8ec6faf6498821bf390b5bd5b08e54c60c597676a9b27fd90a04d5729c076eed

Sharing

Copy URL

Twitter E-mail

General

Target

8ec6faf6498821bf390b5bd5b08e54c60c597676a9b27fd90a04d5729c076eed
Size

29.2MB
MD5

a183b6d2ec7eb6790c56d76af2accb5f
SHA1

815f5e305b0be8972f2ae0d78e068e781d5a2c04
SHA256

8ec6faf6498821bf390b5bd5b08e54c60c597676a9b27fd90a04d5729c076eed
SHA512

afb93d8e64e3601a0a997992922a9aca1b5da59be594296eb9bb1eca31f52703410c50b75eb4f57c087f35bdf761c51613f18e6a03f1b38e367c3f864875e117
SSDEEP

786432:x7O0zV94tRFaSDL2eMwA89dziouUdCW/XHLL1DIPEYudHq:RSFaSX29wAqwojoW/XH1DRbJq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/情况说明/__init__/bin/msvcrt.dll

Files

8ec6faf6498821bf390b5bd5b08e54c60c597676a9b27fd90a04d5729c076eed
.zip
情况说明/__init__/bin/attach.dll
.dll windows:4 windows x64 arch:x64

1c292d94a2f6d08f731c8bce0d1deb9a

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

4b:bb:e0:d8:25:7c:d9:71:1a:1b:57:e6:bb:9c:66:0f
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

06/07/2012, 00:00

Not After

18/07/2015, 23:59

Subject

CN=Sun Microsystems\, Inc.,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Sun Microsystems,O=Sun Microsystems\, Inc.,L=Palo Alto,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

e8:4f:97:f4:76:60:2a:dc:b4:3c:7c:10:7c:fb:76:14:a4:41:98:fb
Signer

Actual PE Digest

e8:4f:97:f4:76:60:2a:dc:b4:3c:7c:10:7c:fb:76:14:a4:41:98:fb

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\BUILD_~1\jdk6_45\control\build\WINDOW~1\tmp\sun\com.sun.tools.attach\attach\obj64\attach.pdb

Imports

java

JNU_NewStringPlatform
JNU_GetStringPlatformChars
JNU_ThrowInternalError
JDK_LoadSystemLibrary
JNU_ThrowIOExceptionWithLastError
JNU_ThrowByName
JNU_ThrowIOException
JNU_ReleaseStringPlatformChars

advapi32

ImpersonateSelf
LookupPrivilegeValueA
AdjustTokenPrivileges
OpenThreadToken

msvcrt

strcmp
memset
free
strncpy
strcpy
_initterm
malloc

kernel32

RtlLookupFunctionEntry
UnhandledExceptionFilter
TerminateProcess
RtlCaptureContext
Sleep
DisableThreadLibraryCalls
SetUnhandledExceptionFilter
RtlVirtualUnwind
CloseHandle
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
VirtualAllocEx
WriteProcessMemory
CreateRemoteThread
WaitForSingleObject
GetExitCodeThread
VirtualFreeEx
CreateNamedPipeA
GetTempPathA
GetVolumeInformationA
GetProcAddress
OpenProcess
GetModuleHandleA
GetLastError
ConnectNamedPipe
ReadFile
SetLastError
GetCurrentThread
GetCurrentProcess

Exports

Exports

Java_sun_tools_attach_WindowsAttachProvider_enumProcesses
Java_sun_tools_attach_WindowsAttachProvider_initializeProcessStatusHelper
Java_sun_tools_attach_WindowsAttachProvider_isLibraryLoadedByProcess
Java_sun_tools_attach_WindowsAttachProvider_tempPath
Java_sun_tools_attach_WindowsAttachProvider_volumeFlags
Java_sun_tools_attach_WindowsVirtualMachine_closePipe
Java_sun_tools_attach_WindowsVirtualMachine_closeProcess
Java_sun_tools_attach_WindowsVirtualMachine_connectPipe
Java_sun_tools_attach_WindowsVirtualMachine_createPipe
Java_sun_tools_attach_WindowsVirtualMachine_enqueue
Java_sun_tools_attach_WindowsVirtualMachine_generateStub
Java_sun_tools_attach_WindowsVirtualMachine_init
Java_sun_tools_attach_WindowsVirtualMachine_openProcess
Java_sun_tools_attach_WindowsVirtualMachine_readPipe

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 252B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
情况说明/__init__/bin/java.dll
.dll windows:4 windows x64 arch:x64

ba6cee0482b3115da6acdd2e07a6fc20

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

4b:bb:e0:d8:25:7c:d9:71:1a:1b:57:e6:bb:9c:66:0f
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

06/07/2012, 00:00

Not After

18/07/2015, 23:59

Subject

CN=Sun Microsystems\, Inc.,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Sun Microsystems,O=Sun Microsystems\, Inc.,L=Palo Alto,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1c:a0:33:85:64:d3:82:e8:96:90:e7:a2:75:6a:9b:08:88:7e:8a:6b
Signer

Actual PE Digest

1c:a0:33:85:64:d3:82:e8:96:90:e7:a2:75:6a:9b:08:88:7e:8a:6b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\BUILD_~1\jdk6_45\control\build\WINDOW~1\tmp\java\java.lang\java\obj64\java.pdb

Imports

jvm

JVM_GetCallerClass
JVM_ConstantPoolGetSize
JVM_ConstantPoolGetClassAt
JVM_ConstantPoolGetClassAtIfLoaded
JVM_ConstantPoolGetMethodAt
JVM_ConstantPoolGetMethodAtIfLoaded
JVM_ConstantPoolGetFieldAt
JVM_ConstantPoolGetFieldAtIfLoaded
JVM_ConstantPoolGetMemberRefInfoAt
JVM_ConstantPoolGetIntAt
JVM_ConstantPoolGetLongAt
JVM_ConstantPoolGetFloatAt
JVM_ConstantPoolGetDoubleAt
JVM_ConstantPoolGetStringAt
JVM_ConstantPoolGetUTF8At
JVM_MaxObjectInspectionAge
JVM_InvokeMethod
JVM_NewInstanceFromConstructor
JVM_GetClassAccessFlags
JVM_SupportsCX8
JVM_CX8Field
JVM_GetThreadInterruptEvent
JVM_NativePath
JVM_Close
JVM_Open
JVM_GetStackAccessControlContext
JVM_GetInheritedAccessControlContext
JVM_GetInterfaceVersion
jio_vfprintf
jio_vsnprintf
JVM_GetLastErrorString
JVM_RaiseSignal
JVM_RegisterSignal
JVM_FindSignal
JVM_GetStackTraceElement
JVM_GetStackTraceDepth
JVM_FillInStackTrace
JVM_StartThread
JVM_StopThread
JVM_IsThreadAlive
JVM_SuspendThread
JVM_ResumeThread
JVM_SetThreadPriority
JVM_Yield
JVM_Sleep
JVM_GetArrayLength
JVM_GetArrayElement
JVM_GetPrimitiveArrayElement
JVM_SetArrayElement
JVM_SetPrimitiveArrayElement
JVM_NewArray
JVM_NewMultiArray
JVM_InternString
JVM_GetEnclosingMethodInfo
JVM_DesiredAssertionStatus
JVM_GetClassConstantPool
JVM_GetClassAnnotations
JVM_GetClassSignature
JVM_GetDeclaringClass
JVM_GetDeclaredClasses
JVM_SetProtectionDomain
JVM_GetProtectionDomain
JVM_GetClassDeclaredConstructors
JVM_GetClassDeclaredMethods
JVM_GetClassDeclaredFields
JVM_GetClassModifiers
JVM_GetComponentType
JVM_IsPrimitiveClass
JVM_IsArrayClass
JVM_SetClassSigners
JVM_GetClassSigners
JVM_IsInterface
JVM_GetClassLoader
JVM_GetClassInterfaces
JVM_GetClassName
JVM_FindClassFromClassLoader
JVM_FindPrimitiveClass
JVM_AssertionStatusDirectives
JVM_DefineClassWithSourceCond
JVM_ResolveClass
JVM_FindClassFromBootLoader
JVM_FindLoadedClass
JVM_UnloadLibrary
JVM_IsSupportedJNIVersion
JVM_FindLibraryEntry
JVM_LoadLibrary
JVM_DisableCompiler
JVM_EnableCompiler
JVM_CompilerCommand
JVM_CompileClasses
JVM_CompileClass
JVM_Clone
JVM_MonitorNotifyAll
JVM_DoPrivileged
JVM_MonitorNotify
JVM_MonitorWait
JVM_IHashCode
JVM_IsNaN
JVM_LatestUserDefinedLoader
JVM_GetSystemPackage
JVM_GetSystemPackages
JVM_GetClassContext
JVM_FreeMemory
JVM_TotalMemory
JVM_MaxMemory
JVM_GC
JVM_CurrentThread
JVM_CountStackFrames
JVM_Interrupt
JVM_IsInterrupted
JVM_HoldsLock
JVM_GetAllThreads
JVM_DumpThreads
JVM_InitProperties
JVM_CurrentTimeMillis
JVM_NanoTime
JVM_ArrayCopy
JVM_Halt
JVM_ClassLoaderDepth
JVM_ClassDepth
JVM_CurrentClassLoader
JVM_CurrentLoadedClass
JVM_ActiveProcessorCount
JVM_TraceMethodCalls
JVM_TraceInstructions

verify

VerifyClass
VerifyFixClassname
VerifyClassname
VerifyClassForMajorVersion

advapi32

RegEnumValueA
RegQueryValueExW
RegOpenKeyExA
GetUserNameW
RegQueryValueExA
RegOpenKeyExW
RegEnumKeyExA
RegQueryInfoKeyA
RegCreateKeyExA
RegDeleteKeyA
RegFlushKey
RegSetValueExA
RegDeleteValueA
RegCloseKey

msvcrt

_initterm
strncpy
fgets
memcmp
_getdrive
towupper
memcpy
_fullpath
wcschr
iswctype
_wrename
_errno
wcscat
_wstati64
_wcsicmp
_wcsupr
wcscmp
wcsncmp
_getdcwd
isalpha
rename
_stati64
_strupr
strncmp
_open
_read
_lseek
_close
strchr
_wgetenv
wcsrchr
_wcsdup
fopen
fclose
strcat
atoi
memset
wcstombs
mbstowcs
calloc
setlocale
strrchr
strcpy
_iob
fprintf
strcmp
_wfullpath
wcscpy
_wgetdcwd
wcslen
_wgetcwd
strlen
sprintf
_assert
malloc
free
_strdup
_access
toupper
_mkdir

