundRect
OffsetRgn
GetRgnBox
LPtoDP
Polyline
Polygon
CreatePolygonRgn
GetTextColor
Ellipse
CreateEllipticRgn
SetDIBColorTable
SetPixel
GetTextCharsetInfo
EnumFontFamiliesW
GetBkColor
RealizePalette
GetSystemPaletteEntries
GetPaletteEntries
GetNearestPaletteIndex
CreatePalette
EnumFontFamiliesExW
DPtoLP
OffsetWindowOrgEx

advapi32

RegEnumKeyExW
RegDeleteKeyW
RegDeleteValueW
RegOpenKeyExW
RegSetValueExW
RegCreateKeyExW
RegCloseKey
RegQueryValueExW
RegOpenKeyW
MapGenericMask
DuplicateToken
GetFileSecurityW
OpenProcessToken
AccessCheck
AdjustTokenPrivileges
LookupPrivilegeValueW
DeregisterEventSource
RegisterEventSourceW
ReportEventW
CryptAcquireContextW
CryptReleaseContext
CryptGenRandom
CryptDestroyKey
CryptSetHashParam
CryptGetProvParam
CryptGetUserKey
CryptExportKey
CryptEnumProvidersW
CryptSignHashW
CryptDestroyHash
CryptCreateHash
CryptDecrypt

shell32

SHGetDesktopFolder
SHGetFileInfoW
SHGetSpecialFolderLocation
DragFinish
SHGetFolderPathW
DragQueryFileW
SHGetFolderLocation
SHGetPathFromIDListW
SHBrowseForFolderW
ShellExecuteExW
Shell_NotifyIconW
ShellExecuteW
SHAppBarMessage

ole32

IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
RevokeDragDrop
CoLockObjectExternal
OleGetClipboard
CoInitializeEx
CoDisconnectObject
CoTaskMemAlloc
CLSIDFromString
OleLockRunning
CreateStreamOnHGlobal
ReleaseStgMedium
RegisterDragDrop
DoDragDrop
OleDuplicateData
StringFromGUID2
CoCreateGuid
CLSIDFromProgID
CoCreateInstance
CoUninitialize
CoInitialize
CoTaskMemFree

oleaut32

SysFreeString
VariantChangeType
SysStringLen
SysAllocStringByteLen
SysStringByteLen
VariantInit
SysAllocStringLen
VarBstrFromDate
VariantClear
VariantCopy
LoadTypeLi
SystemTimeToVariantTime
VariantTimeToSystemTime
SysAllocString

msimg32

AlphaBlend
TransparentBlt

comctl32

_TrackMouseEvent
ord17
InitCommonControlsEx

shlwapi

PathGetDriveNumberW
PathFileExistsW
PathBuildRootW
PathFindFileNameW
PathIsUNCW
PathStripToRootW
PathFindExtensionW
PathRemoveFileSpecW
StrFormatKBSizeW
StrStrIW

uxtheme

IsAppThemed
GetThemePartSize
GetThemeSysColor
IsThemeBackgroundPartiallyTransparent
GetWindowTheme
DrawThemeText
DrawThemeParentBackground
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName

crypt32

CertOpenStore
CertDuplicateCertificateContext
CertCloseStore
CertFreeCertificateContext
CertEnumCertificatesInStore
CertGetCertificateContextProperty
CertFindCertificateInStore

gdiplus

GdipGetImageGraphicsContext
GdipGetImagePixelFormat
GdipGetImagePalette
GdipGetImagePaletteSize
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipDrawImageI
GdipCreateBitmapFromHBITMAP
GdipGetImageWidth
GdipGetPropertyItem
GdipDrawImageRectI
GdiplusShutdown
GdiplusStartup
GdipLoadImageFromStream
GdipFree
GdipAlloc
GdipCloneImage
GdipDisposeImage
GdipCreateFromHDC
GdipDeleteGraphics
GdipGetPropertyItemSize
GdipImageGetFrameCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameDimensionsCount
GdipGetImageHeight
GdipTranslateWorldTransform
GdipImageSelectActiveFrame
GdipDrawString
GdipMeasureString
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipSetStringFormatFlags
GdipSetStringFormatTrimming
GdipDeleteStringFormat
GdipStringFormatGetGenericTypographic
GdipCloneStringFormat
GdipSetInterpolationMode
GdipSetTextRenderingHint
GdipDeleteFont
GdipCreateFontFromLogfontA
GdipCreateFontFromDC
GdipDrawPath
ord1
GdipAddPathLine
GdipDeletePath
GdipCreatePath
GdipSetSmoothingMode
GdipDrawRectangleI
GdipSetPenMode
GdipDeletePen
GdipCreatePen1
GdipFillRectangleI
GdipCloneBrush
GdipDeleteBrush
GdipCreateSolidFill
GdipRotateWorldTransform

imm32

ImmReleaseContext
ImmSetCompositionWindow
ImmGetOpenStatus
ImmGetContext

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

winmm

PlaySoundW

ws2_32

ntohs
htons
getsockopt
getsockname
getpeername
connect
getaddrinfo
bind
send
recv
WSASetLastError
select
__WSAFDIsSet
socket
WSAGetLastError
WSACleanup
gethostname
gethostbyname
WSAStartup
ntohl
htonl
freeaddrinfo
accept
listen
recvfrom
ioctlsocket
getnameinfo
shutdown
setsockopt
closesocket
WSAIoctl
inet_addr
sendto

wldap32

ord22
ord41
ord50
ord60
ord211
ord46
ord217
ord143
ord301
ord200
ord30
ord27
ord79
ord35
ord33
ord32
ord26

