f2b5b88d9575e52ab9eca22534d8b25b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f2b5b88d9575e52ab9eca22534d8b25b_JaffaCakes118
Size

19.4MB
MD5

f2b5b88d9575e52ab9eca22534d8b25b
SHA1

b5563f6e0549d0ff3670f3a19df16bcfacfebca2
SHA256

f532e92c4e886e36b4def4a836097c7557b12b246977fe669129cc42f187e9ee
SHA512

62054e8a3d88c80acced965df081b363737092135f7f34d632c5c496c68a93e005c9cc3357844cdaf4f2d2ee1f9ab4d9aa2f09e6988da851747bbaf8c6b9aa9b
SSDEEP

393216:kNIdR/fLp12PHNEyP1BrnBtpkfofhrhaWdS0B+zm1V:5RnLp121JPXnBtpkf2kW5+zm1V

Score

3^/10

Malware Config

Signatures

Unsigned PE 10 IoCs

Checks for missing Authenticode signature.

resource
unpack001/$PLUGINSDIR/InstallOptions.dll
unpack001/$PLUGINSDIR/UAC.dll
unpack001/ATextOut64.dll
unpack001/GameCaptureHook.dll
unpack001/GameCaptureHook64.dll
unpack001/IconPack/OldIconPack.dll
unpack001/IconPack/PotIconsNew.dll
unpack001/LogManager.exe
unpack001/PotIcons64.dll
unpack001/ffcodec64.dll

Files

f2b5b88d9575e52ab9eca22534d8b25b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

32f3282581436269b3a75b6675fe3e08

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

6f:f3:35:a7:1a:f0:39:11:f5:46:68:dc:cc:13:44:1c
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

01/10/2015, 00:00

Not After

30/12/2016, 23:59

Subject

CN=Daum Kakao Corp.,O=Daum Kakao Corp.,L=Jeju-si,ST=Jeju-do,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileTime
CompareFileTime
SearchPathW
GetShortPathNameW
GetFullPathNameW
MoveFileW
SetCurrentDirectoryW
GetFileAttributesW
GetLastError
CreateDirectoryW
SetFileAttributesW
Sleep
GetTickCount
CreateFileW
GetFileSize
GetModuleFileNameW
GetCurrentProcess
CopyFileW
ExitProcess
GetWindowsDirectoryW
GetTempPathW
GetCommandLineW
SetErrorMode
CloseHandle
lstrlenW
lstrcpynW
GetDiskFreeSpaceW
GlobalUnlock
GlobalLock
CreateThread
LoadLibraryW
CreateProcessW
lstrcmpiA
GetTempFileNameW
lstrcatW
GetProcAddress
LoadLibraryA
GetModuleHandleA
OpenProcess
lstrcpyW
GetVersionExW
GetSystemDirectoryW
GetVersion
lstrcpyA
RemoveDirectoryW
lstrcmpA
lstrcmpiW
lstrcmpW
ExpandEnvironmentStringsW
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GlobalFree
GetModuleHandleW
LoadLibraryExW
FreeLibrary
WritePrivateProfileStringW
GetPrivateProfileStringW
WideCharToMultiByte
lstrlenA
MulDiv
WriteFile
ReadFile
MultiByteToWideChar
SetFilePointer
FindClose
FindNextFileW
FindFirstFileW
DeleteFileW
lstrcpynA

user32

GetAsyncKeyState
IsDlgButtonChecked
ScreenToClient
GetMessagePos
CallWindowProcW
IsWindowVisible
LoadBitmapW
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
TrackPopupMenu
GetWindowRect
AppendMenuW
CreatePopupMenu
GetSystemMetrics
EndDialog
EnableMenuItem
GetSystemMenu
SetClassLongW
IsWindowEnabled
SetWindowPos
DialogBoxParamW
CheckDlgButton
CreateWindowExW
SystemParametersInfoW
RegisterClassW
SetDlgItemTextW
GetDlgItemTextW
MessageBoxIndirectW
CharNextA
CharUpperW
CharPrevW
wvsprintfW
DispatchMessageW
PeekMessageW
wsprintfA
DestroyWindow
CreateDialogParamW
SetTimer
SetWindowTextW
PostQuitMessage
SetForegroundWindow
ShowWindow
wsprintfW
SendMessageTimeoutW
LoadCursorW
SetCursor
GetWindowLongW
GetSysColor
CharNextW
GetClassInfoW
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongW
LoadImageW
GetDC
EnableWindow
InvalidateRect
SendMessageW
DefWindowProcW
BeginPaint
GetClientRect
FillRect
DrawTextW
EndPaint
FindWindowExW

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectW
SetBkMode
SetTextColor
SelectObject

shell32

SHBrowseForFolderW
SHGetPathFromIDListW
SHGetFileInfoW
ShellExecuteW
SHFileOperationW
SHGetSpecialFolderLocation

advapi32

RegEnumKeyW
RegOpenKeyExW
RegCloseKey
RegDeleteKeyW
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
RegQueryValueExW
RegEnumValueW

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 415KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 852KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/InstallOptions.dll
.dll windows:5 windows x86 arch:x86

cd90e33ffbc335413a25300c682c83df

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcmpiW
GetModuleHandleW
GlobalLock
GlobalUnlock
GetCurrentDirectoryW
SetCurrentDirectoryW
GetPrivateProfileIntW
GetPrivateProfileStringW
lstrcatW
WritePrivateProfileStringW
lstrcpynW
lstrlenW
lstrcpyW
GlobalFree
GlobalAlloc

user32

OpenClipboard
DestroyIcon
LoadCursorW
DispatchMessageW
TranslateMessage
GetMessageW
IsDialogMessageW
ShowWindow
SetWindowLongW
GetClientRect
SetWindowRgn
LoadIconW
LoadImageW
CreateWindowExW
MapDialogRect
GetClipboardData
GetWindowRect
CreateDialogParamW
EnableMenuItem
GetSystemMenu
EnableWindow
GetDlgItem
SetCursor
DrawTextW
GetWindowLongW
DrawFocusRect
CallWindowProcW
PostMessageW
wsprintfW
CharNextW
MessageBoxW
CloseClipboard
GetDlgCtrlID
MapWindowPoints
SetWindowPos
PtInRect
GetWindowTextW
SetWindowTextW
SendMessageW
DestroyWindow

gdi32

SelectObject
CreateRectRgn
GetObjectW
CombineRgn
DeleteObject
CreateCompatibleDC
GetDIBits
SetTextColor

shell32

SHBrowseForFolderW
SHGetPathFromIDListW
ShellExecuteW
SHGetDesktopFolder

comdlg32

GetOpenFileNameW
CommDlgExtendedError
GetSaveFileNameW

ole32

CoTaskMemFree

Exports

Exports

dialog
initDialog
show

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/UAC.dll
.dll windows:5 windows x86 arch:x86

e02b24cfd7b5c55e4686d868682e10f4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateProcessW
lstrlenW
lstrcpynW
lstrcmpiW
GetVersionExW
GetCurrentThreadId
LoadLibraryW
GetProcAddress
LoadLibraryA
GetLastError
WaitForSingleObject
DuplicateHandle
Sleep
GetCurrentProcessId
CreateThread
GetCommandLineW
FreeLibrary
OpenProcess
FormatMessageW
LocalFree
CloseHandle
SetLastError
GetModuleFileNameW
GetPrivateProfileIntW
GetPrivateProfileStringW
GetModuleHandleW
GlobalFree
GetExitCodeProcess
GlobalAlloc

user32

DialogBoxParamW
CharNextW
UnhookWindowsHookEx
CallNextHookEx
GetClassNameW
SetWindowsHookExW
SendMessageTimeoutW
WaitForInputIdle
DefWindowProcW
PostMessageW
GetLastActivePopup
PostQuitMessage
SetForegroundWindow
DispatchMessageW
GetMessageW
CreateWindowExW
RegisterClassW
UnregisterClassW
GetWindowTextW
TranslateMessage
IsDialogMessageW
PeekMessageW
MsgWaitForMultipleObjects
IsWindow
GetWindowThreadProcessId
MessageBoxW
SetWindowLongW
LoadImageW
DestroyWindow
GetWindowLongW
EnableWindow
ShowWindow
SetWindowTextW
wsprintfW
LoadStringW
GetDlgItem
SendMessageW
EndDialog

advapi32

RegCloseKey
QueryServiceStatus
OpenServiceW
CloseServiceHandle
OpenSCManagerW
OpenProcessToken
RegQueryValueExW
RegOpenKeyExW

shell32

ShellExecuteExW

ole32

CoInitialize
CoUninitialize

Exports

Exports

Exec
ExecCodeSegment
ExecWait
GetElevationType
GetOuterHwnd
GetShellFolderPath
IsAdmin
RunElevated
ShellExec
ShellExecWait
StackPush
SupportsUAC
Unload

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 116B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 896B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ioSpecial.ini
$PLUGINSDIR/modern-header.bmp
$PLUGINSDIR/modern-wizard.bmp
$PLUGINSDIR/potple.bmp
ATextOut64.dll
.dll windows:6 windows x64 arch:x64

f76ea39bf433a18ae7304f0735f30925

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\MyProject\Street2008\ExtraProgram\FreeTypeTextOut\x64\Release\ATextOut64.pdb

Imports

gdi32

GetTextExtentExPointI
GetTextExtentPoint32A
GetTextExtentPoint32W
BeginPath
GetGlyphIndicesW
GetFontData
CreateCompatibleDC
SelectObject
CreateFontIndirectW
DeleteDC
DeleteObject
CreateSolidBrush
GetCurrentPositionEx
CreateDIBSection
GetDeviceCaps
MaskBlt
BitBlt
MoveToEx
GetObjectW
GetOutlineTextMetricsW
GetPaletteEntries
GetCurrentObject
GetDIBits
GetTextColor
GetTextAlign
GetBkColor
GetTextCharacterExtra
GetTextExtentExPointA
AbortPath
GetMapMode
ExtTextOutW
EndPath
GetTextExtentPointI
GetTextExtentExPointW
GetBkMode

kernel32

HeapAlloc
HeapFree
GetProcessHeap
TlsGetValue
TlsSetValue
TlsAlloc
TlsFree
FreeLibrary
LoadLibraryW
GetProcAddress
MulDiv
MultiByteToWideChar
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
SetEndOfFile
CreateFileW
WriteConsoleW
GetConsoleCP
FlushFileBuffers
SetStdHandle
LoadLibraryExW
HeapReAlloc
DeleteCriticalSection
IsDebuggerPresent
DecodePointer
GetLastError
RaiseException
InitializeCriticalSectionEx
GetCurrentThread
GetCurrentProcess
VirtualQuery
SetLastError
GetModuleHandleW
VirtualProtect
VirtualAlloc
GetCurrentThreadId
ResumeThread
FlushInstructionCache
SetThreadContext
GetThreadContext
OutputDebugStringA
SuspendThread
OutputDebugStringW
WideCharToMultiByte
GetStringTypeW
EncodePointer
GetCommandLineA
RtlUnwindEx
ReadFile
RtlPcToFileHeader
RtlLookupFunctionEntry
GetCPInfo
IsProcessorFeaturePresent
RtlCaptureContext
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
TerminateProcess
GetStartupInfoW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
ExitProcess
GetModuleHandleExW
AreFileApisANSI
HeapSize
IsValidCodePage
GetACP
GetOEMCP
GetStdHandle
GetFileType
GetModuleFileNameA
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
CloseHandle
GetConsoleMode
ReadConsoleW
SetFilePointerEx
WriteFile
GetModuleFileNameW

user32

IsRectEmpty
FillRect
IntersectRect
DrawTextExW
DrawTextExA

advapi32

RegDeleteValueA
RegFlushKey
RegCloseKey
RegQueryInfoKeyW
RegEnumValueW
RegOpenKeyExW
RegDeleteValueW

Exports

Exports

FT_Done_Face
FT_Done_FreeType
FT_Done_Glyph
FT_Get_Char_Index
FT_Get_Glyph
FT_Get_Sfnt_Table
FT_GlyphSlot_Oblique
FT_Glyph_Copy
FT_Glyph_To_Bitmap
FT_Init_FreeType
FT_Load_Glyph
FT_MulFix
FT_New_Face
FT_New_Memory_Face
FT_Open_Face
FT_Outline_Decompose
FT_Outline_Embolden
FT_Outline_Get_Orientation
FT_Outline_Transform
FT_Render_Glyph
FT_Request_Size
FT_Set_Char_Size
FT_Set_Charmap
FT_Set_Pixel_Sizes
FinalTextOut
InitTextOut