kernel32

GetDiskFreeSpaceExW
CreateDirectoryW
FindFirstFileW
FindNextFileW
RemoveDirectoryW
DeleteFileW
GetFileTime
SetFileAttributesW
GetFileAttributesW
GetFileAttributesExW
GetFullPathNameW
GetDiskFreeSpaceExA
GetLogicalDrives
SetFileTime
RemoveDirectoryA
DeleteFileA
SetLastError
FindFirstFileA
FindClose
GetFileAttributesA
SetFileAttributesA
GetFileAttributesExA
GetFullPathNameA
TerminateProcess
WaitForMultipleObjects
GetExitCodeProcess
CreatePipe
SetHandleInformation
CreateProcessW
SearchPathA
GetTempPathW
GetUserDefaultLCID
GetSystemDefaultLCID
IsDBCSLeadByte
GetSystemInfo
FreeLibrary
MultiByteToWideChar
IsValidCodePage
GetSystemDirectoryA
LoadLibraryA
GetWindowsDirectoryA
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
CloseHandle
WriteFile
ReadFile
GetFileSize
SetFilePointer
SetEndOfFile
FlushFileBuffers
GetNumberOfConsoleInputEvents
PeekConsoleInputA
PeekNamedPipe
CreateFileW
CreateFileA
GetLastError
GetVersionExA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetConsoleMode
SetConsoleMode
GetConsoleCP
GetStdHandle
GetFileType
FindNextFileA
RtlCaptureContext
GetTimeZoneInformation
SetErrorMode
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
GetCurrentDirectoryW
Sleep
DisableThreadLibraryCalls

Exports

Exports

Canonicalize
GetStringPlatformChars
JDK_GetVersionInfo0
JDK_LoadSystemLibrary
JNI_OnLoad
JNU_CallMethodByName
JNU_CallMethodByNameV
JNU_CallStaticMethodByName
JNU_ClassClass
JNU_ClassObject
JNU_ClassString
JNU_ClassThrowable
JNU_CopyObjectArray
JNU_Equals
JNU_GetEnv
JNU_GetFieldByName
JNU_GetStaticFieldByName
JNU_GetStringPlatformChars
JNU_IsInstanceOfByName
JNU_MonitorWait
JNU_NewObjectByName
JNU_NewStringPlatform
JNU_Notify
JNU_NotifyAll
JNU_PrintClass
JNU_PrintString
JNU_ReleaseStringPlatformChars
JNU_SetFieldByName
JNU_SetStaticFieldByName
JNU_ThrowArrayIndexOutOfBoundsException
JNU_ThrowByName
JNU_ThrowByNameWithLastError
JNU_ThrowClassNotFoundException
JNU_ThrowIOException
JNU_ThrowIOExceptionWithLastError
JNU_ThrowIllegalAccessError
JNU_ThrowIllegalAccessException
JNU_ThrowIllegalArgumentException
JNU_ThrowInstantiationException
JNU_ThrowInternalError
JNU_ThrowNoSuchFieldError
JNU_ThrowNoSuchFieldException
JNU_ThrowNoSuchMethodError
JNU_ThrowNoSuchMethodException
JNU_ThrowNullPointerException
JNU_ThrowNumberFormatException
JNU_ThrowOutOfMemoryError
JNU_ThrowStringIndexOutOfBoundsException
JNU_ToString
Java_java_io_Console_echo
Java_java_io_Console_encoding
Java_java_io_Console_istty
Java_java_io_FileDescriptor_initIDs
Java_java_io_FileDescriptor_set
Java_java_io_FileDescriptor_sync
Java_java_io_FileInputStream_available
Java_java_io_FileInputStream_close0
Java_java_io_FileInputStream_initIDs
Java_java_io_FileInputStream_open
Java_java_io_FileInputStream_read
Java_java_io_FileInputStream_readBytes
Java_java_io_FileInputStream_skip
Java_java_io_FileOutputStream_close0
Java_java_io_FileOutputStream_initIDs
Java_java_io_FileOutputStream_open
Java_java_io_FileOutputStream_openAppend
Java_java_io_FileOutputStream_write
Java_java_io_FileOutputStream_writeBytes
Java_java_io_FileSystem_getFileSystem
Java_java_io_ObjectInputStream_bytesToDoubles
Java_java_io_ObjectInputStream_bytesToFloats
Java_java_io_ObjectInputStream_latestUserDefinedLoader
Java_java_io_ObjectOutputStream_doublesToBytes
Java_java_io_ObjectOutputStream_floatsToBytes
Java_java_io_ObjectStreamClass_hasStaticInitializer
Java_java_io_ObjectStreamClass_initNative
Java_java_io_RandomAccessFile_close0
Java_java_io_RandomAccessFile_getFilePointer
Java_java_io_RandomAccessFile_initIDs
Java_java_io_RandomAccessFile_length
Java_java_io_RandomAccessFile_open
Java_java_io_RandomAccessFile_read
Java_java_io_RandomAccessFile_readBytes
Java_java_io_RandomAccessFile_seek
Java_java_io_RandomAccessFile_setLength
Java_java_io_RandomAccessFile_write
Java_java_io_RandomAccessFile_writeBytes
Java_java_io_Win32FileSystem_canonicalize0
Java_java_io_Win32FileSystem_canonicalizeWithPrefix0
Java_java_io_Win32FileSystem_checkAccess
Java_java_io_Win32FileSystem_createDirectory
Java_java_io_Win32FileSystem_createFileExclusively
Java_java_io_Win32FileSystem_delete0
Java_java_io_Win32FileSystem_getBooleanAttributes
Java_java_io_Win32FileSystem_getDriveDirectory
Java_java_io_Win32FileSystem_getLastModifiedTime
Java_java_io_Win32FileSystem_getLength
Java_java_io_Win32FileSystem_getSpace0
Java_java_io_Win32FileSystem_initIDs
Java_java_io_Win32FileSystem_list
Java_java_io_Win32FileSystem_listRoots0
Java_java_io_Win32FileSystem_rename0
Java_java_io_Win32FileSystem_setLastModifiedTime
Java_java_io_Win32FileSystem_setPermission
Java_java_io_Win32FileSystem_setReadOnly
Java_java_io_WinNTFileSystem_canonicalize0
Java_java_io_WinNTFileSystem_canonicalizeWithPrefix0
Java_java_io_WinNTFileSystem_checkAccess
Java_java_io_WinNTFileSystem_createDirectory
Java_java_io_WinNTFileSystem_createFileExclusively
Java_java_io_WinNTFileSystem_delete0
Java_java_io_WinNTFileSystem_getBooleanAttributes
Java_java_io_WinNTFileSystem_getDriveDirectory
Java_java_io_WinNTFileSystem_getLastModifiedTime
Java_java_io_WinNTFileSystem_getLength
Java_java_io_WinNTFileSystem_getSpace0
Java_java_io_WinNTFileSystem_initIDs
Java_java_io_WinNTFileSystem_list
Java_java_io_WinNTFileSystem_rename0
Java_java_io_WinNTFileSystem_setLastModifiedTime
Java_java_io_WinNTFileSystem_setPermission
Java_java_io_WinNTFileSystem_setReadOnly
Java_java_lang_ClassLoader_00024NativeLibrary_find
Java_java_lang_ClassLoader_00024NativeLibrary_load
Java_java_lang_ClassLoader_00024NativeLibrary_unload
Java_java_lang_ClassLoader_defineClass0
Java_java_lang_ClassLoader_defineClass1
Java_java_lang_ClassLoader_defineClass2
Java_java_lang_ClassLoader_findBootstrapClass
Java_java_lang_ClassLoader_findLoadedClass0
Java_java_lang_ClassLoader_registerNatives
Java_java_lang_ClassLoader_resolveClass0
Java_java_lang_Class_forName0
Java_java_lang_Class_getPrimitiveClass
Java_java_lang_Class_isAssignableFrom
Java_java_lang_Class_isInstance
Java_java_lang_Class_registerNatives
Java_java_lang_Compiler_registerNatives
Java_java_lang_Double_doubleToRawLongBits
Java_java_lang_Double_longBitsToDouble
Java_java_lang_Float_floatToRawIntBits
Java_java_lang_Float_intBitsToFloat
Java_java_lang_Object_getClass
Java_java_lang_Object_registerNatives
Java_java_lang_Package_getSystemPackage0
Java_java_lang_Package_getSystemPackages0
Java_java_lang_ProcessEnvironment_environmentBlock
Java_java_lang_ProcessImpl_close
Java_java_lang_ProcessImpl_create
Java_java_lang_ProcessImpl_destroy
Java_java_lang_ProcessImpl_exitValue
Java_java_lang_ProcessImpl_waitFor
Java_java_lang_Runtime_availableProcessors
Java_java_lang_Runtime_freeMemory
Java_java_lang_Runtime_gc
Java_java_lang_Runtime_maxMemory
Java_java_lang_Runtime_runFinalization0
Java_java_lang_Runtime_totalMemory
Java_java_lang_Runtime_traceInstructions
Java_java_lang_Runtime_traceMethodCalls
Java_java_lang_SecurityManager_classDepth
Java_java_lang_SecurityManager_classLoaderDepth0
Java_java_lang_SecurityManager_currentClassLoader0
Java_java_lang_SecurityManager_currentLoadedClass0
Java_java_lang_SecurityManager_getClassContext
Java_java_lang_Shutdown_halt0
Java_java_lang_Shutdown_runAllFinalizers
Java_java_lang_StrictMath_IEEEremainder
Java_java_lang_StrictMath_acos
Java_java_lang_StrictMath_asin
Java_java_lang_StrictMath_atan
Java_java_lang_StrictMath_atan2
Java_java_lang_StrictMath_cbrt
Java_java_lang_StrictMath_cos
Java_java_lang_StrictMath_cosh
Java_java_lang_StrictMath_exp
Java_java_lang_StrictMath_expm1
Java_java_lang_StrictMath_hypot
Java_java_lang_StrictMath_log
Java_java_lang_StrictMath_log10
Java_java_lang_StrictMath_log1p
Java_java_lang_StrictMath_pow
Java_java_lang_StrictMath_sin
Java_java_lang_StrictMath_sinh
Java_java_lang_StrictMath_sqrt
Java_java_lang_StrictMath_tan
Java_java_lang_StrictMath_tanh
Java_java_lang_String_intern
Java_java_lang_System_identityHashCode
Java_java_lang_System_initProperties
Java_java_lang_System_mapLibraryName
Java_java_lang_System_registerNatives
Java_java_lang_System_setErr0
Java_java_lang_System_setIn0
Java_java_lang_System_setOut0
Java_java_lang_Thread_registerNatives
Java_java_lang_Throwable_fillInStackTrace
Java_java_lang_Throwable_getStackTraceDepth
Java_java_lang_Throwable_getStackTraceElement
Java_java_lang_ref_Finalizer_invokeFinalizeMethod
Java_java_lang_reflect_Array_get
Java_java_lang_reflect_Array_getBoolean
Java_java_lang_reflect_Array_getByte
Java_java_lang_reflect_Array_getChar
Java_java_lang_reflect_Array_getDouble
Java_java_lang_reflect_Array_getFloat
Java_java_lang_reflect_Array_getInt
Java_java_lang_reflect_Array_getLength
Java_java_lang_reflect_Array_getLong
Java_java_lang_reflect_Array_getShort
Java_java_lang_reflect_Array_multiNewArray
Java_java_lang_reflect_Array_newArray
Java_java_lang_reflect_Array_set
Java_java_lang_reflect_Array_setBoolean
Java_java_lang_reflect_Array_setByte
Java_java_lang_reflect_Array_setChar
Java_java_lang_reflect_Array_setDouble
Java_java_lang_reflect_Array_setFloat
Java_java_lang_reflect_Array_setInt
Java_java_lang_reflect_Array_setLong
Java_java_lang_reflect_Array_setShort
Java_java_lang_reflect_Proxy_defineClass0
Java_java_nio_Bits_copyFromIntArray
Java_java_nio_Bits_copyFromLongArray
Java_java_nio_Bits_copyFromShortArray
Java_java_nio_Bits_copyToIntArray
Java_java_nio_Bits_copyToLongArray
Java_java_nio_Bits_copyToShortArray
Java_java_security_AccessController_doPrivileged__Ljava_security_PrivilegedAction_2
Java_java_security_AccessController_doPrivileged__Ljava_security_PrivilegedAction_2Ljava_security_AccessControlContext_2
Java_java_security_AccessController_doPrivileged__Ljava_security_PrivilegedExceptionAction_2
Java_java_security_AccessController_doPrivileged__Ljava_security_PrivilegedExceptionAction_2Ljava_security_AccessControlContext_2
Java_java_security_AccessController_getInheritedAccessControlContext
Java_java_security_AccessController_getStackAccessControlContext
Java_java_sql_DriverManager_getCallerClassLoader
Java_java_util_ResourceBundle_getClassContext
Java_java_util_TimeZone_getSystemGMTOffsetID
Java_java_util_TimeZone_getSystemTimeZoneID
Java_java_util_concurrent_atomic_AtomicLong_VMSupportsCS8
Java_java_util_logging_FileHandler_isSetUID
Java_java_util_prefs_WindowsPreferences_WindowsRegCloseKey
Java_java_util_prefs_WindowsPreferences_WindowsRegCreateKeyEx
Java_java_util_prefs_WindowsPreferences_WindowsRegDeleteKey
Java_java_util_prefs_WindowsPreferences_WindowsRegDeleteValue
Java_java_util_prefs_WindowsPreferences_WindowsRegEnumKeyEx
Java_java_util_prefs_WindowsPreferences_WindowsRegEnumValue
Java_java_util_prefs_WindowsPreferences_WindowsRegFlushKey
Java_java_util_prefs_WindowsPreferences_WindowsRegOpenKey
Java_java_util_prefs_WindowsPreferences_WindowsRegQueryInfoKey
Java_java_util_prefs_WindowsPreferences_WindowsRegQueryValueEx
Java_java_util_prefs_WindowsPreferences_WindowsRegSetValueEx
Java_sun_io_Win32ErrorMode_setErrorMode
Java_sun_misc_AtomicLongCSImpl_attemptUpdate
Java_sun_misc_AtomicLong_VMSupportsCS8
Java_sun_misc_GC_maxObjectInspectionAge
Java_sun_misc_MessageUtils_toStderr
Java_sun_misc_MessageUtils_toStdout
Java_sun_misc_NativeSignalHandler_handle0
Java_sun_misc_Signal_findSignal
Java_sun_misc_Signal_handle0
Java_sun_misc_Signal_raise0
Java_sun_misc_VMSupport_initAgentProperties
Java_sun_misc_VM_getThreadStateValues
Java_sun_misc_VM_initialize
Java_sun_misc_Version_getJdkSpecialVersion
Java_sun_misc_Version_getJdkVersionInfo
Java_sun_misc_Version_getJvmSpecialVersion
Java_sun_misc_Version_getJvmVersionInfo
Java_sun_reflect_ConstantPool_getClassAt0
Java_sun_reflect_ConstantPool_getClassAtIfLoaded0
Java_sun_reflect_ConstantPool_getDoubleAt0
Java_sun_reflect_ConstantPool_getFieldAt0
Java_sun_reflect_ConstantPool_getFieldAtIfLoaded0
Java_sun_reflect_ConstantPool_getFloatAt0
Java_sun_reflect_ConstantPool_getIntAt0
Java_sun_reflect_ConstantPool_getLongAt0
Java_sun_reflect_ConstantPool_getMemberRefInfoAt0
Java_sun_reflect_ConstantPool_getMethodAt0
Java_sun_reflect_ConstantPool_getMethodAtIfLoaded0
Java_sun_reflect_ConstantPool_getSize0
Java_sun_reflect_ConstantPool_getStringAt0
Java_sun_reflect_ConstantPool_getUTF8At0
Java_sun_reflect_NativeConstructorAccessorImpl_newInstance0
Java_sun_reflect_NativeMethodAccessorImpl_invoke0
Java_sun_reflect_Reflection_getCallerClass
Java_sun_reflect_Reflection_getClassAccessFlags
Java_sun_security_provider_NativeSeedGenerator_nativeGenerateSeed
NewStringPlatform
VerifyClassCodes
VerifyClassCodesForMajorVersion
getEncodingFromLangID
getJavaIDFromLangID
handleLseek
handleRead
handleSync
handleWrite
jio_fprintf
jio_snprintf
winFileHandleOpen