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

Sections

.text
Size: 3.4MB - Virtual size: 3.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1019KB - Virtual size: 1019KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 84KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 202KB - Virtual size: 201KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 232KB - Virtual size: 231KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
bugreport.exe
.exe windows:4 windows x86 arch:x86

351eb3b8caab398f03a53a7730291d4c

Code Sign

0e:33:12:30:52:5a:25:a7:f8:10:e5:34:88:b0:aa:40
Certificate

Issuer

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

25/11/2020, 00:00

Not After

22/02/2024, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,O=Tencent Technology(Shenzhen) Company Limited,L=Shenzhen,ST=Guangdong Province,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0f:a8:49:06:15:d7:00:a0:be:21:76:fd:c5:ec:6d:bd
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

11/02/2011, 12:00

Not After

10/02/2026, 12:00

Subject

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:a7:f6:86:bc:40:35:4a:70:f2:c2:97:c1:31:5e:f6
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

25/11/2020, 00:00

Not After

22/02/2024, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,O=Tencent Technology(Shenzhen) Company Limited,L=Shenzhen,ST=Guangdong Province,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

96:1d:92:e2:28:ee:82:0c:58:3f:11:76:dc:9a:fb:ae:db:a1:dd:24:5a:3e:60:56:40:75:c9:9d:ab:47:ed:3f
Signer

Actual PE Digest

96:1d:92:e2:28:ee:82:0c:58:3f:11:76:dc:9a:fb:ae:db:a1:dd:24:5a:3e:60:56:40:75:c9:9d:ab:47:ed:3f

Digest Algorithm

sha256

PE Digest Matches

true

a1:71:87:1a:8c:e5:38:56:87:a3:0a:3b:08:36:d0:14:a5:61:52:de
Signer

Actual PE Digest

a1:71:87:1a:8c:e5:38:56:87:a3:0a:3b:08:36:d0:14:a5:61:52:de

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\TXCorp\platform_QQ1.75_Report\Basic_HummerPlatform_VOB\Platform\Output\PdbFinal\bugreport.pdb

Imports

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

dbghelp

SymCleanup
SymSetOptions
SymInitialize
SymGetModuleInfoW
SymLoadModule

wininet

InternetConnectA
HttpOpenRequestA
HttpSendRequestA
InternetReadFile
InternetOpenUrlA
InternetOpenA
InternetCloseHandle

psapi

GetModuleFileNameExA

comctl32

InitCommonControlsEx
ImageList_ReplaceIcon
ImageList_Create

kernel32

HeapSize
HeapReAlloc
HeapDestroy
GetVersionExA
IsDebuggerPresent
SetUnhandledExceptionFilter
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetModuleHandleW
HeapAlloc
GetProcessHeap
VirtualProtect
HeapFree
GetTickCount
SetCurrentDirectoryW
FindResourceW
OpenThread
ReadProcessMemory
WriteProcessMemory
CloseHandle
CreateThread
OpenProcess
lstrlenW
lstrcatW
DeleteFileW
CopyFileW
LoadLibraryW
FindFirstFileW
FindNextFileW
GetExitCodeProcess
FindClose
TerminateProcess
lstrcpyW
VirtualQueryEx
SetEvent
CreateFileA
WaitForSingleObject
CreateProcessW
SizeofResource
LockResource
LoadResource
FindResourceExW
FreeLibrary
GlobalFree
InterlockedIncrement
InterlockedDecrement
GlobalAlloc
GlobalLock
GlobalUnlock
GetLastError
WideCharToMultiByte
FileTimeToSystemTime
GetTimeZoneInformation
SystemTimeToTzSpecificLocalTime
ResumeThread
FreeResource
CreateEventW
Sleep
CreateFileW
WriteFile
DeleteCriticalSection
InterlockedCompareExchange
ReadFile
SetFilePointer
GetProcAddress
GetFileSize
GetTempPathW
CreateDirectoryW
GetModuleFileNameW
GetPrivateProfileSectionW
GetVersionExW
GetThreadSelectorEntry
GetFileAttributesW
GetCurrentProcessId
GetCurrentThreadId
MultiByteToWideChar
InitializeCriticalSection
GetCommandLineW
EnterCriticalSection
LeaveCriticalSection
QueryPerformanceCounter
GetProcessTimes
GetCurrentProcess
GetSystemTimeAsFileTime
SetFileAttributesW
VirtualQuery
MoveFileW
UnhandledExceptionFilter
GetStartupInfoW
RaiseException