Sections

.text
Size: 579KB - Virtual size: 579KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 239KB - Virtual size: 239KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 648B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Alarm.wav
CmdLine.txt
D3DCompiler_43.dll
.dll windows:6 windows x64 arch:x64

87e48ad40a89f4f6e1404989a85ca976

Code Sign

2e:ab:11:dc:50:ff:5c:9d:cb:c0
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

22/08/2007, 22:31

Not After

25/08/2012, 07:00

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:01:cf:3e:00:00:00:00:00:0f
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07/12/2009, 22:40

Not After

07/03/2011, 22:40

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16/09/2006, 01:04

Not After

15/09/2019, 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:06:94:2d:00:00:00:00:00:09
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

25/07/2008, 19:02

Not After

25/07/2013, 19:12

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:7A82-688A-9F92,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

94:57:86:d0:6e:0d:5e:e4:4f:3c:0e:99:a0:27:2e:c8:c5:7d:19:86
Signer

Actual PE Digest

94:57:86:d0:6e:0d:5e:e4:4f:3c:0e:99:a0:27:2e:c8:c5:7d:19:86

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D3DCompiler_43.pdb

Imports

msvcrt

??1type_info@@UEAA@XZ
?terminate@@YAXXZ
_unlock
__dllonexit
_lock
_onexit
_CxxThrowException
memset
memcpy
__C_specific_handler
_amsg_exit
_initterm
_XcptFilter
_strtoui64
isxdigit
atof
setlocale
_strdup
_mbstrlen
modf
isalnum
_isnan
_finite
strrchr
_clearfp
_controlfp
_strnicmp
_fpclass
_purecall
strncmp
isspace
strstr
strchr
getenv
_stricmp
memmove
qsort
isalpha
toupper
atoi
isdigit
tolower
free
malloc
??2@YAPEAX_K@Z
??3@YAXPEAX@Z
_vsnprintf
__CxxFrameHandler
floor
fmod
memcmp
acos
asin
atan
atan2
ceil
cos
cosh
exp
log
pow
sin
sinh
sqrt
tan
tanh
floorf

gdi32

DeleteObject

kernel32

GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
CloseHandle
UnmapViewOfFile
DeleteCriticalSection
UnhandledExceptionFilter
GetSystemInfo
VirtualAlloc
VirtualFree
GetLastError
MultiByteToWideChar
WideCharToMultiByte
GetFullPathNameA
HeapCreate
OutputDebugStringA
GetProcAddress
LoadLibraryA
GetModuleHandleA
lstrcmpiA
GetProcessHeap
HeapFree
HeapAlloc
TlsFree
TlsGetValue
HeapDestroy
TlsSetValue
TlsAlloc
FreeLibrary
Sleep
VirtualProtect
DisableThreadLibraryCalls
InitializeCriticalSection
SetUnhandledExceptionFilter

Exports

Exports

D3DAssemble
D3DCompile
D3DCompressShaders
D3DCreateBlob
D3DDecompressShaders
D3DDisassemble
D3DDisassemble10Effect
D3DGetBlobPart
D3DGetDebugInfo
D3DGetInputAndOutputSignatureBlob
D3DGetInputSignatureBlob
D3DGetOutputSignatureBlob
D3DPreprocess
D3DReflect
D3DReturnFailure1
D3DStripShader
DebugSetMute

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
DChat64.dll
.dll windows:6 windows x64 arch:x64

9793d478d2ab96a2b33ab770278148e0

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:6a:e1:6f:76:f3:1a:25:55:7b:14:a2:4c:09:05:d0
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

12/12/2014, 00:00

Not After

12/12/2015, 23:59

Subject

CN=Daum Kakao Corp.,O=Daum Kakao Corp.,L=Jeju-si,ST=Jeju-do,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\MyProject\Street2008\ExtraProgram\DChat\x64\Release\DChat.pdb

Imports

ws2_32

connect
inet_ntoa
select
setsockopt
socket
__WSAFDIsSet
WSASetLastError
closesocket
gethostbyname
getsockopt
ioctlsocket
inet_addr
WSAGetLastError
htons
recv
send

wininet

InternetCloseHandle
InternetOpenA
HttpSendRequestA
HttpAddRequestHeadersA
HttpOpenRequestA
InternetSetOptionW
InternetReadFile
InternetConnectA
HttpQueryInfoA

kernel32

CreateFileW
FlushFileBuffers
ReadConsoleW
ReadFile
WriteConsoleW
SetStdHandle
LCMapStringW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetModuleFileNameA
GetFileType
GetModuleFileNameW
WriteFile
GetStdHandle
HeapReAlloc
HeapAlloc
HeapFree
GetProcessHeap
InitializeCriticalSectionAndSpinCount
HeapDestroy
RaiseException
GetLastError
HeapSize
DeleteCriticalSection
FindResourceExW
FindResourceW
LoadResource
WaitForSingleObject
WideCharToMultiByte
SizeofResource
MultiByteToWideChar
LockResource
CloseHandle
OutputDebugStringA
SetEvent
OutputDebugStringW
ResetEvent
CreateEventW
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
Sleep
GetModuleHandleW
GetProcAddress
LoadLibraryW
IsDebuggerPresent
GetStringTypeW
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
CreateThread
GetCurrentThreadId
ExitThread
LoadLibraryExW
IsProcessorFeaturePresent
GetCommandLineA
RtlUnwindEx
ExitProcess
GetModuleHandleExW
SetLastError
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
RtlPcToFileHeader

user32

PostMessageW

Exports

Exports

GetFunction

Sections

.text
Size: 180KB - Virtual size: 180KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
DTDrop64.exe
.exe windows:5 windows x64 arch:x64

2707475953712e54f1880582ad834fe2

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:6a:e1:6f:76:f3:1a:25:55:7b:14:a2:4c:09:05:d0
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

12/12/2014, 00:00

Not After

12/12/2015, 23:59

Subject

CN=Daum Kakao Corp.,O=Daum Kakao Corp.,L=Jeju-si,ST=Jeju-do,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\MyProject\Street2008\ExtraProgram\DropTarget\x64\Release_EXE\DTDrop64.pdb

Imports

kernel32

HeapReAlloc
HeapFree
HeapSize
GetProcessHeap
RaiseException
GetLastError
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
SetEvent
WaitForSingleObject
LoadResource
SizeofResource
CloseHandle
CreateEventW
GetModuleFileNameW
HeapAlloc
GetCommandLineW
FindResourceW
FindResourceExW
GetTempPathW
DeleteFileW
MultiByteToWideChar
WideCharToMultiByte
InitializeCriticalSection
LoadLibraryW
IsDebuggerPresent
OutputDebugStringW
EnterCriticalSection
LeaveCriticalSection
HeapDestroy
GlobalFree
GlobalUnlock
GlobalLock
GetProcAddress
GetModuleHandleW
LockResource
LCMapStringW
GetStringTypeW
LoadLibraryExW
WriteConsoleW
SetEndOfFile
SetStdHandle
GetCPInfo
FlushFileBuffers
GetOEMCP
RtlPcToFileHeader
RtlLookupFunctionEntry
RtlUnwindEx
CreateFileW
GetFileType
ReadFile
GetConsoleMode
ReadConsoleW
WriteFile
GetConsoleCP
SetFilePointerEx
SetLastError
GetCurrentThreadId
ExitProcess
GetModuleHandleExW
GetStdHandle
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
RtlCaptureContext
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
IsProcessorFeaturePresent
IsValidCodePage
GetACP

advapi32

RegOpenKeyExW
RegEnumKeyExW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey
RegSetValueExW

ole32

CoResumeClassObjects
CoRegisterClassObject
CoInitializeEx
CoUninitialize
CoRevokeClassObject
CoAddRefServerProcess
CLSIDFromString
CoReleaseServerProcess

shell32

ShellExecuteW
DragQueryFileW

oleaut32

SysFreeString
SysAllocString

shlwapi

PathFileExistsW

Sections

.text
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
D_Exec64.exe
.exe windows:5 windows x64 arch:x64

8468568eb9bb7e6441c90aa5863cee3e

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:6a:e1:6f:76:f3:1a:25:55:7b:14:a2:4c:09:05:d0
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

12/12/2014, 00:00

Not After

12/12/2015, 23:59

Subject

CN=Daum Kakao Corp.,O=Daum Kakao Corp.,L=Jeju-si,ST=Jeju-do,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\build\Street\Street_2008\D_Exec\x64\Release\D_Exec64.pdb

Imports

kernel32

GetVersionExA
FreeLibrary
CloseHandle
LocalFree
GetCurrentProcess
GetProcAddress
LoadLibraryA
WinExec
GetCommandLineA
GetStartupInfoA
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetModuleHandleW
Sleep
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
RtlUnwindEx
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
EncodePointer
DecodePointer
FlsGetValue
FlsSetValue
FlsFree
SetLastError
GetCurrentThreadId
FlsAlloc
HeapSetInformation
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSectionAndSpinCount
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapFree
HeapSize
GetLocaleInfoA
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
HeapAlloc
HeapReAlloc

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 576B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
DaumCrashHandler64.dll
.dll windows:6 windows x64 arch:x64

f1bb6adf3dc96585af7a52433020ad0f

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

6f:f3:35:a7:1a:f0:39:11:f5:46:68:dc:cc:13:44:1c
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

01/10/2015, 00:00

Not After

30/12/2016, 23:59

Subject

CN=Daum Kakao Corp.,O=Daum Kakao Corp.,L=Jeju-si,ST=Jeju-do,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\MyProject\StreetPlayer\ExtraProgram\DaumCrashHandler\x64\Release\DaumCrashHandler64.pdb

Imports

shlwapi

PathFindExtensionA
PathRemoveExtensionA
wnsprintfA

kernel32

HeapSize
FlushFileBuffers
lstrlenA
CreateFileA
WriteFile
OutputDebugStringA
CloseHandle
RaiseException
SetUnhandledExceptionFilter
GetLastError
HeapAlloc
HeapFree
GetProcessHeap
DeleteCriticalSection
GetCurrentProcess
GetCurrentThread
VirtualQuery
ReadProcessMemory
FreeLibrary
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
FormatMessageA
lstrcmpiA
lstrcpynA
lstrcpyA
LoadLibraryA
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
IsBadStringPtrA
GetVersionExA
TerminateProcess
GetCurrentThreadId
GetLocalTime
CreateFileW
GetCurrentProcessId
IsBadStringPtrW
FileTimeToLocalFileTime
GetFileInformationByHandle
FileTimeToSystemTime
MultiByteToWideChar
WideCharToMultiByte
GetACP
CreateToolhelp32Snapshot
Module32First
Module32Next
InitializeCriticalSection
GetModuleHandleW
LoadLibraryW
RtlUnwindEx
RtlLookupFunctionEntry
GetCommandLineA
IsDebuggerPresent
IsProcessorFeaturePresent
ExitProcess
GetModuleHandleExW
AreFileApisANSI
WriteConsoleW
IsValidCodePage
GetOEMCP
GetCPInfo
SetLastError
RtlPcToFileHeader
GetFileAttributesExW
EnterCriticalSection
LeaveCriticalSection
GetStdHandle
GetFileType
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
RtlCaptureContext
RtlVirtualUnwind
UnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleFileNameW
LoadLibraryExW
HeapReAlloc
GetStringTypeW
GetConsoleCP
GetConsoleMode
SetFilePointerEx
OutputDebugStringW
LCMapStringW
SetStdHandle
LocalFree

user32

MessageBoxA
wsprintfA

ole32

CoCreateInstance
CoInitialize
CoUninitialize

oleaut32

VariantClear
SysFreeString
SysAllocString

Exports

Exports

GetDumpFilePath
GetReportFilePath
GetZipFilePath
IgnoreMessageBox
ResetCrashHandler
SetCrashHandler
SetDumpFilePath
SetEmailConf
SetReportFilePath
SetZipFilePath
defaultExceptionCallBack

