Alicia_setup_008[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

Alicia_setup_008.exe
Size

1155.9MB
MD5

271b4a7a1d020fe85ae7dbb6c137cd46
SHA1

99bd3c6ddd2c09d99571f073bbb286420096c0ce
SHA256

c268fec558ca9f0c316489b314e1d65901c5c5856ffb0cf843ccd385238cf560
SHA512

c531cfec2207b592575421c3fa0020b4869f509ed29255b7de04e9c97aa6f54395c78f4c45aa1da38563b2bbfa19d0f36768ba7cdc5d3781640c7afb3c531e95
SSDEEP

25165824:J2P7Ia1ZuytABf0va3nVYI9S8qwLw5U0wDKOimE9cYTNmIy:JAzZurBka3nmF8FL4UdimE9vNly

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/HShield/Update/autoup.exe	upx

Unsigned PE 17 IoCs

Checks for missing Authenticode signature.

resource
unpack001/$PLUGINSDIR/InstallOptions.dll
unpack001/$PLUGINSDIR/SimpleFC.dll
unpack002/$PLUGINSDIR/Cabinet.dll
unpack002/$PLUGINSDIR/PackAPI.dll
unpack003/out.upx
unpack001/MODULES/bdcap32.dll
unpack001/MODULES/bdvid32.dll
unpack001/MODULES/cryptopp.dll
unpack001/MODULES/devil.dll
unpack001/MODULES/dtypestd.dll
unpack001/MODULES/gdiplus.dll
unpack001/MODULES/ilu.dll
unpack001/MODULES/ilut.dll
unpack001/MODULES/mss32.dll
unpack001/MODULES/mssds3d.flt
unpack001/MODULES/mssdsp.flt
unpack001/MODULES/mssmp3.asi

NSIS installer 4 IoCs

installer

resource	yara_rule
sample	nsis_installer_1
sample	nsis_installer_2
static1/unpack001/HShield/AhnRpt.exe	nsis_installer_1
static1/unpack001/HShield/AhnRpt.exe	nsis_installer_2

Files

Alicia_setup_008.exe
.exe windows:4 windows x86 arch:x86

7fa974366048f9c551ef45714595665e

Code Sign

02:96:3c:31:4e:e0:8a:0c:f5:43:01:05:16:df:aa:68
Certificate

Issuer

CN=Thawte Code Signing CA - G2,O=Thawte\, Inc.,C=US

Not Before

18/02/2011, 00:00

Not After

18/04/2013, 23:59

Subject

CN=NtreevSoft Co.\,Ltd,O=NtreevSoft Co.\,Ltd,L=geumcheongu,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

47:97:4d:78:73:a5:bc:ab:0d:2f:b3:70:19:2f:ce:5e
Certificate

Issuer

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=Thawte Code Signing CA - G2,O=Thawte\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

c3:13:76:be:ae:cf:49:bf:80:9d:6e:44:a0:32:0e:ce:10:cb:fe:22
Signer

Actual PE Digest

c3:13:76:be:ae:cf:49:bf:80:9d:6e:44:a0:32:0e:ce:10:cb:fe:22

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
GetWindowsDirectoryA
SetFileTime
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
CreateFileA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetTempPathA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 78KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/InstallOptions.dll
.dll windows:4 windows x86 arch:x86

b1cd0d78f652ce5fc63f0879371af012

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetCurrentDirectoryA
GetCurrentDirectoryA
MultiByteToWideChar
GetPrivateProfileIntA
GlobalLock
GetModuleHandleA
lstrcmpiA
GetPrivateProfileStringA
lstrcatA
lstrcpynA
WritePrivateProfileStringA
lstrlenA
lstrcpyA
GlobalFree
GlobalUnlock
GlobalAlloc

user32

MapWindowPoints
GetDlgCtrlID
CloseClipboard
GetClipboardData
OpenClipboard
PtInRect
SetWindowRgn
LoadIconA
LoadImageA
SetWindowLongA
CreateWindowExA
MapDialogRect
SetWindowPos
GetWindowRect
CreateDialogParamA
ShowWindow
EnableMenuItem
GetSystemMenu
EnableWindow
GetDlgItem
DestroyIcon
DestroyWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
LoadCursorA
SetCursor
DrawTextA
GetWindowLongA
DrawFocusRect
CallWindowProcA
PostMessageA
MessageBoxA
CharNextA
wsprintfA
GetWindowTextA
SetWindowTextA
SendMessageA
GetClientRect

gdi32

SetTextColor
CreateCompatibleDC
GetObjectA
GetDIBits
CreateRectRgn
CombineRgn
DeleteObject
SelectObject

shell32

SHBrowseForFolderA
SHGetDesktopFolder
SHGetPathFromIDListA
ShellExecuteA

comdlg32

GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError

ole32

CoTaskMemFree

Exports

Exports

dialog
initDialog
show

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/SimpleFC.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

AddApplication
AddPort
AdvAddRule
AdvExistsRule
AdvRemoveRule
AllowDisallowExceptionsNotAllowed
AllowDisallowIcmpInboundEchoRequest
AllowDisallowIcmpInboundMaskRequest
AllowDisallowIcmpInboundRouterRequest
AllowDisallowIcmpInboundTimestampRequest
AllowDisallowIcmpOutboundDestinationUnreachable
AllowDisallowIcmpOutboundPacketTooBig
AllowDisallowIcmpOutboundParameterProblem
AllowDisallowIcmpOutboundSourceQuench
AllowDisallowIcmpOutboundTimeExceeded
AllowDisallowIcmpRedirect
AreExceptionsNotAllowed
AreNotificationsEnabled
EnableDisableApplication
EnableDisableFirewall
EnableDisableNotifications
EnableDisablePort
IsApplicationAdded
IsApplicationEnabled
IsFirewallEnabled
IsFirewallServiceRunning
IsIcmpTypeAllowed
IsPortAdded
IsPortEnabled
RemoveApplication
RemovePort
RestoreDefaults
StartStopFirewallService

Sections

CODE
Size: 148KB - Virtual size: 148KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ioSpecial.ini
$PLUGINSDIR/modern-header.bmp
$PLUGINSDIR/modern-wizard.bmp
Alicia.exe
.exe windows:5 windows x86 arch:x86

9716e5409344ff1fe33348e9688b88c7

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

02:96:3c:31:4e:e0:8a:0c:f5:43:01:05:16:df:aa:68
Certificate

Issuer

CN=Thawte Code Signing CA - G2,O=Thawte\, Inc.,C=US

Not Before

18/02/2011, 00:00

Not After

18/04/2013, 23:59

Subject

CN=NtreevSoft Co.\,Ltd,O=NtreevSoft Co.\,Ltd,L=geumcheongu,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

47:97:4d:78:73:a5:bc:ab:0d:2f:b3:70:19:2f:ce:5e
Certificate

Issuer

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=Thawte Code Signing CA - G2,O=Thawte\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7c:46:1e:7e:e1:32:74:6a:a4:0f:72:bc:9b:30:c0:5d:56:43:2a:24
Signer

Actual PE Digest

7c:46:1e:7e:e1:32:74:6a:a4:0f:72:bc:9b:30:c0:5d:56:43:2a:24

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\dev_patch\ProjectAlice\AliceGame\Race\Alicia.pdb

Imports

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

comctl32

ord17

kernel32

CreateFileMappingA
SetFileAttributesA
GetCommandLineA
GetTickCount
GlobalFree
GlobalUnlock
GlobalFlags
GlobalLock
GlobalAlloc
LockResource
LoadResource
SizeofResource
FindResourceA
GetCurrentProcessId
TerminateProcess
GetCurrentProcess
OpenFileMappingA
GetCurrentThread
GetExitCodeProcess
CreateProcessA
CreateThread
SetUnhandledExceptionFilter
lstrcmpiA
GetVersionExA
GetSystemInfo
GetCurrentThreadId
ReleaseMutex
CreateMutexA
OutputDebugStringW
GetModuleHandleA
SetEndOfFile
SetFilePointer
UnmapViewOfFile
GetFileAttributesA
FileTimeToLocalFileTime
GetEnvironmentVariableA
IsDBCSLeadByte
DeleteFileA
MoveFileA
Sleep
CreateFileA
GetFileSize
ReadFile
lstrlenA
LocalAlloc
LocalFree
SetCurrentDirectoryA
GetCurrentDirectoryA
QueryPerformanceFrequency
GetSystemTimeAsFileTime
OpenProcess
GlobalMemoryStatus
WinExec
HeapSetInformation
IsDebuggerPresent
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
GetFileTime
ResumeThread
GetThreadContext
SuspendThread
EncodePointer
DecodePointer
InterlockedCompareExchange
GetStartupInfoW
UnhandledExceptionFilter
IsProcessorFeaturePresent
QueryPerformanceCounter
IsBadReadPtr
GetProcessHeap
WriteFile
GetWindowsDirectoryA
SetLastError
VirtualProtect
lstrcpyA
lstrcpynA
lstrcmpA
WaitForSingleObjectEx
GetDiskFreeSpaceA
SetErrorMode
GetOverlappedResult
CompareFileTime
CopyFileA
GetACP
MulDiv
SetThreadPriority
GetThreadPriority
WaitForMultipleObjects
TerminateThread
ExpandEnvironmentStringsA
GetDriveTypeA
FindFirstFileA
FindNextFileA
FindClose
GetSystemDirectoryA
WideCharToMultiByte
OutputDebugStringA
CreateEventA
CloseHandle
ResetEvent
SetEvent
InterlockedExchangeAdd
GetModuleFileNameA
WaitForSingleObject
GetLastError
FormatMessageA
FileTimeToSystemTime
InterlockedExchange
InterlockedDecrement
GetSystemTime
SystemTimeToFileTime
GetLocalTime
MultiByteToWideChar
LoadLibraryW
GetProcAddress
FreeLibrary
LoadLibraryA
GlobalMemoryStatusEx
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
SetCriticalSectionSpinCount
InterlockedIncrement
RaiseException
GetFileInformationByHandle
MapViewOfFile
SetFileTime
SetFileAttributesW
GetLogicalDrives
CreateSemaphoreA
ReleaseSemaphore
VirtualAlloc
VirtualFree
GetExitCodeThread
GetCurrentDirectoryW
SetCurrentDirectoryW
FindFirstFileW
VirtualQuery
CreateProcessW
CreateDirectoryW
CopyFileW
GetFileAttributesW
GetModuleFileNameW
CreateFileW
CreateFileMappingW
RemoveDirectoryW
OpenFileMappingW
FindNextFileW
GetDiskFreeSpaceExW
DeleteFileW
lstrcpyW

user32

GetDC
EnumDisplaySettingsA
SetWindowPos
AdjustWindowRect
IsIconic
MoveWindow
DestroyWindow
InvalidateRect
RegisterClassA
LoadCursorA
LoadIconA
CreateWindowExA
SetWindowRgn
DispatchMessageA
TranslateMessage
AttachThreadInput
SetForegroundWindow
WaitForInputIdle
IsWindowVisible
GetKeyboardLayout
SetWindowLongW
CreateWindowExW
RegisterClassExW
BringWindowToTop
SetClipboardData
EmptyClipboard
ClipCursor
OpenClipboard
GetClipboardData
IsClipboardFormatAvailable
MessageBoxA
ReleaseDC
SystemParametersInfoA
wsprintfW
SetWindowTextW
GetWindowLongA
GetForegroundWindow
SetWindowLongA
UpdateWindow
SetCursorPos
ReleaseCapture
SetCapture
PeekMessageA
DefWindowProcA
CharNextA
SetFocus
GetSystemMetrics
IsWindow
ShowWindow
SendMessageA
GetWindowRect
EnumDisplayDevicesA
CloseClipboard
GetWindowThreadProcessId
ScreenToClient
wsprintfA
ShowCursor
GetAsyncKeyState
GetCursorPos
MessageBoxW
PostQuitMessage
CharUpperBuffA
LoadStringA
AdjustWindowRectEx
GetMenu
EndPaint
DrawIcon
BeginPaint
EnableWindow
RegisterWindowMessageA
GetActiveWindow
CloseWindow
SetWindowTextA
SetTimer
CallWindowProcA
GetWindowTextA
GetDesktopWindow
UnregisterClassA
SendMessageW
CharUpperW
CharUpperA
MsgWaitForMultipleObjects
GetClientRect
ClientToScreen
PtInRect
GetCaretBlinkTime

gdi32

CreateSolidBrush
CreateRectRgn
CombineRgn
GetStockObject
RectVisible
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
BitBlt
DeleteObject
DeleteDC
SetBkColor
SetTextAlign
CreateFontA
GetDeviceCaps
SetTextColor

advapi32

RegCloseKey
RegOpenKeyExA
RegOpenKeyExW
RegDeleteValueA
RegDeleteValueW
RegQueryValueExW
RegCreateKeyExW
RegSetValueExW
RegEnumValueA
RegDeleteKeyA
RegQueryInfoKeyA
RegEnumKeyExA
RegSetValueExA
RegCreateKeyExA
RegQueryValueExA

shell32

ShellExecuteW
ShellExecuteA
SHFileOperationA
SHBrowseForFolderW
SHGetPathFromIDListW
SHGetFolderPathA
ShellExecuteExA
ShellExecuteExW

ole32

CoInitialize
CreateStreamOnHGlobal
CoSetProxyBlanket
CoUninitialize
CoCreateInstance
CoGetClassObject
OleInitialize
OleUninitialize

oleaut32

SafeArrayAccessData
SafeArrayUnaccessData
DispGetParam
SysFreeString
SysAllocStringLen
VariantInit
SysStringLen
SysAllocString
VariantClear
SafeArrayCreateVector

msvcp100

??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ
?_Fiopen@std@@YAPAU_iobuf@@PBDHH@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?good@ios_base@std@@QBE_NXZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?uncaught_exception@std@@YA_NXZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?width@ios_base@std@@QAE_J_J@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?flags@ios_base@std@@QBEHXZ
?width@ios_base@std@@QBE_JXZ
?in@?$codecvt@DDH@std@@QBEHAAHPBD1AAPBDPAD3AAPAD@Z
?out@?$codecvt@DDH@std@@QBEHAAHPBD1AAPBDPAD3AAPAD@Z
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?unshift@?$codecvt@DDH@std@@QBEHAAHPAD1AAPAD@Z
?_BADOFF@std@@3_JB
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
?endl@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z
?min@?$numeric_limits@M@std@@SAMXZ
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@PBD_J@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PAD_J@Z
??7ios_base@std@@QBE_NXZ
?rdbuf@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QBEPAV?$basic_streambuf@_WU?$char_traits@_W@std@@@2@XZ
?_Getcat@?$ctype@_W@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?id@?$ctype@_W@std@@2V0locale@2@A
?pptr@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IBEPA_WXZ
?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV12@XZ
?tie@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QBEPAV?$basic_ostream@_WU?$char_traits@_W@std@@@2@XZ
?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAE@XZ
?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAEXXZ
?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAEXXZ
?showmanyc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JXZ
?uflow@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEGXZ
?xsgetn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JPA_W_J@Z
?xsputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JPB_W_J@Z
?setbuf@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEPAV12@PA_W_J@Z
?sync@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEHXZ
?imbue@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEXABVlocale@2@@Z
?gptr@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IBEPA_WXZ
?gbump@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEXH@Z
?pbump@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEXH@Z
?_Pninc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEPA_WXZ
?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAEXH_N@Z
?sputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAE_JPB_W_J@Z
?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEG_W@Z
?widen@?$ctype@_W@std@@QBE_WD@Z
?getloc@ios_base@std@@QBE?AVlocale@2@XZ
??1?$basic_ostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@XZ
??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IAE@XZ
??_7?$basic_ios@_WU?$char_traits@_W@std@@@std@@6B@
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@H@Z
?_Xfunc@tr1@std@@YAXXZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
?ends@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z
??_7?$basic_ostream@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_istream@DU?$char_traits@D@std@@@std@@6B@
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ
?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXH@Z
?pbase@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
?pbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXH@Z
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD0@Z
?_Orphan_all@_Container_base0@std@@QAEXXZ
?_Xlength_error@std@@YAXPBD@Z
?_Xout_of_range@std@@YAXPBD@Z
?_Swap_all@_Container_base0@std@@QAEXAAU12@@Z
?_Xoverflow_error@std@@YAXPBD@Z
?max@?$numeric_limits@M@std@@SAMXZ
??1_Container_base12@std@@QAE@XZ
??0_Container_base12@std@@QAE@XZ
?_Orphan_all@_Container_base12@std@@QAEXXZ
?_Decref@facet@locale@std@@QAEPAV123@XZ
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ
?always_noconv@codecvt_base@std@@QBE_NXZ
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
??1_Lockit@std@@QAE@XZ
?_Incref@facet@locale@std@@QAEXXZ
?_Getcat@?$codecvt@DDH@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
??Bid@locale@std@@QAEIXZ
?id@?$codecvt@DDH@std@@2V0locale@2@A
??0_Lockit@std@@QAE@H@Z

psapi

GetProcessMemoryInfo

msvcr100

_finite
_isnan
_time64
srand
sprintf_s
_beginthreadex
_CIsqrt
_stricmp
_mkdir
_CItan
_CIasin
_CIatan
??0bad_cast@std@@QAE@PBD@Z
??1bad_cast@std@@UAE@XZ
??0bad_cast@std@@QAE@ABV01@@Z
fgetc
fputc
ungetc
_lock_file
_unlock_file
fflush
setvbuf
fgetpos
_fseeki64
fsetpos
_atoi64
??8type_info@@QBE_NABV0@@Z
__RTtypeid
malloc
free
_fpclass
printf
ldiv
sscanf
fread
isdigit
_snprintf_s
fopen_s
_vsnprintf
qsort
strrchr
wcschr
strncpy
wcscpy_s
fgets
strcat_s
fseek
ftell
_ismbcspace
_strnicmp
_splitpath
remove
wcsnlen
_vswprintf_c_l
rand_s
memchr
strcspn
memmove_s
strpbrk
?set_unexpected@@YAP6AXXZP6AXXZ@Z
_set_purecall_handler
_set_invalid_parameter_handler
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
swprintf_s
_wfopen_s
ferror
_vsnprintf_s
isalnum
towupper
feof
strerror
_errno
freopen
getc
__iob_func
realloc
strtod
strncat
_setjmp3
exit
longjmp
strcoll
_CIpow
fputs
_CIsinh
_CIcosh
_CItanh
_CIatan2
_CIfmod
modf
_CIlog
_CIlog10
_CIexp
frexp
ldexp
_HUGE
toupper
isxdigit
isupper
ispunct
iscntrl
_ltoa
_difftime64
_gmtime64
_localtime64
_mktime64
system
rename
tmpnam
getenv
clock
strftime
setlocale
_pclose
_popen
tmpfile
fscanf
clearerr
localeconv
_strupr
_strlwr
vsprintf
asctime
strncat_s
_itoa_s
_ui64toa_s
calloc
__argv
_unlock
__dllonexit
_lock
_onexit
?terminate@@YAXXZ
_except_handler4_common
?_name_internal_method@type_info@@QBEPBDPAU__type_info_node@@@Z
_amsg_exit
__getmainargs
_cexit
_exit
_XcptFilter
_ismbblead
_acmdln
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_commode
_fmode
__set_app_type
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
_invoke_watson
_controlfp_s
sprintf
_mbsrchr
strncmp
ceil
floor
atoi
strnlen
fwrite
strtok_s
isalpha
isspace
atof
sscanf_s
strchr
_CIacos
_CIcos
fopen
fclose
fprintf
rand
__RTDynamicCast
wcsstr
??_V@YAXPAX@Z
??_U@YAPAXIHPBDH@Z
_purecall
strtol
strcpy_s
memmove
memcpy
_CIsin
strstr
strtoul
??0exception@std@@QAE@ABV01@@Z
_CxxThrowException
??2@YAPAXI@Z
??1exception@std@@UAE@XZ
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABQBD@Z
??2@YAPAXIHPBDH@Z
??3@YAXPAX@Z
memset
__CxxFrameHandler3
strncpy_s
vsprintf_s
memcpy_s
tolower
_except_handler3
strlen
strcmp
strtok
__CxxFrameHandler
atol
strcat
_mbschr
_mbsstr
_mbspbrk
strcpy
fprintf_s
pow
_wcsicmp
div
swscanf
iswspace
fwprintf
_wsetlocale
wcsncpy_s
_wsplitpath_s
vswprintf_s
_localtime32_s
wcstok_s
_wrename
wcscat_s
_splitpath_s
_mbsnbcpy
islower

winmm

timeEndPeriod
timeGetDevCaps
timeBeginPeriod
mixerClose
mixerGetLineControlsA
mixerGetLineInfoA
mixerOpen
mixerGetNumDevs
timeGetTime

ws2_32

inet_ntoa
htonl
getservbyname
gethostbyaddr
getservbyport
WSASetLastError
gethostname
shutdown
WSAConnect
WSAGetLastError
inet_addr
WSASocketA
WSACleanup
WSAStartup
gethostbyname
htons
WSAEnumNetworkEvents
WSACreateEvent
connect
WSAWaitForMultipleEvents
WSARecvFrom
WSASendTo
ioctlsocket
setsockopt
getsockname
WSARecv
WSASend
bind
closesocket
ntohs
WSACloseEvent
WSAEventSelect

wininet

FtpCreateDirectoryW
InternetConnectW
FtpGetCurrentDirectoryA
FtpGetFileW
InternetOpenW
FtpGetCurrentDirectoryW
InternetCanonicalizeUrlW
FtpPutFileW
FtpSetCurrentDirectoryW
HttpSendRequestA
InternetSetStatusCallback
DeleteUrlCacheEntry
HttpOpenRequestA
InternetReadFile
HttpSendRequestExA
InternetWriteFile
HttpEndRequestA
InternetCloseHandle
InternetOpenA
InternetConnectA

d3dx9_42

D3DXMatrixMultiplyTranspose
D3DXMatrixTranspose
D3DXVec3TransformNormal
D3DXVec3TransformCoord
D3DXMatrixInverse
D3DXGeneratePMesh
D3DXCleanMesh
D3DXCreateCubeTextureFromFileInMemoryEx
D3DXCreateMeshFVF
D3DXVec3Transform
D3DXVec3Normalize
D3DXLoadSurfaceFromSurface
D3DXAssembleShader
D3DXMatrixRotationZ
D3DXVec2Normalize
D3DXVec2TransformCoord
D3DXCreateLine
D3DXMatrixRotationY
D3DXMatrixRotationX
D3DXMatrixMultiply
D3DXCreateTextureFromFileInMemoryEx
D3DXCreateTextureFromFileInMemory
D3DXGetImageInfoFromFileInMemory
D3DXSaveSurfaceToFileA
D3DXPlaneTransform
D3DXCreateTexture
D3DXPlaneFromPointNormal
D3DXSaveTextureToFileA
D3DXCreateVolumeTextureFromFileInMemoryEx
D3DXCreateEffect

urlmon

URLDownloadToFileA

gdiplus

GdipGetImageGraphicsContext
GdipGetDC
GdipReleaseDC
GdipSetInterpolationMode
GdipGraphicsClear
GdipDrawString
GdipDrawImageRectI
GdipDrawImageRectRect
GdipCloneImage
GdipCreateBitmapFromStream
GdipGetImageHeight
GdipGetImageWidth
GdipDisposeImage
GdipLoadImageFromStream
GdipDeleteFont
GdipDeleteFontFamily
GdipGetGenericFontFamilySansSerif
GdipCreateFontFamilyFromName
GdipDeleteGraphics
GdipDeleteBrush
GdipFree
GdipCreateSolidFill
GdiplusShutdown
GdiplusStartup
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipAlloc
GdipCreateFont
GdipCreateFromHDC

shlwapi

StrFormatByteSizeW

imm32

ImmSetCompositionWindow
ImmAssociateContext
ImmGetConversionStatus
ImmSetConversionStatus
ImmReleaseContext
ImmGetCompositionStringW
ImmNotifyIME
ImmGetCandidateListW
ImmGetContext

comdlg32

GetSaveFileNameW
GetOpenFileNameW

physxloader

NxReleasePhysicsSDK
NxCreatePhysicsSDK
NxGetCookingLib

d3d9

Direct3DCreate9

dinput8

DirectInput8Create

xinput1_3

ord3
ord5
ord2

dsound

ord11

ddraw

DirectDrawCreateEx

Exports

Exports

??0_Mutex@std@@QAE@W4_Uninitialized@1@@Z
??4_Init_locks@std@@QAEAAV01@ABV01@@Z

Sections

.text
Size: 7.8MB - Virtual size: 7.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

_rwcseg
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 223KB - Virtual size: 18.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 710KB - Virtual size: 709KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_rwdseg
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 710KB - Virtual size: 710KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Alicia.ico
D3DCompiler_42.dll
.dll windows:6 windows x86 arch:x86

5d1c43e7023ad760215252a187c333c2

Code Sign

2e:ab:11:dc:50:ff:5c:9d:cb:c0
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

22/08/2007, 22:31

Not After

25/08/2012, 07:00

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:06:27:81:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/10/2008, 21:24

Not After

22/01/2010, 21:34

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:47:52:ba:00:00:00:00:00:04
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16/09/2006, 01:53

Not After

16/09/2011, 02:03

Subject

CN=Microsoft Timestamping Service,OU=nCipher DSE ESN:D8A9-CFCC-579C,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16/09/2006, 01:04

Not After

15/09/2019, 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

f7:ba:7a:fb:82:65:dc:af:11:4d:56:c7:01:a0:11:a3:9c:90:4c:a6
Signer

Actual PE Digest

f7:ba:7a:fb:82:65:dc:af:11:4d:56:c7:01:a0:11:a3:9c:90:4c:a6

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D3DCompiler_42.pdb

Imports

msvcrt

??1type_info@@UAE@XZ
?terminate@@YAXXZ
_unlock
__dllonexit
_lock
_onexit
_amsg_exit
_initterm
_XcptFilter
_CxxThrowException
memset
memcpy
isxdigit
atof
setlocale
_strdup
_mbstrlen
modf
isalnum
_isnan
ceil
_finite
strrchr
_clearfp
_controlfp
_strnicmp
_fpclass
_purecall
strncmp
isspace
strstr
getenv
_stricmp
memmove
qsort
isalpha
toupper
atoi
isdigit
tolower
free
malloc
??2@YAPAXI@Z
??3@YAXPAX@Z
strchr
_vsnprintf
__CxxFrameHandler
floor
_CIfmod
_CItanh
_CItan
_CIsinh
_CIsin
_CIlog
_CIpow
_CIexp
_CIsqrt
_CIcosh
_CIcos
_CIatan2
_CIatan
_CIasin
_CIacos

gdi32

DeleteObject

kernel32

GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
RtlUnwind
UnmapViewOfFile
CloseHandle
FreeLibrary
DeleteCriticalSection
InitializeCriticalSection
VirtualFree
UnhandledExceptionFilter
WideCharToMultiByte
GetFullPathNameA
HeapCreate
OutputDebugStringA
LoadLibraryA
GetModuleHandleA
lstrcmpiA
TlsFree
TlsGetValue
HeapDestroy
TlsSetValue
InterlockedExchange
TlsAlloc
Sleep
InterlockedCompareExchange
GetVersion
GetSystemInfo
GetProcAddress
VirtualAlloc
GetProcessHeap
HeapFree
HeapAlloc
DisableThreadLibraryCalls
MultiByteToWideChar
SetUnhandledExceptionFilter

Exports

Exports

D3DAssemble
D3DCompile
D3DDisassemble
D3DDisassemble10Effect
D3DGetDebugInfo
D3DGetInputAndOutputSignatureBlob
D3DGetInputSignatureBlob
D3DGetOutputSignatureBlob
D3DPreprocess
D3DReflect
D3DReturnFailure1
D3DStripShader
DebugSetMute

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HShield/3n.mhe
HShield/AhnRpt.exe
.exe windows:4 windows x86 arch:x86

15a0f1d644e443ffc57a495d97f7c764

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

2b:ad:ad:20:cc:bc:17:01:64:bd:ec:8f:bc:a0:69:24
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

23/05/2011, 00:00

Not After

22/05/2012, 23:59

Subject

CN=AhnLab\, Inc.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=AhnLab\, Inc.,L=Yeongdeungpo-gu,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/02/2011, 19:25

Not After

22/02/2021, 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

d7:18:7a:48:e7:2f:1b:76:48:63:04:06:84:60:65:d6:21:7b:3a:ae
Signer

Actual PE Digest

d7:18:7a:48:e7:2f:1b:76:48:63:04:06:84:60:65:d6:21:7b:3a:ae

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
CreateFileA
GetFileSize
GetModuleFileNameA
GetTickCount
GetCurrentProcess
CopyFileA
ExitProcess
SetFileTime
GetTempPathA
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetWindowsDirectoryA

user32

ScreenToClient
GetWindowRect
CreateDialogParamA
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
EndDialog
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
ExitWindowsEx
DestroyWindow
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
RegisterClassA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
OpenClipboard
CharNextA
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/AhnRpt.exe
.exe windows:4 windows x86 arch:x86

03fe80609d1a7c29b8f9df5b5311d931

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

2b:ad:ad:20:cc:bc:17:01:64:bd:ec:8f:bc:a0:69:24
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

23/05/2011, 00:00

Not After

22/05/2012, 23:59

Subject

CN=AhnLab\, Inc.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=AhnLab\, Inc.,L=Yeongdeungpo-gu,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

60:2a:6d:67:6f:43:7c:73:5b:41:bb:cd:12:79:e1:d0:29:ee:b5:01
Signer

Actual PE Digest

60:2a:6d:67:6f:43:7c:73:5b:41:bb:cd:12:79:e1:d0:29:ee:b5:01

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

wsock32

WSAStartup
WSACleanup

kernel32

LockFile
UnlockFile
GetFullPathNameA
GetFileTime
SetErrorMode
RtlUnwind
RaiseException
GetFileType
GetSystemTime
CreateThread
ExitThread
FlushFileBuffers
HeapReAlloc
TerminateProcess
SetStdHandle
HeapSize
LCMapStringA
LCMapStringW
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
SetHandleCount
GetStdHandle
GetStringTypeA
GetStringTypeW
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStringsW
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
DuplicateHandle
GetOEMCP
GetCPInfo
GetProcessVersion
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
GlobalFlags
MulDiv
WritePrivateProfileStringA
InterlockedIncrement
GetVersion
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
SetEndOfFile
WaitForMultipleObjects
ExitProcess
EnterCriticalSection
LeaveCriticalSection
InterlockedExchange
ResetEvent
SetEvent
TerminateThread
CreateEventA
LoadLibraryExA
WriteFile
GetLogicalDrives
GetACP
SetCurrentDirectoryA
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
GetTickCount
WaitForSingleObject
SystemTimeToFileTime
GetProfileStringA
GetDriveTypeA
GetVolumeInformationA
GetDiskFreeSpaceA
GlobalMemoryStatus
EnumResourceLanguagesA
GetTimeZoneInformation
GetProcessTimes
GetLocalTime
Sleep
lstrcmpA
GetShortPathNameA
GetEnvironmentStrings
FreeEnvironmentStringsA
GetComputerNameA
InterlockedDecrement
GetEnvironmentVariableA
SearchPathA
GetLocaleInfoA
GetModuleFileNameA
GetVersionExA
GetSystemInfo
GetTempPathA
DeleteCriticalSection
InitializeCriticalSection
CompareFileTime
CopyFileA
OpenProcess
GetCommandLineA
GetFileInformationByHandle
FileTimeToDosDateTime
GetTempFileNameA
DosDateTimeToFileTime
LocalFileTimeToFileTime
SetFileTime
SetFileAttributesA
WideCharToMultiByte
lstrcpyA
SetFilePointer
UnmapViewOfFile
GetFileSize
CreateFileMappingA
MapViewOfFile
HeapFree
HeapAlloc
GetProcessHeap
GetModuleHandleA
GetSystemDirectoryA
CreateProcessA
GetExitCodeProcess
FileTimeToLocalFileTime
FileTimeToSystemTime
GetDateFormatA
lstrcatA
GetTimeFormatA
GetCurrentThread
GetCurrentProcess
lstrcmpiA
DeleteFileA
FindNextFileA
RemoveDirectoryA
CreateDirectoryA
CreateFileA
ReadFile
CloseHandle
GetCurrentDirectoryA
GetFileAttributesA
MultiByteToWideChar
lstrlenA
lstrcpynA
QueryDosDeviceA
GetLastError
FindFirstFileA
FindClose
SetLastError
LoadLibraryA
GetProcAddress
FreeLibrary
GetWindowsDirectoryA
FindResourceExA
GetPrivateProfileStringA
FormatMessageA
LocalFree
ExpandEnvironmentStringsA
FindResourceA
SizeofResource
LoadResource
LockResource
GetStartupInfoA

user32

GetClassNameA
SetRect
WindowFromPoint
IsZoomed
LoadCursorA
DestroyCursor
SetCursorPos
SetCapture
RedrawWindow
BringWindowToTop
UnpackDDElParam
ReuseDDElParam
SetMenu
GetDesktopWindow
ReleaseCapture
TranslateAcceleratorA
LoadAcceleratorsA
SetRectEmpty
LoadStringA
DestroyMenu
PtInRect
DrawFocusRect
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
RegisterClipboardFormatA
GetMessageA
TranslateMessage
ValidateRect
GetCursorPos
SetCursor
ShowOwnedPopups
GetMenuCheckMarkDimensions
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
ShowWindow
SetWindowTextA
IsDialogMessageA
SendDlgItemMessageA
MapWindowPoints
GetFocus
SetFocus
AdjustWindowRectEx
EqualRect
DeferWindowPos
BeginDeferWindowPos
CopyRect
EndDeferWindowPos
GetScrollPos
SetScrollPos
GetTopWindow
MessageBoxA
IsChild
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
TrackPopupMenu
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
OffsetRect
IntersectRect
GetWindowPlacement
GetNextDlgTabItem
EndDialog
GetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
IsWindowEnabled
GetWindow
GetWindowLongA
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
KillTimer
IsWindowVisible
SetTimer
GetWindowRect
FillRect
GetSysColorBrush
GetKeyState
CharPrevA
IsWindow
ClientToScreen
ScreenToClient
LoadMenuA
GetAsyncKeyState
FindWindowA
GetMenuState
GetMenu
GetSubMenu
GetMenuItemCount
GetMenuItemID
DeleteMenu
SetForegroundWindow
SetActiveWindow
DefWindowProcA
IsIconic
CharUpperA
PostThreadMessageA
GetDCEx
SetParent
LockWindowUpdate
LoadIconA
InflateRect
InvalidateRect
GetParent
SystemParametersInfoA
LoadBitmapA
GetSysColor
CharLowerA
InsertMenuA
CreatePopupMenu
AppendMenuA
CheckMenuRadioItem
SetMenuDefaultItem
PostMessageA
GetSystemMetrics
GetClientRect
GetDC
SendMessageA
ReleaseDC
IsCharAlphaNumericA
wsprintfA
MsgWaitForMultipleObjects
DispatchMessageA
PeekMessageA
PostQuitMessage
IsCharAlphaA
CharNextA
UpdateWindow
EnableWindow
IsWindowUnicode
DefDlgProcA
ExcludeUpdateRgn
ShowCaret
HideCaret
UnregisterClassA
SetWindowPlacement

gdi32

ExcludeClipRect
IntersectClipRect
ScaleWindowExtEx
SetWindowExtEx
CombineRgn
SetRectRgn
CreateFontA
GetCharWidthA
CreateCompatibleBitmap
StretchDIBits
CreateRectRgnIndirect
PatBlt
CreateCompatibleDC
BitBlt
Escape
TextOutA
RectVisible
PtVisible
CreatePatternBrush
CreateSolidBrush
CreateRectRgn
DeleteObject
DeleteDC
CreateBitmap
GetObjectA
SetBkColor
SetTextColor
GetClipBox
SelectObject
ExtTextOutA
CreateFontIndirectA
GetDeviceCaps
GetTextExtentPointA
CreateDIBitmap
GetTextMetricsA
GetTextExtentPoint32A
SelectClipRgn
GetStockObject
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetBkMode
RestoreDC
SaveDC

comdlg32

GetSaveFileNameA
GetFileTitleA
GetOpenFileNameA

winspool.drv

EnumPrintersA
ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

GetFileSecurityA
LookupPrivilegeValueA
OpenProcessToken
LookupAccountSidA
GetTokenInformation
OpenThreadToken
AllocateAndInitializeSid
FreeSid
RegCloseKey
GetAce
GetAclInformation
GetSecurityDescriptorDacl
IsValidSecurityDescriptor
CryptAcquireContextA
CryptCreateHash
CryptHashData
CryptDeriveKey
CryptEncrypt
CryptGetHashParam
CryptDestroyHash
CryptDestroyKey
CryptReleaseContext
RegSetKeySecurity
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
SetFileSecurityA
AdjustTokenPrivileges
ReadEventLogA
GetNumberOfEventLogRecords
CloseEventLog
OpenEventLogA
RegDeleteKeyA
RegSetValueExA
RegEnumValueA
RegEnumKeyExA
RegQueryValueExA
RegQueryInfoKeyA
RegGetKeySecurity
RegCreateKeyExA
RegOpenKeyExA
OpenSCManagerA
EnumServicesStatusA
OpenServiceA
QueryServiceConfigA
CloseServiceHandle
EqualSid

shell32

DragQueryFileA
DragFinish
SHGetFileInfoA
SHBrowseForFolderA
ShellExecuteA
SHGetDesktopFolder
SHGetMalloc
SHGetSpecialFolderLocation
SHGetPathFromIDListA

comctl32

ImageList_SetBkColor
ImageList_AddMasked
ImageList_Draw
ImageList_GetImageInfo
ord17
ImageList_Destroy
ImageList_Create

oledlg

ord8

ole32

CoSetProxyBlanket
CoCreateInstance
CoInitializeSecurity
CoTaskMemFree
OleInitialize
OleUninitialize
CoFreeUnusedLibraries
CoRegisterMessageFilter
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard

oleaut32

VariantClear
SysFreeString
SysAllocString
VariantInit

Sections

.text
Size: 616KB - Virtual size: 615KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 116KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 120KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/Cabinet.dll
.dll windows:5 windows x86 arch:x86

ea4cbf3c305bfb43c7e36a485e58acb4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

CreateDirectoryA
ReadFile
WriteFile
CloseHandle
SetFilePointer
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
lstrcatA
lstrcpyA
lstrlenA
CreateFileA
SetFileAttributesA
lstrcmpiA
GetLastError
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
DeleteFileA

ole32

CoTaskMemFree
CoTaskMemAlloc

Exports

Exports

DeleteExtractedFiles
DllGetVersion
Extract
FCIAddFile
FCICreate
FCIDestroy
FCIFlushCabinet
FCIFlushFolder
FDICopy
FDICreate
FDIDestroy
FDIIsCabinet
FDITruncateCabinet
GetDllVersion

Sections

.text
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/PackAPI.dll
.dll windows:4 windows x86 arch:x86

2ea39580745c084c385726a21944661d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
lstrcpynA
GlobalAlloc
GetVersionExA
GetProcAddress

user32

wsprintfA

Exports

Exports

GetOSVersion
GetProcessorArchitecture
PreUnload

Sections

.text
Size: 4KB - Virtual size: 399B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 386B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HShield/BldInfo.ini
HShield/EHSvc.dll
.dll windows:4 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

2b:ad:ad:20:cc:bc:17:01:64:bd:ec:8f:bc:a0:69:24
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

23/05/2011, 00:00

Not After

22/05/2012, 23:59

Subject

CN=AhnLab\, Inc.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=AhnLab\, Inc.,L=Yeongdeungpo-gu,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/02/2011, 19:25

Not After

22/02/2021, 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1d:40:f7:71:a9:9f:68:0a:85:7c:02:65:7f:6f:10:b2:88:a4:f6:a1
Signer

Actual PE Digest

1d:40:f7:71:a9:9f:68:0a:85:7c:02:65:7f:6f:10:b2:88:a4:f6:a1

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_FORCE_INTEGRITY

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Exports

Exports

1
10
12
13
14
15
16
17
18
19
2
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
37
38
4
6
7
8
9

Sections

Size: 528KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 544KB - Virtual size: 910KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 2.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

oohvnyov
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

qahcjbbz
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
HShield/HSUpdate.exe
.exe windows:4 windows x86 arch:x86

be2883b5bd066d9bc9d54067b0ef99ba

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

2b:ad:ad:20:cc:bc:17:01:64:bd:ec:8f:bc:a0:69:24
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

23/05/2011, 00:00

Not After

22/05/2012, 23:59

Subject

CN=AhnLab\, Inc.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=AhnLab\, Inc.,L=Yeongdeungpo-gu,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/02/2011, 19:25

Not After

22/02/2021, 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

87:5b:83:98:7b:32:93:82:74:4e:6e:6f:a7:00:d7:13:51:28:dd:71
Signer

Actual PE Digest

87:5b:83:98:7b:32:93:82:74:4e:6e:6f:a7:00:d7:13:51:28:dd:71

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

kernel32

GetExitCodeThread
CreateThread
CreateEventA
Sleep
ReadFile
SetFilePointer
CreateFileA
GetModuleFileNameA
GetModuleHandleA
WriteFile
HeapFree
HeapAlloc
GetProcessHeap
GetVersion
GetCommandLineA
GetProcAddress
FreeLibrary
LoadLibraryA
OpenEventA
OutputDebugStringA
LocalAlloc
GetLocalTime
lstrcatA
GlobalMemoryStatus
GetComputerNameA
GetCurrentProcess
GetCurrentThread
GetVersionExA
GetVolumeInformationA
GetDriveTypeA
FindFirstFileA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
CreateDirectoryA
SetEndOfFile
SetConsoleCtrlHandler
FlushFileBuffers
SetStdHandle
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
GetFileType
GetStdHandle
GetFullPathNameA
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
SetEvent
GetSystemInfo
CreateMutexA
GetLastError
WaitForSingleObject
CloseHandle
GetTickCount
lstrcpyA
ExitThread
lstrcmpiA
lstrcmpA
FormatMessageA
LocalFree
lstrcpynA
lstrlenA
GetTimeZoneInformation
CompareStringA
CompareStringW
GetDiskFreeSpaceA
SetEnvironmentVariableA
SetCurrentDirectoryA
GetCurrentDirectoryA
RtlUnwind
ExitProcess
TerminateProcess
GetStartupInfoA
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
GetCPInfo
GetACP
GetOEMCP
HeapSize
UnhandledExceptionFilter
FreeEnvironmentStringsA

user32

GetSystemMetrics
wvsprintfA
GetWindowPlacement
GetClientRect
GetWindowRect
CreateWindowExA
ShowWindow
SetWindowPos
GetParent
LoadIconA
LoadCursorA
RegisterClassA
PostQuitMessage
BeginPaint
EndPaint
DefWindowProcA
MessageBoxA
PeekMessageA
TranslateMessage
DispatchMessageA
wsprintfA
SendMessageA
LoadStringA
SystemParametersInfoA

gdi32

GetStockObject

advapi32

EqualSid
FreeSid
LookupAccountSidA
OpenThreadToken
OpenProcessToken
GetTokenInformation
RegDeleteValueA
RegEnumValueA
RegDeleteKeyA
RegQueryInfoKeyA
RegEnumKeyExA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
AllocateAndInitializeSid

winmm

timeGetTime

Sections

.text
Size: 84KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
HShield/HsLogMgr.exe
.exe .js windows:4 windows x86 arch:x86 polyglot

0294ac99b287a173e802bd320b8a353a

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

59:97:db:af:dd:31:29:29:9b:e1:a5:eb:cc:6d:1e:33
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

29/09/2010, 00:00

Not After

29/10/2011, 23:59

Subject

CN=AhnLab\, Inc.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=AhnLab\, Inc.,L=Yeongdeungpo,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

5b:92:52:f2:19:db:9c:ba:3f:15:c2:86:4f:d0:7c:fd:a7:40:50:aa
Signer

Actual PE Digest

5b:92:52:f2:19:db:9c:ba:3f:15:c2:86:4f:d0:7c:fd:a7:40:50:aa

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord5307
ord5289
ord5714
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord561
ord825
ord815
ord641
ord800
ord818
ord2514
ord2621
ord1134
ord5265
ord4376
ord4853
ord4998
ord4710
ord6052
ord4078
ord1775
ord4407
ord5241
ord2385
ord5163
ord4698
ord4353
ord5280
ord3798
ord4837
ord4441
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5261
ord2446
ord2124
ord5277
ord4627
ord4425
ord3597
ord324
ord4234
ord1146
ord1168
ord567
ord540
ord2863
ord2379
ord755
ord470
ord1200
ord2818
ord6453
ord2486
ord2623
ord860
ord3237
ord3005
ord2135
ord6215
ord4299
ord823
ord4079
ord2725
ord5302
ord5300
ord3346
ord2396
ord5199
ord1089
ord3922
ord5731
ord2512
ord2554
ord4486
ord6375
ord4274
ord6374
ord4673
ord1576

msvcrt

_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
_acmdln
exit
_XcptFilter
_exit
_onexit
__dllonexit
malloc
free
_mbsrchr
atol
__p___argc
__p___argv
strchr
_vsnprintf
_except_handler3
strstr
__CxxFrameHandler
_setmbcp
__getmainargs

kernel32

GetModuleFileNameA
CreateProcessA
GetLastError
WritePrivateProfileStringA
CreateMutexA
CloseHandle
GetSystemDefaultLangID
MultiByteToWideChar
lstrlenA
GetVersionExA
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
GetModuleHandleA
GetStartupInfoA
GetCommandLineA

user32

DrawIcon
GetClientRect
GetSystemMetrics
GetSystemMenu
PostMessageA
GetWindowRect
SendMessageA
PostQuitMessage
IsIconic
EnableWindow
LoadIconA

oleaut32

VariantClear
SysAllocString

Sections

.text
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HShield/Update/ahn.ui
HShield/Update/ahni2.dll
.dll windows:4 windows x86 arch:x86

32bc74863ee54d3573b4662f7e0ff09e

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

59:97:db:af:dd:31:29:29:9b:e1:a5:eb:cc:6d:1e:33
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

29/09/2010, 00:00

Not After

29/10/2011, 23:59

Subject

CN=AhnLab\, Inc.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=AhnLab\, Inc.,L=Yeongdeungpo,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:7a:6d:19:fa:8b:9b:7f:4c:4a:0a:42:dc:6c:6f:33:df:b7:45:0a
Signer

Actual PE Digest

33:7a:6d:19:fa:8b:9b:7f:4c:4a:0a:42:dc:6c:6f:33:df:b7:45:0a

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateDirectoryA
SetFileAttributesA
SetFilePointer
DeleteFileA
GetLocalTime
GetWindowsDirectoryA
GetDriveTypeA
lstrcmpiA
WriteFile
FindClose
FindFirstFileA
GetVersion
FindNextFileA
GetModuleHandleA
RemoveDirectoryA
GetCurrentProcess
ReadFile
MultiByteToWideChar
SetLastError
GetFileSize
CloseHandle
CreateFileA
LoadLibraryA
GetProcAddress
FreeLibrary
GetDateFormatA
GetLastError
WideCharToMultiByte
SetEndOfFile
EnterCriticalSection
GetProcessHeap
HeapAlloc
LeaveCriticalSection
HeapFree
GetCurrentThreadId
InitializeCriticalSection
DeleteCriticalSection

user32

CharNextA
IsCharAlphaNumericA
CharPrevA

advapi32

RegSetValueExA
RegDeleteValueA
RegQueryInfoKeyA
RegDeleteKeyA
RegEnumValueA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegCreateKeyExA

msvcrt

memmove
_mbschr
atoi
malloc
free
_mbsnicmp
__dllonexit
_onexit
_initterm
_adjust_fdiv
atol
_mbsrchr
__CxxFrameHandler
wcslen
_mbsnbicmp
_vsnprintf
srand
time
rand
_mbsnbcmp
??3@YAXPAX@Z

Exports

Exports

AhnInst2_AddUpdateProduct
AhnInst2_ConcealSerial
AhnInst2_DeleteUserInfo
AhnInst2_DeleteUserInfoEx
AhnInst2_EnDeSecData
AhnInst2_GetDaysLeft
AhnInst2_GetInstallVersion
AhnInst2_GetLastError
AhnInst2_GetSecProfileInt
AhnInst2_GetSecProfileString
AhnInst2_GetTDaysLeft
AhnInst2_GetTValidDuration
AhnInst2_GetUserInfo
AhnInst2_GetUserInfoEx
AhnInst2_GetUserInfoExBin
AhnInst2_GetUserInfoExBin2
AhnInst2_InvalidSerialNum
AhnInst2_IsT
AhnInst2_IsTOver
AhnInst2_OpUserInfo
AhnInst2_RebuildSerial
AhnInst2_RemoveUpdateProduct
AhnInst2_SecFree
AhnInst2_SecMalloc
AhnInst2_SetUserInfo
AhnInst2_SetUserInfoEx
AhnInst2_SetUserInfoExAny
AhnInst2_SetUserInfoExBin
AhnInst2_UpdateUserInfo
AhnInst2_WriteSecProfileInt
AhnInst2_WriteSecProfileString

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 872B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HShield/Update/ahnupctl.dll
.dll windows:4 windows x86 arch:x86

0aa2ae188aec8c192d9ba9f57bc1f677

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

59:97:db:af:dd:31:29:29:9b:e1:a5:eb:cc:6d:1e:33
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

29/09/2010, 00:00

Not After

29/10/2011, 23:59

Subject

CN=AhnLab\, Inc.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=AhnLab\, Inc.,L=Yeongdeungpo,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

28:65:42:d6:71:ae:c4:0e:0e:e4:62:5b:50:6d:d5:03:c8:ba:a8:78
Signer

Actual PE Digest

28:65:42:d6:71:ae:c4:0e:0e:e4:62:5b:50:6d:d5:03:c8:ba:a8:78

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetModuleFileNameA
lstrcatA
GetWindowsDirectoryA
GetDriveTypeA
GetCurrentProcess
GetProcAddress
lstrcmpA
GetSystemDirectoryA
GetModuleHandleA
SetFileAttributesA
CreateFileA
FreeLibrary
lstrlenA
lstrcpynA
lstrcpyA
GetVersionExA
GetLocaleInfoW
SetEnvironmentVariableA
CompareStringW
GetUserDefaultLangID
GetDateFormatA
SetLastError
GetTimeFormatA
HeapFree
HeapAlloc
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetLastError
DeleteFileA
MoveFileA
GetFileAttributesA
GetCommandLineA
GetVersion
RtlUnwind
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
FatalAppExitA
GetCPInfo
GetACP
GetOEMCP
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
TerminateProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
GetCurrentThread
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WriteFile
HeapSize
SetFilePointer
InterlockedDecrement
InterlockedIncrement
GetStringTypeA
GetStringTypeW
Sleep
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
SetStdHandle
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
SetConsoleCtrlHandler
ReadFile
FlushFileBuffers
CloseHandle
CompareStringA
SetEndOfFile

user32

wsprintfA

advapi32

RegOpenKeyA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

Exports

Exports

AhnUpCtl_GetInfo
AhnUpCtl_GetInfo2
AhnUpCtl_GetInstalledAndNeighborsPdList
AhnUpCtl_GetInstalledPdCount
AhnUpCtl_GetInstalledPdList
AhnUpCtl_GetMainFile
AhnUpCtl_GetPPAuthInfo
AhnUpCtl_GetPd
AhnUpCtl_GetPdList
AhnUpCtl_GetSection
AhnUpCtl_GetSubPdList
AhnUpCtl_GetTList
AhnUpCtl_GetText
AhnUpCtl_GetType

Sections

.text
Size: 92KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HShield/Update/autoup.exe
.exe windows:4 windows x86 arch:x86

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

59:97:db:af:dd:31:29:29:9b:e1:a5:eb:cc:6d:1e:33
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

29/09/2010, 00:00

Not After

29/10/2011, 23:59

Subject

CN=AhnLab\, Inc.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=AhnLab\, Inc.,L=Yeongdeungpo,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

9e:b7:0b:2e:89:00:ef:ba:76:bb:9e:c4:3d:f8:17:ad:5e:75:8b:98
Signer

Actual PE Digest

9e:b7:0b:2e:89:00:ef:ba:76:bb:9e:c4:3d:f8:17:ad:5e:75:8b:98

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 464KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 204KB - Virtual size: 204KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 38KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

SUSdHelper_BrocastWindowCopyData
SUSdHelper_BrocastWindowCopyDataInSession
SUSdHelper_BrocastWindowMessage
SUSdHelper_BrocastWindowMessageInSession
SUSdHelper_ChangeSchedule
SUSdHelper_CreateProcess
SUSdHelper_CreateProcessInSession
SUSdHelper_EnabledSessionFeature
SUSdHelper_EnumSessionId
SUSdHelper_Exit
SUSdHelper_Init
SUSdHelper_IsTerminalServicesEnabled

Sections

.text
Size: 372KB - Virtual size: 370KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 184KB - Virtual size: 189KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
HShield/Update/patch/39/ahn.ui
HShield/Update/patch/39/hshield.da-
.bz2
hshield.da-
HShield/Update/supdate.log
HShield/Update/user.dat
HShield/Update/v3bz32.dll
.dll windows:4 windows x86 arch:x86

18a7e7e93efbc40f1a84deb884e477f7

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:1f:15:c8:b8:92:25:b9:bb:ff:e9:23:24:1a:6a:c4
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

06/10/2009, 00:00

Not After

06/10/2010, 23:59

Subject

CN=AhnLab\, Inc.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=AhnLab\, Inc.,L=Yeongdeungpo-gu\ ,ST=SEOUL,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

74:e4:fc:50:2a:a9:fc:52:72:1a:d9:6d:8c:b3:e4:a3:ed:04:c9:86
Signer

Actual PE Digest

74:e4:fc:50:2a:a9:fc:52:72:1a:d9:6d:8c:b3:e4:a3:ed:04:c9:86

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

ungetc
_iob
fclose
fread
fopen
sprintf
strncpy
fwrite
free
exit
strncmp
strstr
signal
remove
fflush
strerror
_errno
fprintf
fgetc
perror
_stat
malloc
_pctype
__mb_cur_max
_isctype
getenv
_initterm
_adjust_fdiv
__dllonexit
_onexit
_isatty
_fileno
_setmode
_fdopen

Exports

Exports

Bz32Ex_FileCompress
Bz32Ex_FileCompressEx
Bz32Ex_FileExtract
Bz32Ex_FileExtractEx
Bz32Ex_IniExtract
Bz32Ex_IniExtractEx

Sections

.text
Size: 52KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 999B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HShield/Update/win/e/b/b_echo_sl/asc_com.dl-
.bz2
asc_com.dl-
.dll windows:4 windows x86 arch:x86

f78c8b1699433b545368201a890e8f57

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:1f:15:c8:b8:92:25:b9:bb:ff:e9:23:24:1a:6a:c4
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

06/10/2009, 00:00

Not After

06/10/2010, 23:59

Subject

CN=AhnLab\, Inc.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=AhnLab\, Inc.,L=Yeongdeungpo-gu\ ,ST=SEOUL,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

f3:30:16:0a:2b:c8:3c:89:f7:c5:ef:4b:1b:b1:b8:b0:ce:c1:61:d3
Signer

Actual PE Digest

f3:30:16:0a:2b:c8:3c:89:f7:c5:ef:4b:1b:b1:b8:b0:ce:c1:61:d3

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetFullPathNameA
GetFullPathNameW
GetLastError
CreateFileA
GetVersionExA
CloseHandle
ReadFile
WriteFile
SetFilePointer
GetFileSize
SetEndOfFile
GetFileType
DeleteFileA
MoveFileA
SetFileAttributesA
GetFileAttributesA
FindClose
FindFirstFileA
SetFileTime
GetCurrentDirectoryA
SetCurrentDirectoryA
GetCurrentThreadId
GetTempPathA
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
MultiByteToWideChar
WideCharToMultiByte
DisableThreadLibraryCalls

msvcrt

_iob
fopen
_vsnwprintf
_vsnprintf
fwrite
fflush
fprintf
fseek
sprintf
fclose
atoi
_ultoa
memset
_rotl
_rotr
wcscpy
wcsncpy
wcscat
wcsncat
wcscmp
wcsncmp
wcschr
wcsrchr
wcslen
wcsspn
wcspbrk
wcsstr
wcstoul
strcpy
strncpy
strcat
strncat
strcmp
strncmp
strchr
strrchr
strlen
strspn
strcspn
strpbrk
memcpy
memmove
memcmp
strstr
memchr
strtoul
malloc
free
_initterm
_adjust_fdiv
__dllonexit
_onexit
ftell
_wcsnicmp
_strnicmp
_stricmp

Exports

Exports

GetExPluginSpec
GetExportSpec
GetImPluginSpec
GetImportSpec
GetModuleId
GetModuleVersion
MMApplyUpdate
MMFinalize
MMFiniThread
MMGetDate
MMGetVersion
MMInitThread
MMInitialize
MMUpdateModules

Sections

.text
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HShield/Update/win/e/b/b_echo_sl/asc_dh.dl-
.bz2
asc_dh.dl-
.dll windows:4 windows x86 arch:x86

cb5d8e6d5cb075eeb8e5838726699142

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:1f:15:c8:b8:92:25:b9:bb:ff:e9:23:24:1a:6a:c4
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

06/10/2009, 00:00

Not After

06/10/2010, 23:59

Subject

CN=AhnLab\, Inc.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=AhnLab\, Inc.,L=Yeongdeungpo-gu\ ,ST=SEOUL,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

53:5e:8e:bc:74:a9:dc:ea:55:ff:7a:06:7c:bf:a2:66:1b:c4:b9:0c
Signer

Actual PE Digest

53:5e:8e:bc:74:a9:dc:ea:55:ff:7a:06:7c:bf:a2:66:1b:c4:b9:0c

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_adjust_fdiv
__dllonexit
_onexit
malloc
_initterm
free

kernel32

DisableThreadLibraryCalls

Exports

Exports

GetExPluginSpec
GetExportSpec
GetImPluginSpec
GetImportSpec
GetModuleId
GetModuleVersion
MMApplyUpdate
MMFinalize
MMFiniThread
MMGetDate
MMGetVersion
MMInitThread
MMInitialize
MMUpdateModules

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HShield/Update/win/e/b/b_echo_sl/asc_fse.dl-
.bz2
asc_fse.dl-
.dll windows:4 windows x86 arch:x86

cb5d8e6d5cb075eeb8e5838726699142

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:1f:15:c8:b8:92:25:b9:bb:ff:e9:23:24:1a:6a:c4
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

06/10/2009, 00:00

Not After

06/10/2010, 23:59

Subject

CN=AhnLab\, Inc.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=AhnLab\, Inc.,L=Yeongdeungpo-gu\ ,ST=SEOUL,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

3e:08:bd:66:30:49:ce:a1:4c:8b:fa:4d:90:93:63:cf:21:3a:95:10
Signer

Actual PE Digest

3e:08:bd:66:30:49:ce:a1:4c:8b:fa:4d:90:93:63:cf:21:3a:95:10

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_adjust_fdiv
__dllonexit
_onexit
malloc
_initterm
free

kernel32

DisableThreadLibraryCalls

Exports

Exports

GetExPluginSpec
GetExportSpec
GetImPluginSpec
GetImportSpec
GetModuleId
GetModuleVersion
MMApplyUpdate
MMFinalize
MMFiniThread
MMGetDate
MMGetVersion
MMInitThread
MMInitialize
MMUpdateModules

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 184B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 238B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HShield/Update/win/e/b/b_echo_sl/asc_intg.dl-
.bz2
asc_intg.dl-
.dll windows:4 windows x86 arch:x86

b5e0f5b4411a147e546ecdf14970f820

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:1f:15:c8:b8:92:25:b9:bb:ff:e9:23:24:1a:6a:c4
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

06/10/2009, 00:00

Not After

06/10/2010, 23:59

Subject

CN=AhnLab\, Inc.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=AhnLab\, Inc.,L=Yeongdeungpo-gu\ ,ST=SEOUL,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

dc:6f:12:e9:b9:5b:d0:a9:93:86:2f:8c:b2:ca:7d:c1:92:fc:03:72
Signer

Actual PE Digest

dc:6f:12:e9:b9:5b:d0:a9:93:86:2f:8c:b2:ca:7d:c1:92:fc:03:72

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetWindowsDirectoryA
GetSystemDirectoryA
DisableThreadLibraryCalls

msvcrt

free
_adjust_fdiv
__dllonexit
_onexit
malloc
_initterm

Exports

Exports

GetExPluginSpec
GetExportSpec
GetImPluginSpec
GetImportSpec
GetModuleId
GetModuleVersion
MMApplyUpdate
MMFinalize
MMFiniThread
MMGetDate
MMGetVersion
MMInitThread
MMInitialize
MMUpdateModules

Sections

.text
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HShield/Update/win/e/b/b_echo_sl/asc_mmgr.dl-
.bz2
asc_mmgr.dl-
.dll windows:4 windows x86 arch:x86

a1b8f0ae05a5a4bfbf206fb6898f7a7b

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:1f:15:c8:b8:92:25:b9:bb:ff:e9:23:24:1a:6a:c4
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

06/10/2009, 00:00

Not After

06/10/2010, 23:59

Subject

CN=AhnLab\, Inc.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=AhnLab\, Inc.,L=Yeongdeungpo-gu\ ,ST=SEOUL,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

fd:c4:dc:12:b7:73:0f:61:18:c8:b0:72:e1:44:37:52:ae:67:21:d6
Signer

Actual PE Digest

fd:c4:dc:12:b7:73:0f:61:18:c8:b0:72:e1:44:37:52:ae:67:21:d6

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentThreadId
GetTempPathA
MoveFileA
DeleteFileA
LoadLibraryA
FreeLibrary
GetProcAddress
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
MultiByteToWideChar
WideCharToMultiByte
GetFullPathNameA
GetFullPathNameW
GetLastError
CreateFileA
GetVersionExA
CloseHandle
ReadFile
WriteFile
SetFilePointer
GetFileSize
SetEndOfFile
GetFileType
SetFileAttributesA
GetFileAttributesA
FindClose
FindFirstFileA
SetFileTime
GetCurrentDirectoryA
SetCurrentDirectoryA
DisableThreadLibraryCalls

msvcrt

fwrite
fflush
fprintf
fseek
sprintf
fopen
fclose
ftell
strcpy
strncpy
strcat
strncat
strcmp
strncmp
strchr
strrchr
strlen
strspn
strcspn
strpbrk
memset
memcpy
memmove
memcmp
strstr
memchr
strtoul
malloc
free
_rotl
_rotr
_vsnprintf
wcscpy
wcsncpy
wcscat
wcsncat
wcscmp
wcsncmp
wcschr
wcsrchr
wcslen
wcsspn
wcspbrk
wcsstr
wcstoul
_initterm
_adjust_fdiv
__dllonexit
_onexit
_iob
_strnicmp
_stricmp
_wcsnicmp

Exports

Exports

GetExPluginSpec
GetExportSpec
GetImPluginSpec
GetImportSpec
GetModuleId
GetModuleVersion
MMApplyUpdate
MMFinalize
MMFiniThread
MMGetDate
MMGetVersion
MMInitThread
MMInitialize
MMUpdateModules

Sections

.text
Size: 76KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HShield/Update/win/e/b/b_echo_sl/asc_unp.dl-
.bz2
HShield/Update/win/e/b/b_echo_sl/fse_base.dl-
.bz2
HShield/Update/win/e/b/b_echo_sl/fse_fact.dl-
.bz2
HShield/Update/win/e/b/b_echo_sl/fse_pe.dl-
.bz2
HShield/Update/win/e/b/b_echo_sl/gfs_base.dl-
.bz2
HShield/Update/win/e/b/b_echo_sl/gfs_fact.dl-
.bz2
HShield/Update/win/e/b/b_echo_sl/gfs_file.dl-
.bz2
HShield/Update/win/e/b/b_echo_sl/gfs_mem.dl-
.bz2
HShield/Update/win/e/b/b_echo_sl/gfs_os.dl-
.bz2
HShield/Update/win/e/b/b_echo_sl/gfs_proc.dl-
.bz2
HShield/Update/win/e/b/b_echo_sl/gfs_util.dl-
.bz2
HShield/Update/win/e/b/b_sign_hs/0asc.sc-
.bz2
HShield/Update/win/e/b/b_sign_hs/0sccure.sc-
.bz2
HShield/Update/win/e/b/b_sign_hs/0sgame.sc-
.bz2
HShield/Update/win/e/b/b_sign_hs/0spe3f.sc-
.bz2
HShield/Update/win/e/b/b_sign_hs/moduler.sc-
.bz2
HShield/Update/win/e/b/b_sign_hs/option.sc-
.bz2
HShield/ahnrpt.ini
HShield/asc/0asc.scd
HShield/asc/0sccure.scd
HShield/asc/0sgame.scd
HShield/asc/0spe3f.scd
HShield/asc/asc_com.dll
.dll windows:4 windows x86 arch:x86

f78c8b1699433b545368201a890e8f57

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:1f:15:c8:b8:92:25:b9:bb:ff:e9:23:24:1a:6a:c4
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

06/10/2009, 00:00

Not After

06/10/2010, 23:59

Subject

CN=AhnLab\, Inc.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=AhnLab\, Inc.,L=Yeongdeungpo-gu\ ,ST=SEOUL,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

f3:30:16:0a:2b:c8:3c:89:f7:c5:ef:4b:1b:b1:b8:b0:ce:c1:61:d3
Signer

Actual PE Digest

f3:30:16:0a:2b:c8:3c:89:f7:c5:ef:4b:1b:b1:b8:b0:ce:c1:61:d3

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetFullPathNameA
GetFullPathNameW
GetLastError
CreateFileA
GetVersionExA
CloseHandle
ReadFile
WriteFile
SetFilePointer
GetFileSize
SetEndOfFile
GetFileType
DeleteFileA
MoveFileA
SetFileAttributesA
GetFileAttributesA
FindClose
FindFirstFileA
SetFileTime
GetCurrentDirectoryA
SetCurrentDirectoryA
GetCurrentThreadId
GetTempPathA
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
MultiByteToWideChar
WideCharToMultiByte
DisableThreadLibraryCalls

msvcrt

_iob
fopen
_vsnwprintf
_vsnprintf
fwrite
fflush
fprintf
fseek
sprintf
fclose
atoi
_ultoa
memset
_rotl
_rotr
wcscpy
wcsncpy
wcscat
wcsncat
wcscmp
wcsncmp
wcschr
wcsrchr
wcslen
wcsspn
wcspbrk
wcsstr
wcstoul
strcpy
strncpy
strcat
strncat
strcmp
strncmp
strchr
strrchr
strlen
strspn
strcspn
strpbrk
memcpy
memmove
memcmp
strstr
memchr
strtoul
malloc
free
_initterm
_adjust_fdiv
__dllonexit
_onexit
ftell
_wcsnicmp
_strnicmp
_stricmp

Exports

Exports

GetExPluginSpec
GetExportSpec
GetImPluginSpec
GetImportSpec
GetModuleId
GetModuleVersion
MMApplyUpdate
MMFinalize
MMFiniThread
MMGetDate
MMGetVersion
MMInitThread
MMInitialize
MMUpdateModules

Sections

.text
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HShield/asc/asc_dh.dll
.dll windows:4 windows x86 arch:x86

cb5d8e6d5cb075eeb8e5838726699142

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:1f:15:c8:b8:92:25:b9:bb:ff:e9:23:24:1a:6a:c4
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

06/10/2009, 00:00

Not After

06/10/2010, 23:59

Subject

CN=AhnLab\, Inc.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=AhnLab\, Inc.,L=Yeongdeungpo-gu\ ,ST=SEOUL,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

53:5e:8e:bc:74:a9:dc:ea:55:ff:7a:06:7c:bf:a2:66:1b:c4:b9:0c
Signer

Actual PE Digest

53:5e:8e:bc:74:a9:dc:ea:55:ff:7a:06:7c:bf:a2:66:1b:c4:b9:0c

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_adjust_fdiv
__dllonexit
_onexit
malloc
_initterm
free

kernel32

DisableThreadLibraryCalls

Exports

Exports

GetExPluginSpec
GetExportSpec
GetImPluginSpec
GetImportSpec
GetModuleId
GetModuleVersion
MMApplyUpdate
MMFinalize
MMFiniThread
MMGetDate
MMGetVersion
MMInitThread
MMInitialize
MMUpdateModules

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HShield/asc/asc_fse.dll
.dll windows:4 windows x86 arch:x86

cb5d8e6d5cb075eeb8e5838726699142

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:1f:15:c8:b8:92:25:b9:bb:ff:e9:23:24:1a:6a:c4
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

06/10/2009, 00:00

Not After

06/10/2010, 23:59

Subject

CN=AhnLab\, Inc.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=AhnLab\, Inc.,L=Yeongdeungpo-gu\ ,ST=SEOUL,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

3e:08:bd:66:30:49:ce:a1:4c:8b:fa:4d:90:93:63:cf:21:3a:95:10
Signer

Actual PE Digest

3e:08:bd:66:30:49:ce:a1:4c:8b:fa:4d:90:93:63:cf:21:3a:95:10

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_adjust_fdiv
__dllonexit
_onexit
malloc
_initterm
free

kernel32

DisableThreadLibraryCalls

Exports

Exports

GetExPluginSpec
GetExportSpec
GetImPluginSpec
GetImportSpec
GetModuleId
GetModuleVersion
MMApplyUpdate
MMFinalize
MMFiniThread
MMGetDate
MMGetVersion
MMInitThread
MMInitialize
MMUpdateModules

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 184B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 238B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HShield/asc/asc_intg.dll
.dll windows:4 windows x86 arch:x86

b5e0f5b4411a147e546ecdf14970f820

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:1f:15:c8:b8:92:25:b9:bb:ff:e9:23:24:1a:6a:c4
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

06/10/2009, 00:00

Not After

06/10/2010, 23:59

Subject

CN=AhnLab\, Inc.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=AhnLab\, Inc.,L=Yeongdeungpo-gu\ ,ST=SEOUL,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

dc:6f:12:e9:b9:5b:d0:a9:93:86:2f:8c:b2:ca:7d:c1:92:fc:03:72
Signer

Actual PE Digest

dc:6f:12:e9:b9:5b:d0:a9:93:86:2f:8c:b2:ca:7d:c1:92:fc:03:72

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetWindowsDirectoryA
GetSystemDirectoryA
DisableThreadLibraryCalls

msvcrt

free
_adjust_fdiv
__dllonexit
_onexit
malloc
_initterm

Exports

Exports

GetExPluginSpec
GetExportSpec
GetImPluginSpec
GetImportSpec
GetModuleId
GetModuleVersion
MMApplyUpdate
MMFinalize
MMFiniThread
MMGetDate
MMGetVersion
MMInitThread
MMInitialize
MMUpdateModules

Sections

.text
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HShield/asc/asc_mmgr.dll
.dll windows:4 windows x86 arch:x86

a1b8f0ae05a5a4bfbf206fb6898f7a7b

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:1f:15:c8:b8:92:25:b9:bb:ff:e9:23:24:1a:6a:c4
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

06/10/2009, 00:00

Not After

06/10/2010, 23:59

Subject

CN=AhnLab\, Inc.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=AhnLab\, Inc.,L=Yeongdeungpo-gu\ ,ST=SEOUL,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

fd:c4:dc:12:b7:73:0f:61:18:c8:b0:72:e1:44:37:52:ae:67:21:d6
Signer

Actual PE Digest

fd:c4:dc:12:b7:73:0f:61:18:c8:b0:72:e1:44:37:52:ae:67:21:d6

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentThreadId
GetTempPathA
MoveFileA
DeleteFileA
LoadLibraryA
FreeLibrary
GetProcAddress
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
MultiByteToWideChar
WideCharToMultiByte
GetFullPathNameA
GetFullPathNameW
GetLastError
CreateFileA
GetVersionExA
CloseHandle
ReadFile
WriteFile
SetFilePointer
GetFileSize
SetEndOfFile
GetFileType
SetFileAttributesA
GetFileAttributesA
FindClose
FindFirstFileA
SetFileTime
GetCurrentDirectoryA
SetCurrentDirectoryA
DisableThreadLibraryCalls

msvcrt

fwrite
fflush
fprintf
fseek
sprintf
fopen
fclose
ftell
strcpy
strncpy
strcat
strncat
strcmp
strncmp
strchr
strrchr
strlen
strspn
strcspn
strpbrk
memset
memcpy
memmove
memcmp
strstr
memchr
strtoul
malloc
free
_rotl
_rotr
_vsnprintf
wcscpy
wcsncpy
wcscat
wcsncat
wcscmp
wcsncmp
wcschr
wcsrchr
wcslen
wcsspn
wcspbrk
wcsstr
wcstoul
_initterm
_adjust_fdiv
__dllonexit
_onexit
_iob
_strnicmp
_stricmp
_wcsnicmp

Exports

Exports

GetExPluginSpec
GetExportSpec
GetImPluginSpec
GetImportSpec
GetModuleId
GetModuleVersion
MMApplyUpdate
MMFinalize
MMFiniThread
MMGetDate
MMGetVersion
MMInitThread
MMInitialize
MMUpdateModules

Sections

.text
Size: 76KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HShield/asc/asc_unp.dll
.dll windows:4 windows x86 arch:x86

cb5d8e6d5cb075eeb8e5838726699142

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:1f:15:c8:b8:92:25:b9:bb:ff:e9:23:24:1a:6a:c4
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

06/10/2009, 00:00

Not After

06/10/2010, 23:59

Subject

CN=AhnLab\, Inc.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=AhnLab\, Inc.,L=Yeongdeungpo-gu\ ,ST=SEOUL,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

b8:94:71:06:ca:10:a1:5d:bd:d6:9e:25:8a:43:bd:c1:66:55:f0:b5
Signer

Actual PE Digest

b8:94:71:06:ca:10:a1:5d:bd:d6:9e:25:8a:43:bd:c1:66:55:f0:b5

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_adjust_fdiv
__dllonexit
_onexit
malloc
_initterm
free

kernel32

DisableThreadLibraryCalls

Exports

Exports

GetExPluginSpec
GetExportSpec
GetImPluginSpec
GetImportSpec
GetModuleId
GetModuleVersion
MMApplyUpdate
MMFinalize
MMFiniThread
MMGetDate
MMGetVersion
MMInitThread
MMInitialize
MMUpdateModules

Sections

.text
Size: 284KB - Virtual size: 281KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HShield/asc/fse_base.dll
.dll windows:4 windows x86 arch:x86

cb5d8e6d5cb075eeb8e5838726699142

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:1f:15:c8:b8:92:25:b9:bb:ff:e9:23:24:1a:6a:c4
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

06/10/2009, 00:00

Not After

06/10/2010, 23:59

Subject

CN=AhnLab\, Inc.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=AhnLab\, Inc.,L=Yeongdeungpo-gu\ ,ST=SEOUL,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

49:e7:62:c3:fb:dc:c0:f2:b5:66:cd:cc:48:68:55:5e:c5:e3:35:4c
Signer

Actual PE Digest

49:e7:62:c3:fb:dc:c0:f2:b5:66:cd:cc:48:68:55:5e:c5:e3:35:4c

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_adjust_fdiv
__dllonexit
_onexit
malloc
_initterm
free

kernel32

DisableThreadLibraryCalls

Exports

Exports

GetExPluginSpec
GetExportSpec
GetImPluginSpec
GetImportSpec
GetModuleId
GetModuleVersion
MMApplyUpdate
MMFinalize
MMFiniThread
MMGetDate
MMGetVersion
MMInitThread
MMInitialize
MMUpdateModules

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 264B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 490B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HShield/asc/fse_fact.dll
.dll windows:4 windows x86 arch:x86

cb5d8e6d5cb075eeb8e5838726699142

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:1f:15:c8:b8:92:25:b9:bb:ff:e9:23:24:1a:6a:c4
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

06/10/2009, 00:00

Not After

06/10/2010, 23:59

Subject

CN=AhnLab\, Inc.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=AhnLab\, Inc.,L=Yeongdeungpo-gu\ ,ST=SEOUL,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

03:9a:ec:59:43:ed:0b:3c:45:86:74:b7:1f:1e:0d:8a:ba:3c:69:46
Signer

Actual PE Digest

03:9a:ec:59:43:ed:0b:3c:45:86:74:b7:1f:1e:0d:8a:ba:3c:69:46

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_adjust_fdiv
__dllonexit
_onexit
malloc
_initterm
free

kernel32

DisableThreadLibraryCalls

Exports

Exports

GetExPluginSpec
GetExportSpec
GetImPluginSpec
GetImportSpec
GetModuleId
GetModuleVersion
MMApplyUpdate
MMFinalize
MMFiniThread
MMGetDate
MMGetVersion
MMInitThread
MMInitialize
MMUpdateModules

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 284B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 440B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HShield/asc/fse_pe.dll
.dll windows:4 windows x86 arch:x86

cb5d8e6d5cb075eeb8e5838726699142

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:1f:15:c8:b8:92:25:b9:bb:ff:e9:23:24:1a:6a:c4
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

06/10/2009, 00:00

Not After

06/10/2010, 23:59

Subject

CN=AhnLab\, Inc.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=AhnLab\, Inc.,L=Yeongdeungpo-gu\ ,ST=SEOUL,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

e0:87:e8:4a:11:5f:c3:a4:4b:d6:d5:5e:9a:cf:e0:22:d3:db:c5:bd
Signer

Actual PE Digest

e0:87:e8:4a:11:5f:c3:a4:4b:d6:d5:5e:9a:cf:e0:22:d3:db:c5:bd

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_adjust_fdiv
__dllonexit
_onexit
malloc
_initterm
free

kernel32

DisableThreadLibraryCalls

Exports

Exports

GetExPluginSpec
GetExportSpec
GetImPluginSpec
GetImportSpec
GetModuleId
GetModuleVersion
MMApplyUpdate
MMFinalize
MMFiniThread
MMGetDate
MMGetVersion
MMInitThread
MMInitialize
MMUpdateModules

Sections

.text
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HShield/asc/gfs_base.dll
.dll windows:4 windows x86 arch:x86

cb5d8e6d5cb075eeb8e5838726699142

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:1f:15:c8:b8:92:25:b9:bb:ff:e9:23:24:1a:6a:c4
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

06/10/2009, 00:00

Not After

06/10/2010, 23:59

Subject

CN=AhnLab\, Inc.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=AhnLab\, Inc.,L=Yeongdeungpo-gu\ ,ST=SEOUL,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

ca:f5:c2:f4:81:93:89:82:63:c1:a0:4c:5f:c9:0c:74:54:e9:14:d6
Signer

Actual PE Digest

ca:f5:c2:f4:81:93:89:82:63:c1:a0:4c:5f:c9:0c:74:54:e9:14:d6

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_adjust_fdiv
__dllonexit
_onexit
malloc
_initterm
free

kernel32

DisableThreadLibraryCalls

Exports

Exports

GetExPluginSpec
GetExportSpec
GetImPluginSpec
GetImportSpec
GetModuleId
GetModuleVersion
MMApplyUpdate
MMFinalize
MMFiniThread
MMGetDate
MMGetVersion
MMInitThread
MMInitialize
MMUpdateModules

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 164B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 354B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HShield/asc/gfs_fact.dll
.dll windows:4 windows x86 arch:x86

cb5d8e6d5cb075eeb8e5838726699142

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:1f:15:c8:b8:92:25:b9:bb:ff:e9:23:24:1a:6a:c4
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

06/10/2009, 00:00

Not After

06/10/2010, 23:59

Subject

CN=AhnLab\, Inc.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=AhnLab\, Inc.,L=Yeongdeungpo-gu\ ,ST=SEOUL,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

35:e2:7a:ed:27:53:5c:b5:eb:11:a7:ce:69:d0:62:b6:12:45:f8:b2
Signer

Actual PE Digest

35:e2:7a:ed:27:53:5c:b5:eb:11:a7:ce:69:d0:62:b6:12:45:f8:b2

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_adjust_fdiv
__dllonexit
_onexit
malloc
_initterm
free

kernel32

DisableThreadLibraryCalls

Exports

Exports

GetExPluginSpec
GetExportSpec
GetImPluginSpec
GetImportSpec
GetModuleId
GetModuleVersion
MMApplyUpdate
MMFinalize
MMFiniThread
MMGetDate
MMGetVersion
MMInitThread
MMInitialize
MMUpdateModules

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 208B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 278B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HShield/asc/gfs_file.dll
.dll windows:4 windows x86 arch:x86

cb5d8e6d5cb075eeb8e5838726699142

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:1f:15:c8:b8:92:25:b9:bb:ff:e9:23:24:1a:6a:c4
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

06/10/2009, 00:00

Not After

06/10/2010, 23:59

Subject

CN=AhnLab\, Inc.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=AhnLab\, Inc.,L=Yeongdeungpo-gu\ ,ST=SEOUL,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:dc:f8:b4:9a:21:04:98:36:04:26:8c:a5:b6:af:8b:a5:a8:bf:2f
Signer

Actual PE Digest

05:dc:f8:b4:9a:21:04:98:36:04:26:8c:a5:b6:af:8b:a5:a8:bf:2f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_adjust_fdiv
__dllonexit
_onexit
malloc
_initterm
free

kernel32

DisableThreadLibraryCalls

Exports

Exports

GetExPluginSpec
GetExportSpec
GetImPluginSpec
GetImportSpec
GetModuleId
GetModuleVersion
MMApplyUpdate
MMFinalize
MMFiniThread
MMGetDate
MMGetVersion
MMInitThread
MMInitialize
MMUpdateModules

Sections

.text
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 476B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 712B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HShield/asc/gfs_mem.dll
.dll windows:4 windows x86 arch:x86

cb5d8e6d5cb075eeb8e5838726699142

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:1f:15:c8:b8:92:25:b9:bb:ff:e9:23:24:1a:6a:c4
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

06/10/2009, 00:00

Not After

06/10/2010, 23:59

Subject

CN=AhnLab\, Inc.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=AhnLab\, Inc.,L=Yeongdeungpo-gu\ ,ST=SEOUL,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

af:ab:71:b2:81:34:10:88:1e:3c:b2:41:66:e4:f5:f3:2f:9c:ab:96
Signer

Actual PE Digest

af:ab:71:b2:81:34:10:88:1e:3c:b2:41:66:e4:f5:f3:2f:9c:ab:96

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_adjust_fdiv
__dllonexit
_onexit
malloc
_initterm
free

kernel32

DisableThreadLibraryCalls

Exports

Exports

GetExPluginSpec
GetExportSpec
GetImPluginSpec
GetImportSpec
GetModuleId
GetModuleVersion
MMApplyUpdate
MMFinalize
MMFiniThread
MMGetDate
MMGetVersion
MMInitThread
MMInitialize
MMUpdateModules

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 372B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 466B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HShield/asc/gfs_os.dll
.dll windows:4 windows x86 arch:x86

dbbb50b7b721edff6799c133c95c2e3b

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:1f:15:c8:b8:92:25:b9:bb:ff:e9:23:24:1a:6a:c4
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

06/10/2009, 00:00

Not After

06/10/2010, 23:59

Subject

CN=AhnLab\, Inc.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=AhnLab\, Inc.,L=Yeongdeungpo-gu\ ,ST=SEOUL,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

9e:7a:94:4a:3d:5e:da:d9:8f:cd:da:4f:d2:71:47:d2:88:08:a4:b3
Signer

Actual PE Digest

9e:7a:94:4a:3d:5e:da:d9:8f:cd:da:4f:d2:71:47:d2:88:08:a4:b3

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FindFirstFileA
FindClose
GetLastError
FindNextFileA
CreateDirectoryA
RemoveDirectoryA
GetCurrentDirectoryA
DisableThreadLibraryCalls

msvcrt

_initterm
malloc
_adjust_fdiv
__dllonexit
_onexit
_tempnam
free

Exports

Exports

GetExPluginSpec
GetExportSpec
GetImPluginSpec
GetImportSpec
GetModuleId
GetModuleVersion
MMApplyUpdate
MMFinalize
MMFiniThread
MMGetDate
MMGetVersion
MMInitThread
MMInitialize
MMUpdateModules

Sections

.text
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 452B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 796B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HShield/asc/gfs_proc.dll
.dll windows:4 windows x86 arch:x86

d68e5b4a4692f3ff26bef4b34e9364b3

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:1f:15:c8:b8:92:25:b9:bb:ff:e9:23:24:1a:6a:c4
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

06/10/2009, 00:00

Not After

06/10/2010, 23:59

Subject

CN=AhnLab\, Inc.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=AhnLab\, Inc.,L=Yeongdeungpo-gu\ ,ST=SEOUL,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

c1:d2:e9:4c:7d:c0:fc:e1:cb:c8:33:7b:97:70:70:e4:d3:c7:ca:83
Signer

Actual PE Digest

c1:d2:e9:4c:7d:c0:fc:e1:cb:c8:33:7b:97:70:70:e4:d3:c7:ca:83

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetLastError
OpenProcess
LocalFree
FormatMessageA
CloseHandle
ReadProcessMemory
WriteProcessMemory
DisableThreadLibraryCalls

msvcrt

_initterm
_adjust_fdiv
__dllonexit
_onexit
free
malloc

Exports

Exports

GetExPluginSpec
GetExportSpec
GetImPluginSpec
GetImportSpec
GetModuleId
GetModuleVersion
MMApplyUpdate
MMFinalize
MMFiniThread
MMGetDate
MMGetVersion
MMInitThread
MMInitialize
MMUpdateModules

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 224B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 374B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HShield/asc/gfs_util.dll
.dll windows:4 windows x86 arch:x86

cb5d8e6d5cb075eeb8e5838726699142

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:1f:15:c8:b8:92:25:b9:bb:ff:e9:23:24:1a:6a:c4
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

06/10/2009, 00:00

Not After

06/10/2010, 23:59

Subject

CN=AhnLab\, Inc.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=AhnLab\, Inc.,L=Yeongdeungpo-gu\ ,ST=SEOUL,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

b9:5a:f0:09:0e:69:d7:a1:90:76:a7:1e:49:dd:e5:d8:0b:e9:8f:03
Signer

Actual PE Digest

b9:5a:f0:09:0e:69:d7:a1:90:76:a7:1e:49:dd:e5:d8:0b:e9:8f:03

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_adjust_fdiv
__dllonexit
_onexit
malloc
_initterm
free

kernel32

DisableThreadLibraryCalls

Exports

Exports

GetExPluginSpec
GetExportSpec
GetImPluginSpec
GetImportSpec
GetModuleId
GetModuleVersion
MMApplyUpdate
MMFinalize
MMFiniThread
MMGetDate
MMGetVersion
MMInitThread
MMInitialize
MMUpdateModules

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 432B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 612B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HShield/asc/moduler.scd
HShield/asc/option.scd
HShield/hshield.dat
HShield/hshield.log
HShield/v3pro32s.dll
.dll windows:4 windows x86 arch:x86

f6212c14d2f4bf17609a97c72a08d24f

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:1f:15:c8:b8:92:25:b9:bb:ff:e9:23:24:1a:6a:c4
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

06/10/2009, 00:00

Not After

06/10/2010, 23:59

Subject

CN=AhnLab\, Inc.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=AhnLab\, Inc.,L=Yeongdeungpo-gu\ ,ST=SEOUL,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

ec:b7:db:34:20:c3:c0:4d:fd:a0:6a:bf:b5:ab:d0:c8:f8:32:b1:1d
Signer

Actual PE Digest

ec:b7:db:34:20:c3:c0:4d:fd:a0:6a:bf:b5:ab:d0:c8:f8:32:b1:1d

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FindClose
FindNextFileA
FindFirstFileA
GetTempPathA
CloseHandle
FlushFileBuffers
WriteFile
ReadFile
CreateFileA
SetEnvironmentVariableA
GetEnvironmentVariableA
GetLastError
CopyFileA
GetCurrentProcess
GetCurrentThread
GetVersion
GetVersionExA
MoveFileA
InitializeCriticalSection
DeleteCriticalSection
GetCurrentProcessId
LeaveCriticalSection
LoadLibraryA
FreeLibrary
GetProcAddress
GetFullPathNameA
GetFullPathNameW
SetFilePointer
GetFileSize
SetEndOfFile
GetFileType
GetFileAttributesA
SetFileTime
GetCurrentDirectoryA
SetCurrentDirectoryA
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
GetCurrentThreadId
MultiByteToWideChar
WideCharToMultiByte
GetModuleFileNameA
DeleteFileA
SetFileAttributesA
EnterCriticalSection

advapi32

OpenProcessToken
OpenThreadToken
GetTokenInformation
AllocateAndInitializeSid
EqualSid
FreeSid

msvcrt

sprintf
toupper
strrchr
malloc
free
strtoul
localtime
time
fclose
fwrite
fflush
fprintf
fseek
fopen
_iob
ftell
strncpy
strncat
strncmp
strchr
strspn
strcspn
strpbrk
memmove
strstr
memchr
wcscpy
wcsncpy
wcscat
wcsncat
wcscmp
wcsncmp
wcschr
wcsrchr
wcslen
wcsspn
wcspbrk
wcsstr
wcstoul
_vsnprintf
_initterm
_adjust_fdiv
__dllonexit
_onexit
_strnicmp
_stricmp
_wcsnicmp

Exports

Exports

AhnBootInformation
AhnCheckBootSector
AhnCheckDefaultExtensions
AhnCheckFile
AhnCheckMemory
AhnCheckProcess
AhnGetBootRepairStatus
AhnGetDefaultExtensions
AhnGetEngineDate
AhnGetEngineDateString
AhnGetEngineDateValue
AhnGetExtRepairStatus
AhnGetRepairStatus
AhnGetVersion
AhnGetVirusFileCureData
AhnGetVirusName
AhnGetVirusName32
AhnGetVirusNameStr
AhnGetVirusNameStr32
AhnInitVaccineEngine
AhnRepairBootSector
AhnRepairFile
AhnRepairMemory
AhnSetDefaultOption
AhnSetExtensions
PV3CALGetInfoAddr
V3CALGetInfo
V3CALGetShowInfo
V3CALGetTotalInfoCount
_AhnGetFileEntry

Sections

.text
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
LICENSE.TXT
MODULES/NPakRecovery.exe
.exe windows:5 windows x86 arch:x86

4fde01e5612a01e1fbc6c8168458dc85

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

02:96:3c:31:4e:e0:8a:0c:f5:43:01:05:16:df:aa:68
Certificate

Issuer

CN=Thawte Code Signing CA - G2,O=Thawte\, Inc.,C=US

Not Before

18/02/2011, 00:00

Not After

18/04/2013, 23:59

Subject

CN=NtreevSoft Co.\,Ltd,O=NtreevSoft Co.\,Ltd,L=geumcheongu,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

47:97:4d:78:73:a5:bc:ab:0d:2f:b3:70:19:2f:ce:5e
Certificate

Issuer

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=Thawte Code Signing CA - G2,O=Thawte\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

2b:0a:04:20:5f:23:eb:a5:cd:fd:ef:97:22:23:07:50:20:4a:35:66
Signer

Actual PE Digest

2b:0a:04:20:5f:23:eb:a5:cd:fd:ef:97:22:23:07:50:20:4a:35:66

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\PC0572\Desktop\Recovery 2010\garbage\NPakRecovery\Release\NPakRecovery.pdb

Imports

kernel32

IsValidLocale
EnumSystemLocalesA
MoveFileA
lstrcpyA
DeleteFileA
OpenFileMappingA
GetDiskFreeSpaceExW
GetLocaleInfoA
OpenFileMappingW
GetModuleFileNameA
WriteConsoleW
SetCurrentDirectoryW
CreateFileMappingW
CreateFileMappingA
GetLocalTime
SetFileAttributesA
CopyFileA
FindFirstFileA
CreateProcessA
GetExitCodeProcess
GetFileAttributesA
CreateDirectoryW
CreateProcessW
UnmapViewOfFile
MapViewOfFile
CreateFileA
GetProcessHeap
SetEnvironmentVariableA
RemoveDirectoryW
GetConsoleMode
GetConsoleCP
LCMapStringW
GetTimeZoneInformation
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
IsProcessorFeaturePresent
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
QueryPerformanceCounter
HeapCreate
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStdHandle
SetUnhandledExceptionFilter
GetFileType
SetStdHandle
VirtualQuery
GetSystemInfo
VirtualAlloc
GetSystemTimeAsFileTime
HeapSize
HeapQueryInformation
HeapReAlloc
RaiseException
ExitProcess
RtlUnwind
ExitThread
HeapFree
HeapAlloc
DecodePointer
EncodePointer
GetStartupInfoW
HeapSetInformation
GetCommandLineW
FindResourceExW
GetUserDefaultLCID
VirtualProtect
SearchPathW
GetProfileIntW
InitializeCriticalSectionAndSpinCount
GetNumberFormatW
GetWindowsDirectoryW
GetTickCount
GetTempPathW
GetTempFileNameW
GetFileTime
GetFileSizeEx
GetFileAttributesW
SetFileTime
FileTimeToLocalFileTime
SetFileAttributesW
GetFileAttributesExW
SetErrorMode
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
MoveFileW
CreateFileW
lstrcmpiW
SystemTimeToFileTime
FileTimeToSystemTime
GlobalGetAtomNameW
lstrlenA
GetThreadLocale
GetSystemDirectoryW
DeleteFileW
InterlockedIncrement
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GlobalFlags
GlobalFindAtomW
GetVersionExW
CompareStringW
InterlockedDecrement
ReleaseActCtx
CreateActCtxW
GlobalAddAtomW
ResumeThread
SetThreadPriority
CopyFileW
GlobalSize
FormatMessageW
LocalFree
GetCurrentProcessId
GlobalUnlock
GetPrivateProfileStringW
lstrlenW
WritePrivateProfileStringW
GetPrivateProfileIntW
FreeResource
GlobalFree
lstrcmpA
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
GetModuleFileNameW
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoW
LoadLibraryExW
ActivateActCtx
LoadLibraryW
DeactivateActCtx
SetLastError
MultiByteToWideChar
WideCharToMultiByte
GlobalLock
lstrcmpW
GlobalAlloc
GetModuleHandleW
GetProcAddress
InterlockedExchange
FreeLibrary
lstrcpyW
MulDiv
CreateThread
CloseHandle
WaitForSingleObject
GetLastError
Sleep
InitializeCriticalSection
GetCurrentDirectoryW
SizeofResource
FindResourceW
LoadResource
LockResource
FindNextFileW

user32

MessageBeep
GetNextDlgGroupItem
InvalidateRgn
IntersectRect
SetRect
IsRectEmpty
CopyAcceleratorTableW
OffsetRect
CharNextW
GetSysColorBrush
SetLayeredWindowAttributes
EnumDisplayMonitors
SetRectEmpty
KillTimer
SetTimer
RealChildWindowFromPoint
DeleteMenu
WaitMessage
ReleaseCapture
LoadCursorW
WindowFromPoint
SetCapture
LoadMenuW
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
CheckDlgButton
SystemParametersInfoW
DestroyMenu
GetMenuItemInfoW
InflateRect
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
GetMessageTime
GetMessagePos
MonitorFromWindow
GetMonitorInfoW
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetForegroundWindow
ShowScrollBar
UpdateWindow
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
CopyRect
PtInRect
SetWindowPlacement
GetWindowPlacement
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
GetMenu
SetWindowLongW
GetWindowTextLengthW
GetWindowTextW
GetScrollPos
SetScrollPos
SetFocus
UnhookWindowsHookEx
ShowOwnedPopups
SetCursor
DestroyIcon
CharUpperW
UnregisterClassW
SetWindowsHookExW
CallNextHookEx
IsMenu
LoadIconW
GetSystemMenu
AppendMenuW
SendMessageW
GetMessageW
TranslateMessage
DispatchMessageW
IsWindowVisible
GetKeyState
PeekMessageW
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
GetFocus
ModifyMenuW
EnableMenuItem
CheckMenuItem
GetSysColor
TranslateAcceleratorW
BringWindowToTop
CreatePopupMenu
InsertMenuItemW
LoadAcceleratorsW
LoadImageW
ReuseDDElParam
UnpackDDElParam
IsZoomed
SetWindowRgn
RedrawWindow
SetParent
DestroyAcceleratorTable
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
ScreenToClient
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
FillRect
GetMenuState
GetMenuStringW
NotifyWinEvent
GetAsyncKeyState
SetClassLongW
DrawStateW
DrawIconEx
DrawEdge
DrawFrameControl
LoadBitmapW
InvalidateRect
IsIconic
MsgWaitForMultipleObjects
WaitForInputIdle
CharUpperA
GetSystemMetrics
GetClientRect
DrawIcon
ReleaseDC
GetWindowRect
PostMessageW
EnableWindow
MessageBoxW
GetDC
PostQuitMessage
SetWindowPos
MapDialogRect
GetParent
SetWindowContextHelpId
GetWindow
EndDialog
GetNextDlgTabItem
IsWindowEnabled
GetDlgItem
GetWindowLongW
IsWindow
DestroyWindow
CreateDialogIndirectParamW
SetActiveWindow
GetActiveWindow
GetDesktopWindow
GetLastActivePopup
GetWindowThreadProcessId
UpdateLayeredWindow
RemoveMenu
GetSubMenu
GetMenuItemCount
InsertMenuW
GetMenuItemID
CreateMenu
PostThreadMessageW
SetMenuDefaultItem
IsClipboardFormatAvailable
FrameRect
GetUpdateRect
OpenClipboard
SetClipboardData
CloseClipboard
EmptyClipboard
CopyIcon
CharUpperBuffW
GetDoubleClickTime
IsCharLowerW
MapVirtualKeyExW
SubtractRect
DestroyCursor
GetWindowRgn
MonitorFromPoint
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcW
DefFrameProcW
UnionRect
GetKeyNameTextW
CopyImage
GetIconInfo
EnableScrollBar
HideCaret
InvertRect
GetMenuDefaultItem
DrawFocusRect
ToUnicodeEx
MapVirtualKeyW
GetKeyboardLayout
GetKeyboardState
CreateAcceleratorTableW
SetCursorPos
LockWindowUpdate
RegisterClipboardFormatW

gdi32

GetViewportExtEx
GetWindowExtEx
GetPixel
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
CreatePatternBrush
CreateBitmap
GetStockObject
SelectPalette
GetObjectType
CreatePen
CreateSolidBrush
CreateHatchBrush
GetTextExtentPoint32W
CreateDIBitmap
CreateCompatibleBitmap
CreateRectRgnIndirect
GetTextMetricsW
EnumFontFamiliesW
GetTextCharsetInfo
GetBkColor
GetTextColor
GetRgnBox
SetRectRgn
CombineRgn
GetMapMode
ExcludeClipRect
DPtoLP
CreateDIBSection
CreateRectRgn
CreatePolygonRgn
CreateEllipticRgn
Polyline
Ellipse
Polygon
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
OffsetRgn
SetDIBColorTable
StretchBlt
SetPixel
Rectangle
EnumFontFamiliesExW
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
GetTextFaceW
SetPixelV
SelectClipRgn
GetClipBox
SetMapMode
SetTextColor
SetROP2
SetPolyFillMode
SetBkMode
SetBkColor
RestoreDC
SaveDC
CreateDCW
CopyMetaFileW
DeleteObject
SetLayout
GetLayout
SetTextAlign
MoveToEx
LineTo
GetObjectW
CreateRoundRectRgn
IntersectClipRect
GetDeviceCaps
BitBlt
CreateCompatibleDC
PatBlt
CreateFontIndirectW

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetSaveFileNameW
GetFileTitleW
GetOpenFileNameW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegDeleteValueA
RegCreateKeyExA
RegQueryValueExA
RegSetValueExA
RegEnumKeyExW
RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegDeleteKeyW
RegDeleteValueW
RegSetValueExW
RegCreateKeyExW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
RegOpenKeyExA

shell32

SHGetSpecialFolderLocation
SHGetFileInfoW
DragFinish
DragQueryFileW
ShellExecuteExW
SHBrowseForFolderW
SHAppBarMessage
ShellExecuteExA
SHGetPathFromIDListW
SHGetDesktopFolder
ShellExecuteW

comctl32

InitCommonControlsEx
ImageList_GetIconSize
_TrackMouseEvent

shlwapi

PathFindFileNameW
PathStripToRootW
PathIsUNCW
StrFormatByteSizeW
PathFindExtensionW
PathRemoveFileSpecW

ole32

CoRevokeClassObject
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CreateStreamOnHGlobal
OleGetClipboard
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
OleLockRunning
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
CoInitializeEx
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoInitialize
CoCreateInstance
CoUninitialize
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoTaskMemFree
CLSIDFromString
CLSIDFromProgID
CoCreateGuid
DoDragDrop
OleCreateMenuDescriptor

oleaut32

VarBstrFromDate
VariantCopy
SafeArrayDestroy
SystemTimeToVariantTime
VariantTimeToSystemTime
OleCreateFontIndirect
SysStringLen
VariantInit
VariantChangeType
VariantClear
SysAllocStringLen
SysAllocString
SysFreeString

oledlg

OleUIBusyW

wininet

FtpPutFileW
InternetCanonicalizeUrlW
FtpGetCurrentDirectoryW
FtpSetCurrentDirectoryW
FtpCreateDirectoryW
InternetConnectW
FtpGetCurrentDirectoryA
FtpGetFileW
InternetOpenW
InternetCloseHandle

winmm

PlaySoundW

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

gdiplus

GdipAlloc
GdipDeleteGraphics
GdipCreateBitmapFromHBITMAP
GdiplusStartup
GdiplusShutdown
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipCloneImage
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipGetImagePalette
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipGetImageGraphicsContext
GdipDrawImageI
GdipFree
GdipDisposeImage

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 309KB - Virtual size: 309KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 31KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 176KB - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MODULES/Report.exe
.exe windows:5 windows x86 arch:x86

5cd30b872a249a3f397fe6da1a0a4974

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

02:96:3c:31:4e:e0:8a:0c:f5:43:01:05:16:df:aa:68
Certificate

Issuer

CN=Thawte Code Signing CA - G2,O=Thawte\, Inc.,C=US

Not Before

18/02/2011, 00:00

Not After

18/04/2013, 23:59

Subject

CN=NtreevSoft Co.\,Ltd,O=NtreevSoft Co.\,Ltd,L=geumcheongu,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

47:97:4d:78:73:a5:bc:ab:0d:2f:b3:70:19:2f:ce:5e
Certificate

Issuer

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=Thawte Code Signing CA - G2,O=Thawte\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

e8:b2:49:59:9c:a5:5d:8a:f6:f5:c9:ff:80:de:7a:dc:1a:73:40:9a
Signer

Actual PE Digest

e8:b2:49:59:9c:a5:5d:8a:f6:f5:c9:ff:80:de:7a:dc:1a:73:40:9a

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\alienbrainWork\ProjectAlice\AliceTools\Code2\Report\Release\Report.pdb

Imports

kernel32

GetConsoleCP
GetConsoleMode
GetProcessHeap
CreateFileW
SetEnvironmentVariableA
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
LCMapStringW
HeapCreate
IsValidCodePage
GetStdHandle
SetHandleCount
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetFileType
SetStdHandle
GetSystemTimeAsFileTime
HeapSize
HeapQueryInformation
GetFileSize
HeapReAlloc
ExitThread
VirtualQuery
GetSystemInfo
VirtualAlloc
RaiseException
ExitProcess
RtlUnwind
GetStartupInfoW
HeapSetInformation
GetTimeZoneInformation
HeapAlloc
HeapFree
DecodePointer
EncodePointer
FindResourceExW
VirtualProtect
SearchPathA
Sleep
GetProfileIntA
InitializeCriticalSectionAndSpinCount
GetNumberFormatA
GetWindowsDirectoryA
GetTempPathA
GetTempFileNameA
GetFileTime
GetFileSizeEx
FileTimeToLocalFileTime
GetFileAttributesExA
SetErrorMode
GetOEMCP
GetCPInfo
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
CompareStringW
IsProcessorFeaturePresent
GetCommandLineA
GetStringTypeW
lstrcmpiA
GetACP
lstrcpyA
InterlockedIncrement
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GlobalFlags
InterlockedDecrement
GetModuleFileNameW
ReleaseActCtx
CreateActCtxW
GlobalGetAtomNameA
GlobalFindAtomA
GetVersionExA
LoadLibraryW
lstrcmpW
GetCurrentProcessId
GlobalAddAtomA
ResumeThread
SetThreadPriority
CopyFileA
GlobalSize
FormatMessageA
LocalFree
lstrlenW
MulDiv
GlobalUnlock
GlobalFree
FindResourceA
FreeResource
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
lstrlenA
GetModuleHandleA
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetModuleFileNameA
GetLocaleInfoA
CompareStringA
ActivateActCtx
LoadLibraryA
GetLastError
DeactivateActCtx
SetLastError
InterlockedExchange
GlobalLock
lstrcmpA
GlobalAlloc
GetModuleHandleW
GetProcAddress
FreeLibrary
GetFileInformationByHandle
GetLocalTime
FileTimeToSystemTime
GetTickCount
UnmapViewOfFile
CreateDirectoryA
WriteFile
SystemTimeToFileTime
SetFilePointer
FindResourceW
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
MultiByteToWideChar
DeleteFileA
GetCurrentDirectoryA
GetFileAttributesA
ExpandEnvironmentStringsA
WaitForSingleObject
CreateThread
CloseHandle
CreateFileA
ReadFile
WriteConsoleW

user32

GetUpdateRect
FrameRect
IsClipboardFormatAvailable
SetMenuDefaultItem
PostThreadMessageA
CreateMenu
IsMenu
UpdateLayeredWindow
MonitorFromPoint
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcA
DefFrameProcA
UnionRect
GetKeyNameTextA
GetNextDlgGroupItem
CopyImage
GetIconInfo
EnableScrollBar
HideCaret
InvertRect
GetMenuDefaultItem
LockWindowUpdate
SetCursorPos
SetRect
CreateAcceleratorTableA
LoadAcceleratorsW
GetKeyboardState
GetKeyboardLayout
MapVirtualKeyA
ToAsciiEx
CopyAcceleratorTableA
DrawFocusRect
DrawFrameControl
DrawEdge
DrawIconEx
DrawStateA
MessageBeep
GetSystemMenu
LoadMenuW
SetClassLongA
GetAsyncKeyState
NotifyWinEvent
DestroyAcceleratorTable
SetParent
RedrawWindow
SetWindowRgn
IsZoomed
IsRectEmpty
UnpackDDElParam
ReuseDDElParam
LoadMenuA
LoadImageA
LoadAcceleratorsA
InsertMenuItemA
CreatePopupMenu
OffsetRect
BringWindowToTop
TranslateAcceleratorA
IntersectRect
UnregisterClassA
DestroyMenu
GetMenuItemInfoA
InflateRect
DestroyIcon
GetSysColorBrush
SetLayeredWindowAttributes
EnumDisplayMonitors
SystemParametersInfoA
SetRectEmpty
KillTimer
SetTimer
InvalidateRect
RealChildWindowFromPoint
DeleteMenu
WaitMessage
LoadCursorA
LoadCursorW
WindowFromPoint
EndPaint
BeginPaint
GetWindowDC
OpenClipboard
GetDC
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
CheckDlgButton
RegisterWindowMessageA
LoadIconA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
UpdateWindow
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
GetSysColor
AdjustWindowRectEx
GetWindowRect
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
CopyRect
PtInRect
SetWindowPlacement
GetWindowPlacement
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetMenu
SetWindowLongA
SetWindowPos
SetClipboardData
CloseClipboard
EmptyClipboard
LoadImageW
RegisterClipboardFormatA
CopyIcon
GetWindowRgn
DestroyCursor
MapDialogRect
GetWindow
GetWindowThreadProcessId
GetLastActivePopup
ShowOwnedPopups
SetCursor
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
IsWindowVisible
SubtractRect
MapVirtualKeyExA
IsCharLowerA
GetDoubleClickTime
ReleaseDC
CharUpperBuffA
GetKeyState
PeekMessageA
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuState
GetMenuStringA
AppendMenuA
GetMenuItemID
InsertMenuA
GetMenuItemCount
GetSubMenu
RemoveMenu
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
GetParent
GetNextDlgTabItem
EndDialog
PostQuitMessage
PostMessageA
GetDesktopWindow
ReleaseCapture
ClientToScreen
SetCapture
DrawIcon
GetClientRect
GetSystemMetrics
IsIconic
SendMessageA
LoadIconW
EnableWindow
MessageBoxA
CharUpperA

gdi32

CreateHatchBrush
CreateDIBitmap
CreateFontIndirectA
CreateCompatibleBitmap
CreateRectRgnIndirect
GetTextMetricsA
EnumFontFamiliesA
GetTextCharsetInfo
GetTextExtentPoint32A
SetRectRgn
PatBlt
DPtoLP
CreateDIBSection
CreateRoundRectRgn
CreatePolygonRgn
GetBkColor
GetTextColor
CreateEllipticRgn
Polyline
Ellipse
Polygon
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
GetRgnBox
SetDIBColorTable
SetPixel
Rectangle
EnumFontFamiliesExA
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
GetTextFaceA
SetPixelV
TextOutA
RectVisible
PtVisible
CreatePen
ExtTextOutA
GetObjectType
SelectPalette
GetStockObject
CreateCompatibleDC
CreatePatternBrush
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
StretchBlt
CreateRectRgn
GetPixel
BitBlt
GetWindowExtEx
GetViewportExtEx
SelectClipRgn
SetLayout
GetLayout
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
GetObjectA
SetBkColor
SetTextColor
CreateBitmap
CreateDCA
CopyMetaFileA
GetDeviceCaps
DeleteObject
FrameRgn
SetROP2
OffsetRgn
CombineRgn
CreateSolidBrush
Escape

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
ClosePrinter
DocumentPropertiesA

advapi32

RegEnumKeyExA
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegCloseKey
RegEnumValueA

shell32

SHAppBarMessage
SHGetFileInfoA
DragFinish
DragQueryFileA
SHGetDesktopFolder
SHBrowseForFolderA
ShellExecuteA
SHGetSpecialFolderLocation
SHGetPathFromIDListA

comctl32

InitCommonControlsEx
ImageList_GetIconSize

shlwapi

PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathFindExtensionA
PathRemoveFileSpecW

ole32

CreateStreamOnHGlobal
OleLockRunning
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CoInitializeEx
CoLockObjectExternal
CoInitialize
CoCreateInstance
CoUninitialize
OleDuplicateData
ReleaseStgMedium
RegisterDragDrop
OleGetClipboard
CoTaskMemFree
CoCreateGuid
DoDragDrop
CoTaskMemAlloc
RevokeDragDrop

oleaut32

SysFreeString
SysAllocString
VarBstrFromDate
SystemTimeToVariantTime
VariantTimeToSystemTime
SysStringLen
VariantInit
VariantChangeType
VariantClear
SysAllocStringLen

wininet

HttpEndRequestA
InternetOpenA
InternetConnectA
InternetCloseHandle
InternetReadFile
HttpOpenRequestA
InternetWriteFile
HttpSendRequestExA

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

gdiplus

GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdiplusShutdown
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipDrawImageI

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

winmm

PlaySoundA

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 268KB - Virtual size: 267KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 900KB - Virtual size: 899KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
MODULES/bdcap32.dll
.dll windows:5 windows x86 arch:x86

bd81c47dcddba4fa3c26d9306764a148

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\work\CAP\bandicap\bin\bdcap32.pdb

Imports

kernel32

SetFilePointer
ReadFile
GetSystemTimeAsFileTime
SetLastError
LoadLibraryA
GetCurrentProcess
GetFileSize
DeleteFileA
MultiByteToWideChar
GetCurrentProcessId
TerminateProcess
QueryPerformanceCounter
QueryPerformanceFrequency
GetTickCount
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InterlockedIncrement
InterlockedDecrement
CreateFileW
WriteFile
SetEndOfFile
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
InitializeCriticalSectionAndSpinCount
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetConsoleMode
GetConsoleCP
GetStartupInfoA
GetFileType
SetHandleCount
LCMapStringW
LCMapStringA
ExitProcess
VirtualAlloc
VirtualFree
HeapCreate
GetStdHandle
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleHandleW
IsValidCodePage
CreateFileA
GetLastError
GetThreadPriority
ResetEvent
GetProcAddress
GetModuleHandleA
FindResourceExA
FindResourceA
LoadResource
LockResource
SizeofResource
MulDiv
SetThreadPriority
CreateEventA
SetEvent
CloseHandle
InterlockedExchange
WaitForSingleObject
FreeLibrary
Sleep
GetDiskFreeSpaceExA
WideCharToMultiByte
lstrlenW
GetSystemTime
DisableThreadLibraryCalls
GetModuleFileNameA
GetOEMCP
GetACP
GetCPInfo
IsDebuggerPresent
VirtualQuery
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCommandLineA
RtlUnwind
CreateThread
GetCurrentThreadId
ExitThread
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
GetSystemInfo
GetFileAttributesExA
FlushFileBuffers
RaiseException

user32

DrawIconEx
GetForegroundWindow
FillRect
GetIconInfo
GetCursorInfo
GetSystemMetrics
RegisterWindowMessageA
WindowFromDC
ScreenToClient
SetRect
GetClientRect
CopyRect
ClientToScreen
OffsetRect
ReleaseDC
GetDC
EqualRect
GetWindowRect

gdi32

GetDIBits
StretchBlt
SetStretchBltMode
CreateCompatibleBitmap
GetObjectA
DeleteDC
SelectObject
CreateSolidBrush
CreateDIBSection
CreateCompatibleDC
CreateDCA
DeleteObject

ole32

CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
CoUninitialize

winmm

waveInOpen
waveInPrepareHeader
waveInStart
waveInUnprepareHeader
waveInClose
waveInStop
waveInReset
waveInGetDevCapsA
waveInMessage
mixerGetID
mixerOpen
mixerGetDevCapsA
mixerGetLineInfoA
mixerGetLineControlsA
mixerClose
waveInGetNumDevs
waveInAddBuffer
timeBeginPeriod
waveInGetErrorTextA
mixerGetControlDetailsA
mixerSetControlDetails

Exports

Exports

CreateBandiCapture

Sections

.text
Size: 4.7MB - Virtual size: 4.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 321KB - Virtual size: 320KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 368KB - Virtual size: 479KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MODULES/bdvid32.dll
.dll windows:5 windows x86 arch:x86

1c9aadda798d9ee22ae83a9f0ee5014a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\w\devel\CAP\bandivid\bin\bdvid32.pdb

Imports

dsound

ord11

kernel32

GetProcAddress
GetModuleHandleW
GetCurrentProcess
GetFileSize
WideCharToMultiByte
WaitForSingleObject
GetCurrentProcessId
TerminateProcess
SizeofResource
LockResource
LoadResource
FindResourceW
FindResourceExW
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
CreateEventW
SetEvent
ResetEvent
InterlockedExchange
SetLastError
InterlockedDecrement
CreateFileA
SetThreadPriority
ResumeThread
QueryPerformanceCounter
QueryPerformanceFrequency
GetSystemTime
MultiByteToWideChar
SetEnvironmentVariableA
CompareStringA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetModuleHandleA
SetStdHandle
InitializeCriticalSectionAndSpinCount
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetLocaleInfoA
LoadLibraryA
GetTickCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetConsoleMode
GetConsoleCP
GetStartupInfoA
GetFileType
SetHandleCount
CompareStringW
HeapCreate
VirtualAlloc
VirtualFree
GetSystemTimeAsFileTime
InterlockedIncrement
CloseHandle
ReadFile
SetFilePointer
GetLastError
DisableThreadLibraryCalls
GetModuleFileNameW
FreeLibrary
ExitProcess
IsValidCodePage
VirtualQuery
GetOEMCP
GetACP
GetCPInfo
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStdHandle
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCommandLineA
RtlUnwind
CreateThread
GetCurrentThreadId
ExitThread
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
RaiseException
DeleteFileA
FlushFileBuffers
GetFileAttributesExA
WriteFile
CreateEventA
GetModuleFileNameA
GetSystemInfo
Sleep
HeapDestroy

user32

DestroyWindow
UnregisterClassW
CreateWindowExW
RegisterClassW
DefWindowProcW
RegisterWindowMessageW

ole32

CoTaskMemAlloc
CoUninitialize
CoTaskMemFree

Exports

Exports

CreateBandiVideo2

Sections

.text
Size: 4.7MB - Virtual size: 4.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 328KB - Virtual size: 327KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 337KB - Virtual size: 448KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rodata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MODULES/cryptopp.dll
.dll windows:4 windows x86 arch:x86

6b6ac209c0107f28dc6efb2b4042f4e6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\work\ProjectAlice\AliceSDK\crypto\lib\cryptopp.pdb

Imports

kernel32

GetModuleFileNameW
GetModuleHandleW
GetModuleFileNameA
IsDebuggerPresent
QueryPerformanceCounter
GetLastError
OutputDebugStringA
TlsAlloc
TlsFree
TlsSetValue
TlsGetValue
GetModuleHandleA
VirtualQuery
QueryPerformanceFrequency
GetProcAddress
InterlockedIncrement
InterlockedDecrement
Sleep
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
HeapFree
HeapAlloc
WideCharToMultiByte
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCommandLineA
GetVersionExA
GetProcessHeap
RaiseException
RtlUnwind
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetCPInfo
ExitProcess
WriteFile
GetStdHandle
SetLastError
GetACP
GetOEMCP
IsValidCodePage
HeapSize
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
SetFilePointer
ReadFile
GetConsoleCP
GetConsoleMode
FlushFileBuffers
SetHandleCount
GetFileType
GetStartupInfoA
CloseHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetTickCount
GetCurrentProcessId
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
LoadLibraryA
GetLocaleInfoW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
CreateFileW
SetEndOfFile

advapi32

CryptReleaseContext
CryptAcquireContextA
CryptGenRandom

Exports

Exports

??0?$ASN1CryptoMaterial@V?$DL_GroupParameters@VInteger@CryptoPP@@@CryptoPP@@@CryptoPP@@QAE@ABV01@@Z
??0?$ASN1CryptoMaterial@V?$DL_GroupParameters@VInteger@CryptoPP@@@CryptoPP@@@CryptoPP@@QAE@XZ
??0?$ASN1CryptoMaterial@VPrivateKey@CryptoPP@@@CryptoPP@@QAE@ABV01@@Z
??0?$ASN1CryptoMaterial@VPrivateKey@CryptoPP@@@CryptoPP@@QAE@XZ
??0?$ASN1CryptoMaterial@VPublicKey@CryptoPP@@@CryptoPP@@QAE@ABV01@@Z
??0?$ASN1CryptoMaterial@VPublicKey@CryptoPP@@@CryptoPP@@QAE@XZ
??0?$AbstractEuclideanDomain@VInteger@CryptoPP@@@CryptoPP@@QAE@ABV01@@Z
??0?$AbstractEuclideanDomain@VInteger@CryptoPP@@@CryptoPP@@QAE@XZ
??0?$AbstractEuclideanDomain@VPolynomialMod2@CryptoPP@@@CryptoPP@@QAE@ABV01@@Z
??0?$AbstractEuclideanDomain@VPolynomialMod2@CryptoPP@@@CryptoPP@@QAE@XZ
??0?$AbstractGroup@UEC2NPoint@CryptoPP@@@CryptoPP@@QAE@ABV01@@Z
??0?$AbstractGroup@UEC2NPoint@CryptoPP@@@CryptoPP@@QAE@XZ
??0?$AbstractGroup@UECPPoint@CryptoPP@@@CryptoPP@@QAE@ABV01@@Z
??0?$AbstractGroup@UECPPoint@CryptoPP@@@CryptoPP@@QAE@XZ
??0?$AbstractGroup@VInteger@CryptoPP@@@CryptoPP@@QAE@ABV01@@Z
??0?$AbstractGroup@VInteger@CryptoPP@@@CryptoPP@@QAE@XZ
??0?$AbstractGroup@VPolynomialMod2@CryptoPP@@@CryptoPP@@QAE@ABV01@@Z
??0?$AbstractGroup@VPolynomialMod2@CryptoPP@@@CryptoPP@@QAE@XZ
??0?$AbstractPolicyHolder@UAdditiveCipherAbstractPolicy@CryptoPP@@VCTR_ModePolicy@2@@CryptoPP@@QAE@ABV01@@Z
??0?$AbstractPolicyHolder@UAdditiveCipherAbstractPolicy@CryptoPP@@VCTR_ModePolicy@2@@CryptoPP@@QAE@XZ
??0?$AbstractPolicyHolder@UAdditiveCipherAbstractPolicy@CryptoPP@@VOFB_ModePolicy@2@@CryptoPP@@QAE@ABV01@@Z
??0?$AbstractPolicyHolder@UAdditiveCipherAbstractPolicy@CryptoPP@@VOFB_ModePolicy@2@@CryptoPP@@QAE@XZ
??0?$AbstractPolicyHolder@UAdditiveCipherAbstractPolicy@CryptoPP@@VSymmetricCipher@2@@CryptoPP@@QAE@ABV01@@Z
??0?$AbstractPolicyHolder@UAdditiveCipherAbstractPolicy@CryptoPP@@VSymmetricCipher@2@@CryptoPP@@QAE@XZ
??0?$AbstractPolicyHolder@VCFB_CipherAbstractPolicy@CryptoPP@@VCFB_ModePolicy@2@@CryptoPP@@QAE@ABV01@@Z
??0?$AbstractPolicyHolder@VCFB_CipherAbstractPolicy@CryptoPP@@VCFB_ModePolicy@2@@CryptoPP@@QAE@XZ
??0?$AbstractPolicyHolder@VCFB_CipherAbstractPolicy@CryptoPP@@VSymmetricCipher@2@@CryptoPP@@QAE@ABV01@@Z
??0?$AbstractPolicyHolder@VCFB_CipherAbstractPolicy@CryptoPP@@VSymmetricCipher@2@@CryptoPP@@QAE@XZ
??0?$AbstractRing@VInteger@CryptoPP@@@CryptoPP@@QAE@ABV01@@Z
??0?$AbstractRing@VInteger@CryptoPP@@@CryptoPP@@QAE@XZ
??0?$AbstractRing@VPolynomialMod2@CryptoPP@@@CryptoPP@@QAE@ABV01@@Z
??0?$AbstractRing@VPolynomialMod2@CryptoPP@@@CryptoPP@@QAE@XZ
??0?$AdditiveCipherTemplate@V?$AbstractPolicyHolder@UAdditiveCipherAbstractPolicy@CryptoPP@@VCTR_ModePolicy@2@@CryptoPP@@@CryptoPP@@QAE@ABV01@@Z
??0?$AdditiveCipherTemplate@V?$AbstractPolicyHolder@UAdditiveCipherAbstractPolicy@CryptoPP@@VCTR_ModePolicy@2@@CryptoPP@@@CryptoPP@@QAE@XZ
??0?$AdditiveCipherTemplate@V?$AbstractPolicyHolder@UAdditiveCipherAbstractPolicy@CryptoPP@@VOFB_ModePolicy@2@@CryptoPP@@@CryptoPP@@QAE@ABV01@@Z
??0?$AdditiveCipherTemplate@V?$AbstractPolicyHolder@UAdditiveCipherAbstractPolicy@CryptoPP@@VOFB_ModePolicy@2@@CryptoPP@@@CryptoPP@@QAE@XZ
??0?$AdditiveCipherTemplate@V?$AbstractPolicyHolder@UAdditiveCipherAbstractPolicy@CryptoPP@@VSymmetricCipher@2@@CryptoPP@@@CryptoPP@@QAE@ABV01@@Z
??0?$AdditiveCipherTemplate@V?$AbstractPolicyHolder@UAdditiveCipherAbstractPolicy@CryptoPP@@VSymmetricCipher@2@@CryptoPP@@@CryptoPP@@QAE@XZ
??0?$AlgorithmImpl@V?$IteratedHash@IU?$EnumToType@W4ByteOrder@CryptoPP@@$00@CryptoPP@@$0EA@VHashTransformation@2@@CryptoPP@@VSHA1@2@@CryptoPP@@QAE@ABV01@@Z
??0?$AlgorithmImpl@V?$IteratedHash@IU?$EnumToType@W4ByteOrder@CryptoPP@@$00@CryptoPP@@$0EA@VHashTransformation@2@@CryptoPP@@VSHA1@2@@CryptoPP@@QAE@XZ
??0?$AlgorithmImpl@V?$IteratedHash@IU?$EnumToType@W4ByteOrder@CryptoPP@@$00@CryptoPP@@$0EA@VHashTransformation@2@@CryptoPP@@VSHA224@2@@CryptoPP@@QAE@ABV01@@Z
??0?$AlgorithmImpl@V?$IteratedHash@IU?$EnumToType@W4ByteOrder@CryptoPP@@$00@CryptoPP@@$0EA@VHashTransformation@2@@CryptoPP@@VSHA224@2@@CryptoPP@@QAE@XZ
??0?$AlgorithmImpl@V?$IteratedHash@IU?$EnumToType@W4ByteOrder@CryptoPP@@$00@CryptoPP@@$0EA@VHashTransformation@2@@CryptoPP@@VSHA256@2@@CryptoPP@@QAE@ABV01@@Z
??0?$AlgorithmImpl@V?$IteratedHash@IU?$EnumToType@W4ByteOrder@CryptoPP@@$00@CryptoPP@@$0EA@VHashTransformation@2@@CryptoPP@@VSHA256@2@@CryptoPP@@QAE@XZ
??0?$AlgorithmImpl@V?$IteratedHash@_KU?$EnumToType@W4ByteOrder@CryptoPP@@$00@CryptoPP@@$0IA@VHashTransformation@2@@CryptoPP@@VSHA384@2@@CryptoPP@@QAE@ABV01@@Z
??0?$AlgorithmImpl@V?$IteratedHash@_KU?$EnumToType@W4ByteOrder@CryptoPP@@$00@CryptoPP@@$0IA@VHashTransformation@2@@CryptoPP@@VSHA384@2@@CryptoPP@@QAE@XZ
??0?$AlgorithmImpl@V?$IteratedHash@_KU?$EnumToType@W4ByteOrder@CryptoPP@@$00@CryptoPP@@$0IA@VHashTransformation@2@@CryptoPP@@VSHA512@2@@CryptoPP@@QAE@ABV01@@Z
??0?$AlgorithmImpl@V?$IteratedHash@_KU?$EnumToType@W4ByteOrder@CryptoPP@@$00@CryptoPP@@$0IA@VHashTransformation@2@@CryptoPP@@VSHA512@2@@CryptoPP@@QAE@XZ
??0?$AlgorithmImpl@V?$SimpleKeyingInterfaceImpl@V?$TwoBases@VBlockCipher@CryptoPP@@UDES_EDE2_Info@2@@CryptoPP@@V12@@CryptoPP@@V12@@CryptoPP@@QAE@ABV01@@Z
??0?$AlgorithmImpl@V?$SimpleKeyingInterfaceImpl@V?$TwoBases@VBlockCipher@CryptoPP@@UDES_EDE2_Info@2@@CryptoPP@@V12@@CryptoPP@@V12@@CryptoPP@@QAE@XZ
??0?$AlgorithmImpl@V?$SimpleKeyingInterfaceImpl@V?$TwoBases@VBlockCipher@CryptoPP@@UDES_EDE3_Info@2@@CryptoPP@@V12@@CryptoPP@@V12@@CryptoPP@@QAE@ABV01@@Z
??0?$AlgorithmImpl@V?$SimpleKeyingInterfaceImpl@V?$TwoBases@VBlockCipher@CryptoPP@@UDES_EDE3_Info@2@@CryptoPP@@V12@@CryptoPP@@V12@@CryptoPP@@QAE@XZ
??0?$AlgorithmImpl@V?$SimpleKeyingInterfaceImpl@V?$TwoBases@VBlockCipher@CryptoPP@@URijndael_Info@2@@CryptoPP@@V12@@CryptoPP@@V12@@CryptoPP@@QAE@ABV01@@Z
??0?$AlgorithmImpl@V?$SimpleKeyingInterfaceImpl@V?$TwoBases@VBlockCipher@CryptoPP@@URijndael_Info@2@@CryptoPP@@V12@@CryptoPP@@V12@@CryptoPP@@QAE@XZ
??0?$AlgorithmImpl@V?$SimpleKeyingInterfaceImpl@V?$TwoBases@VBlockCipher@CryptoPP@@USKIPJACK_Info@2@@CryptoPP@@V12@@CryptoPP@@V12@@CryptoPP@@QAE@ABV01@@Z
??0?$AlgorithmImpl@V?$SimpleKeyingInterfaceImpl@V?$TwoBases@VBlockCipher@CryptoPP@@USKIPJACK_Info@2@@CryptoPP@@V12@@CryptoPP@@V12@@CryptoPP@@QAE@XZ
??0?$AlgorithmParametersTemplate@H@CryptoPP@@QAE@ABV01@@Z
??0?$AlgorithmParametersTemplate@H@CryptoPP@@QAE@PBDABH_N@Z
??0?$AlgorithmParametersTemplate@VConstByteArrayParameter@CryptoPP@@@CryptoPP@@QAE@ABV01@@Z
??0?$AlgorithmParametersTemplate@VConstByteArrayParameter@CryptoPP@@@CryptoPP@@QAE@PBDABVConstByteArrayParameter@1@_N@Z
??0?$AlgorithmParametersTemplate@_N@CryptoPP@@QAE@ABV01@@Z
??0?$AlgorithmParametersTemplate@_N@CryptoPP@@QAE@PBDAB_N_N@Z
??0?$AutoSeededX917RNG@VRijndael@CryptoPP@@@CryptoPP@@QAE@_N0@Z
??0?$AutoSignaling@V?$InputRejecting@VBufferedTransformation@CryptoPP@@@CryptoPP@@@CryptoPP@@QAE@ABV01@@Z
??0?$AutoSignaling@V?$InputRejecting@VBufferedTransformation@CryptoPP@@@CryptoPP@@@CryptoPP@@QAE@H@Z
??0?$AutoSignaling@VBufferedTransformation@CryptoPP@@@CryptoPP@@QAE@ABV01@@Z
??0?$AutoSignaling@VBufferedTransformation@CryptoPP@@@CryptoPP@@QAE@H@Z
??0?$BlockCipherImpl@UDES_EDE2_Info@CryptoPP@@VBlockCipher@2@@CryptoPP@@QAE@ABV01@@Z
??0?$BlockCipherImpl@UDES_EDE2_Info@CryptoPP@@VBlockCipher@2@@CryptoPP@@QAE@XZ
??0?$BlockCipherImpl@UDES_EDE3_Info@CryptoPP@@VBlockCipher@2@@CryptoPP@@QAE@ABV01@@Z
??0?$BlockCipherImpl@UDES_EDE3_Info@CryptoPP@@VBlockCipher@2@@CryptoPP@@QAE@XZ
??0?$BlockCipherImpl@URijndael_Info@CryptoPP@@VBlockCipher@2@@CryptoPP@@QAE@ABV01@@Z
??0?$BlockCipherImpl@URijndael_Info@CryptoPP@@VBlockCipher@2@@CryptoPP@@QAE@XZ
??0?$BlockCipherImpl@USKIPJACK_Info@CryptoPP@@VBlockCipher@2@@CryptoPP@@QAE@ABV01@@Z
??0?$BlockCipherImpl@USKIPJACK_Info@CryptoPP@@VBlockCipher@2@@CryptoPP@@QAE@XZ
??0?$Bufferless@VBufferedTransformation@CryptoPP@@@CryptoPP@@QAE@ABV01@@Z
??0?$Bufferless@VBufferedTransformation@CryptoPP@@@CryptoPP@@QAE@XZ
??0?$Bufferless@VFilter@CryptoPP@@@CryptoPP@@QAE@XZ
??0?$Bufferless@VSink@CryptoPP@@@CryptoPP@@QAE@ABV01@@Z
??0?$Bufferless@VSink@CryptoPP@@@CryptoPP@@QAE@XZ
??0?$CFB_CipherTemplate@V?$AbstractPolicyHolder@VCFB_CipherAbstractPolicy@CryptoPP@@VCFB_ModePolicy@2@@CryptoPP@@@CryptoPP@@QAE@ABV01@@Z
??0?$CFB_CipherTemplate@V?$AbstractPolicyHolder@VCFB_CipherAbstractPolicy@CryptoPP@@VCFB_ModePolicy@2@@CryptoPP@@@CryptoPP@@QAE@XZ
??0?$CFB_CipherTemplate@V?$AbstractPolicyHolder@VCFB_CipherAbstractPolicy@CryptoPP@@VSymmetricCipher@2@@CryptoPP@@@CryptoPP@@QAE@ABV01@@Z
??0?$CFB_CipherTemplate@V?$AbstractPolicyHolder@VCFB_CipherAbstractPolicy@CryptoPP@@VSymmetricCipher@2@@CryptoPP@@@CryptoPP@@QAE@XZ
??0?$CFB_DecryptionTemplate@V?$AbstractPolicyHolder@VCFB_CipherAbstractPolicy@CryptoPP@@VCFB_ModePolicy@2@@CryptoPP@@@CryptoPP@@QAE@ABV01@@Z
??0?$CFB_DecryptionTemplate@V?$AbstractPolicyHolder@VCFB_CipherAbstractPolicy@CryptoPP@@VCFB_ModePolicy@2@@CryptoPP@@@CryptoPP@@QAE@XZ
??0?$CFB_DecryptionTemplate@V?$AbstractPolicyHolder@VCFB_CipherAbstractPolicy@CryptoPP@@VSymmetricCipher@2@@CryptoPP@@@CryptoPP@@QAE@ABV01@@Z
??0?$CFB_DecryptionTemplate@V?$AbstractPolicyHolder@VCFB_CipherAbstractPolicy@CryptoPP@@VSymmetricCipher@2@@CryptoPP@@@CryptoPP@@QAE@XZ
??0?$CFB_EncryptionTemplate@V?$AbstractPolicyHolder@VCFB_CipherAbstractPolicy@CryptoPP@@VCFB_ModePolicy@2@@CryptoPP@@@CryptoPP@@QAE@ABV01@@Z
??0?$CFB_EncryptionTemplate@V?$AbstractPolicyHolder@VCFB_CipherAbstractPolicy@CryptoPP@@VCFB_ModePolicy@2@@CryptoPP@@@CryptoPP@@QAE@XZ
??0?$CFB_EncryptionTemplate@V?$AbstractPolicyHolder@VCFB_CipherAbstractPolicy@CryptoPP@@VSymmetricCipher@2@@CryptoPP@@@CryptoPP@@QAE@ABV01@@Z
??0?$CFB_EncryptionTemplate@V?$AbstractPolicyHolder@VCFB_CipherAbstractPolicy@CryptoPP@@VSymmetricCipher@2@@CryptoPP@@@CryptoPP@@QAE@XZ
??0?$CipherModeFinalTemplate_ExternalCipher@V?$ConcretePolicyHolder@VEmpty@CryptoPP@@V?$AdditiveCipherTemplate@V?$AbstractPolicyHolder@UAdditiveCipherAbstractPolicy@CryptoPP@@VCTR_ModePolicy@2@@CryptoPP@@@2@UAdditiveCipherAbstractPolicy@2@@CryptoPP@@@CryptoPP@@QAE@AAVBlockCipher@1@@Z
??0?$CipherModeFinalTemplate_ExternalCipher@V?$ConcretePolicyHolder@VEmpty@CryptoPP@@V?$AdditiveCipherTemplate@V?$AbstractPolicyHolder@UAdditiveCipherAbstractPolicy@CryptoPP@@VCTR_ModePolicy@2@@CryptoPP@@@2@UAdditiveCipherAbstractPolicy@2@@CryptoPP@@@CryptoPP@@QAE@AAVBlockCipher@1@PBEH@Z
??0?$CipherModeFinalTemplate_ExternalCipher@V?$ConcretePolicyHolder@VEmpty@CryptoPP@@V?$AdditiveCipherTemplate@V?$AbstractPolicyHolder@UAdditiveCipherAbstractPolicy@CryptoPP@@VCTR_ModePolicy@2@@CryptoPP@@@2@UAdditiveCipherAbstractPolicy@2@@CryptoPP@@@CryptoPP@@QAE@ABV01@@Z
??0?$CipherModeFinalTemplate_ExternalCipher@V?$ConcretePolicyHolder@VEmpty@CryptoPP@@V?$AdditiveCipherTemplate@V?$AbstractPolicyHolder@UAdditiveCipherAbstractPolicy@CryptoPP@@VCTR_ModePolicy@2@@CryptoPP@@@2@UAdditiveCipherAbstractPolicy@2@@CryptoPP@@@CryptoPP@@QAE@XZ
??0?$CipherModeFinalTemplate_ExternalCipher@VCBC_CTS_Decryption@CryptoPP@@@CryptoPP@@QAE@AAVBlockCipher@1@@Z
??0?$CipherModeFinalTemplate_ExternalCipher@VCBC_CTS_Decryption@CryptoPP@@@CryptoPP@@QAE@AAVBlockCipher@1@PBEH@Z
??0?$CipherModeFinalTemplate_ExternalCipher@VCBC_CTS_Decryption@CryptoPP@@@CryptoPP@@QAE@ABV01@@Z
??0?$CipherModeFinalTemplate_ExternalCipher@VCBC_CTS_Decryption@CryptoPP@@@CryptoPP@@QAE@XZ
??0?$CipherModeFinalTemplate_ExternalCipher@VCBC_CTS_Encryption@CryptoPP@@@CryptoPP@@QAE@AAVBlockCipher@1@@Z
??0?$CipherModeFinalTemplate_ExternalCipher@VCBC_CTS_Encryption@CryptoPP@@@CryptoPP@@QAE@AAVBlockCipher@1@PBEH@Z
??0?$CipherModeFinalTemplate_ExternalCipher@VCBC_CTS_Encryption@CryptoPP@@@CryptoPP@@QAE@ABV01@@Z
??0?$CipherModeFinalTemplate_ExternalCipher@VCBC_CTS_Encryption@CryptoPP@@@CryptoPP@@QAE@XZ
??0?$CipherModeFinalTemplate_ExternalCipher@VCBC_Decryption@CryptoPP@@@CryptoPP@@QAE@AAVBlockCipher@1@@Z
??0?$CipherModeFinalTemplate_ExternalCipher@VCBC_Decryption@CryptoPP@@@CryptoPP@@QAE@AAVBlockCipher@1@PBEH@Z
??0?$CipherModeFinalTemplate_ExternalCipher@VCBC_Decryption@CryptoPP@@@CryptoPP@@QAE@ABV01@@Z
??0?$CipherModeFinalTemplate_ExternalCipher@VCBC_Decryption@CryptoPP@@@CryptoPP@@QAE@XZ
??0?$CipherModeFinalTemplate_ExternalCipher@VCBC_Encryption@CryptoPP@@@CryptoPP@@QAE@AAVBlockCipher@1@@Z
??0?$CipherModeFinalTemplate_ExternalCipher@VCBC_Encryption@CryptoPP@@@CryptoPP@@QAE@AAVBlockCipher@1@PBEH@Z
??0?$CipherModeFinalTemplate_ExternalCipher@VCBC_Encryption@CryptoPP@@@CryptoPP@@QAE@ABV01@@Z
??0?$CipherModeFinalTemplate_ExternalCipher@VCBC_Encryption@CryptoPP@@@CryptoPP@@QAE@XZ
??0?$CipherModeFinalTemplate_ExternalCipher@VECB_OneWay@CryptoPP@@@CryptoPP@@QAE@AAVBlockCipher@1@@Z
??0?$CipherModeFinalTemplate_ExternalCipher@VECB_OneWay@CryptoPP@@@CryptoPP@@QAE@AAVBlockCipher@1@PBEH@Z
??0?$CipherModeFinalTemplate_ExternalCipher@VECB_OneWay@CryptoPP@@@CryptoPP@@QAE@ABV01@@Z
??0?$CipherModeFinalTemplate_ExternalCipher@VECB_OneWay@CryptoPP@@@CryptoPP@@QAE@XZ
??0?$ClonableImpl@VSHA1@CryptoPP@@V?$AlgorithmImpl@V?$IteratedHash@IU?$EnumToType@W4ByteOrder@CryptoPP@@$00@CryptoPP@@$0EA@VHashTransformation@2@@CryptoPP@@VSHA1@2@@2@@CryptoPP@@QAE@ABV01@@Z
??0?$ClonableImpl@VSHA1@CryptoPP@@V?$AlgorithmImpl@V?$IteratedHash@IU?$EnumToType@W4ByteOrder@CryptoPP@@$00@CryptoPP@@$0EA@VHashTransformation@2@@CryptoPP@@VSHA1@2@@2@@CryptoPP@@QAE@XZ
??0?$ClonableImpl@VSHA224@CryptoPP@@V?$AlgorithmImpl@V?$IteratedHash@IU?$EnumToType@W4ByteOrder@CryptoPP@@$00@CryptoPP@@$0EA@VHashTransformation@2@@CryptoPP@@VSHA224@2@@2@@CryptoPP@@QAE@ABV01@@Z
??0?$ClonableImpl@VSHA224@CryptoPP@@V?$AlgorithmImpl@V?$IteratedHash@IU?$EnumToType@W4ByteOrder@CryptoPP@@$00@CryptoPP@@$0EA@VHashTransformation@2@@CryptoPP@@VSHA224@2@@2@@CryptoPP@@QAE@XZ
??0?$ClonableImpl@VSHA256@CryptoPP@@V?$AlgorithmImpl@V?$IteratedHash@IU?$EnumToType@W4ByteOrder@CryptoPP@@$00@CryptoPP@@$0EA@VHashTransformation@2@@CryptoPP@@VSHA256@2@@2@@CryptoPP@@QAE@ABV01@@Z
??0?$ClonableImpl@VSHA256@CryptoPP@@V?$AlgorithmImpl@V?$IteratedHash@IU?$EnumToType@W4ByteOrder@CryptoPP@@$00@CryptoPP@@$0EA@VHashTransformation@2@@CryptoPP@@VSHA256@2@@2@@CryptoPP@@QAE@XZ
??0?$ClonableImpl@VSHA384@CryptoPP@@V?$AlgorithmImpl@V?$IteratedHash@_KU?$EnumToType@W4ByteOrder@CryptoPP@@$00@CryptoPP@@$0IA@VHashTransformation@2@@CryptoPP@@VSHA384@2@@2@@CryptoPP@@QAE@ABV01@@Z
??0?$ClonableImpl@VSHA384@CryptoPP@@V?$AlgorithmImpl@V?$IteratedHash@_KU?$EnumToType@W4ByteOrder@CryptoPP@@$00@CryptoPP@@$0IA@VHashTransformation@2@@CryptoPP@@VSHA384@2@@2@@CryptoPP@@QAE@XZ
??0?$ClonableImpl@VSHA512@CryptoPP@@V?$AlgorithmImpl@V?$IteratedHash@_KU?$EnumToType@W4ByteOrder@CryptoPP@@$00@CryptoPP@@$0IA@VHashTransformation@2@@CryptoPP@@VSHA512@2@@2@@CryptoPP@@QAE@ABV01@@Z
??0?$ClonableImpl@VSHA512@CryptoPP@@V?$AlgorithmImpl@V?$IteratedHash@_KU?$EnumToType@W4ByteOrder@CryptoPP@@$00@CryptoPP@@$0IA@VHashTransformation@2@@CryptoPP@@VSHA512@2@@2@@CryptoPP@@QAE@XZ
??0?$ConcretePolicyHolder@VEmpty@CryptoPP@@V?$AdditiveCipherTemplate@V?$AbstractPolicyHolder@UAdditiveCipherAbstractPolicy@CryptoPP@@VCTR_ModePolicy@2@@CryptoPP@@@2@UAdditiveCipherAbstractPolicy@2@@CryptoPP@@QAE@ABV01@@Z
??0?$ConcretePolicyHolder@VEmpty@CryptoPP@@V?$AdditiveCipherTemplate@V?$AbstractPolicyHolder@UAdditiveCipherAbstractPolicy@CryptoPP@@VCTR_ModePolicy@2@@CryptoPP@@@2@UAdditiveCipherAbstractPolicy@2@@CryptoPP@@QAE@XZ
??0?$CustomFlushPropagation@VFilter@CryptoPP@@@CryptoPP@@QAE@XZ
??0?$CustomFlushPropagation@VSink@CryptoPP@@@CryptoPP@@QAE@ABV01@@Z
??0?$CustomFlushPropagation@VSink@CryptoPP@@@CryptoPP@@QAE@XZ
??0?$CustomSignalPropagation@VSink@CryptoPP@@@CryptoPP@@QAE@ABV01@@Z
??0?$CustomSignalPropagation@VSink@CryptoPP@@@CryptoPP@@QAE@XZ
??0?$DH_Domain@VDL_GroupParameters_GFP_DefaultSafePrime@CryptoPP@@U?$EnumToType@W4CofactorMultiplicationOption@CryptoPP@@$0A@@2@@CryptoPP@@QAE@AAVBufferedTransformation@1@@Z
??0?$DH_Domain@VDL_GroupParameters_GFP_DefaultSafePrime@CryptoPP@@U?$EnumToType@W4CofactorMultiplicationOption@CryptoPP@@$0A@@2@@CryptoPP@@QAE@ABV01@@Z
??0?$DH_Domain@VDL_GroupParameters_GFP_DefaultSafePrime@CryptoPP@@U?$EnumToType@W4CofactorMultiplicationOption@CryptoPP@@$0A@@2@@CryptoPP@@QAE@ABVDL_GroupParameters_GFP_DefaultSafePrime@1@@Z
??0?$DH_Domain@VDL_GroupParameters_GFP_DefaultSafePrime@CryptoPP@@U?$EnumToType@W4CofactorMultiplicationOption@CryptoPP@@$0A@@2@@CryptoPP@@QAE@XZ
??0?$DL_Algorithm_GDSA@UEC2NPoint@CryptoPP@@@CryptoPP@@QAE@ABV01@@Z
??0?$DL_Algorithm_GDSA@UEC2NPoint@CryptoPP@@@CryptoPP@@QAE@XZ
??0?$DL_Algorithm_GDSA@UECPPoint@CryptoPP@@@CryptoPP@@QAE@ABV01@@Z
??0?$DL_Algorithm_GDSA@UECPPoint@CryptoPP@@@CryptoPP@@QAE@XZ
??0?$DL_Algorithm_GDSA@VInteger@CryptoPP@@@CryptoPP@@QAE@ABV01@@Z
??0?$DL_Algorithm_GDSA@VInteger@CryptoPP@@@CryptoPP@@QAE@XZ
??0?$DL_ElgamalLikeSignatureAlgorithm@UEC2NPoint@CryptoPP@@@CryptoPP@@QAE@ABV01@@Z
??0?$DL_ElgamalLikeSignatureAlgorithm@UEC2NPoint@CryptoPP@@@CryptoPP@@QAE@XZ
??0?$DL_ElgamalLikeSignatureAlgorithm@UECPPoint@CryptoPP@@@CryptoPP@@QAE@ABV01@@Z
??0?$DL_ElgamalLikeSignatureAlgorithm@UECPPoint@CryptoPP@@@CryptoPP@@QAE@XZ
??0?$DL_ElgamalLikeSignatureAlgorithm@VInteger@CryptoPP@@@CryptoPP@@QAE@ABV01@@Z
??0?$DL_ElgamalLikeSignatureAlgorithm@VInteger@CryptoPP@@@CryptoPP@@QAE@XZ
??0?$DL_FixedBasePrecomputation@UEC2NPoint@CryptoPP@@@CryptoPP@@QAE@ABV01@@Z
??0?$DL_FixedBasePrecomputation@UEC2NPoint@CryptoPP@@@CryptoPP@@QAE@XZ
??0?$DL_FixedBasePrecomputation@UECPPoint@CryptoPP@@@CryptoPP@@QAE@ABV01@@Z
??0?$DL_FixedBasePrecomputation@UECPPoint@CryptoPP@@@CryptoPP@@QAE@XZ
??0?$DL_FixedBasePrecomputation@VInteger@CryptoPP@@@CryptoPP@@QAE@ABV01@@Z
??0?$DL_FixedBasePrecomputation@VInteger@CryptoPP@@@CryptoPP@@QAE@XZ
??0?$DL_FixedBasePrecomputationImpl@UEC2NPoint@CryptoPP@@@CryptoPP@@QAE@ABV01@@Z
??0?$DL_FixedBasePrecomputationImpl@UEC2NPoint@CryptoPP@@@CryptoPP@@QAE@XZ
??0?$DL_FixedBasePrecomputationImpl@UECPPoint@CryptoPP@@@CryptoPP@@QAE@ABV01@@Z
??0?$DL_FixedBasePrecomputationImpl@UECPPoint@CryptoPP@@@CryptoPP@@QAE@XZ
??0?$DL_FixedBasePrecomputationImpl@VInteger@CryptoPP@@@CryptoPP@@QAE@ABV01@@Z
??0?$DL_FixedBasePrecomputationImpl@VInteger@CryptoPP@@@CryptoPP@@QAE@XZ
??0?$DL_GroupParameters@UEC2NPoint@CryptoPP@@@CryptoPP@@QAE@ABV01@@Z
??0?$DL_GroupParameters@UEC2NPoint@CryptoPP@@@CryptoPP@@QAE@XZ
??0?$DL_GroupParameters@UECPPoint@CryptoPP@@@CryptoPP@@QAE@ABV01@@Z
??0?$DL_GroupParameters@UECPPoint@CryptoPP@@@CryptoPP@@QAE@XZ
??0?$DL_GroupParameters@VInteger@CryptoPP@@@CryptoPP@@QAE@ABV01@@Z
??0?$DL_GroupParameters@VInteger@CryptoPP@@@CryptoPP@@QAE@XZ
??0?$DL_GroupParametersImpl@V?$EcPrecomputation@VEC2N@CryptoPP@@@CryptoPP@@V?$DL_FixedBasePrecomputationImpl@UEC2NPoint@CryptoPP@@@2@V?$DL_GroupParameters@UEC2NPoint@CryptoPP@@@2@@CryptoPP@@QAE@ABV01@@Z
??0?$DL_GroupParametersImpl@V?$EcPrecomputation@VEC2N@CryptoPP@@@CryptoPP@@V?$DL_FixedBasePrecomputationImpl@UEC2NPoint@CryptoPP@@@2@V?$DL_GroupParameters@UEC2NPoint@CryptoPP@@@2@@CryptoPP@@QAE@XZ
??0?$DL_GroupParametersImpl@V?$EcPrecomputation@VECP@CryptoPP@@@CryptoPP@@V?$DL_FixedBasePrecomputationImpl@UECPPoint@CryptoPP@@@2@V?$DL_GroupParameters@UECPPoint@CryptoPP@@@2@@CryptoPP@@QAE@ABV01@@Z
??0?$DL_GroupParametersImpl@V?$EcPrecomputation@VECP@CryptoPP@@@CryptoPP@@V?$DL_FixedBasePrecomputationImpl@UECPPoint@CryptoPP@@@2@V?$DL_GroupParameters@UECPPoint@CryptoPP@@@2@@CryptoPP@@QAE@XZ
??0?$DL_GroupParametersImpl@VModExpPrecomputation@CryptoPP@@V?$DL_FixedBasePrecomputationImpl@VInteger@CryptoPP@@@2@VDL_GroupParameters_IntegerBased@2@@CryptoPP@@QAE@ABV01@@Z
??0?$DL_GroupParametersImpl@VModExpPrecomputation@CryptoPP@@V?$DL_FixedBasePrecomputationImpl@VInteger@CryptoPP@@@2@VDL_GroupParameters_IntegerBased@2@@CryptoPP@@QAE@XZ
??0?$DL_GroupParameters_EC@VEC2N@CryptoPP@@@CryptoPP@@QAE@AAVBufferedTransformation@1@@Z
??0?$DL_GroupParameters_EC@VEC2N@CryptoPP@@@CryptoPP@@QAE@ABV01@@Z
??0?$DL_GroupParameters_EC@VEC2N@CryptoPP@@@CryptoPP@@QAE@ABVEC2N@1@ABUEC2NPoint@1@ABVInteger@1@2@Z
??0?$DL_GroupParameters_EC@VEC2N@CryptoPP@@@CryptoPP@@QAE@ABVOID@1@@Z
??0?$DL_GroupParameters_EC@VEC2N@CryptoPP@@@CryptoPP@@QAE@XZ
??0?$DL_GroupParameters_EC@VECP@CryptoPP@@@CryptoPP@@QAE@AAVBufferedTransformation@1@@Z
??0?$DL_GroupParameters_EC@VECP@CryptoPP@@@CryptoPP@@QAE@ABV01@@Z
??0?$DL_GroupParameters_EC@VECP@CryptoPP@@@CryptoPP@@QAE@ABVECP@1@ABUECPPoint@1@ABVInteger@1@2@Z
??0?$DL_GroupParameters_EC@VECP@CryptoPP@@@CryptoPP@@QAE@ABVOID@1@@Z
??0?$DL_GroupParameters_EC@VECP@CryptoPP@@@CryptoPP@@QAE@XZ
??0?$DL_GroupParameters_IntegerBasedImpl@VModExpPrecomputation@CryptoPP@@V?$DL_FixedBasePrecomputationImpl@VInteger@CryptoPP@@@2@@CryptoPP@@QAE@ABV01@@Z
??0?$DL_GroupParameters_IntegerBasedImpl@VModExpPrecomputation@CryptoPP@@V?$DL_FixedBasePrecomputationImpl@VInteger@CryptoPP@@@2@@CryptoPP@@QAE@XZ
??0?$DL_GroupPrecomputation@UEC2NPoint@CryptoPP@@@CryptoPP@@QAE@ABV01@@Z
??0?$DL_GroupPrecomputation@UEC2NPoint@CryptoPP@@@CryptoPP@@QAE@XZ
??0?$DL_GroupPrecomputation@UECPPoint@CryptoPP@@@CryptoPP@@QAE@ABV01@@Z
??0?$DL_GroupPrecomputation@UECPPoint@CryptoPP@@@CryptoPP@@QAE@XZ
??0?$DL_Key@UEC2NPoint@CryptoPP@@@CryptoPP@@QAE@ABV01@@Z
??0?$DL_Key@UEC2NPoint@CryptoPP@@@CryptoPP@@QAE@XZ
??0?$DL_Key@UECPPoint@CryptoPP@@@CryptoPP@@QAE@ABV01@@Z
??0?$DL_Key@UECPPoint@CryptoPP@@@CryptoPP@@QAE@XZ
??0?$DL_Key@VInteger@CryptoPP@@@CryptoPP@@QAE@ABV01@@Z
??0?$DL_Key@VInteger@CryptoPP@@@CryptoPP@@QAE@XZ
??0?$DL_KeyImpl@VPKCS8PrivateKey@CryptoPP@@V?$DL_GroupParameters_EC@VEC2N@CryptoPP@@@2@VOID@2@@CryptoPP@@QAE@ABV01@@Z
??0?$DL_KeyImpl@VPKCS8PrivateKey@CryptoPP@@V?$DL_GroupParameters_EC@VEC2N@CryptoPP@@@2@VOID@2@@CryptoPP@@QAE@XZ
??0?$DL_KeyImpl@VPKCS8PrivateKey@CryptoPP@@V?$DL_GroupParameters_EC@VECP@CryptoPP@@@2@VOID@2@@CryptoPP@@QAE@ABV01@@Z
??0?$DL_KeyImpl@VPKCS8PrivateKey@CryptoPP@@V?$DL_GroupParameters_EC@VECP@CryptoPP@@@2@VOID@2@@CryptoPP@@QAE@XZ
??0?$DL_KeyImpl@VPKCS8PrivateKey@CryptoPP@@VDL_GroupParameters_DSA@2@VOID@2@@CryptoPP@@QAE@ABV01@@Z
??0?$DL_KeyImpl@VPKCS8PrivateKey@CryptoPP@@VDL_GroupParameters_DSA@2@VOID@2@@CryptoPP@@QAE@XZ
??0?$DL_KeyImpl@VX509PublicKey@CryptoPP@@V?$DL_GroupParameters_EC@VEC2N@CryptoPP@@@2@VOID@2@@CryptoPP@@QAE@ABV01@@Z
??0?$DL_KeyImpl@VX509PublicKey@CryptoPP@@V?$DL_GroupParameters_EC@VEC2N@CryptoPP@@@2@VOID@2@@CryptoPP@@QAE@XZ
??0?$DL_KeyImpl@VX509PublicKey@CryptoPP@@V?$DL_GroupParameters_EC@VECP@CryptoPP@@@2@VOID@2@@CryptoPP@@QAE@ABV01@@Z
??0?$DL_KeyImpl@VX509PublicKey@CryptoPP@@V?$DL_GroupParameters_EC@VECP@CryptoPP@@@2@VOID@2@@CryptoPP@@QAE@XZ
??0?$DL_KeyImpl@VX509PublicKey@CryptoPP@@VDL_GroupParameters_DSA@2@VOID@2@@CryptoPP@@QAE@ABV01@@Z
??0?$DL_KeyImpl@VX509PublicKey@CryptoPP@@VDL_GroupParameters_DSA@2@VOID@2@@CryptoPP@@QAE@XZ
??0?$DL_PrivateKey@UEC2NPoint@CryptoPP@@@CryptoPP@@QAE@ABV01@@Z
??0?$DL_PrivateKey@UEC2NPoint@CryptoPP@@@CryptoPP@@QAE@XZ
??0?$DL_PrivateKey@UECPPoint@CryptoPP@@@CryptoPP@@QAE@ABV01@@Z
??0?$DL_PrivateKey@UECPPoint@CryptoPP@@@CryptoPP@@QAE@XZ
??0?$DL_PrivateKey@VInteger@CryptoPP@@@CryptoPP@@QAE@ABV01@@Z
??0?$DL_PrivateKey@VInteger@CryptoPP@@@CryptoPP@@QAE@XZ
??0?$DL_PrivateKeyImpl@V?$DL_GroupParameters_EC@VEC2N@CryptoPP@@@CryptoPP@@@CryptoPP@@QAE@ABV01@@Z
??0?$DL_PrivateKeyImpl@V?$DL_GroupParameters_EC@VEC2N@CryptoPP@@@CryptoPP@@@CryptoPP@@QAE@XZ
??0?$DL_PrivateKeyImpl@V?$DL_GroupParameters_EC@VECP@CryptoPP@@@CryptoPP@@@CryptoPP@@QAE@ABV01@@Z
??0?$DL_PrivateKeyImpl@V?$DL_GroupParameters_EC@VECP@CryptoPP@@@CryptoPP@@@CryptoPP@@QAE@XZ
??0?$DL_PrivateKeyImpl@VDL_GroupParameters_DSA@CryptoPP@@@CryptoPP@@QAE@ABV01@@Z
??0?$DL_PrivateKeyImpl@VDL_GroupParameters_DSA@CryptoPP@@@CryptoPP@@QAE@XZ
??0?$DL_PrivateKey_EC@VEC2N@CryptoPP@@@CryptoPP@@QAE@ABV01@@Z
??0?$DL_PrivateKey_EC@VEC2N@CryptoPP@@@CryptoPP@@QAE@XZ
??0?$DL_PrivateKey_EC@VECP@CryptoPP@@@CryptoPP@@QAE@ABV01@@Z
??0?$DL_PrivateKey_EC@VECP@CryptoPP@@@CryptoPP@@QAE@XZ
??0?$DL_PrivateKey_GFP@VDL_GroupParameters_DSA@CryptoPP@@@CryptoPP@@QAE@ABV01@@Z
??0?$DL_PrivateKey_GFP@VDL_GroupParameters_DSA@CryptoPP@@@CryptoPP@@QAE@XZ
??0?$DL_PrivateKey_WithSignaturePairwiseConsistencyTest@V?$DL_PrivateKey_EC@VEC2N@CryptoPP@@@CryptoPP@@U?$ECDSA@VEC2N@CryptoPP@@VSHA256@2@@2@@CryptoPP@@QAE@ABV01@@Z
??0?$DL_PrivateKey_WithSignaturePairwiseConsistencyTest@V?$DL_PrivateKey_EC@VEC2N@CryptoPP@@@CryptoPP@@U?$ECDSA@VEC2N@CryptoPP@@VSHA256@2@@2@@CryptoPP@@QAE@XZ
??0?$DL_PrivateKey_WithSignaturePairwiseConsistencyTest@V?$DL_PrivateKey_EC@VECP@CryptoPP@@@CryptoPP@@U?$ECDSA@VECP@CryptoPP@@VSHA256@2@@2@@CryptoPP@@QAE@ABV01@@Z
??0?$DL_PrivateKey_WithSignaturePairwiseConsistencyTest@V?$DL_PrivateKey_EC@VECP@CryptoPP@@@CryptoPP@@U?$ECDSA@VECP@CryptoPP@@VSHA256@2@@2@@CryptoPP@@QAE@XZ
??0?$DL_PrivateKey_WithSignaturePairwiseConsistencyTest@V?$DL_PrivateKey_GFP@VDL_GroupParameters_DSA@CryptoPP@@@CryptoPP@@UDSA@2@@CryptoPP@@QAE@ABV01@@Z
??0?$DL_PrivateKey_WithSignaturePairwiseConsistencyTest@V?$DL_PrivateKey_GFP@VDL_GroupParameters_DSA@CryptoPP@@@CryptoPP@@UDSA@2@@CryptoPP@@QAE@XZ
??0?$DL_PublicKey@UEC2NPoint@CryptoPP@@@CryptoPP@@QAE@ABV01@@Z
??0?$DL_PublicKey@UEC2NPoint@CryptoPP@@@CryptoPP@@QAE@XZ
??0?$DL_PublicKey@UECPPoint@CryptoPP@@@CryptoPP@@QAE@ABV01@@Z
??0?$DL_PublicKey@UECPPoint@CryptoPP@@@CryptoPP@@QAE@XZ
??0?$DL_PublicKey@VInteger@CryptoPP@@@CryptoPP@@QAE@ABV01@@Z
??0?$DL_PublicKey@VInteger@CryptoPP@@@CryptoPP@@QAE@XZ
??0?$DL_PublicKeyImpl@V?$DL_GroupParameters_EC@VEC2N@CryptoPP@@@CryptoPP@@@CryptoPP@@QAE@ABV01@@Z
??0?$DL_PublicKeyImpl@V?$DL_GroupParameters_EC@VEC2N@CryptoPP@@@CryptoPP@@@CryptoPP@@QAE@XZ
??0?$DL_PublicKeyImpl@V?$DL_GroupParameters_EC@VECP@CryptoPP@@@CryptoPP@@@CryptoPP@@QAE@ABV01@@Z
??0?$DL_PublicKeyImpl@V?$DL_GroupParameters_EC@VECP@CryptoPP@@@CryptoPP@@@CryptoPP@@QAE@XZ
??0?$DL_PublicKeyImpl@VDL_GroupParameters_DSA@CryptoPP@@@CryptoPP@@QAE@ABV01@@Z
??0?$DL_PublicKeyImpl@VDL_GroupParameters_DSA@CryptoPP@@@CryptoPP@@QAE@XZ
??0?$DL_PublicKey_EC@VEC2N@CryptoPP@@@CryptoPP@@QAE@ABV01@@Z
??0?$DL_PublicKey_EC@VEC2N@CryptoPP@@@CryptoPP@@QAE@XZ
??0?$DL_PublicKey_EC@VECP@CryptoPP@@@CryptoPP@@QAE@ABV01@@Z
??0?$DL_PublicKey_EC@VECP@CryptoPP@@@CryptoPP@@QAE@XZ
??0?$DL_PublicKey_GFP@VDL_GroupParameters_DSA@CryptoPP@@@CryptoPP@@QAE@ABV01@@Z
??0?$DL_PublicKey_GFP@VDL_GroupParameters_DSA@CryptoPP@@@CryptoPP@@QAE@XZ
??0?$DL_SimpleKeyAgreementDomainBase@VInteger@CryptoPP@@@CryptoPP@@QAE@ABV01@@Z
??0?$DL_SimpleKeyAgreementDomainBase@VInteger@CryptoPP@@@CryptoPP@@QAE@XZ
??0?$EMSA2HashIdLookup@VPK_DeterministicSignatureMessageEncodingMethod@CryptoPP@@@CryptoPP@@QAE@ABV01@@Z
??0?$EMSA2HashIdLookup@VPK_DeterministicSignatureMessageEncodingMethod@CryptoPP@@@CryptoPP@@QAE@XZ
??0?$EuclideanDomainOf@VPolynomialMod2@CryptoPP@@@CryptoPP@@QAE@ABV01@@Z
??0?$EuclideanDomainOf@VPolynomialMod2@CryptoPP@@@CryptoPP@@QAE@XZ
??0?$InputRejecting@VBufferedTransformation@CryptoPP@@@CryptoPP@@QAE@ABV01@@Z
??0?$InputRejecting@VBufferedTransformation@CryptoPP@@@CryptoPP@@QAE@XZ
??0?$InputRejecting@VFilter@CryptoPP@@@CryptoPP@@QAE@XZ
??0?$IteratedHash@IU?$EnumToType@W4ByteOrder@CryptoPP@@$00@CryptoPP@@$0EA@VHashTransformation@2@@CryptoPP@@QAE@ABV01@@Z
??0?$IteratedHash@IU?$EnumToType@W4ByteOrder@CryptoPP@@$00@CryptoPP@@$0EA@VHashTransformation@2@@CryptoPP@@QAE@XZ
??0?$IteratedHash@_KU?$EnumToType@W4ByteOrder@CryptoPP@@$00@CryptoPP@@$0IA@VHashTransformation@2@@CryptoPP@@QAE@ABV01@@Z
??0?$IteratedHash@_KU?$EnumToType@W4ByteOrder@CryptoPP@@$00@CryptoPP@@$0IA@VHashTransformation@2@@CryptoPP@@QAE@XZ
??0?$IteratedHashBase@IVHashTransformation@CryptoPP@@@CryptoPP@@QAE@ABV01@@Z
??0?$IteratedHashBase@IVHashTransformation@CryptoPP@@@CryptoPP@@QAE@XZ
??0?$IteratedHashBase@_KVHashTransformation@CryptoPP@@@CryptoPP@@QAE@ABV01@@Z
??0?$IteratedHashBase@_KVHashTransformation@CryptoPP@@@CryptoPP@@QAE@XZ
??0?$IteratedHashWithStaticTransform@IU?$EnumToType@W4ByteOrder@CryptoPP@@$00@CryptoPP@@$0EA@$0BE@VSHA1@2@$0A@$0A@@CryptoPP@@IAE@XZ
??0?$IteratedHashWithStaticTransform@IU?$EnumToType@W4ByteOrder@CryptoPP@@$00@CryptoPP@@$0EA@$0BE@VSHA1@2@$0A@$0A@@CryptoPP@@QAE@ABV01@@Z
??0?$IteratedHashWithStaticTransform@IU?$EnumToType@W4ByteOrder@CryptoPP@@$00@CryptoPP@@$0EA@$0CA@VSHA224@2@$0BM@$00@CryptoPP@@IAE@XZ
??0?$IteratedHashWithStaticTransform@IU?$EnumToType@W4ByteOrder@CryptoPP@@$00@CryptoPP@@$0EA@$0CA@VSHA224@2@$0BM@$00@CryptoPP@@QAE@ABV01@@Z
??0?$IteratedHashWithStaticTransform@IU?$EnumToType@W4ByteOrder@CryptoPP@@$00@CryptoPP@@$0EA@$0CA@VSHA256@2@$0CA@$00@CryptoPP@@IAE@XZ
??0?$IteratedHashWithStaticTransform@IU?$EnumToType@W4ByteOrder@CryptoPP@@$00@CryptoPP@@$0EA@$0CA@VSHA256@2@$0CA@$00@CryptoPP@@QAE@ABV01@@Z
??0?$IteratedHashWithStaticTransform@_KU?$EnumToType@W4ByteOrder@CryptoPP@@$00@CryptoPP@@$0IA@$0EA@VSHA384@2@$0DA@$00@CryptoPP@@IAE@XZ
??0?$IteratedHashWithStaticTransform@_KU?$EnumToType@W4ByteOrder@CryptoPP@@$00@CryptoPP@@$0IA@$0EA@VSHA384@2@$0DA@$00@CryptoPP@@QAE@ABV01@@Z
??0?$IteratedHashWithStaticTransform@_KU?$EnumToType@W4ByteOrder@CryptoPP@@$00@CryptoPP@@$0IA@$0EA@VSHA512@2@$0EA@$00@CryptoPP@@IAE@XZ
??0?$IteratedHashWithStaticTransform@_KU?$EnumToType@W4ByteOrder@CryptoPP@@$00@CryptoPP@@$0IA@$0EA@VSHA512@2@$0EA@$00@CryptoPP@@QAE@ABV01@@Z
??0?$ModePolicyCommonTemplate@UAdditiveCipherAbstractPolicy@CryptoPP@@@CryptoPP@@QAE@ABV01@@Z
??0?$ModePolicyCommonTemplate@UAdditiveCipherAbstractPolicy@CryptoPP@@@CryptoPP@@QAE@XZ
??0?$ModePolicyCommonTemplate@VCFB_CipherAbstractPolicy@CryptoPP@@@CryptoPP@@QAE@ABV01@@Z
??0?$ModePolicyCommonTemplate@VCFB_CipherAbstractPolicy@CryptoPP@@@CryptoPP@@QAE@XZ
??0?$Multichannel@VFilter@CryptoPP@@@CryptoPP@@QAE@XZ
??0?$Multichannel@VSink@CryptoPP@@@CryptoPP@@QAE@ABV01@@Z
??0?$Multichannel@VSink@CryptoPP@@@CryptoPP@@QAE@XZ
??0?$OAEP@VSHA1@CryptoPP@@VP1363_MGF1@2@@CryptoPP@@QAE@ABV01@@Z
??0?$OAEP@VSHA1@CryptoPP@@VP1363_MGF1@2@@CryptoPP@@QAE@XZ
??0?$PK_FixedLengthCryptoSystemImpl@VPK_Decryptor@CryptoPP@@@CryptoPP@@QAE@ABV01@@Z
??0?$PK_FixedLengthCryptoSystemImpl@VPK_Decryptor@CryptoPP@@@CryptoPP@@QAE@XZ
??0?$PK_FixedLengthCryptoSystemImpl@VPK_Encryptor@CryptoPP@@@CryptoPP@@QAE@ABV01@@Z
??0?$PK_FixedLengthCryptoSystemImpl@VPK_Encryptor@CryptoPP@@@CryptoPP@@QAE@XZ
??0?$QuotientRing@V?$EuclideanDomainOf@VPolynomialMod2@CryptoPP@@@CryptoPP@@@CryptoPP@@QAE@ABV01@@Z
??0?$QuotientRing@V?$EuclideanDomainOf@VPolynomialMod2@CryptoPP@@@CryptoPP@@@CryptoPP@@QAE@ABV?$EuclideanDomainOf@VPolynomialMod2@CryptoPP@@@1@ABVPolynomialMod2@1@@Z
??0?$SimpleKeyingInterfaceImpl@V?$TwoBases@VBlockCipher@CryptoPP@@UDES_EDE2_Info@2@@CryptoPP@@V12@@CryptoPP@@QAE@ABV01@@Z
??0?$SimpleKeyingInterfaceImpl@V?$TwoBases@VBlockCipher@CryptoPP@@UDES_EDE2_Info@2@@CryptoPP@@V12@@CryptoPP@@QAE@XZ
??0?$SimpleKeyingInterfaceImpl@V?$TwoBases@VBlockCipher@CryptoPP@@UDES_EDE3_Info@2@@CryptoPP@@V12@@CryptoPP@@QAE@ABV01@@Z
??0?$SimpleKeyingInterfaceImpl@V?$TwoBases@VBlockCipher@CryptoPP@@UDES_EDE3_Info@2@@CryptoPP@@V12@@CryptoPP@@QAE@XZ
??0?$SimpleKeyingInterfaceImpl@V?$TwoBases@VBlockCipher@CryptoPP@@URijndael_Info@2@@CryptoPP@@V12@@CryptoPP@@QAE@ABV01@@Z
??0?$SimpleKeyingInterfaceImpl@V?$TwoBases@VBlockCipher@CryptoPP@@URijndael_Info@2@@CryptoPP@@V12@@CryptoPP@@QAE@XZ
??0?$SimpleKeyingInterfaceImpl@V?$TwoBases@VBlockCipher@CryptoPP@@USKIPJACK_Info@2@@CryptoPP@@V12@@CryptoPP@@QAE@ABV01@@Z
??0?$SimpleKeyingInterfaceImpl@V?$TwoBases@VBlockCipher@CryptoPP@@USKIPJACK_Info@2@@CryptoPP@@V12@@CryptoPP@@QAE@XZ
??0?$SourceTemplate@VFileStore@CryptoPP@@@CryptoPP@@QAE@PAVBufferedTransformation@1@@Z
??0?$SourceTemplate@VRandomNumberStore@CryptoPP@@@CryptoPP@@QAE@PAVBufferedTransformation@1@@Z
??0?$SourceTemplate@VStringStore@CryptoPP@@@CryptoPP@@QAE@PAVBufferedTransformation@1@@Z
??0?$StringSinkTemplate@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@CryptoPP@@QAE@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0?$StringSinkTemplate@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@CryptoPP@@QAE@ABV01@@Z
??0?$TF_Base@VRandomizedTrapdoorFunction@CryptoPP@@VPK_EncryptionMessageEncodingMethod@2@@CryptoPP@@QAE@ABV01@@Z
??0?$TF_Base@VRandomizedTrapdoorFunction@CryptoPP@@VPK_EncryptionMessageEncodingMethod@2@@CryptoPP@@QAE@XZ
??0?$TF_Base@VRandomizedTrapdoorFunctionInverse@CryptoPP@@VPK_SignatureMessageEncodingMethod@2@@CryptoPP@@QAE@ABV01@@Z
??0?$TF_Base@VRandomizedTrapdoorFunctionInverse@CryptoPP@@VPK_SignatureMessageEncodingMethod@2@@CryptoPP@@QAE@XZ
??0?$TF_Base@VTrapdoorFunction@CryptoPP@@VPK_SignatureMessageEncodingMethod@2@@CryptoPP@@QAE@ABV01@@Z
??0?$TF_Base@VTrapdoorFunction@CryptoPP@@VPK_SignatureMessageEncodingMethod@2@@CryptoPP@@QAE@XZ
??0?$TF_Base@VTrapdoorFunctionInverse@CryptoPP@@VPK_EncryptionMessageEncodingMethod@2@@CryptoPP@@QAE@ABV01@@Z
??0?$TF_Base@VTrapdoorFunctionInverse@CryptoPP@@VPK_EncryptionMessageEncodingMethod@2@@CryptoPP@@QAE@XZ
??0?$TF_CryptoSystemBase@VPK_Decryptor@CryptoPP@@V?$TF_Base@VTrapdoorFunctionInverse@CryptoPP@@VPK_EncryptionMessageEncodingMethod@2@@2@@CryptoPP@@QAE@ABV01@@Z
??0?$TF_CryptoSystemBase@VPK_Decryptor@CryptoPP@@V?$TF_Base@VTrapdoorFunctionInverse@CryptoPP@@VPK_EncryptionMessageEncodingMethod@2@@2@@CryptoPP@@QAE@XZ
??0?$TF_CryptoSystemBase@VPK_Encryptor@CryptoPP@@V?$TF_Base@VRandomizedTrapdoorFunction@CryptoPP@@VPK_EncryptionMessageEncodingMethod@2@@2@@CryptoPP@@QAE@ABV01@@Z
??0?$TF_CryptoSystemBase@VPK_Encryptor@CryptoPP@@V?$TF_Base@VRandomizedTrapdoorFunction@CryptoPP@@VPK_EncryptionMessageEncodingMethod@2@@2@@CryptoPP@@QAE@XZ
??0?$TF_SignatureSchemeBase@VPK_Signer@CryptoPP@@V?$TF_Base@VRandomizedTrapdoorFunctionInverse@CryptoPP@@VPK_SignatureMessageEncodingMethod@2@@2@@CryptoPP@@QAE@ABV01@@Z
??0?$TF_SignatureSchemeBase@VPK_Signer@CryptoPP@@V?$TF_Base@VRandomizedTrapdoorFunctionInverse@CryptoPP@@VPK_SignatureMessageEncodingMethod@2@@2@@CryptoPP@@QAE@XZ
??0?$TF_SignatureSchemeBase@VPK_Verifier@CryptoPP@@V?$TF_Base@VTrapdoorFunction@CryptoPP@@VPK_SignatureMessageEncodingMethod@2@@2@@CryptoPP@@QAE@ABV01@@Z
??0?$TF_SignatureSchemeBase@VPK_Verifier@CryptoPP@@V?$TF_Base@VTrapdoorFunction@CryptoPP@@VPK_SignatureMessageEncodingMethod@2@@2@@CryptoPP@@QAE@XZ
??0?$TwoBases@VBlockCipher@CryptoPP@@UDES_EDE2_Info@2@@CryptoPP@@QAE@ABV01@@Z
??0?$TwoBases@VBlockCipher@CryptoPP@@UDES_EDE2_Info@2@@CryptoPP@@QAE@XZ
??0?$TwoBases@VBlockCipher@CryptoPP@@UDES_EDE3_Info@2@@CryptoPP@@QAE@ABV01@@Z
??0?$TwoBases@VBlockCipher@CryptoPP@@UDES_EDE3_Info@2@@CryptoPP@@QAE@XZ
??0?$TwoBases@VBlockCipher@CryptoPP@@URijndael_Info@2@@CryptoPP@@QAE@ABV01@@Z
??0?$TwoBases@VBlockCipher@CryptoPP@@URijndael_Info@2@@CryptoPP@@QAE@XZ
??0?$TwoBases@VBlockCipher@CryptoPP@@USKIPJACK_Info@2@@CryptoPP@@QAE@ABV01@@Z
??0?$TwoBases@VBlockCipher@CryptoPP@@USKIPJACK_Info@2@@CryptoPP@@QAE@XZ
??0?$Unflushable@V?$Multichannel@VFilter@CryptoPP@@@CryptoPP@@@CryptoPP@@QAE@XZ
??0?$Unflushable@VFilter@CryptoPP@@@CryptoPP@@QAE@XZ
??0ASN1Object@CryptoPP@@QAE@ABV01@@Z
??0ASN1Object@CryptoPP@@QAE@XZ
??0AdditiveCipherAbstractPolicy@CryptoPP@@QAE@ABU01@@Z
??0AdditiveCipherAbstractPolicy@CryptoPP@@QAE@XZ
??0Algorithm@CryptoPP@@QAE@ABV01@@Z
??0Algorithm@CryptoPP@@QAE@_N@Z
??0AlgorithmParameters@CryptoPP@@QAE@ABV01@@Z
??0AlgorithmParameters@CryptoPP@@QAE@XZ
??0AlgorithmParametersBase@CryptoPP@@QAE@ABV01@@Z
??0AlgorithmParametersBase@CryptoPP@@QAE@PBD_N@Z
??0ArraySink@CryptoPP@@QAE@ABV01@@Z
??0ArraySink@CryptoPP@@QAE@ABVNameValuePairs@1@@Z
??0ArraySink@CryptoPP@@QAE@PAEI@Z
??0ArrayXorSink@CryptoPP@@QAE@ABV01@@Z
??0ArrayXorSink@CryptoPP@@QAE@PAEI@Z
??0AsymmetricAlgorithm@CryptoPP@@QAE@ABV01@@Z
??0AsymmetricAlgorithm@CryptoPP@@QAE@XZ
??0AuthenticatedDecryptionFilter@CryptoPP@@QAE@AAVAuthenticatedSymmetricCipher@1@PAVBufferedTransformation@1@IHW4BlockPaddingScheme@BlockPaddingSchemeDef@1@@Z
??0AuthenticatedEncryptionFilter@CryptoPP@@QAE@AAVAuthenticatedSymmetricCipher@1@PAVBufferedTransformation@1@_NHABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@W4BlockPaddingScheme@BlockPaddingSchemeDef@1@@Z
??0AuthenticatedKeyAgreementDomain@CryptoPP@@QAE@ABV01@@Z
??0AuthenticatedKeyAgreementDomain@CryptoPP@@QAE@XZ
??0AuthenticatedSymmetricCipher@CryptoPP@@QAE@ABV01@@Z
??0AuthenticatedSymmetricCipher@CryptoPP@@QAE@XZ
??0AuthenticatedSymmetricCipherBase@CryptoPP@@QAE@ABV01@@Z
??0AuthenticatedSymmetricCipherBase@CryptoPP@@QAE@XZ
??0AutoSeededRandomPool@CryptoPP@@QAE@_NI@Z
??0BERDecodeErr@CryptoPP@@QAE@ABV01@@Z
??0BERDecodeErr@CryptoPP@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0BERDecodeErr@CryptoPP@@QAE@XZ
??0BERGeneralDecoder@CryptoPP@@QAE@AAV01@E@Z
??0BERGeneralDecoder@CryptoPP@@QAE@AAVBufferedTransformation@1@E@Z
??0BERGeneralDecoder@CryptoPP@@QAE@ABV01@@Z
??0BERSequenceDecoder@CryptoPP@@QAE@AAV01@E@Z
??0BERSequenceDecoder@CryptoPP@@QAE@AAVBufferedTransformation@1@E@Z
??0BERSetDecoder@CryptoPP@@QAE@AAV01@E@Z
??0BERSetDecoder@CryptoPP@@QAE@AAVBufferedTransformation@1@E@Z
??0Base@DES_EDE2@CryptoPP@@QAE@ABV012@@Z
??0Base@DES_EDE2@CryptoPP@@QAE@XZ
??0Base@DES_EDE3@CryptoPP@@QAE@ABV012@@Z
??0Base@DES_EDE3@CryptoPP@@QAE@XZ
??0Base@Rijndael@CryptoPP@@QAE@ABV012@@Z
??0Base@Rijndael@CryptoPP@@QAE@XZ
??0Base@SKIPJACK@CryptoPP@@QAE@ABV012@@Z
??0Base@SKIPJACK@CryptoPP@@QAE@XZ
??0BaseN_Decoder@CryptoPP@@QAE@PAVBufferedTransformation@1@@Z
??0BaseN_Decoder@CryptoPP@@QAE@PBHHPAVBufferedTransformation@1@@Z
??0BaseN_Encoder@CryptoPP@@QAE@PAVBufferedTransformation@1@@Z
??0BaseN_Encoder@CryptoPP@@QAE@PBEHPAVBufferedTransformation@1@H@Z
??0BitBucket@CryptoPP@@QAE@ABV01@@Z
??0BitBucket@CryptoPP@@QAE@XZ
??0BlockCipher@CryptoPP@@QAE@ABV01@@Z
??0BlockCipher@CryptoPP@@QAE@XZ
??0BlockOrientedCipherModeBase@CryptoPP@@QAE@ABV01@@Z
??0BlockOrientedCipherModeBase@CryptoPP@@QAE@XZ
??0BlockTransformation@CryptoPP@@QAE@ABV01@@Z
??0BlockTransformation@CryptoPP@@QAE@XZ
??0BufferedTransformation@CryptoPP@@QAE@ABV01@@Z
??0BufferedTransformation@CryptoPP@@QAE@XZ
??0ByteQueue@CryptoPP@@QAE@ABV01@@Z
??0ByteQueue@CryptoPP@@QAE@I@Z
??0CBC_CTS_Decryption@CryptoPP@@QAE@ABV01@@Z
??0CBC_CTS_Decryption@CryptoPP@@QAE@XZ
??0CBC_CTS_Encryption@CryptoPP@@QAE@ABV01@@Z
??0CBC_CTS_Encryption@CryptoPP@@QAE@XZ
??0CBC_Decryption@CryptoPP@@QAE@ABV01@@Z
??0CBC_Decryption@CryptoPP@@QAE@XZ
??0CBC_Encryption@CryptoPP@@QAE@ABV01@@Z
??0CBC_Encryption@CryptoPP@@QAE@XZ
??0CBC_MAC_Base@CryptoPP@@QAE@ABV01@@Z
??0CBC_MAC_Base@CryptoPP@@QAE@XZ
??0CBC_ModeBase@CryptoPP@@QAE@ABV01@@Z
??0CBC_ModeBase@CryptoPP@@QAE@XZ
??0CCM_Base@CryptoPP@@QAE@ABV01@@Z
??0CCM_Base@CryptoPP@@QAE@XZ
??0CFB_CipherAbstractPolicy@CryptoPP@@QAE@ABV01@@Z
??0CFB_CipherAbstractPolicy@CryptoPP@@QAE@XZ
??0CFB_ModePolicy@CryptoPP@@QAE@ABV01@@Z
??0CFB_ModePolicy@CryptoPP@@QAE@XZ
??0CMAC_Base@CryptoPP@@QAE@ABV01@@Z
??0CMAC_Base@CryptoPP@@QAE@XZ
??0CTR_ModePolicy@CryptoPP@@QAE@ABV01@@Z
??0CTR_ModePolicy@CryptoPP@@QAE@XZ
??0CannotFlush@CryptoPP@@QAE@ABV01@@Z
??0CannotFlush@CryptoPP@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0ChannelSwitch@CryptoPP@@QAE@AAVBufferedTransformation@1@@Z
??0ChannelSwitch@CryptoPP@@QAE@AAVBufferedTransformation@1@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0ChannelSwitch@CryptoPP@@QAE@ABV01@@Z
??0ChannelSwitch@CryptoPP@@QAE@XZ
??0CipherModeBase@CryptoPP@@IAE@XZ
??0CipherModeBase@CryptoPP@@QAE@ABV01@@Z
??0Clonable@CryptoPP@@QAE@ABV01@@Z
??0Clonable@CryptoPP@@QAE@XZ
??0CombinedNameValuePairs@CryptoPP@@QAE@ABV01@@Z
??0CombinedNameValuePairs@CryptoPP@@QAE@ABVNameValuePairs@1@0@Z
??0CryptoMaterial@CryptoPP@@QAE@ABV01@@Z
??0CryptoMaterial@CryptoPP@@QAE@XZ
??0CryptoParameters@CryptoPP@@QAE@ABV01@@Z
??0CryptoParameters@CryptoPP@@QAE@XZ
??0DERGeneralEncoder@CryptoPP@@QAE@AAV01@E@Z
??0DERGeneralEncoder@CryptoPP@@QAE@AAVBufferedTransformation@1@E@Z
??0DERSequenceEncoder@CryptoPP@@QAE@AAV01@E@Z
??0DERSequenceEncoder@CryptoPP@@QAE@AAVBufferedTransformation@1@E@Z
??0DERSetEncoder@CryptoPP@@QAE@AAV01@E@Z
??0DERSetEncoder@CryptoPP@@QAE@AAVBufferedTransformation@1@E@Z
??0DL_GroupParameters_DSA@CryptoPP@@QAE@ABV01@@Z
??0DL_GroupParameters_DSA@CryptoPP@@QAE@XZ
??0DL_GroupParameters_GFP@CryptoPP@@QAE@ABV01@@Z
??0DL_GroupParameters_GFP@CryptoPP@@QAE@XZ
??0DL_GroupParameters_GFP_DefaultSafePrime@CryptoPP@@QAE@ABV01@@Z
??0DL_GroupParameters_GFP_DefaultSafePrime@CryptoPP@@QAE@XZ
??0DL_GroupParameters_IntegerBased@CryptoPP@@QAE@ABV01@@Z
??0DL_GroupParameters_IntegerBased@CryptoPP@@QAE@XZ
??0DL_SignatureMessageEncodingMethod_DSA@CryptoPP@@QAE@ABV01@@Z
??0DL_SignatureMessageEncodingMethod_DSA@CryptoPP@@QAE@XZ
??0DL_SignatureMessageEncodingMethod_NR@CryptoPP@@QAE@ABV01@@Z
??0DL_SignatureMessageEncodingMethod_NR@CryptoPP@@QAE@XZ
??0Dec@Rijndael@CryptoPP@@QAE@ABV012@@Z
??0Dec@Rijndael@CryptoPP@@QAE@XZ
??0Dec@SKIPJACK@CryptoPP@@QAE@ABV012@@Z
??0Dec@SKIPJACK@CryptoPP@@QAE@XZ
??0DecodingResult@CryptoPP@@QAE@I@Z
??0DecodingResult@CryptoPP@@QAE@XZ
??0EC2N@CryptoPP@@QAE@AAVBufferedTransformation@1@@Z
??0EC2N@CryptoPP@@QAE@ABV01@@Z
??0EC2N@CryptoPP@@QAE@ABVGF2NP@1@ABVPolynomialMod2@1@1@Z
??0EC2N@CryptoPP@@QAE@XZ
??0EC2NPoint@CryptoPP@@QAE@ABU01@@Z
??0EC2NPoint@CryptoPP@@QAE@ABVPolynomialMod2@1@0@Z
??0EC2NPoint@CryptoPP@@QAE@XZ
??0ECB_OneWay@CryptoPP@@QAE@ABV01@@Z
??0ECB_OneWay@CryptoPP@@QAE@XZ
??0ECP@CryptoPP@@QAE@AAVBufferedTransformation@1@@Z
??0ECP@CryptoPP@@QAE@ABV01@_N@Z
??0ECP@CryptoPP@@QAE@ABVInteger@1@00@Z
??0ECP@CryptoPP@@QAE@XZ
??0ECPPoint@CryptoPP@@QAE@ABU01@@Z
??0ECPPoint@CryptoPP@@QAE@ABVInteger@1@0@Z
??0ECPPoint@CryptoPP@@QAE@XZ
??0EMSA2Pad@CryptoPP@@QAE@ABV01@@Z
??0EMSA2Pad@CryptoPP@@QAE@XZ
??0Enc@Rijndael@CryptoPP@@QAE@ABV012@@Z
??0Enc@Rijndael@CryptoPP@@QAE@XZ
??0Enc@SKIPJACK@CryptoPP@@QAE@ABV012@@Z
??0Enc@SKIPJACK@CryptoPP@@QAE@XZ
??0EqualityComparisonFilter@CryptoPP@@QAE@PAVBufferedTransformation@1@_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2@Z
??0Exception@CryptoPP@@QAE@ABV01@@Z
??0Exception@CryptoPP@@QAE@W4ErrorType@01@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0FileSink@CryptoPP@@QAE@AAV?$basic_ostream@DU?$char_traits@D@std@@@std@@@Z
??0FileSink@CryptoPP@@QAE@PBD_N@Z
??0FileSink@CryptoPP@@QAE@PB_W_N@Z
??0FileSink@CryptoPP@@QAE@XZ
??0FileSource@CryptoPP@@QAE@AAV?$basic_istream@DU?$char_traits@D@std@@@std@@_NPAVBufferedTransformation@1@@Z
??0FileSource@CryptoPP@@QAE@PAVBufferedTransformation@1@@Z
??0FileSource@CryptoPP@@QAE@PBD_NPAVBufferedTransformation@1@1@Z
??0FileSource@CryptoPP@@QAE@PB_W_NPAVBufferedTransformation@1@1@Z
??0FileStore@CryptoPP@@QAE@AAV?$basic_istream@DU?$char_traits@D@std@@@std@@@Z
??0FileStore@CryptoPP@@QAE@PBD@Z
??0FileStore@CryptoPP@@QAE@PB_W@Z
??0FileStore@CryptoPP@@QAE@XZ
??0Filter@CryptoPP@@QAE@PAVBufferedTransformation@1@@Z
??0FilterPutSpaceHelper@CryptoPP@@QAE@ABU01@@Z
??0FilterPutSpaceHelper@CryptoPP@@QAE@XZ
??0FilterWithBufferedInput@CryptoPP@@QAE@IIIPAVBufferedTransformation@1@@Z
??0FilterWithBufferedInput@CryptoPP@@QAE@PAVBufferedTransformation@1@@Z
??0FilterWithInputQueue@CryptoPP@@QAE@PAVBufferedTransformation@1@@Z
??0GCM_Base@CryptoPP@@QAE@ABV01@@Z
??0GCM_Base@CryptoPP@@QAE@XZ
??0GCTR@GCM_Base@CryptoPP@@QAE@ABV012@@Z
??0GCTR@GCM_Base@CryptoPP@@QAE@XZ
??0GF2NP@CryptoPP@@QAE@ABV01@@Z

Sections

.text
Size: 620KB - Virtual size: 617KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 556KB - Virtual size: 555KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MODULES/dbghelp.dll
.dll windows:6 windows x86 arch:x86

fa6b094f828920cf8999743ff0004319

Code Sign

61:05:f7:1e:00:00:00:00:00:32
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

13/07/2009, 23:00

Not After

13/10/2010, 23:10

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:03:dc:f6:00:00:00:00:00:0c
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

25/07/2008, 19:12

Not After

25/07/2011, 19:22

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:159C-A3F7-2570,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:15:08:27:00:00:00:00:00:0c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

25/01/2006, 23:22

Not After

25/01/2017, 23:32

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

8f:30:24:0d:35:ff:73:8c:8f:ce:2e:fe:f2:26:b5:b2:12:d2:d0:aa
Signer

Actual PE Digest

8f:30:24:0d:35:ff:73:8c:8f:ce:2e:fe:f2:26:b5:b2:12:d2:d0:aa

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

dbghelp.pdb

Imports

msvcrt

_isatty
_write
_lseeki64
??3@YAXPAX@Z
_fileno
_read
__pioinfo
__badioinfo
ferror
wctomb
_snprintf
isleadbyte
mbtowc
_onexit
_lock
__dllonexit
_unlock
_ismbblead
_amsg_exit
_initterm
_XcptFilter
memmove
_iob
__mb_cur_max
strchr
_vsnwprintf
_errno
__CxxFrameHandler
iswspace
calloc
_itoa
_wcsdup
towlower
tolower
_wcslwr
time
_wctime
_ltoa
_strnicmp
_wcsnicmp
_purecall
ctime
malloc
strncmp
isspace
_stricmp
_strlwr
free
wcsrchr
strstr
memcpy
_wcsicmp
qsort
wcschr
wcsstr
wcsncmp
iswxdigit
memset
??2@YAPAXI@Z
iswprint
fflush
fprintf
atol
fclose
__unDName
iswdigit
_CxxThrowException
bsearch
_wfsopen
fread
fseek
wcstol
_wfullpath
_wgetenv
_get_osfhandle
_chsize
_close
_open_osfhandle
ftell
_memicmp
_mbscmp
??1type_info@@UAE@XZ
_wsopen

kernel32

HeapFree
MapViewOfFileEx
GetCurrentDirectoryW
InitializeCriticalSectionAndSpinCount
GetFileType
DeviceIoControl
SetFileAttributesW
CreateFileMappingW
InterlockedIncrement
InterlockedDecrement
LocalFree
FormatMessageW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetTickCount
QueryPerformanceCounter
RtlUnwind
InterlockedExchange
GetThreadSelectorEntry
CreateThread
TerminateThread
VirtualQueryEx
GetPriorityClass
GetThreadPriority
GetThreadTimes
GetThreadContext
ResumeThread
SuspendThread
GetCurrentThreadId
GetSystemTimeAsFileTime
Sleep
GetVersion
GetSystemInfo
LoadLibraryExA
InterlockedCompareExchange
DelayLoadFailureHook
ReadProcessMemory
GetProcessHeap
GetFileAttributesA
SetErrorMode
WriteFile
OutputDebugStringA
VirtualFree
OpenProcess
GetCurrentProcessId
GetModuleHandleA
CreateFileMappingA
MapViewOfFile
DuplicateHandle
VirtualAlloc
VirtualProtect
CreateDirectoryA
UnmapViewOfFile
GetCurrentProcess
SetFilePointer
IsDBCSLeadByte
HeapAlloc
HeapReAlloc
GetVersionExA
InitializeCriticalSection
FindClose
SetLastError
LocalAlloc
LeaveCriticalSection
EnterCriticalSection
CloseHandle
ReadFile
GetFileSize
CreateFileA
GetLastError
TlsSetValue
TlsGetValue
FreeLibrary
LoadLibraryA
TlsAlloc
TlsFree
DeleteCriticalSection
HeapDestroy
HeapCreate
FlushViewOfFile

Exports

Exports

DbgHelpCreateUserDump
DbgHelpCreateUserDumpW
EnumDirTree
EnumDirTreeW
EnumerateLoadedModules
EnumerateLoadedModules64
EnumerateLoadedModulesEx
EnumerateLoadedModulesExW
EnumerateLoadedModulesW64
ExtensionApiVersion
FindDebugInfoFile
FindDebugInfoFileEx
FindDebugInfoFileExW
FindExecutableImage
FindExecutableImageEx
FindExecutableImageExW
FindFileInPath
FindFileInSearchPath
GetTimestampForLoadedLibrary
ImageDirectoryEntryToData
ImageDirectoryEntryToDataEx
ImageNtHeader
ImageRvaToSection
ImageRvaToVa
ImagehlpApiVersion
ImagehlpApiVersionEx
MakeSureDirectoryPathExists
MapDebugInformation
MiniDumpReadDumpStream
MiniDumpWriteDump
SearchTreeForFile
SearchTreeForFileW
StackWalk
StackWalk64
SymAddSourceStream
SymAddSourceStreamA
SymAddSourceStreamW
SymAddSymbol
SymAddSymbolW
SymCleanup
SymDeleteSymbol
SymDeleteSymbolW
SymEnumLines
SymEnumLinesW
SymEnumProcesses
SymEnumSourceFileTokens
SymEnumSourceFiles
SymEnumSourceFilesW
SymEnumSourceLines
SymEnumSourceLinesW
SymEnumSym
SymEnumSymbols
SymEnumSymbolsForAddr
SymEnumSymbolsForAddrW
SymEnumSymbolsW
SymEnumTypes
SymEnumTypesByName
SymEnumTypesByNameW
SymEnumTypesW
SymEnumerateModules
SymEnumerateModules64
SymEnumerateModulesW64
SymEnumerateSymbols
SymEnumerateSymbols64
SymEnumerateSymbolsW
SymEnumerateSymbolsW64
SymFindDebugInfoFile
SymFindDebugInfoFileW
SymFindExecutableImage
SymFindExecutableImageW
SymFindFileInPath
SymFindFileInPathW
SymFromAddr
SymFromAddrW
SymFromIndex
SymFromIndexW
SymFromName
SymFromNameW
SymFromToken
SymFromTokenW
SymFunctionTableAccess
SymFunctionTableAccess64
SymGetFileLineOffsets64
SymGetHomeDirectory
SymGetHomeDirectoryW
SymGetLineFromAddr
SymGetLineFromAddr64
SymGetLineFromAddrW64
SymGetLineFromName
SymGetLineFromName64
SymGetLineFromNameW64
SymGetLineNext
SymGetLineNext64
SymGetLineNextW64
SymGetLinePrev
SymGetLinePrev64
SymGetLinePrevW64
SymGetModuleBase
SymGetModuleBase64
SymGetModuleInfo
SymGetModuleInfo64
SymGetModuleInfoW
SymGetModuleInfoW64
SymGetOmapBlockBase
SymGetOmaps
SymGetOptions
SymGetScope
SymGetScopeW
SymGetSearchPath
SymGetSearchPathW
SymGetSourceFile
SymGetSourceFileFromToken
SymGetSourceFileFromTokenW
SymGetSourceFileToken
SymGetSourceFileTokenW
SymGetSourceFileW
SymGetSourceVarFromToken
SymGetSourceVarFromTokenW
SymGetSymFromAddr
SymGetSymFromAddr64
SymGetSymFromName
SymGetSymFromName64
SymGetSymNext
SymGetSymNext64
SymGetSymPrev
SymGetSymPrev64
SymGetSymbolFile
SymGetSymbolFileW
SymGetTypeFromName
SymGetTypeFromNameW
SymGetTypeInfo
SymGetTypeInfoEx
SymGetUnwindInfo
SymInitialize
SymInitializeW
SymLoadModule
SymLoadModule64
SymLoadModuleEx
SymLoadModuleExW
SymMatchFileName
SymMatchFileNameW
SymMatchString
SymMatchStringA
SymMatchStringW
SymNext
SymNextW
SymPrev
SymPrevW
SymRefreshModuleList
SymRegisterCallback
SymRegisterCallback64
SymRegisterCallbackW64
SymRegisterFunctionEntryCallback
SymRegisterFunctionEntryCallback64
SymSearch
SymSearchW
SymSetContext
SymSetHomeDirectory
SymSetHomeDirectoryW
SymSetOptions
SymSetParentWindow
SymSetScopeFromAddr
SymSetScopeFromIndex
SymSetSearchPath
SymSetSearchPathW
SymSrvDeltaName
SymSrvDeltaNameW
SymSrvGetFileIndexInfo
SymSrvGetFileIndexInfoW
SymSrvGetFileIndexString
SymSrvGetFileIndexStringW
SymSrvGetFileIndexes
SymSrvGetFileIndexesW
SymSrvGetSupplement
SymSrvGetSupplementW
SymSrvIsStore
SymSrvIsStoreW
SymSrvStoreFile
SymSrvStoreFileW
SymSrvStoreSupplement
SymSrvStoreSupplementW
SymUnDName
SymUnDName64
SymUnloadModule
SymUnloadModule64
UnDecorateSymbolName
UnDecorateSymbolNameW
UnmapDebugInformation
WinDbgExtensionDllInit
block
chksym
dbghelp
dh
fptr
homedir
itoldyouso
lmi
lminfo
omap
srcfiles
stack_force_ebp
stackdbg
sym
symsrv
vc7fpo

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MODULES/devil.dll
.dll windows:5 windows x86 arch:x86

b5648758d424f2a733bfba235ef1cdeb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcr100

feof
isprint
atoi
fputs
isalnum
abort
__iob_func
_snprintf
fflush
strtod
_unlock
_setjmp3
_lock
_onexit
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
__CppXcptFilter
_crt_debugger_hook
_except_handler4_common
__clean_type_info_names_internal
longjmp
fprintf
strncmp
abs
vsprintf
fwrite
fputc
ftell
fseek
fread
fgetc
fclose
fopen
memcpy
free
malloc
__dllonexit
memset
_stricmp
_strdup
_strnicmp
_CIpow

kernel32

GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
InterlockedCompareExchange
Sleep
InterlockedExchange
DecodePointer
EncodePointer
GetSystemTime
GetSystemTimeAsFileTime

Exports

Exports

_iFlipBuffer@16
_iGetIntegervImage@12
_iMemSwap@12
_iMirror@0
_icalloc@8
_ilFlipSurfaceDxtcData@0
_ilInvertSurfaceDxtcDataAlpha@0
_ilNVidiaCompressDXT@24
_ilSquishCompressDXT@24
iBindImageTemp
iConvertImage
iConvertPal
iCopyPal
iGetFlipped
ialloc
ifree
ilActiveFace
ilActiveImage
ilActiveLayer
ilActiveMipmap
ilApplyPal
ilApplyProfile
ilBindImage
ilBlit
ilClampNTSC
ilClearColour
ilClearImage
ilClearImage_
ilCloneCurImage
ilCloseImage
ilClosePal
ilCompressDXT
ilCompressFunc
ilConvertBuffer
ilConvertImage
ilConvertPal
ilCopyImage
ilCopyImageAttr
ilCopyImage_
ilCopyPixels
ilCreateSubImage
ilDefaultImage
ilDeleteImage
ilDeleteImages
ilDetermineType
ilDetermineTypeF
ilDetermineTypeL
ilDisable
ilDxtcDataToImage
ilDxtcDataToSurface
ilEnable
ilFormatFunc
ilGenImage
ilGenImages
ilGetAlpha
ilGetBoolean
ilGetBooleanv
ilGetBpcType
ilGetBppFormat
ilGetBppPal
ilGetClear
ilGetCurImage
ilGetCurName
ilGetDXTCData
ilGetData
ilGetError
ilGetFormatBpp
ilGetInteger
ilGetIntegerv
ilGetLumpPos
ilGetPalBaseType
ilGetPalette
ilGetString
ilGetTypeBpc
ilHint
ilImageToDxtcData
ilInit
ilInitImage
ilIsDisabled
ilIsEnabled
ilIsImage
ilIsValid
ilIsValidF
ilIsValidL
ilIsValidPal
ilKeyColour
ilLoad
ilLoadData
ilLoadDataF
ilLoadDataL
ilLoadF
ilLoadImage
ilLoadL
ilLoadPal
ilModAlpha
ilNewImage
ilNewImageFull
ilNextPower2
ilOriginFunc
ilOverlayImage
ilPopAttrib
ilPushAttrib
ilRegisterFormat
ilRegisterLoad
ilRegisterMipNum
ilRegisterNumFaces
ilRegisterNumImages
ilRegisterOrigin
ilRegisterPal
ilRegisterSave
ilRegisterType
ilRemoveLoad
ilRemoveSave
ilReplaceCurImage
ilResetMemory
ilResetRead
ilResetWrite
ilResizeImage
ilSave
ilSaveData
ilSaveF
ilSaveImage
ilSaveL
ilSavePal
ilSetAlpha
ilSetCurImage
ilSetData
ilSetDuration
ilSetError
ilSetInteger
ilSetMemory
ilSetPal
ilSetPixels
ilSetRead
ilSetString
ilSetWrite
ilShutDown
ilSurfaceToDxtcData
ilTexImage
ilTexImageDxtc
ilTexImage_
ilTexSubImage_
ilTypeFromExt
ilTypeFunc

Sections

.text
Size: 234KB - Virtual size: 234KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 717KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MODULES/dtype.inf
MODULES/dtype_unicode.ccv
MODULES/dtypestd.dll
.dll windows:4 windows x86 arch:x86

31f6583eaf4b652109be38f51f74c654

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

GetDC
ReleaseDC

gdi32

DeleteObject
StretchDIBits
GetGlyphOutlineA
SelectObject
RemoveFontResourceA
CreateFontA
AddFontResourceA

wsock32

send
WSACleanup
WSAStartup
closesocket
recv
select
gethostbyname
socket
htons
connect

kernel32

SetLastError
GetFileType
TlsFree
SetEnvironmentVariableA
CompareStringW
CompareStringA
HeapReAlloc
HeapAlloc
HeapFree
RtlUnwind
GetLastError
DeleteFileA
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetCommandLineA
GetVersion
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
GetProcAddress
GetModuleHandleA
RaiseException
GetCurrentThreadId
TlsSetValue
TlsAlloc
LCMapStringW
WideCharToMultiByte
TlsGetValue
SetHandleCount
GetStdHandle
InterlockedDecrement
GetStartupInfoA
SetFilePointer
ReadFile
CloseHandle
WriteFile
FlushFileBuffers
GetFileAttributesA
CreateFileA
GetCurrentProcessId
TerminateProcess
GetCurrentProcess
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
MultiByteToWideChar
GetEnvironmentStrings
GetEnvironmentStringsW
GetStringTypeW
InterlockedIncrement
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
SetStdHandle
GetACP
GetStringTypeA
GetOEMCP
SetEndOfFile
GetCPInfo
LoadLibraryA
LCMapStringA

Exports

Exports

dcRasterizerBSplineTo
dcRasterizerBSplineToFrac
dcRasterizerBezierTo
dcRasterizerBezierToFrac
dcRasterizerDoOutput
dcRasterizerExt
dcRasterizerGetFillRule
dcRasterizerIni
dcRasterizerLineTo
dcRasterizerLineToFrac
dcRasterizerMoveTo
dcRasterizerMoveToFrac
dcRasterizerSetFillRule
dtBitmapCompress
dtBitmapDecompress
dtBitmapDoOutput
dtBitmapFree
dtBitmapInvert
dtCharDoMinMax
dtCharDoMinMaxFrac
dtCharDoOutput
dtCharDoOutputFrac
dtCharDoPosition
dtCharDoPositionFrac
dtCharDoTransform
dtCharDoTransformFrac
dtCharGetAlign
dtCharGetKern
dtCharGetMetrics
dtCharGetOutline
dtEngineExt
dtEngineGetUserParam
dtEngineGetVersion
dtEngineIni
dtEngineIniMin
dtEngineIniViaFile
dtEngineIniViaMemory
dtEngineIniViaStream
dtEngineIniViaStruct
dtEngineIniViaUrl
dtExtentDoTransform
dtFontAddAsMMInstance
dtFontAddViaFile
dtFontAddViaFileSet
dtFontAddViaFptr
dtFontAddViaFptrSet
dtFontAddViaMemory
dtFontAddViaMemorySet
dtFontAddViaStream
dtFontAddViaStreams
dtFontAddViaUrl
dtFontAddViaUrlSet
dtFontFind
dtFontFindMMInstance
dtFontGetCounter
dtFontGetDim
dtFontGetGlyphIndex
dtFontGetGlyphSubsts
dtFontGetMetrics
dtFontGetNrOfGlyphs
dtFontGetNumericValue
dtFontGetStream
dtFontGetStringValue
dtFontGetSysStatus
dtFontMakeActive
dtFontMakeInactive
dtFontMakeInactiveAll
dtFontRemove
dtFontRemoveAll
dtFontSaveAsDType
dtFontSaveToFileAsDType
dtFontSaveToFptrAsDType
dtFontSaveToMemoryAsDType
dtFontSaveToStream
dtFontSetCallback
dtFontSetErrorCallback
dtFontTest
dtFree
dtGlyphDoMinMax
dtGlyphDoMinMaxFrac
dtGlyphDoOutput
dtGlyphDoOutputFrac
dtGlyphDoPosition
dtGlyphDoPositionFrac
dtGlyphDoTransform
dtGlyphDoTransformFrac
dtGlyphGetAlign
dtGlyphGetKern
dtGlyphGetMetrics
dtGlyphGetOutline
dtMalloc
dtMatrixCalcExtentFrac
dtMatrixCalcPointFrac
dtMatrixMultiplyFrac
dtOutputGetStyle
dtOutputGetStyleAttribs
dtOutputSetAsHDC
dtOutputSetAsMDC
dtOutputSetInv
dtOutputSetStyle
dtOutputSetStyleAttribs
dtPatternGetBitmap
dtPatternGetGroupCount
dtPatternGetNrOfGroups
dtRasterizerGetFillRule
dtRasterizerGetGrayscale
dtRasterizerGetInfo
dtRasterizerRealloc
dtRasterizerSetFillRule
dtRasterizerSetGrayscale
dtRealloc
dtShapeDoOutput
dtShapeDoOutputFrac
dtStreamClose
dtStreamOpen
dtStreamOpenW
dtSysPST
dtTypesetterGetAlignMethod
dtTypesetterGetCacheCompression
dtTypesetterGetCachePolicy
dtTypesetterGetHintMinimum
dtTypesetterGetHintRounding
dtTypesetterGetHinting
dtTypesetterGetPositioning
dtTypesetterGetQuality
dtTypesetterGetSizeSubscale
dtTypesetterGetSubpixels
dtTypesetterGetType
dtTypesetterGetTypeAttribs
dtTypesetterRealloc
dtTypesetterSetAlignMethod
dtTypesetterSetCacheCompression
dtTypesetterSetCachePolicy
dtTypesetterSetHintMinimum
dtTypesetterSetHintRounding
dtTypesetterSetHinting
dtTypesetterSetPositioning
dtTypesetterSetQuality
dtTypesetterSetSizeSubscale
dtTypesetterSetSubpixels
dtTypesetterSetType
dtTypesetterSetTypeAttribs
dtTypesetterSetTypeAttribsTransformed
dtTypesetterSetTypeTransformed
dtTypesetterTransformTypeAttribs

Sections

.text
Size: 300KB - Virtual size: 299KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MODULES/gdiplus.dll
.dll windows:6 windows x86 arch:x86

c435c81e120e4837142e9074d88cf1cc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\postbuild\opt\microsoftwindowsgdiplus-1100-gdiplus.pdb

Imports

kernel32

VirtualAlloc
GetSystemInfo
GetCommandLineA
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
RtlUnwind
VirtualQuery
GetCPInfo
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
VirtualProtect
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
IsValidLocale
ConvertDefaultLocale
GetLocaleInfoW
GetModuleFileNameW
GetModuleFileNameA
FindResourceA
LoadResource
GetTickCount
QueryPerformanceCounter
GetModuleHandleA
GetProcAddress
HeapReAlloc
HeapFree
DisableThreadLibraryCalls
DeleteCriticalSection
InitializeCriticalSection
GetCurrentThreadId
InterlockedExchange
GetProcessHeap
HeapAlloc
InterlockedCompareExchange
LeaveCriticalSection
EnterCriticalSection
InterlockedDecrement
InterlockedIncrement
Sleep
CloseHandle
WriteFile
CreateFileA
WaitForSingleObject
SetEvent
lstrcmpiA
CreateThread
CreateEventA
WideCharToMultiByte
MultiByteToWideChar
GetSystemDefaultLCID
GetACP
GetVersionExA
GetWindowsDirectoryA
GetSystemDirectoryW
LoadLibraryA
HeapDestroy
FreeLibrary
GetModuleHandleW
LoadLibraryW
HeapCreate
GlobalFree
GlobalUnlock
GlobalSize
GlobalLock
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
GetFileSize
GlobalAlloc
SetLastError
VirtualFree
GetProfileSectionA
ReleaseSemaphore
CreateFileMappingW
GetSystemDirectoryA
CreateFileW
CreateSemaphoreA
IsDBCSLeadByteEx
GetLastError
FlushFileBuffers
LockFile
GetFileInformationByHandle
UnlockFile
ReadFile
SetFilePointer
SetEndOfFile
GetOEMCP
SearchPathA
SearchPathW
GetFileTime
LocalFree
LocalAlloc
MulDiv
LocalReAlloc
lstrcmpiW
GetProfileStringA
GetProfileIntA
LockResource
RaiseException

user32

ReleaseDC
GetDC
wsprintfA
GetSysColor
UnregisterClassA
DestroyWindow
LoadBitmapW
LoadBitmapA
IntersectRect
IsRectEmpty
wsprintfW
SystemParametersInfoA
GetClassLongA
GetWindowLongA
GetDCEx
GetIconInfo
CreateIconIndirect
WindowFromDC
GetWindowRect
GetDesktopWindow
GetClientRect
PeekMessageA
MsgWaitForMultipleObjects
TranslateMessage
DispatchMessageA
ClientToScreen
wvsprintfA
InflateRect
UnionRect
SetRectEmpty
OffsetRect
RegisterClassA
RegisterWindowMessageA
CreateWindowExA
DefWindowProcA
GetSystemMetrics

gdi32

ExtTextOutA
PolylineTo
Polyline
LineTo
GetCurrentPositionEx
PolyPolyline
StrokeAndFillPath
FillPath
SetPolyFillMode
GetGraphicsMode
StrokePath
CreateSolidBrush
SetMiterLimit
FillRgn
GetDIBColorTable
GetNearestPaletteIndex
ArcTo
SetArcDirection
SelectClipPath
GetPath
CloseFigure
AbortPath
FlattenPath
WidenPath
BeginPath
Ellipse
AngleArc
PolyBezierTo
PolyBezier
RoundRect
PolyDraw
Pie
Chord
Arc
EndPath
OffsetClipRgn
GetRgnBox
SetPaletteEntries
ResizePalette
CreatePalette
GetSystemPaletteEntries
GetSystemPaletteUse
GetDeviceCaps
ExtEscape
GetObjectType
GetPixel
DeleteObject
SelectPalette
GetTextFaceA
GetTextMetricsA
GetTextFaceW
GetTextMetricsW
EnumFontFamiliesExA
EnumFontFamiliesExW
SelectObject
CreateFontIndirectW
CreateFontIndirectA
GetRegionData
DeleteDC
DrawEscape
CreateDCA
CreateICA
CreateRectRgn
GetRandomRgn
LPtoDP
GetWindowExtEx
GetViewportExtEx
GetWindowOrgEx
GetViewportOrgEx
GetMapMode
SetICMMode
Escape
GetDCOrgEx
GetObjectA
GetCurrentObject
GetDIBits
CreateCompatibleDC
CreateDIBSection
RealizePalette
GetPaletteEntries
PatBlt
CreateBrushIndirect
GdiFlush
SetDIBits
SetBkMode
SetBkColor
SetTextColor
CreateBitmap
GetStockObject
EnumMetaFile
GetMetaFileBitsEx
PlayEnhMetaFileRecord
EnumEnhMetaFile
SetMetaRgn
DeleteMetaFile
DeleteEnhMetaFile
CloseEnhMetaFile
PlayMetaFile
SetWindowExtEx
SetWindowOrgEx
SetViewportExtEx
SetViewportOrgEx
SetMapMode
CreateEnhMetaFileA
SetEnhMetaFileBits
SetMetaFileBitsEx
GetEnhMetaFileHeader
CopyMetaFileA
CopyEnhMetaFileA
GetEnhMetaFileBits
GetEnhMetaFileA
GetEnhMetaFileW
RestoreDC
SetWorldTransform
SetGraphicsMode
SaveDC
GetMetaFileA
GetMetaFileW
GdiComment
CreateEnhMetaFileW
SetDIBColorTable
SetBitmapBits
ExtTextOutW
PlayMetaFileRecord
IntersectClipRect
PolyPolygon
SetROP2
SetTextJustification
SetTextAlign
StretchDIBits
SetStretchBltMode
GetNearestColor
CreateDIBPatternBrushPt
DPtoLP
GetObjectW
CreatePenIndirect
GetTextColor
GetBkColor
SelectClipRgn
GetClipRgn
SetBrushOrgEx
Polygon
Rectangle
GetROP2
GetWorldTransform
ExtCreatePen
CombineRgn
TranslateCharsetInfo
GetTextCharsetInfo
GetPolyFillMode
GetArcDirection
GetTextAlign
GetBkMode
GetMiterLimit
CreateCompatibleBitmap
ExtCreateRegion
ModifyWorldTransform
ExtSelectClipRgn
CreatePatternBrush
ExcludeClipRect
CreatePen
SetMapperFlags
CombineTransform
ScaleWindowExtEx
ScaleViewportExtEx
StretchBlt
OffsetViewportOrgEx
BitBlt
PlgBlt
GetWinMetaFileBits
PlayEnhMetaFile
MoveToEx
CreateDIBitmap

ole32

CoTaskMemFree
CoTaskMemAlloc
GetHGlobalFromStream
CreateStreamOnHGlobal

advapi32

RegSetValueExW
RegSetValueExA
RegDeleteKeyW
RegDeleteKeyA
RegCreateKeyExW
RegCreateKeyExA
RegEnumKeyExW
RegEnumKeyExA
RegQueryValueExW
RegQueryValueExA
RegQueryInfoKeyW
RegOpenKeyExW
RegOpenKeyExA
RegQueryInfoKeyA
RegEnumValueW
RegCloseKey
RegEnumValueA

Exports

Exports

GdipAddPathArc
GdipAddPathArcI
GdipAddPathBezier
GdipAddPathBezierI
GdipAddPathBeziers
GdipAddPathBeziersI
GdipAddPathClosedCurve
GdipAddPathClosedCurve2
GdipAddPathClosedCurve2I
GdipAddPathClosedCurveI
GdipAddPathCurve
GdipAddPathCurve2
GdipAddPathCurve2I
GdipAddPathCurve3
GdipAddPathCurve3I
GdipAddPathCurveI
GdipAddPathEllipse
GdipAddPathEllipseI
GdipAddPathLine
GdipAddPathLine2
GdipAddPathLine2I
GdipAddPathLineI
GdipAddPathPath
GdipAddPathPie
GdipAddPathPieI
GdipAddPathPolygon
GdipAddPathPolygonI
GdipAddPathRectangle
GdipAddPathRectangleI
GdipAddPathRectangles
GdipAddPathRectanglesI
GdipAddPathString
GdipAddPathStringI
GdipAlloc
GdipBeginContainer
GdipBeginContainer2
GdipBeginContainerI
GdipBitmapApplyEffect
GdipBitmapConvertFormat
GdipBitmapCreateApplyEffect
GdipBitmapGetHistogram
GdipBitmapGetHistogramSize
GdipBitmapGetPixel
GdipBitmapLockBits
GdipBitmapSetPixel
GdipBitmapSetResolution
GdipBitmapUnlockBits
GdipClearPathMarkers
GdipCloneBitmapArea
GdipCloneBitmapAreaI
GdipCloneBrush
GdipCloneCustomLineCap
GdipCloneFont
GdipCloneFontFamily
GdipCloneImage
GdipCloneImageAttributes
GdipCloneMatrix
GdipClonePath
GdipClonePen
GdipCloneRegion
GdipCloneStringFormat
GdipClosePathFigure
GdipClosePathFigures
GdipCombineRegionPath
GdipCombineRegionRect
GdipCombineRegionRectI
GdipCombineRegionRegion
GdipComment
GdipConvertToEmfPlus
GdipConvertToEmfPlusToFile
GdipConvertToEmfPlusToStream
GdipCreateAdjustableArrowCap
GdipCreateBitmapFromDirectDrawSurface
GdipCreateBitmapFromFile
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromGdiDib
GdipCreateBitmapFromGraphics
GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromHICON
GdipCreateBitmapFromResource
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipCreateBitmapFromStreamICM
GdipCreateCachedBitmap
GdipCreateCustomLineCap
GdipCreateEffect
GdipCreateFont
GdipCreateFontFamilyFromName
GdipCreateFontFromDC
GdipCreateFontFromLogfontA
GdipCreateFontFromLogfontW
GdipCreateFromHDC
GdipCreateFromHDC2
GdipCreateFromHWND
GdipCreateFromHWNDICM
GdipCreateHBITMAPFromBitmap
GdipCreateHICONFromBitmap
GdipCreateHalftonePalette
GdipCreateHatchBrush
GdipCreateImageAttributes
GdipCreateLineBrush
GdipCreateLineBrushFromRect
GdipCreateLineBrushFromRectI
GdipCreateLineBrushFromRectWithAngle
GdipCreateLineBrushFromRectWithAngleI
GdipCreateLineBrushI
GdipCreateMatrix
GdipCreateMatrix2
GdipCreateMatrix3
GdipCreateMatrix3I
GdipCreateMetafileFromEmf
GdipCreateMetafileFromFile
GdipCreateMetafileFromStream
GdipCreateMetafileFromWmf
GdipCreateMetafileFromWmfFile
GdipCreatePath
GdipCreatePath2
GdipCreatePath2I
GdipCreatePathGradient
GdipCreatePathGradientFromPath
GdipCreatePathGradientI
GdipCreatePathIter
GdipCreatePen1
GdipCreatePen2
GdipCreateRegion
GdipCreateRegionHrgn
GdipCreateRegionPath
GdipCreateRegionRect
GdipCreateRegionRectI
GdipCreateRegionRgnData
GdipCreateSolidFill
GdipCreateStreamOnFile
GdipCreateStringFormat
GdipCreateTexture
GdipCreateTexture2
GdipCreateTexture2I
GdipCreateTextureIA
GdipCreateTextureIAI
GdipDeleteBrush
GdipDeleteCachedBitmap
GdipDeleteCustomLineCap
GdipDeleteEffect
GdipDeleteFont
GdipDeleteFontFamily
GdipDeleteGraphics
GdipDeleteMatrix
GdipDeletePath
GdipDeletePathIter
GdipDeletePen
GdipDeletePrivateFontCollection
GdipDeleteRegion
GdipDeleteStringFormat
GdipDisposeImage
GdipDisposeImageAttributes
GdipDrawArc
GdipDrawArcI
GdipDrawBezier
GdipDrawBezierI
GdipDrawBeziers
GdipDrawBeziersI
GdipDrawCachedBitmap
GdipDrawClosedCurve
GdipDrawClosedCurve2
GdipDrawClosedCurve2I
GdipDrawClosedCurveI
GdipDrawCurve
GdipDrawCurve2
GdipDrawCurve2I
GdipDrawCurve3
GdipDrawCurve3I
GdipDrawCurveI
GdipDrawDriverString
GdipDrawEllipse
GdipDrawEllipseI
GdipDrawImage
GdipDrawImageFX
GdipDrawImageI
GdipDrawImagePointRect
GdipDrawImagePointRectI
GdipDrawImagePoints
GdipDrawImagePointsI
GdipDrawImagePointsRect
GdipDrawImagePointsRectI
GdipDrawImageRect
GdipDrawImageRectI
GdipDrawImageRectRect
GdipDrawImageRectRectI
GdipDrawLine
GdipDrawLineI
GdipDrawLines
GdipDrawLinesI
GdipDrawPath
GdipDrawPie
GdipDrawPieI
GdipDrawPolygon
GdipDrawPolygonI
GdipDrawRectangle
GdipDrawRectangleI
GdipDrawRectangles
GdipDrawRectanglesI
GdipDrawString
GdipEmfToWmfBits
GdipEndContainer
GdipEnumerateMetafileDestPoint
GdipEnumerateMetafileDestPointI
GdipEnumerateMetafileDestPoints
GdipEnumerateMetafileDestPointsI
GdipEnumerateMetafileDestRect
GdipEnumerateMetafileDestRectI
GdipEnumerateMetafileSrcRectDestPoint
GdipEnumerateMetafileSrcRectDestPointI
GdipEnumerateMetafileSrcRectDestPoints
GdipEnumerateMetafileSrcRectDestPointsI
GdipEnumerateMetafileSrcRectDestRect
GdipEnumerateMetafileSrcRectDestRectI
GdipFillClosedCurve
GdipFillClosedCurve2
GdipFillClosedCurve2I
GdipFillClosedCurveI
GdipFillEllipse
GdipFillEllipseI
GdipFillPath
GdipFillPie
GdipFillPieI
GdipFillPolygon
GdipFillPolygon2
GdipFillPolygon2I
GdipFillPolygonI
GdipFillRectangle
GdipFillRectangleI
GdipFillRectangles
GdipFillRectanglesI
GdipFillRegion
GdipFindFirstImageItem
GdipFindNextImageItem
GdipFlattenPath
GdipFlush
GdipFree
GdipGetAdjustableArrowCapFillState
GdipGetAdjustableArrowCapHeight
GdipGetAdjustableArrowCapMiddleInset
GdipGetAdjustableArrowCapWidth
GdipGetAllPropertyItems
GdipGetBrushType
GdipGetCellAscent
GdipGetCellDescent
GdipGetClip
GdipGetClipBounds
GdipGetClipBoundsI
GdipGetCompositingMode
GdipGetCompositingQuality
GdipGetCustomLineCapBaseCap
GdipGetCustomLineCapBaseInset
GdipGetCustomLineCapStrokeCaps
GdipGetCustomLineCapStrokeJoin
GdipGetCustomLineCapType
GdipGetCustomLineCapWidthScale
GdipGetDC
GdipGetDpiX
GdipGetDpiY
GdipGetEffectParameterSize
GdipGetEffectParameters
GdipGetEmHeight
GdipGetEncoderParameterList
GdipGetEncoderParameterListSize
GdipGetFamily
GdipGetFamilyName
GdipGetFontCollectionFamilyCount
GdipGetFontCollectionFamilyList
GdipGetFontHeight
GdipGetFontHeightGivenDPI
GdipGetFontSize
GdipGetFontStyle
GdipGetFontUnit
GdipGetGenericFontFamilyMonospace
GdipGetGenericFontFamilySansSerif
GdipGetGenericFontFamilySerif
GdipGetHatchBackgroundColor
GdipGetHatchForegroundColor
GdipGetHatchStyle
GdipGetHemfFromMetafile
GdipGetImageAttributesAdjustedPalette
GdipGetImageBounds
GdipGetImageDecoders
GdipGetImageDecodersSize
GdipGetImageDimension
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipGetImageFlags
GdipGetImageGraphicsContext
GdipGetImageHeight
GdipGetImageHorizontalResolution
GdipGetImageItemData
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageRawFormat
GdipGetImageThumbnail
GdipGetImageType
GdipGetImageVerticalResolution
GdipGetImageWidth
GdipGetInterpolationMode
GdipGetLineBlend
GdipGetLineBlendCount
GdipGetLineColors
GdipGetLineGammaCorrection
GdipGetLinePresetBlend
GdipGetLinePresetBlendCount
GdipGetLineRect
GdipGetLineRectI
GdipGetLineSpacing
GdipGetLineTransform
GdipGetLineWrapMode
GdipGetLogFontA
GdipGetLogFontW
GdipGetMatrixElements
GdipGetMetafileDownLevelRasterizationLimit
GdipGetMetafileHeaderFromEmf
GdipGetMetafileHeaderFromFile
GdipGetMetafileHeaderFromMetafile
GdipGetMetafileHeaderFromStream
GdipGetMetafileHeaderFromWmf
GdipGetNearestColor
GdipGetPageScale
GdipGetPageUnit
GdipGetPathData
GdipGetPathFillMode
GdipGetPathGradientBlend
GdipGetPathGradientBlendCount
GdipGetPathGradientCenterColor
GdipGetPathGradientCenterPoint
GdipGetPathGradientCenterPointI
GdipGetPathGradientFocusScales
GdipGetPathGradientGammaCorrection
GdipGetPathGradientPath
GdipGetPathGradientPointCount
GdipGetPathGradientPresetBlend
GdipGetPathGradientPresetBlendCount
GdipGetPathGradientRect
GdipGetPathGradientRectI
GdipGetPathGradientSurroundColorCount
GdipGetPathGradientSurroundColorsWithCount
GdipGetPathGradientTransform
GdipGetPathGradientWrapMode
GdipGetPathLastPoint
GdipGetPathPoints
GdipGetPathPointsI
GdipGetPathTypes
GdipGetPathWorldBounds
GdipGetPathWorldBoundsI
GdipGetPenBrushFill
GdipGetPenColor
GdipGetPenCompoundArray
GdipGetPenCompoundCount
GdipGetPenCustomEndCap
GdipGetPenCustomStartCap
GdipGetPenDashArray
GdipGetPenDashCap197819
GdipGetPenDashCount
GdipGetPenDashOffset
GdipGetPenDashStyle
GdipGetPenEndCap
GdipGetPenFillType
GdipGetPenLineJoin
GdipGetPenMiterLimit
GdipGetPenMode
GdipGetPenStartCap
GdipGetPenTransform
GdipGetPenUnit
GdipGetPenWidth
GdipGetPixelOffsetMode
GdipGetPointCount
GdipGetPropertyCount
GdipGetPropertyIdList
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipGetPropertySize
GdipGetRegionBounds
GdipGetRegionBoundsI
GdipGetRegionData
GdipGetRegionDataSize
GdipGetRegionHRgn
GdipGetRegionScans
GdipGetRegionScansCount
GdipGetRegionScansI
GdipGetRenderingOrigin
GdipGetSmoothingMode
GdipGetSolidFillColor
GdipGetStringFormatAlign
GdipGetStringFormatDigitSubstitution
GdipGetStringFormatFlags
GdipGetStringFormatHotkeyPrefix
GdipGetStringFormatLineAlign
GdipGetStringFormatMeasurableCharacterRangeCount
GdipGetStringFormatTabStopCount
GdipGetStringFormatTabStops
GdipGetStringFormatTrimming
GdipGetTextContrast
GdipGetTextRenderingHint
GdipGetTextureImage
GdipGetTextureTransform
GdipGetTextureWrapMode
GdipGetVisibleClipBounds
GdipGetVisibleClipBoundsI
GdipGetWorldTransform
GdipGraphicsClear
GdipGraphicsSetAbort
GdipImageForceValidation
GdipImageGetFrameCount
GdipImageGetFrameDimensionsCount
GdipImageGetFrameDimensionsList
GdipImageRotateFlip
GdipImageSelectActiveFrame
GdipImageSetAbort
GdipInitializePalette
GdipInvertMatrix
GdipIsClipEmpty
GdipIsEmptyRegion
GdipIsEqualRegion
GdipIsInfiniteRegion
GdipIsMatrixEqual
GdipIsMatrixIdentity
GdipIsMatrixInvertible
GdipIsOutlineVisiblePathPoint
GdipIsOutlineVisiblePathPointI
GdipIsStyleAvailable
GdipIsVisibleClipEmpty
GdipIsVisiblePathPoint
GdipIsVisiblePathPointI
GdipIsVisiblePoint
GdipIsVisiblePointI
GdipIsVisibleRect
GdipIsVisibleRectI
GdipIsVisibleRegionPoint
GdipIsVisibleRegionPointI
GdipIsVisibleRegionRect
GdipIsVisibleRegionRectI
GdipLoadImageFromFile
GdipLoadImageFromFileICM
GdipLoadImageFromStream
GdipLoadImageFromStreamICM
GdipMeasureCharacterRanges
GdipMeasureDriverString
GdipMeasureString
GdipMultiplyLineTransform
GdipMultiplyMatrix
GdipMultiplyPathGradientTransform
GdipMultiplyPenTransform
GdipMultiplyTextureTransform
GdipMultiplyWorldTransform
GdipNewInstalledFontCollection
GdipNewPrivateFontCollection
GdipPathIterCopyData
GdipPathIterEnumerate
GdipPathIterGetCount
GdipPathIterGetSubpathCount
GdipPathIterHasCurve
GdipPathIterIsValid
GdipPathIterNextMarker
GdipPathIterNextMarkerPath
GdipPathIterNextPathType
GdipPathIterNextSubpath
GdipPathIterNextSubpathPath
GdipPathIterRewind
GdipPlayMetafileRecord
GdipPlayTSClientRecord
GdipPrivateAddFontFile
GdipPrivateAddMemoryFont
GdipRecordMetafile
GdipRecordMetafileFileName
GdipRecordMetafileFileNameI
GdipRecordMetafileI
GdipRecordMetafileStream
GdipRecordMetafileStreamI
GdipReleaseDC
GdipRemovePropertyItem
GdipResetClip
GdipResetImageAttributes
GdipResetLineTransform
GdipResetPageTransform
GdipResetPath
GdipResetPathGradientTransform
GdipResetPenTransform
GdipResetTextureTransform
GdipResetWorldTransform
GdipRestoreGraphics
GdipReversePath
GdipRotateLineTransform
GdipRotateMatrix
GdipRotatePathGradientTransform
GdipRotatePenTransform
GdipRotateTextureTransform
GdipRotateWorldTransform
GdipSaveAdd
GdipSaveAddImage
GdipSaveGraphics
GdipSaveImageToFile
GdipSaveImageToStream
GdipScaleLineTransform
GdipScaleMatrix

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Shared
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MODULES/ilu.dll
.dll windows:5 windows x86 arch:x86

e9db4f26887b9cd896ba39417d53437b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

devil

ilSetError
ifree
ilConvertImage
ilGetPalBaseType
ilGetCurImage
ialloc
ilGetInteger
ilCloseImage
ilNewImage
ilSetCurImage
ilCopyPixels
ilCopyImageAttr
_icalloc@8
ilTexImage
ilDeleteImages
ilLoadImage
ilGenImages
ilClearImage
_iFlipBuffer@16
_iMirror@0
ilConvertPal
ilGetBppPal
ilBindImage
ilIsImage
ilGetCurName
ilGetClear
iConvertImage
ilClearImage_
ilResizeImage
ilSetPal
_iGetIntegervImage@12
ilGetData

msvcr100

__CppXcptFilter
_crt_debugger_hook
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
_amsg_exit
_initterm_e
_initterm
_encoded_null
_malloc_crt
fmod
rand
memset
memcpy
free
cos
floor
sin
pow
sqrt
fabs
ceil

kernel32

GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
InterlockedCompareExchange
Sleep
InterlockedExchange
DecodePointer
EncodePointer

Exports

Exports

iluAlienify
iluBlurAvg
iluBlurGaussian
iluBuildMipmaps
iluColoursUsed
iluCompareImage
iluContrast
iluConvolution
iluCrop
iluDeleteImage
iluEdgeDetectE
iluEdgeDetectP
iluEdgeDetectS
iluEmboss
iluEnlargeCanvas
iluEnlargeImage
iluEqualize
iluErrorString
iluFlipImage
iluGammaCorrect
iluGenImage
iluGetImageInfo
iluGetInteger
iluGetIntegerv
iluGetString
iluImageParameter
iluInit
iluInvertAlpha
iluLoadImage
iluMirror
iluNegative
iluNoisify
iluPixelize
iluRegionfv
iluRegioniv
iluReplaceColour
iluRotate
iluRotate3D
iluRotate3D_
iluRotate_
iluSaturate1f
iluSaturate4f
iluScale
iluScaleAlpha
iluScaleColours
iluScale_
iluSetLanguage
iluSharpen
iluSwapColours
iluWave

Sections

.text
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MODULES/ilut.dll
.dll windows:5 windows x86 arch:x86

834622bb59f3582729d0fa083e458e7f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

QueryPerformanceCounter
InterlockedCompareExchange
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SizeofResource
GlobalSize
GlobalLock
GlobalUnlock
FindResourceA
LoadResource
LockResource
GetTickCount
Sleep
InterlockedExchange
DecodePointer
EncodePointer
IsDebuggerPresent

user32

IsClipboardFormatAvailable
EmptyClipboard
OpenClipboard
GetClipboardData
ReleaseDC
GetDC
GetForegroundWindow
CloseClipboard
SetClipboardData

gdi32

StretchBlt
StartPage
StartDocA
EndPage
CreateCompatibleDC
EndDoc
DeleteDC
GetPaletteEntries
GetDIBits
CreatePalette
CreateCompatibleBitmap
DeleteObject
SetDIBits
SelectObject

comdlg32

PrintDlgA

devil

ilBindImage
ilSaveImage
ilTypeFromExt
ilConvertPal
iGetFlipped
iConvertPal
ilLoadF
ilLoadL
iBindImageTemp
ilLoadImage
ilGetCurName
ilSetError
ilGetCurImage
_iGetIntegervImage@12
ilCopyImage_
ilGetDXTCData
ialloc
ifree
ilSetCurImage
ilNextPower2
ilCloseImage
iConvertImage
ilTexImage
ilClosePal

msvcr100

_encoded_null
_initterm
_initterm_e
_amsg_exit
__CppXcptFilter
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
_crt_debugger_hook
memcpy
memset
tolower
_malloc_crt
free

ilu

iluBuildMipmaps
iluFlipImage
iluScale_

wininet

InternetOpenA
InternetOpenUrlA
InternetReadFile
InternetCloseHandle

Exports

Exports

_ilutD3D9CubeTexFromFile@12
_ilutD3D9CubeTexFromFileHandle@12
_ilutD3D9CubeTexFromFileInMemory@16
_ilutD3D9CubeTexFromResource@16
_ilutD3D9CubeTexture@4
ilutConvertSliceToHBitmap
ilutConvertToHBitmap
ilutD3D9LoadSurface
ilutD3D9TexFromFile
ilutD3D9TexFromFileHandle
ilutD3D9TexFromFileInMemory
ilutD3D9TexFromResource
ilutD3D9Texture
ilutD3D9VolTexFromFile
ilutD3D9VolTexFromFileHandle
ilutD3D9VolTexFromFileInMemory
ilutD3D9VolTexFromResource
ilutD3D9VolumeTexture
ilutDisable
ilutEnable
ilutFreePaddedData
ilutGetBmpInfo
ilutGetBoolean
ilutGetBooleanv
ilutGetHPal
ilutGetInteger
ilutGetIntegerv
ilutGetPaddedData
ilutGetString
ilutGetWinClipboard
ilutInit
ilutIsDisabled
ilutIsEnabled
ilutLoadResource
ilutPopAttrib
ilutPushAttrib
ilutRenderer
ilutSetHBitmap
ilutSetHPal
ilutSetInteger
ilutSetWinClipboard
ilutWinLoadImage
ilutWinLoadUrl
ilutWinPrint
ilutWinSaveImage

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MODULES/mss32.dll
.dll windows:4 windows x86 arch:x86

97dbf1b2b03d8f736194a1910d4d0c16

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\devel\projects\mss\build\win\mss32.pdb

Imports

user32

SetTimer
KillTimer
wsprintfA
GetActiveWindow
IsWindow
GetTopWindow
GetWindowThreadProcessId
GetWindow
GetForegroundWindow
MessageBoxA
GetWindowLongA

kernel32

SetEnvironmentVariableA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
ExitProcess
GetTimeZoneInformation
WideCharToMultiByte
DeleteCriticalSection
GetStartupInfoA
GetFileType
GetStdHandle
GetWindowsDirectoryA
ReleaseMutex
CloseHandle
GetCurrentProcessId
Sleep
SuspendThread
ResumeThread
CreateEventA
CreateThread
GetSystemDirectoryA
SetThreadPriority
RaiseException
CreateDirectoryA
WaitForSingleObject
WaitForMultipleObjects
SetEvent
GetModuleFileNameA
GetModuleHandleA
CreateMutexA
SetErrorMode
FreeLibrary
FindFirstFileA
GetProcAddress
DisableThreadLibraryCalls
FindClose
LoadLibraryA
FindNextFileA
ReadFile
CreateFileA
SetFilePointer
OpenFile
GetTempPathA
GetTickCount
GetCurrentThread
DuplicateHandle
GetProfileStringA
GetCurrentProcess
QueryPerformanceCounter
QueryPerformanceFrequency
OutputDebugStringA
lstrcatA
WriteFile
GlobalAlloc
GlobalFree
CompareStringW
CompareStringA
SetEndOfFile
HeapSize
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
InitializeCriticalSection
FlushFileBuffers
SetStdHandle
VirtualAlloc
SetHandleCount
HeapReAlloc
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetConsoleMode
GetConsoleCP
VirtualFree
HeapCreate
RtlUnwind
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetLastError
InterlockedDecrement
EnterCriticalSection
LeaveCriticalSection
HeapDestroy

winmm

waveOutReset
waveOutGetDevCapsA
waveOutUnprepareHeader
waveOutOpen
waveOutClose
waveOutGetID
waveOutPrepareHeader
waveOutWrite
waveInClose
waveInOpen
waveInAddBuffer
waveInReset
waveInUnprepareHeader
waveInStart
midiOutOpen
midiOutReset
midiOutPrepareHeader
midiOutUnprepareHeader
midiOutLongMsg
midiOutClose
midiOutShortMsg
timeGetTime
mixerGetLineControlsA
auxGetNumDevs
mixerOpen
auxGetVolume
mciSendCommandA
mixerSetControlDetails
mixerGetControlDetailsA
mixerGetNumDevs
auxGetDevCapsA
mixerClose
mixerGetLineInfoA
auxSetVolume
waveInPrepareHeader

Exports

Exports

AIL_debug_printf
AIL_sprintf
DLSClose
DLSCompactMemory
DLSGetInfo
DLSLoadFile
DLSLoadMemFile
DLSMSSOpen
DLSSetAttribute
DLSUnloadAll
DLSUnloadFile
RIB_alloc_provider_handle
RIB_enumerate_interface
RIB_error
RIB_find_file_provider
RIB_free_provider_handle
RIB_free_provider_library
RIB_load_provider_library
RIB_register_interface
RIB_request_interface
RIB_request_interface_entry
RIB_type_string
RIB_unregister_interface
_AIL_3D_distance_factor@4
_AIL_3D_doppler_factor@4
_AIL_3D_rolloff_factor@4
_AIL_DLS_close@8
_AIL_DLS_compact@4
_AIL_DLS_get_info@12
_AIL_DLS_load_file@12
_AIL_DLS_load_memory@12
_AIL_DLS_open@28
_AIL_DLS_sample_handle@4
_AIL_DLS_unload@8
_AIL_HWND@0
_AIL_MIDI_handle_reacquire@4
_AIL_MIDI_handle_release@4
_AIL_MIDI_to_XMI@20
_AIL_MMX_available@0
_AIL_WAV_file_write@20
_AIL_WAV_info@8
_AIL_WAV_marker_by_index@12
_AIL_WAV_marker_by_name@8
_AIL_WAV_marker_count@4
_AIL_XMIDI_master_volume@4
_AIL_active_sample_count@4
_AIL_active_sequence_count@4
_AIL_allocate_sample_handle@4
_AIL_allocate_sequence_handle@4
_AIL_auto_service_stream@8
_AIL_background@0
_AIL_background_CPU_percent@0
_AIL_branch_index@8
_AIL_calculate_3D_channel_levels@68
_AIL_channel_notes@8
_AIL_close_XMIDI_driver@4
_AIL_close_digital_driver@4
_AIL_close_filter@4
_AIL_close_input@4
_AIL_close_library@4
_AIL_close_stream@4
_AIL_compress_ADPCM@12
_AIL_compress_ASI@20
_AIL_compress_DLS@20
_AIL_controller_value@12
_AIL_create_wave_synthesizer@16
_AIL_decompress_ADPCM@12
_AIL_decompress_ASI@24
_AIL_delay@4
_AIL_destroy_wave_synthesizer@4
_AIL_digital_CPU_percent@4
_AIL_digital_configuration@16
_AIL_digital_driver_processor@8
_AIL_digital_handle_reacquire@4
_AIL_digital_handle_release@4
_AIL_digital_latency@4
_AIL_digital_master_reverb@16
_AIL_digital_master_reverb_levels@12
_AIL_digital_master_volume_level@4
_AIL_digital_output_filter@4
_AIL_end_sample@4
_AIL_end_sequence@4
_AIL_enumerate_MP3_frames@4
_AIL_enumerate_filter_properties@12
_AIL_enumerate_filter_sample_properties@12
_AIL_enumerate_filters@12
_AIL_enumerate_output_filter_driver_properties@12
_AIL_enumerate_output_filter_sample_properties@12
_AIL_enumerate_sample_stage_properties@16
_AIL_extract_DLS@28
_AIL_file_error@0
_AIL_file_read@8
_AIL_file_size@4
_AIL_file_type@8
_AIL_file_type_named@12
_AIL_file_write@12
_AIL_filter_DLS_with_XMI@24
_AIL_filter_property@20
_AIL_find_DLS@24
_AIL_find_filter@8
_AIL_ftoa@4
_AIL_get_DirectSound_info@12
_AIL_get_input_info@4
_AIL_get_preference@4
_AIL_get_timer_highest_delay@0
_AIL_init_sample@8
_AIL_init_sequence@12
_AIL_inspect_MP3@12
_AIL_last_error@0
_AIL_library_resource_filename@16
_AIL_list_DLS@20
_AIL_list_MIDI@20
_AIL_listener_3D_orientation@28
_AIL_listener_3D_position@16
_AIL_listener_3D_velocity@16
_AIL_listener_relative_receiver_array@8
_AIL_load_sample_attributes@8
_AIL_load_sample_buffer@16
_AIL_lock@0
_AIL_lock_channel@4
_AIL_lock_mutex@0
_AIL_map_sequence_channel@12
_AIL_mem_alloc_lock@4
_AIL_mem_free_lock@4
_AIL_mem_use_free@4
_AIL_mem_use_malloc@4
_AIL_merge_DLS_with_XMI@16
_AIL_midiOutClose@4
_AIL_midiOutOpen@12
_AIL_minimum_sample_buffer_size@12
_AIL_ms_count@0
_AIL_open_XMIDI_driver@4
_AIL_open_digital_driver@16
_AIL_open_filter@8
_AIL_open_input@4
_AIL_open_library@8
_AIL_open_stream@12
_AIL_output_filter_driver_property@20
_AIL_pause_stream@8
_AIL_platform_property@20
_AIL_primary_digital_driver@4
_AIL_process_digital_audio@24
_AIL_quick_copy@4
_AIL_quick_halt@4
_AIL_quick_handles@12
_AIL_quick_load@4
_AIL_quick_load_and_play@12
_AIL_quick_load_mem@8
_AIL_quick_load_named_mem@12
_AIL_quick_ms_length@4
_AIL_quick_ms_position@4
_AIL_quick_play@8
_AIL_quick_set_low_pass_cut_off@12
_AIL_quick_set_ms_position@8
_AIL_quick_set_reverb_levels@12
_AIL_quick_set_speed@8
_AIL_quick_set_volume@12
_AIL_quick_shutdown@0
_AIL_quick_startup@20
_AIL_quick_status@4
_AIL_quick_type@4
_AIL_quick_unload@4
_AIL_redbook_close@4
_AIL_redbook_eject@4
_AIL_redbook_id@4
_AIL_redbook_open@4
_AIL_redbook_open_drive@4
_AIL_redbook_pause@4
_AIL_redbook_play@12
_AIL_redbook_position@4
_AIL_redbook_resume@4
_AIL_redbook_retract@4
_AIL_redbook_set_volume_level@8
_AIL_redbook_status@4
_AIL_redbook_stop@4
_AIL_redbook_track@4
_AIL_redbook_track_info@16
_AIL_redbook_tracks@4
_AIL_redbook_volume_level@4
_AIL_register_EOB_callback@8
_AIL_register_EOS_callback@8
_AIL_register_ICA_array@8
_AIL_register_SOB_callback@8
_AIL_register_beat_callback@8
_AIL_register_event_callback@8
_AIL_register_falloff_function_callback@8
_AIL_register_prefix_callback@8
_AIL_register_sequence_callback@8
_AIL_register_stream_callback@8
_AIL_register_timbre_callback@8
_AIL_register_timer@4
_AIL_register_trace_callback@8
_AIL_register_trigger_callback@8
_AIL_release_all_timers@0
_AIL_release_channel@8
_AIL_release_sample_handle@4
_AIL_release_sequence_handle@4
_AIL_release_timer_handle@4
_AIL_request_EOB_ASI_reset@12
_AIL_resume_sample@4
_AIL_resume_sequence@4
_AIL_room_type@4
_AIL_sample_3D_cone@16
_AIL_sample_3D_distances@16
_AIL_sample_3D_orientation@28
_AIL_sample_3D_position@16
_AIL_sample_3D_velocity@16
_AIL_sample_51_volume_levels@28
_AIL_sample_51_volume_pan@24
_AIL_sample_buffer_available@4
_AIL_sample_buffer_count@4
_AIL_sample_buffer_info@24
_AIL_sample_channel_count@8
_AIL_sample_channel_levels@20
_AIL_sample_exclusion@4
_AIL_sample_granularity@4
_AIL_sample_loop_block@12
_AIL_sample_loop_count@4
_AIL_sample_low_pass_cut_off@8
_AIL_sample_ms_position@12
_AIL_sample_obstruction@4
_AIL_sample_occlusion@4
_AIL_sample_output_levels@20
_AIL_sample_playback_rate@4
_AIL_sample_playback_rate_factor@4
_AIL_sample_position@4
_AIL_sample_processor@8
_AIL_sample_reverb_levels@12
_AIL_sample_speaker_scale_factors@16
_AIL_sample_stage_property@28
_AIL_sample_status@4
_AIL_sample_user_data@8
_AIL_sample_volume_levels@12
_AIL_sample_volume_pan@12
_AIL_save_sample_attributes@8
_AIL_send_channel_voice_message@20
_AIL_send_sysex_message@8
_AIL_sequence_loop_count@4
_AIL_sequence_ms_position@12
_AIL_sequence_position@12
_AIL_sequence_status@4
_AIL_sequence_tempo@4
_AIL_sequence_user_data@8
_AIL_sequence_volume@4
_AIL_serve@0
_AIL_service_stream@8
_AIL_set_3D_distance_factor@8
_AIL_set_3D_doppler_factor@8
_AIL_set_3D_rolloff_factor@8
_AIL_set_DirectSound_HWND@8
_AIL_set_XMIDI_master_volume@8
_AIL_set_digital_driver_processor@12
_AIL_set_digital_master_reverb@16
_AIL_set_digital_master_reverb_levels@12
_AIL_set_digital_master_volume_level@8
_AIL_set_error@4
_AIL_set_file_async_callbacks@20
_AIL_set_file_callbacks@16
_AIL_set_input_state@8
_AIL_set_listener_3D_orientation@28
_AIL_set_listener_3D_position@16
_AIL_set_listener_3D_velocity@20
_AIL_set_listener_3D_velocity_vector@16
_AIL_set_listener_relative_receiver_array@12
_AIL_set_named_sample_file@20
_AIL_set_preference@8
_AIL_set_redist_directory@4
_AIL_set_room_type@8
_AIL_set_sample_3D_cone@16
_AIL_set_sample_3D_distances@16
_AIL_set_sample_3D_orientation@28
_AIL_set_sample_3D_position@16
_AIL_set_sample_3D_velocity@20
_AIL_set_sample_3D_velocity_vector@16
_AIL_set_sample_51_volume_levels@28
_AIL_set_sample_51_volume_pan@24
_AIL_set_sample_address@12
_AIL_set_sample_adpcm_block_size@8
_AIL_set_sample_buffer_count@8
_AIL_set_sample_channel_levels@20
_AIL_set_sample_exclusion@8
_AIL_set_sample_file@12
_AIL_set_sample_info@8
_AIL_set_sample_is_3D@8
_AIL_set_sample_loop_block@12
_AIL_set_sample_loop_count@8
_AIL_set_sample_low_pass_cut_off@12
_AIL_set_sample_ms_position@8
_AIL_set_sample_obstruction@8
_AIL_set_sample_occlusion@8
_AIL_set_sample_playback_rate@8
_AIL_set_sample_playback_rate_factor@8
_AIL_set_sample_position@8
_AIL_set_sample_processor@12
_AIL_set_sample_reverb_levels@12
_AIL_set_sample_speaker_scale_factors@16
_AIL_set_sample_user_data@12
_AIL_set_sample_volume_levels@12
_AIL_set_sample_volume_pan@12
_AIL_set_sequence_loop_count@8
_AIL_set_sequence_ms_position@8
_AIL_set_sequence_tempo@12
_AIL_set_sequence_user_data@12
_AIL_set_sequence_volume@12
_AIL_set_speaker_configuration@16
_AIL_set_speaker_reverb_levels@20
_AIL_set_stream_loop_block@12
_AIL_set_stream_loop_count@8
_AIL_set_stream_ms_position@8
_AIL_set_stream_position@8
_AIL_set_stream_user_data@12
_AIL_set_timer_divisor@8
_AIL_set_timer_frequency@8
_AIL_set_timer_period@8
_AIL_set_timer_user@8
_AIL_shutdown@0
_AIL_size_processed_digital_audio@16
_AIL_speaker_configuration@20
_AIL_speaker_reverb_levels@16
_AIL_start_all_timers@0
_AIL_start_sample@4
_AIL_start_sequence@4
_AIL_start_stream@4
_AIL_start_timer@4
_AIL_startup@0
_AIL_stop_all_timers@0
_AIL_stop_sample@4
_AIL_stop_sequence@4
_AIL_stop_timer@4
_AIL_stream_info@20
_AIL_stream_loop_count@4
_AIL_stream_ms_position@12
_AIL_stream_position@4
_AIL_stream_sample_handle@4
_AIL_stream_status@4
_AIL_stream_user_data@8
_AIL_true_sequence_channel@8
_AIL_unlock@0
_AIL_unlock_mutex@0
_AIL_update_listener_3D_position@8
_AIL_update_sample_3D_position@8
_AIL_us_count@0
_DLSMSSGetCPU@4
_MIX_RIB_MAIN@8
_MSSDisableThreadLibraryCalls@4
_RIB_enumerate_providers@12
_RIB_find_file_dec_provider@20
_RIB_find_files_provider@20
_RIB_find_provider@12
_RIB_load_application_providers@4
_RIB_load_static_provider_library@8
_RIB_provider_system_data@8
_RIB_provider_user_data@8
_RIB_set_provider_system_data@12
_RIB_set_provider_user_data@12

Sections

.text
Size: 294KB - Virtual size: 293KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

MSSMIXER
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 87KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MODULES/mssds3d.flt
.dll windows:4 windows x86 arch:x86

63728b0e31a043a2ffc940831de89955

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\devel\projects\mss\build\win\mssds3d.pdb

Imports

user32

GetCursorPos
MessageBoxA

kernel32

TerminateProcess
GetCurrentProcess
GetTickCount

mss32

_AIL_lock@0
_AIL_get_preference@4
RIB_register_interface
_AIL_unlock@0
_AIL_release_timer_handle@4
_AIL_stop_timer@4
_AIL_mem_alloc_lock@4
_AIL_delay@4
_AIL_set_sample_processor@12
_AIL_set_timer_frequency@8
_AIL_ms_count@0
_AIL_set_timer_user@8
_AIL_us_count@0
_AIL_mem_free_lock@4
_AIL_start_timer@4
_AIL_set_error@4
_AIL_register_timer@4
RIB_unregister_interface
_AIL_get_DirectSound_info@12
_MSSDisableThreadLibraryCalls@4

Exports

Exports

_RIB_Main@8

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 300B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 428B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MODULES/mssdsp.flt
.dll windows:4 windows x86 arch:x86

a0e2ca1e23e58544fdccd82754f705fe

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\devel\projects\mss\build\win\mssdsp.pdb

Imports

user32

GetCursorPos
MessageBoxA

kernel32

GetTickCount
CreateFileA
SetFilePointer
WaitForSingleObject
SetEvent
WriteFile
Sleep
CreateEventA
CloseHandle
CreateThread
TerminateProcess
GetCurrentProcess

mss32

RIB_register_interface
_AIL_mem_alloc_lock@4
_AIL_mem_free_lock@4
RIB_unregister_interface
_MSSDisableThreadLibraryCalls@4
RIB_alloc_provider_handle

Exports

Exports

_RIB_Main@8

Sections

.text
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MODULES/mssmp3.asi
.dll windows:4 windows x86 arch:x86

dd232dc0ab7e03daf97d90cd4fbbc4d0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\devel\projects\mss\build\win\mssmp3.pdb

Imports

user32

GetCursorPos
MessageBoxA

kernel32

TerminateProcess
GetCurrentProcess
GetTickCount

mss32

_AIL_MMX_available@0
_AIL_mem_alloc_lock@4
RIB_unregister_interface
RIB_register_interface
_MSSDisableThreadLibraryCalls@4
_AIL_mem_free_lock@4

Exports

Exports

_RIB_Main@8

Sections

.text
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PhysXCooking.dll
.dll windows:4 windows x86 arch:x86

15b15c92e3d5e79f029f714cd3e65a5a

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

53:4a:be:d0:be:56:d9:84:0d:d1:2d:db:84:f8:b0:31
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

31/07/2009, 00:00

Not After

01/09/2011, 23:59

Subject

CN=NVIDIA Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Software,O=NVIDIA Corporation,L=Santa Clara,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

cc:0e:e9:6b:56:6e:66:f6:e8:46:53:31:68:fa:6a:0c:09:6b:62:7b
Signer

Actual PE Digest

cc:0e:e9:6b:56:6e:66:f6:e8:46:53:31:68:fa:6a:0c:09:6b:62:7b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\sw\physx\PhysXSDK\2.8.4\trunk\bin\win32\PhysXCooking.pdb

Imports

kernel32

EnterCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetCurrentThreadId
LeaveCriticalSection
InterlockedCompareExchange
CloseHandle
InterlockedIncrement
TerminateThread
Sleep
SetThreadAffinityMask
QueryPerformanceCounter
TlsSetValue
SetEndOfFile
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
GetLastError
HeapFree
HeapAlloc
HeapReAlloc
GetCommandLineA
GetVersionExA
GetProcessHeap
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
GetProcAddress
GetModuleHandleA
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
HeapSize
TlsGetValue
TlsAlloc
TlsFree
SetLastError
InterlockedDecrement
RaiseException
RtlUnwind
MultiByteToWideChar
ReadFile
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
SetHandleCount
GetFileType
GetStartupInfoA
SetFilePointer
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LoadLibraryA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetLocaleInfoA
CreateFileA
SetStdHandle
FlushFileBuffers
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW

wsock32

socket
inet_ntoa
closesocket
gethostbyaddr
connect
WSAStartup
ioctlsocket
gethostbyname
send
WSAGetLastError
htons
recv

Exports

Exports

NxCloseCooking
NxCookClothMesh
NxCookConvexMesh
NxCookSoftBodyMesh
NxCookTriangleMesh
NxCreatePMap
NxGetCookingInterface
NxGetCookingParams
NxInitCooking
NxPlatformMismatch
NxReleasePMap
NxReportCooking
NxScaleCookedConvexMesh
NxSetCookingParams

Sections

.text
Size: 308KB - Virtual size: 304KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PhysXCore.dll
.dll windows:4 windows x86 arch:x86

7fbdef5fa5b387b0168e11ab88500d73

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

53:4a:be:d0:be:56:d9:84:0d:d1:2d:db:84:f8:b0:31
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

31/07/2009, 00:00

Not After

01/09/2011, 23:59

Subject

CN=NVIDIA Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Software,O=NVIDIA Corporation,L=Santa Clara,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

40:28:76:07:48:0b:0e:57:f2:8c:0b:9c:c9:51:d0:dc:35:70:81:4f
Signer

Actual PE Digest

40:28:76:07:48:0b:0e:57:f2:8c:0b:9c:c9:51:d0:dc:35:70:81:4f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\sw\physx\PhysXSDK\2.8.4\trunk\bin\win32\PhysXCore.pdb

Imports

kernel32

QueryPerformanceCounter
TlsGetValue
InterlockedCompareExchange
InterlockedExchange
TlsSetValue
TlsAlloc
InterlockedIncrement
InterlockedDecrement
TlsFree
GetCurrentThreadId
LoadLibraryA
FreeLibrary
GetProcAddress
ResetEvent
WaitForMultipleObjects
SetEndOfFile
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
FlushFileBuffers
SetStdHandle
CreateFileA
GetLocaleInfoA
SetFilePointer
ReadFile
MultiByteToWideChar
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetConsoleMode
GetConsoleCP
WideCharToMultiByte
GetCurrentThread
GetVersionExA
GetCurrentProcessId
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
MapViewOfFile
UnmapViewOfFile
GetLastError
CreateFileMappingA
CloseHandle
InitializeCriticalSectionAndSpinCount
QueryPerformanceFrequency
GetTickCount
InitializeCriticalSection
WaitForSingleObject
CreateSemaphoreA
ReleaseSemaphore
TerminateThread
Sleep
ExitThread
SetThreadPriority
SetThreadAffinityMask
ResumeThread
CreateThread
SetEvent
CreateEventA
HeapFree
HeapValidate
HeapWalk
HeapAlloc
GetCommandLineA
GetProcessHeap
HeapReAlloc
GetModuleHandleA
SetLastError
HeapSize
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
WriteFile
GetStdHandle
GetModuleFileNameA
RtlUnwind
RaiseException

cudart32_30_9

__cudaRegisterFatBinary
__cudaRegisterFunction
__cudaRegisterVar
__cudaRegisterTexture
cudaSetupArgument
cudaBindTexture
cudaLaunch
cudaUnbindTexture
__cudaUnregisterFatBinary
cudaConfigureCall
cudaMemcpyToSymbolAsync
cudaGetErrorString
cudaMemset
cudaStreamDestroy
cudaStreamCreate
cudaFreeHost
cudaFree
cudaThreadSynchronize
cudaMalloc
cudaMallocHost
cudaEventQuery
cudaEventRecord
cudaEventSynchronize
cudaEventElapsedTime
cudaEventCreate
cudaMemcpy
cudaMemcpyAsync
cudaGetLastError
cudaGetDeviceProperties
__cudaRegisterShared
cudaCreateChannelDesc

wsock32

closesocket
gethostbyaddr
inet_ntoa
connect
gethostbyname
socket
send
ioctlsocket
WSAGetLastError
htons
recv
WSAStartup

user32

MessageBoxA

Exports

Exports

AgPmDestroySourceConnection
AgPmEventEnabled
AgPmEventLoggingEnabled
AgPmSubmitEvent
NgCreateCoreSDK
NpCreatePhysicsSDK
NpGetFoundationSDK
NpGetPhysicsSDK
NpGetPhysicsSDKAllocator
NpGetUtilLib
NpReleasePhysicsSDK
NxCreateCoreSDK
NxGetValue

Sections

.text
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 828KB - Virtual size: 827KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nvFatBi
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 108KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PhysXDevice.dll
.dll windows:4 windows x86 arch:x86

649b08a3330f6c830bf2f0bef712e1c9

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

53:4a:be:d0:be:56:d9:84:0d:d1:2d:db:84:f8:b0:31
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

31/07/2009, 00:00

Not After

01/09/2011, 23:59

Subject

CN=NVIDIA Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Software,O=NVIDIA Corporation,L=Santa Clara,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

c8:bd:b9:64:3f:c5:39:e3:ee:44:0d:ad:a3:2a:fc:d3:f5:c5:ed:d7
Signer

Actual PE Digest

c8:bd:b9:64:3f:c5:39:e3:ee:44:0d:ad:a3:2a:fc:d3:f5:c5:ed:d7

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FreeLibrary
GetProcAddress
LoadLibraryA
GetCurrentThreadId
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetLastError
ExitProcess
Sleep
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
LeaveCriticalSection
EnterCriticalSection
GetLocaleInfoA
WriteFile
InitializeCriticalSection
VirtualAlloc
HeapReAlloc
RtlUnwind
HeapSize

user32

EnumDisplayDevicesA

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey

Exports

Exports

physxDevClose
physxDevErrorString
physxDevGet
physxDevGetCudaOrdinal
physxDevGetHwSelection
physxDevInit
physxDevUsingDedicatedGPU

Sections

.text
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PhysXLoader.dll
.dll windows:4 windows x86 arch:x86

b7b19f3aff6ee6ae4dc714354316acf2

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

53:4a:be:d0:be:56:d9:84:0d:d1:2d:db:84:f8:b0:31
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

31/07/2009, 00:00

Not After

01/09/2011, 23:59

Subject

CN=NVIDIA Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Software,O=NVIDIA Corporation,L=Santa Clara,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3a:25:5e:f6:99:22:8f:c3:c1:d5:b5:09:e0:f2:36:84:8e:d4:94:91
Signer

Actual PE Digest

3a:25:5e:f6:99:22:8f:c3:c1:d5:b5:09:e0:f2:36:84:8e:d4:94:91

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\sw\physx\PhysXSDK\2.8.4\trunk\bin\win32\PhysXLoader.pdb

Imports

iphlpapi

GetAdaptersInfo

kernel32

FreeLibrary
GetProcAddress
LoadLibraryA
HeapCreate
GetCurrentThreadId
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleA
ExitProcess
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetLastError
InterlockedDecrement
Sleep
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
SetFilePointer
WriteFile
GetConsoleCP
GetConsoleMode
EnterCriticalSection
LeaveCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
InitializeCriticalSection
VirtualAlloc
HeapReAlloc
RtlUnwind
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
HeapSize
CreateFileA
CloseHandle
FlushFileBuffers

advapi32

RegOpenKeyExA
RegCloseKey
RegQueryValueExA

Exports

Exports

NxCreateModule
NxCreatePhysicsSDK
NxCreatePhysicsSDKWithID
NxGetCookingLib
NxGetCookingLibWithID
NxGetFoundationSDK
NxGetPhysicsSDK
NxGetPhysicsSDKAllocator
NxGetUtilLib
NxReleasePhysicsSDK

Sections

.text
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
cudart32_30_9.dll
.dll windows:5 windows x86 arch:x86

dd9928a7fff2b3342fb5130156f7dd01

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

53:4a:be:d0:be:56:d9:84:0d:d1:2d:db:84:f8:b0:31
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

31/07/2009, 00:00

Not After

01/09/2011, 23:59

Subject

CN=NVIDIA Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Software,O=NVIDIA Corporation,L=Santa Clara,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

be:96:bd:87:27:28:8a:a1:a5:43:15:d0:7b:f4:c4:76:a9:18:95:71
Signer

Actual PE Digest

be:96:bd:87:27:28:8a:a1:a5:43:15:d0:7b:f4:c4:76:a9:18:95:71

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DeleteCriticalSection
GetProcAddress
LoadLibraryA
LeaveCriticalSection
EnterCriticalSection
TlsGetValue
FreeLibrary
InitializeCriticalSection
TlsAlloc
TlsFree
TlsSetValue
RaiseException
RtlUnwind
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapAlloc
GetLastError
HeapFree
GetModuleHandleW
Sleep
ExitProcess
GetCurrentThreadId
GetCommandLineA
HeapReAlloc
GetModuleHandleA
WriteFile
GetStdHandle
GetModuleFileNameA
InterlockedIncrement
SetLastError
InterlockedDecrement
WideCharToMultiByte
VirtualFree
VirtualAlloc
HeapCreate
HeapDestroy
InitializeCriticalSectionAndSpinCount
HeapSize
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetLocaleInfoA
CompareStringA
MultiByteToWideChar
CompareStringW
SetEnvironmentVariableA
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW

Exports

Exports

__cudaMutexOperation
__cudaRegisterFatBinary
__cudaRegisterFunction
__cudaRegisterShared
__cudaRegisterSharedVar
__cudaRegisterSurface
__cudaRegisterTexture
__cudaRegisterVar
__cudaSynchronizeThreads
__cudaTextureFetch
__cudaUnregisterFatBinary
cudaBindSurfaceToAddr
cudaBindSurfaceToArray
cudaBindTexture
cudaBindTexture2D
cudaBindTextureToArray
cudaChooseDevice
cudaConfigureCall
cudaCreateChannelDesc
cudaD3D10GetDevice
cudaD3D10MapResources
cudaD3D10RegisterResource
cudaD3D10ResourceGetMappedArray
cudaD3D10ResourceGetMappedPitch
cudaD3D10ResourceGetMappedPointer
cudaD3D10ResourceGetMappedSize
cudaD3D10ResourceGetSurfaceDimensions
cudaD3D10ResourceSetMapFlags
cudaD3D10SetDirect3DDevice
cudaD3D10UnmapResources
cudaD3D10UnregisterResource
cudaD3D11GetDevice
cudaD3D11SetDirect3DDevice
cudaD3D9Begin
cudaD3D9End
cudaD3D9GetDevice
cudaD3D9GetDirect3DDevice
cudaD3D9MapResources
cudaD3D9MapVertexBuffer
cudaD3D9RegisterResource
cudaD3D9RegisterVertexBuffer
cudaD3D9ResourceGetMappedArray
cudaD3D9ResourceGetMappedPitch
cudaD3D9ResourceGetMappedPointer
cudaD3D9ResourceGetMappedSize
cudaD3D9ResourceGetSurfaceDimensions
cudaD3D9ResourceSetMapFlags
cudaD3D9SetDirect3DDevice
cudaD3D9UnmapResources
cudaD3D9UnmapVertexBuffer
cudaD3D9UnregisterResource
cudaD3D9UnregisterVertexBuffer
cudaDriverGetVersion
cudaEventCreate
cudaEventCreateWithFlags
cudaEventDestroy
cudaEventElapsedTime
cudaEventQuery
cudaEventRecord
cudaEventSynchronize
cudaFree
cudaFreeArray
cudaFreeHost
cudaFuncGetAttributes
cudaGLMapBufferObject
cudaGLMapBufferObjectAsync
cudaGLRegisterBufferObject
cudaGLSetBufferObjectMapFlags
cudaGLSetGLDevice
cudaGLUnmapBufferObject
cudaGLUnmapBufferObjectAsync
cudaGLUnregisterBufferObject
cudaGetChannelDesc
cudaGetDevice
cudaGetDeviceCount
cudaGetDeviceProperties
cudaGetErrorString
cudaGetLastError
cudaGetSurfaceReference
cudaGetSymbolAddress
cudaGetSymbolSize
cudaGetTextureAlignmentOffset
cudaGetTextureReference
cudaGraphicsD3D10RegisterResource
cudaGraphicsD3D11RegisterResource
cudaGraphicsD3D9RegisterResource
cudaGraphicsGLRegisterBuffer
cudaGraphicsGLRegisterImage
cudaGraphicsMapResources
cudaGraphicsResourceGetMappedPointer
cudaGraphicsResourceSetMapFlags
cudaGraphicsSubResourceGetMappedArray
cudaGraphicsUnmapResources
cudaGraphicsUnregisterResource
cudaHostAlloc
cudaHostGetDevicePointer
cudaHostGetFlags
cudaLaunch
cudaMalloc
cudaMalloc3D
cudaMalloc3DArray
cudaMallocArray
cudaMallocHost
cudaMallocPitch
cudaMemGetInfo
cudaMemcpy
cudaMemcpy2D
cudaMemcpy2DArrayToArray
cudaMemcpy2DAsync
cudaMemcpy2DFromArray
cudaMemcpy2DFromArrayAsync
cudaMemcpy2DToArray
cudaMemcpy2DToArrayAsync
cudaMemcpy3D
cudaMemcpy3DAsync
cudaMemcpyArrayToArray
cudaMemcpyAsync
cudaMemcpyFromArray
cudaMemcpyFromArrayAsync
cudaMemcpyFromSymbol
cudaMemcpyFromSymbolAsync
cudaMemcpyToArray
cudaMemcpyToArrayAsync
cudaMemcpyToSymbol
cudaMemcpyToSymbolAsync
cudaMemset
cudaMemset2D
cudaMemset3D
cudaRuntimeGetVersion
cudaSetDevice
cudaSetDeviceFlags
cudaSetDoubleForDevice
cudaSetDoubleForHost
cudaSetValidDevices
cudaSetupArgument
cudaStreamCreate
cudaStreamDestroy
cudaStreamQuery
cudaStreamSynchronize
cudaThreadExit
cudaThreadSynchronize
cudaUnbindTexture
cudaWGLGetDevice

Sections

.text
Size: 178KB - Virtual size: 177KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
d3dx9_31.dll
.dll windows:5 windows x86 arch:x86

09c933f06e42c3bf52e8aa511f16f267

Code Sign

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

04/12/2003, 00:00

Not After

03/12/2008, 23:59

Subject

CN=VeriSign Time Stamping Services Signer,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

6a:0b:99:4f:c0:00:1d:ab:11:da:c4:02:a1:66:27:ba
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

04/04/2006, 17:44

Not After

26/04/2012, 07:00

Subject

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

61:46:9e:cb:00:04:00:00:00:65
Certificate

Issuer

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/04/2006, 19:43

Not After

04/10/2007, 19:53

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

6d:a1:19:71:39:e8:81:2e:e1:d4:c6:1f:cf:8d:3a:d6:54:be:27:23
Signer

Actual PE Digest

6d:a1:19:71:39:e8:81:2e:e1:d4:c6:1f:cf:8d:3a:d6:54:be:27:23

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d3dx9_31.pdb

Imports

msvcrt

_onexit
__dllonexit
_except_handler3
?terminate@@YAXXZ
_adjust_fdiv
_initterm
srand
strtod
fread
fflush
fwrite
abort
sprintf
strncpy
_tempnam
exit
atol
_ultoa
wcstombs
rand
isxdigit
atof
_CIcosh
_CIexp
_CIsinh
_CItanh
_fpclass
strchr
_isnan
isalnum
isalpha
toupper
tolower
atoi
floor
_strtime
_strdate
sscanf
isspace
isdigit
_setjmp3
longjmp
ldexp
frexp
wcslen
calloc
realloc
malloc
_CIsqrt
setlocale
_strdup
free
_clearfp
ceil
_controlfp
_vsnprintf
_CIasin
__CxxFrameHandler
_finite
_CIacos
memmove
qsort
_CIfmod
_purecall
_stricmp
modf
iswspace
iswalpha
iswdigit
iswpunct
_CIpow
??2@YAPAXI@Z
??3@YAXPAX@Z

gdi32

TranslateCharsetInfo
ExtTextOutW
GetCurrentObject
ExtTextOutA
CreateCompatibleDC
SetMapMode
GetOutlineTextMetricsA
GetGlyphOutlineW
MoveToEx
CreateFontIndirectW
SetTextAlign
CreateFontIndirectA
GetFontLanguageInfo
GetTextMetricsW
SetBkMode
SetBkColor
SetTextColor
GetCharacterPlacementW
GetCharacterPlacementA
SelectObject
DeleteObject
DeleteDC
CreateDIBSection
GetGlyphOutlineA
GetTextMetricsA
GetObjectW
GetObjectA

kernel32

DeleteFileW
GetFileSize
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
FindResourceA
LoadResource
LockResource
SizeofResource
FreeResource
CompareStringA
CreateFileW
GetLastError
FormatMessageA
LocalFree
GetFullPathNameA
LeaveCriticalSection
DeleteCriticalSection
InterlockedCompareExchange
SetFilePointer
InitializeCriticalSection
InterlockedExchange
EnterCriticalSection
lstrcmpiA
IsDBCSLeadByte
WriteFile
GetTempPathA
GetTempFileNameA
CreateFileA
ReadFile
CloseHandle
DeleteFileA
InterlockedDecrement
InterlockedIncrement
IsProcessorFeaturePresent
GetSystemInfo
VirtualAlloc
VirtualFree
GetACP
WideCharToMultiByte
MultiByteToWideChar
OutputDebugStringA
GetModuleHandleA
MoveFileA
MoveFileW
GetTempFileNameW
GlobalMemoryStatus
FreeLibrary
SetEndOfFile
ExpandEnvironmentStringsA
IsBadCodePtr
IsBadReadPtr
IsBadWritePtr
CreateMutexA
WaitForSingleObject
ReleaseMutex
HeapAlloc
GetProcessHeap
HeapFree
FindResourceW
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
Sleep
DisableThreadLibraryCalls
GetVersionExA
LoadLibraryA
GetProcAddress

advapi32

RegCloseKey
RegOpenKeyA
RegQueryValueExA

Exports

Exports

D3DXAssembleShader
D3DXAssembleShaderFromFileA
D3DXAssembleShaderFromFileW
D3DXAssembleShaderFromResourceA
D3DXAssembleShaderFromResourceW
D3DXBoxBoundProbe
D3DXCheckCubeTextureRequirements
D3DXCheckTextureRequirements
D3DXCheckVersion
D3DXCheckVolumeTextureRequirements
D3DXCleanMesh
D3DXColorAdjustContrast
D3DXColorAdjustSaturation
D3DXCompileShader
D3DXCompileShaderFromFileA
D3DXCompileShaderFromFileW
D3DXCompileShaderFromResourceA
D3DXCompileShaderFromResourceW
D3DXComputeBoundingBox
D3DXComputeBoundingSphere
D3DXComputeIMTFromPerTexelSignal
D3DXComputeIMTFromPerVertexSignal
D3DXComputeIMTFromSignal
D3DXComputeIMTFromTexture
D3DXComputeNormalMap
D3DXComputeNormals
D3DXComputeTangent
D3DXComputeTangentFrame
D3DXComputeTangentFrameEx
D3DXConcatenateMeshes
D3DXConvertMeshSubsetToSingleStrip
D3DXConvertMeshSubsetToStrips
D3DXCreateAnimationController
D3DXCreateBox
D3DXCreateBuffer
D3DXCreateCompressedAnimationSet
D3DXCreateCubeTexture
D3DXCreateCubeTextureFromFileA
D3DXCreateCubeTextureFromFileExA
D3DXCreateCubeTextureFromFileExW
D3DXCreateCubeTextureFromFileInMemory
D3DXCreateCubeTextureFromFileInMemoryEx
D3DXCreateCubeTextureFromFileW
D3DXCreateCubeTextureFromResourceA
D3DXCreateCubeTextureFromResourceExA
D3DXCreateCubeTextureFromResourceExW
D3DXCreateCubeTextureFromResourceW
D3DXCreateCylinder
D3DXCreateEffect
D3DXCreateEffectCompiler
D3DXCreateEffectCompilerFromFileA
D3DXCreateEffectCompilerFromFileW
D3DXCreateEffectCompilerFromResourceA
D3DXCreateEffectCompilerFromResourceW
D3DXCreateEffectEx
D3DXCreateEffectFromFileA
D3DXCreateEffectFromFileExA
D3DXCreateEffectFromFileExW
D3DXCreateEffectFromFileW
D3DXCreateEffectFromResourceA
D3DXCreateEffectFromResourceExA
D3DXCreateEffectFromResourceExW
D3DXCreateEffectFromResourceW
D3DXCreateEffectPool
D3DXCreateFontA
D3DXCreateFontIndirectA
D3DXCreateFontIndirectW
D3DXCreateFontW
D3DXCreateFragmentLinker
D3DXCreateKeyframedAnimationSet
D3DXCreateLine
D3DXCreateMatrixStack
D3DXCreateMesh
D3DXCreateMeshFVF
D3DXCreateNPatchMesh
D3DXCreatePMeshFromStream
D3DXCreatePRTBuffer
D3DXCreatePRTBufferTex
D3DXCreatePRTCompBuffer
D3DXCreatePRTEngine
D3DXCreatePatchMesh
D3DXCreatePolygon
D3DXCreateRenderToEnvMap
D3DXCreateRenderToSurface
D3DXCreateSPMesh
D3DXCreateSkinInfo
D3DXCreateSkinInfoFVF
D3DXCreateSkinInfoFromBlendedMesh
D3DXCreateSphere
D3DXCreateSprite
D3DXCreateTeapot
D3DXCreateTextA
D3DXCreateTextW
D3DXCreateTexture
D3DXCreateTextureFromFileA
D3DXCreateTextureFromFileExA
D3DXCreateTextureFromFileExW
D3DXCreateTextureFromFileInMemory
D3DXCreateTextureFromFileInMemoryEx
D3DXCreateTextureFromFileW
D3DXCreateTextureFromResourceA
D3DXCreateTextureFromResourceExA
D3DXCreateTextureFromResourceExW
D3DXCreateTextureFromResourceW
D3DXCreateTextureGutterHelper
D3DXCreateTextureShader
D3DXCreateTorus
D3DXCreateVolumeTexture
D3DXCreateVolumeTextureFromFileA
D3DXCreateVolumeTextureFromFileExA
D3DXCreateVolumeTextureFromFileExW
D3DXCreateVolumeTextureFromFileInMemory
D3DXCreateVolumeTextureFromFileInMemoryEx
D3DXCreateVolumeTextureFromFileW
D3DXCreateVolumeTextureFromResourceA
D3DXCreateVolumeTextureFromResourceExA
D3DXCreateVolumeTextureFromResourceExW
D3DXCreateVolumeTextureFromResourceW
D3DXDebugMute
D3DXDeclaratorFromFVF
D3DXDisassembleEffect
D3DXDisassembleShader
D3DXFVFFromDeclarator
D3DXFileCreate
D3DXFillCubeTexture
D3DXFillCubeTextureTX
D3DXFillTexture
D3DXFillTextureTX
D3DXFillVolumeTexture
D3DXFillVolumeTextureTX
D3DXFilterTexture
D3DXFindShaderComment
D3DXFloat16To32Array
D3DXFloat32To16Array
D3DXFrameAppendChild
D3DXFrameCalculateBoundingSphere
D3DXFrameDestroy
D3DXFrameFind
D3DXFrameNumNamedMatrices
D3DXFrameRegisterNamedMatrices
D3DXFresnelTerm
D3DXGatherFragments
D3DXGatherFragmentsFromFileA
D3DXGatherFragmentsFromFileW
D3DXGatherFragmentsFromResourceA
D3DXGatherFragmentsFromResourceW
D3DXGenerateOutputDecl
D3DXGeneratePMesh
D3DXGetDeclLength
D3DXGetDeclVertexSize
D3DXGetDriverLevel
D3DXGetFVFVertexSize
D3DXGetImageInfoFromFileA
D3DXGetImageInfoFromFileInMemory
D3DXGetImageInfoFromFileW
D3DXGetImageInfoFromResourceA
D3DXGetImageInfoFromResourceW
D3DXGetPixelShaderProfile
D3DXGetShaderConstantTable
D3DXGetShaderInputSemantics
D3DXGetShaderOutputSemantics
D3DXGetShaderSamplers
D3DXGetShaderSize
D3DXGetShaderVersion
D3DXGetVertexShaderProfile
D3DXIntersect
D3DXIntersectSubset
D3DXIntersectTri
D3DXLoadMeshFromXA
D3DXLoadMeshFromXInMemory
D3DXLoadMeshFromXResource
D3DXLoadMeshFromXW
D3DXLoadMeshFromXof
D3DXLoadMeshHierarchyFromXA
D3DXLoadMeshHierarchyFromXInMemory
D3DXLoadMeshHierarchyFromXW
D3DXLoadPRTBufferFromFileA
D3DXLoadPRTBufferFromFileW
D3DXLoadPRTCompBufferFromFileA
D3DXLoadPRTCompBufferFromFileW
D3DXLoadPatchMeshFromXof
D3DXLoadSkinMeshFromXof
D3DXLoadSurfaceFromFileA
D3DXLoadSurfaceFromFileInMemory
D3DXLoadSurfaceFromFileW
D3DXLoadSurfaceFromMemory
D3DXLoadSurfaceFromResourceA
D3DXLoadSurfaceFromResourceW
D3DXLoadSurfaceFromSurface
D3DXLoadVolumeFromFileA
D3DXLoadVolumeFromFileInMemory
D3DXLoadVolumeFromFileW
D3DXLoadVolumeFromMemory
D3DXLoadVolumeFromResourceA
D3DXLoadVolumeFromResourceW
D3DXLoadVolumeFromVolume
D3DXMatrixAffineTransformation
D3DXMatrixAffineTransformation2D
D3DXMatrixDecompose
D3DXMatrixDeterminant
D3DXMatrixInverse
D3DXMatrixLookAtLH
D3DXMatrixLookAtRH
D3DXMatrixMultiply
D3DXMatrixMultiplyTranspose
D3DXMatrixOrthoLH
D3DXMatrixOrthoOffCenterLH
D3DXMatrixOrthoOffCenterRH
D3DXMatrixOrthoRH
D3DXMatrixPerspectiveFovLH
D3DXMatrixPerspectiveFovRH
D3DXMatrixPerspectiveLH
D3DXMatrixPerspectiveOffCenterLH
D3DXMatrixPerspectiveOffCenterRH
D3DXMatrixPerspectiveRH
D3DXMatrixReflect
D3DXMatrixRotationAxis
D3DXMatrixRotationQuaternion
D3DXMatrixRotationX
D3DXMatrixRotationY
D3DXMatrixRotationYawPitchRoll
D3DXMatrixRotationZ
D3DXMatrixScaling
D3DXMatrixShadow
D3DXMatrixTransformation
D3DXMatrixTransformation2D
D3DXMatrixTranslation
D3DXMatrixTranspose
D3DXOptimizeFaces
D3DXOptimizeVertices
D3DXPlaneFromPointNormal
D3DXPlaneFromPoints
D3DXPlaneIntersectLine
D3DXPlaneNormalize
D3DXPlaneTransform
D3DXPlaneTransformArray
D3DXPreprocessShader
D3DXPreprocessShaderFromFileA
D3DXPreprocessShaderFromFileW
D3DXPreprocessShaderFromResourceA
D3DXPreprocessShaderFromResourceW
D3DXQuaternionBaryCentric
D3DXQuaternionExp
D3DXQuaternionInverse
D3DXQuaternionLn
D3DXQuaternionMultiply
D3DXQuaternionNormalize
D3DXQuaternionRotationAxis
D3DXQuaternionRotationMatrix
D3DXQuaternionRotationYawPitchRoll
D3DXQuaternionSlerp
D3DXQuaternionSquad
D3DXQuaternionSquadSetup
D3DXQuaternionToAxisAngle
D3DXRectPatchSize
D3DXSHAdd
D3DXSHDot
D3DXSHEvalConeLight
D3DXSHEvalDirection
D3DXSHEvalDirectionalLight
D3DXSHEvalHemisphereLight
D3DXSHEvalSphericalLight
D3DXSHPRTCompSplitMeshSC
D3DXSHPRTCompSuperCluster
D3DXSHProjectCubeMap
D3DXSHRotate
D3DXSHRotateZ
D3DXSHScale
D3DXSaveMeshHierarchyToFileA
D3DXSaveMeshHierarchyToFileW
D3DXSaveMeshToXA
D3DXSaveMeshToXW
D3DXSavePRTBufferToFileA
D3DXSavePRTBufferToFileW
D3DXSavePRTCompBufferToFileA
D3DXSavePRTCompBufferToFileW
D3DXSaveSurfaceToFileA
D3DXSaveSurfaceToFileInMemory
D3DXSaveSurfaceToFileW
D3DXSaveTextureToFileA
D3DXSaveTextureToFileInMemory
D3DXSaveTextureToFileW
D3DXSaveVolumeToFileA
D3DXSaveVolumeToFileInMemory
D3DXSaveVolumeToFileW
D3DXSimplifyMesh
D3DXSphereBoundProbe
D3DXSplitMesh
D3DXTessellateNPatches
D3DXTessellateRectPatch
D3DXTessellateTriPatch
D3DXTriPatchSize
D3DXUVAtlasCreate
D3DXUVAtlasPack
D3DXUVAtlasPartition
D3DXValidMesh
D3DXValidPatchMesh
D3DXVec2BaryCentric
D3DXVec2CatmullRom
D3DXVec2Hermite
D3DXVec2Normalize
D3DXVec2Transform
D3DXVec2TransformArray
D3DXVec2TransformCoord
D3DXVec2TransformCoordArray
D3DXVec2TransformNormal
D3DXVec2TransformNormalArray
D3DXVec3BaryCentric
D3DXVec3CatmullRom
D3DXVec3Hermite
D3DXVec3Normalize
D3DXVec3Project
D3DXVec3ProjectArray
D3DXVec3Transform
D3DXVec3TransformArray
D3DXVec3TransformCoord
D3DXVec3TransformCoordArray
D3DXVec3TransformNormal
D3DXVec3TransformNormalArray
D3DXVec3Unproject
D3DXVec3UnprojectArray
D3DXVec4BaryCentric
D3DXVec4CatmullRom
D3DXVec4Cross
D3DXVec4Hermite
D3DXVec4Normalize
D3DXVec4Transform
D3DXVec4TransformArray
D3DXWeldVertices

Sections

.text
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 98KB - Virtual size: 195KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 904B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
d3dx9_42.dll
.dll windows:6 windows x86 arch:x86

12b2200cb5e3bf090d11cb95972d3afc

Code Sign

2e:ab:11:dc:50:ff:5c:9d:cb:c0
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

22/08/2007, 22:31

Not After

25/08/2012, 07:00

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:06:27:81:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/10/2008, 21:24

Not After

22/01/2010, 21:34

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16/09/2006, 01:04

Not After

15/09/2019, 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:06:94:2d:00:00:00:00:00:09
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

25/07/2008, 19:02

Not After

25/07/2013, 19:12

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:7A82-688A-9F92,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

c2:59:7d:ad:3c:49:b0:89:c0:ae:6d:82:0d:6a:6b:3e:88:16:d8:b3
Signer

Actual PE Digest

c2:59:7d:ad:3c:49:b0:89:c0:ae:6d:82:0d:6a:6b:3e:88:16:d8:b3

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d3dx9_42.pdb

Imports

msvcrt

_isatty
_write
_lseeki64
_fileno
__pioinfo
__badioinfo
wctomb
_itoa
_snprintf
isleadbyte
?terminate@@YAXXZ
_onexit
_lock
__dllonexit
_unlock
_amsg_exit
_initterm
_XcptFilter
srand
strtod
fread
fflush
fwrite
abort
_tempnam
exit
isalpha
atof
atol
isxdigit
_ultoa
wcstombs
_CIexp
_isnan
rand
atoi
isalnum
floor
_strtime
_strdate
sscanf
isspace
isdigit
_setjmp3
longjmp
ldexp
frexp
calloc
realloc
_CIlog
setlocale
_strdup
free
_clearfp
ceil
_controlfp
malloc
_CIatan
_CIcos
_CIasin
_finite
_CIsin
_CIatan2
_CIacos
memmove
qsort
_CIfmod
_purecall
_stricmp
modf
iswspace
iswalpha
iswdigit
iswpunct
_CIsqrt
memcpy
memset
_CIpow
??2@YAPAXI@Z
??3@YAXPAX@Z
_iob
_vsnprintf
_vsnwprintf
_errno
__CxxFrameHandler

gdi32

GetTextMetricsA
GetObjectA
GetGlyphOutlineA
CreateDIBSection
DeleteDC
DeleteObject
SelectObject
GetCharacterPlacementA
GetCharacterPlacementW
SetTextColor
SetBkColor
SetBkMode
GetTextMetricsW
GetFontLanguageInfo
CreateFontIndirectA
CreateFontIndirectW
SetTextAlign
SetMapMode
CreateCompatibleDC
ExtTextOutA
MoveToEx
ExtTextOutW
TranslateCharsetInfo
GetCurrentObject
GetOutlineTextMetricsA
GetGlyphOutlineW
GetObjectW

kernel32

SetFilePointer
GetFileSize
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
FindResourceA
LoadResource
LockResource
SizeofResource
FreeResource
CompareStringA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
FormatMessageA
LocalFree
CreateFileW
GetFileSizeEx
GetFullPathNameW
GetLastError
IsDBCSLeadByte
WriteFile
GetTempPathA
GetTempFileNameA
DeleteFileW
ReadFile
CloseHandle
DeleteFileA
InterlockedDecrement
InterlockedIncrement
IsProcessorFeaturePresent
VirtualFree
GetACP
WideCharToMultiByte
MultiByteToWideChar
OutputDebugStringA
GetModuleHandleA
FreeLibrary
LoadLibraryA
GetVersionExA
GetVersion
GetSystemInfo
GetProcAddress
VirtualAlloc
GetProcessHeap
HeapFree
HeapAlloc
DisableThreadLibraryCalls
MoveFileA
MoveFileW
GetTempFileNameW
GlobalMemoryStatus
SetEndOfFile
ExpandEnvironmentStringsA
IsBadCodePtr
IsBadReadPtr
IsBadWritePtr
WaitForSingleObject
ReleaseMutex
CreateMutexA
Sleep
InterlockedExchange
InterlockedCompareExchange
RtlUnwind
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
CreateFileA
FindResourceW

advapi32

RegOpenKeyA
RegQueryValueExA
RegCloseKey

Exports

Exports

D3DXAssembleShader
D3DXAssembleShaderFromFileA
D3DXAssembleShaderFromFileW
D3DXAssembleShaderFromResourceA
D3DXAssembleShaderFromResourceW
D3DXBoxBoundProbe
D3DXCheckCubeTextureRequirements
D3DXCheckTextureRequirements
D3DXCheckVersion
D3DXCheckVolumeTextureRequirements
D3DXCleanMesh
D3DXColorAdjustContrast
D3DXColorAdjustSaturation
D3DXCompileShader
D3DXCompileShaderFromFileA
D3DXCompileShaderFromFileW
D3DXCompileShaderFromResourceA
D3DXCompileShaderFromResourceW
D3DXComputeBoundingBox
D3DXComputeBoundingSphere
D3DXComputeIMTFromPerTexelSignal
D3DXComputeIMTFromPerVertexSignal
D3DXComputeIMTFromSignal
D3DXComputeIMTFromTexture
D3DXComputeNormalMap
D3DXComputeNormals
D3DXComputeTangent
D3DXComputeTangentFrame
D3DXComputeTangentFrameEx
D3DXConcatenateMeshes
D3DXConvertMeshSubsetToSingleStrip
D3DXConvertMeshSubsetToStrips
D3DXCreateAnimationController
D3DXCreateBox
D3DXCreateBuffer
D3DXCreateCompressedAnimationSet
D3DXCreateCubeTexture
D3DXCreateCubeTextureFromFileA
D3DXCreateCubeTextureFromFileExA
D3DXCreateCubeTextureFromFileExW
D3DXCreateCubeTextureFromFileInMemory
D3DXCreateCubeTextureFromFileInMemoryEx
D3DXCreateCubeTextureFromFileW
D3DXCreateCubeTextureFromResourceA
D3DXCreateCubeTextureFromResourceExA
D3DXCreateCubeTextureFromResourceExW
D3DXCreateCubeTextureFromResourceW
D3DXCreateCylinder
D3DXCreateEffect
D3DXCreateEffectCompiler
D3DXCreateEffectCompilerFromFileA
D3DXCreateEffectCompilerFromFileW
D3DXCreateEffectCompilerFromResourceA
D3DXCreateEffectCompilerFromResourceW
D3DXCreateEffectEx
D3DXCreateEffectFromFileA
D3DXCreateEffectFromFileExA
D3DXCreateEffectFromFileExW
D3DXCreateEffectFromFileW
D3DXCreateEffectFromResourceA
D3DXCreateEffectFromResourceExA
D3DXCreateEffectFromResourceExW
D3DXCreateEffectFromResourceW
D3DXCreateEffectPool
D3DXCreateFontA
D3DXCreateFontIndirectA
D3DXCreateFontIndirectW
D3DXCreateFontW
D3DXCreateKeyframedAnimationSet
D3DXCreateLine
D3DXCreateMatrixStack
D3DXCreateMesh
D3DXCreateMeshFVF
D3DXCreateNPatchMesh
D3DXCreatePMeshFromStream
D3DXCreatePRTBuffer
D3DXCreatePRTBufferTex
D3DXCreatePRTCompBuffer
D3DXCreatePRTEngine
D3DXCreatePatchMesh
D3DXCreatePolygon
D3DXCreateRenderToEnvMap
D3DXCreateRenderToSurface
D3DXCreateSPMesh
D3DXCreateSkinInfo
D3DXCreateSkinInfoFVF
D3DXCreateSkinInfoFromBlendedMesh
D3DXCreateSphere
D3DXCreateSprite
D3DXCreateTeapot
D3DXCreateTextA
D3DXCreateTextW
D3DXCreateTexture
D3DXCreateTextureFromFileA
D3DXCreateTextureFromFileExA
D3DXCreateTextureFromFileExW
D3DXCreateTextureFromFileInMemory
D3DXCreateTextureFromFileInMemoryEx
D3DXCreateTextureFromFileW
D3DXCreateTextureFromResourceA
D3DXCreateTextureFromResourceExA
D3DXCreateTextureFromResourceExW
D3DXCreateTextureFromResourceW
D3DXCreateTextureGutterHelper
D3DXCreateTextureShader
D3DXCreateTorus
D3DXCreateVolumeTexture
D3DXCreateVolumeTextureFromFileA
D3DXCreateVolumeTextureFromFileExA
D3DXCreateVolumeTextureFromFileExW
D3DXCreateVolumeTextureFromFileInMemory
D3DXCreateVolumeTextureFromFileInMemoryEx
D3DXCreateVolumeTextureFromFileW
D3DXCreateVolumeTextureFromResourceA
D3DXCreateVolumeTextureFromResourceExA
D3DXCreateVolumeTextureFromResourceExW
D3DXCreateVolumeTextureFromResourceW
D3DXDebugMute
D3DXDeclaratorFromFVF
D3DXDisassembleEffect
D3DXDisassembleShader
D3DXFVFFromDeclarator
D3DXFileCreate
D3DXFillCubeTexture
D3DXFillCubeTextureTX
D3DXFillTexture
D3DXFillTextureTX
D3DXFillVolumeTexture
D3DXFillVolumeTextureTX
D3DXFilterTexture
D3DXFindShaderComment
D3DXFloat16To32Array
D3DXFloat32To16Array
D3DXFrameAppendChild
D3DXFrameCalculateBoundingSphere
D3DXFrameDestroy
D3DXFrameFind
D3DXFrameNumNamedMatrices
D3DXFrameRegisterNamedMatrices
D3DXFresnelTerm
D3DXGenerateOutputDecl
D3DXGeneratePMesh
D3DXGetDeclLength
D3DXGetDeclVertexSize
D3DXGetDriverLevel
D3DXGetFVFVertexSize
D3DXGetImageInfoFromFileA
D3DXGetImageInfoFromFileInMemory
D3DXGetImageInfoFromFileW
D3DXGetImageInfoFromResourceA
D3DXGetImageInfoFromResourceW
D3DXGetPixelShaderProfile
D3DXGetShaderConstantTable
D3DXGetShaderConstantTableEx
D3DXGetShaderInputSemantics
D3DXGetShaderOutputSemantics
D3DXGetShaderSamplers
D3DXGetShaderSize
D3DXGetShaderVersion
D3DXGetVertexShaderProfile
D3DXIntersect
D3DXIntersectSubset
D3DXIntersectTri
D3DXLoadMeshFromXA
D3DXLoadMeshFromXInMemory
D3DXLoadMeshFromXResource
D3DXLoadMeshFromXW
D3DXLoadMeshFromXof
D3DXLoadMeshHierarchyFromXA
D3DXLoadMeshHierarchyFromXInMemory
D3DXLoadMeshHierarchyFromXW
D3DXLoadPRTBufferFromFileA
D3DXLoadPRTBufferFromFileW
D3DXLoadPRTCompBufferFromFileA
D3DXLoadPRTCompBufferFromFileW
D3DXLoadPatchMeshFromXof
D3DXLoadSkinMeshFromXof
D3DXLoadSurfaceFromFileA
D3DXLoadSurfaceFromFileInMemory
D3DXLoadSurfaceFromFileW
D3DXLoadSurfaceFromMemory
D3DXLoadSurfaceFromResourceA
D3DXLoadSurfaceFromResourceW
D3DXLoadSurfaceFromSurface
D3DXLoadVolumeFromFileA
D3DXLoadVolumeFromFileInMemory
D3DXLoadVolumeFromFileW
D3DXLoadVolumeFromMemory
D3DXLoadVolumeFromResourceA
D3DXLoadVolumeFromResourceW
D3DXLoadVolumeFromVolume
D3DXMatrixAffineTransformation
D3DXMatrixAffineTransformation2D
D3DXMatrixDecompose
D3DXMatrixDeterminant
D3DXMatrixInverse
D3DXMatrixLookAtLH
D3DXMatrixLookAtRH
D3DXMatrixMultiply
D3DXMatrixMultiplyTranspose
D3DXMatrixOrthoLH
D3DXMatrixOrthoOffCenterLH
D3DXMatrixOrthoOffCenterRH
D3DXMatrixOrthoRH
D3DXMatrixPerspectiveFovLH
D3DXMatrixPerspectiveFovRH
D3DXMatrixPerspectiveLH
D3DXMatrixPerspectiveOffCenterLH
D3DXMatrixPerspectiveOffCenterRH
D3DXMatrixPerspectiveRH
D3DXMatrixReflect
D3DXMatrixRotationAxis
D3DXMatrixRotationQuaternion
D3DXMatrixRotationX
D3DXMatrixRotationY
D3DXMatrixRotationYawPitchRoll
D3DXMatrixRotationZ
D3DXMatrixScaling
D3DXMatrixShadow
D3DXMatrixTransformation
D3DXMatrixTransformation2D
D3DXMatrixTranslation
D3DXMatrixTranspose
D3DXOptimizeFaces
D3DXOptimizeVertices
D3DXPlaneFromPointNormal
D3DXPlaneFromPoints
D3DXPlaneIntersectLine
D3DXPlaneNormalize
D3DXPlaneTransform
D3DXPlaneTransformArray
D3DXPreprocessShader
D3DXPreprocessShaderFromFileA
D3DXPreprocessShaderFromFileW
D3DXPreprocessShaderFromResourceA
D3DXPreprocessShaderFromResourceW
D3DXQuaternionBaryCentric
D3DXQuaternionExp
D3DXQuaternionInverse
D3DXQuaternionLn
D3DXQuaternionMultiply
D3DXQuaternionNormalize
D3DXQuaternionRotationAxis
D3DXQuaternionRotationMatrix
D3DXQuaternionRotationYawPitchRoll
D3DXQuaternionSlerp
D3DXQuaternionSquad
D3DXQuaternionSquadSetup
D3DXQuaternionToAxisAngle
D3DXRectPatchSize
D3DXSHAdd
D3DXSHDot
D3DXSHEvalConeLight
D3DXSHEvalDirection
D3DXSHEvalDirectionalLight
D3DXSHEvalHemisphereLight
D3DXSHEvalSphericalLight
D3DXSHMultiply2
D3DXSHMultiply3
D3DXSHMultiply4
D3DXSHMultiply5
D3DXSHMultiply6
D3DXSHPRTCompSplitMeshSC
D3DXSHPRTCompSuperCluster
D3DXSHProjectCubeMap
D3DXSHRotate
D3DXSHRotateZ
D3DXSHScale
D3DXSaveMeshHierarchyToFileA
D3DXSaveMeshHierarchyToFileW
D3DXSaveMeshToXA
D3DXSaveMeshToXW
D3DXSavePRTBufferToFileA
D3DXSavePRTBufferToFileW
D3DXSavePRTCompBufferToFileA
D3DXSavePRTCompBufferToFileW
D3DXSaveSurfaceToFileA
D3DXSaveSurfaceToFileInMemory
D3DXSaveSurfaceToFileW
D3DXSaveTextureToFileA
D3DXSaveTextureToFileInMemory
D3DXSaveTextureToFileW
D3DXSaveVolumeToFileA
D3DXSaveVolumeToFileInMemory
D3DXSaveVolumeToFileW
D3DXSimplifyMesh
D3DXSphereBoundProbe
D3DXSplitMesh
D3DXTessellateNPatches
D3DXTessellateRectPatch
D3DXTessellateTriPatch
D3DXTriPatchSize
D3DXUVAtlasCreate
D3DXUVAtlasPack
D3DXUVAtlasPartition
D3DXValidMesh
D3DXValidPatchMesh
D3DXVec2BaryCentric
D3DXVec2CatmullRom
D3DXVec2Hermite
D3DXVec2Normalize
D3DXVec2Transform
D3DXVec2TransformArray
D3DXVec2TransformCoord
D3DXVec2TransformCoordArray
D3DXVec2TransformNormal
D3DXVec2TransformNormalArray
D3DXVec3BaryCentric
D3DXVec3CatmullRom
D3DXVec3Hermite
D3DXVec3Normalize
D3DXVec3Project
D3DXVec3ProjectArray
D3DXVec3Transform
D3DXVec3TransformArray
D3DXVec3TransformCoord
D3DXVec3TransformCoordArray
D3DXVec3TransformNormal
D3DXVec3TransformNormalArray
D3DXVec3Unproject
D3DXVec3UnprojectArray
D3DXVec4BaryCentric
D3DXVec4CatmullRom
D3DXVec4Cross
D3DXVec4Hermite
D3DXVec4Normalize
D3DXVec4Transform
D3DXVec4TransformArray
D3DXWeldVertices

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 62KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
msvcp100.dll
.dll windows:5 windows x86 arch:x86

7a0d9f66efd1839f136ca6896fa52dfa

Code Sign

2e:ab:11:dc:50:ff:5c:9d:cb:c0
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

22/08/2007, 22:31

Not After

25/08/2012, 07:00

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:01:cf:3e:00:00:00:00:00:0f
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07/12/2009, 22:40

Not After

07/03/2011, 22:40

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16/09/2006, 01:04

Not After

15/09/2019, 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:06:94:2d:00:00:00:00:00:09
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

25/07/2008, 19:02

Not After

25/07/2013, 19:12

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:7A82-688A-9F92,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

53:37:d6:73:4e:7e:5f:a4:77:f8:ce:bd:a3:55:a7:30:8b:2c:b5:fa
Signer

Actual PE Digest

53:37:d6:73:4e:7e:5f:a4:77:f8:ce:bd:a3:55:a7:30:8b:2c:b5:fa

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

msvcp100.i386.pdb

Imports

msvcr100

rand_s
memset
memmove
fgetc
ungetc
_lock_file
_unlock_file
fflush
setvbuf
memcpy_s
fwrite
fgetpos
_fseeki64
fsetpos
fclose
_fsopen
_wfsopen
fseek
ldexp
wcslen
memchr
memmove_s
sprintf_s
_Strftime
strcspn
setlocale
_realloc_crt
strcmp
_malloc_crt
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
_purecall
strerror
fgetwc
fputwc
ungetwc
__uncaught_exception
towlower
towupper
_create_locale
_ui64toa_s
_free_locale
__pctype_func
_errno
___mb_cur_max_l_func
___lc_codepage_func
___lc_handle_func
__crtCompareStringA
memcmp
___lc_collate_cp_func
__crtLCMapStringA
__iob_func
?Alloc@Concurrency@@YAPAXI@Z
?ScheduleTask@CurrentScheduler@Concurrency@@SAXP6AXPAX@Z0@Z
?Yield@Context@Concurrency@@SAXXZ
??1critical_section@Concurrency@@QAE@XZ
??0invalid_link_target@Concurrency@@QAE@PBD@Z
??0message_not_found@Concurrency@@QAE@XZ
??0bad_target@Concurrency@@QAE@XZ
??0invalid_operation@Concurrency@@QAE@PBD@Z
?set@event@Concurrency@@QAEXXZ
?wait@event@Concurrency@@QAEII@Z
??1event@Concurrency@@QAE@XZ
??0event@Concurrency@@QAE@XZ
?Free@Concurrency@@YAXPAX@Z
??1_Scoped_lock@_ReentrantPPLLock@details@Concurrency@@QAE@XZ
??0_Scoped_lock@_ReentrantPPLLock@details@Concurrency@@QAE@AAV123@@Z
??0_ReentrantPPLLock@details@Concurrency@@QAE@XZ
??1_Scoped_lock@_NonReentrantPPLLock@details@Concurrency@@QAE@XZ
??0_Scoped_lock@_NonReentrantPPLLock@details@Concurrency@@QAE@AAV123@@Z
??0_NonReentrantPPLLock@details@Concurrency@@QAE@XZ
?_UnderlyingYield@details@Concurrency@@YAXXZ
?_SpinOnce@?$_SpinWait@$00@details@Concurrency@@QAE_NXZ
?GetNumberOfVirtualProcessors@CurrentScheduler@Concurrency@@SAIXZ
?IsCurrentTaskCollectionCanceling@Context@Concurrency@@SA_NXZ
??1_SpinLock@details@Concurrency@@QAE@XZ
??0_SpinLock@details@Concurrency@@QAE@ACJ@Z
?Log2@details@Concurrency@@YAKI@Z
isupper
_calloc_crt
islower
__crtLCMapStringW
isspace
tolower
strtod
__crtCompareStringW
?terminate@@YAXXZ
_unlock
__dllonexit
_lock
_onexit
_encoded_null
_initterm
_initterm_e
_amsg_exit
__CppXcptFilter
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_except_handler4_common
_crt_debugger_hook
__clean_type_info_names_internal
fputs
fputc
abort
log
??0bad_cast@std@@QAE@ABV01@@Z
??1bad_cast@std@@UAE@XZ
??0bad_cast@std@@QAE@PBD@Z
_Getmonths
_Getdays
malloc
__CxxFrameHandler3
??2@YAPAXI@Z
___mb_cur_max_func
memcpy
strlen
??_V@YAXPAX@Z
_Gettnames
localeconv
free
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABQBDH@Z
??3@YAXPAX@Z
??0exception@std@@QAE@ABV01@@Z
_CxxThrowException
??1exception@std@@UAE@XZ
??0operation_timed_out@Concurrency@@QAE@XZ
??0exception@std@@QAE@XZ

kernel32

GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
Sleep
GetStringTypeW
InterlockedDecrement
InterlockedIncrement
GetLocaleInfoW
GetCurrentThreadId
WideCharToMultiByte
MultiByteToWideChar
InterlockedExchange
InterlockedCompareExchange
DecodePointer
EncodePointer
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetSystemTimeAsFileTime

Exports

Exports

??0?$_Yarn@D@std@@QAE@ABV01@@Z
??0?$_Yarn@D@std@@QAE@PBD@Z
??0?$_Yarn@D@std@@QAE@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??0?$basic_ios@GU?$char_traits@G@std@@@std@@IAE@XZ
??0?$basic_ios@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IAE@XZ
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@$$QAV01@@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??0?$basic_iostream@GU?$char_traits@G@std@@@std@@QAE@$$QAV01@@Z
??0?$basic_iostream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QAE@$$QAV01@@Z
??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@$$QAV01@@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N1@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@QAE@$$QAV01@@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N1@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@$$QAV01@@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N1@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@$$QAV01@@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@W4_Uninitialized@1@_N@Z
??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QAE@$$QAV01@@Z
??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N@Z
??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QAE@W4_Uninitialized@1@_N@Z
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@$$QAV01@@Z
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@W4_Uninitialized@1@_N@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@ABV01@@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@W4_Uninitialized@1@@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAE@ABV01@@Z
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAE@W4_Uninitialized@1@@Z
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAE@XZ
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@ABV01@@Z
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@W4_Uninitialized@1@@Z
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@XZ
??0?$codecvt@DDH@std@@QAE@ABV_Locinfo@1@I@Z
??0?$codecvt@DDH@std@@QAE@I@Z
??0?$codecvt@GDH@std@@QAE@ABV_Locinfo@1@I@Z
??0?$codecvt@GDH@std@@QAE@I@Z
??0?$codecvt@_WDH@std@@QAE@ABV_Locinfo@1@I@Z
??0?$codecvt@_WDH@std@@QAE@I@Z
??0?$ctype@D@std@@QAE@ABV_Locinfo@1@I@Z
??0?$ctype@D@std@@QAE@PBF_NI@Z
??0?$ctype@G@std@@QAE@ABV_Locinfo@1@I@Z
??0?$ctype@G@std@@QAE@I@Z
??0?$ctype@_W@std@@QAE@ABV_Locinfo@1@I@Z
??0?$ctype@_W@std@@QAE@I@Z
??0?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z
??0?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z
??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IAE@PBDI@Z
??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IAE@PBDI@Z
??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IAE@PBDI@Z
??0?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z
??0?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IAE@PBDI@Z
??0?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IAE@PBDI@Z
??0?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z
??0Init@ios_base@std@@QAE@XZ
??0_Concurrent_queue_base_v4@details@Concurrency@@IAE@I@Z
??0_Concurrent_queue_iterator_base_v4@details@Concurrency@@IAE@ABV_Concurrent_queue_base_v4@12@@Z
??0_Container_base12@std@@QAE@ABU01@@Z
??0_Container_base12@std@@QAE@XZ
??0_Init_locks@std@@QAE@XZ
??0_Locimp@locale@std@@AAE@ABV012@@Z
??0_Locimp@locale@std@@AAE@_N@Z
??0_Locinfo@std@@QAE@HPBD@Z
??0_Locinfo@std@@QAE@PBD@Z
??0_Lockit@std@@QAE@H@Z
??0_Lockit@std@@QAE@XZ
??0_Mutex@std@@QAE@W4_Uninitialized@1@@Z
??0_Mutex@std@@QAE@XZ
??0_Runtime_object@details@Concurrency@@QAE@H@Z
??0_Runtime_object@details@Concurrency@@QAE@XZ
??0_Timevec@std@@QAE@ABV01@@Z
??0_Timevec@std@@QAE@PAX@Z
??0_UShinit@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??0agent@Concurrency@@QAE@AAVScheduleGroup@1@@Z
??0agent@Concurrency@@QAE@AAVScheduler@1@@Z
??0agent@Concurrency@@QAE@XZ
??0codecvt_base@std@@QAE@I@Z
??0ctype_base@std@@QAE@I@Z
??0facet@locale@std@@IAE@I@Z
??0id@locale@std@@QAE@I@Z
??0ios_base@std@@IAE@XZ
??0ios_base@std@@QAE@ABV01@@Z
??0time_base@std@@QAE@I@Z
??1?$_Yarn@D@std@@QAE@XZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_ios@GU?$char_traits@G@std@@@std@@UAE@XZ
??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_iostream@GU?$char_traits@G@std@@@std@@UAE@XZ
??1?$basic_iostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_istream@GU?$char_traits@G@std@@@std@@UAE@XZ
??1?$basic_istream@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_ostream@GU?$char_traits@G@std@@@std@@UAE@XZ
??1?$basic_ostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_streambuf@GU?$char_traits@G@std@@@std@@UAE@XZ
??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??1?$codecvt@DDH@std@@MAE@XZ
??1?$codecvt@GDH@std@@MAE@XZ
??1?$codecvt@_WDH@std@@MAE@XZ
??1?$ctype@D@std@@MAE@XZ
??1?$ctype@G@std@@MAE@XZ
??1?$ctype@_W@std@@MAE@XZ
??1?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MAE@XZ
??1?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MAE@XZ
??1?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MAE@XZ
??1?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MAE@XZ
??1?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MAE@XZ
??1?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MAE@XZ
??1?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MAE@XZ
??1?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MAE@XZ
??1?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MAE@XZ
??1?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MAE@XZ
??1?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MAE@XZ
??1?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MAE@XZ
??1Init@ios_base@std@@QAE@XZ
??1_Concurrent_queue_base_v4@details@Concurrency@@MAE@XZ
??1_Concurrent_queue_iterator_base_v4@details@Concurrency@@IAE@XZ
??1_Concurrent_vector_base_v4@details@Concurrency@@IAE@XZ
??1_Container_base12@std@@QAE@XZ
??1_Init_locks@std@@QAE@XZ
??1_Locimp@locale@std@@MAE@XZ
??1_Locinfo@std@@QAE@XZ
??1_Lockit@std@@QAE@XZ
??1_Mutex@std@@QAE@XZ
??1_Timevec@std@@QAE@XZ
??1_UShinit@std@@QAE@XZ
??1_Winit@std@@QAE@XZ
??1agent@Concurrency@@UAE@XZ
??1codecvt_base@std@@UAE@XZ
??1ctype_base@std@@UAE@XZ
??1facet@locale@std@@UAE@XZ
??1ios_base@std@@UAE@XZ
??1time_base@std@@UAE@XZ
??4?$_Iosb@H@std@@QAEAAV01@ABV01@@Z
??4?$_Yarn@D@std@@QAEAAV01@ABV01@@Z
??4?$_Yarn@D@std@@QAEAAV01@PBD@Z
??4?$basic_iostream@DU?$char_traits@D@std@@@std@@QAEAAV01@$$QAV01@@Z
??4?$basic_iostream@GU?$char_traits@G@std@@@std@@QAEAAV01@$$QAV01@@Z
??4?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@$$QAV01@@Z
??4?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@$$QAV01@@Z
??4?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@$$QAV01@@Z
??4?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@$$QAV01@@Z
??4?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@$$QAV01@@Z
??4?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@$$QAV01@@Z
??4?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@$$QAV01@@Z
??4?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEAAV01@ABV01@@Z
??4?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAEAAV01@ABV01@@Z
??4?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEAAV01@ABV01@@Z
??4?$numeric_limits@C@std@@QAEAAV01@ABV01@@Z
??4?$numeric_limits@D@std@@QAEAAV01@ABV01@@Z
??4?$numeric_limits@E@std@@QAEAAV01@ABV01@@Z
??4?$numeric_limits@F@std@@QAEAAV01@ABV01@@Z
??4?$numeric_limits@G@std@@QAEAAV01@ABV01@@Z
??4?$numeric_limits@H@std@@QAEAAV01@ABV01@@Z
??4?$numeric_limits@I@std@@QAEAAV01@ABV01@@Z
??4?$numeric_limits@J@std@@QAEAAV01@ABV01@@Z
??4?$numeric_limits@K@std@@QAEAAV01@ABV01@@Z
??4?$numeric_limits@M@std@@QAEAAV01@ABV01@@Z
??4?$numeric_limits@N@std@@QAEAAV01@ABV01@@Z
??4?$numeric_limits@O@std@@QAEAAV01@ABV01@@Z
??4?$numeric_limits@_J@std@@QAEAAV01@ABV01@@Z
??4?$numeric_limits@_K@std@@QAEAAV01@ABV01@@Z
??4?$numeric_limits@_N@std@@QAEAAV01@ABV01@@Z
??4?$numeric_limits@_W@std@@QAEAAV01@ABV01@@Z
??4Init@ios_base@std@@QAEAAV012@ABV012@@Z
??4_Container_base0@std@@QAEAAU01@ABU01@@Z
??4_Container_base12@std@@QAEAAU01@ABU01@@Z
??4_Init_locks@std@@QAEAAV01@ABV01@@Z
??4_Num_base@std@@QAEAAU01@ABU01@@Z
??4_Num_float_base@std@@QAEAAU01@ABU01@@Z
??4_Num_int_base@std@@QAEAAU01@ABU01@@Z
??4_Timevec@std@@QAEAAV01@ABV01@@Z
??4_UShinit@std@@QAEAAV01@ABV01@@Z
??4_Winit@std@@QAEAAV01@ABV01@@Z
??4ios_base@std@@QAEAAV01@ABV01@@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAF@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAG@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAH@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAI@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAJ@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAK@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAM@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAN@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAO@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAPAX@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AA_J@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AA_K@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AA_N@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@DU?$char_traits@D@std@@@1@AAV21@@Z@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAF@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAG@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAH@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAI@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAJ@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAK@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAM@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAN@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAO@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAPAX@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AA_J@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AA_K@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AA_N@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@GU?$char_traits@G@std@@@1@AAV21@@Z@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAF@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAG@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAH@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAI@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAJ@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAK@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAM@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAN@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAO@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAPAX@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AA_J@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AA_K@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AA_N@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@_WU?$char_traits@_W@std@@@1@AAV21@@Z@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@F@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@G@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@M@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@O@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@DU?$char_traits@D@std@@@1@AAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@PBX@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_N@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@F@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@G@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@H@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@I@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@J@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@K@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@M@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@N@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@O@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@GU?$char_traits@G@std@@@1@AAV21@@Z@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@PBX@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@_J@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@_K@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@_N@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@F@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@G@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@H@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@I@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@J@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@K@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@M@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@N@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@O@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@_WU?$char_traits@_W@std@@@1@AAV21@@Z@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@PBX@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@_J@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@_K@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@_N@Z
??7ios_base@std@@QBE_NXZ
??Bid@locale@std@@QAEIXZ
??Bios_base@std@@QBEPAXXZ
??_7?$basic_ios@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_ios@GU?$char_traits@G@std@@@std@@6B@
??_7?$basic_ios@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$basic_iostream@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_iostream@GU?$char_traits@G@std@@@std@@6B@
??_7?$basic_iostream@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$basic_istream@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_istream@GU?$char_traits@G@std@@@std@@6B@
??_7?$basic_istream@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$basic_ostream@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_ostream@GU?$char_traits@G@std@@@std@@6B@
??_7?$basic_ostream@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$basic_streambuf@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_streambuf@GU?$char_traits@G@std@@@std@@6B@
??_7?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$codecvt@DDH@std@@6B@
??_7?$codecvt@GDH@std@@6B@
??_7?$codecvt@_WDH@std@@6B@
??_7?$ctype@D@std@@6B@
??_7?$ctype@G@std@@6B@
??_7?$ctype@_W@std@@6B@
??_7?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@
??_7?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@
??_7?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@
??_7?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@
??_7?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@
??_7?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@
??_7?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@
??_7?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@
??_7?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@
??_7?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@
??_7?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@
??_7?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@
??_7_Locimp@locale@std@@6B@
??_7codecvt_base@std@@6B@
??_7ctype_base@std@@6B@
??_7ios_base@std@@6B@
??_7time_base@std@@6B@
??_8?$basic_iostream@DU?$char_traits@D@std@@@std@@7B?$basic_istream@DU?$char_traits@D@std@@@1@@
??_8?$basic_iostream@DU?$char_traits@D@std@@@std@@7B?$basic_ostream@DU?$char_traits@D@std@@@1@@
??_8?$basic_iostream@GU?$char_traits@G@std@@@std@@7B?$basic_istream@GU?$char_traits@G@std@@@1@@
??_8?$basic_iostream@GU?$char_traits@G@std@@@std@@7B?$basic_ostream@GU?$char_traits@G@std@@@1@@
??_8?$basic_iostream@_WU?$char_traits@_W@std@@@std@@7B?$basic_istream@_WU?$char_traits@_W@std@@@1@@
??_8?$basic_iostream@_WU?$char_traits@_W@std@@@std@@7B?$basic_ostream@_WU?$char_traits@_W@std@@@1@@
??_8?$basic_istream@DU?$char_traits@D@std@@@std@@7B@
??_8?$basic_istream@GU?$char_traits@G@std@@@std@@7B@
??_8?$basic_istream@_WU?$char_traits@_W@std@@@std@@7B@
??_8?$basic_ostream@DU?$char_traits@D@std@@@std@@7B@
??_8?$basic_ostream@GU?$char_traits@G@std@@@std@@7B@
??_8?$basic_ostream@_WU?$char_traits@_W@std@@@std@@7B@
??_D?$basic_iostream@DU?$char_traits@D@std@@@std@@QAEXXZ
??_D?$basic_iostream@GU?$char_traits@G@std@@@std@@QAEXXZ
??_D?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
??_D?$basic_istream@DU?$char_traits@D@std@@@std@@QAEXXZ
??_D?$basic_istream@GU?$char_traits@G@std@@@std@@QAEXXZ
??_D?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
??_D?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
??_D?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEXXZ
??_D?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
??_F?$codecvt@DDH@std@@QAEXXZ
??_F?$codecvt@GDH@std@@QAEXXZ
??_F?$codecvt@_WDH@std@@QAEXXZ
??_F?$ctype@D@std@@QAEXXZ
??_F?$ctype@G@std@@QAEXXZ
??_F?$ctype@_W@std@@QAEXXZ
??_F?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAEXXZ
??_F?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAEXXZ
??_F?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAEXXZ
??_F?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAEXXZ
??_F?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAEXXZ
??_F?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAEXXZ
??_F?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAEXXZ
??_F?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAEXXZ
??_F?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAEXXZ
??_F?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAEXXZ
??_F?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAEXXZ
??_F?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAEXXZ
??_F_Locimp@locale@std@@QAEXXZ
??_F_Locinfo@std@@QAEXXZ
??_F_Timevec@std@@QAEXXZ
??_Fcodecvt_base@std@@QAEXXZ
??_Fctype_base@std@@QAEXXZ
??_Ffacet@locale@std@@QAEXXZ
??_Fid@locale@std@@QAEXXZ
??_Ftime_base@std@@QAEXXZ
?NFS_Allocate@details@Concurrency@@YAPAXIIPAX@Z
?NFS_Free@details@Concurrency@@YAXPAX@Z
?NFS_GetLineSize@details@Concurrency@@YAIXZ
?_Addcats@_Locinfo@std@@QAEAAV12@HPBD@Z
?_Addfac@_Locimp@locale@std@@AAEXPAVfacet@23@I@Z
?_Addstd@ios_base@std@@SAXPAV12@@Z
?_Advance@_Concurrent_queue_iterator_base_v4@details@Concurrency@@IAEXXZ
?_Assign@_Concurrent_queue_iterator_base_v4@details@Concurrency@@IAEXABV123@@Z
?_Atexit@@YAXP6AXXZ@Z
?_BADOFF@std@@3_JB
?_C_str@?$_Yarn@D@std@@QBEPBDXZ
?_Callfns@ios_base@std@@AAEXW4event@12@@Z
?_Clocptr@_Locimp@locale@std@@0PAV123@A
?_Decref@facet@locale@std@@QAEPAV123@XZ
?_Donarrow@?$ctype@G@std@@IBEDGD@Z
?_Donarrow@?$ctype@_W@std@@IBED_WD@Z
?_Dowiden@?$ctype@G@std@@IBEGD@Z
?_Dowiden@?$ctype@_W@std@@IBE_WD@Z
?_Empty@?$_Yarn@D@std@@QBE_NXZ
?_Ffmt@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAPADPADDH@Z
?_Ffmt@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAPADPADDH@Z
?_Ffmt@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAPADPADDH@Z
?_Findarr@ios_base@std@@AAEAAU_Iosarray@12@H@Z
?_Fiopen@std@@YAPAU_iobuf@@PBDHH@Z
?_Fiopen@std@@YAPAU_iobuf@@PBGHH@Z
?_Fiopen@std@@YAPAU_iobuf@@PB_WHH@Z
?_Fput@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABA?AV?$ostreambuf_iterator@DU?$char_traits@D@std@@@2@V32@AAVios_base@2@DPBDIIII@Z
?_Fput@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABA?AV?$ostreambuf_iterator@GU?$char_traits@G@std@@@2@V32@AAVios_base@2@GPBDIIII@Z
?_Fput@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABA?AV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@2@V32@AAVios_base@2@_WPBDIIII@Z
?_GetCombinableSize@details@Concurrency@@YAIXZ
?_GetCurrentThreadId@details@Concurrency@@YAKXZ
?_Getcat@?$codecvt@DDH@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$codecvt@GDH@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$codecvt@_WDH@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$ctype@D@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$ctype@G@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$ctype@_W@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@facet@locale@std@@SAIPAPBV123@PBV23@@Z
?_Getcoll@_Locinfo@std@@QBE?AU_Collvec@@XZ
?_Getctype@_Locinfo@std@@QBE?AU_Ctypevec@@XZ
?_Getcvt@_Locinfo@std@@QBE?AU_Cvtvec@@XZ
?_Getdateorder@_Locinfo@std@@QBEHXZ
?_Getdays@_Locinfo@std@@QBEPBDXZ
?_Getfalse@_Locinfo@std@@QBEPBDXZ
?_Getffld@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@1AAVios_base@2@PAH@Z
?_Getffld@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@1AAVios_base@2@PAH@Z
?_Getffld@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@1AAVios_base@2@PAH@Z
?_Getffldx@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@1AAVios_base@2@PAH@Z
?_Getffldx@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@1AAVios_base@2@PAH@Z
?_Getffldx@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@1AAVios_base@2@PAH@Z
?_Getfmt@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IBE?AV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@V32@0AAVios_base@2@AAHPAUtm@@PBD@Z
?_Getfmt@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IBE?AV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@V32@0AAVios_base@2@AAHPAUtm@@PBD@Z
?_Getfmt@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IBE?AV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@V32@0AAVios_base@2@AAHPAUtm@@PBD@Z
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
?_Getifld@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@1HABVlocale@2@@Z
?_Getifld@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@1HABVlocale@2@@Z
?_Getifld@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@1HABVlocale@2@@Z
?_Getint@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAHAAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@0HHAAH@Z
?_Getint@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAHAAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@0HHAAH@Z
?_Getint@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAHAAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@0HHAAH@Z
?_Getlconv@_Locinfo@std@@QBEPBUlconv@@XZ
?_Getmonths@_Locinfo@std@@QBEPBDXZ
?_Getname@_Locinfo@std@@QBEPBDXZ
?_Getpfirst@_Container_base12@std@@QBEPAPAU_Iterator_base12@2@XZ
?_Getptr@_Timevec@std@@QBEPAXXZ
?_Gettnames@_Locinfo@std@@QBE?AV_Timevec@2@XZ
?_Gettrue@_Locinfo@std@@QBEPBDXZ
?_Gnavail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBE_JXZ
?_Gnavail@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IBE_JXZ
?_Gnavail@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IBE_JXZ
?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?_Gndec@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAEPAGXZ
?_Gndec@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEPA_WXZ
?_Gninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?_Gninc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAEPAGXZ
?_Gninc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEPA_WXZ
?_Gnpreinc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?_Gnpreinc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAEPAGXZ
?_Gnpreinc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEPA_WXZ
?_Hexdig@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAHDDDD@Z
?_Hexdig@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAHGGGG@Z
?_Hexdig@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAH_W000@Z
?_Id_cnt@id@locale@std@@0HA
?_Ifmt@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAPADPADPBDH@Z
?_Ifmt@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAPADPADPBDH@Z
?_Ifmt@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAPADPADPBDH@Z
?_Incref@facet@locale@std@@QAEXXZ

Sections

.text
Size: 371KB - Virtual size: 371KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
msvcr100.dll
.dll windows:5 windows x86 arch:x86

5271d5ce8b44dd47bc92563e27585466

Code Sign

2e:ab:11:dc:50:ff:5c:9d:cb:c0
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

22/08/2007, 22:31

Not After

25/08/2012, 07:00

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:01:cf:3e:00:00:00:00:00:0f
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07/12/2009, 22:40

Not After

07/03/2011, 22:40

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16/09/2006, 01:04

Not After

15/09/2019, 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:05:a2:30:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

25/07/2008, 19:01

Not After

25/07/2013, 19:11

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:85D3-305C-5BCF,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

42:49:74:54:aa:4d:83:7a:e5:5d:a1:1f:f1:e8:b6:0a:d3:24:a0:ae
Signer

Actual PE Digest

42:49:74:54:aa:4d:83:7a:e5:5d:a1:1f:f1:e8:b6:0a:d3:24:a0:ae

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

msvcr100.i386.pdb

Imports

kernel32

EncodePointer
DecodePointer
RaiseException
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleW
GetProcAddress
ExitProcess
WriteFile
GetStdHandle
GetCurrentThreadId
TlsGetValue
GetCommandLineW
GetCommandLineA
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
ExitThread
CloseHandle
GetLastError
ResumeThread
CreateThread
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
GetCurrentThread
FindNextFileA
FindFirstFileExA
FindClose
FindNextFileW
FindFirstFileExW
GetLogicalDrives
GetDiskFreeSpaceA
FileTimeToSystemTime
FileTimeToLocalFileTime
SetErrorMode
Sleep
Beep
GetFileAttributesA
SetFileAttributesA
SetEnvironmentVariableA
GetCurrentDirectoryA
SetCurrentDirectoryA
GetCurrentDirectoryW
SetCurrentDirectoryW
GetFullPathNameA
GetDriveTypeW
GetCurrentProcessId
CreateDirectoryA
MoveFileA
RemoveDirectoryA
GetDriveTypeA
DeleteFileA
GetFileAttributesW
SetEnvironmentVariableW
SetFileAttributesW
GetFullPathNameW
CreateDirectoryW
MoveFileW
RemoveDirectoryW
DeleteFileW
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
LoadLibraryA
FreeLibrary
CreateProcessW
ReadFile
DuplicateHandle
GetCurrentProcess
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetLocalTime
WideCharToMultiByte
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
SetLocalTime
InterlockedPopEntrySList
InterlockedFlushSList
QueryDepthSList
InterlockedPushEntrySList
CreateTimerQueue
CreateTimerQueueTimer
DeleteTimerQueueTimer
SetEvent
CreateEventW
SwitchToThread
SignalObjectAndWait
TryEnterCriticalSection
GetTickCount
VirtualFree
GetVersionExW
SetThreadPriority
VirtualAlloc
GetSystemInfo
GetProcessAffinityMask
VirtualProtect
SetThreadAffinityMask
InitializeSListHead
ReleaseSemaphore
CreateSemaphoreW
WaitForMultipleObjects
GetThreadPriority
LoadLibraryW
SleepEx
OutputDebugStringW
FreeLibraryAndExitThread
GetModuleHandleA
GetThreadTimes
DebugBreak
MultiByteToWideChar
GetStringTypeW
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetTimeFormatA
GetDateFormatA
GetTimeFormatW
GetDateFormatW
RtlUnwind
HeapAlloc
HeapFree
HeapCreate
HeapDestroy
HeapQueryInformation
HeapReAlloc
HeapSize
HeapValidate
HeapCompact
HeapWalk
VirtualQuery
SetHandleCount
GetFileType
GetStartupInfoW
GetFileInformationByHandle
PeekNamedPipe
CreateFileA
CreateFileW
SetFilePointer
GetConsoleCP
GetConsoleMode
FlushFileBuffers
CreatePipe
SetStdHandle
ReadConsoleInputA
SetConsoleMode
PeekConsoleInputA
GetNumberOfConsoleInputEvents
ReadConsoleInputW
WriteConsoleW
ReadConsoleW
SetEndOfFile
GetProcessHeap
InterlockedExchange
LockFile
UnlockFile
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
SetConsoleCtrlHandler
GetLocaleInfoW
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
LCMapStringW
CompareStringW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsProcessorFeaturePresent

Exports

Exports

$I10_OUTPUT
??0?$_SpinWait@$00@details@Concurrency@@QAE@P6AXXZ@Z
??0?$_SpinWait@$0A@@details@Concurrency@@QAE@P6AXXZ@Z
??0SchedulerPolicy@Concurrency@@QAA@IZZ
??0SchedulerPolicy@Concurrency@@QAE@ABV01@@Z
??0SchedulerPolicy@Concurrency@@QAE@XZ
??0_NonReentrantBlockingLock@details@Concurrency@@QAE@XZ
??0_NonReentrantPPLLock@details@Concurrency@@QAE@XZ
??0_ReaderWriterLock@details@Concurrency@@QAE@XZ
??0_ReentrantBlockingLock@details@Concurrency@@QAE@XZ
??0_ReentrantLock@details@Concurrency@@QAE@XZ
??0_ReentrantPPLLock@details@Concurrency@@QAE@XZ
??0_Scoped_lock@_NonReentrantPPLLock@details@Concurrency@@QAE@AAV123@@Z
??0_Scoped_lock@_ReentrantPPLLock@details@Concurrency@@QAE@AAV123@@Z
??0_SpinLock@details@Concurrency@@QAE@ACJ@Z
??0_TaskCollection@details@Concurrency@@QAE@XZ
??0_Timer@details@Concurrency@@IAE@I_N@Z
??0__non_rtti_object@std@@QAE@ABV01@@Z
??0__non_rtti_object@std@@QAE@PBD@Z
??0bad_cast@std@@AAE@PBQBD@Z
??0bad_cast@std@@QAE@ABV01@@Z
??0bad_cast@std@@QAE@PBD@Z
??0bad_target@Concurrency@@QAE@PBD@Z
??0bad_target@Concurrency@@QAE@XZ
??0bad_typeid@std@@QAE@ABV01@@Z
??0bad_typeid@std@@QAE@PBD@Z
??0context_self_unblock@Concurrency@@QAE@PBD@Z
??0context_self_unblock@Concurrency@@QAE@XZ
??0context_unblock_unbalanced@Concurrency@@QAE@PBD@Z
??0context_unblock_unbalanced@Concurrency@@QAE@XZ
??0critical_section@Concurrency@@QAE@XZ
??0default_scheduler_exists@Concurrency@@QAE@PBD@Z
??0default_scheduler_exists@Concurrency@@QAE@XZ
??0event@Concurrency@@QAE@XZ
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@ABQBDH@Z
??0exception@std@@QAE@ABV01@@Z
??0exception@std@@QAE@XZ
??0improper_lock@Concurrency@@QAE@PBD@Z
??0improper_lock@Concurrency@@QAE@XZ
??0improper_scheduler_attach@Concurrency@@QAE@PBD@Z
??0improper_scheduler_attach@Concurrency@@QAE@XZ
??0improper_scheduler_detach@Concurrency@@QAE@PBD@Z
??0improper_scheduler_detach@Concurrency@@QAE@XZ
??0improper_scheduler_reference@Concurrency@@QAE@PBD@Z
??0improper_scheduler_reference@Concurrency@@QAE@XZ
??0invalid_link_target@Concurrency@@QAE@PBD@Z
??0invalid_link_target@Concurrency@@QAE@XZ
??0invalid_multiple_scheduling@Concurrency@@QAE@PBD@Z
??0invalid_multiple_scheduling@Concurrency@@QAE@XZ
??0invalid_operation@Concurrency@@QAE@PBD@Z
??0invalid_operation@Concurrency@@QAE@XZ
??0invalid_oversubscribe_operation@Concurrency@@QAE@PBD@Z
??0invalid_oversubscribe_operation@Concurrency@@QAE@XZ
??0invalid_scheduler_policy_key@Concurrency@@QAE@PBD@Z
??0invalid_scheduler_policy_key@Concurrency@@QAE@XZ
??0invalid_scheduler_policy_thread_specification@Concurrency@@QAE@PBD@Z
??0invalid_scheduler_policy_thread_specification@Concurrency@@QAE@XZ
??0invalid_scheduler_policy_value@Concurrency@@QAE@PBD@Z
??0invalid_scheduler_policy_value@Concurrency@@QAE@XZ
??0message_not_found@Concurrency@@QAE@PBD@Z
??0message_not_found@Concurrency@@QAE@XZ
??0missing_wait@Concurrency@@QAE@PBD@Z
??0missing_wait@Concurrency@@QAE@XZ
??0nested_scheduler_missing_detach@Concurrency@@QAE@PBD@Z
??0nested_scheduler_missing_detach@Concurrency@@QAE@XZ
??0operation_timed_out@Concurrency@@QAE@PBD@Z
??0operation_timed_out@Concurrency@@QAE@XZ
??0reader_writer_lock@Concurrency@@QAE@XZ
??0scheduler_not_attached@Concurrency@@QAE@PBD@Z
??0scheduler_not_attached@Concurrency@@QAE@XZ
??0scheduler_resource_allocation_error@Concurrency@@QAE@J@Z
??0scheduler_resource_allocation_error@Concurrency@@QAE@PBDJ@Z
??0scoped_lock@critical_section@Concurrency@@QAE@AAV12@@Z
??0scoped_lock@reader_writer_lock@Concurrency@@QAE@AAV12@@Z
??0scoped_lock_read@reader_writer_lock@Concurrency@@QAE@AAV12@@Z
??0task_canceled@details@Concurrency@@QAE@PBD@Z
??0task_canceled@details@Concurrency@@QAE@XZ
??0unsupported_os@Concurrency@@QAE@PBD@Z
??0unsupported_os@Concurrency@@QAE@XZ
??1SchedulerPolicy@Concurrency@@QAE@XZ
??1_NonReentrantBlockingLock@details@Concurrency@@QAE@XZ
??1_ReentrantBlockingLock@details@Concurrency@@QAE@XZ
??1_Scoped_lock@_NonReentrantPPLLock@details@Concurrency@@QAE@XZ
??1_Scoped_lock@_ReentrantPPLLock@details@Concurrency@@QAE@XZ
??1_SpinLock@details@Concurrency@@QAE@XZ
??1_TaskCollection@details@Concurrency@@QAE@XZ
??1_Timer@details@Concurrency@@IAE@XZ
??1__non_rtti_object@std@@UAE@XZ
??1bad_cast@std@@UAE@XZ
??1bad_typeid@std@@UAE@XZ
??1critical_section@Concurrency@@QAE@XZ
??1event@Concurrency@@QAE@XZ
??1exception@std@@UAE@XZ
??1reader_writer_lock@Concurrency@@QAE@XZ
??1scoped_lock@critical_section@Concurrency@@QAE@XZ
??1scoped_lock@reader_writer_lock@Concurrency@@QAE@XZ
??1scoped_lock_read@reader_writer_lock@Concurrency@@QAE@XZ
??1type_info@@UAE@XZ
??2@YAPAXI@Z
??2@YAPAXIHPBDH@Z
??3@YAXPAX@Z
??4?$_SpinWait@$00@details@Concurrency@@QAEAAV012@ABV012@@Z
??4?$_SpinWait@$0A@@details@Concurrency@@QAEAAV012@ABV012@@Z
??4SchedulerPolicy@Concurrency@@QAEAAV01@ABV01@@Z
??4__non_rtti_object@std@@QAEAAV01@ABV01@@Z
??4bad_cast@std@@QAEAAV01@ABV01@@Z
??4bad_typeid@std@@QAEAAV01@ABV01@@Z
??4exception@std@@QAEAAV01@ABV01@@Z
??8type_info@@QBE_NABV0@@Z
??9type_info@@QBE_NABV0@@Z
??_7__non_rtti_object@std@@6B@
??_7bad_cast@std@@6B@
??_7bad_typeid@std@@6B@
??_7exception@@6B@
??_7exception@std@@6B@
??_F?$_SpinWait@$00@details@Concurrency@@QAEXXZ
??_F?$_SpinWait@$0A@@details@Concurrency@@QAEXXZ
??_Fbad_cast@std@@QAEXXZ
??_Fbad_typeid@std@@QAEXXZ
??_U@YAPAXI@Z
??_U@YAPAXIHPBDH@Z
??_V@YAXPAX@Z
?Alloc@Concurrency@@YAPAXI@Z
?Block@Context@Concurrency@@SAXXZ
?Create@CurrentScheduler@Concurrency@@SAXABVSchedulerPolicy@2@@Z
?Create@Scheduler@Concurrency@@SAPAV12@ABVSchedulerPolicy@2@@Z
?CreateResourceManager@Concurrency@@YAPAUIResourceManager@1@XZ
?CreateScheduleGroup@CurrentScheduler@Concurrency@@SAPAVScheduleGroup@2@XZ
?CurrentContext@Context@Concurrency@@SAPAV12@XZ
?Detach@CurrentScheduler@Concurrency@@SAXXZ
?DisableTracing@Concurrency@@YAJXZ
?EnableTracing@Concurrency@@YAJXZ
?Free@Concurrency@@YAXPAX@Z
?Get@CurrentScheduler@Concurrency@@SAPAVScheduler@2@XZ
?GetExecutionContextId@Concurrency@@YAIXZ
?GetNumberOfVirtualProcessors@CurrentScheduler@Concurrency@@SAIXZ
?GetOSVersion@Concurrency@@YA?AW4OSVersion@IResourceManager@1@XZ
?GetPolicy@CurrentScheduler@Concurrency@@SA?AVSchedulerPolicy@2@XZ
?GetPolicyValue@SchedulerPolicy@Concurrency@@QBEIW4PolicyElementKey@2@@Z
?GetProcessorCount@Concurrency@@YAIXZ
?GetProcessorNodeCount@Concurrency@@YAIXZ
?GetSchedulerId@Concurrency@@YAIXZ
?GetSharedTimerQueue@details@Concurrency@@YAPAXXZ
?Id@Context@Concurrency@@SAIXZ
?Id@CurrentScheduler@Concurrency@@SAIXZ
?IsCurrentTaskCollectionCanceling@Context@Concurrency@@SA_NXZ
?Log2@details@Concurrency@@YAKI@Z
?Oversubscribe@Context@Concurrency@@SAX_N@Z
?RegisterShutdownEvent@CurrentScheduler@Concurrency@@SAXPAX@Z
?ResetDefaultSchedulerPolicy@Scheduler@Concurrency@@SAXXZ
?ScheduleGroupId@Context@Concurrency@@SAIXZ
?ScheduleTask@CurrentScheduler@Concurrency@@SAXP6AXPAX@Z0@Z
?SetConcurrencyLimits@SchedulerPolicy@Concurrency@@QAEXII@Z
?SetDefaultSchedulerPolicy@Scheduler@Concurrency@@SAXABVSchedulerPolicy@2@@Z
?SetPolicyValue@SchedulerPolicy@Concurrency@@QAEIW4PolicyElementKey@2@I@Z
?VirtualProcessorId@Context@Concurrency@@SAIXZ
?Yield@Context@Concurrency@@SAXXZ
?_Abort@_StructuredTaskCollection@details@Concurrency@@AAEXXZ
?_Acquire@_NonReentrantBlockingLock@details@Concurrency@@QAEXXZ
?_Acquire@_NonReentrantPPLLock@details@Concurrency@@QAEXPAX@Z
?_Acquire@_ReentrantBlockingLock@details@Concurrency@@QAEXXZ
?_Acquire@_ReentrantLock@details@Concurrency@@QAEXXZ
?_Acquire@_ReentrantPPLLock@details@Concurrency@@QAEXPAX@Z
?_AcquireRead@_ReaderWriterLock@details@Concurrency@@QAEXXZ
?_AcquireWrite@_ReaderWriterLock@details@Concurrency@@QAEXXZ
?_Cancel@_StructuredTaskCollection@details@Concurrency@@QAEXXZ
?_Cancel@_TaskCollection@details@Concurrency@@QAEXXZ
?_CheckTaskCollection@_UnrealizedChore@details@Concurrency@@IAEXXZ
?_ConcRT_Assert@details@Concurrency@@YAXPBD0H@Z
?_ConcRT_CoreAssert@details@Concurrency@@YAXPBD0H@Z
?_ConcRT_DumpMessage@details@Concurrency@@YAXPB_WZZ
?_ConcRT_Trace@details@Concurrency@@YAXHPB_WZZ
?_Copy_str@exception@std@@AAEXPBD@Z
?_DoYield@?$_SpinWait@$00@details@Concurrency@@IAEXXZ
?_DoYield@?$_SpinWait@$0A@@details@Concurrency@@IAEXXZ
?_IsCanceling@_StructuredTaskCollection@details@Concurrency@@QAE_NXZ
?_IsCanceling@_TaskCollection@details@Concurrency@@QAE_NXZ
?_Name_base@type_info@@CAPBDPBV1@PAU__type_info_node@@@Z
?_Name_base_internal@type_info@@CAPBDPBV1@PAU__type_info_node@@@Z
?_NumberOfSpins@?$_SpinWait@$00@details@Concurrency@@IAEKXZ
?_NumberOfSpins@?$_SpinWait@$0A@@details@Concurrency@@IAEKXZ
?_Release@_NonReentrantBlockingLock@details@Concurrency@@QAEXXZ
?_Release@_NonReentrantPPLLock@details@Concurrency@@QAEXXZ
?_Release@_ReentrantBlockingLock@details@Concurrency@@QAEXXZ
?_Release@_ReentrantLock@details@Concurrency@@QAEXXZ
?_Release@_ReentrantPPLLock@details@Concurrency@@QAEXXZ
?_ReleaseRead@_ReaderWriterLock@details@Concurrency@@QAEXXZ
?_ReleaseWrite@_ReaderWriterLock@details@Concurrency@@QAEXXZ
?_Reset@?$_SpinWait@$00@details@Concurrency@@IAEXXZ
?_Reset@?$_SpinWait@$0A@@details@Concurrency@@IAEXXZ
?_RunAndWait@_StructuredTaskCollection@details@Concurrency@@QAG?AW4_TaskCollectionStatus@23@PAV_UnrealizedChore@23@@Z
?_RunAndWait@_TaskCollection@details@Concurrency@@QAG?AW4_TaskCollectionStatus@23@PAV_UnrealizedChore@23@@Z
?_Schedule@_StructuredTaskCollection@details@Concurrency@@QAEXPAV_UnrealizedChore@23@@Z
?_Schedule@_TaskCollection@details@Concurrency@@QAEXPAV_UnrealizedChore@23@@Z
?_SetSpinCount@?$_SpinWait@$00@details@Concurrency@@QAEXI@Z
?_SetSpinCount@?$_SpinWait@$0A@@details@Concurrency@@QAEXI@Z
?_ShouldSpinAgain@?$_SpinWait@$00@details@Concurrency@@IAE_NXZ
?_ShouldSpinAgain@?$_SpinWait@$0A@@details@Concurrency@@IAE_NXZ
?_SpinOnce@?$_SpinWait@$00@details@Concurrency@@QAE_NXZ
?_SpinOnce@?$_SpinWait@$0A@@details@Concurrency@@QAE_NXZ
?_SpinYield@Context@Concurrency@@SAXXZ
?_Start@_Timer@details@Concurrency@@IAEXXZ
?_Stop@_Timer@details@Concurrency@@IAEXXZ
?_Tidy@exception@std@@AAEXXZ
?_Trace_ppl_function@Concurrency@@YAXABU_GUID@@EW4ConcRT_EventType@1@@Z
?_TryAcquire@_NonReentrantBlockingLock@details@Concurrency@@QAE_NXZ
?_TryAcquire@_ReentrantBlockingLock@details@Concurrency@@QAE_NXZ
?_TryAcquire@_ReentrantLock@details@Concurrency@@QAE_NXZ
?_TryAcquireWrite@_ReaderWriterLock@details@Concurrency@@QAE_NXZ
?_Type_info_dtor@type_info@@CAXPAV1@@Z
?_Type_info_dtor_internal@type_info@@CAXPAV1@@Z
?_UnderlyingYield@details@Concurrency@@YAXXZ
?_ValidateExecute@@YAHP6GHXZ@Z
?_ValidateRead@@YAHPBXI@Z
?_ValidateWrite@@YAHPAXI@Z
?_Value@_SpinCount@details@Concurrency@@SAIXZ
?__ExceptionPtrAssign@@YAXPAXPBX@Z
?__ExceptionPtrCompare@@YA_NPBX0@Z
?__ExceptionPtrCopy@@YAXPAXPBX@Z
?__ExceptionPtrCopyException@@YAXPAXPBX1@Z
?__ExceptionPtrCreate@@YAXPAX@Z
?__ExceptionPtrCurrentException@@YAXPAX@Z
?__ExceptionPtrDestroy@@YAXPAX@Z
?__ExceptionPtrRethrow@@YAXPBX@Z
?_inconsistency@@YAXXZ
?_invalid_parameter@@YAXPBG00II@Z
?_is_exception_typeof@@YAHABVtype_info@@PAU_EXCEPTION_POINTERS@@@Z
?_name_internal_method@type_info@@QBEPBDPAU__type_info_node@@@Z
?_open@@YAHPBDHH@Z
?_query_new_handler@@YAP6AHI@ZXZ
?_query_new_mode@@YAHXZ
?_set_new_handler@@YAP6AHI@ZH@Z
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
?_set_new_mode@@YAHH@Z
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZH@Z
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
?_sopen@@YAHPBDHHH@Z
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?_wopen@@YAHPB_WHH@Z
?_wsopen@@YAHPB_WHHH@Z
?before@type_info@@QBEHABV1@@Z
?get_error_code@scheduler_resource_allocation_error@Concurrency@@QBEJXZ
?lock@critical_section@Concurrency@@QAEXXZ
?lock@reader_writer_lock@Concurrency@@QAEXXZ
?lock_read@reader_writer_lock@Concurrency@@QAEXXZ
?name@type_info@@QBEPBDPAU__type_info_node@@@Z
?native_handle@critical_section@Concurrency@@QAEAAV12@XZ
?raw_name@type_info@@QBEPBDXZ
?reset@event@Concurrency@@QAEXXZ
?set@event@Concurrency@@QAEXXZ
?set_new_handler@@YAP6AXXZP6AXXZ@Z
?set_terminate@@YAP6AXXZH@Z
?set_terminate@@YAP6AXXZP6AXXZ@Z
?set_unexpected@@YAP6AXXZH@Z
?set_unexpected@@YAP6AXXZP6AXXZ@Z
?swprintf@@YAHPAGIPBGZZ
?swprintf@@YAHPA_WIPB_WZZ
?terminate@@YAXXZ
?try_lock@critical_section@Concurrency@@QAE_NXZ
?try_lock@reader_writer_lock@Concurrency@@QAE_NXZ
?try_lock_read@reader_writer_lock@Concurrency@@QAE_NXZ
?unexpected@@YAXXZ
?unlock@critical_section@Concurrency@@QAEXXZ
?unlock@reader_writer_lock@Concurrency@@QAEXXZ
?vswprintf@@YAHPA_WIPB_WPAD@Z
?wait@Concurrency@@YAXI@Z
?wait@event@Concurrency@@QAEII@Z
?wait_for_multiple@event@Concurrency@@SAIPAPAV12@I_NI@Z
?what@exception@std@@UBEPBDXZ
_CIacos
_CIasin
_CIatan
_CIatan2
_CIcos
_CIcosh
_CIexp
_CIfmod
_CIlog
_CIlog10
_CIpow
_CIsin
_CIsinh
_CIsqrt
_CItan
_CItanh
_CRT_RTC_INIT
_CRT_RTC_INITW
_CreateFrameInfo
_CxxThrowException
_EH_prolog
_FindAndUnlinkFrame
_Getdays
_Getmonths
_Gettnames
_HUGE
_IsExceptionObjectToBeDestroyed
_NLG_Dispatch2
_NLG_Return
_NLG_Return2
_Strftime
_XcptFilter
__AdjustPointer
__BuildCatchObject
__BuildCatchObjectHelper
__CppXcptFilter
__CxxCallUnwindDelDtor
__CxxCallUnwindDtor
__CxxCallUnwindStdDelDtor
__CxxCallUnwindVecDtor
__CxxDetectRethrow
__CxxExceptionFilter
__CxxFrameHandler
__CxxFrameHandler2
__CxxFrameHandler3
__CxxLongjmpUnwind
__CxxQueryExceptionSize
__CxxRegisterExceptionObject
__CxxUnregisterExceptionObject
__DestructExceptionObject
__FrameUnwindFilter
__RTCastToVoid
__RTDynamicCast
__RTtypeid
__STRINGTOLD
__STRINGTOLD_L
__TypeMatch
___fls_getvalue@4
___fls_setvalue@8
___lc_codepage_func
___lc_collate_cp_func
___lc_handle_func
___mb_cur_max_func
___mb_cur_max_l_func
___setlc_active_func
___unguarded_readlc_active_add_func
__argc
__argv
__badioinfo
__clean_type_info_names_internal
__control87_2
__create_locale
__crtCompareStringA
__crtCompareStringW
__crtLCMapStringA
__crtLCMapStringW
__daylight
__dllonexit
__doserrno
__dstbias
__fpecode
__free_locale
__get_current_locale
__get_flsindex
__get_tlsindex
__getmainargs
__initenv
__iob_func
__isascii
__iscsym
__iscsymf
__iswcsym
__iswcsymf
__lconv
__lconv_init
__libm_sse2_acos
__libm_sse2_acosf
__libm_sse2_asin
__libm_sse2_asinf
__libm_sse2_atan
__libm_sse2_atan2
__libm_sse2_atanf
__libm_sse2_cos
__libm_sse2_cosf
__libm_sse2_exp
__libm_sse2_expf
__libm_sse2_log
__libm_sse2_log10
__libm_sse2_log10f
__libm_sse2_logf
__libm_sse2_pow
__libm_sse2_powf
__libm_sse2_sin
__libm_sse2_sinf
__libm_sse2_tan
__libm_sse2_tanf
__mb_cur_max
__p___argc
__p___argv
__p___initenv
__p___mb_cur_max
__p___wargv
__p___winitenv
__p__acmdln
__p__commode
__p__daylight
__p__dstbias
__p__environ
__p__fmode
__p__iob
__p__mbcasemap
__p__mbctype
__p__pctype
__p__pgmptr
__p__pwctype
__p__timezone
__p__tzname
__p__wcmdln
__p__wenviron
__p__wpgmptr
__pctype_func
__pioinfo
__pwctype_func
__pxcptinfoptrs
__report_gsfailure
__set_app_type
__set_flsgetvalue
__setlc_active
__setusermatherr
__strncnt
__swprintf_l
__sys_errlist
__sys_nerr
__threadhandle
__threadid
__timezone
__toascii
__tzname
__unDName
__unDNameEx
__unDNameHelper
__uncaught_exception
__unguarded_readlc_active
__vswprintf_l
__wargv
__wcserror
__wcserror_s
__wcsncnt
__wgetmainargs
__winitenv
_abnormal_termination
_abs64
_access
_access_s
_acmdln
_aligned_free
_aligned_malloc
_aligned_msize
_aligned_offset_malloc
_aligned_offset_realloc
_aligned_offset_recalloc
_aligned_realloc
_aligned_recalloc
_amsg_exit
_assert
_atodbl
_atodbl_l
_atof_l
_atoflt
_atoflt_l
_atoi64
_atoi64_l
_atoi_l
_atol_l
_atoldbl
_atoldbl_l
_beep
_beginthread
_beginthreadex
_byteswap_uint64
_byteswap_ulong
_byteswap_ushort
_c_exit
_cabs
_callnewh
_calloc_crt
_cexit
_cgets
_cgets_s
_cgetws
_cgetws_s
_chdir
_chdrive
_chgsign
_chkesp
_chmod
_chsize
_chsize_s
_clearfp
_close
_commit
_commode
_configthreadlocale
_control87
_controlfp
_controlfp_s
_copysign
_cprintf
_cprintf_l
_cprintf_p

Sections

.text
Size: 705KB - Virtual size: 705KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
other/movie/help_01_dash.avi
other/movie/help_movie_01.avi
other/movie/help_movie_02.avi
other/movie/help_movie_03.avi
other/movie/help_movie_04.avi
other/movie/help_movie_06.avi
other/movie/help_movie_08.avi
other/movie/help_movie_09.avi
other/movie/help_movie_10.avi
other/movie/help_movie_11.avi
res.pak
xinput1_3.dll
.dll windows:5 windows x86 arch:x86

50f64a1d9783342119da2ac75a894235

Code Sign

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

61:47:52:ba:00:00:00:00:00:04
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16/09/2006, 01:53

Not After

16/09/2011, 02:03

Subject

CN=Microsoft Timestamping Service,OU=nCipher DSE ESN:D8A9-CFCC-579C,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

61:49:7c:ed:00:00:00:00:00:05
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16/09/2006, 01:55

Not After

16/09/2011, 02:05

Subject

CN=Microsoft Timestamping Service,OU=nCipher DSE ESN:10D8-5847-CBF8,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16/09/2006, 01:04

Not After

15/09/2019, 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

6a:0b:99:4f:c0:00:1d:ab:11:da:c4:02:a1:66:27:ba
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

04/04/2006, 17:44

Not After

26/04/2012, 07:00

Subject

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

61:46:9e:cb:00:04:00:00:00:65
Certificate

Issuer

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/04/2006, 19:43

Not After

04/10/2007, 19:53

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

f7:70:e2:42:9a:d8:ac:d3:80:f7:72:5c:76:ce:b2:e1:96:69:e6:f7
Signer

Actual PE Digest

f7:70:e2:42:9a:d8:ac:d3:80:f7:72:5c:76:ce:b2:e1:96:69:e6:f7

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

XInput1_3.pdb

Imports

ntdll

RtlUnwind

kernel32

LocalAlloc
SetEvent
GetLastError
CreateThread
CreateFileW
LoadLibraryW
FreeLibrary
GetProcAddress
DeviceIoControl
GetOverlappedResult
CreateEventW
GetTickCount
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
ExitProcess
GetModuleHandleA
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
Sleep
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
GetCurrentProcess
WideCharToMultiByte
GetEnvironmentStringsW
HeapDestroy
DuplicateHandle
VirtualFree
WriteFile
InterlockedExchange
VirtualQuery
GetACP
GetOEMCP
GetCPInfo
VirtualAlloc
HeapReAlloc
IsBadWritePtr
LoadLibraryA
RaiseException
IsBadReadPtr
IsBadCodePtr
SetFilePointer
MultiByteToWideChar
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
SetStdHandle
VirtualProtect
GetSystemInfo
FlushFileBuffers
LocalFree
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
CloseHandle
FreeEnvironmentStringsW
HeapCreate

advapi32

TraceMessage

setupapi

SetupDiDestroyDeviceInfoList
SetupDiGetClassDevsW
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailW

Exports

Exports

DllMain
XInputEnable
XInputGetBatteryInformation
XInputGetCapabilities
XInputGetDSoundAudioDeviceGuids
XInputGetKeystroke
XInputGetState
XInputSetState

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7fa974366048f9c551ef45714595665e

Code Sign

02:96:3c:31:4e:e0:8a:0c:f5:43:01:05:16:df:aa:68Certificate

Extended Key Usages

47:97:4d:78:73:a5:bc:ab:0d:2f:b3:70:19:2f:ce:5eCertificate

Extended Key Usages

Key Usages

c3:13:76:be:ae:cf:49:bf:80:9d:6e:44:a0:32:0e:ce:10:cb:fe:22Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 23KB - Virtual size: 23KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 151KB

.ndata Size: - Virtual size: 36KB

.rsrc Size: 78KB - Virtual size: 77KB

b1cd0d78f652ce5fc63f0879371af012

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comdlg32

ole32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 6KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 2KB - Virtual size: 10KB

.rsrc Size: 512B - Virtual size: 152B

.reloc Size: 1KB - Virtual size: 1KB

Headers

File Characteristics

Exports

Exports

Sections

CODE Size: 148KB - Virtual size: 148KB

DATA Size: 3KB - Virtual size: 2KB

BSS Size: - Virtual size: 2KB

.idata Size: 4KB - Virtual size: 3KB

.edata Size: 1KB - Virtual size: 1KB

.reloc Size: 10KB - Virtual size: 10KB

.rsrc Size: 7KB - Virtual size: 7KB

9716e5409344ff1fe33348e9688b88c7

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate

Extended Key Usages

Key Usages

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate

Extended Key Usages

Key Usages

02:96:3c:31:4e:e0:8a:0c:f5:43:01:05:16:df:aa:68Certificate

Extended Key Usages

47:97:4d:78:73:a5:bc:ab:0d:2f:b3:70:19:2f:ce:5eCertificate

Extended Key Usages

Key Usages

7c:46:1e:7e:e1:32:74:6a:a4:0f:72:bc:9b:30:c0:5d:56:43:2a:24Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

02:96:3c:31:4e:e0:8a:0c:f5:43:01:05:16:df:aa:68
Certificate

47:97:4d:78:73:a5:bc:ab:0d:2f:b3:70:19:2f:ce:5e
Certificate

c3:13:76:be:ae:cf:49:bf:80:9d:6e:44:a0:32:0e:ce:10:cb:fe:22
Signer

.text
Size: 23KB - Virtual size: 23KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 151KB

.ndata
Size: - Virtual size: 36KB

.rsrc
Size: 78KB - Virtual size: 77KB

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 10KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1KB - Virtual size: 1KB

CODE
Size: 148KB - Virtual size: 148KB

DATA
Size: 3KB - Virtual size: 2KB

BSS
Size: - Virtual size: 2KB

.idata
Size: 4KB - Virtual size: 3KB

.edata
Size: 1KB - Virtual size: 1KB

.reloc
Size: 10KB - Virtual size: 10KB

.rsrc
Size: 7KB - Virtual size: 7KB

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

02:96:3c:31:4e:e0:8a:0c:f5:43:01:05:16:df:aa:68
Certificate

47:97:4d:78:73:a5:bc:ab:0d:2f:b3:70:19:2f:ce:5e
Certificate

7c:46:1e:7e:e1:32:74:6a:a4:0f:72:bc:9b:30:c0:5d:56:43:2a:24
Signer

.text
Size: 7.8MB - Virtual size: 7.8MB

_rwcseg
Size: 1KB - Virtual size: 1KB

.rdata
Size: 1.2MB - Virtual size: 1.2MB

.data
Size: 223KB - Virtual size: 18.3MB

.tls
Size: 710KB - Virtual size: 709KB

_rwdseg
Size: 512B - Virtual size: 8B

.rsrc
Size: 710KB - Virtual size: 710KB

2e:ab:11:dc:50:ff:5c:9d:cb:c0
Certificate

61:06:27:81:00:00:00:00:00:08
Certificate

61:47:52:ba:00:00:00:00:00:04
Certificate

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

f7:ba:7a:fb:82:65:dc:af:11:4d:56:c7:01:a0:11:a3:9c:90:4c:a6
Signer

.text
Size: 1.8MB - Virtual size: 1.8MB

.data
Size: 21KB - Virtual size: 36KB

.rsrc
Size: 1024B - Virtual size: 968B

.reloc
Size: 48KB - Virtual size: 47KB