user32

CreateWindowExW
RegisterClassExW
GetClassInfoExW
DefWindowProcW
DestroyMenu
TrackPopupMenu
GetWindowThreadProcessId
GetMenuItemCount
CreatePopupMenu
IsWindow
GetDC
ReleaseDC
OpenClipboard
RegisterClipboardFormatW
CallWindowProcW
InvalidateRect
MapDialogRect
DestroyWindow
MapWindowPoints
SetWindowLongW
ClientToScreen
KillTimer
GetKeyState
MessageBoxW
SetDlgItemTextW
GetWindow
DialogBoxParamW
GetWindowTextW
SetTimer
GetWindowTextLengthW
CloseClipboard
SetClipboardData
EnableWindow
EmptyClipboard
SendDlgItemMessageW
GetDesktopWindow
PostMessageW
EndDialog
DrawIconEx
GetDlgItem
GetClientRect
ShowWindow
LoadImageW
SetWindowPos
SetWindowTextW
SendMessageW
LoadIconW
UnregisterClassA
GetWindowRect

gdi32

GetStockObject
DeleteObject
SetTextColor

advapi32

RegSetValueExW
RegDeleteValueW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
RegCreateKeyExW

shell32

ord155
SHBindToParent
SHGetDesktopFolder
SHGetFileInfoW
ShellExecuteW
SHGetSpecialFolderPathW

ole32

DoDragDrop
CreateStreamOnHGlobal
OleUninitialize
OleInitialize

oleaut32

SysStringLen
SysStringByteLen
SysAllocString
SysFreeString
SysAllocStringByteLen

gdiplus

GdiplusShutdown
GdipCreateFromHDC
GdipDisposeImage
GdipDeleteGraphics
GdipDrawImageRectI
GdipLoadImageFromStreamICM
GdiplusStartup
GdipCloneImage
GdipImageSelectActiveFrame
GdipGetImageHeight
GdipGetImageWidth
GdipImageGetFrameDimensionsCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameCount
GdipGetPropertyItemSize
GdipGetPropertyItem
GdipAlloc
GdipFree

shlwapi

PathFileExistsW

msvcp80

??$?M_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
?clear@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXXZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?clear@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@_W@Z
?reserve@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXI@Z
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAADI@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
?reserve@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDI@Z
?resize@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXI@Z
??A?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAA_WI@Z

msvcr80

_wcslwr_s
?what@exception@std@@UBEPBDXZ
wcsrchr
??1exception@std@@UAE@XZ
??_V@YAXPAX@Z
??0exception@std@@QAE@ABV01@@Z
wcschr
_vscwprintf
_CxxThrowException
_mbscmp
vswprintf_s
iswspace
_wcsicmp
strtoul
fprintf
_wfopen
fseek
??2@YAPAXI@Z
_snprintf
??0exception@std@@QAE@ABQBD@Z
_time32
_snwprintf
_mbslwr_s
malloc
ftell
_controlfp_s
_invoke_watson
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?terminate@@YAXXZ
_mbsstr
??0exception@std@@QAE@XZ
swscanf
_invalid_parameter_noinfo
wcsncmp
__wargv
_crt_debugger_hook
__argc
_except_handler4_common
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
_wcmdln
exit
_XcptFilter
_exit
_cexit
__wgetmainargs
_amsg_exit
_decode_pointer
_onexit
free
vsprintf_s
fwrite
fclose
_beginthreadex
isspace
strncmp
strchr
strrchr
atoi
_gmtime32
wcscpy_s
wcsstr
wcscat_s
fread
iswdigit
iswalpha
iswalnum
memmove
_vsnprintf_s
isalpha
isalnum
tolower
wcsncpy
_wtoi
memset
memcpy
__CxxFrameHandler3
_unlock
__dllonexit
_encode_pointer
_time64
??3@YAXPAX@Z
_purecall
memmove_s
memcpy_s
srand
_vscprintf
_lock

wtsapi32

WTSFreeMemory
WTSQuerySessionInformationW

crypt32

CertGetNameStringW

wintrust

WTHelperGetProvSignerFromChain
WTHelperProvDataFromStateData
WinVerifyTrust
WTHelperGetProvCertFromChain

Sections

.text
Size: 160KB - Virtual size: 158KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
bugreport.ini
icon.ico
res.zip
.zip
UISkinCloseInfo.xml
.xml
UISkinMinidown.xml
.xml
UISkinSelectDir.xml
.xml
bg_big.png
.png
[email protected]
.png
bg_exit.png
.png
[email protected]
.png
bg_installing.png
.png
[email protected]
.png
bk.png
.png
[email protected]
.png
browse_hover.png
.png
[email protected]
.png
browse_normal.png
.png
[email protected]
.png
btn1_hover.png
.png
[email protected]
.png
btn1_normal.png
.png
[email protected]
.png
btn_hover.png
.png
[email protected]
.png
btn_normal.png
.png
[email protected]
.png
checkbox_normal.png
.png
[email protected]
.png
checkbox_selected.png
.png
[email protected]
.png
close_black_disabled.png
.png
[email protected]
.png
close_black_hover.png
.png
[email protected]
.png
close_black_normal.png
.png
[email protected]
.png
close_black_press.png
.png
[email protected]
.png
close_disable.png
.png
[email protected]
.png
close_hover.png
.png
[email protected]
.png
close_normal.png
.png
[email protected]
.png
close_pressed.png
.png
[email protected]
.png
error_tip_bg.png
.png
finish.png
.png
[email protected]
.png
icon-wrong-little.png
.png
[email protected]
.png
input_bg.png
.png
[email protected]
.png
minimize_black_disabled.png
.png
[email protected]
.png
minimize_black_hover.png
.png
[email protected]
.png
minimize_black_normal.png
.png
[email protected]
.png
minimize_black_pressed.png
.png
[email protected]
.png
minimize_disable.png
.png
[email protected]
.png
minimize_disabled.png
.png
[email protected]
.png
minimize_hover.png
.png
[email protected]
.png
minimize_normal.png
.png
[email protected]
.png
minimize_pressed.png
.png
[email protected]
.png
progress_bar_2.png
.png
[email protected]
.png
progress_bar_bk.png
.png
[email protected]
.png
setting_back_normal.png
.png
[email protected]
.png
setting_normal.png
.png
[email protected]
.png
start_install_disabled.png
.png
[email protected]
.png
start_install_hover.png
.png
[email protected]
.png
start_install_normal.png
.png
[email protected]
.png
startgame_disabled.png
.png
[email protected]
.png
startgame_hover.png
.png
[email protected]
.png
startgame_normal.png
.png
[email protected]
.png
tiny_dl/TinyDL.exe
.exe windows:5 windows x86 arch:x86

0719a2bf559c0d554f351210b2fce3ee

Code Sign

0e:33:12:30:52:5a:25:a7:f8:10:e5:34:88:b0:aa:40
Certificate

Issuer

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

25/11/2020, 00:00

Not After

22/02/2024, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,O=Tencent Technology(Shenzhen) Company Limited,L=Shenzhen,ST=Guangdong Province,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0f:a8:49:06:15:d7:00:a0:be:21:76:fd:c5:ec:6d:bd
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

11/02/2011, 12:00

Not After

10/02/2026, 12:00

Subject

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:a7:f6:86:bc:40:35:4a:70:f2:c2:97:c1:31:5e:f6
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

25/11/2020, 00:00

Not After

22/02/2024, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,O=Tencent Technology(Shenzhen) Company Limited,L=Shenzhen,ST=Guangdong Province,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

b6:5e:b4:0a:60:c7:af:02:21:de:fb:85:9e:9a:b7:7a:62:bf:04:77:4d:8b:dc:e8:39:b7:ea:36:4a:5a:ed:51
Signer

Actual PE Digest

b6:5e:b4:0a:60:c7:af:02:21:de:fb:85:9e:9a:b7:7a:62:bf:04:77:4d:8b:dc:e8:39:b7:ea:36:4a:5a:ed:51

Digest Algorithm

sha256

PE Digest Matches

true

05:ce:91:df:af:5d:69:f9:80:9b:b2:9e:e7:99:0d:ea:99:31:f8:a2
Signer

Actual PE Digest

05:ce:91:df:af:5d:69:f9:80:9b:b2:9e:e7:99:0d:ea:99:31:f8:a2

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

F:\TinyDL_Build\build\Release\TinyDL.pdb

Imports

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueA

psapi

GetModuleFileNameExW
GetMappedFileNameW
GetProcessImageFileNameW

ws2_32

accept
freeaddrinfo
getaddrinfo
WSAIoctl
recvfrom
ntohs
htons
getsockopt
getsockname
getpeername
connect
closesocket
bind
send
recv
WSASetLastError
select
__WSAFDIsSet
socket
WSAGetLastError
WSACleanup
WSAStartup
gethostbyname
inet_ntoa
inet_addr
ntohl
htonl
listen
sendto
ioctlsocket
getnameinfo
gethostname
shutdown
setsockopt

crypt32

CertCloseStore
CertDuplicateCertificateContext
CertEnumCertificatesInStore
CryptDecodeObject
CryptMsgOpenToDecode
CryptMsgClose
CryptMsgUpdate
CryptMsgGetParam
CertOpenStore
CertGetCertificateContextProperty
CertFindCertificateInStore
CertFreeCertificateContext
CertGetNameStringA
CertGetNameStringW
CryptQueryObject

wldap32

ord27
ord26
ord22
ord41
ord33
ord60
ord211
ord46
ord217
ord143
ord32
ord35
ord79
ord30
ord200
ord50
ord301

kernel32

GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetThreadPriority
SetThreadPriority
SignalObjectAndWait
CreateTimerQueue
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetLocaleInfoW
LCMapStringW
CompareStringW
GetCurrentProcess
TerminateProcess
GetLastError
CloseHandle
GetTickCount
CreateMutexW
OpenMutexW
GetModuleFileNameW
GetCommandLineW
MultiByteToWideChar
WideCharToMultiByte
FreeLibrary
GetProcAddress
LoadLibraryW
GetCommandLineA
GetSystemInfo
TerminateThread
WaitForSingleObject
Sleep
WriteFile
ReadFile
ConnectNamedPipe
CreateFileW
CreateNamedPipeW
CancelSynchronousIo
CreateProcessW
GetFileInformationByHandle
DeviceIoControl
SetEndOfFile
SetFilePointerEx
FindClose
GetFileTime
SetFileTime
SetCurrentDirectoryW
GetCurrentDirectoryW
GetDiskFreeSpaceExW
CreateDirectoryW
CreateDirectoryExW
RemoveDirectoryW
SetFileAttributesW
GetFileAttributesW
GetFileAttributesExW
DeleteFileW
FindFirstFileW
FindNextFileW
CopyFileW
MoveFileExW
DecodePointer
HeapDestroy
HeapAlloc
HeapReAlloc
HeapFree
HeapSize
GetProcessHeap
RaiseException
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
SetEvent
ReleaseMutex
CreateMutexA
CreateEventA
OpenEventA
QueryPerformanceCounter
QueryPerformanceFrequency
SetLastError
GetLongPathNameW
EnterCriticalSection
LeaveCriticalSection
ReleaseSemaphore
FlushFileBuffers
GetSystemTime
SystemTimeToFileTime
MapViewOfFile
UnmapViewOfFile
CreateSemaphoreW
CreateFileMappingW
OutputDebugStringA
OutputDebugStringW
GetFullPathNameW
GetFileSize
GetFileSizeEx
GetModuleFileNameA
GetModuleHandleA
GetModuleHandleW
RegisterWaitForSingleObject
InterlockedDecrement
GlobalMemoryStatusEx
LocalAlloc
LocalFree
VirtualAlloc
VirtualFree
OpenProcess
GetSystemTimes
FileTimeToLocalFileTime
FileTimeToSystemTime
CreatePipe
lstrcmpA
lstrcpyW
GetLogicalDriveStringsA
CreateProcessA
GetStartupInfoA
ExpandEnvironmentStringsA
WritePrivateProfileStringW
GetDriveTypeA
GetDriveTypeW
GetVersionExA
GetVersionExW
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
Process32First
Process32Next
Module32FirstW
CreateThread
SetFilePointer
CreateWaitableTimerA
SetWaitableTimer
GetCurrentProcessId
lstrcpynA
GetCurrentThread
SetThreadAffinityMask
GetCurrentThreadId
ResetEvent
WaitForSingleObjectEx
CreateFileA
LoadLibraryA
GetSystemDirectoryA
InterlockedExchange
InterlockedCompareExchange
SwitchToThread
GetPrivateProfileIntA
GetPrivateProfileStringA
CreateDirectoryA
DeleteFileA
FindFirstFileA
CopyFileA
GetExitCodeThread
VirtualQueryEx
CreateRemoteThread
GetLogicalDrives
DuplicateHandle
GetNativeSystemInfo
CreateFileMappingA
GetWindowsDirectoryW
GetSystemWow64DirectoryW
QueryDosDeviceW
CopyFileExW
GetVolumeInformationW
GetVolumeNameForVolumeMountPointW
GetVolumePathNameW
IsWow64Process
Module32NextW
FormatMessageA
GetSystemTimeAsFileTime
LockFileEx
UnlockFile
HeapCompact
FlushViewOfFile
RtlCaptureStackBackTrace
GetDiskFreeSpaceA
FormatMessageW
GetTempPathA
HeapValidate
GetTempPathW
UnlockFileEx
GetFullPathNameA
LockFile
GetDiskFreeSpaceW
HeapCreate
AreFileApisANSI
InitializeCriticalSection
TryEnterCriticalSection
VirtualLock
VirtualUnlock
CreateSemaphoreA
InterlockedExchangeAdd
SleepEx
GetStdHandle
GetFileType
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleExW
PeekNamedPipe
WaitForMultipleObjects
VerSetConditionMask
VerifyVersionInfoA
SwitchToFiber
DeleteFiber
CreateFiber
GetEnvironmentVariableW
GetConsoleMode
SetConsoleMode
ReadConsoleA
ReadConsoleW
ConvertFiberToThread
ConvertThreadToFiber
GetCPInfo
EncodePointer
CreateEventW
CreateHardLinkW
FindFirstFileExW
GetStringTypeW
GetThreadTimes
UnregisterWait
FreeLibraryAndExitThread
LoadLibraryExW
VirtualProtect
SetProcessAffinityMask
InterlockedPopEntrySList
InterlockedPushEntrySList
InterlockedFlushSList
QueryDepthSList
UnregisterWaitEx
WaitForMultipleObjectsEx
RtlUnwind
ExitThread
ResumeThread
SystemTimeToTzSpecificLocalTime
ExitProcess
SetConsoleCtrlHandler
SetEnvironmentVariableA
SetEnvironmentVariableW
SetCurrentDirectoryA
GetCurrentDirectoryA
GetACP
GetConsoleCP
GetDateFormatW
GetTimeFormatW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetTimeZoneInformation
SetStdHandle
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
HeapQueryInformation
WriteConsoleW
GlobalFree
GetPrivateProfileStringW
GetFileAttributesA

user32

LoadStringW
GetParent
SetWindowLongW
GetWindowLongW
MessageBoxW
GetSystemMetrics
SetDlgItemTextW
EnumDisplayDevicesA
SetWindowPos
CallWindowProcW
SendMessageW
SetWindowLongA
GetWindowLongA
UpdateWindow
ShowWindow
DestroyWindow
MsgWaitForMultipleObjects
CharLowerBuffA
PostMessageA
GetUserObjectInformationW
RegisterClassExW
CreateWindowExW
EndDialog
GetProcessWindowStation
CreateWindowExA
DefWindowProcA
PeekMessageA
GetWindowRect
DispatchMessageW
UnregisterClassW
UnregisterClassA
PeekMessageW
TranslateMessage

shell32

SHGetSpecialFolderPathA
ShellExecuteW
SHGetDesktopFolder
SHBrowseForFolderW
SHGetFolderPathW
SHGetSpecialFolderPathW
SHGetPathFromIDListW
SHCreateDirectoryExW
ShellExecuteExW
SHFileOperationW
SHGetFolderPathA

ole32

CoInitializeEx
CoUninitialize
CoInitialize
CoTaskMemFree
CoSetProxyBlanket
CoCreateInstance
CoCreateGuid
CoInitializeSecurity
StringFromCLSID
IIDFromString

oleaut32

GetErrorInfo
VariantInit
VariantChangeType
CreateErrorInfo
SetErrorInfo
SysFreeString
SysAllocString
VariantClear
VarBstrCmp

comdlg32

GetOpenFileNameW

advapi32

BuildExplicitAccessWithNameW
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
CryptAcquireContextW
CryptGenRandom
CryptReleaseContext
OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueA
GetUserNameW
RegCloseKey
RegEnumValueA
RegOpenKeyExA
RegOpenKeyExW
RegQueryValueExA
RegQueryValueExW
SetEntriesInAclW
GetNamedSecurityInfoW
SetNamedSecurityInfoW
CryptAcquireContextA
RegCreateKeyW
RegOpenKeyW
RegSetValueExW
ConvertStringSecurityDescriptorToSecurityDescriptorW
DeregisterEventSource
RegisterEventSourceW
ReportEventW
CryptDestroyKey
CryptSetHashParam
CryptGetProvParam
CryptGetUserKey
CryptExportKey
CryptDecrypt
CryptCreateHash
CryptDestroyHash
CryptSignHashW
CryptEnumProvidersW

shlwapi

PathIsDirectoryW
PathAppendA
PathStripPathW
PathRemoveFileSpecW
PathFileExistsW
StrCmpW
PathIsDirectoryEmptyW

iphlpapi

GetAdaptersInfo

netapi32

NetApiBufferFree
Netbios
NetWkstaTransportEnum

winhttp

WinHttpCloseHandle
WinHttpGetProxyForUrl
WinHttpCrackUrl
WinHttpOpen
WinHttpGetIEProxyConfigForCurrentUser

Sections

.text
Size: 8.5MB - Virtual size: 8.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 143KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.QMGuid
Size: 512B - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 424KB - Virtual size: 424KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
tiny_dl/TinyDLProxy.dll
.dll windows:5 windows x86 arch:x86

1ebc0931a5efbf27034e90ffac20b7f2

Code Sign

0e:33:12:30:52:5a:25:a7:f8:10:e5:34:88:b0:aa:40
Certificate

Issuer

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

25/11/2020, 00:00

Not After

22/02/2024, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,O=Tencent Technology(Shenzhen) Company Limited,L=Shenzhen,ST=Guangdong Province,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0f:a8:49:06:15:d7:00:a0:be:21:76:fd:c5:ec:6d:bd
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

11/02/2011, 12:00

Not After

10/02/2026, 12:00

Subject

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:a7:f6:86:bc:40:35:4a:70:f2:c2:97:c1:31:5e:f6
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

25/11/2020, 00:00

Not After

22/02/2024, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,O=Tencent Technology(Shenzhen) Company Limited,L=Shenzhen,ST=Guangdong Province,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

2e:57:a7:c7:db:63:db:ba:b5:94:26:6d:ad:a3:77:04:fe:f0:79:fa:c2:18:c1:0f:09:a9:fd:40:f1:f4:78:78
Signer

Actual PE Digest

2e:57:a7:c7:db:63:db:ba:b5:94:26:6d:ad:a3:77:04:fe:f0:79:fa:c2:18:c1:0f:09:a9:fd:40:f1:f4:78:78

Digest Algorithm

sha256

PE Digest Matches

true

58:ef:d4:9a:5e:1d:d2:5d:01:80:e6:df:59:48:e9:10:80:58:e4:f7
Signer

Actual PE Digest

58:ef:d4:9a:5e:1d:d2:5d:01:80:e6:df:59:48:e9:10:80:58:e4:f7

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

F:\TinyDL_Build\build\Release\TinyDLProxy.pdb

Imports

kernel32

GetTickCount
ConnectNamedPipe
CreateFileW
CreateNamedPipeW
CancelSynchronousIo
TerminateProcess
CreateProcessW
GetModuleFileNameW
GetLongPathNameW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
ReleaseSemaphore
FlushFileBuffers
SetFileTime
GetSystemTime
SystemTimeToFileTime
MapViewOfFile
UnmapViewOfFile
CreateSemaphoreW
CreateFileMappingW
OutputDebugStringA
OutputDebugStringW
CreateDirectoryW
GetFullPathNameW
GetFileInformationByHandle
DeviceIoControl
SetEndOfFile
SetFilePointerEx
FindClose
GetFileTime
SetCurrentDirectoryW
GetCurrentDirectoryW
ReadFile
CreateDirectoryExW
RemoveDirectoryW
SetFileAttributesW
GetFileAttributesW
GetFileAttributesExW
DeleteFileW
FindFirstFileW
FindNextFileW
CopyFileW
MoveFileExW
SetLastError
GetFileSize
GetFileSizeEx
GetModuleFileNameA
GetModuleHandleA
GetModuleHandleW
CreateThread
SetFilePointer
InterlockedDecrement
LocalAlloc
LocalFree
lstrcpyW
GetCurrentProcessId
GetCurrentThreadId
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventA
WriteFile
WaitForSingleObject
TerminateThread
WideCharToMultiByte
HeapSize
WriteConsoleW
SetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
MultiByteToWideChar
OpenMutexW
CreateMutexW
CloseHandle
Sleep
ReleaseMutex
GetDiskFreeSpaceExW
GetLastError
GetOEMCP
IsValidCodePage
FindNextFileA
DuplicateHandle
GetCurrentProcess
SwitchToThread
GetCurrentThread
GetExitCodeThread
GetNativeSystemInfo
TryEnterCriticalSection
FormatMessageW
GetStringTypeW
QueryPerformanceCounter
QueryPerformanceFrequency
FindFirstFileExW
GetTempPathW
AreFileApisANSI
CreateHardLinkW
CreateEventW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
GetProcAddress
EncodePointer
DecodePointer
CompareStringW
LCMapStringW
GetLocaleInfoW
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
InitializeSListHead
HeapAlloc
HeapFree
GetProcessHeap
WaitForMultipleObjectsEx
OpenEventA
SetWaitableTimer
ResumeThread
GetSystemInfo
GetLogicalProcessorInformation
CreateWaitableTimerA
FormatMessageA
CreateTimerQueue
SignalObjectAndWait
SetThreadPriority
GetThreadPriority
CreateTimerQueueTimer
ChangeTimerQueueTimer
DeleteTimerQueueTimer
GetNumaHighestNodeNumber
GetProcessAffinityMask
SetThreadAffinityMask
RegisterWaitForSingleObject
UnregisterWait
GetThreadTimes
FreeLibrary
FreeLibraryAndExitThread
LoadLibraryExW
GetVersionExW
VirtualAlloc
VirtualProtect
VirtualFree
SetProcessAffinityMask
InterlockedPopEntrySList
InterlockedPushEntrySList
InterlockedFlushSList
QueryDepthSList
UnregisterWaitEx
LoadLibraryW
RaiseException
RtlUnwind
ExitThread
GetModuleHandleExW
GetDriveTypeW
GetFullPathNameA
SetEnvironmentVariableA
SetEnvironmentVariableW
SetCurrentDirectoryA
GetCurrentDirectoryA
ExitProcess
GetDateFormatW
GetTimeFormatW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetStdHandle
GetFileType
GetACP
GetConsoleCP
GetConsoleMode
ReadConsoleW
SetConsoleCtrlHandler
GetTimeZoneInformation
HeapReAlloc
FindFirstFileExA
RtlCaptureStackBackTrace

shell32

ShellExecuteExW
SHCreateDirectoryExW

ole32

CoTaskMemFree
IIDFromString
StringFromCLSID

oleaut32

CreateErrorInfo
SetErrorInfo
SysFreeString
SysAllocString
VariantChangeType
VariantClear
VariantInit
GetErrorInfo

crypt32

CertFindCertificateInStore
CryptMsgClose
CertFreeCertificateContext
CertGetNameStringW
CryptMsgGetParam
CertCloseStore
CryptQueryObject

ws2_32

ntohl
htonl

advapi32

CryptGenRandom
CryptReleaseContext
CryptAcquireContextA

Exports

Exports

_create_wgtinydl@4
_release_wgtinydl@4

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 305KB - Virtual size: 305KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
tiny_dl/signature.dat

Sharing

General

Malware Config

Signatures

Files

06d235e1d95999f62a9f41eec8fe85b5

Code Sign

0e:33:12:30:52:5a:25:a7:f8:10:e5:34:88:b0:aa:40Certificate

Extended Key Usages

Key Usages

0f:a8:49:06:15:d7:00:a0:be:21:76:fd:c5:ec:6d:bdCertificate

Extended Key Usages

Key Usages

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08Certificate

Extended Key Usages

Key Usages

0e:a7:f6:86:bc:40:35:4a:70:f2:c2:97:c1:31:5e:f6Certificate

Extended Key Usages

Key Usages

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

cf:59:db:fe:54:ed:86:1f:e6:f8:10:f1:d7:0f:c2:de:d6:f9:7e:1a:0a:f6:2f:d3:df:7c:8c:0f:b7:fe:08:09Signer

3e:f1:ae:d6:a4:c9:34:e7:9a:15:ab:45:ca:8b:ab:be:bd:dc:d6:bfSigner

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

shell32

ole32

comctl32

user32

gdi32

kernel32

Sections

.text Size: 27KB - Virtual size: 26KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 3KB - Virtual size: 110KB

.ndata Size: - Virtual size: 40KB

.rsrc Size: 201KB - Virtual size: 200KB

113bfc7886d2a6fb29af8c5aceec28e5

Headers

File Characteristics

Imports

kernel32

user32

gdi32

psapi

msvcrt

mfc42u

msvcp60

ws2_32

shlwapi

wininet

ole32

winmm

Exports

Exports

Sections

.text Size: 820KB - Virtual size: 817KB

.rdata Size: 104KB - Virtual size: 103KB

.data Size: 96KB - Virtual size: 119KB

.idata Size: 16KB - Virtual size: 12KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 28KB - Virtual size: 26KB

3469eeab8eaf789786a13521d4618667

Code Sign

0e:33:12:30:52:5a:25:a7:f8:10:e5:34:88:b0:aa:40Certificate

Extended Key Usages

Key Usages

0f:a8:49:06:15:d7:00:a0:be:21:76:fd:c5:ec:6d:bdCertificate

Extended Key Usages

Key Usages

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08Certificate

0e:33:12:30:52:5a:25:a7:f8:10:e5:34:88:b0:aa:40
Certificate

0f:a8:49:06:15:d7:00:a0:be:21:76:fd:c5:ec:6d:bd
Certificate

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

0e:a7:f6:86:bc:40:35:4a:70:f2:c2:97:c1:31:5e:f6
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

cf:59:db:fe:54:ed:86:1f:e6:f8:10:f1:d7:0f:c2:de:d6:f9:7e:1a:0a:f6:2f:d3:df:7c:8c:0f:b7:fe:08:09
Signer

3e:f1:ae:d6:a4:c9:34:e7:9a:15:ab:45:ca:8b:ab:be:bd:dc:d6:bf
Signer

.text
Size: 27KB - Virtual size: 26KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 3KB - Virtual size: 110KB

.ndata
Size: - Virtual size: 40KB

.rsrc
Size: 201KB - Virtual size: 200KB

.text
Size: 820KB - Virtual size: 817KB

.rdata
Size: 104KB - Virtual size: 103KB

.data
Size: 96KB - Virtual size: 119KB

.idata
Size: 16KB - Virtual size: 12KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 28KB - Virtual size: 26KB

0e:33:12:30:52:5a:25:a7:f8:10:e5:34:88:b0:aa:40
Certificate

0f:a8:49:06:15:d7:00:a0:be:21:76:fd:c5:ec:6d:bd
Certificate

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

0e:a7:f6:86:bc:40:35:4a:70:f2:c2:97:c1:31:5e:f6
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

5e:69:00:b7:44:13:8e:81:32:e3:b2:82:45:d0:8c:10:f2:ce:61:80:49:1d:57:fc:f7:e5:44:fd:a1:b2:61:a7
Signer

8c:59:b0:e8:63:59:e5:a0:3c:7b:91:f3:a7:41:1d:a7:5c:7f:f6:6f
Signer

.text
Size: 3.4MB - Virtual size: 3.4MB

.rdata
Size: 1019KB - Virtual size: 1019KB

.data
Size: 84KB - Virtual size: 122KB

.rsrc
Size: 202KB - Virtual size: 201KB

.reloc
Size: 232KB - Virtual size: 231KB

0e:33:12:30:52:5a:25:a7:f8:10:e5:34:88:b0:aa:40
Certificate

0f:a8:49:06:15:d7:00:a0:be:21:76:fd:c5:ec:6d:bd
Certificate

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

0e:a7:f6:86:bc:40:35:4a:70:f2:c2:97:c1:31:5e:f6
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

96:1d:92:e2:28:ee:82:0c:58:3f:11:76:dc:9a:fb:ae:db:a1:dd:24:5a:3e:60:56:40:75:c9:9d:ab:47:ed:3f
Signer

a1:71:87:1a:8c:e5:38:56:87:a3:0a:3b:08:36:d0:14:a5:61:52:de
Signer