Sections

.text
Size: 78KB - Virtual size: 77KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 880B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
DesktopHook.dll
.dll windows:5 windows x86 arch:x86

7b8a088c1175d13f4bfb95cd420173b8

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:6a:e1:6f:76:f3:1a:25:55:7b:14:a2:4c:09:05:d0
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

12/12/2014, 00:00

Not After

12/12/2015, 23:59

Subject

CN=Daum Kakao Corp.,O=Daum Kakao Corp.,L=Jeju-si,ST=Jeju-do,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\MyProject\Street2008\ExtraProgram\DesktopHook\Release\DesktopHook.pdb

Imports

kernel32

CloseHandle
WriteConsoleW
SetFilePointerEx
SetStdHandle
GetConsoleMode
GetConsoleCP
LCMapStringW
GetModuleFileNameW
FlushFileBuffers
LoadLibraryW
IsDebuggerPresent
IsProcessorFeaturePresent
GetCommandLineA
GetCurrentThreadId
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetModuleHandleW
GetProcAddress
GetLastError
EncodePointer
DecodePointer
ExitProcess
GetModuleHandleExW
MultiByteToWideChar
WideCharToMultiByte
GetProcessHeap
GetStdHandle
GetFileType
DeleteCriticalSection
GetModuleFileNameA
HeapFree
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
EnterCriticalSection
LeaveCriticalSection
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
WriteFile
LoadLibraryExW
RtlUnwind
HeapAlloc
HeapReAlloc
GetStringTypeW
OutputDebugStringW
HeapSize
CreateFileW

user32

CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetWindowThreadProcessId
GetClassNameW
FindWindowW
EnumChildWindows
SetWindowLongW
FillRect
InvalidateRect
CallWindowProcW
PostMessageW
SendMessageW

gdi32

CreateSolidBrush
DeleteObject

Exports

Exports

CloseDesktopHook
Function
OpenDesktopHook

Sections

.text
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
DesktopHook.exe
.exe windows:5 windows x86 arch:x86

c2bdb635c90e9fb6ba3713214c318b6f

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:6a:e1:6f:76:f3:1a:25:55:7b:14:a2:4c:09:05:d0
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

12/12/2014, 00:00

Not After

12/12/2015, 23:59

Subject

CN=Daum Kakao Corp.,O=Daum Kakao Corp.,L=Jeju-si,ST=Jeju-do,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\MyProject\Street2008\ExtraProgram\DesktopHook\ReleaseEXE\DesktopHook.pdb

Imports

kernel32

FreeLibrary
GetProcAddress
LoadLibraryW
CloseHandle
WriteConsoleW
GetCommandLineW
GetLastError
SetLastError
GetCurrentThreadId
EncodePointer
DecodePointer
ExitProcess
GetModuleHandleExW
MultiByteToWideChar
WideCharToMultiByte
GetProcessHeap
GetStdHandle
GetFileType
DeleteCriticalSection
GetStartupInfoW
GetModuleFileNameW
WriteFile
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
IsDebuggerPresent
IsProcessorFeaturePresent
EnterCriticalSection
LeaveCriticalSection
HeapFree
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
LoadLibraryExW
RtlUnwind
OutputDebugStringW
GetStringTypeW
HeapAlloc
HeapReAlloc
HeapSize
LCMapStringW
FlushFileBuffers
GetConsoleCP
GetConsoleMode
ReadFile
ReadConsoleW
SetStdHandle
SetFilePointerEx
CreateFileW

user32

IsWindow

Sections

.text
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
DesktopHook64.dll
.dll windows:5 windows x64 arch:x64

149776929fd4eedb7447c38590d217e7

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:6a:e1:6f:76:f3:1a:25:55:7b:14:a2:4c:09:05:d0
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

12/12/2014, 00:00

Not After

12/12/2015, 23:59

Subject

CN=Daum Kakao Corp.,O=Daum Kakao Corp.,L=Jeju-si,ST=Jeju-do,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\MyProject\Street2008\ExtraProgram\DesktopHook\x64\Release\DesktopHook64.pdb

Imports

kernel32

CloseHandle
WriteConsoleW
SetFilePointerEx
SetStdHandle
GetConsoleMode
GetConsoleCP
LCMapStringW
GetModuleFileNameW
FlushFileBuffers
LoadLibraryW
IsDebuggerPresent
IsProcessorFeaturePresent
GetCommandLineA
GetCurrentThreadId
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetModuleHandleW
GetProcAddress
GetLastError
EncodePointer
DecodePointer
ExitProcess
GetModuleHandleExW
MultiByteToWideChar
WideCharToMultiByte
GetProcessHeap
GetStdHandle
GetFileType
DeleteCriticalSection
GetModuleFileNameA
HeapFree
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
RtlUnwindEx
EnterCriticalSection
LeaveCriticalSection
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
WriteFile
LoadLibraryExW
HeapAlloc
HeapReAlloc
GetStringTypeW
OutputDebugStringW
HeapSize
CreateFileW

user32

CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetWindowThreadProcessId
GetClassNameW
FindWindowW
EnumChildWindows
SetWindowLongPtrW
FillRect
InvalidateRect
CallWindowProcW
PostMessageW
SendMessageW

gdi32

CreateSolidBrush
DeleteObject

Exports

Exports

CloseDesktopHook
Function
OpenDesktopHook

Sections

.text
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
DesktopHook64.exe
.exe windows:5 windows x64 arch:x64

5682e2ca377d02cf49d985f46498c200

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:6a:e1:6f:76:f3:1a:25:55:7b:14:a2:4c:09:05:d0
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

12/12/2014, 00:00

Not After

12/12/2015, 23:59

Subject

CN=Daum Kakao Corp.,O=Daum Kakao Corp.,L=Jeju-si,ST=Jeju-do,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\MyProject\Street2008\ExtraProgram\DesktopHook\x64\ReleaseEXE\DesktopHook64.pdb

Imports

kernel32

FreeLibrary
GetProcAddress
LoadLibraryW
CloseHandle
WriteConsoleW
GetCommandLineW
GetLastError
SetLastError
GetCurrentThreadId
EncodePointer
DecodePointer
ExitProcess
GetModuleHandleExW
MultiByteToWideChar
WideCharToMultiByte
GetProcessHeap
GetStdHandle
GetFileType
DeleteCriticalSection
GetStartupInfoW
GetModuleFileNameW
WriteFile
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
RtlUnwindEx
IsDebuggerPresent
IsProcessorFeaturePresent
EnterCriticalSection
LeaveCriticalSection
HeapFree
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
LoadLibraryExW
OutputDebugStringW
GetStringTypeW
HeapAlloc
HeapReAlloc
HeapSize
LCMapStringW
FlushFileBuffers
GetConsoleCP
GetConsoleMode
ReadFile
ReadConsoleW
SetStdHandle
SetFilePointerEx
CreateFileW

user32

IsWindow

Sections

.text
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
FileList.txt
GameCaptureHook.dll
.dll windows:6 windows x86 arch:x86

e6b0e881211e514055d1cbb01b67c0a6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\MyProject\Street2008\ExtraProgram\GameCaptureHook\Release\GameCaptureHook.pdb

Imports

gdi32

DescribePixelFormat
GetPixelFormat
SwapBuffers

shell32

SHGetFolderPathW

user32

GetMessageW
UnregisterClassW
PostMessageW
wsprintfW
TranslateMessage
DestroyWindow
RegisterClassW
SendMessageW
DefWindowProcW
DispatchMessageW
GetClientRect
IsWindow
WindowFromDC
CreateWindowExW

psapi

GetModuleBaseNameA

kernel32

CreateFileW
FlushFileBuffers
WriteConsoleW
SetStdHandle
SetFilePointerEx
GetConsoleMode
GetConsoleCP
LoadLibraryExW
HeapReAlloc
GetOEMCP
GetACP
IsValidCodePage
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetModuleFileNameA
VerSetConditionMask
WaitForSingleObject
SetEvent
GetModuleHandleW
InitializeCriticalSection
TerminateThread
Sleep
LeaveCriticalSection
VerifyVersionInfoW
EnterCriticalSection
VirtualProtect
DeleteCriticalSection
CloseHandle
GetCurrentProcess
GetTickCount
LoadLibraryW
GetProcAddress
CreateEventW
DuplicateHandle
ReleaseMutex
CreateThread
CreateMutexW
OpenMutexW
WaitForMultipleObjects
MapViewOfFile
UnmapViewOfFile
FreeLibrary
QueryPerformanceCounter
OutputDebugStringW
FreeLibraryAndExitThread
DisableThreadLibraryCalls
OpenThread
CreateFileMappingW
QueryPerformanceFrequency
GetCurrentThreadId
GetCurrentProcessId
GetLastError
WideCharToMultiByte
EncodePointer
DecodePointer
MultiByteToWideChar
GetStringTypeW
HeapFree
IsDebuggerPresent
IsProcessorFeaturePresent
HeapAlloc
GetCommandLineA
RaiseException
RtlUnwind
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
InitializeCriticalSectionAndSpinCount
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
ExitProcess
GetModuleHandleExW
HeapSize
GetProcessHeap
GetStdHandle
WriteFile
GetModuleFileNameW
GetFileType

Sections

.text
Size: 153KB - Virtual size: 153KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 648B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
GameCaptureHook64.dll
.dll windows:6 windows x64 arch:x64

a434fe17bbdd4aac73a818d260611ec9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\MyProject\Street2008\ExtraProgram\GameCaptureHook\x64\Release\GameCaptureHook64.pdb

Imports

gdi32

DescribePixelFormat
GetPixelFormat
SwapBuffers

shell32

SHGetFolderPathW

user32

GetMessageW
UnregisterClassW
PostMessageW
wsprintfW
TranslateMessage
DestroyWindow
RegisterClassW
SendMessageW
DefWindowProcW
DispatchMessageW
GetClientRect
IsWindow
WindowFromDC
CreateWindowExW

psapi

GetModuleBaseNameA

kernel32

CreateFileW
FlushFileBuffers
WriteConsoleW
SetStdHandle
SetFilePointerEx
GetConsoleMode
GetConsoleCP
LoadLibraryExW
HeapReAlloc
GetOEMCP
GetACP
IsValidCodePage
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetModuleFileNameA
VerSetConditionMask
GetCurrentProcess
WaitForSingleObject
SetEvent
GetModuleHandleW
VirtualQueryEx
InitializeCriticalSection
TerminateThread
Sleep
LeaveCriticalSection
VerifyVersionInfoW
VirtualAlloc
EnterCriticalSection
GetSystemInfo
VirtualProtect
DeleteCriticalSection
CloseHandle
GetTickCount
LoadLibraryW
GetProcAddress
CreateEventW
DuplicateHandle
ReleaseMutex
CreateThread
CreateMutexW
OpenMutexW
WaitForMultipleObjects
MapViewOfFile
UnmapViewOfFile
FreeLibrary
QueryPerformanceCounter
OutputDebugStringW
FreeLibraryAndExitThread
DisableThreadLibraryCalls
OpenThread
CreateFileMappingW
QueryPerformanceFrequency
GetCurrentThreadId
GetCurrentProcessId
VirtualQuery
VirtualFree
GetThreadContext
SetThreadContext
Thread32First
Thread32Next
CreateToolhelp32Snapshot
SuspendThread
ResumeThread
GetLastError
WideCharToMultiByte
EncodePointer
DecodePointer
MultiByteToWideChar
GetStringTypeW
HeapFree
IsDebuggerPresent
IsProcessorFeaturePresent
HeapAlloc
GetCommandLineA
RtlPcToFileHeader
RaiseException
RtlLookupFunctionEntry
RtlUnwindEx
GetCPInfo
RtlCaptureContext
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
InitializeCriticalSectionAndSpinCount
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
ExitProcess
GetModuleHandleExW
HeapSize
GetProcessHeap
GetStdHandle
WriteFile
GetModuleFileNameW
GetFileType

Sections

.text
Size: 170KB - Virtual size: 170KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 648B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
History/Chinese(Simplified).txt
History/Chinese(Traditional).txt
History/English.txt
History/Hungarian.txt
History/Korean.txt
History/Polish.txt
History/Russian.txt
History/Serbian.txt
History/Ukrainian.txt
IconPack/OldIconPack.dll
.dll windows:5 windows x86 arch:x86

2e168f9fee36c65804acc85d4752ed9f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\MyProject\Street2010\PotIcons\Release\PotIcons.pdb

Imports

kernel32

GetCurrentThreadId
DecodePointer
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
GetModuleHandleW
SetLastError
GetLastError
InterlockedDecrement
GetProcAddress
HeapFree
Sleep
ExitProcess
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapAlloc
HeapReAlloc
LoadLibraryW
WriteFile
GetModuleFileNameW
RtlUnwind
LCMapStringW
MultiByteToWideChar
GetStringTypeW
HeapSize
IsProcessorFeaturePresent

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IconPack/PotIconsNew.dll
.dll windows:5 windows x86 arch:x86

b1ef5315be487f2c21eade374734763b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\MyProject\Street2008\ExtraProgram\PotIconsNew\Release\PotIcons.pdb

Imports

kernel32

GetCurrentThreadId
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetLastError
InterlockedDecrement
HeapFree
Sleep
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapAlloc
VirtualAlloc
HeapReAlloc
WriteFile
LoadLibraryA
InitializeCriticalSectionAndSpinCount
RtlUnwind
GetLocaleInfoA
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW
HeapSize

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
KillPot64.exe
.exe windows:5 windows x64 arch:x64

26b451960c3ed82e1d8cef6d8185f5ef

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

6f:f3:35:a7:1a:f0:39:11:f5:46:68:dc:cc:13:44:1c
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

01/10/2015, 00:00

Not After

30/12/2016, 23:59

Subject

CN=Daum Kakao Corp.,O=Daum Kakao Corp.,L=Jeju-si,ST=Jeju-do,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\MyProject\Street2008\ExtraProgram\KillPot\x64\Release\KillPot64.pdb

Imports

kernel32

OpenProcess
TerminateProcess
GetExitCodeProcess
CloseHandle
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
Module32FirstW
Module32NextW
GetCommandLineW
IsDebuggerPresent
EncodePointer
DecodePointer
IsProcessorFeaturePresent
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetLastError
SetLastError
GetCurrentThreadId
MultiByteToWideChar
ExitProcess
GetModuleHandleExW
GetProcAddress
WideCharToMultiByte
GetProcessHeap
GetStdHandle
GetFileType
DeleteCriticalSection
GetStartupInfoW
GetModuleFileNameW
WriteFile
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
RtlUnwindEx
EnterCriticalSection
LeaveCriticalSection
HeapFree
GetStringTypeW
LCMapStringW
LoadLibraryExW
OutputDebugStringW
HeapAlloc
HeapReAlloc
HeapSize
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetStdHandle
SetFilePointerEx
WriteConsoleW
CreateFileW

Sections

.text
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
LGPL.TXT
Language/Armenian.ini
Language/Bulgarian.ini
Language/Chinese(Simplified).ini
Language/Chinese(Traditional).ini
Language/Czech.ini
Language/English.ini
Language/French.ini
Language/German.ini
Language/Greek.ini
Language/Hebrew.ini
Language/Hongkonglocale.ini
Language/Hungarian.ini
Language/Italian.ini
Language/Japanese.ini
Language/Korean.ini
Language/Persian.ini
Language/Polish.ini
Language/Portuguese.ini
Language/Russian.ini
Language/Serbian.ini
Language/Spanish.ini
Language/Swedish.ini
Language/Tajik(Cyrillic).ini
Language/Thai.ini
Language/Turkish.ini
Language/Ukrainian.ini
Language/Uzbek(Latin).ini
License.txt
LogManager.exe
.exe windows:5 windows x86 arch:x86

bab7410a13e309e38273bc83ee0fe918

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

m:\LogManager\Release\LogManager.pdb

Imports

advapi32

OpenProcessToken
DuplicateTokenEx
ConvertStringSidToSidW
SetTokenInformation
GetLengthSid
CreateProcessAsUserW

kernel32

GetStartupInfoW
HeapFree
HeapAlloc
RtlUnwind
RaiseException
HeapReAlloc
HeapSize
Sleep
ExitProcess
SetUnhandledExceptionFilter
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
GetModuleHandleA
GlobalFindAtomW
LoadLibraryA
GetVersionExA
GlobalDeleteAtom
InterlockedExchange
GetCurrentThreadId
MultiByteToWideChar
GetLastError
GetModuleFileNameW
GetVersionExW
LocalFree
CloseHandle
GetCurrentProcess
FindResourceW
LoadResource
LockResource
SizeofResource
FlushFileBuffers
SetFilePointer
LoadLibraryW
GlobalAddAtomW
GlobalFlags
lstrcmpW
lstrcmpA
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GetCurrentProcessId
FreeLibrary
InterlockedDecrement
InterlockedIncrement
GetModuleHandleW
GetProcAddress
WideCharToMultiByte
SetLastError
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageW
lstrlenW
lstrlenA
VirtualAlloc
WriteFile

user32

DestroyMenu
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
RegisterWindowMessageW
LoadIconW
WinHelpW
GetCapture
GetClassLongW
SetPropW
GetPropW
RemovePropW
GetForegroundWindow
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetMenu
GetClientRect
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
DefWindowProcW
CallWindowProcW
CopyRect
GetMenu
SystemParametersInfoA
GetWindowPlacement
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
PostQuitMessage
SetForegroundWindow
IsIconic
PostMessageW
SetWindowPos
SetWindowLongW
IsWindow
GetDlgItem
SetWindowsHookExW
CallNextHookEx
DispatchMessageW
GetKeyState
PeekMessageW
ValidateRect
GetFocus
ClientToScreen
GetWindow
GetDlgCtrlID
GetWindowRect
GetClassNameW
PtInRect
SetWindowTextW
GetWindowTextW
GetWindowThreadProcessId
SendMessageW
GetParent
GetWindowLongW
GetLastActivePopup
IsWindowEnabled
EnableWindow
MessageBoxW
UnhookWindowsHookEx
LoadCursorW
GetSystemMetrics
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu

gdi32

Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
RectVisible
DeleteDC
GetStockObject
ExtTextOutW
GetDeviceCaps
PtVisible
SetMapMode
RestoreDC
SaveDC
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
DeleteObject
TextOutW

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

oleaut32

VariantInit
VariantClear
VariantChangeType

wininet

HttpEndRequestW
HttpSendRequestW
HttpOpenRequestW
InternetConnectW
InternetCrackUrlW
InternetCanonicalizeUrlW
InternetCloseHandle
InternetOpenW
InternetReadFile

Sections

.text
Size: 117KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Logos/PotPlayer.png
.png
PotIcons64.dll
.dll windows:5 windows x64 arch:x64

957cc134bfd5e231dbbc85925c378924

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\MyProject\Street2008\ExtraProgram\PotIcons\x64\Release\PotIcons64.pdb

Imports

kernel32

GetCurrentThreadId
FlsSetValue
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
EncodePointer
DecodePointer
FlsGetValue
FlsFree
SetLastError
GetLastError
FlsAlloc
HeapFree
Sleep
GetModuleHandleW
GetProcAddress
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapSetInformation
HeapCreate
HeapDestroy
RtlUnwindEx
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapAlloc
HeapReAlloc
WriteFile
LoadLibraryA
InitializeCriticalSectionAndSpinCount
GetLocaleInfoA
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW
HeapSize

Sections

.text
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PotPlayer64.dll
.dll windows:6 windows x64 arch:x64

dfda098c94ff4e40ae33b3e51174dfff

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

6f:f3:35:a7:1a:f0:39:11:f5:46:68:dc:cc:13:44:1c
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

01/10/2015, 00:00

Not After

30/12/2016, 23:59

Subject

CN=Daum Kakao Corp.,O=Daum Kakao Corp.,L=Jeju-si,ST=Jeju-do,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\MyProject\StreetPlayer\x64\Release_DLL\PotPlayer64.pdb

Imports

wininet

HttpSendRequestA
HttpAddRequestHeadersA
InternetSetStatusCallbackW
InternetQueryOptionW
InternetReadFileExW
FtpGetFileSize
FtpCommandA
FtpOpenFileA
InternetGetLastResponseInfoW
InternetOpenA
InternetConnectA
HttpQueryInfoA
InternetSetFilePointer
InternetWriteFile
InternetQueryDataAvailable
InternetOpenW
FtpGetCurrentDirectoryA
FtpSetCurrentDirectoryA
FtpFindFirstFileA
InternetFindNextFileA
InternetGetConnectedState
InternetGetCookieW
HttpEndRequestW
HttpSendRequestExW
HttpSendRequestW
HttpAddRequestHeadersW
HttpOpenRequestW
InternetConnectW
InternetCanonicalizeUrlW
InternetCrackUrlW
HttpQueryInfoW
InternetSetOptionW
InternetReadFile
InternetOpenUrlW
InternetCloseHandle
HttpOpenRequestA

winmm

timeKillEvent
waveOutGetVolume
waveOutSetVolume
timeGetDevCaps
timeBeginPeriod
timeEndPeriod
PlaySoundW
mixerSetControlDetails
timeGetTime
mixerGetNumDevs
mixerOpen
mixerClose
mixerGetLineInfoW
mixerGetLineControlsW
mixerGetControlDetailsW
timeSetEvent

kernel32

SystemTimeToTzSpecificLocalTime
TzSpecificLocalTimeToSystemTime
GetFullPathNameW
FoldStringW
GetFileTime
GetFileType
SetEndOfFile
GetFileAttributesW
SetFileAttributesW
GetConsoleMode
GetShortPathNameW
RemoveDirectoryW
CreateHardLinkW
GlobalSize
FormatMessageW
CopyFileW
OutputDebugStringA
GetModuleHandleExW
GlobalDeleteAtom
GlobalAddAtomW
GlobalFindAtomW
CreateActCtxW
ActivateActCtx
DeactivateActCtx
FindActCtxSectionStringW
QueryActCtxW
LockFile
UnlockFile
GetThreadLocale
lstrcmpA
GetProfileIntW
GlobalGetAtomNameW
GetSystemTime
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalHandle
LocalReAlloc
SetErrorMode
GetSystemDefaultUILanguage
GlobalFlags
SearchPathW
RtlLookupFunctionEntry
RtlUnwindEx
RtlPcToFileHeader
ExitThread
IsProcessorFeaturePresent
SetEnvironmentVariableW
GetCommandLineA
MoveFileExW
PeekNamedPipe
FindFirstFileExW
GetTimeZoneInformation
WriteConsoleW
HeapQueryInformation
SetStdHandle
GetOEMCP
RtlCaptureContext
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
GetStringTypeW
GetConsoleCP
GetDateFormatW
GetTimeFormatW
LCMapStringW
IsValidLocale
ReadConsoleW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
LocalFileTimeToFileTime
IsDBCSLeadByte
GetCPInfo
CompareStringW
AreFileApisANSI
ExitProcess
OpenEventW
PulseEvent
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
IsValidCodePage
lstrcatW
GetLongPathNameW
GetFileInformationByHandle
FlushFileBuffers
GetFileSize
GetModuleFileNameA
DebugBreak
IsBadReadPtr
GetStdHandle
SetFilePointerEx
FindNextChangeNotification
FindFirstChangeNotificationW
lstrlenA
CreateSemaphoreA
WaitNamedPipeW
GetProcessAffinityMask
CreateTimerQueue
WaitForSingleObjectEx
SignalObjectAndWait
SwitchToThread
CreateTimerQueueTimer
ChangeTimerQueueTimer
DeleteTimerQueueTimer
GetNumaHighestNodeNumber
SetThreadAffinityMask
RegisterWaitForSingleObject
FindCloseChangeNotification
IsDBCSLeadByteEx
LocalAlloc
SetFilePointer
SetThreadExecutionState
LoadLibraryExW
GetWindowsDirectoryW
SetPriorityClass
VirtualProtectEx
VirtualQuery
FlushInstructionCache
GetThreadContext
SuspendThread
OpenThread
GetThreadPriority
CreateSemaphoreW
lstrcmpW
ReleaseSemaphore
DuplicateHandle
LoadLibraryExA
FileTimeToSystemTime
FileTimeToLocalFileTime
IsBadWritePtr
GetExitCodeProcess
GetVolumePathNamesForVolumeNameW
GetLogicalDrives
FindVolumeClose
FindNextVolumeW
FindFirstVolumeW
CreateProcessW
GetNumberFormatW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
lstrcmpiA
EnumSystemLocalesW
GetUserDefaultLangID
GetUserGeoID
GetGeoInfoW
GetACP
DeviceIoControl
QueryPerformanceFrequency
QueryPerformanceCounter
IsDebuggerPresent
CreateFileA
CreateThread
RaiseException
lstrcmpiW
GlobalReAlloc
CreateFileMappingW
MoveFileW
ReadDirectoryChangesW
WaitForMultipleObjects
CreateEventW
lstrcpyW
SetCurrentDirectoryW
OutputDebugStringW
CreateDirectoryW
GetEnvironmentVariableW
GetFileAttributesExW
GetSystemDefaultLCID
GetLocaleInfoA
SetSystemPowerState
lstrcpynW
SetProcessWorkingSetSize
LocalFree
GetModuleFileNameW
FindResourceExW
TerminateProcess
GetCurrentProcess
GetTempFileNameW
TerminateThread
SetThreadPriority
GetCurrentThread
ResetEvent
SetEvent
UnmapViewOfFile
MapViewOfFile
OpenFileMappingW
ReleaseMutex
GetExitCodeThread
CreateMutexW
SetLastError
TryEnterCriticalSection
ReadFile
GetFileSizeEx
GlobalUnlock
GlobalLock
GlobalAlloc
GetVolumeInformationW
GetDriveTypeW
GetCurrentDirectoryW
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
GetVersionExW
DeleteFileW
GetSystemDirectoryW
FreeLibrary
OpenProcess
GetCurrentProcessId
GetCurrentThreadId
GetDiskFreeSpaceW
GetUserDefaultLCID
GetTempPathW
WriteFile
SetFileTime
GetLocalTime
LoadLibraryW
SystemTimeToFileTime
GetProcAddress
GetModuleHandleW
GetLocaleInfoW
MulDiv
FindNextFileW
FindFirstFileW
FindClose
VerifyVersionInfoW
CreateFileW
VerSetConditionMask
VirtualProtect
VirtualFree
VirtualAlloc
GetSystemInfo
GlobalMemoryStatusEx
GetVersion
lstrlenW
WideCharToMultiByte
ResumeThread
Sleep
WaitForSingleObject
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
CloseHandle
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GlobalFree
FreeResource
GetTickCount
GetLastError
MultiByteToWideChar
FindResourceW
SizeofResource
LockResource
LoadResource
UnregisterWait
GetThreadTimes
FreeLibraryAndExitThread
GetModuleHandleA
InitializeSListHead
InterlockedPopEntrySList
InterlockedPushEntrySList
InterlockedFlushSList
QueryDepthSList
UnregisterWaitEx
GetUserDefaultUILanguage