Sections

.text
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
情况说明/__init__/bin/java.exe
.exe windows:4 windows x64 arch:x64

158c0e11d086f70c49323b359555b690

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

4b:bb:e0:d8:25:7c:d9:71:1a:1b:57:e6:bb:9c:66:0f
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

06/07/2012, 00:00

Not After

18/07/2015, 23:59

Subject

CN=Sun Microsystems\, Inc.,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Sun Microsystems,O=Sun Microsystems\, Inc.,L=Palo Alto,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

c1:95:10:c5:cc:ee:78:eb:9a:4a:98:ca:cf:ea:1d:4a:2a:e3:a1:aa
Signer

Actual PE Digest

c1:95:10:c5:cc:ee:78:eb:9a:4a:98:ca:cf:ea:1d:4a:2a:e3:a1:aa

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\BUILD_~1\jdk6_45\control\build\WINDOW~1\tmp\java\java\obj64\java.pdb

Imports

advapi32

RegCloseKey
RegOpenKeyExA
RegEnumKeyA
RegQueryValueExA

kernel32

GetModuleFileNameA
QueryPerformanceCounter
QueryPerformanceFrequency
LocalFree
FormatMessageA
GetLastError
CloseHandle
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
GetCommandLineA
FreeLibrary
GetExitCodeThread
GetProcAddress
LoadLibraryA
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
FindFirstFileA
FindNextFileA
FindClose
ExitProcess
GetModuleHandleA
EnterCriticalSection
LeaveCriticalSection
MultiByteToWideChar
ExitThread
CreateThread
GetFileAttributesA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
HeapReAlloc
RtlUnwindEx
DeleteCriticalSection
WideCharToMultiByte
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
Sleep
ReadFile
WriteFile
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
FlushFileBuffers
SetEnvironmentVariableA
SetEnvironmentVariableW
GetACP
GetOEMCP
GetCPInfo
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapSetInformation
HeapCreate
SetStdHandle
SetFilePointer
InitializeCriticalSection
CompareStringA
CompareStringW
CreateFileA
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
SetEndOfFile
GetTimeZoneInformation
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
GetFullPathNameA
GetCurrentDirectoryA

Sections

.text
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
情况说明/__init__/bin/javaw.exe
.exe windows:4 windows x64 arch:x64

82a1fea564c4fc3cde3b594e19bbee63

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

4b:bb:e0:d8:25:7c:d9:71:1a:1b:57:e6:bb:9c:66:0f
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

06/07/2012, 00:00

Not After

18/07/2015, 23:59

Subject

CN=Sun Microsystems\, Inc.,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Sun Microsystems,O=Sun Microsystems\, Inc.,L=Palo Alto,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

f8:91:c1:e3:70:e3:a0:2d:f9:45:19:38:ea:11:dc:d6:e0:16:d5:92
Signer

Actual PE Digest

f8:91:c1:e3:70:e3:a0:2d:f9:45:19:38:ea:11:dc:d6:e0:16:d5:92

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\BUILD_~1\jdk6_45\control\build\WINDOW~1\tmp\java\javaw\obj64\javaw.pdb

Imports

advapi32

RegCloseKey
RegOpenKeyExA
RegEnumKeyA
RegQueryValueExA

user32

MessageBoxA

kernel32

GetCurrentDirectoryA
GetFullPathNameA
GetModuleFileNameA
QueryPerformanceCounter
QueryPerformanceFrequency
LocalFree
FormatMessageA
GetLastError
CloseHandle
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
GetCommandLineA
FreeLibrary
GetExitCodeThread
GetProcAddress
LoadLibraryA
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
FindFirstFileA
FindNextFileA
FindClose
ExitProcess
GetModuleHandleA
EnterCriticalSection
LeaveCriticalSection
MultiByteToWideChar
ExitThread
CreateThread
GetFileAttributesA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoA
HeapReAlloc
RtlUnwindEx
DeleteCriticalSection
WideCharToMultiByte
SetHandleCount
GetStdHandle
GetFileType
Sleep
ReadFile
WriteFile
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
FlushFileBuffers
SetEnvironmentVariableA
SetEnvironmentVariableW
GetACP
GetOEMCP
GetCPInfo
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapSetInformation
HeapCreate
SetStdHandle
SetFilePointer
InitializeCriticalSection
CompareStringA
CompareStringW
CreateFileA
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
SetEndOfFile
GetTimeZoneInformation
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA

Sections

.text
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
情况说明/__init__/bin/msvcrt.dll
.dll windows:4 windows x64 arch:x64

de7cb4aa1416b2c28b1a7523d6ee524e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

F:\VS70Builds\2207\vc\crtbld64_amd_sys\crt\src\build\amd64\dll_pdb\msvcrt.pdb

Imports

kernel32

GetModuleFileNameA
GetModuleFileNameW
ExitProcess
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
GetCurrentThreadId
GetCommandLineA
GetVersionExA
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
ExitThread
CloseHandle
GetLastError
ResumeThread
CreateThread
TlsAlloc
SetLastError
GetCurrentThread
TlsFree
TlsSetValue
TlsGetValue
FindNextFileA
FindFirstFileA
FindClose
FindNextFileW
FindFirstFileW
HeapAlloc
HeapFree
HeapCreate
HeapDestroy
SetHandleCount
GetFileType
GetStartupInfoA
GetACP
GetOEMCP
GetCPInfo
DebugBreak
RtlUnwindEx
LoadLibraryA
MultiByteToWideChar
GetCommandLineW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
InitializeCriticalSection
UnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetConsoleCtrlHandler
SetEnvironmentVariableA
SetEnvironmentVariableW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetLocaleInfoW
GetDateFormatA
GetTimeFormatA
GetTimeZoneInformation
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapReAlloc
FlushFileBuffers
SetFilePointer
SetStdHandle
CompareStringA
CompareStringW
Sleep
Beep
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDiskFreeSpaceA
GetLogicalDrives
SetErrorMode
GetFileAttributesA
GetCurrentDirectoryA
SetCurrentDirectoryA
SetFileAttributesA
GetFullPathNameA
GetDriveTypeA
GetCurrentProcessId
CreateDirectoryA
RemoveDirectoryA
DeleteFileA
GetFileAttributesW
GetCurrentDirectoryW
SetCurrentDirectoryW
SetFileAttributesW
GetFullPathNameW
CreateDirectoryW
DeleteFileW
MoveFileW
RemoveDirectoryW
GetDriveTypeW
MoveFileA
RaiseException
RtlPcToFileHeader
RtlLookupFunctionEntry
IsBadReadPtr
SetUnhandledExceptionFilter
IsBadWritePtr
IsBadCodePtr
GetExitCodeProcess
WaitForSingleObject
FreeLibrary
CreateProcessA
CreateProcessW
HeapValidate
HeapCompact
HeapWalk
HeapSize
ReadConsoleA
SetConsoleMode
GetConsoleMode
IsDBCSLeadByteEx
GetConsoleCP
ReadConsoleW
SetEndOfFile
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
DuplicateHandle
GetFileInformationByHandle
PeekNamedPipe
ReadConsoleInputA
PeekConsoleInputA
GetNumberOfConsoleInputEvents
ReadConsoleInputW
LockFile
UnlockFile
CreateFileA
CreatePipe
ReadFile
CreateFileW
GetSystemTimeAsFileTime
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
GetLocalTime
SetLocalTime

Exports

Exports

$I10_OUTPUT
??0__non_rtti_object@@QAA@ABV0@@Z
??0__non_rtti_object@@QAA@PBD@Z
??0bad_cast@@AAA@PBQBD@Z
??0bad_cast@@QAA@ABQBD@Z
??0bad_cast@@QAA@ABV0@@Z
??0bad_cast@@QAA@PBD@Z
??0bad_typeid@@QAA@ABV0@@Z
??0bad_typeid@@QAA@PBD@Z
??0exception@@QAA@ABQBD@Z
??0exception@@QAA@ABV0@@Z
??0exception@@QAA@XZ
??1__non_rtti_object@@UAA@XZ
??1bad_cast@@UAA@XZ
??1bad_typeid@@UAA@XZ
??1exception@@UAA@XZ
??1type_info@@UAA@XZ
??2@YAPAX_K@Z
??3@YAXPAX@Z
??4__non_rtti_object@@QAAAAV0@ABV0@@Z
??4bad_cast@@QAAAAV0@ABV0@@Z
??4bad_typeid@@QAAAAV0@ABV0@@Z
??4exception@@QAAAAV0@ABV0@@Z
??8type_info@@QBAHABV0@@Z
??9type_info@@QBAHABV0@@Z
??_7__non_rtti_object@@6B@
??_7bad_cast@@6B@
??_7bad_typeid@@6B@
??_7exception@@6B@
??_Fbad_cast@@QAAXXZ
??_Fbad_typeid@@QAAXXZ
??_U@YAPAX_K@Z
??_V@YAXPAX@Z
?_query_new_handler@@YAP6AH_K@ZXZ
?_query_new_mode@@YAHXZ
?_set_new_handler@@YAP6AH_K@ZP6AH0@Z@Z
?_set_new_mode@@YAHH@Z
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
?before@type_info@@QBAHABV1@@Z
?name@type_info@@QBAPBDXZ
?raw_name@type_info@@QBAPBDXZ
?set_terminate@@YAP6AXXZP6AXXZ@Z
?set_unexpected@@YAP6AXXZP6AXXZ@Z
?terminate@@YAXXZ
?unexpected@@YAXXZ
?what@exception@@UBAPBDXZ
_CxxThrowException
_Getdays
_Getmonths
_Gettnames
_HUGE
_Strftime
_XcptFilter
__C_specific_handler
__CxxFrameHandler
__CxxFrameHandler2
__DestructExceptionObject
__RTCastToVoid
__RTDynamicCast
__RTtypeid
__STRINGTOLD
___lc_codepage_func
___lc_collate_cp_func
___lc_handle_func
___mb_cur_max_func
___setlc_active_func
___unguarded_readlc_active_add_func
__argc
__argv
__badioinfo
__crtCompareStringA
__crtCompareStringW
__crtGetLocaleInfoW
__crtGetStringTypeW
__crtLCMapStringA
__crtLCMapStringW
__dllonexit
__doserrno
__fpecode
__getmainargs
__initenv
__iob_func
__isascii
__iscsym
__iscsymf
__lc_clike
__lc_codepage
__lc_collate_cp
__lc_handle
__lconv
__lconv_init
__mb_cur_max
__pctype_func
__pioinfo
__pwctype_func
__pxcptinfoptrs
__set_app_type
__setlc_active
__setusermatherr
__threadhandle
__threadid
__toascii
__unDName
__unDNameEx
__uncaught_exception
__unguarded_readlc_active
__wargv
__wcserror
__wgetmainargs
__winitenv
_abs64
_access
_acmdln
_aexit_rtn
_aligned_free
_aligned_malloc
_aligned_offset_malloc
_aligned_offset_realloc
_aligned_realloc
_amsg_exit
_assert
_atodbl
_atoi64
_atoldbl
_beep
_beginthread
_beginthreadex
_byteswap_uint64
_byteswap_ulong
_byteswap_ushort
_c_exit
_cabs
_callnewh
_cexit
_cgets
_cgetws
_chdir
_chdrive
_chgsign
_chmod
_chsize
_clearfp
_close
_commit
_commode
_configthreadlocale
_control87
_controlfp
_copysign
_cprintf
_cputs
_cputws
_creat
_cscanf
_ctime64
_ctype
_cwait
_cwprintf
_cwscanf
_daylight
_dstbias
_dup
_dup2
_ecvt
_endthread
_endthreadex
_environ
_eof
_errno
_execl
_execle
_execlp
_execlpe
_execv
_execve
_execvp
_execvpe
_exit
_expand
_fcloseall
_fcvt
_fdopen
_fgetchar
_fgetwchar
_filbuf
_fileinfo
_filelength
_filelengthi64
_fileno
_findclose
_findfirst
_findfirst64
_findfirsti64
_findnext
_findnext64
_findnexti64
_finite
_flsbuf
_flushall
_fmode
_fpclass
_fpieee_flt
_fpreset
_fputchar
_fputwchar
_fsopen
_fstat
_fstat64
_fstati64
_ftime
_ftime64
_fullpath
_futime
_futime64
_gcvt
_get_heap_handle
_get_osfhandle
_get_sbh_threshold
_getch
_getche
_getcwd
_getdcwd
_getdiskfree
_getdllprocaddr
_getdrive
_getdrives
_getmaxstdio
_getmbcp
_getpid
_getsystime
_getw
_getwch
_getwche
_getws
_gmtime64
_heapadd
_heapchk
_heapmin
_heapset
_heapused
_heapwalk
_hypot
_i64toa
_i64tow
_initterm
_iob
_isatty
_isctype
_ismbbalnum
_ismbbalpha
_ismbbgraph
_ismbbkalnum
_ismbbkana
_ismbbkprint
_ismbbkpunct
_ismbblead
_ismbbprint
_ismbbpunct
_ismbbtrail
_ismbcalnum
_ismbcalpha
_ismbcdigit
_ismbcgraph
_ismbchira
_ismbckata
_ismbcl0
_ismbcl1
_ismbcl2
_ismbclegal
_ismbclower
_ismbcprint
_ismbcpunct
_ismbcspace
_ismbcsymbol
_ismbcupper
_ismbslead
_ismbstrail
_isnan
_itoa
_itow
_j0
_j1
_jn
_kbhit
_lfind
_loaddll
_local_unwind
_localtime64
_lock
_locking
_logb
_lrotl
_lrotr
_lsearch
_lseek
_lseeki64
_ltoa
_ltow
_makepath
_mbbtombc
_mbbtype
_mbcasemap
_mbccpy
_mbcjistojms
_mbcjmstojis
_mbclen
_mbctohira
_mbctokata
_mbctolower
_mbctombb
_mbctoupper
_mbctype
_mbsbtype
_mbscat
_mbschr
_mbscmp
_mbscoll
_mbscpy
_mbscspn
_mbsdec
_mbsdup
_mbsicmp
_mbsicoll
_mbsinc
_mbslen
_mbslwr
_mbsnbcat
_mbsnbcmp
_mbsnbcnt
_mbsnbcoll
_mbsnbcpy
_mbsnbicmp
_mbsnbicoll
_mbsnbset
_mbsncat
_mbsnccnt
_mbsncmp
_mbsncoll
_mbsncpy
_mbsnextc
_mbsnicmp
_mbsnicoll
_mbsninc
_mbsnset
_mbspbrk
_mbsrchr
_mbsrev
_mbsset
_mbsspn
_mbsspnp
_mbsstr
_mbstok
_mbstrlen
_mbsupr
_memccpy
_memicmp
_mkdir
_mktemp
_mktime64
_msize
_nextafter
_onexit
_open
_open_osfhandle
_osplatform
_osver
_pclose
_pctype
_pgmptr
_pipe
_popen
_purecall
_putch
_putenv
_putw
_putwch
_putws
_pwctype
_read
_resetstkoflw
_rmdir
_rmtmp
_rotl
_rotl64
_rotr
_rotr64
_scalb
_scprintf
_scwprintf
_searchenv
_set_error_mode
_set_sbh_threshold
_seterrormode
_setjmp
_setjmpex
_setmaxstdio
_setmbcp
_setmode
_setsystime
_sleep
_snprintf
_snscanf
_snwprintf
_snwscanf
_sopen
_spawnl
_spawnle
_spawnlp
_spawnlpe
_spawnv
_spawnve
_spawnvp
_spawnvpe
_splitpath
_stat
_stat64
_stati64
_statusfp
_strcmpi
_strdate
_strdup
_strerror
_stricmp
_stricoll
_strlwr
_strncoll
_strnicmp
_strnicoll
_strnset
_strrev
_strset
_strtime
_strtoi64
_strtoui64
_strupr
_swab
_sys_errlist
_sys_nerr
_tell
_telli64
_tempnam
_time64
_timezone
_tolower
_toupper
_tzname
_tzset
_ui64toa
_ui64tow
_ultoa
_ultow
_umask
_ungetch
_ungetwch
_unlink
_unloaddll
_unlock
_utime
_utime64
_vscprintf
_vscwprintf
_vsnprintf
_vsnwprintf
_waccess
_wasctime
_wchdir
_wchmod
_wcmdln
_wcreat
_wcsdup
_wcserror
_wcsicmp
_wcsicoll
_wcslwr
_wcsncoll
_wcsnicmp
_wcsnicoll
_wcsnset
_wcsrev
_wcsset
_wcstoi64
_wcstoui64
_wcsupr
_wctime
_wctime64
_wctype
_wenviron
_wexecl
_wexecle
_wexeclp
_wexeclpe
_wexecv
_wexecve
_wexecvp
_wexecvpe
_wfdopen
_wfindfirst
_wfindfirst64
_wfindfirsti64
_wfindnext

Sections

.text
Size: 266KB - Virtual size: 266KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_SETJMP_
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 952B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
情况说明/__init__/bin/server/Xusage.txt
情况说明/__init__/bin/server/classes.jsa
情况说明/__init__/bin/server/jvm.dll
.dll windows:4 windows x64 arch:x64

32d57b4797be1b254d24d1a669f974af

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

4b:bb:e0:d8:25:7c:d9:71:1a:1b:57:e6:bb:9c:66:0f
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

06/07/2012, 00:00

Not After

18/07/2015, 23:59

Subject

CN=Sun Microsystems\, Inc.,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Sun Microsystems,O=Sun Microsystems\, Inc.,L=Palo Alto,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

2c:e8:d0:3f:91:0e:b0:5d:c9:35:91:3a:06:f8:58:14:5c:18:f5:76
Signer

Actual PE Digest

2c:e8:d0:3f:91:0e:b0:5d:c9:35:91:3a:06:f8:58:14:5c:18:f5:76

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\BUILD_~1\jdk6_45\control\build\WINDOW~1\hotspot\outputdir\windows_amd64_compiler2\product\jvm.pdb

Imports

kernel32

DebugBreak
VirtualQuery
GetSystemTimeAsFileTime
QueryPerformanceCounter
GlobalMemoryStatusEx
GetProcessAffinityMask
QueryPerformanceFrequency
GetLocalTime
GetProcessTimes
FindFirstFileA
GetFileAttributesA
FindClose
FindNextFileA
GetTempPathA
GetModuleFileNameA
FormatMessageA
SetConsoleCtrlHandler
VirtualAlloc
VirtualProtect
VirtualFree
ResumeThread
Sleep
SetThreadPriority
GetThreadPriority
ResetEvent
GetThreadContext
GetCurrentThreadId
GetVersionExA
GetSystemInfo
TlsAlloc
TlsSetValue
DuplicateHandle
GetCurrentThread
GetThreadTimes
IsDBCSLeadByte
SetEndOfFile
SetFilePointer
PeekNamedPipe
GetEnvironmentVariableA
GetNumberOfConsoleInputEvents
GetStdHandle
MapViewOfFileEx
CreateFileMappingA
ReadFile
UnmapViewOfFile
SetEvent
GetExitCodeProcess
CreateProcessA
GetModuleHandleA
GetSystemDirectoryA
GetWindowsDirectoryA
LoadLibraryA
OpenProcess
GetTimeZoneInformation
HeapUnlock
HeapValidate
HeapWalk
HeapLock
GetProcessHeap
WaitForMultipleObjects
AddVectoredExceptionHandler
GetVolumeInformationA
CreateDirectoryA
OpenFileMappingA
MapViewOfFile
SetUnhandledExceptionFilter
RtlAddFunctionTable
GetTickCount
GetCurrentProcessId
TerminateProcess
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
RemoveVectoredExceptionHandler
GetCurrentProcess
FlushFileBuffers
CloseHandle
WriteFile
CreateFileA
GetLastError
TlsGetValue
WaitForSingleObject
ReleaseSemaphore
ReleaseMutex
CreateMutexA
CreateSemaphoreA
CreateEventA
FreeLibrary
GetProcAddress
__C_specific_handler
PeekConsoleInputA

user32

MessageBoxA

advapi32

OpenProcessToken
FreeSid
InitializeSecurityDescriptor
InitializeAcl
GetAclInformation
GetAce
EqualSid
AddAce
AddAccessAllowedAce
SetSecurityDescriptorDacl
GetTokenInformation
GetLengthSid
CopySid
GetSecurityDescriptorDacl
GetUserNameA
SetFileSecurityA
AllocateAndInitializeSid

winmm

timeBeginPeriod
timeGetTime
timeEndPeriod

msvcrt

_vsnprintf
memset
_purecall
memcpy
memmove
qsort
strncpy
strncmp
_read
_close
_strdup
exit
strrchr
fclose
fgets
fopen
sprintf
strchr
memcmp
_unlink
_open
sscanf
strstr
getc
isspace
strpbrk
_iob
??2@YAPEAX_K@Z
malloc
strerror
_errno
remove
_write
_lseek
memchr
_isnan
vfprintf
realloc
isalnum
_stricmp
atoi
isdigit
atol
atof
printf
strtol
fflush
free
ctime
time
strcspn
fmod
sqrt
floor
fwrite
rewind
localtime
_exit
_getdrive
_getcwd
_access
getenv
signal
raise
_getpid
_setmode
_lseeki64
isalpha
_get_osfhandle
_snprintf
_fstati64
_beginthreadex
_finite
ceil
exp
fmodf
frexp
_assert
strtoul
fprintf
__dllonexit
_onexit
_initterm
_timezone
_stat

Exports

Exports

??_7?$G1ParCopyClosure@$00$0A@$00@@6B@
??_7?$G1ParCopyClosure@$00$0A@$0A@@@6B@
??_7?$G1ParCopyClosure@$0A@$00$00@@6B@
??_7?$G1ParCopyClosure@$0A@$00$0A@@@6B@
??_7?$G1ParCopyClosure@$0A@$01$0A@@@6B@
??_7?$G1ParCopyClosure@$0A@$0A@$00@@6B@
??_7?$G1ParCopyClosure@$0A@$0A@$0A@@@6B@
??_7?$GenericTaskQueueSet@V?$GenericTaskQueue@PEAVoopDesc@@$0CAAAA@@@@@6B@
??_7?$GenericTaskQueueSet@V?$OverflowTaskQueue@VObjArrayTask@@$0CAAA@@@@@6B@
??_7?$GenericTaskQueueSet@V?$OverflowTaskQueue@VStarTask@@$0CAAAA@@@@@6B@
??_7?$GenericTaskQueueSet@V?$OverflowTaskQueue@_K$0CAAAA@@@@@6B@
??_7?$GenericTaskQueueSet@V?$Padded@V?$GenericTaskQueue@PEAVoopDesc@@$0CAAAA@@@$0EA@@@@@6B@
??_7?$Stack@PEAVDataLayout@@@@6B@
??_7?$Stack@PEAVKlass@@@@6B@
??_7?$Stack@PEAVmarkOopDesc@@@@6B@
??_7?$Stack@PEAVoopDesc@@@@6B@
??_7?$Stack@VObjArrayTask@@@@6B@
??_7?$Stack@VStarTask@@@@6B@
??_7?$Stack@_K@@6B@
??_7ASConcurrentMarkSweepGeneration@@6B@
??_7ASConcurrentMarkSweepPolicy@@6B@
??_7ASPSOldGen@@6B@
??_7ASPSYoungGen@@6B@
??_7ASParNewGeneration@@6B@
??_7AbsDNode@@6B@
??_7AbsFNode@@6B@
??_7AbsNode@@6B@
??_7AbsSeq@@6B@
??_7AbstractAssembler@@6B@
??_7AbstractCompiler@@6B@
??_7AbstractGangTask@@6B@
??_7AbstractGangTaskWOopQueues@@6B@
??_7AbstractLockNode@@6B@
??_7AbstractRefProcTaskExecutor@@6B@
??_7AbstractWorkGang@@6B@
??_7AccessArray@@6B@
??_7AccessField@@6B@
??_7AccessIndexed@@6B@
??_7AccessMonitor@@6B@
??_7AdapterBlob@@6B@
??_7AdaptiveSizePolicy@@6B@
??_7AddDNode@@6B@
??_7AddFNode@@6B@
??_7AddINode@@6B@
??_7AddLNode@@6B@
??_7AddNode@@6B@
??_7AddPNode@@6B@
??_7AddVBNode@@6B@
??_7AddVCNode@@6B@
??_7AddVDNode@@6B@
??_7AddVFNode@@6B@
??_7AddVINode@@6B@
??_7AddVLNode@@6B@
??_7AddVSNode@@6B@
??_7AddressConstant@@6B@
??_7AddressType@@6B@
??_7AdjustPointerClosure@MarkSweep@@6B@
??_7AdjustPointerClosure@PSParallelCompact@@6B@
??_7AdjustPointersClosure@@6B@
??_7AdjustSharedObjectClosure@@6B@
??_7AdvancedThresholdPolicy@@6B@
??_7AllocProfClosure@@6B@
??_7AllocateArrayNode@@6B@
??_7AllocateNode@@6B@
??_7AlwaysAliveClosure@@6B@
??_7AlwaysClearPolicy@@6B@
??_7AlwaysTrueClosure@@6B@
??_7AndINode@@6B@
??_7AndLNode@@6B@
??_7AndVNode@@6B@
??_7ArgInfoData@@6B@
??_7ArgumentCount@@6B@
??_7ArgumentSizeComputer@@6B@
??_7ArithmeticOp@@6B@
??_7ArrayConstant@@6B@
??_7ArrayCopyStub@@6B@
??_7ArrayData@@6B@
??_7ArrayLength@@6B@
??_7ArrayStoreExceptionStub@@6B@
??_7ArrayType@@6B@
??_7AryEqNode@@6B@
??_7AscendTreeCensusClosure@@6B@
??_7Assembler@@6B@
??_7AssertIsPermClosure@@6B@
??_7AttachOperation@@6B@
??_7BarrierGCTask@@6B@
??_7BarrierSet@@6B@
??_7Base@@6B@
??_7BeginSweepClosure@@6B@
??_7BinaryNode@@6B@
??_7BinaryTreeDictionary@@6B@
??_7BitData@@6B@
??_7BitMapClosure@@6B@
??_7BlkClosure@@6B@
??_7BlkClosureCareful@@6B@
??_7BlkPrintingClosure@@6B@
??_7Block@@6B@
??_7BlockBegin@@6B@
??_7BlockClosure@@6B@
??_7BlockEnd@@6B@
??_7BlockMerger@@6B@
??_7BlockOffsetArray@@6B@
??_7BlockOffsetArrayContigSpace@@6B@
??_7BlockOffsetArrayNonContigSpace@@6B@
??_7BlockOffsetTable@@6B@
??_7BoolNode@@6B@
??_7BoolObjectClosure@@6B@
??_7BoxLockNode@@6B@
??_7BranchData@@6B@
??_7BufferBlob@@6B@
??_7BufferingOopClosure@@6B@
??_7BufferingOopsInGenClosure@@6B@
??_7C1_MacroAssembler@@6B@
??_7C2Compiler@@6B@
??_7CE_Eliminator@@6B@
??_7CFGElement@@6B@
??_7CFGLoop@@6B@
??_7CMBitMapClosure@@6B@
??_7CMCheckpointRootsFinalClosure@@6B@
??_7CMCheckpointRootsInitialClosure@@6B@
??_7CMCleanUp@@6B@
??_7CMConcurrentMarkingTask@@6B@
??_7CMGlobalObjectClosure@@6B@
??_7CMMarkRootsClosure@@6B@
??_7CMObjectClosure@@6B@
??_7CMOopClosure@@6B@
??_7CMRemarkTask@@6B@
??_7CMSAdaptiveSizePolicy@@6B@
??_7CMSConcMarkingTask@@6B@
??_7CMSConcMarkingTerminator@@6B@
??_7CMSConcMarkingTerminatorTerminator@@6B@
??_7CMSDrainMarkingStackClosure@@6B@
??_7CMSGCAdaptivePolicyCounters@@6B@
??_7CMSGCStats@@6B@
??_7CMSInnerParMarkAndPushClosure@@6B@
??_7CMSIsAliveClosure@@6B@
??_7CMSKeepAliveClosure@@6B@
??_7CMSMemoryManager@@6B@
??_7CMSParDrainMarkingStackClosure@@6B@
??_7CMSParKeepAliveClosure@@6B@
??_7CMSParRemarkTask@@6B@
??_7CMSPermGen@@6B@
??_7CMSPermGenGen@@6B@
??_7CMSPrecleanRefsYieldClosure@@6B@
??_7CMSRefEnqueueTaskProxy@@6B@
??_7CMSRefProcTaskExecutor@@6B@
??_7CMSRefProcTaskProxy@@6B@
??_7CMTask@@6B@
??_7CMoveDNode@@6B@
??_7CMoveFNode@@6B@
??_7CMoveINode@@6B@
??_7CMoveLNode@@6B@
??_7CMoveNNode@@6B@
??_7CMoveNode@@6B@
??_7CMovePNode@@6B@
??_7CProjNode@@6B@
??_7CSMarkBitMapClosure@@6B@
??_7CSMarkOopClosure@@6B@
??_7CalcLiveObjectsClosure@@6B@
??_7CallDynamicJavaDirectNode@@6B@
??_7CallDynamicJavaNode@@6B@
??_7CallGenerator@@6B@
??_7CallJavaNode@@6B@
??_7CallLeafDirectNode@@6B@
??_7CallLeafNoFPDirectNode@@6B@
??_7CallLeafNoFPNode@@6B@
??_7CallLeafNode@@6B@
??_7CallNode@@6B@
??_7CallRelocation@@6B@
??_7CallRuntimeDirectNode@@6B@
??_7CallRuntimeNode@@6B@
??_7CallStaticJavaDirectNode@@6B@
??_7CallStaticJavaHandleNode@@6B@
??_7CallStaticJavaNode@@6B@
??_7Canonicalizer@@6B@
??_7CardGeneration@@6B@
??_7CardTableEntryClosure@@6B@
??_7CardTableExtension@@6B@
??_7CardTableModRefBS@@6B@
??_7CardTableModRefBSForCTRS@@6B@
??_7CardTableRS@@6B@
??_7CastIINode@@6B@
??_7CastP2XNode@@6B@
??_7CastPPNode@@6B@
??_7CastX2PNode@@6B@
??_7CatchNode@@6B@
??_7CatchProjNode@@6B@
??_7ChangeItem@@6B@
??_7ChangeJumpWiden@@6B@
??_7ChangeSwitchPad@@6B@
??_7ChangeWiden@@6B@
??_7CheckCast@@6B@
??_7CheckCastPPNode@@6B@
??_7CheckForPreciseMarks@@6B@
??_7CheckForUnmarkedObjects@@6B@
??_7CheckForUnmarkedOops@@6B@
??_7ChunkPoolCleaner@@6B@
??_7ClassConstant@@6B@
??_7ClassPathDirEntry@@6B@
??_7ClassPathEntry@@6B@
??_7ClassPathZipEntry@@6B@
??_7ClassType@@6B@
??_7ClassifyInstanceKlassClosure@@6B@
??_7ClassifyObjectClosure@@6B@
??_7ClearAllocCountClosure@@6B@
??_7ClearArrayNode@@6B@
??_7ClearLoggedCardTableEntryClosure@@6B@
??_7ClearMarksInHRClosure@@6B@
??_7ClearNoncleanCardWrapper@@6B@
??_7ClearSpaceClosure@@6B@
??_7CmpD3Node@@6B@
??_7CmpDNode@@6B@
??_7CmpF3Node@@6B@
??_7CmpFNode@@6B@
??_7CmpINode@@6B@
??_7CmpL3Node@@6B@
??_7CmpLNode@@6B@
??_7CmpLTMaskNode@@6B@
??_7CmpNNode@@6B@
??_7CmpNode@@6B@
??_7CmpPNode@@6B@
??_7CmpUNode@@6B@
??_7CodeBlob@@6B@
??_7CodeBlobClosure@@6B@
??_7CodeBlobToOopClosure@@6B@
??_7CodeCacheMemoryManager@@6B@
??_7CodeHeapPool@@6B@
??_7CodeStub@@6B@
??_7CollectedHeap@@6B@
??_7CollectedMemoryPool@@6B@
??_7CollectorPolicy@@6B@
??_7CompactibleFreeListSpace@@6B@
??_7CompactibleFreeListSpacePool@@6B@
??_7CompactibleSpace@@6B@
??_7CompactingPermGen@@6B@
??_7CompactingPermGenGen@@6B@
??_7CompareAndSwapINode@@6B@
??_7CompareAndSwapLNode@@6B@
??_7CompareAndSwapNNode@@6B@
??_7CompareAndSwapPNode@@6B@
??_7CompareOp@@6B@
??_7CompilationPolicy@@6B@
??_7CompileLog@@6B@
??_7CompiledArgumentOopFinder@@6B@
??_7CompiledRFrame@@6B@
??_7Compiler@@6B@
??_7CompilerThread@@6B@
??_7CompleteMarkingInCSHRClosure@@6B@
??_7ComputeCallStack@@6B@
??_7ComputeEntryStack@@6B@
??_7ConDNode@@6B@
??_7ConFNode@@6B@
??_7ConINode@@6B@
??_7ConLNode@@6B@
??_7ConNNode@@6B@
??_7ConNode@@6B@
??_7ConPNode@@6B@
??_7ConcEdenSpace@@6B@
??_7ConcurrentG1RefineThread@@6B@
??_7ConcurrentGCThread@@6B@
??_7ConcurrentMarkSweepGeneration@@6B@
??_7ConcurrentMarkSweepPolicy@@6B@
??_7ConcurrentMarkSweepThread@@6B@
??_7ConcurrentMarkThread@@6B@
??_7Constant@@6B@
??_7ConstantDoubleValue@@6B@
??_7ConstantIntValue@@6B@
??_7ConstantLongValue@@6B@
??_7ConstantOopReadValue@@6B@
??_7ConstantOopWriteValue@@6B@
??_7ConstraintCastNode@@6B@
??_7ContigPermSpace@@6B@
??_7ContiguousSpace@@6B@
??_7ContiguousSpaceDCTOC@@6B@
??_7ContiguousSpacePool@@6B@
??_7ContiguousSpaceUsedHelper@@6B@
??_7Conv2BNode@@6B@
??_7ConvD2FNode@@6B@
??_7ConvD2INode@@6B@
??_7ConvD2LNode@@6B@
??_7ConvF2DNode@@6B@
??_7ConvF2INode@@6B@
??_7ConvF2LNode@@6B@
??_7ConvI2DNode@@6B@
??_7ConvI2FNode@@6B@
??_7ConvI2LNode@@6B@
??_7ConvL2DNode@@6B@
??_7ConvL2FNode@@6B@
??_7ConvL2INode@@6B@
??_7ConversionStub@@6B@
??_7Convert@@6B@
??_7CopyMemoryManager@@6B@
??_7CosDNode@@6B@
??_7CountBitsNode@@6B@
??_7CountCSClosure@@6B@
??_7CountHandleClosure@@6B@
??_7CountInterfacesClosure@@6B@
??_7CountLeadingZerosINode@@6B@
??_7CountLeadingZerosLNode@@6B@
??_7CountNonCleanMemRegionClosure@@6B@
??_7CountRSSizeClosure@@6B@
??_7CountTrailingZerosINode@@6B@
??_7CountTrailingZerosLNode@@6B@
??_7CountedLoopEndNode@@6B@
??_7CountedLoopNode@@6B@
??_7CounterData@@6B@
??_7CounterOverflowStub@@6B@
??_7CreateExNode@@6B@
??_7CreateExceptionNode@@6B@
??_7CriticalEdgeFinder@@6B@
??_7DataRelocation@@6B@
??_7DecodeNNode@@6B@
??_7DefNewGeneration@@6B@
??_7DeoptimizationBlob@@6B@
??_7DeoptimizeStub@@6B@
??_7DeoptimizedRFrame@@6B@
??_7DescendTreeCensusClosure@@6B@
??_7DescendTreeSearchClosure@@6B@
??_7DetectScavengeRoot@@6B@
??_7DirectCallGenerator@@6B@
??_7DirtyCardQueue@@6B@
??_7DirtyCardQueueSet@@6B@
??_7DirtyCardToOopClosure@@6B@
??_7DivByZeroStub@@6B@
??_7DivDNode@@6B@
??_7DivFNode@@6B@
??_7DivINode@@6B@
??_7DivLNode@@6B@
??_7DivModINode@@6B@
??_7DivModLNode@@6B@
??_7DivModNode@@6B@
??_7DivVDNode@@6B@
??_7DivVFNode@@6B@
??_7DoNothingClosure@@6B@
??_7DoubleConstant@@6B@
??_7DoubleType@@6B@
??_7DrainStacksCompactionTask@@6B@
??_7DynamicCallGenerator@@6B@
??_7EdenMutableSpacePool@@6B@
??_7EdenSpace@@6B@
??_7EnableBiasedLockingTask@@6B@
??_7EncodePNode@@6B@
??_7EndTreeSearchClosure@@6B@
??_7EnqueueTask@AbstractRefProcTaskExecutor@@6B@
??_7EntryFrameOopFinder@@6B@
??_7EvacuateFollowersClosure@DefNewGeneration@@6B@
??_7EvacuateFollowersClosureGeneral@@6B@
??_7ExceptionBlob@@6B@
??_7ExceptionObject@@6B@
??_7ExpDNode@@6B@
??_7ExtractBNode@@6B@
??_7ExtractCNode@@6B@
??_7ExtractDNode@@6B@
??_7ExtractFNode@@6B@
??_7ExtractINode@@6B@
??_7ExtractLNode@@6B@
??_7ExtractNode@@6B@
??_7ExtractSNode@@6B@
??_7FalseClosure@@6B@
??_7FastEvacuateFollowersClosure@DefNewGeneration@@6B@
??_7FastKeepAliveClosure@DefNewGeneration@@6B@
??_7FastLockNode@@6B@
??_7FastScanClosure@@6B@
??_7FastUnlockNode@@6B@
??_7FieldClosure@@6B@
??_7FieldReassigner@@6B@
??_7FieldStream@@6B@
??_7FillClosure@@6B@
??_7FilterIntoCSClosure@@6B@
??_7FilterOutOfRegionClosure@@6B@
??_7FilteredFieldStream@@6B@
??_7FilteringClosure@@6B@
??_7Filtering_DCTOC@@6B@
??_7FindFirstRegionClosure@@6B@
??_7FindInstanceClosure@@6B@
??_7FingerprintMethodsClosure@@6B@
??_7Fingerprinter@@6B@
??_7FixupMirrorClosure@@6B@
??_7FlatProfilerTask@@6B@
??_7FlexibleGangTask@@6B@
??_7FlexibleWorkGang@@6B@
??_7FloatConstant@@6B@
??_7FloatType@@6B@
??_7FollowRootClosure@MarkSweep@@6B@
??_7FollowStackClosure@MarkSweep@@6B@
??_7FollowStackClosure@PSParallelCompact@@6B@
??_7FreeBlockDictionary@@6B@
??_7FreeListSpace_DCTOC@@6B@
??_7FreeRegionList@@6B@
??_7G1AdjustPointersClosure@@6B@
??_7G1BlockOffsetArray@@6B@
??_7G1BlockOffsetArrayContigSpace@@6B@
??_7G1BlockOffsetTable@@6B@
??_7G1CMDrainMarkingStackClosure@@6B@
??_7G1CMIsAliveClosure@@6B@
??_7G1CMKeepAliveClosure@@6B@
??_7G1CollectedHeap@@6B@
??_7G1CollectorPolicy@@6B@
??_7G1CollectorPolicy_BestRegionsFirst@@6B@
??_7G1EdenPool@@6B@
??_7G1IsAliveClosure@@6B@
??_7G1KeepAliveClosure@@6B@
??_7G1MMUTracker@@6B@
??_7G1MMUTrackerQueue@@6B@
??_7G1MemoryPoolSuper@@6B@
??_7G1NoteEndOfConcMarkClosure@@6B@
??_7G1OffsetTableContigSpace@@6B@
??_7G1OldGenMemoryManager@@6B@
??_7G1OldGenPool@@6B@
??_7G1ParCleanupCTTask@@6B@
??_7G1ParClosureSuper@@6B@
??_7G1ParCopyHelper@@6B@
??_7G1ParEvacuateFollowersClosure@@6B@
??_7G1ParFinalCountTask@@6B@
??_7G1ParNoteEndTask@@6B@
??_7G1ParPushHeapRSClosure@@6B@
??_7G1ParScanClosure@@6B@
??_7G1ParScanPartialArrayClosure@@6B@
??_7G1ParScrubRemSetTask@@6B@
??_7G1ParTask@@6B@
??_7G1ParVerifyTask@@6B@
??_7G1PostBarrierStub@@6B@
??_7G1PreBarrierStub@@6B@
??_7G1PrepareCompactClosure@@6B@
??_7G1RemSet@@6B@
??_7G1SATBCardTableLoggingModRefBS@@6B@
??_7G1SATBCardTableModRefBS@@6B@
??_7G1SpaceCompactClosure@@6B@
??_7G1SurvivorPool@@6B@
??_7G1YoungGenMemoryManager@@6B@
??_7G1YoungGenSizer@@6B@
??_7GCAdaptivePolicyCounters@@6B@
??_7GCMemoryManager@@6B@
??_7GCPolicyCounters@@6B@
??_7GCStats@@6B@
??_7GCTask@@6B@
??_7GCTaskQueue@@6B@
??_7GCTaskThread@@6B@
??_7GangWorker@@6B@
??_7GcThreadCountClosure@@6B@
??_7GenAdjustPointersClosure@@6B@
??_7GenClosure@GenCollectedHeap@@6B@
??_7GenCollectedHeap@@6B@
??_7GenCollectorPolicy@@6B@
??_7GenCompactClosure@@6B@
??_7GenEnsureParsabilityClosure@@6B@
??_7GenGCEpilogueClosure@@6B@
??_7GenGCPrologueClosure@@6B@
??_7GenPrepareForVerifyClosure@@6B@
??_7GenRemSet@@6B@
??_7GenSpaceMangler@@6B@
??_7GenTimeOfLastGCClosure@@6B@
??_7GenerateOopMap@@6B@
??_7GeneratePairingInfo@@6B@
??_7Generation@@6B@
??_7GenerationBlockIsObjClosure@@6B@
??_7GenerationBlockSizeClosure@@6B@
??_7GenerationBlockStartClosure@@6B@
??_7GenerationCounters@@6B@
??_7GenerationIsInClosure@@6B@
??_7GenerationIsInReservedClosure@@6B@
??_7GenerationObjIterateClosure@@6B@
??_7GenerationOopIterateClosure@@6B@
??_7GenerationPool@@6B@
??_7GenerationSafeObjIterateClosure@@6B@
??_7GenerationSizer@@6B@
??_7GenerationSpec@@6B@
??_7GenerationUsedHelper@@6B@
??_7GlobalValueNumbering@@6B@
??_7Goto@@6B@
??_7GotoNode@@6B@
??_7GraphKit@@6B@
??_7GrowableElement@@6B@
??_7HRRSStatsIter@@6B@
??_7HaltNode@@6B@
??_7HeapObjectDumper@@6B@
??_7HeapRegion@@6B@
??_7HeapRegionClosure@@6B@
??_7HeapRegionDCTOC@@6B@
??_7HeapRegionLinkedList@@6B@
??_7HeapRegionSet@@6B@
??_7HeapRegionSetBase@@6B@
??_7HighResTimeSampler@@6B@
??_7HistoClosure@@6B@
??_7HumongousRegionSet@@6B@
??_7ICStubInterface@@6B@
??_7ICacheStubGenerator@@6B@
??_7If@@6B@
??_7IfFalseNode@@6B@
??_7IfInstanceOf@@6B@
??_7IfNode@@6B@
??_7IfOp@@6B@
??_7IfTrueNode@@6B@
??_7IllegalType@@6B@
??_7ImmutableSpace@@6B@
??_7ImplicitNullCheckStub@@6B@
??_7InflatedMonitorsClosure@@6B@
??_7InitializeNode@@6B@
??_7InlineCallGenerator@@6B@
??_7InstanceConstant@@6B@

Sections

.text
Size: 5.7MB - Virtual size: 5.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 113KB - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 310KB - Virtual size: 309KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 141KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
情况说明/__init__/bin/verify.dll
.dll windows:4 windows x64 arch:x64

037587b977f5d1ff64701e98adbce6b1

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

4b:bb:e0:d8:25:7c:d9:71:1a:1b:57:e6:bb:9c:66:0f
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

06/07/2012, 00:00

Not After

18/07/2015, 23:59

Subject

CN=Sun Microsystems\, Inc.,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Sun Microsystems,O=Sun Microsystems\, Inc.,L=Palo Alto,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

c5:d7:69:81:f3:8b:49:4d:7d:12:65:13:a9:32:b7:5d:24:a0:f0:a3
Signer

Actual PE Digest

c5:d7:69:81:f3:8b:49:4d:7d:12:65:13:a9:32:b7:5d:24:a0:f0:a3

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\BUILD_~1\jdk6_45\control\build\WINDOW~1\tmp\java\verify\obj64\verify.pdb

Imports

jvm

JVM_GetCPMethodClassNameUTF
JVM_IsInterface
JVM_IsSameClassPackage
JVM_GetCPMethodModifiers
JVM_GetCPFieldModifiers
JVM_GetCPMethodSignatureUTF
JVM_GetCPFieldSignatureUTF
JVM_GetCPMethodNameUTF
JVM_GetMethodIxLocalsCount
JVM_GetCPFieldClassNameUTF
JVM_GetMethodIxExceptionTableLength
JVM_GetMethodIxMaxStack
JVM_GetMethodIxExceptionIndexes
JVM_GetMethodIxExceptionsCount
JVM_GetClassMethodsCount
JVM_GetClassFieldsCount
JVM_GetClassCPTypes
JVM_GetClassCPEntriesCount
jio_fprintf
JVM_GetCPClassNameUTF
JVM_GetMethodIxArgsSize
JVM_GetMethodIxModifiers
JVM_IsConstructorIx
JVM_GetMethodIxByteCodeLength
JVM_GetMethodIxByteCode
JVM_GetFieldIxModifiers
JVM_FindClassFromClass
jio_vsnprintf
JVM_GetClassNameUTF
JVM_GetMethodIxNameUTF
JVM_GetMethodIxSignatureUTF
jio_snprintf
JVM_GetMethodIxExceptionTableEntry
JVM_ReleaseUTF

msvcrt

_initterm
_iob
_setjmp
strchr
memcpy
memset
strcmp
strlen
strcpy
calloc
malloc
longjmp
_assert
free

kernel32

GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
Sleep
DisableThreadLibraryCalls
QueryPerformanceCounter

Exports

Exports

VerifyClass
VerifyClassForMajorVersion
VerifyClassname
VerifyFixClassname

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 552B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
情况说明/__init__/bin/zip.dll
.dll windows:4 windows x64 arch:x64

cb269bae0b5410f76ea38a3a41f4e883

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

4b:bb:e0:d8:25:7c:d9:71:1a:1b:57:e6:bb:9c:66:0f
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

06/07/2012, 00:00

Not After

18/07/2015, 23:59

Subject

CN=Sun Microsystems\, Inc.,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Sun Microsystems,O=Sun Microsystems\, Inc.,L=Palo Alto,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:b7:a8:39:04:c1:3a:49:1d:26:aa:73:d1:ce:35:84:00:79:5a:27
Signer

Actual PE Digest

0e:b7:a8:39:04:c1:3a:49:1d:26:aa:73:d1:ce:35:84:00:79:5a:27

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\BUILD_~1\jdk6_45\control\build\WINDOW~1\tmp\sun\java.util.zip\zip\obj64\zip.pdb

Imports

java

jio_fprintf
handleLseek
handleRead
JNU_ThrowIOExceptionWithLastError
JNU_GetStringPlatformChars
winFileHandleOpen
JNU_ReleaseStringPlatformChars
JNU_NewStringPlatform
JNU_NewObjectByName
JNU_ThrowByName
JNU_ThrowInternalError
JNU_ThrowOutOfMemoryError
JNU_ThrowIllegalArgumentException

jvm

JVM_RawMonitorCreate
JVM_RawMonitorEnter
JVM_NativePath
JVM_RawMonitorDestroy
JVM_GetLastErrorString
JVM_RawMonitorExit

msvcrt

strcmp
realloc
memcpy
malloc
_errno
_assert
calloc
free
_initterm
strerror
_iob
strlen
sprintf
strcpy
memset
_strdup

kernel32

CloseHandle
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
DisableThreadLibraryCalls
Sleep
CreateFileA

Exports

Exports

Java_java_util_jar_JarFile_getMetaInfEntryNames
Java_java_util_zip_Adler32_update
Java_java_util_zip_Adler32_updateBytes
Java_java_util_zip_CRC32_update
Java_java_util_zip_CRC32_updateBytes
Java_java_util_zip_Deflater_deflateBytes
Java_java_util_zip_Deflater_end
Java_java_util_zip_Deflater_getAdler
Java_java_util_zip_Deflater_getBytesRead
Java_java_util_zip_Deflater_getBytesWritten
Java_java_util_zip_Deflater_init
Java_java_util_zip_Deflater_initIDs
Java_java_util_zip_Deflater_reset
Java_java_util_zip_Deflater_setDictionary
Java_java_util_zip_Inflater_end
Java_java_util_zip_Inflater_getAdler
Java_java_util_zip_Inflater_getBytesRead
Java_java_util_zip_Inflater_getBytesWritten
Java_java_util_zip_Inflater_inflateBytes
Java_java_util_zip_Inflater_init
Java_java_util_zip_Inflater_initIDs
Java_java_util_zip_Inflater_reset
Java_java_util_zip_Inflater_setDictionary
Java_java_util_zip_ZipEntry_initFields
Java_java_util_zip_ZipEntry_initIDs
Java_java_util_zip_ZipFile_close
Java_java_util_zip_ZipFile_freeEntry
Java_java_util_zip_ZipFile_getCSize
Java_java_util_zip_ZipFile_getEntry
Java_java_util_zip_ZipFile_getMethod
Java_java_util_zip_ZipFile_getNextEntry
Java_java_util_zip_ZipFile_getSize
Java_java_util_zip_ZipFile_getTotal
Java_java_util_zip_ZipFile_getZipMessage
Java_java_util_zip_ZipFile_initIDs
Java_java_util_zip_ZipFile_open
Java_java_util_zip_ZipFile_read
ZIP_CRC32
ZIP_Close
ZIP_FindEntry
ZIP_GetNextEntry
ZIP_Open
ZIP_ReadEntry

Sections

.text
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 920B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 224B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
情况说明/__init__/lib/Thumbs.db
情况说明/__init__/lib/amd64/jvm.cfg
情况说明/__init__/lib/charsets.jar
.jar
情况说明/__init__/lib/jcc.jar
.jar
情况说明/__init__/lib/lzma.dll
情况说明/__init__/lib/rt.jar
.jar
情况说明/__init__/lib/splash.gif
情况说明/__init__/lib/tools.jar
.jar
情况说明/__init__/note.docx
.doc .docx windows office2003
情况说明/情况说明.docx.lnk
.lnk

Sharing

General

Malware Config

Signatures

Files

1c292d94a2f6d08f731c8bce0d1deb9a

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate

Extended Key Usages

Key Usages

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate

Extended Key Usages

Key Usages

4b:bb:e0:d8:25:7c:d9:71:1a:1b:57:e6:bb:9c:66:0fCertificate

Extended Key Usages

Key Usages

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7Certificate

Extended Key Usages

Key Usages

e8:4f:97:f4:76:60:2a:dc:b4:3c:7c:10:7c:fb:76:14:a4:41:98:fbSigner

Headers

File Characteristics

PDB Paths

Imports

java

advapi32

msvcrt

kernel32

Exports

Exports

Sections

.text Size: 5KB - Virtual size: 4KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 512B - Virtual size: 1KB

.pdata Size: 512B - Virtual size: 252B

.rsrc Size: 1024B - Virtual size: 936B

.reloc Size: 512B - Virtual size: 72B

ba6cee0482b3115da6acdd2e07a6fc20

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate

Extended Key Usages

Key Usages

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate

Extended Key Usages

Key Usages

4b:bb:e0:d8:25:7c:d9:71:1a:1b:57:e6:bb:9c:66:0fCertificate

Extended Key Usages

Key Usages

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7Certificate

Extended Key Usages

Key Usages

1c:a0:33:85:64:d3:82:e8:96:90:e7:a2:75:6a:9b:08:88:7e:8a:6bSigner

Headers

File Characteristics

PDB Paths

Imports

jvm

verify

advapi32

msvcrt

kernel32

Exports

Exports

Sections

.text Size: 85KB - Virtual size: 84KB

.rdata Size: 38KB - Virtual size: 38KB

.data Size: 8KB - Virtual size: 10KB

.pdata Size: 3KB - Virtual size: 3KB

.rsrc Size: 1024B - Virtual size: 928B

.reloc Size: 1KB - Virtual size: 1KB

158c0e11d086f70c49323b359555b690

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate

Extended Key Usages

Key Usages

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate

Extended Key Usages

Key Usages

4b:bb:e0:d8:25:7c:d9:71:1a:1b:57:e6:bb:9c:66:0fCertificate

Extended Key Usages

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

4b:bb:e0:d8:25:7c:d9:71:1a:1b:57:e6:bb:9c:66:0f
Certificate

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

e8:4f:97:f4:76:60:2a:dc:b4:3c:7c:10:7c:fb:76:14:a4:41:98:fb
Signer

.text
Size: 5KB - Virtual size: 4KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 512B - Virtual size: 1KB

.pdata
Size: 512B - Virtual size: 252B

.rsrc
Size: 1024B - Virtual size: 936B

.reloc
Size: 512B - Virtual size: 72B

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

4b:bb:e0:d8:25:7c:d9:71:1a:1b:57:e6:bb:9c:66:0f
Certificate

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

1c:a0:33:85:64:d3:82:e8:96:90:e7:a2:75:6a:9b:08:88:7e:8a:6b
Signer

.text
Size: 85KB - Virtual size: 84KB

.rdata
Size: 38KB - Virtual size: 38KB

.data
Size: 8KB - Virtual size: 10KB

.pdata
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 1024B - Virtual size: 928B

.reloc
Size: 1KB - Virtual size: 1KB

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

4b:bb:e0:d8:25:7c:d9:71:1a:1b:57:e6:bb:9c:66:0f
Certificate

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

c1:95:10:c5:cc:ee:78:eb:9a:4a:98:ca:cf:ea:1d:4a:2a:e3:a1:aa
Signer

.text
Size: 89KB - Virtual size: 88KB

.rdata
Size: 26KB - Virtual size: 25KB

.data
Size: 9KB - Virtual size: 17KB

.pdata
Size: 5KB - Virtual size: 4KB

.rsrc
Size: 32KB - Virtual size: 32KB

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

4b:bb:e0:d8:25:7c:d9:71:1a:1b:57:e6:bb:9c:66:0f
Certificate

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

f8:91:c1:e3:70:e3:a0:2d:f9:45:19:38:ea:11:dc:d6:e0:16:d5:92
Signer

.text
Size: 89KB - Virtual size: 88KB

.rdata
Size: 26KB - Virtual size: 25KB

.data
Size: 9KB - Virtual size: 17KB

.pdata
Size: 5KB - Virtual size: 4KB

.rsrc
Size: 32KB - Virtual size: 32KB

.text
Size: 266KB - Virtual size: 266KB

.rdata
Size: 60KB - Virtual size: 60KB

.data
Size: 8KB - Virtual size: 16KB

.pdata
Size: 14KB - Virtual size: 14KB

_SETJMP_
Size: 512B - Virtual size: 24B

.rsrc
Size: 1024B - Virtual size: 952B

.reloc
Size: 2KB - Virtual size: 1KB

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate