dialog
initDialog
show
Overview
overview
7Static
static
7e837debfd8...18.exe
windows7-x64
7e837debfd8...18.exe
windows10-2004-x64
7$PLUGINSDI...ns.dll
windows7-x64
3$PLUGINSDI...ns.dll
windows10-2004-x64
3$PLUGINSDI...nu.dll
windows7-x64
3$PLUGINSDI...nu.dll
windows10-2004-x64
3$_16_/PinyinUp.exe
windows7-x64
1$_16_/PinyinUp.exe
windows10-2004-x64
1$_16_/ScdMaker.exe
windows7-x64
1$_16_/ScdMaker.exe
windows10-2004-x64
1$_16_/ScdReg.exe
windows7-x64
1$_16_/ScdReg.exe
windows10-2004-x64
1$_16_/ScdViewer.exe
windows7-x64
1$_16_/ScdViewer.exe
windows10-2004-x64
1$_16_/SkinReg.exe
windows7-x64
1$_16_/SkinReg.exe
windows10-2004-x64
1$_16_/SpeedMeter.exe
windows7-x64
1$_16_/SpeedMeter.exe
windows10-2004-x64
1InstTemp/PinyinUp.exe
windows7-x64
1InstTemp/PinyinUp.exe
windows10-2004-x64
1InstTemp/ScdMaker.exe
windows7-x64
1InstTemp/ScdMaker.exe
windows10-2004-x64
1InstTemp/ScdReg.exe
windows7-x64
1InstTemp/ScdReg.exe
windows10-2004-x64
1InstTemp/S...er.exe
windows7-x64
1InstTemp/S...er.exe
windows10-2004-x64
1InstTemp/SkinReg.exe
windows7-x64
1InstTemp/SkinReg.exe
windows10-2004-x64
1InstTemp/S...er.exe
windows7-x64
1InstTemp/S...er.exe
windows10-2004-x64
1InstTemp/U...il.exe
windows7-x64
InstTemp/U...il.exe
windows10-2004-x64
Behavioral task
behavioral1
Sample
e837debfd87fda2f994bc84a7787b8c6_JaffaCakes118.exe
Resource
win7-20240221-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
e837debfd87fda2f994bc84a7787b8c6_JaffaCakes118.exe
Resource
win10v2004-20240226-en
windows10-2004-x64
2 signatures
150 seconds
Behavioral task
behavioral3
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win7-20240221-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral4
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win10v2004-20240226-en
windows10-2004-x64
2 signatures
150 seconds
Behavioral task
behavioral5
Sample
$PLUGINSDIR/StartMenu.dll
Resource
win7-20240221-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral6
Sample
$PLUGINSDIR/StartMenu.dll
Resource
win10v2004-20240226-en
windows10-2004-x64
2 signatures
150 seconds
Behavioral task
behavioral7
Sample
$_16_/PinyinUp.exe
Resource
win7-20231129-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral8
Sample
$_16_/PinyinUp.exe
Resource
win10v2004-20240226-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral9
Sample
$_16_/ScdMaker.exe
Resource
win7-20240221-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral10
Sample
$_16_/ScdMaker.exe
Resource
win10v2004-20240226-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral11
Sample
$_16_/ScdReg.exe
Resource
win7-20240221-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral12
Sample
$_16_/ScdReg.exe
Resource
win10v2004-20240226-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral13
Sample
$_16_/ScdViewer.exe
Resource
win7-20240319-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral14
Sample
$_16_/ScdViewer.exe
Resource
win10v2004-20240226-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral15
Sample
$_16_/SkinReg.exe
Resource
win7-20231129-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral16
Sample
$_16_/SkinReg.exe
Resource
win10v2004-20240226-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral17
Sample
$_16_/SpeedMeter.exe
Resource
win7-20240221-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral18
Sample
$_16_/SpeedMeter.exe
Resource
win10v2004-20240226-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral19
Sample
InstTemp/PinyinUp.exe
Resource
win7-20240221-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral20
Sample
InstTemp/PinyinUp.exe
Resource
win10v2004-20240226-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral21
Sample
InstTemp/ScdMaker.exe
Resource
win7-20240221-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral22
Sample
InstTemp/ScdMaker.exe
Resource
win10v2004-20240226-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral23
Sample
InstTemp/ScdReg.exe
Resource
win7-20240221-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral24
Sample
InstTemp/ScdReg.exe
Resource
win10v2004-20240226-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral25
Sample
InstTemp/ScdViewer.exe
Resource
win7-20240221-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral26
Sample
InstTemp/ScdViewer.exe
Resource
win10v2004-20240226-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral27
Sample
InstTemp/SkinReg.exe
Resource
win7-20231129-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral28
Sample
InstTemp/SkinReg.exe
Resource
win10v2004-20240226-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral29
Sample
InstTemp/SpeedMeter.exe
Resource
win7-20240221-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral30
Sample
InstTemp/SpeedMeter.exe
Resource
win10v2004-20240226-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral31
Sample
InstTemp/UsrDictUtil.exe
Resource
win7-20240221-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral32
Sample
InstTemp/UsrDictUtil.exe
Resource
win10v2004-20240319-en
windows10-2004-x64
0 signatures
150 seconds
General
-
Target
e837debfd87fda2f994bc84a7787b8c6_JaffaCakes118
-
Size
552KB
-
MD5
e837debfd87fda2f994bc84a7787b8c6
-
SHA1
535f3e523de4ba3c9428a9ca97169dd652ee3be0
-
SHA256
8f43a512deb7b33ff2df0302d6a2b6fa2c820d53f435e7d2a21b583a1d2d314f
-
SHA512
ebb1c41167cdfb1e5459c33fa53080c239199d88ddaa0f69dfe8bda325fa95f7c98e872847c01d7089a990e06ca46c35afb5e223af7885445735f37471613309
-
SSDEEP
12288:i+pL3qmaNFI4dTbN//G2XbIvAH0A/Y1Z79qIo0IgZoSSZJrvOgvHjVUOUR:iM3qEMJVbIvAHdY1p9b9ZYZJigvHFm
Score
7/10
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 5 IoCs
Checks for missing Authenticode signature.
resource e837debfd87fda2f994bc84a7787b8c6_JaffaCakes118 unpack001/$PLUGINSDIR/InstallOptions.dll unpack001/$PLUGINSDIR/StartMenu.dll unpack001/InstTemp/UsrDictUtil.exe unpack001/out.upx
Files
-
e837debfd87fda2f994bc84a7787b8c6_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NO_SEH
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 224KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 17KB - Virtual size: 20KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 7KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
$PLUGINSDIR/InstallOptions.dll.dll windows:4 windows x86 arch:x86
b1cd0d78f652ce5fc63f0879371af012
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
SetCurrentDirectoryA
GetCurrentDirectoryA
MultiByteToWideChar
GetPrivateProfileIntA
GlobalLock
GetModuleHandleA
lstrcmpiA
GetPrivateProfileStringA
lstrcatA
lstrcpynA
WritePrivateProfileStringA
lstrlenA
lstrcpyA
GlobalFree
GlobalUnlock
GlobalAlloc
user32
MapWindowPoints
GetDlgCtrlID
CloseClipboard
GetClipboardData
OpenClipboard
PtInRect
SetWindowRgn
LoadIconA
LoadImageA
SetWindowLongA
CreateWindowExA
MapDialogRect
SetWindowPos
GetWindowRect
CreateDialogParamA
ShowWindow
EnableMenuItem
GetSystemMenu
EnableWindow
GetDlgItem
DestroyIcon
DestroyWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
LoadCursorA
SetCursor
DrawTextA
GetWindowLongA
DrawFocusRect
CallWindowProcA
PostMessageA
MessageBoxA
CharNextA
wsprintfA
GetWindowTextA
SetWindowTextA
SendMessageA
GetClientRect
gdi32
SetTextColor
CreateCompatibleDC
GetObjectA
GetDIBits
CreateRectRgn
CombineRgn
DeleteObject
SelectObject
shell32
SHBrowseForFolderA
SHGetDesktopFolder
SHGetPathFromIDListA
ShellExecuteA
comdlg32
GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError
ole32
CoTaskMemFree
Exports
Exports
Sections
.text Size: 7KB - Virtual size: 6KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 2KB - Virtual size: 10KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 152B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1024B - Virtual size: 1012B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$PLUGINSDIR/StartMenu.dll.dll windows:4 windows x86 arch:x86
7868cd55f358bfb360f9eb8ce1512ca0
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
lstrcpynA
GlobalAlloc
MulDiv
GetModuleHandleA
GlobalFree
FindClose
FindNextFileA
FindFirstFileA
lstrcmpiA
lstrcatA
lstrcpyA
user32
TranslateMessage
GetMessageA
IsDialogMessageA
PostMessageA
DispatchMessageA
GetWindowLongA
CheckDlgButton
ShowWindow
LoadIconA
GetClientRect
MoveWindow
ScreenToClient
GetWindowRect
ReleaseDC
GetDC
EnableWindow
SetWindowTextA
SendMessageA
IsDlgButtonChecked
GetWindowTextA
DestroyWindow
GetDlgItem
CreateDialogParamA
SetWindowLongA
wsprintfA
CallWindowProcA
gdi32
GetTextMetricsA
SelectObject
shell32
SHGetSpecialFolderLocation
SHGetPathFromIDListA
ole32
CoTaskMemFree
Exports
Exports
Init
Select
Show
Sections
.text Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 296B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 472B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$PLUGINSDIR/ioSpecial.ini
-
$PLUGINSDIR/modern-header.bmp
-
$PLUGINSDIR/modern-wizard.bmp
-
$_16_/Correction.ini
-
$_16_/MoHuYin.ini
-
$_16_/PinyinUp.exe.exe windows:4 windows x86 arch:x86
81144eb83d45d3f284106bd200988db2
Code Sign
38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate
IssuerCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USNot Before15/06/2007, 00:00Not After14/06/2012, 23:59SubjectCN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before04/12/2003, 00:00Not After03/12/2013, 23:59SubjectCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2Certificate
IssuerOU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=USNot Before16/07/2004, 00:00Not After15/07/2014, 23:59SubjectCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
07:3f:fb:87:6a:fa:34:33:91:1b:a4:b5:51:43:56:d1Certificate
IssuerCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USNot Before03/07/2007, 00:00Not After02/07/2008, 23:59SubjectCN=Sogou.com,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D,O=Sogou.com,L=Beijing,ST=Beijing,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
Signer
Actual PE DigestDigest AlgorithmPE Digest MatchesfalseHeaders
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
e:\sogouime33\Bin\SogouInput\PinyinUp.pdb
Imports
wininet
HttpQueryInfoW
InternetCloseHandle
InternetSetCookieW
InternetOpenW
InternetOpenUrlW
InternetReadFile
shlwapi
StrToIntW
StrCmpIW
imm32
ImmDisableIME
ws2_32
gethostbyname
kernel32
GetExitCodeThread
FindClose
GetTempPathW
CreateDirectoryW
LeaveCriticalSection
DeleteCriticalSection
WaitForSingleObject
InitializeCriticalSection
Sleep
FindNextFileW
HeapAlloc
HeapFree
GetProcessHeap
FormatMessageW
CompareStringW
CompareStringA
CreateFileA
GetDriveTypeA
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
GetVersionExW
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LoadLibraryA
GetConsoleMode
ResumeThread
CloseHandle
SetThreadPriority
SuspendThread
FindFirstFileW
MultiByteToWideChar
GetPrivateProfileStringW
GetCurrentProcess
EnterCriticalSection
LocalFree
GetLocalTime
GetLastError
WriteConsoleA
CreateProcessW
GetCurrentDirectoryA
GetFullPathNameW
GetCurrentProcessId
SetEnvironmentVariableA
GetCurrentThreadId
WideCharToMultiByte
MoveFileExW
DeleteFileW
SetFileAttributesW
CopyFileW
ReadFile
CreateFileW
FlushFileBuffers
SetLastError
GetFileSize
SetFilePointer
WriteFile
GlobalAlloc
GetCommandLineW
GlobalFree
CreateEventW
WaitForMultipleObjects
QueryPerformanceCounter
CreateThread
GetModuleHandleW
GetSystemInfo
GetModuleFileNameW
CreateFileMappingW
OpenFileMappingW
MapViewOfFile
UnmapViewOfFile
ReleaseMutex
OpenMutexW
CreateMutexW
InterlockedIncrement
InterlockedCompareExchange
OpenEventW
RemoveDirectoryW
GetProcAddress
LCMapStringW
GetTickCount
ExitThread
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
GetVersionExA
GetStartupInfoW
RtlUnwind
RaiseException
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeW
HeapReAlloc
GetTimeZoneInformation
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedDecrement
ExitProcess
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
HeapSize
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
SetHandleCount
GetFileType
GetStartupInfoA
GetConsoleCP
user32
RegisterClassW
LoadCursorW
GetSystemMetrics
GetMessageW
SetCursor
ShowWindow
PostQuitMessage
InvalidateRect
GetWindowTextW
CreateWindowExW
GetDlgItem
SetWindowTextW
LoadIconW
GetWindowLongW
DispatchMessageW
SetWindowPos
EnableMenuItem
TranslateMessage
SendMessageW
DefWindowProcW
GetSystemMenu
MessageBoxW
ExitWindowsEx
gdi32
CreateFontIndirectW
advapi32
RegQueryValueW
RegCreateKeyExW
BuildExplicitAccessWithNameW
GetSecurityDescriptorSacl
SetEntriesInAclW
SetSecurityInfo
ConvertStringSecurityDescriptorToSecurityDescriptorW
GetNamedSecurityInfoW
GetSecurityInfo
AllocateAndInitializeSid
SetNamedSecurityInfoW
RegCloseKey
FreeSid
GetTokenInformation
EqualSid
LookupAccountSidW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegOpenKeyExW
RegQueryValueExW
shell32
Shell_NotifyIconW
ShellExecuteW
SHFileOperationW
SHGetSpecialFolderPathW
hwsignature
GenHWID
Sections
.text Size: 264KB - Virtual size: 263KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 68KB - Virtual size: 65KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 124KB - Virtual size: 148KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 28KB - Virtual size: 27KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
$_16_/Punctures.ini
-
$_16_/ScdMaker.exe.exe windows:4 windows x86 arch:x86
b61c88b32d5d44dc2d3dbf818ee6a596
Code Sign
38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate
IssuerCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USNot Before15/06/2007, 00:00Not After14/06/2012, 23:59SubjectCN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before04/12/2003, 00:00Not After03/12/2013, 23:59SubjectCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2Certificate
IssuerOU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=USNot Before16/07/2004, 00:00Not After15/07/2014, 23:59SubjectCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
07:3f:fb:87:6a:fa:34:33:91:1b:a4:b5:51:43:56:d1Certificate
IssuerCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USNot Before03/07/2007, 00:00Not After02/07/2008, 23:59SubjectCN=Sogou.com,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D,O=Sogou.com,L=Beijing,ST=Beijing,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
Signer
Actual PE DigestDigest AlgorithmPE Digest MatchesfalseHeaders
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
e:\sogouime33\Bin\SogouInput\ScdMaker.pdb
Imports
imm32
ImmDisableIME
kernel32
CloseHandle
LocalFree
CreateThread
FormatMessageW
GetCommandLineW
FindClose
FindNextFileW
FindFirstFileW
OpenFileMappingW
MapViewOfFile
UnmapViewOfFile
CreateFileW
CreateFileMappingW
GetVersionExW
GetSystemInfo
GetModuleFileNameW
GetModuleHandleW
SetFileAttributesW
MoveFileExW
CreateDirectoryW
CreateMutexW
ReleaseMutex
OpenMutexW
WaitForSingleObject
WriteFile
ReadFile
FlushFileBuffers
GetFileSize
SetFilePointer
InterlockedIncrement
InterlockedCompareExchange
RemoveDirectoryW
LCMapStringW
GetTickCount
Sleep
InterlockedExchange
InterlockedDecrement
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapFree
GetSystemTimeAsFileTime
GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoW
RtlUnwind
GetCurrentThreadId
HeapReAlloc
GetTimeZoneInformation
LCMapStringA
GetCPInfo
GetStringTypeA
GetStringTypeW
GetConsoleCP
GetConsoleMode
GetFullPathNameW
GetCurrentDirectoryA
GetModuleHandleA
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
GetACP
GetOEMCP
IsValidCodePage
ExitProcess
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
SetHandleCount
GetFileType
GetStartupInfoA
QueryPerformanceCounter
GetCurrentProcessId
HeapSize
GetLocaleInfoA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
LoadLibraryA
GetLocaleInfoW
CreateFileA
GetDriveTypeA
SetEndOfFile
CompareStringA
CompareStringW
SetEnvironmentVariableA
GlobalAlloc
WaitForMultipleObjects
CreateEventW
CreateProcessW
GlobalFree
SetLastError
WideCharToMultiByte
GetLastError
DeleteFileW
MultiByteToWideChar
CopyFileW
RaiseException
user32
MessageBoxW
advapi32
RegCreateKeyExW
RegQueryValueW
RegQueryValueExW
GetNamedSecurityInfoW
GetSecurityInfo
SetNamedSecurityInfoW
BuildExplicitAccessWithNameW
GetSecurityDescriptorSacl
SetEntriesInAclW
SetSecurityInfo
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegOpenKeyExW
RegCloseKey
shell32
SHGetSpecialFolderPathW
SHFileOperationW
Sections
.text Size: 264KB - Virtual size: 262KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 60KB - Virtual size: 58KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 128KB - Virtual size: 136KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 1016B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
$_16_/ScdReg.exe.exe windows:4 windows x86 arch:x86
b9d549f1f267cec71843909cce4fcf93
Code Sign
38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate
IssuerCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USNot Before15/06/2007, 00:00Not After14/06/2012, 23:59SubjectCN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before04/12/2003, 00:00Not After03/12/2013, 23:59SubjectCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2Certificate
IssuerOU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=USNot Before16/07/2004, 00:00Not After15/07/2014, 23:59SubjectCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
07:3f:fb:87:6a:fa:34:33:91:1b:a4:b5:51:43:56:d1Certificate
IssuerCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USNot Before03/07/2007, 00:00Not After02/07/2008, 23:59SubjectCN=Sogou.com,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D,O=Sogou.com,L=Beijing,ST=Beijing,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
Signer
Actual PE DigestDigest AlgorithmPE Digest MatchesfalseHeaders
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
e:\sogouime33\Bin\SogouInput\ScdReg.pdb
Imports
imm32
ImmDisableIME
kernel32
CloseHandle
GetSystemInfo
GetModuleFileNameW
GetModuleHandleW
GetCommandLineW
GetVersionExW
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
CreateFileW
OpenFileMappingW
SetFileAttributesW
MoveFileExW
CreateDirectoryW
CopyFileW
MultiByteToWideChar
CreateProcessW
GlobalFree
WaitForMultipleObjects
GlobalAlloc
GetCurrentThreadId
FormatMessageW
CreateThread
InterlockedCompareExchange
InterlockedIncrement
GetFileSize
SetFilePointer
WriteFile
ReadFile
FlushFileBuffers
CreateMutexW
ReleaseMutex
OpenMutexW
WaitForSingleObject
RemoveDirectoryW
LCMapStringW
GetTickCount
InterlockedExchange
InterlockedDecrement
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoW
GetSystemTimeAsFileTime
RtlUnwind
RaiseException
FileTimeToSystemTime
OpenEventW
GetDriveTypeW
HeapReAlloc
GetTimeZoneInformation
LCMapStringA
GetCPInfo
GetStringTypeA
GetStringTypeW
GetModuleHandleA
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
ExitProcess
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
SetHandleCount
GetFileType
GetStartupInfoA
QueryPerformanceCounter
GetCurrentProcessId
HeapSize
GetFullPathNameW
GetCurrentDirectoryA
GetACP
GetOEMCP
IsValidCodePage
GetConsoleCP
GetConsoleMode
GetLocaleInfoA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
LoadLibraryA
GetLocaleInfoW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetDriveTypeA
CreateFileA
CompareStringA
CompareStringW
SetEnvironmentVariableA
CreateEventW
SetLastError
GetLastError
Sleep
LocalFree
WideCharToMultiByte
GetCurrentDirectoryW
DeleteFileW
FindClose
FindFirstFileW
FindNextFileW
FileTimeToLocalFileTime
user32
MessageBoxW
advapi32
RegCreateKeyExW
RegQueryValueW
RegSetValueExW
SetNamedSecurityInfoW
BuildExplicitAccessWithNameW
GetSecurityDescriptorSacl
SetEntriesInAclW
SetSecurityInfo
RegQueryValueExW
ConvertStringSecurityDescriptorToSecurityDescriptorW
GetNamedSecurityInfoW
GetSecurityInfo
RegOpenKeyExW
RegCloseKey
shell32
SHGetSpecialFolderPathW
SHFileOperationW
Sections
.text Size: 284KB - Virtual size: 282KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 68KB - Virtual size: 67KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 128KB - Virtual size: 140KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 28KB - Virtual size: 27KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
$_16_/ScdViewer.exe.exe windows:4 windows x86 arch:x86
2fd4ce42f3412d026ae3bf4cbdcf77fc
Code Sign
38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate
IssuerCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USNot Before15/06/2007, 00:00Not After14/06/2012, 23:59SubjectCN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before04/12/2003, 00:00Not After03/12/2013, 23:59SubjectCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2Certificate
IssuerOU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=USNot Before16/07/2004, 00:00Not After15/07/2014, 23:59SubjectCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
07:3f:fb:87:6a:fa:34:33:91:1b:a4:b5:51:43:56:d1Certificate
IssuerCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USNot Before03/07/2007, 00:00Not After02/07/2008, 23:59SubjectCN=Sogou.com,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D,O=Sogou.com,L=Beijing,ST=Beijing,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
Signer
Actual PE DigestDigest AlgorithmPE Digest MatchesfalseHeaders
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
e:\sogouime33\Bin\SogouInput\ScdViewer.pdb
Imports
user32
GetSystemMetrics
GetWindowRect
SendMessageW
GetDlgItem
EndDialog
SetWindowPos
DialogBoxParamW
MessageBoxW
gdi32
GetStockObject
imm32
ImmDisableIME
kernel32
GetCurrentThreadId
FormatMessageW
CloseHandle
LocalFree
MultiByteToWideChar
SetLastError
GlobalFree
GetCommandLineW
FindClose
FindNextFileW
FindFirstFileW
SetFilePointer
WriteFile
ReadFile
CreateFileW
FlushFileBuffers
GetFileSize
WaitForSingleObject
ReleaseMutex
OpenMutexW
CreateMutexW
CreateFileMappingW
OpenFileMappingW
MapViewOfFile
UnmapViewOfFile
GetVersionExW
GetSystemInfo
GetModuleFileNameW
GetModuleHandleW
RemoveDirectoryW
WideCharToMultiByte
InterlockedCompareExchange
InterlockedExchange
InterlockedIncrement
InterlockedDecrement
Sleep
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapFree
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetVersionExA
HeapAlloc
GetProcessHeap
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeW
GetSystemTimeAsFileTime
RtlUnwind
SetFileAttributesW
GetLastError
GetStringTypeW
GetCPInfo
LCMapStringA
LCMapStringW
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
GetTimeZoneInformation
GetModuleHandleA
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
ExitProcess
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
SetHandleCount
GetFileType
GetStartupInfoA
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetACP
GetOEMCP
IsValidCodePage
GetFullPathNameW
GetCurrentDirectoryA
HeapSize
GetLocaleInfoA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetConsoleCP
GetConsoleMode
LoadLibraryA
GetLocaleInfoW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetDriveTypeA
CompareStringA
CompareStringW
SetEnvironmentVariableA
CreateFileA
CreateDirectoryW
DeleteFileW
RaiseException
MoveFileExW
GetStartupInfoW
GetStringTypeA
advapi32
BuildExplicitAccessWithNameW
GetSecurityDescriptorSacl
RegQueryValueW
RegOpenKeyExW
RegCloseKey
ConvertStringSecurityDescriptorToSecurityDescriptorW
GetNamedSecurityInfoW
GetSecurityInfo
SetNamedSecurityInfoW
SetEntriesInAclW
SetSecurityInfo
shell32
SHFileOperationW
SHGetSpecialFolderPathW
Sections
.text Size: 144KB - Virtual size: 142KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 40KB - Virtual size: 37KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 8KB - Virtual size: 16KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
$_16_/SkinReg.exe.exe windows:4 windows x86 arch:x86
bc2f628937d4058c840ae1875d55d8ab
Code Sign
38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate
IssuerCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USNot Before15/06/2007, 00:00Not After14/06/2012, 23:59SubjectCN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before04/12/2003, 00:00Not After03/12/2013, 23:59SubjectCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2Certificate
IssuerOU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=USNot Before16/07/2004, 00:00Not After15/07/2014, 23:59SubjectCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
07:3f:fb:87:6a:fa:34:33:91:1b:a4:b5:51:43:56:d1Certificate
IssuerCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USNot Before03/07/2007, 00:00Not After02/07/2008, 23:59SubjectCN=Sogou.com,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D,O=Sogou.com,L=Beijing,ST=Beijing,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
Signer
Actual PE DigestDigest AlgorithmPE Digest MatchesfalseHeaders
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
e:\sogouime33\Bin\SogouInput\SkinReg.pdb
Imports
user32
DrawTextW
SetWindowPos
GetWindowLongW
TranslateMessage
GetCursorPos
SetTimer
GetSystemMetrics
GetWindowRect
GetMonitorInfoW
GetForegroundWindow
GetLastInputInfo
DefWindowProcW
FindWindowW
SetForegroundWindow
RegisterClassExW
AdjustWindowRect
OffsetRect
CloseWindow
MonitorFromRect
MonitorFromPoint
LoadCursorW
EndPaint
PostQuitMessage
DestroyWindow
DispatchMessageW
BeginPaint
IntersectRect
SetWindowLongW
PtInRect
SetCursor
CreateWindowExW
SubtractRect
InvalidateRect
GetMessageW
MessageBoxW
imm32
ImmDisableIME
kernel32
InterlockedCompareExchange
RemoveDirectoryW
CreateMutexW
ReleaseMutex
OpenMutexW
WaitForSingleObject
WideCharToMultiByte
FreeLibrary
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoW
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
RtlUnwind
RaiseException
GetModuleHandleA
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedDecrement
FindFirstFileW
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetCurrentProcessId
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
GetFullPathNameW
GetCurrentDirectoryA
Sleep
HeapSize
SetFilePointer
InterlockedIncrement
GetConsoleMode
LoadLibraryA
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetTimeZoneInformation
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetDriveTypeA
FlushFileBuffers
CreateFileA
CompareStringA
CompareStringW
SetEnvironmentVariableA
FindNextFileW
MapViewOfFile
OpenFileMappingW
CreateFileMappingW
UnmapViewOfFile
LocalFree
MultiByteToWideChar
CreateProcessW
GetCurrentThreadId
FormatMessageW
WaitForMultipleObjects
CreateEventW
SetLastError
CreateThread
GetModuleFileNameW
GetCommandLineW
GetVersionExW
GetSystemInfo
SetFileAttributesW
DeleteFileW
CreateDirectoryW
MoveFileExW
CopyFileW
GetProcAddress
LoadLibraryW
GlobalFree
CloseHandle
GetFileSize
CreateFileW
GlobalAlloc
ReadFile
GetTickCount
GetModuleHandleW
GetLastError
GetConsoleCP
FindClose
InitializeCriticalSection
gdi32
CreateFontIndirectW
GetStockObject
SetTextColor
DeleteObject
BitBlt
SetViewportOrgEx
SelectObject
CreateCompatibleBitmap
Rectangle
CreatePen
CreateCompatibleDC
DeleteDC
SetBkMode
CreateSolidBrush
advapi32
GetNamedSecurityInfoW
SetEntriesInAclW
SetSecurityInfo
ConvertStringSecurityDescriptorToSecurityDescriptorW
SetNamedSecurityInfoW
BuildExplicitAccessWithNameW
GetSecurityDescriptorSacl
RegCreateKeyExW
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegQueryValueW
RegCloseKey
GetSecurityInfo
shell32
ShellExecuteW
SHFileOperationW
SHGetSpecialFolderPathW
Sections
.text Size: 184KB - Virtual size: 181KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 52KB - Virtual size: 49KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 8KB - Virtual size: 17KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 12KB - Virtual size: 10KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
$_16_/SpeedMeter.exe.exe windows:4 windows x86 arch:x86
a248a7ff37d9332d68ad414c2d0103df
Code Sign
38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate
IssuerCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USNot Before15/06/2007, 00:00Not After14/06/2012, 23:59SubjectCN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before04/12/2003, 00:00Not After03/12/2013, 23:59SubjectCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2Certificate
IssuerOU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=USNot Before16/07/2004, 00:00Not After15/07/2014, 23:59SubjectCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
07:3f:fb:87:6a:fa:34:33:91:1b:a4:b5:51:43:56:d1Certificate
IssuerCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USNot Before03/07/2007, 00:00Not After02/07/2008, 23:59SubjectCN=Sogou.com,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D,O=Sogou.com,L=Beijing,ST=Beijing,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
Signer
Actual PE DigestDigest AlgorithmPE Digest MatchesfalseHeaders
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
e:\sogouime33\Bin\SogouInput\SpeedMeter.pdb
Imports
kernel32
GlobalFree
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetTickCount
GlobalLock
GlobalUnlock
GlobalAlloc
GetLastError
GetModuleHandleW
GetCommandLineW
GetVersionExW
GetSystemInfo
GetModuleFileNameW
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
CreateFileW
OpenFileMappingW
CloseHandle
FormatMessageW
GetCurrentThreadId
MultiByteToWideChar
CreateProcessW
LocalFree
CreateThread
SetLastError
CreateEventW
WaitForMultipleObjects
InterlockedCompareExchange
InterlockedIncrement
FindClose
RemoveDirectoryW
FindNextFileW
FindFirstFileW
MoveFileExW
DeleteFileW
CreateDirectoryW
ReleaseMutex
OpenMutexW
WaitForSingleObject
CreateMutexW
CopyFileW
SetFileAttributesW
WideCharToMultiByte
GetProcAddress
LCMapStringW
Sleep
InterlockedExchange
InterlockedDecrement
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapFree
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoW
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeW
GetSystemTimeAsFileTime
RtlUnwind
RaiseException
GetTimeZoneInformation
GetCPInfo
LCMapStringA
GetStringTypeA
GetStringTypeW
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
SetHandleCount
GetFileType
GetStartupInfoA
QueryPerformanceCounter
GetCurrentProcessId
GetACP
GetOEMCP
IsValidCodePage
HeapSize
GetFullPathNameW
GetCurrentDirectoryA
GetConsoleCP
GetConsoleMode
ReadFile
FlushFileBuffers
SetFilePointer
GetLocaleInfoA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
LoadLibraryA
GetLocaleInfoW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
GetDriveTypeA
CreateFileA
GetFileSize
user32
SetWindowLongW
DestroyWindow
DialogBoxParamW
CreateDialogParamW
GetWindowLongW
SetWindowTextW
EndDialog
GetWindowTextLengthW
SendMessageW
LoadIconW
CloseClipboard
OpenClipboard
SetClipboardData
EmptyClipboard
MessageBoxW
ShowWindow
SetForegroundWindow
IsIconic
FindWindowW
GetDlgItem
SetTimer
GetWindowTextW
comctl32
InitCommonControlsEx
imm32
ImmDisableIME
advapi32
SetNamedSecurityInfoW
RegQueryValueExW
GetSecurityDescriptorSacl
BuildExplicitAccessWithNameW
RegCloseKey
RegOpenKeyExW
RegCreateKeyExW
SetEntriesInAclW
SetSecurityInfo
ConvertStringSecurityDescriptorToSecurityDescriptorW
GetNamedSecurityInfoW
GetSecurityInfo
RegQueryValueW
shell32
SHFileOperationW
SHGetSpecialFolderPathW
Sections
.text Size: 232KB - Virtual size: 230KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 60KB - Virtual size: 58KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 128KB - Virtual size: 136KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 8KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
$_16_/phrases.ini
-
InstTemp/PinyinUp.exe.exe windows:4 windows x86 arch:x86
81144eb83d45d3f284106bd200988db2
Code Sign
38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate
IssuerCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USNot Before15/06/2007, 00:00Not After14/06/2012, 23:59SubjectCN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before04/12/2003, 00:00Not After03/12/2013, 23:59SubjectCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2Certificate
IssuerOU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=USNot Before16/07/2004, 00:00Not After15/07/2014, 23:59SubjectCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
07:3f:fb:87:6a:fa:34:33:91:1b:a4:b5:51:43:56:d1Certificate
IssuerCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USNot Before03/07/2007, 00:00Not After02/07/2008, 23:59SubjectCN=Sogou.com,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D,O=Sogou.com,L=Beijing,ST=Beijing,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
Signer
Actual PE DigestDigest AlgorithmPE Digest MatchesfalseHeaders
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
e:\sogouime33\Bin\SogouInput\PinyinUp.pdb
Imports
wininet
HttpQueryInfoW
InternetCloseHandle
InternetSetCookieW
InternetOpenW
InternetOpenUrlW
InternetReadFile
shlwapi
StrToIntW
StrCmpIW
imm32
ImmDisableIME
ws2_32
gethostbyname
kernel32
GetExitCodeThread
FindClose
GetTempPathW
CreateDirectoryW
LeaveCriticalSection
DeleteCriticalSection
WaitForSingleObject
InitializeCriticalSection
Sleep
FindNextFileW
HeapAlloc
HeapFree
GetProcessHeap
FormatMessageW
CompareStringW
CompareStringA
CreateFileA
GetDriveTypeA
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
GetVersionExW
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LoadLibraryA
GetConsoleMode
ResumeThread
CloseHandle
SetThreadPriority
SuspendThread
FindFirstFileW
MultiByteToWideChar
GetPrivateProfileStringW
GetCurrentProcess
EnterCriticalSection
LocalFree
GetLocalTime
GetLastError
WriteConsoleA
CreateProcessW
GetCurrentDirectoryA
GetFullPathNameW
GetCurrentProcessId
SetEnvironmentVariableA
GetCurrentThreadId
WideCharToMultiByte
MoveFileExW
DeleteFileW
SetFileAttributesW
CopyFileW
ReadFile
CreateFileW
FlushFileBuffers
SetLastError
GetFileSize
SetFilePointer
WriteFile
GlobalAlloc
GetCommandLineW
GlobalFree
CreateEventW
WaitForMultipleObjects
QueryPerformanceCounter
CreateThread
GetModuleHandleW
GetSystemInfo
GetModuleFileNameW
CreateFileMappingW
OpenFileMappingW
MapViewOfFile
UnmapViewOfFile
ReleaseMutex
OpenMutexW
CreateMutexW
InterlockedIncrement
InterlockedCompareExchange
OpenEventW
RemoveDirectoryW
GetProcAddress
LCMapStringW
GetTickCount
ExitThread
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
GetVersionExA
GetStartupInfoW
RtlUnwind
RaiseException
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeW
HeapReAlloc
GetTimeZoneInformation
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedDecrement
ExitProcess
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
HeapSize
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
SetHandleCount
GetFileType
GetStartupInfoA
GetConsoleCP
user32
RegisterClassW
LoadCursorW
GetSystemMetrics
GetMessageW
SetCursor
ShowWindow
PostQuitMessage
InvalidateRect
GetWindowTextW
CreateWindowExW
GetDlgItem
SetWindowTextW
LoadIconW
GetWindowLongW
DispatchMessageW
SetWindowPos
EnableMenuItem
TranslateMessage
SendMessageW
DefWindowProcW
GetSystemMenu
MessageBoxW
ExitWindowsEx
gdi32
CreateFontIndirectW
advapi32
RegQueryValueW
RegCreateKeyExW
BuildExplicitAccessWithNameW
GetSecurityDescriptorSacl
SetEntriesInAclW
SetSecurityInfo
ConvertStringSecurityDescriptorToSecurityDescriptorW
GetNamedSecurityInfoW
GetSecurityInfo
AllocateAndInitializeSid
SetNamedSecurityInfoW
RegCloseKey
FreeSid
GetTokenInformation
EqualSid
LookupAccountSidW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegOpenKeyExW
RegQueryValueExW
shell32
Shell_NotifyIconW
ShellExecuteW
SHFileOperationW
SHGetSpecialFolderPathW
hwsignature
GenHWID
Sections
.text Size: 264KB - Virtual size: 263KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 68KB - Virtual size: 65KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 124KB - Virtual size: 148KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 28KB - Virtual size: 27KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
InstTemp/ScdMaker.exe.exe windows:4 windows x86 arch:x86
b61c88b32d5d44dc2d3dbf818ee6a596
Code Sign
38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate
IssuerCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USNot Before15/06/2007, 00:00Not After14/06/2012, 23:59SubjectCN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before04/12/2003, 00:00Not After03/12/2013, 23:59SubjectCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2Certificate
IssuerOU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=USNot Before16/07/2004, 00:00Not After15/07/2014, 23:59SubjectCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
07:3f:fb:87:6a:fa:34:33:91:1b:a4:b5:51:43:56:d1Certificate
IssuerCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USNot Before03/07/2007, 00:00Not After02/07/2008, 23:59SubjectCN=Sogou.com,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D,O=Sogou.com,L=Beijing,ST=Beijing,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
Signer
Actual PE DigestDigest AlgorithmPE Digest MatchesfalseHeaders
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
e:\sogouime33\Bin\SogouInput\ScdMaker.pdb
Imports
imm32
ImmDisableIME
kernel32
CloseHandle
LocalFree
CreateThread
FormatMessageW
GetCommandLineW
FindClose
FindNextFileW
FindFirstFileW
OpenFileMappingW
MapViewOfFile
UnmapViewOfFile
CreateFileW
CreateFileMappingW
GetVersionExW
GetSystemInfo
GetModuleFileNameW
GetModuleHandleW
SetFileAttributesW
MoveFileExW
CreateDirectoryW
CreateMutexW
ReleaseMutex
OpenMutexW
WaitForSingleObject
WriteFile
ReadFile
FlushFileBuffers
GetFileSize
SetFilePointer
InterlockedIncrement
InterlockedCompareExchange
RemoveDirectoryW
LCMapStringW
GetTickCount
Sleep
InterlockedExchange
InterlockedDecrement
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapFree
GetSystemTimeAsFileTime
GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoW
RtlUnwind
GetCurrentThreadId
HeapReAlloc
GetTimeZoneInformation
LCMapStringA
GetCPInfo
GetStringTypeA
GetStringTypeW
GetConsoleCP
GetConsoleMode
GetFullPathNameW
GetCurrentDirectoryA
GetModuleHandleA
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
GetACP
GetOEMCP
IsValidCodePage
ExitProcess
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
SetHandleCount
GetFileType
GetStartupInfoA
QueryPerformanceCounter
GetCurrentProcessId
HeapSize
GetLocaleInfoA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
LoadLibraryA
GetLocaleInfoW
CreateFileA
GetDriveTypeA
SetEndOfFile
CompareStringA
CompareStringW
SetEnvironmentVariableA
GlobalAlloc
WaitForMultipleObjects
CreateEventW
CreateProcessW
GlobalFree
SetLastError
WideCharToMultiByte
GetLastError
DeleteFileW
MultiByteToWideChar
CopyFileW
RaiseException
user32
MessageBoxW
advapi32
RegCreateKeyExW
RegQueryValueW
RegQueryValueExW
GetNamedSecurityInfoW
GetSecurityInfo
SetNamedSecurityInfoW
BuildExplicitAccessWithNameW
GetSecurityDescriptorSacl
SetEntriesInAclW
SetSecurityInfo
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegOpenKeyExW
RegCloseKey
shell32
SHGetSpecialFolderPathW
SHFileOperationW
Sections
.text Size: 264KB - Virtual size: 262KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 60KB - Virtual size: 58KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 128KB - Virtual size: 136KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 1016B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
InstTemp/ScdReg.exe.exe windows:4 windows x86 arch:x86
b9d549f1f267cec71843909cce4fcf93
Code Sign
38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate
IssuerCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USNot Before15/06/2007, 00:00Not After14/06/2012, 23:59SubjectCN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before04/12/2003, 00:00Not After03/12/2013, 23:59SubjectCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2Certificate
IssuerOU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=USNot Before16/07/2004, 00:00Not After15/07/2014, 23:59SubjectCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
07:3f:fb:87:6a:fa:34:33:91:1b:a4:b5:51:43:56:d1Certificate
IssuerCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USNot Before03/07/2007, 00:00Not After02/07/2008, 23:59SubjectCN=Sogou.com,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D,O=Sogou.com,L=Beijing,ST=Beijing,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
Signer
Actual PE DigestDigest AlgorithmPE Digest MatchesfalseHeaders
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
e:\sogouime33\Bin\SogouInput\ScdReg.pdb
Imports
imm32
ImmDisableIME
kernel32
CloseHandle
GetSystemInfo
GetModuleFileNameW
GetModuleHandleW
GetCommandLineW
GetVersionExW
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
CreateFileW
OpenFileMappingW
SetFileAttributesW
MoveFileExW
CreateDirectoryW
CopyFileW
MultiByteToWideChar
CreateProcessW
GlobalFree
WaitForMultipleObjects
GlobalAlloc
GetCurrentThreadId
FormatMessageW
CreateThread
InterlockedCompareExchange
InterlockedIncrement
GetFileSize
SetFilePointer
WriteFile
ReadFile
FlushFileBuffers
CreateMutexW
ReleaseMutex
OpenMutexW
WaitForSingleObject
RemoveDirectoryW
LCMapStringW
GetTickCount
InterlockedExchange
InterlockedDecrement
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoW
GetSystemTimeAsFileTime
RtlUnwind
RaiseException
FileTimeToSystemTime
OpenEventW
GetDriveTypeW
HeapReAlloc
GetTimeZoneInformation
LCMapStringA
GetCPInfo
GetStringTypeA
GetStringTypeW
GetModuleHandleA
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
ExitProcess
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
SetHandleCount
GetFileType
GetStartupInfoA
QueryPerformanceCounter
GetCurrentProcessId
HeapSize
GetFullPathNameW
GetCurrentDirectoryA
GetACP
GetOEMCP
IsValidCodePage
GetConsoleCP
GetConsoleMode
GetLocaleInfoA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
LoadLibraryA
GetLocaleInfoW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetDriveTypeA
CreateFileA
CompareStringA
CompareStringW
SetEnvironmentVariableA
CreateEventW
SetLastError
GetLastError
Sleep
LocalFree
WideCharToMultiByte
GetCurrentDirectoryW
DeleteFileW
FindClose
FindFirstFileW
FindNextFileW
FileTimeToLocalFileTime
user32
MessageBoxW
advapi32
RegCreateKeyExW
RegQueryValueW
RegSetValueExW
SetNamedSecurityInfoW
BuildExplicitAccessWithNameW
GetSecurityDescriptorSacl
SetEntriesInAclW
SetSecurityInfo
RegQueryValueExW
ConvertStringSecurityDescriptorToSecurityDescriptorW
GetNamedSecurityInfoW
GetSecurityInfo
RegOpenKeyExW
RegCloseKey
shell32
SHGetSpecialFolderPathW
SHFileOperationW
Sections
.text Size: 284KB - Virtual size: 282KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 68KB - Virtual size: 67KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 128KB - Virtual size: 140KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 28KB - Virtual size: 27KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
InstTemp/ScdViewer.exe.exe windows:4 windows x86 arch:x86
2fd4ce42f3412d026ae3bf4cbdcf77fc
Code Sign
38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate
IssuerCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USNot Before15/06/2007, 00:00Not After14/06/2012, 23:59SubjectCN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before04/12/2003, 00:00Not After03/12/2013, 23:59SubjectCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2Certificate
IssuerOU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=USNot Before16/07/2004, 00:00Not After15/07/2014, 23:59SubjectCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
07:3f:fb:87:6a:fa:34:33:91:1b:a4:b5:51:43:56:d1Certificate
IssuerCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USNot Before03/07/2007, 00:00Not After02/07/2008, 23:59SubjectCN=Sogou.com,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D,O=Sogou.com,L=Beijing,ST=Beijing,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
Signer
Actual PE DigestDigest AlgorithmPE Digest MatchesfalseHeaders
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
e:\sogouime33\Bin\SogouInput\ScdViewer.pdb
Imports
user32
GetSystemMetrics
GetWindowRect
SendMessageW
GetDlgItem
EndDialog
SetWindowPos
DialogBoxParamW
MessageBoxW
gdi32
GetStockObject
imm32
ImmDisableIME
kernel32
GetCurrentThreadId
FormatMessageW
CloseHandle
LocalFree
MultiByteToWideChar
SetLastError
GlobalFree
GetCommandLineW
FindClose
FindNextFileW
FindFirstFileW
SetFilePointer
WriteFile
ReadFile
CreateFileW
FlushFileBuffers
GetFileSize
WaitForSingleObject
ReleaseMutex
OpenMutexW
CreateMutexW
CreateFileMappingW
OpenFileMappingW
MapViewOfFile
UnmapViewOfFile
GetVersionExW
GetSystemInfo
GetModuleFileNameW
GetModuleHandleW
RemoveDirectoryW
WideCharToMultiByte
InterlockedCompareExchange
InterlockedExchange
InterlockedIncrement
InterlockedDecrement
Sleep
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapFree
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetVersionExA
HeapAlloc
GetProcessHeap
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeW
GetSystemTimeAsFileTime
RtlUnwind
SetFileAttributesW
GetLastError
GetStringTypeW
GetCPInfo
LCMapStringA
LCMapStringW
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
GetTimeZoneInformation
GetModuleHandleA
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
ExitProcess
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
SetHandleCount
GetFileType
GetStartupInfoA
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetACP
GetOEMCP
IsValidCodePage
GetFullPathNameW
GetCurrentDirectoryA
HeapSize
GetLocaleInfoA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetConsoleCP
GetConsoleMode
LoadLibraryA
GetLocaleInfoW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetDriveTypeA
CompareStringA
CompareStringW
SetEnvironmentVariableA
CreateFileA
CreateDirectoryW
DeleteFileW
RaiseException
MoveFileExW
GetStartupInfoW
GetStringTypeA
advapi32
BuildExplicitAccessWithNameW
GetSecurityDescriptorSacl
RegQueryValueW
RegOpenKeyExW
RegCloseKey
ConvertStringSecurityDescriptorToSecurityDescriptorW
GetNamedSecurityInfoW
GetSecurityInfo
SetNamedSecurityInfoW
SetEntriesInAclW
SetSecurityInfo
shell32
SHFileOperationW
SHGetSpecialFolderPathW
Sections
.text Size: 144KB - Virtual size: 142KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 40KB - Virtual size: 37KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 8KB - Virtual size: 16KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
InstTemp/SkinReg.exe.exe windows:4 windows x86 arch:x86
bc2f628937d4058c840ae1875d55d8ab
Code Sign
38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate
IssuerCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USNot Before15/06/2007, 00:00Not After14/06/2012, 23:59SubjectCN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before04/12/2003, 00:00Not After03/12/2013, 23:59SubjectCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2Certificate
IssuerOU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=USNot Before16/07/2004, 00:00Not After15/07/2014, 23:59SubjectCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
07:3f:fb:87:6a:fa:34:33:91:1b:a4:b5:51:43:56:d1Certificate
IssuerCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USNot Before03/07/2007, 00:00Not After02/07/2008, 23:59SubjectCN=Sogou.com,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D,O=Sogou.com,L=Beijing,ST=Beijing,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
Signer
Actual PE DigestDigest AlgorithmPE Digest MatchesfalseHeaders
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
e:\sogouime33\Bin\SogouInput\SkinReg.pdb
Imports
user32
DrawTextW
SetWindowPos
GetWindowLongW
TranslateMessage
GetCursorPos
SetTimer
GetSystemMetrics
GetWindowRect
GetMonitorInfoW
GetForegroundWindow
GetLastInputInfo
DefWindowProcW
FindWindowW
SetForegroundWindow
RegisterClassExW
AdjustWindowRect
OffsetRect
CloseWindow
MonitorFromRect
MonitorFromPoint
LoadCursorW
EndPaint
PostQuitMessage
DestroyWindow
DispatchMessageW
BeginPaint
IntersectRect
SetWindowLongW
PtInRect
SetCursor
CreateWindowExW
SubtractRect
InvalidateRect
GetMessageW
MessageBoxW
imm32
ImmDisableIME
kernel32
InterlockedCompareExchange
RemoveDirectoryW
CreateMutexW
ReleaseMutex
OpenMutexW
WaitForSingleObject
WideCharToMultiByte
FreeLibrary
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoW
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
RtlUnwind
RaiseException
GetModuleHandleA
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedDecrement
FindFirstFileW
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetCurrentProcessId
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
GetFullPathNameW
GetCurrentDirectoryA
Sleep
HeapSize
SetFilePointer
InterlockedIncrement
GetConsoleMode
LoadLibraryA
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetTimeZoneInformation
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetDriveTypeA
FlushFileBuffers
CreateFileA
CompareStringA
CompareStringW
SetEnvironmentVariableA
FindNextFileW
MapViewOfFile
OpenFileMappingW
CreateFileMappingW
UnmapViewOfFile
LocalFree
MultiByteToWideChar
CreateProcessW
GetCurrentThreadId
FormatMessageW
WaitForMultipleObjects
CreateEventW
SetLastError
CreateThread
GetModuleFileNameW
GetCommandLineW
GetVersionExW
GetSystemInfo
SetFileAttributesW
DeleteFileW
CreateDirectoryW
MoveFileExW
CopyFileW
GetProcAddress
LoadLibraryW
GlobalFree
CloseHandle
GetFileSize
CreateFileW
GlobalAlloc
ReadFile
GetTickCount
GetModuleHandleW
GetLastError
GetConsoleCP
FindClose
InitializeCriticalSection
gdi32
CreateFontIndirectW
GetStockObject
SetTextColor
DeleteObject
BitBlt
SetViewportOrgEx
SelectObject
CreateCompatibleBitmap
Rectangle
CreatePen
CreateCompatibleDC
DeleteDC
SetBkMode
CreateSolidBrush
advapi32
GetNamedSecurityInfoW
SetEntriesInAclW
SetSecurityInfo
ConvertStringSecurityDescriptorToSecurityDescriptorW
SetNamedSecurityInfoW
BuildExplicitAccessWithNameW
GetSecurityDescriptorSacl
RegCreateKeyExW
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegQueryValueW
RegCloseKey
GetSecurityInfo
shell32
ShellExecuteW
SHFileOperationW
SHGetSpecialFolderPathW
Sections
.text Size: 184KB - Virtual size: 181KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 52KB - Virtual size: 49KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 8KB - Virtual size: 17KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 12KB - Virtual size: 10KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
InstTemp/SpeedMeter.exe.exe windows:4 windows x86 arch:x86
a248a7ff37d9332d68ad414c2d0103df
Code Sign
38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate
IssuerCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USNot Before15/06/2007, 00:00Not After14/06/2012, 23:59SubjectCN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before04/12/2003, 00:00Not After03/12/2013, 23:59SubjectCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2Certificate
IssuerOU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=USNot Before16/07/2004, 00:00Not After15/07/2014, 23:59SubjectCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
07:3f:fb:87:6a:fa:34:33:91:1b:a4:b5:51:43:56:d1Certificate
IssuerCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USNot Before03/07/2007, 00:00Not After02/07/2008, 23:59SubjectCN=Sogou.com,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D,O=Sogou.com,L=Beijing,ST=Beijing,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
Signer
Actual PE DigestDigest AlgorithmPE Digest MatchesfalseHeaders
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
e:\sogouime33\Bin\SogouInput\SpeedMeter.pdb
Imports
kernel32
GlobalFree
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetTickCount
GlobalLock
GlobalUnlock
GlobalAlloc
GetLastError
GetModuleHandleW
GetCommandLineW
GetVersionExW
GetSystemInfo
GetModuleFileNameW
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
CreateFileW
OpenFileMappingW
CloseHandle
FormatMessageW
GetCurrentThreadId
MultiByteToWideChar
CreateProcessW
LocalFree
CreateThread
SetLastError
CreateEventW
WaitForMultipleObjects
InterlockedCompareExchange
InterlockedIncrement
FindClose
RemoveDirectoryW
FindNextFileW
FindFirstFileW
MoveFileExW
DeleteFileW
CreateDirectoryW
ReleaseMutex
OpenMutexW
WaitForSingleObject
CreateMutexW
CopyFileW
SetFileAttributesW
WideCharToMultiByte
GetProcAddress
LCMapStringW
Sleep
InterlockedExchange
InterlockedDecrement
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapFree
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoW
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeW
GetSystemTimeAsFileTime
RtlUnwind
RaiseException
GetTimeZoneInformation
GetCPInfo
LCMapStringA
GetStringTypeA
GetStringTypeW
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
SetHandleCount
GetFileType
GetStartupInfoA
QueryPerformanceCounter
GetCurrentProcessId
GetACP
GetOEMCP
IsValidCodePage
HeapSize
GetFullPathNameW
GetCurrentDirectoryA
GetConsoleCP
GetConsoleMode
ReadFile
FlushFileBuffers
SetFilePointer
GetLocaleInfoA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
LoadLibraryA
GetLocaleInfoW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
GetDriveTypeA
CreateFileA
GetFileSize
user32
SetWindowLongW
DestroyWindow
DialogBoxParamW
CreateDialogParamW
GetWindowLongW
SetWindowTextW
EndDialog
GetWindowTextLengthW
SendMessageW
LoadIconW
CloseClipboard
OpenClipboard
SetClipboardData
EmptyClipboard
MessageBoxW
ShowWindow
SetForegroundWindow
IsIconic
FindWindowW
GetDlgItem
SetTimer
GetWindowTextW
comctl32
InitCommonControlsEx
imm32
ImmDisableIME
advapi32
SetNamedSecurityInfoW
RegQueryValueExW
GetSecurityDescriptorSacl
BuildExplicitAccessWithNameW
RegCloseKey
RegOpenKeyExW
RegCreateKeyExW
SetEntriesInAclW
SetSecurityInfo
ConvertStringSecurityDescriptorToSecurityDescriptorW
GetNamedSecurityInfoW
GetSecurityInfo
RegQueryValueW
shell32
SHFileOperationW
SHGetSpecialFolderPathW
Sections
.text Size: 232KB - Virtual size: 230KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 60KB - Virtual size: 58KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 128KB - Virtual size: 136KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 8KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
InstTemp/UsrDictUtil.exe.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 280KB - Virtual size: 276KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 68KB - Virtual size: 64KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 128KB - Virtual size: 140KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 1020B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
out.upx.exe windows:4 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NO_SEH
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 23KB - Virtual size: 22KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 5KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 127KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.ndata Size: - Virtual size: 60KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 12KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