user32

ShowOwnedPopups
CharNextW
WaitMessage
DrawIcon
GetKeyNameTextW
MapDialogRect
SendDlgItemMessageA
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
IsDialogMessageW
CheckDlgButton
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
DestroyMenu
WinHelpW
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetLastActivePopup
GetClassLongPtrW
MessageBoxW
AdjustWindowRectEx
GetWindowTextLengthW
ScrollWindow
ValidateRect
TrackPopupMenu
SetMenu
IsChild
GetClassInfoExW
GetMessageTime
GetMenuStringW
CharToOemBuffW
CharLowerW
CharUpperW
OemToCharBuffA
OemToCharA
CharToOemA
EnumThreadWindows
WaitForInputIdle
GetShellWindow
CharLowerBuffW
GetTopWindow
GetDlgItem
SendMessageTimeoutW
MsgWaitForMultipleObjects
GetQueueStatus
mouse_event
keybd_event
wsprintfA
ChangeDisplaySettingsExW
ChangeDisplaySettingsExA
SetWindowTextW
GetMenu
GetAsyncKeyState
EmptyClipboard
SetClipboardData
GetDlgCtrlID
GetMessageExtraInfo
GetScrollInfo
SetScrollInfo
GetSysColorBrush
MapWindowPoints
RemovePropW
GetPropW
SetPropW
EnableScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
DrawEdge
DrawTextA
GetCaretBlinkTime
MapVirtualKeyW
DrawFrameControl
EnableMenuItem
CheckMenuItem
GetIconInfo
GetCursorInfo
MonitorFromRect
DrawIconEx
LoadImageW
DestroyCursor
LoadCursorFromFileW
CheckMenuRadioItem
EnumChildWindows
IsRectEmpty
UnionRect
ClipCursor
SetWindowContextHelpId
ShowCursor
AdjustWindowRect
LockWindowUpdate
RedrawWindow
GetForegroundWindow
EndMenu
DeleteMenu
RemoveMenu
ModifyMenuW
InsertMenuW
CreateMenu
GetSystemMenu
GetMenuState
TranslateAcceleratorW
IsWindowEnabled
SetFocus
RegisterClipboardFormatW
SetWindowPlacement
GetWindowPlacement
GetClassInfoW
GetDoubleClickTime
PostQuitMessage
PostThreadMessageW
GetMessagePos
ExitWindowsEx
UnregisterHotKey
RegisterHotKey
RegisterWindowMessageW
SetWindowPos
FindWindowExW
UnregisterClassW
RegisterClassW
wsprintfW
GetCursor
SetCursor
EndPaint
BeginPaint
GetWindowDC
IsZoomed
DestroyWindow
CreateWindowExW
RegisterClassExW
DefWindowProcW
GetMessageW
MoveWindow
ShowWindow
GetClipboardData
CloseClipboard
OpenClipboard
SetMenuItemInfoW
GetMenuItemID
EnumDisplayMonitors
GetKeyState
SetWindowLongPtrW
GetDlgItemTextW
CallWindowProcW
LoadIconW
SetWindowLongW
GetWindowLongW
SetForegroundWindow
CopyAcceleratorTableW
DestroyAcceleratorTable
LoadAcceleratorsW
BringWindowToTop
GetWindowThreadProcessId
GetDesktopWindow
GetWindowLongPtrW
GetWindowTextW
GetGUIThreadInfo
LoadBitmapW
GetCaretPos
IsWindow
GetWindow
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetParent
OffsetRect
InflateRect
DrawFocusRect
ScreenToClient
ShowCaret
HideCaret
SetActiveWindow
GetMenuItemInfoW
GetMenuItemCount
GetActiveWindow
PeekMessageW
DispatchMessageW
TranslateMessage
EqualRect
SystemParametersInfoW
FrameRect
ShowScrollBar
GetCapture
SetWindowRgn
GetSystemMetrics
GetFocus
DestroyIcon
EnumDisplayDevicesW
EnumDisplaySettingsW
CopyImage
RealChildWindowFromPoint
InsertMenuItemW
UnpackDDElParam
ReuseDDElParam
InvalidateRgn
MessageBeep
GetWindowRgn
SubtractRect
GetUpdateRect
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
DrawMenuBar
CharUpperBuffW
SetMenuDefaultItem
CopyIcon
SetClassLongPtrW
CreateAcceleratorTableW
GetKeyboardState
ToUnicodeEx
MapVirtualKeyExW
IsCharLowerW
GetKeyboardLayout
GetComboBoxInfo
TrackMouseEvent
UpdateLayeredWindow
IsMenu
DrawStateW
SetLayeredWindowAttributes
NotifyWinEvent
InvertRect
GetMenuDefaultItem
SetCursorPos
GetNextDlgGroupItem
GetSubMenu
LoadMenuW
GetMonitorInfoW
MonitorFromWindow
MonitorFromPoint
GetClassNameW
FindWindowW
CopyRect
WindowFromPoint
ClientToScreen
GetCursorPos
GetWindowRect
ReleaseDC
GetDC
KillTimer
SetTimer
IsIconic
IsWindowVisible
LoadCursorW
PtInRect
SetRectEmpty
SetRect
FillRect
GetSysColor
GetClientRect
InvalidateRect
UpdateWindow
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
AppendMenuW
CreatePopupMenu
EnableWindow
ReleaseCapture
SetCapture
PostMessageW
SendMessageW
GetParent
IntersectRect
IsClipboardFormatAvailable

gdi32

ExtSelectClipRgn
SelectPalette
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
SetBrushOrgEx
ScaleWindowExtEx
CreateRectRgnIndirect
GetMapMode
SetRectRgn
DPtoLP
CreateEllipticRgn
LPtoDP
GetBkColor
IntersectClipRect
GetRgnBox
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
CreatePolygonRgn
Polygon
Polyline
CreateRoundRectRgn
RoundRect
FrameRgn
PtInRegion
SetPixelV
ExtFloodFill
SetPaletteEntries
FillRgn
GetBoundsRect
GetWindowOrgEx
GetViewportOrgEx
GetTextFaceW
GetWindowExtEx
GetViewportExtEx
GetPixel
GetObjectType
GetClipBox
ExcludeClipRect
CreateHatchBrush
CopyMetaFileW
SwapBuffers
SetPixelFormat
DescribePixelFormat
ChoosePixelFormat
SetMapMode
GetPath
EndPath
CloseFigure
BeginPath
AbortPath
GetOutlineTextMetricsW
SetTextCharacterExtra
GetICMProfileW
AddFontResourceW
TranslateCharsetInfo
GetRegionData
SaveDC
RestoreDC
DeleteDC
CreateFontIndirectW
MoveToEx
SetBkColor
LineTo
GetTextExtentPoint32W
GetDeviceCaps
Rectangle
CreatePen
DeleteObject
GetStockObject
ExtTextOutW
TextOutW
StretchBlt
SelectObject
RectVisible
PtVisible
Escape
CreateSolidBrush
CreateRectRgn
CreateCompatibleDC
EnumFontFamiliesExW
BitBlt
PatBlt
CreatePatternBrush
CreateBitmap
SetPixel
SetDIBColorTable
ExtCreateRegion
GetTextExtentExPointW
GetCurrentObject
GetTextMetricsW
CreateCompatibleBitmap
OffsetRgn
Ellipse
CreateDCW
CombineRgn
SetBkMode
CreateFontW
CreateDIBSection
SetTextColor
GetTextExtentPointW
GetTextColor
SetStretchBltMode
GetObjectW
SelectClipRgn
UnrealizeObject

advapi32

SetFileSecurityW
RegSetValueExA
RegSetValueW
RegSetValueA
RegQueryValueW
RegQueryValueA
RegQueryInfoKeyW
RegQueryInfoKeyA
RegOpenKeyA
RegFlushKey
RegEnumValueA
RegEnumKeyExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegCreateKeyW
RegCreateKeyA
LookupPrivilegeValueW
AdjustTokenPrivileges
MapGenericMask
GetFileSecurityW
DuplicateToken
AccessCheck
RegQueryValueExA
RegOpenKeyExA
SetSecurityDescriptorSacl
SetSecurityDescriptorOwner
SetSecurityDescriptorGroup
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
InitializeAcl
GetTokenInformation
GetLengthSid
AddAccessAllowedAce
OpenProcessToken
RegOpenKeyW
RegEnumValueW
RegEnumKeyW
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey
IsTextUnicode

shell32

ShellExecuteW
SHChangeNotify
ord62
DragQueryFileW
DragFinish
SHFileOperationW
SHGetFileInfoW
SHGetPathFromIDListW
ShellExecuteExW
SHGetSpecialFolderLocation
ord727
SHGetMalloc
DragAcceptFiles
Shell_NotifyIconW
SHBrowseForFolderW
SHGetDesktopFolder
SHAppBarMessage
ExtractIconW

shlwapi

PathAddBackslashW
PathStripPathW
PathAddExtensionW
PathStripToRootW
PathRemoveFileSpecW
PathRenameExtensionW
PathFindExtensionW
PathRemoveBackslashW
PathIsURLW
PathFileExistsW
PathFindFileNameW
PathAppendW
PathCombineW
wvnsprintfW
PathCanonicalizeW
PathAddBackslashA
PathRemoveFileSpecA
PathRemoveArgsW
PathIsUNCW
UrlUnescapeW
PathRemoveExtensionW
StrFormatKBSizeW

ole32

OleFlushClipboard
OleIsCurrentClipboard
CoRegisterMessageFilter
CreateStreamOnHGlobal
DoDragDrop
OleLockRunning
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
CoRevokeClassObject
StgOpenStorageOnILockBytes
CoGetClassObject
CoDisconnectObject
OleGetClipboard
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
CLSIDFromProgID
CoInitializeEx
GetRunningObjectTable
CreateItemMoniker
CreateBindCtx
MkParseDisplayName
CoFreeLibrary
CoLoadLibrary
StringFromGUID2
CLSIDFromString
CoInitialize
CoFreeUnusedLibraries
CoCreateGuid
OleSaveToStream
OleLoadFromStream
OleUninitialize
OleInitialize
StgOpenStorage
StgCreateDocfile
CoTaskMemAlloc
CoUninitialize
CreateILockBytesOnHGlobal
ReleaseStgMedium
OleDuplicateData
OleCreateStaticFromData
StgCreateDocfileOnILockBytes
OleDraw
OleSetContainedObject
OleCreate
PropVariantClear
CoTaskMemFree
CoCreateInstance

oleaut32

VariantCopy
VarBstrFromDate
OleCreateFontIndirect
LoadTypeLi
GetErrorInfo
SystemTimeToVariantTime
VarBstrCmp
SysStringLen
OleLoadPicture
SafeArrayCreateVector
SysAllocString
VariantTimeToSystemTime
SysFreeString
VariantInit
VariantClear
SysAllocStringLen
VariantChangeType
SafeArrayDestroy
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayAccessData
SafeArrayUnaccessData

ws2_32

WSAAsyncSelect
shutdown
sendto
WSASend
WSASetLastError
select
ntohs
inet_ntoa
getsockopt
getsockname
getpeername
accept
__WSAFDIsSet
send
bind
closesocket
connect
ioctlsocket
htonl
htons
inet_addr
recv
recvfrom
setsockopt
socket
gethostbyname
WSAStartup
WSACleanup
WSAGetLastError
WSACloseEvent
WSACreateEvent
WSAEnumNetworkEvents
WSAEventSelect
WSAResetEvent
WSAWaitForMultipleEvents
ntohl
listen

Exports

Exports

AddPotPlayerUrlA
AddPotPlayerUrlW
CreateCallbackEvent
CreatePotPlayerA
CreatePotPlayerExA
CreatePotPlayerExW
CreatePotPlayerW
DestroyPotPlayer
GetMediaFileDetectW
GetPlayerFunctions
GetPotPlayerControl
GetPotPlayerStringValueA
GetPotPlayerStringValueW
GetPotPlayerValue
GetPotWindowLong
GetProgramVersion
GetThumbnailW
OpenPotPlayerUrlA
OpenPotPlayerUrlW
PreprocessCmdLineA
PreprocessCmdLineExA
PreprocessCmdLineExW
PreprocessCmdLineW
RegisterCB
ResizeWindow
RunPotPlayerEx
SendChatA
SendChatW
SendPotPlayerCmd
SetPotPlayIniFileA
SetPotPlayIniFileW
SetPotPlayRegKeyA
SetPotPlayRegKeyW
SetPotPlayerSeek
SetPotPlayerStringValueA
SetPotPlayerStringValueW
SetPotPlayerValue
SetPotPlayerVolume
SetUIOption
SetupBroadcastLogoA
SetupBroadcastLogoW
SetupLogoLoadingA
SetupLogoLoadingW
ShowPotPlayerUI
UninitPotPlayer

Sections

.text
Size: 12.7MB - Virtual size: 12.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text.un
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rotext
Size: 512B - Virtual size: 375B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6.7MB - Virtual size: 6.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 428KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 409KB - Virtual size: 409KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata.u
Size: 512B - Virtual size: 352B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata.u
Size: 512B - Virtual size: 276B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.drectve
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rodata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 832KB - Virtual size: 832KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 213KB - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PotPlayer64.exe
.exe windows:6 windows x64 arch:x64

e264d841326a232b8252b9fb596ad7ba

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:6a:e1:6f:76:f3:1a:25:55:7b:14:a2:4c:09:05:d0
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

12/12/2014, 00:00

Not After

12/12/2015, 23:59

Subject

CN=Daum Kakao Corp.,O=Daum Kakao Corp.,L=Jeju-si,ST=Jeju-do,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\MyProject\Street2008\ExtraProgram\PotPlayer\bin\lib\Release_x64\PotPlayer64.pdb

Imports

imagehlp

ImageGetCertificateData
ImageGetCertificateHeader
ImageEnumerateCertificates

crypt32

CertFreeCertificateContext
CertGetNameStringW
CryptVerifyMessageSignature

wintrust

WinVerifyTrust

kernel32

WriteConsoleW
QueryPerformanceCounter
SetFilePointerEx
SetStdHandle
GetConsoleMode
CreateFileW
CloseHandle
GetLastError
RaiseException
DeleteCriticalSection
GetCurrentProcess
TerminateProcess
FreeLibrary
GetModuleFileNameW
GetProcAddress
LoadLibraryW
InitializeCriticalSection
GetModuleHandleW
GetCommandLineW
HeapFree
HeapAlloc
SetLastError
GetCurrentThreadId
ExitProcess
GetModuleHandleExW
MultiByteToWideChar
WideCharToMultiByte
GetProcessHeap
GetStdHandle
GetFileType
GetStartupInfoW
WriteFile
GetConsoleCP
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
RtlUnwindEx
RtlPcToFileHeader
IsDebuggerPresent
IsProcessorFeaturePresent
HeapSize
EnterCriticalSection
LeaveCriticalSection
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
LoadLibraryExW
OutputDebugStringW
HeapReAlloc
GetStringTypeW
LCMapStringW
FlushFileBuffers

user32

MessageBoxW

ole32

CoInitialize

Sections

.text
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PotPlayerMini64.exe
.exe windows:6 windows x64 arch:x64

e264d841326a232b8252b9fb596ad7ba

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:6a:e1:6f:76:f3:1a:25:55:7b:14:a2:4c:09:05:d0
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

12/12/2014, 00:00

Not After

12/12/2015, 23:59

Subject

CN=Daum Kakao Corp.,O=Daum Kakao Corp.,L=Jeju-si,ST=Jeju-do,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\MyProject\Street2008\ExtraProgram\PotPlayer\bin\lib\Release_Mini_x64\PotPlayerMini64.pdb

Imports

imagehlp

ImageGetCertificateData
ImageGetCertificateHeader
ImageEnumerateCertificates

crypt32

CertFreeCertificateContext
CertGetNameStringW
CryptVerifyMessageSignature

wintrust

WinVerifyTrust

kernel32

WriteConsoleW
QueryPerformanceCounter
SetFilePointerEx
SetStdHandle
GetConsoleMode
CreateFileW
CloseHandle
GetLastError
RaiseException
DeleteCriticalSection
GetCurrentProcess
TerminateProcess
FreeLibrary
GetModuleFileNameW
GetProcAddress
LoadLibraryW
InitializeCriticalSection
GetModuleHandleW
GetCommandLineW
HeapFree
HeapAlloc
SetLastError
GetCurrentThreadId
ExitProcess
GetModuleHandleExW
MultiByteToWideChar
WideCharToMultiByte
GetProcessHeap
GetStdHandle
GetFileType
GetStartupInfoW
WriteFile
GetConsoleCP
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
RtlUnwindEx
RtlPcToFileHeader
IsDebuggerPresent
IsProcessorFeaturePresent
HeapSize
EnterCriticalSection
LeaveCriticalSection
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
LoadLibraryExW
OutputDebugStringW
HeapReAlloc
GetStringTypeW
LCMapStringW
FlushFileBuffers

user32

MessageBoxW

ole32

CoInitialize

Sections

.text
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Skins/Default.dsf
.zip
AdvClick.png
.png
AudioMini.xml
AudioSkin.xml
BRList.png
.png
BRTool.png
.png
BottomAudio.txt
BottomLeft.txt
BottomVideo.txt
BottomVod.txt
Chat.png
.png
ChildSkin.xml
Common.txt
Control.png
.png
Loding.png
.png
Logo.txt
Main.png
.png
PlayList.png
.png
Popup.txt
PotPlayer.png
.png
PotPlayerEng.png
.png
Prepare.bmp
Right.txt
ScrCapture.png
.png
ScrollBar.bmp
ScrollBarCH.bmp
ScrollBarPL.bmp
StringTable.txt
SubCommon.txt
Title.txt
Top.txt
TopCast.txt
TopCommon.txt
TopMainMenu.txt
TopOsc.txt
TouchBottom.txt
TouchControl.png
.png
TouchMain.png
.png
TouchPlaylist.png
.png
TouchRight.txt
TouchTop.txt
VideoSkin.xml
WdmSkin.xml
Window.png
.png
Skins/WindowFrame.dsf
.zip
AdvClick.png
.png
AudioSkin.xml
BRList.png
.png
BRTool.png
.png
BottomAudio.txt
BottomVideo.txt
BottomVod.txt
Chat.png
.png
ChildSkin.xml
Common.txt
Control.png
.png
Loding.png
.png
Logo.txt
Main.png
.png
PlayList.png
.png
Popup.txt
PotPlayer.png
.png
PotPlayerEng.png
.png
Prepare.bmp
ScrCapture.png
.png
ScrollBar.bmp
ScrollBarCH.bmp
ScrollBarPL.bmp
StringTable.txt
SubCommon.txt
Title.txt
Top.txt
TopCast.txt
TopCommon.txt
TopMainMenu.txt
TopOsc.txt
TouchBottom.txt
TouchControl.png
.png
TouchMain.png
.png
TouchPlaylist.png
.png
TouchRight.txt
TouchTop.txt
VideoSkin.xml
WdmSkin.xml
Window.png
.png
d3dx9_43.dll
.dll windows:6 windows x64 arch:x64

336d8057d1db03e5a3ac3b62e8902f4b

Code Sign

2e:ab:11:dc:50:ff:5c:9d:cb:c0
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

22/08/2007, 22:31

Not After

25/08/2012, 07:00

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:01:cf:3e:00:00:00:00:00:0f
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07/12/2009, 22:40

Not After

07/03/2011, 22:40

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16/09/2006, 01:04

Not After

15/09/2019, 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:06:94:2d:00:00:00:00:00:09
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

25/07/2008, 19:02

Not After

25/07/2013, 19:12

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:7A82-688A-9F92,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

bd:1c:4f:ec:4a:e7:0c:11:ef:6d:b7:89:8e:6a:4a:de:c2:22:ed:47
Signer

Actual PE Digest

bd:1c:4f:ec:4a:e7:0c:11:ef:6d:b7:89:8e:6a:4a:de:c2:22:ed:47

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

d3dx9_43.pdb

Imports

msvcrt

malloc
_vsnprintf
_finite
memmove
_purecall
qsort
_stricmp
modff
iswpunct
_clearfp
iswdigit
iswalpha
iswspace
??2@YAPEAX_K@Z
??3@YAXPEAX@Z
_strdup
setlocale
free
calloc
realloc
sscanf
_strtime
_isatty
_write
_lseeki64
__pioinfo
__badioinfo
wctomb
_itoa
_snprintf
_iob
_fileno
isleadbyte
?terminate@@YAXXZ
_onexit
_lock
__dllonexit
_unlock
memset
memcpy
__C_specific_handler
_amsg_exit
_initterm
_XcptFilter
srand
strtod
fread
fwrite
fflush
abort
_tempnam
_ultoa
isalpha
atol
atof
isxdigit
wcstombs
_isnan
rand
atoi
isalnum
_vsnwprintf
isdigit
isspace
longjmp
ldexp
frexp
__CxxFrameHandler
_errno
_strdate
sqrt
powf
sqrtf
floor
fmodf
memcmp
log
cos
exp
sinf
cosf
floorf
ceilf
atan2
atan
acos
asin
sin
pow
atan2f
logf
acosf
fmod
asinf
_setjmp
ceil

gdi32

GetObjectW
GetGlyphOutlineW
GetCurrentObject
GetOutlineTextMetricsA
TranslateCharsetInfo
ExtTextOutA
MoveToEx
ExtTextOutW
CreateDIBSection
GetGlyphOutlineA
GetObjectA
GetCharacterPlacementA
GetCharacterPlacementW
SetTextColor
SetBkColor
SetBkMode
GetTextMetricsA
GetTextMetricsW
GetFontLanguageInfo
CreateFontIndirectA
CreateFontIndirectW
SetTextAlign
SetMapMode
CreateCompatibleDC
DeleteDC
DeleteObject
SelectObject

kernel32

FindResourceW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
GetProcessHeap
HeapFree
HeapAlloc
ReleaseMutex
WaitForSingleObject
CreateMutexA
IsBadWritePtr
IsBadReadPtr
IsBadCodePtr
ExpandEnvironmentStringsA
GlobalMemoryStatus
GetSystemInfo
SetEndOfFile
MoveFileW
GetTempFileNameW
MoveFileA
CompareStringA
SetFilePointer
DeleteFileW
FindResourceA
LoadResource
LockResource
SizeofResource
GetFileSize
CreateFileMappingA
MapViewOfFile
FreeResource
UnmapViewOfFile
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
LocalFree
FormatMessageA
GetFullPathNameW
CreateFileW
GetFileSizeEx
GetLastError
IsDBCSLeadByte
WriteFile
DeleteFileA
CloseHandle
ReadFile
CreateFileA
GetTempFileNameA
GetTempPathA
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
GetACP
MultiByteToWideChar
WideCharToMultiByte
OutputDebugStringA
GetModuleHandleA
FreeLibrary
GetProcAddress
LoadLibraryA
GetVersionExA
Sleep
VirtualProtect
DisableThreadLibraryCalls

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyA

Exports

Exports

D3DXAssembleShader
D3DXAssembleShaderFromFileA
D3DXAssembleShaderFromFileW
D3DXAssembleShaderFromResourceA
D3DXAssembleShaderFromResourceW
D3DXBoxBoundProbe
D3DXCheckCubeTextureRequirements
D3DXCheckTextureRequirements
D3DXCheckVersion
D3DXCheckVolumeTextureRequirements
D3DXCleanMesh
D3DXColorAdjustContrast
D3DXColorAdjustSaturation
D3DXCompileShader
D3DXCompileShaderFromFileA
D3DXCompileShaderFromFileW
D3DXCompileShaderFromResourceA
D3DXCompileShaderFromResourceW
D3DXComputeBoundingBox
D3DXComputeBoundingSphere
D3DXComputeIMTFromPerTexelSignal
D3DXComputeIMTFromPerVertexSignal
D3DXComputeIMTFromSignal
D3DXComputeIMTFromTexture
D3DXComputeNormalMap
D3DXComputeNormals
D3DXComputeTangent
D3DXComputeTangentFrame
D3DXComputeTangentFrameEx
D3DXConcatenateMeshes
D3DXConvertMeshSubsetToSingleStrip
D3DXConvertMeshSubsetToStrips
D3DXCreateAnimationController
D3DXCreateBox
D3DXCreateBuffer
D3DXCreateCompressedAnimationSet
D3DXCreateCubeTexture
D3DXCreateCubeTextureFromFileA
D3DXCreateCubeTextureFromFileExA
D3DXCreateCubeTextureFromFileExW
D3DXCreateCubeTextureFromFileInMemory
D3DXCreateCubeTextureFromFileInMemoryEx
D3DXCreateCubeTextureFromFileW
D3DXCreateCubeTextureFromResourceA
D3DXCreateCubeTextureFromResourceExA
D3DXCreateCubeTextureFromResourceExW
D3DXCreateCubeTextureFromResourceW
D3DXCreateCylinder
D3DXCreateEffect
D3DXCreateEffectCompiler
D3DXCreateEffectCompilerFromFileA
D3DXCreateEffectCompilerFromFileW
D3DXCreateEffectCompilerFromResourceA
D3DXCreateEffectCompilerFromResourceW
D3DXCreateEffectEx
D3DXCreateEffectFromFileA
D3DXCreateEffectFromFileExA
D3DXCreateEffectFromFileExW
D3DXCreateEffectFromFileW
D3DXCreateEffectFromResourceA
D3DXCreateEffectFromResourceExA
D3DXCreateEffectFromResourceExW
D3DXCreateEffectFromResourceW
D3DXCreateEffectPool
D3DXCreateFontA
D3DXCreateFontIndirectA
D3DXCreateFontIndirectW
D3DXCreateFontW
D3DXCreateKeyframedAnimationSet
D3DXCreateLine
D3DXCreateMatrixStack
D3DXCreateMesh
D3DXCreateMeshFVF
D3DXCreateNPatchMesh
D3DXCreatePMeshFromStream
D3DXCreatePRTBuffer
D3DXCreatePRTBufferTex
D3DXCreatePRTCompBuffer
D3DXCreatePRTEngine
D3DXCreatePatchMesh
D3DXCreatePolygon
D3DXCreateRenderToEnvMap
D3DXCreateRenderToSurface
D3DXCreateSPMesh
D3DXCreateSkinInfo
D3DXCreateSkinInfoFVF
D3DXCreateSkinInfoFromBlendedMesh
D3DXCreateSphere
D3DXCreateSprite
D3DXCreateTeapot
D3DXCreateTextA
D3DXCreateTextW
D3DXCreateTexture
D3DXCreateTextureFromFileA
D3DXCreateTextureFromFileExA
D3DXCreateTextureFromFileExW
D3DXCreateTextureFromFileInMemory
D3DXCreateTextureFromFileInMemoryEx
D3DXCreateTextureFromFileW
D3DXCreateTextureFromResourceA
D3DXCreateTextureFromResourceExA
D3DXCreateTextureFromResourceExW
D3DXCreateTextureFromResourceW
D3DXCreateTextureGutterHelper
D3DXCreateTextureShader
D3DXCreateTorus
D3DXCreateVolumeTexture
D3DXCreateVolumeTextureFromFileA
D3DXCreateVolumeTextureFromFileExA
D3DXCreateVolumeTextureFromFileExW
D3DXCreateVolumeTextureFromFileInMemory
D3DXCreateVolumeTextureFromFileInMemoryEx
D3DXCreateVolumeTextureFromFileW
D3DXCreateVolumeTextureFromResourceA
D3DXCreateVolumeTextureFromResourceExA
D3DXCreateVolumeTextureFromResourceExW
D3DXCreateVolumeTextureFromResourceW
D3DXDebugMute
D3DXDeclaratorFromFVF
D3DXDisassembleEffect
D3DXDisassembleShader
D3DXFVFFromDeclarator
D3DXFileCreate
D3DXFillCubeTexture
D3DXFillCubeTextureTX
D3DXFillTexture
D3DXFillTextureTX
D3DXFillVolumeTexture
D3DXFillVolumeTextureTX
D3DXFilterTexture
D3DXFindShaderComment
D3DXFloat16To32Array
D3DXFloat32To16Array
D3DXFrameAppendChild
D3DXFrameCalculateBoundingSphere
D3DXFrameDestroy
D3DXFrameFind
D3DXFrameNumNamedMatrices
D3DXFrameRegisterNamedMatrices
D3DXFresnelTerm
D3DXGenerateOutputDecl
D3DXGeneratePMesh
D3DXGetDeclLength
D3DXGetDeclVertexSize
D3DXGetDriverLevel
D3DXGetFVFVertexSize
D3DXGetImageInfoFromFileA
D3DXGetImageInfoFromFileInMemory
D3DXGetImageInfoFromFileW
D3DXGetImageInfoFromResourceA
D3DXGetImageInfoFromResourceW
D3DXGetPixelShaderProfile
D3DXGetShaderConstantTable
D3DXGetShaderConstantTableEx
D3DXGetShaderInputSemantics
D3DXGetShaderOutputSemantics
D3DXGetShaderSamplers
D3DXGetShaderSize
D3DXGetShaderVersion
D3DXGetVertexShaderProfile
D3DXIntersect
D3DXIntersectSubset
D3DXIntersectTri
D3DXLoadMeshFromXA
D3DXLoadMeshFromXInMemory
D3DXLoadMeshFromXResource
D3DXLoadMeshFromXW
D3DXLoadMeshFromXof
D3DXLoadMeshHierarchyFromXA
D3DXLoadMeshHierarchyFromXInMemory
D3DXLoadMeshHierarchyFromXW
D3DXLoadPRTBufferFromFileA
D3DXLoadPRTBufferFromFileW
D3DXLoadPRTCompBufferFromFileA
D3DXLoadPRTCompBufferFromFileW
D3DXLoadPatchMeshFromXof
D3DXLoadSkinMeshFromXof
D3DXLoadSurfaceFromFileA
D3DXLoadSurfaceFromFileInMemory
D3DXLoadSurfaceFromFileW
D3DXLoadSurfaceFromMemory
D3DXLoadSurfaceFromResourceA
D3DXLoadSurfaceFromResourceW
D3DXLoadSurfaceFromSurface
D3DXLoadVolumeFromFileA
D3DXLoadVolumeFromFileInMemory
D3DXLoadVolumeFromFileW
D3DXLoadVolumeFromMemory
D3DXLoadVolumeFromResourceA
D3DXLoadVolumeFromResourceW
D3DXLoadVolumeFromVolume
D3DXMatrixAffineTransformation
D3DXMatrixAffineTransformation2D
D3DXMatrixDecompose
D3DXMatrixDeterminant
D3DXMatrixInverse
D3DXMatrixLookAtLH
D3DXMatrixLookAtRH
D3DXMatrixMultiply
D3DXMatrixMultiplyTranspose
D3DXMatrixOrthoLH
D3DXMatrixOrthoOffCenterLH
D3DXMatrixOrthoOffCenterRH
D3DXMatrixOrthoRH
D3DXMatrixPerspectiveFovLH
D3DXMatrixPerspectiveFovRH
D3DXMatrixPerspectiveLH
D3DXMatrixPerspectiveOffCenterLH
D3DXMatrixPerspectiveOffCenterRH
D3DXMatrixPerspectiveRH
D3DXMatrixReflect
D3DXMatrixRotationAxis
D3DXMatrixRotationQuaternion
D3DXMatrixRotationX
D3DXMatrixRotationY
D3DXMatrixRotationYawPitchRoll
D3DXMatrixRotationZ
D3DXMatrixScaling
D3DXMatrixShadow
D3DXMatrixTransformation
D3DXMatrixTransformation2D
D3DXMatrixTranslation
D3DXMatrixTranspose
D3DXOptimizeFaces
D3DXOptimizeVertices
D3DXPlaneFromPointNormal
D3DXPlaneFromPoints
D3DXPlaneIntersectLine
D3DXPlaneNormalize
D3DXPlaneTransform
D3DXPlaneTransformArray
D3DXPreprocessShader
D3DXPreprocessShaderFromFileA
D3DXPreprocessShaderFromFileW
D3DXPreprocessShaderFromResourceA
D3DXPreprocessShaderFromResourceW
D3DXQuaternionBaryCentric
D3DXQuaternionExp
D3DXQuaternionInverse
D3DXQuaternionLn
D3DXQuaternionMultiply
D3DXQuaternionNormalize
D3DXQuaternionRotationAxis
D3DXQuaternionRotationMatrix
D3DXQuaternionRotationYawPitchRoll
D3DXQuaternionSlerp
D3DXQuaternionSquad
D3DXQuaternionSquadSetup
D3DXQuaternionToAxisAngle
D3DXRectPatchSize
D3DXSHAdd
D3DXSHDot
D3DXSHEvalConeLight
D3DXSHEvalDirection
D3DXSHEvalDirectionalLight
D3DXSHEvalHemisphereLight
D3DXSHEvalSphericalLight
D3DXSHMultiply2
D3DXSHMultiply3
D3DXSHMultiply4
D3DXSHMultiply5
D3DXSHMultiply6
D3DXSHPRTCompSplitMeshSC
D3DXSHPRTCompSuperCluster
D3DXSHProjectCubeMap
D3DXSHRotate
D3DXSHRotateZ
D3DXSHScale
D3DXSaveMeshHierarchyToFileA
D3DXSaveMeshHierarchyToFileW
D3DXSaveMeshToXA
D3DXSaveMeshToXW
D3DXSavePRTBufferToFileA
D3DXSavePRTBufferToFileW
D3DXSavePRTCompBufferToFileA
D3DXSavePRTCompBufferToFileW
D3DXSaveSurfaceToFileA
D3DXSaveSurfaceToFileInMemory
D3DXSaveSurfaceToFileW
D3DXSaveTextureToFileA
D3DXSaveTextureToFileInMemory
D3DXSaveTextureToFileW
D3DXSaveVolumeToFileA
D3DXSaveVolumeToFileInMemory
D3DXSaveVolumeToFileW
D3DXSimplifyMesh
D3DXSphereBoundProbe
D3DXSplitMesh
D3DXTessellateNPatches
D3DXTessellateRectPatch
D3DXTessellateTriPatch
D3DXTriPatchSize
D3DXUVAtlasCreate
D3DXUVAtlasPack
D3DXUVAtlasPartition
D3DXValidMesh
D3DXValidPatchMesh
D3DXVec2BaryCentric
D3DXVec2CatmullRom
D3DXVec2Hermite
D3DXVec2Normalize
D3DXVec2Transform
D3DXVec2TransformArray
D3DXVec2TransformCoord
D3DXVec2TransformCoordArray
D3DXVec2TransformNormal
D3DXVec2TransformNormalArray
D3DXVec3BaryCentric
D3DXVec3CatmullRom
D3DXVec3Hermite
D3DXVec3Normalize
D3DXVec3Project
D3DXVec3ProjectArray
D3DXVec3Transform
D3DXVec3TransformArray
D3DXVec3TransformCoord
D3DXVec3TransformCoordArray
D3DXVec3TransformNormal
D3DXVec3TransformNormalArray
D3DXVec3Unproject
D3DXVec3UnprojectArray
D3DXVec4BaryCentric
D3DXVec4CatmullRom
D3DXVec4Cross
D3DXVec4Hermite
D3DXVec4Normalize
D3DXVec4Transform
D3DXVec4TransformArray
D3DXWeldVertices

Sections

.text
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 57KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ffcodec64.dll
.dll windows:4 windows x64 arch:x64

4e1903dd049f4d7341884c3bc78a4ed2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

advapi32

CryptAcquireContextA
CryptGenRandom
CryptReleaseContext

kernel32

CloseHandle
CreateEventA
CreateFileMappingA
CreateSemaphoreA
CreateSemaphoreW
CreateThread
DeleteCriticalSection
DisableThreadLibraryCalls
DuplicateHandle
EnterCriticalSection
FreeLibrary
GetConsoleScreenBufferInfo
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetLastError
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetProcAddress
GetProcessAffinityMask
GetStdHandle
GetSystemDirectoryA
GetSystemInfo
GetSystemTimeAsFileTime
GetThreadContext
GetThreadPriority
GetTickCount
GetTimeZoneInformation
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
LoadLibraryA
MapViewOfFile
MoveFileExA
MoveFileExW
MultiByteToWideChar
OpenProcess
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReleaseSemaphore
ResetEvent
ResumeThread
RtlAddFunctionTable
RtlCaptureContext
RtlLookupFunctionEntry
RtlUnwindEx
RtlVirtualUnwind
SetConsoleTextAttribute
SetEvent
SetLastError
SetThreadContext
SetThreadPriority
SetUnhandledExceptionFilter
Sleep
SuspendThread
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
UnmapViewOfFile
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte

msvcrt

___lc_codepage_func
__dllonexit
__iob_func
__mb_cur_max
__setusermatherr
_aligned_free
_aligned_malloc
_amsg_exit
_beginthreadex
_endthreadex
_errno
_exit
_findclose
_fstat64
_ftime64
_get_osfhandle
_gmtime64
_hypot
_initterm
_localtime64
_lock
_lseeki64
_mkdir
_mktime64
_onexit
_rmdir
_setjmp
_snwprintf
_sopen
_time64
_unlink
_unlock
_vsnprintf
_wfindfirst64
_wfindnext64
_wmkdir
_wrmdir
_wsopen
_wunlink
abort
acos
asin
atan
atof
atoi
bsearch
calloc
clock
cosh
exit
fclose
ferror
fflush
fgetc
fopen
fprintf
fputc
fputs
fread
free
frexp
fseek
fwprintf
fwrite
getc
getenv
islower
isspace
isupper
isxdigit
localeconv
log10
malloc
memchr
memcmp
memcpy
memmove
memset
printf
qsort
raise
rand
realloc
signal
sinh
sprintf
strchr
strcmp
strcpy
strcspn
strerror
strftime
strlen
strncat
strncmp
strncpy
strrchr
strspn
strstr
strtol
strtoul
tan
tanh
tolower
ungetc
vfprintf
wcscpy
wcslen
_stat64
longjmp
_write
_tempnam
_setmode
_read
_fileno
_fdopen
_close
_access

secur32

AcquireCredentialsHandleA
ApplyControlToken
DecryptMessage
DeleteSecurityContext
EncryptMessage
FreeContextBuffer
FreeCredentialsHandle
InitializeSecurityContextA
QueryContextAttributesA

user32

MessageBoxW

ws2_32

WSACleanup
WSAGetLastError
WSAStartup
__WSAFDIsSet
accept
bind
closesocket
connect
freeaddrinfo
getaddrinfo
gethostname
getnameinfo
getpeername
getsockname
getsockopt
htonl
htons
ioctlsocket
listen
ntohl
ntohs
recv
recvfrom
select
send
sendto
setsockopt
shutdown
socket

Exports

Exports

GetHWCodec
SetHWFunction
WelsCreateDecoder
WelsCreateSVCEncoder
WelsDestroyDecoder
WelsDestroySVCEncoder
av_bitstream_filter_close
av_bitstream_filter_filter
av_bitstream_filter_init
av_buffer_create
av_buffersink_get_frame
av_buffersrc_write_frame
av_chroma_location_name
av_color_primaries_name
av_color_range_name
av_color_space_name
av_color_transfer_name
av_default_item_name
av_dict_free
av_dict_get
av_dict_parse_string
av_dict_set
av_find_input_format
av_frame_alloc
av_frame_clone
av_frame_copy_props
av_frame_free
av_frame_get_best_effort_timestamp
av_frame_get_buffer
av_frame_get_channel_layout
av_frame_get_channels
av_frame_get_color_range
av_frame_get_colorspace
av_frame_get_qp_table
av_frame_get_sample_rate
av_frame_get_side_data
av_frame_move_ref
av_frame_ref
av_frame_unref
av_free
av_free_packet
av_freep
av_get_bytes_per_sample
av_get_pix_fmt_name
av_get_sample_fmt_name
av_guess_format
av_hmac_alloc
av_hmac_calc
av_hmac_final
av_hmac_free
av_hmac_init
av_hmac_update
av_init_packet
av_interleaved_write_frame
av_log_get_level
av_log_set_callback
av_log_set_level
av_malloc
av_mallocz
av_new_packet
av_opt_set
av_opt_set_double
av_opt_set_int
av_opt_set_q
av_packet_free_side_data
av_packet_get_side_data
av_packet_new_side_data
av_packet_ref
av_packet_unref
av_parser_close
av_parser_init
av_parser_parse2
av_read_frame
av_realloc
av_reduce
av_register_all
av_rescale
av_sample_fmt_is_planar
av_samples_get_buffer_size
av_seek_frame
av_strdup
av_vlog
av_write_frame
av_write_trailer
avcodec_alloc_context3
avcodec_close
avcodec_copy_context
avcodec_decode_audio4
avcodec_decode_video2
avcodec_default_get_buffer2
avcodec_default_get_format
avcodec_encode_audio2
avcodec_encode_video2
avcodec_fill_audio_frame
avcodec_find_decoder
avcodec_find_decoder_by_name
avcodec_find_encoder
avcodec_flush_buffers
avcodec_is_open
avcodec_open2
avcodec_register_all
avfilter_get_by_name
avfilter_graph_alloc
avfilter_graph_alloc_filter
avfilter_graph_config
avfilter_graph_create_filter
avfilter_graph_free
avfilter_init_str
avfilter_link
avfilter_register_all
avformat_alloc_context
avformat_alloc_output_context2
avformat_close_input
avformat_find_stream_info
avformat_free_context
avformat_get_mov_audio_tags
avformat_get_mov_video_tags
avformat_get_riff_audio_tags
avformat_get_riff_video_tags
avformat_network_init
avformat_new_stream
avformat_open_input
avformat_seek_file
avformat_write_header
avframe_deinterlace
avio_alloc_context
avio_close
avio_close_dyn_buf
avio_flush
avio_open
avio_open2
avio_open_dyn_buf
avio_read
avio_seek
avio_size
avio_write
avresample_alloc_context
avresample_available
avresample_build_matrix
avresample_close
avresample_convert
avresample_free
avresample_get_delay
avresample_open
avresample_set_matrix
ff_alloc_packet2
ff_fft_end
ff_fft_init
ff_find_hwaccel
ff_get_codec_version
ff_get_ctx
ff_me_cmp_init
ff_side_data_set_encoder_stats
get_chapter_info
get_chapter_num
get_major_version
set_chapter_num
set_mem_allocator
swr_alloc
swr_alloc_set_opts
swr_convert
swr_free
swr_init

Sections

.text
Size: 10.6MB - Virtual size: 10.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 117KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2.7MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rodata
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.pdata
Size: 173KB - Virtual size: 173KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 219KB - Virtual size: 219KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 6.7MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

32f3282581436269b3a75b6675fe3e08

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate

Extended Key Usages

Key Usages

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate

Extended Key Usages

Key Usages

6f:f3:35:a7:1a:f0:39:11:f5:46:68:dc:cc:13:44:1cCertificate

Extended Key Usages

Key Usages

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2aCertificate

Extended Key Usages

Key Usages

Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 28KB - Virtual size: 27KB

.rdata Size: 11KB - Virtual size: 10KB

.data Size: 512B - Virtual size: 415KB

.ndata Size: - Virtual size: 852KB

.rsrc Size: 39KB - Virtual size: 38KB

.reloc Size: 4KB - Virtual size: 3KB

cd90e33ffbc335413a25300c682c83df

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comdlg32

ole32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 6KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 1024B - Virtual size: 17KB

.rsrc Size: 512B - Virtual size: 152B

.reloc Size: 1KB - Virtual size: 1KB

e02b24cfd7b5c55e4686d868682e10f4

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

Exports

Exports

Sections

.text Size: 14KB - Virtual size: 14KB

.data Size: 512B - Virtual size: 116B

.rsrc Size: 1024B - Virtual size: 896B

.reloc Size: 1KB - Virtual size: 1KB

f76ea39bf433a18ae7304f0735f30925

Headers

DLL Characteristics

File Characteristics

PDB Paths

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

6f:f3:35:a7:1a:f0:39:11:f5:46:68:dc:cc:13:44:1c
Certificate

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

.text
Size: 28KB - Virtual size: 27KB

.rdata
Size: 11KB - Virtual size: 10KB

.data
Size: 512B - Virtual size: 415KB

.ndata
Size: - Virtual size: 852KB

.rsrc
Size: 39KB - Virtual size: 38KB

.reloc
Size: 4KB - Virtual size: 3KB

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 1024B - Virtual size: 17KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1KB - Virtual size: 1KB

.text
Size: 14KB - Virtual size: 14KB

.data
Size: 512B - Virtual size: 116B

.rsrc
Size: 1024B - Virtual size: 896B

.reloc
Size: 1KB - Virtual size: 1KB

.text
Size: 579KB - Virtual size: 579KB

.rdata
Size: 239KB - Virtual size: 239KB

.data
Size: 9KB - Virtual size: 20KB

.pdata
Size: 35KB - Virtual size: 34KB

.rsrc
Size: 1024B - Virtual size: 648B

.reloc
Size: 6KB - Virtual size: 5KB

2e:ab:11:dc:50:ff:5c:9d:cb:c0
Certificate

61:01:cf:3e:00:00:00:00:00:0f
Certificate

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

61:06:94:2d:00:00:00:00:00:09
Certificate

94:57:86:d0:6e:0d:5e:e4:4f:3c:0e:99:a0:27:2e:c8:c5:7d:19:86
Signer

.text
Size: 2.3MB - Virtual size: 2.3MB

.data
Size: 21KB - Virtual size: 37KB

.pdata
Size: 53KB - Virtual size: 52KB

.rsrc
Size: 1024B - Virtual size: 968B

.reloc
Size: 18KB - Virtual size: 17KB

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

25:6a:e1:6f:76:f3:1a:25:55:7b:14:a2:4c:09:05:d0
Certificate

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate