f63115fd0c91593f843d544ca98033a9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f63115fd0c91593f843d544ca98033a9_JaffaCakes118
Size

10.4MB
MD5

f63115fd0c91593f843d544ca98033a9
SHA1

26d6851741d0d4d204e8c503edd4298ae42df889
SHA256

e7828fe2ff4c92df2497bbc458065f8ac70e061b98fd233d36ed48d8c8866efa
SHA512

87455206da56be648927367a156fc57d42e49d84584cfc44c9bbd399bc492118168a6331bdc7fc3b813785c8703b94532b8c4d9a9672d9935282e06da52dbb1c
SSDEEP

196608:qMhKC9cggENlvqj+Lrvsg3tRB1eYYI3uBfqGlFpLKtSp+Fsglcdp3MApNU5ukFhV:qMKfgg8hWUTsih1eYIsGfpL8ScFsgli6

Score

3^/10

Malware Config

Signatures

Unsigned PE 43 IoCs

Checks for missing Authenticode signature.

resource
f63115fd0c91593f843d544ca98033a9_JaffaCakes118
unpack001/$PLUGINSDIR/System.dll
unpack001/$PLUGINSDIR/processwork.dll
unpack001/$SYSDIR/EBL_Reader.dll
unpack001/$SYSDIR/EblSmartICAPI.dll
unpack001/$SYSDIR/HH_ICC_EBL.dll
unpack001/$SYSDIR/HH_ICC_MNGR.dll
unpack001/$SYSDIR/HH_IFD_MNGR.dll
unpack001/$SYSDIR/HS_ICC_EBL.DLL
unpack001/$SYSDIR/HS_ICC_MNGR.dll
unpack001/$SYSDIR/HS_IFD_MNGR.DLL
unpack001/$SYSDIR/ICEBLTOSKF.dll
unpack001/$SYSDIR/MFC42D.DLL
unpack001/$SYSDIR/MFCO42D.DLL
unpack001/$SYSDIR/MSVCRTD.DLL
unpack001/$SYSDIR/PvkPinProtectDLL.dll
unpack001/$SYSDIR/ReaderTOGM.dll
unpack001/$SYSDIR/SKF_APP.dll
unpack001/$SYSDIR/SKF_COS.dll
unpack001/$SYSDIR/SKF_IFD.dll
unpack001/$SYSDIR/SM2_dll.dll
unpack001/$SYSDIR/TSPClient.dll
unpack001/$SYSDIR/ZFHLGM.dll
unpack001/$SYSDIR/ZF_ICC_EBL.dll
unpack001/$SYSDIR/ZF_ICC_MNGR.dll
unpack001/$SYSDIR/ZF_IFD_MNGR.dll
unpack001/$SYSDIR/autonk.dll
unpack001/$SYSDIR/blicAtv.dll
unpack001/$SYSDIR/certsoft.dll
unpack001/$SYSDIR/gpsvc.dll
unpack001/$SYSDIR/ieshims.dll
unpack001/$SYSDIR/libiconv2.dll
unpack001/$SYSDIR/libnspr3.dll
unpack001/$SYSDIR/libplc3.dll
unpack001/$SYSDIR/libplds3.dll
unpack001/$SYSDIR/nsldapssl32v41.dll
unpack001/$SYSDIR/pkiapi.dll
unpack001/$SYSDIR/sysntfy.dll
unpack001/$SYSDIR/whharddll.dll
unpack001/C:/driverfile/usbccid.sys
unpack001/uninst.exe
unpack002/$PLUGINSDIR/System.dll
unpack002/$PLUGINSDIR/processwork.dll

NSIS installer 4 IoCs

installer

resource	yara_rule
sample	nsis_installer_1
sample	nsis_installer_2
static1/unpack001/uninst.exe	nsis_installer_1
static1/unpack001/uninst.exe	nsis_installer_2

Files

f63115fd0c91593f843d544ca98033a9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7fa974366048f9c551ef45714595665e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
GetWindowsDirectoryA
SetFileTime
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
CreateFileA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetTempPathA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 40KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

2017f2acbdaa42ab3e4adeb8b4c37e7b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
GetLastError
lstrcpyA
lstrcpynA
FreeLibrary
lstrcatA
GetProcAddress
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
VirtualAlloc
VirtualProtect

user32

wsprintfA

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 520B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/processwork.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

CloseProcess
ExistsProcess
KillProcess
QuitProcess

Sections

CODE
Size: 200KB - Virtual size: 200KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 147B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 47B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PROGRAMFILES/cryptosoft/Config/CRLDATA.crl
$PROGRAMFILES/cryptosoft/Config/phwin.xml
$PROGRAMFILES/cryptosoft/Config/regwin.xml
$PROGRAMFILES/cryptosoft/Config/vssver.scc
$PROGRAMFILES/cryptosoft/SoftStoreSimulator/BUZICA-CertEx.cer
$PROGRAMFILES/cryptosoft/SoftStoreSimulator/BUZICA-CertSig.cer
$PROGRAMFILES/cryptosoft/SoftStoreSimulator/ROOTCA_CERT-CertEx.cer
$PROGRAMFILES/cryptosoft/SoftStoreSimulator/ROOTCA_CERT-CertSig.cer
$PROGRAMFILES/cryptosoft/SoftStoreSimulator/crl/CRLDATA.crl
$PROGRAMFILES/cryptosoft/SoftStoreSimulator/crl/vssver.scc
$PROGRAMFILES/cryptosoft/SoftStoreSimulator/vssver.scc
$PROGRAMFILES/cryptosoft/samples/APP.htm
.html .js polyglot
$PROGRAMFILES/cryptosoft/samples/CAA.htm
.html .js polyglot
$PROGRAMFILES/cryptosoft/samples/images/06.jpg
.jpg
$PROGRAMFILES/cryptosoft/samples/images/077.jpg
.jpg
$PROGRAMFILES/cryptosoft/samples/images/3.gif
.gif
$PROGRAMFILES/cryptosoft/samples/images/b1.gif
.gif
$PROGRAMFILES/cryptosoft/samples/images/b10.gif
.gif
$PROGRAMFILES/cryptosoft/samples/images/b11.gif
.gif
$PROGRAMFILES/cryptosoft/samples/images/b12.gif
.gif
$PROGRAMFILES/cryptosoft/samples/images/b2.gif
.gif
$PROGRAMFILES/cryptosoft/samples/images/b3.gif
.gif
$PROGRAMFILES/cryptosoft/samples/images/b4.gif
.gif
$PROGRAMFILES/cryptosoft/samples/images/b5.gif
.gif
$PROGRAMFILES/cryptosoft/samples/images/b6.gif
.gif
$PROGRAMFILES/cryptosoft/samples/images/b7.gif
.gif
$PROGRAMFILES/cryptosoft/samples/images/b8.gif
.gif
$PROGRAMFILES/cryptosoft/samples/images/b9.gif
.gif
$PROGRAMFILES/cryptosoft/samples/images/bbs_sl_p1.gif
.gif
$PROGRAMFILES/cryptosoft/samples/images/bbs_sl_p2.gif
.gif
$PROGRAMFILES/cryptosoft/samples/images/bg.jpg
.jpg
$PROGRAMFILES/cryptosoft/samples/images/bg01.gif
.gif
$PROGRAMFILES/cryptosoft/samples/images/blue-loading.gif
.gif
$PROGRAMFILES/cryptosoft/samples/images/h05.gif
.gif
$PROGRAMFILES/cryptosoft/samples/images/h06.gif
.gif
$PROGRAMFILES/cryptosoft/samples/images/h12.gif
.gif
$PROGRAMFILES/cryptosoft/samples/images/h3.jpg
.jpg
$PROGRAMFILES/cryptosoft/samples/images/h4.jpg
.jpg
$PROGRAMFILES/cryptosoft/samples/images/h5.jpg
.jpg
$PROGRAMFILES/cryptosoft/samples/images/input.gif
.gif
$PROGRAMFILES/cryptosoft/samples/images/ip.gif
.gif
$PROGRAMFILES/cryptosoft/samples/images/licence.jpg.png
.png
$PROGRAMFILES/cryptosoft/samples/images/licence_img_a.jpg.png
.png
$PROGRAMFILES/cryptosoft/samples/images/licence_pic_a.jpg
.jpg
$PROGRAMFILES/cryptosoft/samples/images/licence_pic_a_hq.jpg
.jpg
$PROGRAMFILES/cryptosoft/samples/images/licence_pic_a_hq1.jpg
.jpg
$PROGRAMFILES/cryptosoft/samples/images/licence_pic_a_hq2.jpg
.jpg
$PROGRAMFILES/cryptosoft/samples/images/licence_pic_b.jpg
.jpg
$PROGRAMFILES/cryptosoft/samples/images/licence_pic_c.jpg
.jpg
$PROGRAMFILES/cryptosoft/samples/images/licence_pic_d.jpg
.jpg
$PROGRAMFILES/cryptosoft/samples/images/licence_pic_e.jpg
.jpg
$PROGRAMFILES/cryptosoft/samples/images/licence_pic_f.jpg
.jpg
$PROGRAMFILES/cryptosoft/samples/images/licence_pic_f_hq.jpg
.jpg
$PROGRAMFILES/cryptosoft/samples/images/licence_pic_f_hq2.jpg
.jpg
$PROGRAMFILES/cryptosoft/samples/images/licence_pic_g.jpg
.jpg
$PROGRAMFILES/cryptosoft/samples/images/licence_pic_g1_hq.jpg
.jpg
$PROGRAMFILES/cryptosoft/samples/images/licence_pic_g1_hq1.jpg
.jpg
$PROGRAMFILES/cryptosoft/samples/images/licence_pic_g1_hq2.jpg
.jpg
$PROGRAMFILES/cryptosoft/samples/images/licence_pic_g2_hq.jpg
.jpg
$PROGRAMFILES/cryptosoft/samples/images/licence_pic_g2_hq1.jpg
.jpg
$PROGRAMFILES/cryptosoft/samples/images/licence_pic_g2_hq2.jpg
.jpg
$PROGRAMFILES/cryptosoft/samples/images/licence_pic_h.jpg
.jpg
$PROGRAMFILES/cryptosoft/samples/images/nav_bg.gif
.gif
$PROGRAMFILES/cryptosoft/samples/images/nav_but.gif
.gif
$PROGRAMFILES/cryptosoft/samples/images/qt.jpg
.jpg
$PROGRAMFILES/cryptosoft/samples/images/view.css
$PROGRAMFILES/cryptosoft/samples/images/view1.css
$PROGRAMFILES/cryptosoft/samples/newmodifyPin.html
.html .js polyglot
$PROGRAMFILES/cryptosoft/samples/templet/images/b1.gif
.gif
$PROGRAMFILES/cryptosoft/samples/templet/images/b10.gif
.gif
$PROGRAMFILES/cryptosoft/samples/templet/images/b11.gif
.gif
$PROGRAMFILES/cryptosoft/samples/templet/images/b12.gif
.gif
$PROGRAMFILES/cryptosoft/samples/templet/images/b2.gif
.gif
$PROGRAMFILES/cryptosoft/samples/templet/images/b3.gif
.gif
$PROGRAMFILES/cryptosoft/samples/templet/images/b4.gif
.gif
$PROGRAMFILES/cryptosoft/samples/templet/images/b5.gif
.gif
$PROGRAMFILES/cryptosoft/samples/templet/images/b6.gif
.gif
$PROGRAMFILES/cryptosoft/samples/templet/images/b7.gif
.gif
$PROGRAMFILES/cryptosoft/samples/templet/images/b8.gif
.gif
$PROGRAMFILES/cryptosoft/samples/templet/images/b9.gif
.gif
$PROGRAMFILES/cryptosoft/samples/templet/images/bbs_sl_p1.gif
.gif
$PROGRAMFILES/cryptosoft/samples/templet/images/bbs_sl_p2.gif
.gif
$PROGRAMFILES/cryptosoft/samples/templet/images/bg.jpg
.jpg
$PROGRAMFILES/cryptosoft/samples/templet/images/bg01.gif
.gif
$PROGRAMFILES/cryptosoft/samples/templet/images/blue-loading.gif
.gif
$PROGRAMFILES/cryptosoft/samples/templet/images/input.gif
.gif
$PROGRAMFILES/cryptosoft/samples/templet/images/ip.gif
.gif
$PROGRAMFILES/cryptosoft/samples/templet/images/nav_bg.gif
.gif
$PROGRAMFILES/cryptosoft/samples/templet/images/nav_but.gif
.gif
$PROGRAMFILES/cryptosoft/samples/templet/images/view.css
$PROGRAMFILES/cryptosoft/samples/templet/index.html
.js
$SYSDIR/DPInst32.EXE
.exe windows:5 windows x86 arch:x86

2f37bd2cfc60f22d94e4856bdefb22d6

Code Sign

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

04/12/2003, 00:00

Not After

03/12/2008, 23:59

Subject

CN=VeriSign Time Stamping Services Signer,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

6a:0b:99:4f:c0:00:1b:ab:11:da:3a:a1:b6:df:ec:88
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

11/10/2005, 21:55

Not After

26/04/2010, 07:00

Subject

CN=Microsoft Windows Verification Intermediate PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

61:10:c3:52:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Windows Verification Intermediate PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

11/10/2005, 23:24

Not After

11/01/2007, 23:34

Subject

CN=Microsoft Windows Component Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

d6:ac:c4:be:67:64:23:a2:b1:30:b7:8a:4b:62:7f:c4:57:d9:89:97
Signer

Actual PE Digest

d6:ac:c4:be:67:64:23:a2:b1:30:b7:8a:4b:62:7f:c4:57:d9:89:97

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\difx\source\base\pnp\dfx\dpinst\obj\i386\DpInst.pdb

Imports

advapi32

FreeSid
EqualSid
AllocateAndInitializeSid
GetTokenInformation
OpenProcessToken
IsTextUnicode
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
AddAccessAllowedAce
InitializeAcl
GetLengthSid
RegDeleteKeyW
RegCloseKey
RegSetValueExW
RegCreateKeyExW
RegOpenKeyExW
RegQueryValueExW
RegDeleteValueW
CloseServiceHandle
QueryServiceStatus
OpenServiceW
OpenSCManagerW
ControlService
StartServiceW
DeleteService
SetEntriesInAclW
ConvertStringSecurityDescriptorToSecurityDescriptorW
CheckTokenMembership

kernel32

UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
GetFileSize
LocalFree
FormatMessageW
SetFileAttributesW
FindClose
FindNextFileW
FindFirstFileW
GetTempFileNameW
lstrcmpiW
lstrcmpW
lstrlenW
GetFileAttributesW
DeleteFileW
ReadFile
SetFilePointer
ReleaseMutex
WaitForSingleObject
HeapFree
GetProcessHeap
SetEndOfFile
HeapAlloc
InterlockedCompareExchange
CreateMutexW
CreateEventW
SetEvent
InterlockedExchangeAdd
ResetEvent
FreeLibrary
SetConsoleCursorPosition
FillConsoleOutputCharacterW
ReadConsoleOutputW
GetConsoleScreenBufferInfo
SetConsoleMode
GetConsoleMode
FreeConsole
GetStdHandle
GetProcAddress
LoadLibraryW
WriteConsoleOutputW
WriteConsoleW
QueryPerformanceCounter
GetTickCount
InterlockedDecrement
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetVersionExA
GetStartupInfoW
MultiByteToWideChar
HeapReAlloc
ExitProcess
GetModuleHandleA
GetModuleFileNameA
GetModuleFileNameW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
SetThreadLocale
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
VirtualQuery
VirtualAlloc
IsBadWritePtr
Sleep
HeapSize
LCMapStringA
WideCharToMultiByte
LCMapStringW
VirtualProtect
GetSystemInfo
LoadLibraryA
IsBadReadPtr
IsBadCodePtr
GetCPInfo
GetStringTypeA
GetStringTypeW
SetStdHandle
FlushFileBuffers
EnterCriticalSection
LeaveCriticalSection
InterlockedIncrement
CreateThread
CreateFileW
WriteFile
GetCommandLineW
GlobalFree
GetUserDefaultUILanguage
GetCurrentThreadId
IsValidLocale
WaitForMultipleObjects
lstrcpyW
LocalReAlloc
DeviceIoControl
GetSystemDirectoryW
LocalAlloc
VerSetConditionMask
VerifyVersionInfoW
CompareStringW
GetEnvironmentVariableW
GetCurrentDirectoryW
GetSystemWindowsDirectoryW
SetLastError
CopyFileW
GetShortPathNameW
MoveFileExW
RemoveDirectoryW
CreateDirectoryW
GetFullPathNameW
lstrcpynW
GetModuleHandleW
GetCurrentProcess
GetLastError
CloseHandle
FindResourceExW
FindResourceW
LoadResource
EnumResourceLanguagesW
GetLocalTime
LockResource
SizeofResource
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GetWindowsDirectoryW
SetHandleCount
SetCurrentDirectoryW
GetVersionExW
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
RtlUnwind

gdi32

EndPage
StartDocW
EndDoc
GetTextMetricsW
GetDeviceCaps
CreateFontIndirectW
DeleteObject
StartPage

user32

DrawTextExW
LoadImageW
LoadBitmapW
GetSystemMetrics
GetSysColor
LoadIconW
LoadStringW
DestroyWindow
GetWindowLongW
SendDlgItemMessageW
InvalidateRect
SystemParametersInfoW
GetDC
ReleaseDC
SetWindowLongW
SetWindowTextW
SetDlgItemTextW
GetParent
PostMessageW
IsDlgButtonChecked
CheckDlgButton
SetFocus
CallWindowProcW
DestroyIcon
DialogBoxParamW
EndDialog
GetDlgItem
MessageBoxW
GetProcessWindowStation
GetUserObjectInformationW
SendMessageW
CharLowerW
CharPrevW

ntdll

memset

shell32

ord59
CommandLineToArgvW
SHGetFolderPathW

setupapi

SetupDefaultQueueCallbackW
SetupCommitFileQueueW
SetupInitDefaultQueueCallbackEx
SetupOpenFileQueue
SetupCloseFileQueue
SetupGetTargetPathW
SetupDiDestroyDeviceInfoList
SetupDiGetClassDevsW
SetupDiOpenDevRegKey
SetupDiEnumDeviceInfo
SetupCopyOEMInfW
SetupDiSetDeviceRegistryPropertyW
SetupDiGetDeviceRegistryPropertyW
SetupDiCreateDeviceInfoList
CM_Get_DevNode_Status
SetupDiGetDeviceInstanceIdW
SetupDiCallClassInstaller
SetupDiBuildDriverInfoList
SetupDiSetDeviceInstallParamsW
SetupDiGetDeviceInstallParamsW
SetupDiGetDriverInfoDetailW
SetupDiGetSelectedDriverW
SetupDiSetClassInstallParamsW
SetupDiOpenDeviceInfoW
SetupTermDefaultQueueCallback
SetupOpenInfFileW
SetupCloseInfFile
SetupDiGetActualSectionToInstallW
SetupGetLineCountW
SetupOpenAppendInfFileW
SetupFindFirstLineW
SetupInstallServicesFromInfSectionW
SetupInstallFromInfSectionW
SetupPromptReboot
SetupInstallFilesFromInfSectionW
SetupFindNextMatchLineW
SetupFindNextLine
SetupGetStringFieldW
SetupGetIntField
SetupGetFieldCount
pSetupGetGlobalFlags
pSetupSetGlobalFlags
SetupDiClassNameFromGuidW
SetupDiOpenClassRegKey
CM_Locate_DevNodeW
CM_Get_Device_ID_List_SizeW
CM_Get_Device_ID_ListW
CM_Setup_DevNode
CM_Query_And_Remove_SubTreeW
CM_Enumerate_Classes
CM_Get_Device_IDW
SetupQueueCopyIndirectW
SetupQueueCopyW
SetupDiSetSelectedDevice
CMP_WaitNoPendingInstallEvents

wintrust

CryptCATAdminCalcHashFromFileHandle
WinVerifyTrust

ole32

CoTaskMemFree
StringFromCLSID
CoUninitialize
CoInitialize
CoCreateInstance

oleaut32

VariantClear
VariantChangeType
SysAllocString
VariantInit
SysFreeString

crypt32

CertFreeCTLContext
CryptQueryObject
CertFreeCertificateContext
CertGetCTLContextProperty

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

Sections

.text
Size: 394KB - Virtual size: 393KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Shared
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$SYSDIR/EBL_Reader.dll
.dll windows:5 windows x86 arch:x86

f7372066662843f07465d01087fe9dff

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

F:\ml\EBL\EBL_Reader\Release\EBL_Reader.pdb

Imports

kernel32

LoadLibraryA
GetModuleFileNameA
GetPrivateProfileSectionNamesA
WaitForSingleObject
GetPrivateProfileStringA
CreateSemaphoreA
ReleaseSemaphore
GetLastError
CloseHandle
GetProcAddress
FreeLibrary
HeapFree
HeapAlloc
GetCurrentThreadId
DecodePointer
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapCreate
HeapDestroy
GetModuleHandleW
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameW
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
Sleep
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
LoadLibraryW
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapReAlloc
RtlUnwind
HeapSize
IsProcessorFeaturePresent
LCMapStringW
MultiByteToWideChar
GetStringTypeW

advapi32

InitializeSecurityDescriptor
SetSecurityDescriptorDacl

Exports

Exports

EBL_ICC_Reader_CardPowerOff
EBL_ICC_Reader_CardPowerOn
EBL_ICC_Reader_ChangeLogicDeviceMK
EBL_ICC_Reader_ChangeMK
EBL_ICC_Reader_Connect
EBL_ICC_Reader_CreateLogicDevice
EBL_ICC_Reader_CreateSecurityChannelApp
EBL_ICC_Reader_DeleteLogicDevice
EBL_ICC_Reader_DeleteSecurityChannelApp
EBL_ICC_Reader_DisConnect
EBL_ICC_Reader_ESAM_ComputeAuthenticateData
EBL_ICC_Reader_ESAM_ExportCert
EBL_ICC_Reader_ESAM_ExportPublicKey
EBL_ICC_Reader_ESAM_PrivateKeyDecrypt
EBL_ICC_Reader_GetInfo
EBL_ICC_Reader_GetStatus
EBL_ICC_Reader_ListReaders
EBL_ICC_Reader_ReadConfigInfo
EBL_ICC_Reader_Transmit
EBL_ICC_Reader_WriteConfigInfo

Sections

.text
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/EblSmartICAPI.dll
.dll windows:5 windows x86 arch:x86

b82bae5f44d0fd58b5a92572af17b4c3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

i:\2014\国密库IC卡\vcprojects\Release\SmartCTCAPIHID.pdb

Imports

kernel32

CreateFileA
InterlockedCompareExchange
SetEnvironmentVariableA
DeviceIoControl
GetTickCount
Sleep
ReleaseMutex
WaitForSingleObject
CloseHandle
EnterCriticalSection
GetLastError
CreateSemaphoreA
GetCurrentProcessId
CreateMutexA
HeapAlloc
LeaveCriticalSection
GetProcessHeap
HeapFree
IsBadWritePtr
DeleteCriticalSection
InitializeCriticalSection
ReleaseSemaphore
CompareStringW
CompareStringA
SetEndOfFile
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetLocaleInfoW
PurgeComm
CreateEventA
ReadFile
GetOverlappedResult
CancelIo
WriteFile
MultiByteToWideChar
MapViewOfFile
UnmapViewOfFile
CreateFileMappingA
LocalFree
OpenSemaphoreA
LocalAlloc
GetModuleFileNameA
IsValidLocale
GetSystemTimeAsFileTime
DeleteFileA
HeapReAlloc
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
RtlUnwind
GetCurrentThreadId
GetCommandLineA
SetConsoleCtrlHandler
HeapCreate
HeapDestroy
VirtualFree
FatalAppExitA
VirtualAlloc
GetModuleHandleW
GetProcAddress
ExitProcess
GetStdHandle
WideCharToMultiByte
GetTimeZoneInformation
SetHandleCount
GetFileType
GetStartupInfoA
SetFilePointer
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThread
HeapSize
LCMapStringA
LCMapStringW
GetModuleHandleA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
InitializeCriticalSectionAndSpinCount
FreeLibrary
InterlockedExchange
LoadLibraryA
GetConsoleCP
GetConsoleMode
SetStdHandle
FlushFileBuffers
GetStringTypeA
GetStringTypeW
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA

user32

CharUpperBuffA
FindWindowA

advapi32

CryptAcquireContextA
CryptGetUserKey
CryptExportKey
CryptDestroyKey
CryptReleaseContext
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
CryptGenRandom

hid

HidP_GetCaps
HidD_SetFeature
HidD_GetFeature
HidD_GetManufacturerString
HidD_GetHidGuid
HidD_GetPreparsedData
HidD_FreePreparsedData
HidD_GetAttributes

setupapi

SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiGetClassDevsA
SetupDiEnumDeviceInterfaces
SetupDiDestroyDeviceInfoList
SetupDiGetDeviceInterfaceDetailA

crypt32

CertAddEncodedCertificateToStore
CertSetCertificateContextProperty
PFXImportCertStore
CertFindCertificateInStore
CryptAcquireCertificatePrivateKey
CertEnumCertificatesInStore
CertGetNameStringA
CertCompareCertificateName
CertCloseStore
CertCreateCertificateContext
CertFreeCertificateContext
CertOpenSystemStoreA

shlwapi

PathRemoveFileSpecA

Exports

Exports

EBL_CancelWaitForDevEvent
EBL_ChangeDevAuthKey
EBL_ChangePIN
EBL_ChangePinByPinID
EBL_ClearSecureState
EBL_CloseApplication
EBL_CloseContainer
EBL_CloseHandle
EBL_ConnectDev
EBL_CreateApplication
EBL_CreateContainer
EBL_CreateFile
EBL_Decrypt
EBL_DecryptFinal
EBL_DecryptInit
EBL_DecryptUpdate
EBL_DeleteApplication
EBL_DeleteContainer
EBL_DeleteFile
EBL_DevAuth
EBL_Digest
EBL_DigestFinal
EBL_DigestInit
EBL_DigestUpdate
EBL_DisConnectDev
EBL_ECCExportSessionKey
EBL_ECCExportSessionKeyEx
EBL_ECCSignData
EBL_ECCVerify
EBL_Encrypt
EBL_EncryptFinal
EBL_EncryptInit
EBL_EncryptUpdate
EBL_EnumApplication
EBL_EnumContainer
EBL_EnumDev
EBL_EnumFiles
EBL_ExportCertificate
EBL_ExportPublicKey
EBL_ExtECCDecrypt
EBL_ExtECCEncrypt
EBL_ExtECCSign
EBL_ExtECCVerify
EBL_ExtRSAPriKeyOperation
EBL_ExtRSAPubKeyOperation
EBL_GenECCExKey
EBL_GenECCKeyPair
EBL_GenExtRSAKey
EBL_GenExtRSAKey_Ex
EBL_GenRSAKeyPair
EBL_GenRandom
EBL_GenerateAgreementDataAndKeyWithECC
EBL_GenerateAgreementDataWithECC
EBL_GenerateKeyWithECC
EBL_GetAppRight
EBL_GetContainerType
EBL_GetDevInfo
EBL_GetDevState
EBL_GetFileInfo
EBL_GetFunctionList
EBL_GetPINInfo
EBL_ImportCertificate
EBL_ImportECCKeyPair
EBL_ImportRSAKeyPair
EBL_ImportSessionKey
EBL_Key_File
EBL_LockDev
EBL_Mac
EBL_MacFinal
EBL_MacInit
EBL_MacUpdate
EBL_OpenApplication
EBL_OpenContainer
EBL_PrvKeyDecrypt
EBL_RSAExportSessionKey
EBL_RSAExportSessionKeyEx
EBL_RSAImportPrivateKeyEx
EBL_RSAImportPubKeyEx
EBL_RSAPrivateKeyOperationEx
EBL_RSAPublicKeyOperationEx
EBL_RSASignData
EBL_RSAVerify
EBL_ReadFile
EBL_ReadFile_Ex
EBL_SetLabel
EBL_SetSymmKey
EBL_Transmit
EBL_UnblockPIN
EBL_UnlockDev
EBL_VerifyPIN
EBL_VerifyPinByPinID
EBL_WaitForDevEvent
EBL_WriteFile
EBL_WriteFile_Ex
Zf_Export
Zf_Import
Zf_RSAPriToDERPri
Zf_RSAPubToDERPub

Sections

.text
Size: 727KB - Virtual size: 726KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 261KB - Virtual size: 261KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

MyData
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/HH_ICC_EBL.dll
.dll windows:5 windows x86 arch:x86

7aecd700853eb3d7df7d9a5c7f3f8955

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\工作相关\工商项目\CARDSKF - changelib\Release\HH_ICC_EBL.pdb

Imports

kernel32

ReleaseMutex
WaitForSingleObject
CloseHandle
OpenMutexA
CreateMutexA
Sleep
SetEndOfFile
GetConsoleOutputCP
WriteConsoleA
CreateFileA
SetStdHandle
FlushFileBuffers
VirtualQuery
GetTickCount
QueryPerformanceCounter
GetCurrentThreadId
GetCommandLineA
EnterCriticalSection
LeaveCriticalSection
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
InterlockedIncrement
InterlockedDecrement
GetProcAddress
ExitProcess
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetLastError
HeapValidate
IsBadReadPtr
RaiseException
GetModuleFileNameW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapDestroy
HeapCreate
HeapFree
VirtualFree
GetCurrentProcessId
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetACP
GetOEMCP
GetCPInfo
IsValidCodePage
DebugBreak
LoadLibraryA
ReadFile
RtlUnwind
WriteFile
GetConsoleCP
GetConsoleMode
SetFilePointer
FreeLibrary
InitializeCriticalSectionAndSpinCount
HeapAlloc
HeapSize
HeapReAlloc
VirtualAlloc
OutputDebugStringA
WriteConsoleW
OutputDebugStringW
LoadLibraryW
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
GetProcessHeap
lstrcpyA

ebl_reader

EBL_ICC_Reader_ESAM_ExportCert
EBL_ICC_Reader_ListReaders
EBL_ICC_Reader_GetStatus
EBL_ICC_Reader_Transmit
EBL_ICC_Reader_CardPowerOn
EBL_ICC_Reader_Connect
EBL_ICC_Reader_CardPowerOff
EBL_ICC_Reader_DisConnect
EBL_ICC_Reader_ESAM_ComputeAuthenticateData

advapi32

CryptGenRandom
CryptAcquireContextA
CryptReleaseContext

Exports

Exports

EBL_CancelWaitForDevEvent
EBL_ChangeDevAuthKey
EBL_ChangePIN
EBL_ClearSecureState
EBL_CloseApplication
EBL_CloseContainer
EBL_CloseHandle
EBL_ConnectDev
EBL_CreateApplication
EBL_CreateContainer
EBL_CreateFile
EBL_Decrypt
EBL_DecryptFinal
EBL_DecryptInit
EBL_DecryptUpdate
EBL_DeleteApplication
EBL_DeleteContainer
EBL_DeleteFile
EBL_DevAuth
EBL_Digest
EBL_DigestFinal
EBL_DigestInit
EBL_DigestUpdate
EBL_DisConnectDev
EBL_ECCExportSessionKey
EBL_ECCGetZ
EBL_ECCSignData
EBL_ECCVerify
EBL_Encrypt
EBL_EncryptFinal
EBL_EncryptInit
EBL_EncryptUpdate
EBL_EnumApplication
EBL_EnumContainer
EBL_EnumDev
EBL_EnumFiles
EBL_ExportCertificate
EBL_ExportPublicKey
EBL_ExtECCDecrypt
EBL_ExtECCEncrypt
EBL_ExtECCSign
EBL_ExtECCVerify
EBL_ExtRSAPriKeyOperation
EBL_ExtRSAPubKeyOperation
EBL_GenECCKeyPair
EBL_GenExtRSAKey
EBL_GenRSAKeyPair
EBL_GenRandom
EBL_GenerateAgreementDataAndKeyWithECC
EBL_GenerateAgreementDataWithECC
EBL_GenerateKeyWithECC
EBL_GetContainerProperty
EBL_GetContainerType
EBL_GetDevInfo
EBL_GetDevState
EBL_GetFileInfo
EBL_GetPINInfo
EBL_ImportCertificate
EBL_ImportECCKeyPair
EBL_ImportRSAKeyPair
EBL_ImportSessionKey
EBL_LockDev
EBL_Mac
EBL_MacFinal
EBL_MacInit
EBL_MacUpdate
EBL_OpenApplication
EBL_OpenContainer
EBL_PrvKeyDecrypt
EBL_RSAExportSessionKey
EBL_RSAExportSessionKeyEx
EBL_RSASignData
EBL_RSAVerify
EBL_ReadFile
EBL_SetLabel
EBL_SetSymmKey
EBL_Transmit
EBL_UnblockPIN
EBL_UnlockDev
EBL_VerifyPIN
EBL_WaitForDevEvent
EBL_WriteFile

Sections

.text
Size: 341KB - Virtual size: 340KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/HH_ICC_MNGR.dll
.dll windows:5 windows x86 arch:x86

18578dbdfbbd6108eb757c754b5c18dd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ebl_reader

EBL_ICC_Reader_Transmit
EBL_ICC_Reader_ESAM_ExportCert
EBL_ICC_Reader_ESAM_ComputeAuthenticateData
EBL_ICC_Reader_CardPowerOn
EBL_ICC_Reader_Connect
EBL_ICC_Reader_CardPowerOff
EBL_ICC_Reader_DisConnect
EBL_ICC_Reader_GetStatus
EBL_ICC_Reader_ListReaders

kernel32

Sleep
lstrcpyA
OpenMutexA
CreateMutexA
CloseHandle
HeapAlloc
GetLastError
HeapFree
GetCurrentThreadId
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualFree
VirtualAlloc
HeapReAlloc
HeapCreate
HeapDestroy
GetModuleHandleW
GetProcAddress
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
HeapSize
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
RtlUnwind
FreeLibrary
LoadLibraryA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetLocaleInfoA
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW
RaiseException
DebugBreak
GetProcessHeap
GetModuleFileNameW
VirtualQuery
GetConsoleCP
GetConsoleMode
FlushFileBuffers
SetFilePointer
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
CreateFileA

Exports

Exports

EBL_ICC_ChangeLogicDeviceMK
EBL_ICC_ChangeMK
EBL_ICC_ConnectDev
EBL_ICC_CreateLogicDevice
EBL_ICC_DeleteLogicDevice
EBL_ICC_DisConnectDev
EBL_ICC_EnumDev
EBL_ICC_GetInfo
EBL_ICC_ReadConfigInfo
EBL_ICC_WriteConfigInfo

Sections

.text
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/HH_IFD_MNGR.dll
.dll windows:5 windows x86 arch:x86

15872f2e38b32518f174f5e28049d2ed

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\工作相关\工商项目\ReaderManageAPI\Release\HH_IFD_MNGR.pdb

Imports

kernel32

WriteConsoleA
VirtualQuery
GetModuleFileNameW
GetProcessHeap
CreateFileA
FlushFileBuffers
GetConsoleMode
GetConsoleCP
SetStdHandle
GetLastError
HeapFree
HeapAlloc
GetCurrentThreadId
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapCreate
HeapDestroy
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
RaiseException
GetModuleHandleW
Sleep
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
GetConsoleOutputCP
HeapSize
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
RtlUnwind
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetTimeZoneInformation
CompareStringA
CompareStringW
SetEnvironmentVariableA
OutputDebugStringA
CreateMutexA
CloseHandle
WaitForSingleObject
ReleaseMutex
WriteConsoleW
LoadLibraryA
GetProcAddress
FreeLibrary
ReadFile
SetFilePointer
GetModuleHandleA
DebugBreak
SetEndOfFile

winscard

SCardGetAttrib
g_rgSCardT0Pci
g_rgSCardT1Pci
SCardTransmit
SCardReconnect
SCardListReadersA
SCardDisconnect
SCardConnectA
SCardReleaseContext
SCardEstablishContext

advapi32

InitializeAcl
LookupAccountNameA
AddAccessAllowedAce
SetSecurityDescriptorDacl
InitializeSecurityDescriptor

Exports

Exports

ICC_Reader_CardPowerOff
ICC_Reader_CardPowerOn
ICC_Reader_ChangeLogicDeviceMK
ICC_Reader_ChangeMK
ICC_Reader_Connect
ICC_Reader_CreateLogicDevice
ICC_Reader_CreateSecurityChannelApp
ICC_Reader_DeleteConfigInfo
ICC_Reader_DeleteLogicDevice
ICC_Reader_DeleteSecurityChannelApp
ICC_Reader_DisConnect
ICC_Reader_ESAM_ComputeAuthenticateData
ICC_Reader_ESAM_ExportCert
ICC_Reader_ESAM_ExportPublicKey
ICC_Reader_ESAM_PrivateKeyDecrypt
ICC_Reader_GetInfo
ICC_Reader_GetStatus
ICC_Reader_ListReaders
ICC_Reader_ReadConfigInfo
ICC_Reader_Transmit
ICC_Reader_WriteConfigInfo

Sections

.text
Size: 139KB - Virtual size: 139KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/HS_ICC_EBL.DLL
.dll windows:5 windows x86 arch:x86

618a0a4501b2f1a93a33accce2fe434b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

MultiByteToWideChar
GetLastError
LoadLibraryA
GetProcAddress
FreeLibrary
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
LeaveCriticalSection
LocalAlloc
LocalFree
GetCurrentThreadId
CloseHandle
GetCurrentProcessId
GlobalMemoryStatus
GetVersionExA
GetTickCount
QueryPerformanceCounter
GetSystemTimeAsFileTime
HeapFree
HeapAlloc
DecodePointer
GetCommandLineA
HeapReAlloc
GetModuleFileNameA
RtlUnwind
InitializeCriticalSection
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
EncodePointer
RaiseException
WideCharToMultiByte
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
SetLastError
LCMapStringW
HeapCreate
HeapDestroy
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameW
Sleep
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetStringTypeW
EnterCriticalSection
LoadLibraryW
ReadFile
GetConsoleCP
GetConsoleMode
FlushFileBuffers
SetStdHandle
SetFilePointer
VirtualQuery
HeapSize
CreateFileA
WriteConsoleW
SetEndOfFile
GetProcessHeap
CreateFileW
TerminateProcess
DeleteCriticalSection

advapi32

CryptAcquireContextA
RegQueryValueExA
CryptCreateHash
CryptHashData
CryptDestroyHash
CryptReleaseContext
CryptGetHashParam

Exports

Exports

EBL_CancelWaitForDevEvent
EBL_ChangeDevAuthKey
EBL_ChangePIN
EBL_ClearSecureState
EBL_CloseApplication
EBL_CloseContainer
EBL_CloseHandle
EBL_ConnectDev
EBL_ConnectDev_Ext
EBL_CreateApplication
EBL_CreateContainer
EBL_CreateFile
EBL_Decrypt
EBL_DecryptFinal
EBL_DecryptInit
EBL_DecryptUpdate
EBL_DeleteApplication
EBL_DeleteContainer
EBL_DeleteFile
EBL_DevAuth
EBL_Digest
EBL_DigestFinal
EBL_DigestInit
EBL_DigestUpdate
EBL_DisConnectDev
EBL_ECCExportSessionKey
EBL_ECCExportSessionKeyEx
EBL_ECCSignData
EBL_ECCVerify
EBL_Encrypt
EBL_EncryptFinal
EBL_EncryptInit
EBL_EncryptUpdate
EBL_EnumApplication
EBL_EnumContainer
EBL_EnumDev
EBL_EnumFiles
EBL_ExportCertificate
EBL_ExportPublicKey
EBL_ExtECCDecrypt
EBL_ExtECCEncrypt
EBL_ExtECCSign
EBL_ExtECCVerify
EBL_ExtRSAPriKeyOperation
EBL_ExtRSAPubKeyOperation
EBL_FormatCard
EBL_GenECCKeyPair
EBL_GenExtEccKey
EBL_GenExtRSAKey
EBL_GenRSAKeyPair
EBL_GenRandom
EBL_GenerateAgreementDataAndKeyWithECC
EBL_GenerateAgreementDataWithECC
EBL_GenerateKeyWithECC
EBL_GetContainerType
EBL_GetContianerProperty
EBL_GetContianerType
EBL_GetDevInfo
EBL_GetDevState
EBL_GetFileInfo
EBL_GetPINInfo
EBL_GetRsaType
EBL_ImportCertificate
EBL_ImportECCKeyPair
EBL_ImportRSAKeyPair
EBL_ImportSessionKey
EBL_LockDev
EBL_Mac
EBL_MacFinal
EBL_MacInit
EBL_MacUpdate
EBL_OpenApplication
EBL_OpenContainer
EBL_PrvKeyDecrypt
EBL_RSAExportSessionKey
EBL_RSAExportSessionKeyEx
EBL_RSASignData
EBL_RSAVerify
EBL_ReadFile
EBL_SetLabel
EBL_SetSymmKey
EBL_Transmit
EBL_UnblockPIN
EBL_UnlockDev
EBL_VerifyPIN
EBL_WaitForDevEvent
EBL_WriteFile

Sections

.text
Size: 226KB - Virtual size: 226KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

GPShared
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/HS_ICC_MNGR.dll
.dll windows:5 windows x86 arch:x86

61e7ebc776b8595c4c4afdcf45424d8b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

MultiByteToWideChar
GetLastError
LoadLibraryA
GetProcAddress
FreeLibrary
GetCurrentThreadId
CloseHandle
GetCurrentProcessId
GlobalMemoryStatus
GetVersionExA
GetTickCount
QueryPerformanceCounter
GetSystemTimeAsFileTime
HeapFree
HeapAlloc
RtlUnwind
DecodePointer
GetCommandLineA
HeapReAlloc
GetModuleFileNameA
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
GetCurrentProcess
WideCharToMultiByte
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
SetLastError
LCMapStringW
HeapCreate
HeapDestroy
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameW
RaiseException
Sleep
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetStringTypeW
EnterCriticalSection
LeaveCriticalSection
LoadLibraryW
ReadFile
GetConsoleCP
GetConsoleMode
FlushFileBuffers
SetStdHandle
SetFilePointer
VirtualQuery
HeapSize
CreateFileA
WriteConsoleW
SetEndOfFile
GetProcessHeap
CreateFileW
TerminateProcess

advapi32

RegQueryValueExA

Exports

Exports

EBL_ICC_ChangeLogicDeviceMK
EBL_ICC_ChangeMK
EBL_ICC_ConnectDev
EBL_ICC_CreateLogicDevice
EBL_ICC_DeleteLogicDevice
EBL_ICC_DisConnectDev
EBL_ICC_EnumDev
EBL_ICC_GetInfo
EBL_ICC_ReadConfigInfo
EBL_ICC_WriteConfigInfo

Sections

.text
Size: 143KB - Virtual size: 142KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

GPShared
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/HS_IFD_MNGR.DLL
.dll windows:5 windows x86 arch:x86

272384727c8d0b85a58d223895406807

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

setupapi

SetupDiEnumDeviceInfo
CM_Get_Device_IDA
CM_Get_Parent
CM_Get_Child
CM_Get_Device_IDW
CM_Get_Sibling
SetupDiGetClassDevsA
SetupDiEnumDeviceInterfaces
SetupDiDestroyDeviceInfoList
SetupDiGetDeviceInterfaceDetailA

hid

HidP_GetSpecificValueCaps
HidD_FreePreparsedData
HidD_GetFeature
HidD_SetFeature
HidD_GetAttributes
HidD_GetPreparsedData
HidD_GetHidGuid
HidP_GetCaps

winscard

SCardFreeMemory
SCardGetAttrib
SCardControl
SCardListReadersA
SCardTransmit
SCardEndTransaction
SCardBeginTransaction
SCardReconnect
SCardConnectA
SCardDisconnect
SCardGetStatusChangeA
SCardReleaseContext
SCardEstablishContext
g_rgSCardT0Pci

kernel32

HeapSize
GetModuleFileNameW
HeapCreate
HeapDestroy
ExitProcess
CreateFileW
WriteConsoleW
HeapReAlloc
LoadLibraryW
SetFilePointer
FlushFileBuffers
FreeLibrary
GetModuleFileNameA
LoadLibraryA
CreateFileA
WriteFile
ReadFile
CloseHandle
GetCurrentProcessId
GetVersionExA
CreateEventA
lstrcpyA
lstrcmpA
WaitForSingleObject
Sleep
lstrlenA
DeviceIoControl
GetOverlappedResult
GetLastError
WaitCommEvent
PurgeComm
SetCommMask
SetCommTimeouts
SetCommState
SetupComm
GetCommState
GetDriveTypeA
GetLogicalDrives
GetConsoleMode
GetConsoleCP
SetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetProcAddress
MultiByteToWideChar
GetStringTypeW
RtlUnwind
RaiseException
GetSystemTimeAsFileTime
EncodePointer
DecodePointer
HeapAlloc
GetCurrentThreadId
GetCommandLineA
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
SetLastError
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
IsProcessorFeaturePresent
HeapFree
EnterCriticalSection
LeaveCriticalSection
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
WideCharToMultiByte
LCMapStringW
GetTickCount

advapi32

RegOpenKeyA
RegQueryValueExA

sm2_dll

ord5
ord1
ord9

Exports

Exports

ADD_CERTIFICATE
APDU_DIRECT
CERTIFICATE_REQUEST_PROOF
CLIENT_SIGN
CLOSE
CLOSE_SECURE_CHANNEL
DEACTIVATION
DELETE_CERTIFICATE
EXPORT_MASTERKEY
GENERATE_KEY_PAIR
GET_CERT_RESPONSE
GET_CLIENT_HELLO
HASH_SERVER_CERTIFICATE
HMAC
ICC_Reader_CardPowerOff
ICC_Reader_CardPowerOn
ICC_Reader_ChangeLogicDeviceMK
ICC_Reader_ChangeMK
ICC_Reader_Connect
ICC_Reader_ConnectEx
ICC_Reader_CreateLogicDevice
ICC_Reader_DeleteLogicDevice
ICC_Reader_DisConnect
ICC_Reader_ESAM_ComputeAuthenticateData
ICC_Reader_ESAM_ExportCert
ICC_Reader_ESAM_ExportPublicKey
ICC_Reader_ESAM_PrivateKeyDecrypt
ICC_Reader_GetInfo
ICC_Reader_GetStatus
ICC_Reader_ListReaders
ICC_Reader_ReadConfigInfo
ICC_Reader_Transmit
ICC_Reader_TransmitEx
ICC_Reader_WriteConfigInfo
OPEN
OPEN_SECURE_CHANNEL
READ_CERTIFICATE
READ_CERTIFICATE_ONCE
READ_TERMINAL_INFO
RESET
TRANSMIT_ENCRYPT_COMMAND
UPDATE_CERTIFICATE
VERIFY_SERVER_CERTIFICATE
WRITE_TERMINAL_INFO

Sections

.text
Size: 126KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

GPShared
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/ICEBLTOSKF.dll
.dll windows:5 windows x86 arch:x86

bc9f74906761823cffe3c823ab704f9a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

H:\Users\Devoson\Desktop\江苏工商项目\适配库\中孚读卡器\ICEBLTOSKF\Release\ICEBLTOSKF.pdb

Imports

kernel32

FreeLibrary
GetProcAddress
LoadLibraryA
OutputDebugStringA
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
DecodePointer
EncodePointer
GetSystemTimeAsFileTime

msvcr100

_amsg_exit
__CppXcptFilter
_crt_debugger_hook
_initterm_e
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
_initterm
_encoded_null
_malloc_crt
strchr
malloc
free
sprintf
memset
memcpy

Exports

Exports

SKF_CancelWaitForDevEvent
SKF_ChangeDevAuthKey
SKF_ChangePIN
SKF_ClearSecureState
SKF_CloseApplication
SKF_CloseContainer
SKF_CloseHandle
SKF_ConnectDev
SKF_CreateApplication
SKF_CreateContainer
SKF_CreateFile
SKF_Decrypt
SKF_DecryptInit
SKF_DeleteApplication
SKF_DeleteContainer
SKF_DeleteFile
SKF_DevAuth
SKF_Digest
SKF_DigestInit
SKF_DisConnectDev
SKF_ECCSignData
SKF_ECCVerify
SKF_Encrypt
SKF_EncryptInit
SKF_EnumApplication
SKF_EnumContainer
SKF_EnumDev
SKF_EnumFiles
SKF_ExportCertificate
SKF_ExportPublicKey
SKF_ExtRSAPriKeyOperation
SKF_ExtRSAPubKeyOperation
SKF_GenECCKeyPair
SKF_GenExtRSAKey
SKF_GenRSAKeyPair
SKF_GenRandom
SKF_GetContainerType
SKF_GetDevInfo
SKF_GetDevState
SKF_GetFileInfo
SKF_GetPINInfo
SKF_ImportCertificate
SKF_ImportECCKeyPair
SKF_ImportRSAKeyPair
SKF_ImportSessionKey
SKF_LockDev
SKF_OpenApplication
SKF_OpenContainer
SKF_RSAExportSessionKey
SKF_RSASignData
SKF_RSAVerify
SKF_ReadFile
SKF_SetLabel
SKF_SetSymmKey
SKF_Transmit
SKF_UnLockDev
SKF_UnblockPIN
SKF_VerifyPIN
SKF_WaitForDevEvent
SKF_WriteFile

Sections

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/MFC42D.DLL
.dll windows:4 windows x86 arch:x86

758f4745f1597b57f518e37f66808aa1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrtd

_initterm
?terminate@@YAXXZ
_onexit
_adjust_fdiv
__dllonexit
??1type_info@@UAE@XZ
_splitpath
_fullpath
atol
_CxxThrowException
__p___argc
__p___argv
_beginthreadex
_endthreadex
_mbsdec
_strdup
_expand
sprintf
strtod
strtol
strtoul
abs
calloc
_msize
_purecall
strftime
_mbctype
ctime
localtime
gmtime
time
mktime
_ismbcspace
_mbclen
_mbsnbcmp
atoi
_ismbcdigit
vsprintf
_mbsrchr
_mbscspn
_mbsspn
_mbsstr
_mbsrev
_mbslwr
_mbsupr
_mbspbrk
_mbschr
free
realloc
malloc
fclose
fflush
fseek
ftell
fgets
fputs
fwrite
fread
clearerr
_open_osfhandle
_fdopen
__doserrno
_get_osfhandle
_mbsinc
_mbsicoll
_mbscoll
_mbsicmp
_mbscmp
abort
_CrtDoForAllClientObjects
_CrtMemDumpAllObjectsSince
_CrtMemCheckpoint
_CrtMemDumpStatistics
_CrtMemDifference
memset
_CrtIsMemoryBlock
_CrtCheckMemory
_CrtSetBreakAlloc
_CrtSetAllocHook
_malloc_dbg
_free_dbg
_vsnprintf
_CrtDumpMemoryLeaks
_CrtSetDbgFlag
_CrtSetDumpClient
_CrtSetReportHook
_CrtSetReportMode
_except_handler3
memcmp
memmove
memcpy
_gcvt
_CrtDbgReport
wcslen
__CxxFrameHandler

kernel32

GetProcessVersion
GlobalFlags
GetTempFileNameA
GetDiskFreeSpaceA
LocalUnlock
FileTimeToSystemTime
SizeofResource
GetProfileIntA
VirtualProtect
InterlockedExchange
SetErrorMode
GetPrivateProfileStringA
WritePrivateProfileStringA
GetCurrentDirectoryA
FindNextFileA
GetSystemDirectoryA
MulDiv
FreeLibrary
FindResourceA
LoadResource
LockResource
FreeResource
GetVersion
lstrcatA
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
WaitForMultipleObjects
CreateEventA
ReleaseMutex
CreateMutexA
ReleaseSemaphore
CreateSemaphoreA
ResetEvent
PulseEvent
SetEvent
WaitForSingleObject
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
GetOEMCP
SearchPathA
WideCharToMultiByte
FormatMessageA
LocalFree
SetFileAttributesA
InterlockedDecrement
InterlockedIncrement
LocalFileTimeToFileTime
SetFileTime
SystemTimeToFileTime
GetFileAttributesA
GetFileTime
GetFileSize
GlobalReAlloc
GlobalFree
GlobalUnlock
GlobalSize
GlobalAlloc
GlobalLock
lstrcmpiA
GetModuleFileNameA
GetShortPathNameA
GetFullPathNameA
GetThreadLocale
GetStringTypeExA
FindClose
GetVolumeInformationA
FindFirstFileA
LoadLibraryA
lstrcpyA
MultiByteToWideChar
MoveFileA
GetProcAddress
DeleteFileA
LockFile
SetEndOfFile
UnlockFile
SetFilePointer
CloseHandle
FlushFileBuffers
CreateFileA
WriteFile
ReadFile
SuspendThread
GetCurrentProcess
DuplicateHandle
SetThreadPriority
ResumeThread
GetThreadPriority
lstrlenA
GetPrivateProfileIntA
lstrcmpA
IsBadStringPtrA
IsBadReadPtr
IsBadWritePtr
GetLastError
IsBadStringPtrW
lstrcpynA
LocalLock
SetLastError
GetTempPathA
FileTimeToLocalFileTime
GetCPInfo
GetCurrentThread
RaiseException

gdi32

GetOutlineTextMetricsA
TextOutA
PlayMetaFile
EnumMetaFile
PlayMetaFileRecord
ExtSelectClipRgn
SelectClipPath
GetClipRgn
PolyBezierTo
SetColorAdjustment
PolylineTo
PolyDraw
SetArcDirection
ArcTo
SetMapperFlags
SetTextCharacterExtra
SetTextJustification
SetTextAlign
LineTo
OffsetClipRgn
ExcludeClipRect
SelectClipRgn
OffsetWindowOrgEx
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
SelectPalette
DeleteMetaFile
IntersectClipRect
SetWindowOrgEx
MoveToEx
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
RestoreDC
SaveDC
DeleteObject
StretchDIBits
DeleteDC
SetBkColor
SetTextColor
GetClipBox
GetDCOrgEx
PlayEnhMetaFile
GdiComment
WidenPath
StrokePath
StrokeAndFillPath
SetMiterLimit
GetPath
GetMiterLimit
FlattenPath
FillPath
EndPath
CloseFigure
BeginPath
AbortPath
GetCharWidthFloatA
GetCharABCWidthsFloatA
ExtEscape
DrawEscape
PolyBezier
GetCurrentObject
GetColorAdjustment
PolyPolyline
GetArcDirection
AngleArc
SetPixelV
PlgBlt
MaskBlt
EndDoc
AbortDoc
SetAbortProc
EndPage
StartPage
StartDocA
GetGlyphOutlineA
GetKerningPairsA
GetFontData
GetCharABCWidthsA
ResetDCA
GetBoundsRect
SetBoundsRect
Escape
GetAspectRatioFilterEx
GetCharWidthA
GetTextCharacterExtra
GetTextMetricsA
GetTextFaceA
GetTextAlign
SetPixel
GetPixel
FloodFill
BitBlt
PatBlt
StretchBlt
Rectangle
PolyPolygon
RoundRect
Pie
Ellipse
Polygon
Polyline
Arc
Chord
RectVisible
PtVisible
GetCurrentPositionEx
InvertRgn
FrameRgn
PaintRgn
LPtoDP
DPtoLP
FillRgn
GetWindowOrgEx
GetViewportExtEx
GetWindowExtEx
GetMapMode
GetTextColor
GetViewportOrgEx
GetROP2
GetPolyFillMode
GetStretchBltMode
GetBkColor
UpdateColors
GetBkMode
GetNearestColor
SelectObject
RealizePalette
SetBrushOrgEx
GetBrushOrgEx
EnumObjects
CreateCompatibleDC
CreateICA
GetDeviceCaps
RectInRegion
PtInRegion
CreateDCA
OffsetRgn
EqualRgn
GetRgnBox
SetRectRgn
GetRegionData
CombineRgn
PathToRegion
CreateRoundRectRgn
ExtCreateRegion
CreatePolygonRgn
CreateEllipticRgnIndirect
ExtFloodFill
GetTextExtentPoint32A
CreatePolyPolygonRgn
CreateEllipticRgn
CreateRectRgnIndirect
CreateRectRgn
ResizePalette
GetNearestPaletteIndex
AnimatePalette
SetPaletteEntries
GetPaletteEntries
CreateHalftonePalette
CreatePalette
CreateDiscardableBitmap
CreateCompatibleBitmap
GetBitmapDimensionEx
SetBitmapDimensionEx
GetBitmapBits
SetBitmapBits
CreateBitmapIndirect
CreateBitmap
CreateFontA
CreateFontIndirectA
CreateDIBPatternBrushPt
CreatePatternBrush
CreateBrushIndirect
CreateHatchBrush
CreateSolidBrush
ExtCreatePen
CreatePenIndirect
CreatePen
GetObjectType
UnrealizeObject
GetStockObject
GetObjectA
ExtTextOutA
CloseEnhMetaFile
CreateEnhMetaFileA
CloseMetaFile
CreateMetaFileA

user32

SetClipboardViewer
SendMessageA
IsWindow
PostMessageA
TabbedTextOutA
CopyRect
IsRectEmpty
PtInRect
SetRect
SetRectEmpty
EqualRect
InflateRect
OffsetRect
IntersectRect
UnionRect
SubtractRect
GetSysColorBrush
LoadBitmapA
WindowFromDC
ExcludeUpdateRgn
FillRect
FrameRect
InvertRect
DrawIcon
DrawStateA
DrawEdge
DrawFrameControl
DrawFocusRect
DrawTextA
GetTabbedTextExtentA
GrayStringA
ScrollDC
CreateMenu
CreatePopupMenu
IsMenu
DeleteMenu
AppendMenuA
CheckMenuItem
EnableMenuItem
SetMenuDefaultItem
GetMenuDefaultItem
GetMenuItemCount
GetMenuItemID
GetMenuState
GetMenuStringA
GetMenuItemInfoA
GetSubMenu
InsertMenuA
ModifyMenuA
RemoveMenu
SetMenuItemBitmaps
LoadMenuA
LoadMenuIndirectA
SetMenuContextHelpId
GetMenuContextHelpId
CheckMenuRadioItem
GetMenu
SetMenu
DrawMenuBar
GetSystemMenu
HiliteMenuItem
IsIconic
IsZoomed
ArrangeIconicWindows
SetWindowRgn
GetWindowRgn
BringWindowToTop
GetWindowRect
GetClientRect
MapWindowPoints
ClientToScreen
ScreenToClient
BeginPaint
EndPaint
GetDC
GetWindowDC
ReleaseDC
UpdateWindow
GetUpdateRect
GetUpdateRgn
InvalidateRect
InvalidateRgn
ValidateRect
ValidateRgn
IsWindowVisible
ShowOwnedPopups
GetDCEx
LockWindowUpdate
RedrawWindow
EnableScrollBar
SetTimer
KillTimer
GetActiveWindow
SetActiveWindow
GetCapture
SetCapture
GetFocus
GetDesktopWindow
DlgDirListA
DlgDirListComboBoxA
DlgDirSelectExA
DlgDirSelectComboBoxExA
GetNextDlgGroupItem
GetNextDlgTabItem
ShowScrollBar
ChildWindowFromPoint
ChildWindowFromPointEx
FindWindowA
GetWindow
GetTopWindow
GetLastActivePopup
IsChild
GetParent
SetParent
WindowFromPoint
FlashWindow
ChangeClipboardChain
PeekMessageA
OpenClipboard
GetOpenClipboardWindow
GetClipboardOwner
GetClipboardViewer
CreateCaret
GetCaretPos
SetCaretPos
HideCaret
ShowCaret
SetForegroundWindow
GetForegroundWindow
SendNotifyMessageA
SetWindowContextHelpId
GetWindowContextHelpId
EnableWindow
MapDialogRect
GetWindowLongA
GetScrollPos
SetScrollPos
GetScrollRange
SetScrollRange
PostThreadMessageA
LoadCursorA
LoadIconA
CloseWindow
OpenIcon
CharUpperA
GetSystemMetrics
CharToOemA
OemToCharA
UnhookWindowsHookEx
MsgWaitForMultipleObjects
GetWindowPlacement
SystemParametersInfoA
RegisterWindowMessageA
SetWindowPos
SetWindowLongA
GetMessagePos
GetMessageTime
RemovePropA
CallWindowProcA
GetPropA
SetPropA
GetClassLongA
CallNextHookEx
SetWindowsHookExA
CreateWindowExA
GetDlgCtrlID
GetClassNameA
DefWindowProcA
DestroyWindow
GetKeyState
GetWindowTextA
GetWindowTextLengthA
GetDlgItem
SetWindowPlacement
TrackPopupMenu
RegisterClassA
GetClassInfoA
WinHelpA
MessageBoxA
SetScrollInfo
GetScrollInfo
ScrollWindow
EndDeferWindowPos
BeginDeferWindowPos
DeferWindowPos
AdjustWindowRectEx
SetFocus
DispatchMessageA
GetSysColor
SendDlgItemMessageA
LoadAcceleratorsA
TranslateAcceleratorA
ReleaseCapture
SetCursor
IsWindowEnabled
ShowWindow
DestroyMenu
ReuseDDElParam
UnpackDDElParam
WaitMessage
GetCursorPos
TranslateMessage
GetMessageA
GetWindowThreadProcessId
DefFrameProcA
TranslateMDISysAccel
DefMDIChildProcA
CreateDialogIndirectParamA
EndDialog
wvsprintfA
GetAsyncKeyState
GetDialogBaseUnits
GetClipboardFormatNameA
SetWindowTextA
CheckDlgButton
CheckRadioButton
GetDlgItemInt
GetDlgItemTextA
SetDlgItemInt
SetDlgItemTextA
IsDlgButtonChecked
ScrollWindowEx
IsDialogMessageA
MoveWindow
GetMenuCheckMarkDimensions
DestroyIcon
SetCursorPos
DestroyCursor
IsClipboardFormatAvailable
MessageBeep
UnregisterClassA
LoadStringA
PostQuitMessage
wsprintfA

Sections

.text
Size: 680KB - Virtual size: 677KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 132KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/MFCO42D.DLL
.dll regsvr32 windows:4 windows x86 arch:x86

89b19682777306e83b39c6d1dc27f181

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42d

ord800
ord1122
ord1168
ord4256
ord1172
ord768
ord5084
ord791
ord764
ord787
ord3382
ord2324
ord3355
ord2798
ord1417
ord2791
ord1094
ord3375
ord3166
ord3168
ord1882
ord1123
ord3305
ord795
ord799
ord880
ord3116
ord806
ord803
ord1947
ord1224
ord4492
ord2867
ord492
ord303
ord1786
ord4475
ord2994
ord1066
ord3392
ord2995
ord1120
ord1400
ord1161
ord2790
ord1490
ord2513
ord2448
ord3563
ord3065
ord4945
ord2269
ord797
ord2730
ord2447
ord3131
ord2794
ord4653
ord3133
ord1098
ord1782
ord3377
ord3308
ord877
ord878
ord454
ord2217
ord4170
ord1353
ord738
ord2044
ord2213
ord473
ord1582
ord2394
ord726
ord715
ord4814
ord4811
ord470
ord1124
ord2295
ord1038
ord1187
ord4658
ord464
ord342
ord714
ord673
ord1838
ord796
ord798
ord2397
ord4386
ord1996
ord1264
ord589
ord724
ord1126
ord1437
ord736
ord339
ord725
ord4195
ord3628
ord3947
ord4017
ord2550
ord3831
ord3362
ord1364
ord3651
ord4176
ord1781
ord4118
ord5076
ord3618
ord4208
ord2078
ord1310
ord1857
ord3069
ord3944
ord3670
ord2076
ord1566
ord5078
ord3002
ord4064
ord1344
ord4191
ord1830
ord1631
ord4205
ord2585
ord2684
ord3786
ord3658
ord1228
ord1112
ord1056
ord574
ord1135
ord2168
ord1163
ord4171
ord4197
ord705
ord527
ord3447
ord779
ord1174
ord487
ord488
ord1060
ord1862
ord309
ord1952
ord1839
ord1184
ord1113
ord2997
ord1395
ord1359
ord734
ord485
ord653
ord2389
ord3036
ord802
ord801
ord804
ord292
ord793
ord792
ord790
ord785
ord770
ord769
ord767
ord762
ord3193
ord4302
ord2640
ord945
ord2291
ord2419
ord1160
ord2114
ord4199
ord2411
ord2415
ord5058
ord1858
ord1876
ord1350
ord4304
ord2484
ord4387
ord3636
ord2753
ord2509
ord4749
ord3373
ord4901
ord2690
ord3785
ord644
ord582
ord3352
ord3353
ord411
ord328
ord2361
ord1024
ord4338
ord4753
ord2549
ord2729
ord2125
ord773
ord4420
ord1136
ord1079
ord3938
ord3950
ord1049
ord4000
ord3656
ord592
ord554
ord1509
ord290
ord1169
ord344
ord1232
ord1956
ord1387
ord1048
ord4268
ord1401
ord1185
ord1128
ord4231
ord2306
ord4586
ord3226
ord3378
ord422
ord4432
ord418
ord3335
ord1700
ord1009
ord4315
ord2103
ord1784
ord2412
ord4078
ord4081
ord3692
ord3575
ord2679
ord4021
ord973
ord2717
ord2223
ord2222
ord3429
ord4756
ord3361
ord1365
ord4210
ord2077
ord1309
ord3666
ord4183
ord2693
ord1969
ord2897
ord599
ord4351
ord354
ord1000
ord1045
ord3530
ord4174
ord3661
ord3565
ord3685
ord3710
ord1825
ord1845
ord4113
ord3419
ord450
ord2435
ord4433
ord1505
ord1152
ord4388
ord1567
ord4075
ord2345
ord3622
ord3677
ord1239
ord778
ord824
ord1181
ord4474
ord1140
ord805
ord1444
ord944
ord2293
ord4123
ord4651
ord2491
ord2495
ord2487
ord590
ord1085
ord4138
ord739
ord505
ord1236
ord1960
ord1409
ord830
ord3210
ord4952
ord474
ord3393
ord1080
ord3527
ord3203
ord4506
ord4951
ord4656
ord2627
ord5065
ord4948
ord1299
ord1711
ord2474
ord2420
ord4505
ord4782
ord2229
ord3360
ord2068
ord3252
ord1521
ord4541
ord633
ord1610
ord399
ord3403
ord3554
ord2127
ord1099
ord1096
ord958
ord1082
ord2746
ord2507
ord3660
ord2851
ord3300
ord1808
ord2678
ord1077
ord4036
ord3523
ord3758
ord3972
ord3730
ord4068
ord3611
ord3616
ord3729
ord3739
ord3738
ord3726
ord3728
ord3725
ord4004
ord4002
ord4175
ord4216
ord3001
ord1343
ord3664
ord332
ord316
ord314
ord4181
ord1116
ord4764
ord1886
ord2586
ord4757
ord4643
ord3406
ord3689
ord3836
ord2046
ord4934
ord4874
ord1640
ord1724
ord4875
ord3309
ord4975
ord4976
ord1411
ord4266
ord5094
ord2483
ord2159
ord2177
ord978
ord3037
ord1884
ord2423
ord3306
ord4736
ord836
ord4318
ord3021
ord959
ord1356
ord3369
ord4785
ord4150
ord1500
ord5021
ord4841
ord3716
ord1144
ord1089
ord350
ord4151
ord3845
ord1358
ord4840
ord3022
ord1354
ord3028
ord2789
ord4843
ord4781
ord3573
ord3598
ord3201
ord3170
ord1504
ord2313
ord1596
ord347
ord2145
ord3032
ord4385
ord3207
ord4382
ord2842
ord4383
ord2503
ord4440
ord3492
ord3495
ord2141
ord3386
ord2757
ord2153
ord1226
ord1950
ord2723
ord4751
ord453
ord3102
ord1393
ord273
ord546
ord1138
ord723
ord3465
ord4514
ord4332
ord1983
ord1251
ord2917
ord384
ord621
ord1071
ord506
ord2246
ord2716
ord2024

msvcrtd

__CxxFrameHandler
_adjust_fdiv
_malloc_dbg
_initterm
_free_dbg
??1type_info@@UAE@XZ
?terminate@@YAXXZ
_except_handler3
_onexit
__dllonexit
_mbsrchr
wcsncpy
wcscpy
_vsnprintf
_ltoa
_ultoa
_ismbcspace
_ismbcdigit
strtol
strtoul
malloc
swprintf
_itoa
modf
strftime
localtime
time
ceil
fabs
floor
labs
_ftol
_mbschr
realloc
_strdup
free
_purecall
_mbctype
memset
wcslen
memcpy
_CxxThrowException
_CrtDbgReport
memcmp
_mbsinc
atol
memmove
_mbsnbcmp

kernel32

WideCharToMultiByte
lstrlenA
GetTickCount
lstrlenW
LocalAlloc
LocalFree
LoadLibraryA
FreeLibrary
GlobalFree
GetModuleHandleA
GlobalLock
GlobalAlloc
GlobalUnlock
InterlockedIncrement
lstrcmpiA
InterlockedDecrement
FileTimeToSystemTime
GetLastError
lstrcpynA
GetProfileIntA
GetCurrentThreadId
FileTimeToLocalFileTime
FormatMessageA
GlobalSize
lstrcmpA
MulDiv
lstrcatA
CopyFileA
FreeResource
LockResource
GetModuleFileNameA
FindResourceA
GetThreadLocale
LoadResource
lstrcpyW
GetUserDefaultLCID
OutputDebugStringA
lstrcpyA
GetVersion
IsDBCSLeadByte
GetProcAddress
InterlockedExchange
MultiByteToWideChar
RaiseException

gdi32

DPtoLP
CopyMetaFileA
CreateDCA
GetDeviceCaps
DeleteMetaFile
DeleteDC
ScaleWindowExtEx
LPtoDP
SetMapMode
SelectObject
GetPaletteEntries
CreatePalette
EnumFontFamiliesA

user32

CopyAcceleratorTableA
IsWindow
CopyRect
IsClipboardFormatAvailable
SendMessageA
EnableWindow
wsprintfA
GetActiveWindow
InSendMessage
ReleaseCapture
PeekMessageA
GetKeyState
GetCursorPos
DispatchMessageA
PostThreadMessageA
GetWindowTextA
GetWindowTextLengthA
IsMenu
GetMenuItemID
InsertMenuA
AppendMenuA
GetMenuStringA
GetMenuState
GetSubMenu
GetMenuItemCount
RemoveMenu
ReleaseDC
WindowFromDC
GetDC
IsRectEmpty
SetScrollRange
SetFocus
GetParent
GetFocus
DestroyIcon
RegisterWindowMessageA
CountClipboardFormats
GetSystemMetrics
RegisterClipboardFormatA
GetWindowLongA
AdjustWindowRectEx
SetWindowContextHelpId
GetWindow
SetWindowPos
MapDialogRect
GetDlgItem
CharNextA
IsWindowVisible
IsDialogMessageA
GetDlgCtrlID
ClipCursor
InflateRect
DestroyWindow
SetWindowLongA
DefWindowProcA
CallWindowProcA
SetParent
DrawEdge
ShowWindow
GetWindowRect
GetMenu
GetDesktopWindow
PostMessageA
GetClassNameA
IsChild
IntersectRect
ScreenToClient
MessageBoxA
EnumChildWindows
LockWindowUpdate
GetSysColor
SetCursor
LoadCursorA
PtInRect
SetRectEmpty
OffsetRect
GetDialogBaseUnits
MessageBeep
DestroyMenu
CreateMenu

Exports

Exports

?classCCachedDataPathProperty@CCachedDataPathProperty@@2UCRuntimeClass@@B
?classCDataPathProperty@CDataPathProperty@@2UCRuntimeClass@@B
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 564KB - Virtual size: 563KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 140KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/MSVCRTD.DLL
.dll windows:4 windows x86 arch:x86

aafabb794a4fc88d1217ad6b5bf28840

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetFilePointer
RtlUnwind
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
SetUnhandledExceptionFilter
GetModuleFileNameA
GetModuleFileNameW
ExitProcess
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
GetCommandLineA
GetVersion
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
FatalAppExitA
ResumeThread
GetLastError
CreateThread
TlsSetValue
ExitThread
CloseHandle
GetCurrentThreadId
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetCurrentThread
FindNextFileA
FindFirstFileA
FindClose
FindNextFileW
FindFirstFileW
HeapFree
HeapAlloc
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
SetHandleCount
GetFileType
GetStartupInfoA
GetCPInfo
GetACP
GetOEMCP
HeapValidate
GetProcAddress
LoadLibraryA
DebugBreak
InterlockedDecrement
OutputDebugStringA
InterlockedIncrement
MultiByteToWideChar
GetCommandLineW
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
UnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
SetConsoleCtrlHandler
SetEnvironmentVariableW
FlushFileBuffers
RaiseException
SetStdHandle
Sleep
CompareStringA
CompareStringW
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
GetVersionExA
GetLocaleInfoW
GetTimeZoneInformation
SetEnvironmentVariableA
Beep
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDiskFreeSpaceA
GetLogicalDrives
SetErrorMode
GetFileAttributesA
GetCurrentDirectoryA
SetCurrentDirectoryA
SetFileAttributesA
GetFullPathNameA
GetDriveTypeA
GetCurrentProcessId
CreateDirectoryA
RemoveDirectoryA
DeleteFileA
GetFileAttributesW
GetCurrentDirectoryW
SetCurrentDirectoryW
SetFileAttributesW
GetFullPathNameW
CreateDirectoryW
DeleteFileW
MoveFileW
RemoveDirectoryW
GetDriveTypeW
MoveFileA
GetExitCodeProcess
WaitForSingleObject
FreeLibrary
CreateProcessA
CreateProcessW
HeapCompact
HeapWalk
ReadConsoleA
SetConsoleMode
GetConsoleMode
SetEndOfFile
WriteConsoleA
DuplicateHandle
GetFileInformationByHandle
PeekNamedPipe
ReadConsoleInputA
PeekConsoleInputA
GetNumberOfConsoleInputEvents
LockFile
UnlockFile
CreateFileA
CreatePipe
ReadFile
CreateFileW
GetSystemTimeAsFileTime
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
GetLocalTime
SetLocalTime
GetSystemTime
GetModuleHandleA

Exports

Exports

$I10_OUTPUT
??0__non_rtti_object@@QAE@ABV0@@Z
??0__non_rtti_object@@QAE@PBD@Z
??0bad_cast@@QAE@ABQBD@Z
??0bad_cast@@QAE@ABV0@@Z
??0bad_typeid@@QAE@ABV0@@Z
??0bad_typeid@@QAE@PBD@Z
??0exception@@QAE@ABQBD@Z
??0exception@@QAE@ABV0@@Z
??0exception@@QAE@XZ
??1__non_rtti_object@@UAE@XZ
??1bad_cast@@UAE@XZ
??1bad_typeid@@UAE@XZ
??1exception@@UAE@XZ
??1type_info@@UAE@XZ
??2@YAPAXI@Z
??2@YAPAXIHPBDH@Z
??3@YAXPAX@Z
??4__non_rtti_object@@QAEAAV0@ABV0@@Z
??4bad_cast@@QAEAAV0@ABV0@@Z
??4bad_typeid@@QAEAAV0@ABV0@@Z
??4exception@@QAEAAV0@ABV0@@Z
??8type_info@@QBEHABV0@@Z
??9type_info@@QBEHABV0@@Z
??_7__non_rtti_object@@6B@
??_7bad_cast@@6B@
??_7bad_typeid@@6B@
??_7exception@@6B@
??_E__non_rtti_object@@UAEPAXI@Z
??_Ebad_cast@@UAEPAXI@Z
??_Ebad_typeid@@UAEPAXI@Z
??_Eexception@@UAEPAXI@Z
??_G__non_rtti_object@@UAEPAXI@Z
??_Gbad_cast@@UAEPAXI@Z
??_Gbad_typeid@@UAEPAXI@Z
??_Gexception@@UAEPAXI@Z
?_query_new_handler@@YAP6AHI@ZXZ
?_query_new_mode@@YAHXZ
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
?_set_new_mode@@YAHH@Z
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
?before@type_info@@QBEHABV1@@Z
?name@type_info@@QBEPBDXZ
?raw_name@type_info@@QBEPBDXZ
?set_new_handler@@YAP6AXXZP6AXXZ@Z
?set_terminate@@YAP6AXXZP6AXXZ@Z
?set_unexpected@@YAP6AXXZP6AXXZ@Z
?terminate@@YAXXZ
?unexpected@@YAXXZ
?what@exception@@UBEPBDXZ
_CIacos
_CIasin
_CIatan
_CIatan2
_CIcos
_CIcosh
_CIexp
_CIfmod
_CIlog
_CIlog10
_CIpow
_CIsin
_CIsinh
_CIsqrt
_CItan
_CItanh
_CrtCheckMemory
_CrtDbgBreak
_CrtDbgReport
_CrtDoForAllClientObjects
_CrtDumpMemoryLeaks
_CrtIsMemoryBlock
_CrtIsValidHeapPointer
_CrtIsValidPointer
_CrtMemCheckpoint
_CrtMemDifference
_CrtMemDumpAllObjectsSince
_CrtMemDumpStatistics
_CrtSetAllocHook
_CrtSetBreakAlloc
_CrtSetDbgBlockType
_CrtSetDbgFlag
_CrtSetDumpClient
_CrtSetReportFile
_CrtSetReportHook
_CrtSetReportMode
_CxxThrowException
_EH_prolog
_Getdays
_Getmonths
_Gettnames
_HUGE
_Strftime
_XcptFilter
__CxxFrameHandler
__CxxLongjmpUnwind
__RTCastToVoid
__RTDynamicCast
__RTtypeid
__STRINGTOLD
__argc
__argv
__badioinfo
__crtCompareStringA
__crtGetLocaleInfoW
__crtLCMapStringA
__dllonexit
__doserrno
__fpecode
__getmainargs
__initenv
__isascii
__iscsym
__iscsymf
__lc_codepage
__lc_collate_cp
__lc_handle
__lconv_init
__mb_cur_max
__p___argc
__p___argv
__p___initenv
__p___mb_cur_max
__p___wargv
__p___winitenv
__p__acmdln
__p__amblksiz
__p__commode
__p__crtAssertBusy
__p__crtBreakAlloc
__p__crtDbgFlag
__p__daylight
__p__dstbias
__p__environ
__p__fileinfo
__p__fmode
__p__iob
__p__mbcasemap
__p__mbctype
__p__osver
__p__pctype
__p__pgmptr
__p__pwctype
__p__timezone
__p__tzname
__p__wcmdln
__p__wenviron
__p__winmajor
__p__winminor
__p__winver
__p__wpgmptr
__pioinfo
__pxcptinfoptrs
__set_app_type
__setlc_active
__setusermatherr
__threadhandle
__threadid
__toascii
__unDName
__unDNameEx
__unguarded_readlc_active
__wargv
__wgetmainargs
__winitenv
_abnormal_termination
_access
_acmdln
_adj_fdiv_m16i
_adj_fdiv_m32
_adj_fdiv_m32i
_adj_fdiv_m64
_adj_fdiv_r
_adj_fdivr_m16i
_adj_fdivr_m32
_adj_fdivr_m32i
_adj_fdivr_m64
_adj_fpatan
_adj_fprem
_adj_fprem1
_adj_fptan
_adjust_fdiv
_aexit_rtn
_amsg_exit
_assert
_atodbl
_atoi64
_atoldbl
_beep
_beginthread
_beginthreadex
_c_exit
_cabs
_callnewh
_calloc_dbg
_cexit
_cgets
_chdir
_chdrive
_chgsign
_chkesp
_chmod
_chsize
_clearfp
_close
_commit
_commode
_control87
_controlfp
_copysign
_cprintf
_cputs
_creat
_crtAssertBusy
_crtBreakAlloc
_crtDbgFlag
_cscanf
_ctype
_cwait
_daylight
_dstbias
_dup
_dup2
_ecvt
_endthread
_endthreadex
_environ
_eof
_errno
_except_handler2
_except_handler3
_execl
_execle
_execlp
_execlpe
_execv
_execve
_execvp
_execvpe
_exit
_expand
_expand_dbg
_fcloseall
_fcvt
_fdopen
_fgetchar
_fgetwchar
_filbuf
_fileinfo
_filelength
_filelengthi64
_fileno
_findclose
_findfirst
_findfirsti64
_findnext
_findnexti64
_finite
_flsbuf
_flushall
_fmode
_fpclass
_fpieee_flt
_fpreset
_fputchar
_fputwchar
_free_dbg
_fsopen
_fstat
_fstati64
_ftime
_ftol
_fullpath
_futime
_gcvt
_get_osfhandle
_get_sbh_threshold
_getch
_getche
_getcwd
_getdcwd
_getdiskfree
_getdllprocaddr
_getdrive
_getdrives
_getmaxstdio
_getmbcp
_getpid
_getsystime
_getw
_getws
_global_unwind2
_heapadd
_heapchk
_heapmin
_heapset
_heapused
_heapwalk
_hypot
_i64toa
_i64tow
_initterm
_inp
_inpd
_inpw
_iob
_isatty
_isctype
_ismbbalnum
_ismbbalpha
_ismbbgraph
_ismbbkalnum
_ismbbkana
_ismbbkprint
_ismbbkpunct
_ismbblead
_ismbbprint
_ismbbpunct
_ismbbtrail
_ismbcalnum
_ismbcalpha
_ismbcdigit
_ismbcgraph
_ismbchira
_ismbckata
_ismbcl0
_ismbcl1
_ismbcl2
_ismbclegal
_ismbclower
_ismbcprint
_ismbcpunct
_ismbcspace
_ismbcsymbol
_ismbcupper
_ismbslead
_ismbstrail
_isnan
_itoa
_itow
_j0
_j1
_jn
_kbhit
_lfind
_loaddll
_local_unwind2
_lock
_locking
_logb
_longjmpex
_lrotl
_lrotr
_lsearch
_lseek
_lseeki64
_ltoa
_ltow
_makepath
_malloc_dbg
_mbbtombc
_mbbtype
_mbcasemap
_mbccpy
_mbcjistojms
_mbcjmstojis
_mbclen
_mbctohira
_mbctokata
_mbctolower
_mbctombb
_mbctoupper
_mbctype
_mbsbtype
_mbscat
_mbschr
_mbscmp
_mbscoll
_mbscpy
_mbscspn
_mbsdec
_mbsdup
_mbsicmp
_mbsicoll
_mbsinc
_mbslen
_mbslwr
_mbsnbcat
_mbsnbcmp
_mbsnbcnt
_mbsnbcoll
_mbsnbcpy
_mbsnbicmp
_mbsnbicoll
_mbsnbset
_mbsncat
_mbsnccnt
_mbsncmp
_mbsncoll
_mbsncpy
_mbsnextc
_mbsnicmp
_mbsnicoll
_mbsninc
_mbsnset
_mbspbrk
_mbsrchr
_mbsrev
_mbsset
_mbsspn
_mbsspnp
_mbsstr
_mbstok
_mbstrlen
_mbsupr
_memccpy
_memicmp
_mkdir
_mktemp
_msize
_msize_dbg
_nextafter
_onexit
_open
_open_osfhandle
_osver
_outp
_outpd
_outpw
_pclose
_pctype
_pgmptr
_pipe
_popen
_purecall
_putch
_putenv
_putw
_putws
_pwctype
_read
_realloc_dbg
_rmdir
_rmtmp
_rotl
_rotr
_safe_fdiv
_safe_fdivr
_safe_fprem
_safe_fprem1
_scalb
_searchenv
_seh_longjmp_unwind
_set_error_mode
_set_sbh_threshold
_seterrormode
_setjmp
_setjmp3
_setmaxstdio
_setmbcp
_setmode
_setsystime
_sleep
_snprintf
_snwprintf
_sopen
_spawnl
_spawnle
_spawnlp
_spawnlpe
_spawnv
_spawnve
_spawnvp
_spawnvpe
_splitpath
_stat
_stati64
_statusfp
_strcmpi
_strdate
_strdup
_strerror
_stricmp
_stricoll
_strlwr
_strncoll
_strnicmp
_strnicoll
_strnset
_strrev
_strset
_strtime
_strupr
_swab
_sys_errlist
_sys_nerr
_tell
_telli64
_tempnam
_timezone

Sections

.text
Size: 304KB - Virtual size: 301KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/PvkPinProtectDLL.dll
.dll windows:4 windows x86 arch:x86

814bd941e89d1cef3dcaeba027640cfc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

TlsFree
GetLastError
GetCurrentThread
CompareStringW
CompareStringA
SetEnvironmentVariableA
GetTimeZoneInformation
CloseHandle
GetLocaleInfoW
GetUserDefaultLCID
EnumSystemLocalesA
GetVersionExA
IsValidCodePage
IsValidLocale
GetLocaleInfoA
RtlUnwind
LCMapStringW
GetCommandLineA
GetVersion
DebugBreak
GetStdHandle
WriteFile
InterlockedDecrement
OutputDebugStringA
GetProcAddress
LoadLibraryA
InterlockedIncrement
GetModuleFileNameA
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
FatalAppExitA
IsBadWritePtr
IsBadReadPtr
HeapValidate
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
InitializeCriticalSection
SetLastError
TlsGetValue
SetConsoleCtrlHandler
FlushFileBuffers
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
HeapFree
VirtualFree
GetACP
HeapAlloc
HeapReAlloc
VirtualAlloc
SetFilePointer
UnhandledExceptionFilter
GetCPInfo
GetOEMCP
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
SetStdHandle
Sleep
LCMapStringA

user32

MessageBoxA
EnableWindow
PostQuitMessage
SendDlgItemMessageA
GetDesktopWindow
GetDlgItem
CreateDialogParamA
GetWindowRect
MoveWindow
IsDialogMessageA
ShowWindow
GetMessageA
DestroyWindow
TranslateMessage
DispatchMessageA

advapi32

RegQueryValueExA
RegSetValueExA
RegOpenKeyExA
RegCloseKey

Exports

Exports

WH_DisabelPVK
WH_EnablePVK
WH_IsPVKEnabeled
WH_SetPVKEnabelData

Sections

.text
Size: 164KB - Virtual size: 162KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/ReaderTOGM.dll
.dll windows:5 windows x86 arch:x86

bc9f74906761823cffe3c823ab704f9a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

F:\ml\适配库\ICEBLTOSKF-test\Release\ICEBLTOSKF.pdb

Imports

kernel32

FreeLibrary
GetProcAddress
LoadLibraryA
OutputDebugStringA
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
DecodePointer
EncodePointer
GetSystemTimeAsFileTime

msvcr100

_amsg_exit
__CppXcptFilter
_crt_debugger_hook
_initterm_e
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
_initterm
_encoded_null
_malloc_crt
strchr
malloc
free
sprintf
memset
memcpy

Exports

Exports

SKF_CancelWaitForDevEvent
SKF_ChangeDevAuthKey
SKF_ChangePIN
SKF_ClearSecureState
SKF_CloseApplication
SKF_CloseContainer
SKF_CloseHandle
SKF_ConnectDev
SKF_CreateApplication
SKF_CreateContainer
SKF_CreateFile
SKF_Decrypt
SKF_DecryptInit
SKF_DeleteApplication
SKF_DeleteContainer
SKF_DeleteFile
SKF_DevAuth
SKF_Digest
SKF_DigestInit
SKF_DisConnectDev
SKF_ECCSignData
SKF_ECCVerify
SKF_Encrypt
SKF_EncryptInit
SKF_EnumApplication
SKF_EnumContainer
SKF_EnumDev
SKF_EnumFiles
SKF_ExportCertificate
SKF_ExportPublicKey
SKF_ExtRSAPriKeyOperation
SKF_ExtRSAPubKeyOperation
SKF_GenECCKeyPair
SKF_GenExtRSAKey
SKF_GenRSAKeyPair
SKF_GenRandom
SKF_GetContainerType
SKF_GetDevInfo
SKF_GetDevState
SKF_GetFileInfo
SKF_GetPINInfo
SKF_ImportCertificate
SKF_ImportECCKeyPair
SKF_ImportRSAKeyPair
SKF_ImportSessionKey
SKF_LockDev
SKF_OpenApplication
SKF_OpenContainer
SKF_RSAExportSessionKey
SKF_RSASignData
SKF_RSAVerify
SKF_ReadFile
SKF_SetLabel
SKF_SetSymmKey
SKF_Transmit
SKF_UnLockDev
SKF_UnblockPIN
SKF_VerifyPIN
SKF_WaitForDevEvent
SKF_WriteFile

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/SKF_APP.dll
.dll windows:4 windows x86 arch:x86

adc62b24e860ef0bbb17ed90b7b3d95f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentProcessId
GlobalMemoryStatus
GetVersionExA
GetTickCount
QueryPerformanceCounter
InterlockedDecrement
InterlockedIncrement
GetCommandLineA
GetVersion
HeapReAlloc
HeapAlloc
HeapFree
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetModuleFileNameA
RtlUnwind
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
ExitProcess
TerminateProcess
GetCurrentProcess
TlsSetValue
TlsAlloc
TlsFree
SetLastError
CloseHandle
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
WriteFile
VirtualAlloc
GetModuleHandleA
GetStringTypeA
GetStringTypeW
ReadFile
FlushFileBuffers
SetStdHandle
SetFilePointer
GetCPInfo
GetACP
GetOEMCP
CreateFileA
SetEndOfFile
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetLastError
GetCurrentThreadId
EnterCriticalSection
LeaveCriticalSection
LoadLibraryA
GetProcAddress
FreeLibrary
InitializeCriticalSection
TlsGetValue
DeleteCriticalSection

advapi32

CryptReleaseContext
CryptAcquireContextA
CryptCreateHash
CryptHashData
CryptGetHashParam
CryptDestroyHash
RegQueryValueExA

Exports

Exports

SKF_CancelWaitForDevEvent
SKF_ChangeDevAuthKey
SKF_ChangePIN
SKF_ClearSecureState
SKF_CloseApplication
SKF_CloseContainer
SKF_CloseHandle
SKF_ConnectDev
SKF_CreateApplication
SKF_CreateContainer
SKF_CreateFile
SKF_Decrypt
SKF_DecryptFinal
SKF_DecryptInit
SKF_DecryptUpdate
SKF_DeleteApplication
SKF_DeleteContainer
SKF_DeleteFile
SKF_DevAuth
SKF_Digest
SKF_DigestFinal
SKF_DigestInit
SKF_DigestUpdate
SKF_DisConnectDev
SKF_ECCExportSessionKey
SKF_ECCSignData
SKF_ECCVerify
SKF_Encrypt
SKF_EncryptFinal
SKF_EncryptInit
SKF_EncryptUpdate
SKF_EnumApplication
SKF_EnumContainer
SKF_EnumDev
SKF_EnumFiles
SKF_ExportCertificate
SKF_ExportPublicKey
SKF_ExtECCDecrypt
SKF_ExtECCEncrypt
SKF_ExtECCSign
SKF_ExtECCVerify
SKF_ExtRSAPriKeyOperation
SKF_ExtRSAPubKeyOperation
SKF_FormatCard
SKF_GenECCKeyPair
SKF_GenExtEccKey
SKF_GenExtRSAKey
SKF_GenRSAKeyPair
SKF_GenRandom
SKF_GenerateAgreementDataAndKeyWithECC
SKF_GenerateAgreementDataWithECC
SKF_GenerateKeyWithECC
SKF_GetContainerType
SKF_GetDevInfo
SKF_GetDevState
SKF_GetFileInfo
SKF_GetPINInfo
SKF_ImportCertificate
SKF_ImportECCKeyPair
SKF_ImportRSAKeyPair
SKF_ImportSessionKey
SKF_LockDev
SKF_Mac
SKF_MacFinal
SKF_MacInit
SKF_MacUpdate
SKF_OpenApplication
SKF_OpenContainer
SKF_PrvKeyDecrypt
SKF_RSAExportSessionKey
SKF_RSASignData
SKF_RSAVerify
SKF_ReadFile
SKF_SetLabel
SKF_SetSymmKey
SKF_Transmit
SKF_UnblockPIN
SKF_UnlockDev
SKF_VerifyPIN
SKF_WaitForDevEvent
SKF_WriteFile

Sections

.text
Size: 140KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 840B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/SKF_COS.dll
.dll windows:4 windows x86 arch:x86

24933612cfe663c64b3f642718eb4e73

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

DispatchMessageA
PeekMessageA
TranslateMessage
DialogBoxParamA
GetDlgItem
GetWindowTextA
EndDialog
SetFocus
SendMessageA
LoadStringA
MessageBoxA

advapi32

RegOpenKeyExA
RegQueryValueExA
RegDeleteKeyA
RegCreateKeyExA
RegSetValueExA
RegCloseKey
RegEnumValueA

comctl32

ord17

crypt32

CertFreeCertificateContext
CertSetCertificateContextProperty
CertCreateCertificateContext
CertCloseStore
CertAddCertificateContextToStore
CertOpenSystemStoreA
CertDeleteCertificateFromStore
CertGetCertificateContextProperty
CertEnumCertificatesInStore
CertGetNameStringA

kernel32

GetStringTypeA
GetStringTypeW
GetACP
GetOEMCP
SetStdHandle
FlushFileBuffers
CompareStringA
CompareStringW
SetEnvironmentVariableA
CloseHandle
GetCommandLineA
DeleteCriticalSection
InitializeCriticalSection
FreeLibrary
GetProcAddress
LoadLibraryA
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
LeaveCriticalSection
EnterCriticalSection
LocalFree
GetLastError
MultiByteToWideChar
LocalAlloc
GetTimeZoneInformation
GetSystemTime
GetLocalTime
InterlockedDecrement
InterlockedIncrement
HeapFree
HeapAlloc
GetVersion
WideCharToMultiByte
LCMapStringA
LCMapStringW
ExitProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
TerminateProcess
GetCurrentProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WriteFile
SetFilePointer
RtlUnwind
GetCPInfo

Exports

Exports

?ConvertMasterkey_WST@@YGHPAE0_N@Z
Change_Pin
Clear_DF
Create_File
External_Authentication
Generate_Rsa_Key
Get_Challenge
Get_Info
Get_Rsa_Key
HD_AddCertToIE
HD_Application_Manager
HD_ChangePin
HD_ChangeSoPin
HD_ChangeSoPwd
HD_ChangeUserPin
HD_ChangeUserPwd
HD_ClearDir
HD_Close
HD_CreateAPP
HD_CreateBIN
HD_CreateCON
HD_CreateContainer
HD_CreateECCFile
HD_CreateRSAFile
HD_DelCertFrIE
HD_DeleteCert
HD_DeleteContainer
HD_EXTRAHash
HD_EXTRASym
HD_ExportCert
HD_ExportPubEccKey
HD_ExportPubRsaKey
HD_ExternalMF
HD_GET_BCDSN
HD_GET_SN
HD_GenerateAgreeKey
HD_GenerateAgreeKey_Ex
HD_GenerateEccKey
HD_GenerateKeyPair
HD_GenerateRsaKey
HD_GenerateTempEccKey
HD_GenerateTempRSA
HD_GetChallenge
HD_GetDeviceCount
HD_GetPubEccInfo
HD_GetPubKeyInfo
HD_HardSM3
HD_IC_RESET
HD_ImportCert
HD_ImportEccKey
HD_ImportPriEcc
HD_ImportPriKey
HD_ImportPubEcc
HD_ImportPubKey
HD_ImportRsaKey
HD_InitialCard
HD_Open
HD_OpenByPath
HD_PriEccDecrypt
HD_PriEccSign
HD_PriKeyOperation
HD_PrivateEccDecrypt
HD_PrivateEccSign
HD_PrivateRsaDecrypt
HD_PrivateRsaSign
HD_PubEccEncrypt
HD_PubEccVerify
HD_PubKeyOperation
HD_ReadBinFile
HD_ReadBinFile_ex
HD_ReadContainerInfo
HD_ReadContainerInfo_Port
HD_ReadSecurefile
HD_RegisterCert
HD_ReloadUserPin
HD_ReloadUserPwd
HD_ShowCertList
HD_StoreCert
HD_SymDecrypt
HD_SymDecrypt_ECB
HD_SymEncrypt
HD_TempPrivateEccDecrypt
HD_TempPrivateEccSign
HD_TempPrivateRsaDecrypt
HD_TempPublicEccEncrypt
HD_TempPublicEccVerify
HD_TempPublicRsaEncrypt
HD_TempPublicRsaVerify
HD_UpdateSecurefile
HD_VerifyPin
HD_VerifyPinUpDatePinInfoFile
HD_VerifySoPwd
HD_VerifyUserPin
HD_VerifyUserPwd
HD_WriteBinFile
HD_WriteBinFile_ex
HD_WriteContainerInfo
HD_WriteKey
InitialCard
Read_Binary
Reload_Pin
Rsa_Decrypt
Rsa_Encrypt
Select_File
Store_Rsa_Key
Update_Binary
Verify_Pin
Write_Key

Sections

.text
Size: 104KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

GPShared
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/SKF_IFD.dll
.dll windows:5 windows x86 arch:x86

fc8e6265b5c6a418a475d2a2a9a187ef

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

setupapi

SetupDiGetDeviceInterfaceDetailA
SetupDiEnumDeviceInfo
CM_Get_Device_IDA
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInterfaces
SetupDiGetClassDevsA
CM_Get_Sibling
CM_Get_Device_IDW
CM_Get_Child
CM_Get_Parent

hid

HidD_GetHidGuid
HidD_FreePreparsedData
HidD_GetFeature
HidD_SetFeature
HidD_GetAttributes
HidD_GetPreparsedData
HidP_GetCaps
HidP_GetSpecificValueCaps

winscard

SCardConnectA
SCardGetStatusChangeA
SCardReleaseContext
SCardEstablishContext
SCardReconnect
SCardBeginTransaction
SCardEndTransaction
SCardTransmit
g_rgSCardT0Pci
SCardControl
SCardGetAttrib
SCardFreeMemory
SCardListReadersA
SCardDisconnect

kernel32

SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
FlushFileBuffers
InitializeCriticalSectionAndSpinCount
GetConsoleMode
GetConsoleCP
SetFilePointer
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
GetSystemTimeAsFileTime
FreeLibrary
GetProcAddress
LoadLibraryA
CreateFileA
WriteFile
ReadFile
CloseHandle
GetCurrentProcessId
GetVersionExA
CreateEventA
SetEvent
WaitForSingleObject
Sleep
DeviceIoControl
GetOverlappedResult
GetLastError
WaitCommEvent
PurgeComm
SetCommMask
SetCommTimeouts
SetCommState
SetupComm
GetCommState
GetDriveTypeA
GetLogicalDrives
ReleaseMutex
OpenMutexA
CreateMutexA
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetTickCount
UnhandledExceptionFilter
RtlUnwind
RaiseException
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
IsDebuggerPresent
ExitThread
ResumeThread
CreateThread
HeapAlloc
GetCurrentThreadId
GetCommandLineA
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
HeapFree
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
ExitProcess
HeapSize
GetStdHandle
GetModuleFileNameA
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualFree
VirtualAlloc
HeapReAlloc
HeapCreate
HeapDestroy
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings

user32

RegisterDeviceNotificationA
UnregisterDeviceNotification

advapi32

RegQueryValueExA
RegOpenKeyA

Exports

Exports

HD_ApduT0
HD_ApduT0Ex
HD_ApduVB
HD_BeginTransaction
HD_CardChange
HD_ClosePort
HD_CloseReader
HD_Deactivate
HD_DestroyReaderList
HD_DownDisk
HD_EndTransaction
HD_ErReset
HD_GetCardInfo
HD_GetConfigDes
HD_GetDescriptor
HD_GetDeviceName
HD_GetDiskVer
HD_GetDllVersion
HD_GetHardwareInf
HD_GetReaderInfo
HD_GetReaderList
HD_IsHDDevice
HD_OpenPath
HD_OpenPort
HD_OpenPortEx
HD_OpenReader
HD_PowerOff
HD_PowerOn
HD_ProbeCard
HD_ProbeCardIn
HD_ProbeReader
HD_ReaderChange
HD_RegisterCardNotification
HD_RegisterReaderNotification
HD_ResetCard
HD_ResetCardEx
HD_ResetCardVB
HD_SetReaderParameter
HD_SetTimeout
HD_UnregisterCardNotification
HD_UnregisterReaderNotification

Sections

.text
Size: 117KB - Virtual size: 117KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/SM2_dll.dll
.dll windows:4 windows x86 arch:x86

b4eb9affc3a4a28034fd158a5b640759

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

QueryPerformanceCounter
FlushConsoleInputBuffer
GetVersionExA
SetEnvironmentVariableA
GetOEMCP
GetACP
CompareStringW
LoadLibraryA
FreeLibrary
GetTickCount
CloseHandle
GlobalMemoryStatus
GetCurrentProcessId
GetStdHandle
GetFileType
GetVersion
GetProcAddress
GetModuleHandleA
GetCurrentThreadId
MultiByteToWideChar
SetEndOfFile
GetLastError
GetTimeZoneInformation
GetSystemTime
GetLocalTime
EnterCriticalSection
LeaveCriticalSection
ExitProcess
TerminateProcess
GetCurrentProcess
SetConsoleCtrlHandler
HeapFree
HeapAlloc
HeapReAlloc
RtlUnwind
InterlockedDecrement
InterlockedIncrement
ReadConsoleInputA
SetConsoleMode
GetConsoleMode
GetCommandLineA
WriteFile
InitializeCriticalSection
DeleteCriticalSection
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
ReadFile
FlushFileBuffers
SetStdHandle
SetHandleCount
GetStartupInfoA
SetFilePointer
WideCharToMultiByte
GetModuleFileNameA
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
LCMapStringA
LCMapStringW
CreateFileA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetStringTypeA
GetStringTypeW
GetCPInfo
CreateFileW
CompareStringA

user32

GetDesktopWindow
GetProcessWindowStation
GetUserObjectInformationW
MessageBoxA

advapi32

ReportEventA
DeregisterEventSource
RegisterEventSourceA

Exports

Exports

BinaryToText
SM2_KeyExchange_A1_A3
SM2_KeyExchange_A4_A10
SM2_KeyExchange_B1_B10
SM2_PublicKeyDecrypt
SM2_PublicKeyEncrypt
SM2_Sign
SM2_Verify
SM3
TextToBinary

Sections

.text
Size: 328KB - Virtual size: 324KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/TSPClient.dll
.dll windows:4 windows x86 arch:x86

236d28b13b5e77e6339ce2efcc493950

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WideCharToMultiByte
CreateDirectoryA
LCMapStringW
LCMapStringA
SetEndOfFile
LoadLibraryA
RtlUnwind
RaiseException
ExitProcess
TerminateProcess
GetCurrentProcess
GetCommandLineA
GetVersion
HeapFree
EnterCriticalSection
LeaveCriticalSection
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
HeapAlloc
SetUnhandledExceptionFilter
CloseHandle
WriteFile
InitializeCriticalSection
ReadFile
DeleteCriticalSection
SetStdHandle
GetFileType
SetHandleCount
GetStdHandle
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
InterlockedDecrement
InterlockedIncrement
IsBadReadPtr
IsBadCodePtr
SetFilePointer
FlushFileBuffers
CreateFileA
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
GetCPInfo
GetACP
GetOEMCP
GetProcAddress
HeapSize

wsock32

WSAStartup
htons
ioctlsocket
socket
connect
WSACleanup
send
closesocket
recv

pkiapi

pkiInit
pkiVerifyData
pkiHashData

Exports

Exports

WH_TSPGetStamp
WH_TSPVerifyStamp

Sections

.text
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/ZFHLGM.dll
.dll windows:5 windows x86 arch:x86

5b48227faa341f2ffa8e5f7460ddea94

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\worksource\营业执照电子副本\客户端源码\PSICAAtv\Release\ZFHLGM.pdb

Imports

kernel32

FreeLibrary
GetProcAddress
LoadLibraryA
OutputDebugStringA
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
DecodePointer
EncodePointer
GetSystemTimeAsFileTime

msvcr100

_amsg_exit
__CppXcptFilter
_crt_debugger_hook
_initterm_e
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
_initterm
_encoded_null
_malloc_crt
strchr
malloc
free
sprintf
fclose
fwrite
fopen
memset
memcpy

Exports

Exports

SKF_CancelWaitForDevEvent
SKF_ChangeDevAuthKey
SKF_ChangePIN
SKF_ClearSecureState
SKF_CloseApplication
SKF_CloseContainer
SKF_CloseHandle
SKF_ConnectDev
SKF_CreateApplication
SKF_CreateContainer
SKF_CreateFile
SKF_Decrypt
SKF_DecryptInit
SKF_DeleteApplication
SKF_DeleteContainer
SKF_DeleteFile
SKF_DevAuth
SKF_Digest
SKF_DigestInit
SKF_DisConnectDev
SKF_ECCExportSessionKey
SKF_ECCSignData
SKF_ECCVerify
SKF_Encrypt
SKF_EncryptInit
SKF_EnumApplication
SKF_EnumContainer
SKF_EnumDev
SKF_EnumFiles
SKF_ExportCertificate
SKF_ExportPublicKey
SKF_ExtECCDecrypt
SKF_ExtECCEncrypt
SKF_ExtECCSign
SKF_ExtECCVerify
SKF_ExtRSAPriKeyOperation
SKF_ExtRSAPubKeyOperation
SKF_GenECCKeyPair
SKF_GenExtRSAKey
SKF_GenRSAKeyPair
SKF_GenRandom
SKF_GetContainerType
SKF_GetDevInfo
SKF_GetDevState
SKF_GetFileInfo
SKF_GetPINInfo
SKF_ImportCertificate
SKF_ImportECCKeyPair
SKF_ImportRSAKeyPair
SKF_ImportSessionKey
SKF_LockDev
SKF_OpenApplication
SKF_OpenContainer
SKF_RSAExportSessionKey
SKF_RSASignData
SKF_RSAVerify
SKF_ReadFile
SKF_SetLabel
SKF_SetSymmKey
SKF_Transmit
SKF_UnLockDev
SKF_UnblockPIN
SKF_VerifyPIN
SKF_WaitForDevEvent
SKF_WriteFile

Sections

.text
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/ZF_ICC_EBL.dll
.dll windows:5 windows x86 arch:x86

818246ebc77596fdc2217548e3b125b6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\workdir\zhangwenli\国密库IC卡CCID_优化权限\vcprojects\Release\SmartCTCAPIHID.pdb

Imports

kernel32

HeapFree
GetProcessHeap
HeapAlloc
lstrcmpiA
ReleaseMutex
GetProcAddress
InterlockedCompareExchange
SetEnvironmentVariableA
IsBadWritePtr
WriteFile
MultiByteToWideChar
MapViewOfFile
UnmapViewOfFile
CreateFileMappingA
LocalFree
LocalAlloc
CreateFileA
DeviceIoControl
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
PurgeComm
CreateEventA
ReadFile
CancelIo
GetOverlappedResult
CompareStringW
CompareStringA
SetEndOfFile
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetLocaleInfoW
GetLocalTime
GetTickCount
Sleep
ReleaseSemaphore
WaitForSingleObject
CloseHandle
OpenSemaphoreA
GetLastError
CreateSemaphoreA
GetCurrentProcessId
FreeLibrary
LoadLibraryA
SetLastError
IsValidLocale
EnumSystemLocalesA
GetSystemTimeAsFileTime
DeleteFileA
HeapReAlloc
RtlUnwind
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
GetCurrentThreadId
GetCommandLineA
SetConsoleCtrlHandler
HeapCreate
HeapDestroy
VirtualFree
FatalAppExitA
VirtualAlloc
GetModuleHandleW
ExitProcess
GetStdHandle
WideCharToMultiByte
GetTimeZoneInformation
SetHandleCount
GetFileType
GetStartupInfoA
SetFilePointer
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
InterlockedDecrement
GetCurrentThread
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapSize
LCMapStringA
LCMapStringW
GetModuleHandleA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
InitializeCriticalSectionAndSpinCount
InterlockedExchange
GetConsoleCP
GetConsoleMode
SetStdHandle
FlushFileBuffers
GetStringTypeA
GetStringTypeW
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
GetLocaleInfoA
GetModuleFileNameA

user32

CharUpperBuffA
FindWindowA

advapi32

CryptAcquireContextA
CryptGenRandom
InitializeSecurityDescriptor
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
CryptReleaseContext
CryptDestroyKey
CryptExportKey
CryptGetUserKey
SetSecurityDescriptorDacl

hid

HidD_GetFeature
HidD_GetManufacturerString
HidD_GetHidGuid
HidD_GetPreparsedData
HidP_GetCaps
HidD_FreePreparsedData
HidD_GetAttributes
HidD_SetFeature

setupapi

SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiGetClassDevsA
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailA

crypt32

CertCompareCertificateName
CertCreateCertificateContext
CertFreeCertificateContext
CertGetNameStringA
CertEnumCertificatesInStore
CryptAcquireCertificatePrivateKey
CertFindCertificateInStore
PFXImportCertStore
CertSetCertificateContextProperty
CertAddEncodedCertificateToStore
CertOpenSystemStoreA
CertCloseStore

shlwapi

PathRemoveFileSpecA

Exports

Exports

EBL_CancelWaitForDevEvent
EBL_ChangeDevAuthKey
EBL_ChangePIN
EBL_ClearSecureState
EBL_CloseApplication
EBL_CloseContainer
EBL_CloseHandle
EBL_ConnectDev
EBL_CreateApplication
EBL_CreateContainer
EBL_CreateFile
EBL_Decrypt
EBL_DecryptFinal
EBL_DecryptInit
EBL_DecryptUpdate
EBL_DeleteApplication
EBL_DeleteContainer
EBL_DeleteFile
EBL_DevAuth
EBL_Digest
EBL_DigestFinal
EBL_DigestInit
EBL_DigestUpdate
EBL_DisConnectDev
EBL_ECCExportSessionKey
EBL_ECCExportSessionKeyEx
EBL_ECCSignData
EBL_ECCVerify
EBL_Encrypt
EBL_EncryptFinal
EBL_EncryptInit
EBL_EncryptUpdate
EBL_EnumApplication
EBL_EnumContainer
EBL_EnumDev
EBL_EnumFiles
EBL_ExportCertificate
EBL_ExportPublicKey
EBL_ExtECCDecrypt
EBL_ExtECCEncrypt
EBL_ExtECCSign
EBL_ExtECCVerify
EBL_ExtRSAPriKeyOperation
EBL_ExtRSAPubKeyOperation
EBL_GenECCExKey
EBL_GenECCKeyPair
EBL_GenExtRSAKey
EBL_GenRSAKeyPair
EBL_GenRandom
EBL_GenerateAgreementDataAndKeyWithECC
EBL_GenerateAgreementDataWithECC
EBL_GenerateKeyWithECC
EBL_GetContainerType
EBL_GetDevInfo
EBL_GetDevState
EBL_GetFileInfo
EBL_GetFunctionList
EBL_GetPINInfo
EBL_ImportCertificate
EBL_ImportECCKeyPair
EBL_ImportRSAKeyPair
EBL_ImportSessionKey
EBL_LockDev
EBL_Mac
EBL_MacFinal
EBL_MacInit
EBL_MacUpdate
EBL_OpenApplication
EBL_OpenContainer
EBL_PrvKeyDecrypt
EBL_RSAExportSessionKey
EBL_RSAExportSessionKeyEx
EBL_RSASignData
EBL_RSAVerify
EBL_ReadFile
EBL_SetLabel
EBL_SetSymmKey
EBL_Transmit
EBL_UnblockPIN
EBL_UnlockDev
EBL_VerifyPIN
EBL_WaitForDevEvent
EBL_WriteFile
Zf_RSAPriToDERPri

Sections

.text
Size: 674KB - Virtual size: 674KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 142KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

MyData
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/ZF_ICC_MNGR.dll
.dll windows:5 windows x86 arch:x86

6ae1a0e446e7b709e2eb7929e94d9a1d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\workdir\zhangwenli\EBL_ICC\Release\ZF_ICC_MNGR.pdb

Imports

kernel32

CreateFileA
CloseHandle
GetLastError
ReleaseSemaphore
CreateSemaphoreA
WaitForSingleObject
Sleep
GetModuleFileNameA
LoadLibraryA
GetProcAddress
SetLastError
FreeLibrary
SetEnvironmentVariableA
CompareStringW
CompareStringA
ReadFile
GetProcessHeap
HeapFree
HeapAlloc
GetSystemTimeAsFileTime
DeleteFileA
HeapReAlloc
GetCurrentThreadId
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapCreate
HeapDestroy
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
GetModuleHandleW
ExitProcess
WriteFile
GetStdHandle
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
InterlockedDecrement
WideCharToMultiByte
GetTimeZoneInformation
RtlUnwind
SetHandleCount
GetFileType
GetStartupInfoA
SetFilePointer
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
InitializeCriticalSectionAndSpinCount
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetConsoleCP
GetConsoleMode
SetStdHandle
FlushFileBuffers
HeapSize
GetLocaleInfoA
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEndOfFile
GetCurrentProcessId

advapi32

CryptAcquireContextA
CryptReleaseContext
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
CryptGenRandom

Exports

Exports

EBL_ICC_ChangeLogicDeviceMK
EBL_ICC_ChangeMK
EBL_ICC_ConnectDev
EBL_ICC_CreateLogicDevice
EBL_ICC_DeleteCertSN
EBL_ICC_DeleteLogicDevice
EBL_ICC_DisConnectDev
EBL_ICC_EnumDev
EBL_ICC_GetInfo
EBL_ICC_ReadConfigInfo
EBL_ICC_WriteCertSN
EBL_ICC_WriteConfigInfo

Sections

.text
Size: 150KB - Virtual size: 149KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/ZF_IFD_MNGR.dll
.dll windows:5 windows x86 arch:x86

e24e4c6aaba51379e59f6ece2df215fe

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\workdir\zhangwenli\ICC_Reader_封装命令头_log\Release\ZF_IFD_MNGR.pdb

Imports

kernel32

WaitForSingleObject
CreateSemaphoreA
GetModuleFileNameA
Sleep
GetTickCount
CreateFileA
CloseHandle
GetLastError
ReleaseSemaphore
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetProcessHeap
SetEndOfFile
HeapSize
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
WriteConsoleW
GetConsoleOutputCP
HeapFree
HeapAlloc
EnterCriticalSection
LeaveCriticalSection
GetSystemTimeAsFileTime
DeleteFileA
HeapReAlloc
GetCurrentThreadId
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapCreate
HeapDestroy
VirtualFree
DeleteCriticalSection
VirtualAlloc
GetModuleHandleW
GetProcAddress
ExitProcess
WriteFile
GetStdHandle
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
SetHandleCount
GetFileType
GetStartupInfoA
RtlUnwind
MultiByteToWideChar
ReadFile
SetFilePointer
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
QueryPerformanceCounter
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
InitializeCriticalSectionAndSpinCount
LoadLibraryA
FlushFileBuffers
SetStdHandle
WriteConsoleA
GetCurrentProcessId

advapi32

CryptAcquireContextA
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
CryptReleaseContext
CryptGenRandom

winscard

SCardStatusA
SCardConnectA
SCardEstablishContext
g_rgSCardT0Pci
SCardTransmit
SCardDisconnect
SCardListReadersA
SCardReleaseContext
g_rgSCardT1Pci

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Exports

Exports

ICC_Reader_CardPowerOff
ICC_Reader_CardPowerOn
ICC_Reader_ChangeLogicDeviceMK
ICC_Reader_ChangeMK
ICC_Reader_Connect
ICC_Reader_CreateLogicDevice
ICC_Reader_CreateSecurityChannelApp
ICC_Reader_DeleteLogicDevice
ICC_Reader_DeleteSecurityChannelApp
ICC_Reader_DisConnect
ICC_Reader_ESAM_ComputeAuthenticateData
ICC_Reader_ESAM_ExportCert
ICC_Reader_ESAM_ExportPublicKey
ICC_Reader_ESAM_PrivateKeyDecrypt
ICC_Reader_GetInfo
ICC_Reader_GetStatus
ICC_Reader_ListReaders
ICC_Reader_ReadConfigInfo
ICC_Reader_Transmit
ICC_Reader_WriteConfigInfo

Sections

.text
Size: 154KB - Virtual size: 153KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/atl100.dll
.dll windows:5 windows x86 arch:x86

0bbf1228f837ecb83ec693b705100bde

Code Sign

2e:ab:11:dc:50:ff:5c:9d:cb:c0
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

22/08/2007, 22:31

Not After

25/08/2012, 07:00

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:01:cf:3e:00:00:00:00:00:0f
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07/12/2009, 22:40

Not After

07/03/2011, 22:40

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16/09/2006, 01:04

Not After

15/09/2019, 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:05:a2:30:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

25/07/2008, 19:01

Not After

25/07/2013, 19:11

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:85D3-305C-5BCF,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

9a:16:2e:ee:28:2f:5b:ce:ae:59:de:01:f6:7c:6c:d1:bf:03:ad:9d
Signer

Actual PE Digest

9a:16:2e:ee:28:2f:5b:ce:ae:59:de:01:f6:7c:6c:d1:bf:03:ad:9d

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

atl100.i386.pdb

Imports

kernel32

lstrlenW
RaiseException
EnterCriticalSection
LeaveCriticalSection
GetLastError
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
DisableThreadLibraryCalls
InterlockedIncrement
InterlockedDecrement
GetProcAddress
GetModuleHandleW
lstrcmpiW
FreeLibrary
MultiByteToWideChar
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
CloseHandle
ReadFile
GetFileSize
CreateFileW
GetModuleFileNameW
WideCharToMultiByte
WaitForSingleObject
GlobalAlloc
FindResourceA
MulDiv
GetCurrentThreadId
FlushInstructionCache
GetCurrentProcess
lstrcmpW
GlobalUnlock
GlobalLock
SetLastError
GlobalFree
GlobalHandle
LockResource
LocalAlloc
InterlockedExchange
LoadLibraryA
HeapFree
DecodePointer
EncodePointer
HeapAlloc
GetCommandLineA
HeapCreate
HeapDestroy
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
IsProcessorFeaturePresent
WriteFile
GetStdHandle
ExitProcess
HeapReAlloc
HeapSize
Sleep
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetHandleCount
GetFileType
GetStartupInfoW
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LoadLibraryW
RtlUnwind
SetFilePointer
GetConsoleCP
GetConsoleMode
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
SetStdHandle
WriteConsoleW
LCMapStringW
GetStringTypeW
FlushFileBuffers
InterlockedCompareExchange
InterlockedPushEntrySList
GetProcessHeap
VirtualFree
VirtualAlloc
InterlockedPopEntrySList

Exports

Exports

AtlAdvise
AtlAxAttachControl
AtlAxCreateControl
AtlAxCreateControlEx
AtlAxCreateControlLic
AtlAxCreateControlLicEx
AtlAxCreateDialogA
AtlAxCreateDialogW
AtlAxDialogBoxA
AtlAxDialogBoxW
AtlAxGetControl
AtlAxGetHost
AtlAxWinInit
AtlCallTermFunc
AtlComModuleGetClassObject
AtlComModuleRegisterClassObjects
AtlComModuleRevokeClassObjects
AtlComModuleUnregisterServer
AtlComPtrAssign
AtlComQIPtrAssign
AtlCreateRegistrar
AtlCreateTargetDC
AtlDevModeW2A
AtlFreeMarshalStream
AtlGetObjectSourceInterface
AtlGetPerUserRegistration
AtlGetVersion
AtlHiMetricToPixel
AtlIPersistPropertyBag_Load
AtlIPersistPropertyBag_Save
AtlIPersistStreamInit_Load
AtlIPersistStreamInit_Save
AtlInternalQueryInterface
AtlLoadTypeLib
AtlMarshalPtrInProc
AtlModuleAddTermFunc
AtlPixelToHiMetric
AtlRegisterClassCategoriesHelper
AtlSetErrorInfo
AtlSetPerUserRegistration
AtlUnadvise
AtlUnmarshalPtr
AtlUpdateRegistryFromResourceD
AtlWaitWithMessageLoop
AtlWinModuleAddCreateWndData
AtlWinModuleExtractCreateWndData
AtlWinModuleInit
AtlWinModuleRegisterClassExA
AtlWinModuleRegisterClassExW
AtlWinModuleRegisterWndClassInfoA
AtlWinModuleRegisterWndClassInfoW
AtlWinModuleTerm

Sections

.text
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/autonk.dll
.dll windows:5 windows x86 arch:x86

310287c0a7010c51520217f78aae111c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

hid

HidD_GetHidGuid

setupapi

SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailA
SetupDiDestroyDeviceInfoList
SetupDiGetClassDevsA

kernel32

SetEndOfFile
HeapFree
HeapAlloc
GetProcessHeap
GetLastError
GetWindowsDirectoryA
CreateDirectoryA
GetCurrentProcess
GetProcAddress
GetModuleHandleA
OutputDebugStringA
GetCurrentThreadId
DecodePointer
GetCommandLineA
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
EncodePointer
SetStdHandle
EnterCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
GetFileType
WriteFile
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
CloseHandle
MultiByteToWideChar
ReadFile
RtlUnwind
RaiseException
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
GetModuleHandleW
SetLastError
InterlockedDecrement
Sleep
ExitProcess
SetHandleCount
GetStdHandle
GetStartupInfoW
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
HeapDestroy
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
SetFilePointer
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
WriteConsoleW
FlushFileBuffers
CreateFileA
HeapSize
GetModuleFileNameW
HeapReAlloc
LoadLibraryW
LCMapStringW
GetStringTypeW
CreateFileW

Exports

Exports

WHICH_CARD
WHICH_KEY
WHICH_KEYEx
WHICH_KEYExx
WHICH_KEY_BY_NAME
WHICH_KEY_RETURN_KEYDLL

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/blicAtv.dll
.dll regsvr32 windows:5 windows x86 arch:x86

3d3b07a6e4992d59dc2c092d27038f0c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

pkiapi

pkiLogin
pkiGetXMLCertInfo
pkiGetSignatureForPKCS7
pkiGenCertRequest
pkiGenerateRandom
pkiHashData
pkiBase64Encode
pkiLoginEx
pkiEnd
pkiGetContainerType
pkiGetDevSerialNumber
pkiWriteLabel
pkiBase64Decode
pkiReadLabel
pkiVerifySignatureForPKCS7
pkiLogout
pkiSetPin
pkiInit

kernel32

HeapDestroy
IsProcessorFeaturePresent
GetConsoleCP
GetConsoleMode
SetHandleCount
GetStartupInfoW
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetStringTypeW
HeapCreate
CompareStringW
GetTimeZoneInformation
WriteConsoleW
CreateFileW
GetProcessHeap
SetEnvironmentVariableA
InterlockedPopEntrySList
VirtualFree
InterlockedPushEntrySList
InterlockedCompareExchange
GetStdHandle
TerminateProcess
LCMapStringW
IsDebuggerPresent
SetUnhandledExceptionFilter
MultiByteToWideChar
WideCharToMultiByte
lstrlenW
RaiseException
EnterCriticalSection
LeaveCriticalSection
GetLastError
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
GetProcAddress
GetModuleHandleA
lstrlenA
lstrcmpiA
InterlockedIncrement
InterlockedDecrement
GetModuleFileNameA
GetModuleHandleW
IsDBCSLeadByte
FlushInstructionCache
GetCurrentProcess
MulDiv
GlobalUnlock
GlobalLock
GlobalAlloc
GetCurrentThreadId
SetLastError
UnhandledExceptionFilter
IsValidCodePage
GetFileType
SetStdHandle
GetSystemTimeAsFileTime
HeapSize
HeapQueryInformation
HeapReAlloc
CreateThread
ExitThread
ExitProcess
EncodePointer
DecodePointer
RtlUnwind
VirtualQuery
GetSystemInfo
VirtualAlloc
HeapFree
HeapAlloc
FindResourceExW
VirtualProtect
GetNumberFormatA
GetWindowsDirectoryA
FreeLibrary
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
SearchPathA
Sleep
LockResource
FindResourceW
CloseHandle
GetProfileIntA
GetTickCount
GetACP
GetOEMCP
GetCPInfo
GetTempPathA
GetTempFileNameA
GetFileTime
GetFileSizeEx
GetFileAttributesA
FileTimeToLocalFileTime
GetFileAttributesExA
FileTimeToSystemTime
FreeResource
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
lstrcpyA
LoadLibraryW
GlobalFlags
GetCurrentDirectoryA
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
SetErrorMode
GetVersionExA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
DeleteFileA
GetModuleFileNameW
ReleaseActCtx
CreateActCtxW
GetCurrentProcessId
GlobalAddAtomA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
WaitForSingleObject
ResumeThread
SetThreadPriority
ReadFile
GlobalDeleteAtom
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoA
CompareStringA
ActivateActCtx
LoadLibraryA
DeactivateActCtx
InterlockedExchange
lstrcmpA
GlobalFree
CopyFileA
GlobalSize
FormatMessageA
LocalFree
OutputDebugStringA
GetCommandLineA
CreateFileA
GetFileSize

user32

SetClipboardData
CopyImage
OpenClipboard
GetMenuDefaultItem
GetUpdateRect
FrameRect
IsClipboardFormatAvailable
SetMenuDefaultItem
WaitMessage
PostThreadMessageA
CreateMenu
IsMenu
UpdateLayeredWindow
EnableScrollBar
MonitorFromPoint
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcA
DefFrameProcA
UnpackDDElParam
ReuseDDElParam
LoadMenuA
LoadImageA
LoadAcceleratorsA
InsertMenuItemA
TranslateAcceleratorA
LockWindowUpdate
BringWindowToTop
SetCursorPos
SetRect
CreateAcceleratorTableA
LoadAcceleratorsW
GetKeyboardState
GetKeyboardLayout
MapVirtualKeyA
ToAsciiEx
CopyAcceleratorTableA
DrawFocusRect
DrawFrameControl
DrawEdge
DrawIconEx
DrawStateA
MessageBeep
ReleaseCapture
SetCapture
GetSystemMenu
LoadMenuW
SetClassLongA
GetAsyncKeyState
NotifyWinEvent
WindowFromPoint
CreatePopupMenu
DestroyAcceleratorTable
SetParent
RedrawWindow
IsZoomed
IsRectEmpty
DestroyMenu
GetMenuItemInfoA
InflateRect
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
UnregisterClassA
DestroyIcon
IsIconic
MoveWindow
IsDialogMessageA
CheckDlgButton
RegisterWindowMessageA
LoadIconW
LoadIconA
SendDlgItemMessageA
WinHelpA
GetCapture
GetClassLongA
SetPropA
GetPropA
GetWindowTextLengthA
GetForegroundWindow
SetActiveWindow
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
GetMessageTime
GetMessagePos
MonitorFromWindow
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
RegisterClassA
AdjustWindowRectEx
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
GetMenu
GetClassInfoA
MapWindowPoints
LoadCursorW
SetLayeredWindowAttributes
EnumDisplayMonitors
SystemParametersInfoA
GetMonitorInfoA
SetRectEmpty
CopyRect
KillTimer
SetTimer
UpdateWindow
GetDesktopWindow
RealChildWindowFromPoint
GetWindow
GetDlgCtrlID
GetWindowRect
GetClassNameA
GetWindowTextA
SetWindowTextA
GetWindowDC
ClientToScreen
ScreenToClient
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
DeleteMenu
GetSysColor
GetSysColorBrush
CharUpperA
GetSystemMetrics
UnhookWindowsHookEx
GetWindowThreadProcessId
GetLastActivePopup
IsWindowEnabled
EnableWindow
MessageBoxA
ShowOwnedPopups
SetCursor
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
IsWindowVisible
PeekMessageA
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetWindowRgn
DestroyCursor
DrawIcon
MapDialogRect
GetNextDlgGroupItem
HideCaret
InvertRect
SubtractRect
MapVirtualKeyExA
GetKeyNameTextA
IsCharLowerA
GetIconInfo
GetDoubleClickTime
SendMessageA
ModifyMenuA
EnableMenuItem
CheckMenuItem
PostMessageA
PostQuitMessage
GetMenuState
GetMenuStringA
AppendMenuA
GetMenuItemID
CharUpperBuffA
CopyIcon
RegisterClipboardFormatA
LoadImageW
EmptyClipboard
RemovePropA
CloseClipboard
InsertMenuA
GetMenuItemCount
GetSubMenu
RemoveMenu
CreateWindowExA
RegisterClassExA
GetKeyState
InvalidateRect
IsWindow
GetParent
GetFocus
IsChild
SetFocus
UnionRect
PtInRect
CallWindowProcA
BeginPaint
GetClientRect
EndPaint
IntersectRect
EqualRect
OffsetRect
SetWindowRgn
SetWindowPos
GetDC
ReleaseDC
LoadCursorA
GetClassInfoExA
ShowWindow
GetWindowLongA
SetWindowLongA
DefWindowProcA
DestroyWindow
CharNextW
CharNextA

gdi32

LineTo
MoveToEx
GetLayout
SetLayout
DeleteObject
SelectClipRgn
CreateRectRgn
GetObjectA
GetViewportExtEx
GetWindowExtEx
BitBlt
GetPixel
PtVisible
RectVisible
ExtTextOutA
Escape
SelectObject
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
OffsetWindowOrgEx
ScaleWindowExtEx
ExtSelectClipRgn
CreatePatternBrush
CreateCompatibleDC
GetStockObject
SelectPalette
GetObjectType
CreatePen
CreateSolidBrush
CreateHatchBrush
CreateDIBitmap
CreateFontIndirectA
CreateCompatibleBitmap
GetTextMetricsA
EnumFontFamiliesA
IntersectClipRect
GetTextExtentPoint32A
SetRectRgn
CombineRgn
PatBlt
DPtoLP
CreateDIBSection
CreateRoundRectRgn
CreatePolygonRgn
GetBkColor
GetTextColor
CreateEllipticRgn
Polyline
Ellipse
Polygon
OffsetRgn
GetRgnBox
SetDIBColorTable
RealizePalette
StretchBlt
SetPixel
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
EnumFontFamiliesExA
GetTextFaceA
SetPixelV
GetClipBox
ExcludeClipRect
SetTextColor
SetROP2
SetPolyFillMode
SetBkMode
SetBkColor
CreateBitmap
CopyMetaFileA
LPtoDP
SetMapMode
SetViewportOrgEx
DeleteDC
CreateDCA
Rectangle
SetTextAlign
TextOutA
CreateMetaFileA
SaveDC
SetWindowOrgEx
SetWindowExtEx
RestoreDC
CloseMetaFile
DeleteMetaFile
GetTextCharsetInfo
GetDeviceCaps
CreateRectRgnIndirect

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegSetValueExA
RegQueryInfoKeyW
RegEnumKeyExA
RegQueryInfoKeyA
RegEnumValueA
RegOpenKeyExA
RegQueryValueA
RegEnumKeyA
RegQueryValueExA

shell32

SHGetSpecialFolderLocation
DragFinish
DragQueryFileA
SHAppBarMessage
SHBrowseForFolderA
SHGetFileInfoA
SHGetPathFromIDListA
SHGetDesktopFolder
ShellExecuteA

comctl32

ImageList_GetIconSize

shlwapi

PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathFindExtensionA
PathRemoveFileSpecW

ole32

OleCreateMenuDescriptor
CoInitialize
CoInitializeEx
CoUninitialize
OleDuplicateData
ReleaseStgMedium
ReadClassStm
OleSaveToStream
WriteClassStm
CreateDataAdviseHolder
OleRegGetMiscStatus
OleRegGetUserType
OleRegEnumVerbs
CreateOleAdviseHolder
StringFromGUID2
CoCreateInstance
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleGetClipboard
DoDragDrop
CreateStreamOnHGlobal
OleLockRunning
IsAccelerator
OleTranslateAccelerator
CoCreateGuid
OleDestroyMenuDescriptor

oleaut32

SystemTimeToVariantTime
VariantTimeToSystemTime
SysAllocStringLen
OleCreatePropertyFrame
LoadRegTypeLi
VariantChangeType
VariantClear
VarBstrFromDate
SysStringLen
SysStringByteLen
SysAllocStringByteLen
VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
SysAllocString
SysFreeString
VariantInit

gdiplus

GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdiplusShutdown
GdipGetImagePaletteSize
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipBitmapUnlockBits
GdipGetImageGraphicsContext
GdipDrawImageI
GdipGetImagePalette
GdipCreateBitmapFromStream
GdiplusStartup
GdipBitmapLockBits
GdipCreateBitmapFromScan0

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 271KB - Virtual size: 270KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 166KB - Virtual size: 166KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/certsoft.dll
.dll windows:4 windows x86 arch:x86

c57c2ca00e4bfcc187b97e19847630cc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteFileA
GetLastError
GetCommandLineA
GetVersion
HeapFree
CloseHandle
WriteFile
HeapAlloc
SetStdHandle
GetFileType
ReadFile
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
SetHandleCount
GetStdHandle
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
FlushFileBuffers
SetFilePointer
CreateFileA
InterlockedDecrement
InterlockedIncrement
GetCPInfo
GetACP
GetOEMCP
GetProcAddress
LoadLibraryA
SetEndOfFile
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
RtlUnwind

Exports

Exports

WHCERT_CreateCertStore
WHCERT_DestroyCert
WHCERT_DestroyCertStore
WHCERT_EnumCertInStore
WHCERT_ExportCert
WHCERT_FindCertStore
WHCERT_GetCertProperty
WHCERT_GetUserCert
WHCERT_ImportCert
WHCERT_SetCertProperty

Sections

.text
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 944B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/ebl_reader.cfg
$SYSDIR/gpsvc.dll
.dll windows:6 windows x86 arch:x86

00be1afbfd7270a6f4019a0378221ce2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

gpsvc.pdb

Imports

msvcrt

__CxxFrameHandler3
memcpy_s
memmove_s
??0exception@@QAE@ABQBD@Z
_except_handler4_common
_onexit
_lock
__dllonexit
_unlock
??1type_info@@UAE@XZ
?what@exception@@UBEPBDXZ
??0exception@@QAE@XZ
??1exception@@UAE@XZ
??0exception@@QAE@ABV0@@Z
_CxxThrowException
_purecall
memcpy
_vsnwprintf
wcsncmp
iswdigit
_wtol
strchr
_errno
strtoul
wcstoul
_amsg_exit
_initterm
_XcptFilter
malloc
_callnewh
free
_wcsnicmp
toupper
wcschr
memset
wcsrchr
_wcsicmp
_itow

ntdll

RtlAdjustPrivilege
RtlNtStatusToDosError
EtwEventUnregister
EtwEventRegister
EtwEventActivityIdControl
EtwEventWrite
NtDuplicateToken
NtClose
RtlIsDosDeviceName_U
NtCreateFile
RtlFreeHeap
RtlReleaseRelativeName
RtlDosPathNameToRelativeNtPathName_U
RtlTimeToSecondsSince1980
NtQuerySystemTime
RtlCopySid
RtlLengthSid
NtQueryInformationToken
RtlEqualSid
RtlFreeUnicodeString
RtlConvertSidToUnicodeString
NtSetInformationProcess
WinSqmSetDWORD
RtlInitUnicodeString
EtwEventEnabled

api-ms-win-service-core-l1-1-0

SetServiceStatus
RegisterServiceCtrlHandlerExW

api-ms-win-service-management-l1-1-0

OpenSCManagerW
OpenServiceW
CloseServiceHandle

api-ms-win-service-management-l2-1-0

QueryServiceConfigW
ChangeServiceConfigW

advapi32

RegGetKeySecurity
GetSidSubAuthority
RegOpenCurrentUser
SetTokenInformation
MakeSelfRelativeSD
AddAccessAllowedAceEx
SetSecurityDescriptorGroup
GetSecurityDescriptorLength
GetNamedSecurityInfoW
GetTokenInformation
AccessCheck
ImpersonateLoggedOnUser
InitializeAcl
AddAccessAllowedAce
GetAce
SetEntriesInAclW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
SetSecurityDescriptorOwner
SetSecurityDescriptorControl
GetSecurityInfo
IsValidSecurityDescriptor
GetSecurityDescriptorDacl
MapGenericMask
AllocateAndInitializeSid
FreeSid
LookupAccountNameW
IsValidSid
GetLengthSid
CopySid
EqualSid
GetSidSubAuthorityCount
RegSetKeySecurity
DuplicateTokenEx
IsWellKnownSid
LookupAccountSidW
CreateWellKnownSid
CheckTokenMembership
OpenProcessToken
RegConnectRegistryW
AccessCheckByType
OpenThreadToken
SetThreadToken
RegQueryValueExA
CreateProcessAsUserW
RevertToSelf
RegCreateKeyExW
RegCloseKey
RegOpenKeyExW
RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegDeleteValueW
RegEnumValueW
RegQueryValueExW

user32

LoadStringW
GetSystemMetrics
BroadcastSystemMessageW

gpapi

ord111
LeaveCriticalPolicySectionInternal
RsopLoggingEnabledInternal
ord114

wldap32

ord118
ord12
ord179
ord26
ord133
ord147
ord27
ord203
ord41
ord145
ord16
ord14
ord18
ord88
ord73
ord13
ord140
ord142
ord79
ord224

secur32

QuerySecurityPackageInfoW
AcquireCredentialsHandleW
SeciAllocateAndSetIPAddress
InitializeSecurityContextW
AcceptSecurityContext
DeleteSecurityContext
FreeCredentialsHandle
TranslateNameW
SeciFreeCallContext
GetComputerObjectNameW
GetUserNameExW
QuerySecurityContextToken
FreeContextBuffer

nsi

NsiGetParameter

kernel32

CreateDirectoryW
FindNLSString
GetFileSize
ResetEvent
WTSGetActiveConsoleSessionId
SetPriorityClass
FreeLibraryAndExitThread
CreateJobObjectW
ReadFile
SetInformationJobObject
TerminateJobObject
OpenEventW
GetProfileIntW
SetCurrentDirectoryW
RemoveDirectoryW
GetModuleHandleExW
CompareStringA
GetFullPathNameW
RegDeleteKeyExW
AssignProcessToJobObject
GetCurrentDirectoryW
GlobalAlloc
GlobalFree
GetLocalTime
OutputDebugStringW
SetFilePointer
RegisterWaitForSingleObject
InitializeCriticalSectionAndSpinCount
MultiByteToWideChar
LocalReAlloc
RegNotifyChangeKeyValue
FormatMessageW
GetModuleHandleW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
Sleep
InterlockedExchange
FileTimeToSystemTime
SystemTimeToFileTime
GetSystemTime
lstrcmpW
LocalFree
CompareStringW
GetLastError
LocalAlloc
lstrlenW
CloseHandle
UnregisterWaitEx
SetEvent
WaitForSingleObject
CreateEventW
GetVersionExW
CreateThread
QueueUserWorkItem
DelayLoadFailureHook
GetProcAddress
FreeLibrary
InterlockedCompareExchange
LoadLibraryExA
SetLastError
FindClose
FindNextFileW
GetFileAttributesExW
FindFirstFileW
GetComputerNameExW
GetTickCount
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
LoadLibraryW
InterlockedIncrement
InterlockedDecrement
GetCurrentThread
GetSystemTimeAsFileTime
WaitForMultipleObjects
SetWaitableTimer
CreateWaitableTimerW
ResumeThread
SetThreadPriority
DuplicateHandle
GetCurrentProcess
lstrcmpiW
lstrlenA
ExpandEnvironmentStringsW
GetPrivateProfileStringW
GetPrivateProfileIntW
WriteFile
GetFileAttributesW
CreateFileW
GetComputerNameW
MoveFileExW
DeleteFileW
SetFileAttributesW

rpcrt4

NdrServerCall2
NdrAsyncServerCall
RpcServerSubscribeForNotification
RpcServerUnsubscribeForNotification
RpcAsyncCompleteCall
RpcAsyncAbortCall
RpcImpersonateClient
RpcRevertToSelf
RpcRaiseException
RpcBindingToStringBindingW
RpcStringBindingParseW
RpcEpUnregister
RpcBindingVectorFree
RpcServerUnregisterIf
RpcServerRegisterIfEx
RpcServerUseProtseqW
RpcServerInqBindings
RpcEpRegisterW
UuidToStringW
UuidFromStringW
RpcStringFreeW
UuidCreate

sysntfy

SysNotifyStopServer
SysNotifyStartServer

nlaapi

NlaDeletePluginRequests
NlaRefreshQuery
NlaCreatePluginRequests
NlaAddToPluginRequests
NlaGetInternetCapability
NlaRegisterQuery
NlaCreateTypeSet
NlaAddToTypeSet
NlaOpenQuery
NlaQueryNetSignatures
NlaGetIntranetCapability
NlaCloseQuery
NlaDeleteTypeSet
NlaDeleteDataSet
NlaQueryNetData

api-ms-win-service-winsvc-l1-1-0

QueryServiceStatus

Exports

Exports

DllCanUnloadNow
DllGetClassObject
GenerateRsopPolicy
GroupPolicyClientServiceMain
ProcessGroupPolicyCompletedExInternal
ProcessGroupPolicyCompletedInternal
RsopAccessCheckByTypeInternal
RsopFileAccessCheckInternal
RsopResetPolicySettingStatusInternal
RsopSetPolicySettingStatusInternal
SvchostPushServiceGlobals

Sections

.text
Size: 514KB - Virtual size: 513KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/ieshims.dll
.dll windows:6 windows x86 arch:x86

a656d4bb36f0d06957db2d8de8f0946e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

ieshims.pdb

Imports

msvcrt

wcspbrk
wcsstr
wcsrchr
_vsnwprintf
memmove
_vscwprintf
__CxxFrameHandler3
memset
_onexit
_except_handler4_common
_lock
__dllonexit
_unlock
?terminate@@YAXXZ
??1type_info@@UAE@XZ
_amsg_exit
_initterm
_XcptFilter
fclose
fputws
_wfopen
calloc
wcsncmp
_wcslwr
wcstok_s
memmove_s
wcschr
realloc
wcsspn
memcpy_s
iswctype
towlower
_wcsicmp
iswspace
malloc
_wcsnicmp
free
_CxxThrowException

ntdll

RtlNtStatusToDosError
NtQueryObject

kernel32

WaitForSingleObject
LoadLibraryW
IsWow64Process
GetVersionExA
CreateMutexW
InitializeCriticalSection
DeleteCriticalSection
ReleaseMutex
UnhandledExceptionFilter
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
InterlockedCompareExchange
Sleep
InterlockedExchange
OutputDebugStringW
OutputDebugStringA
VirtualProtect
GetModuleHandleA
SetEnvironmentVariableW
DuplicateHandle
GetCurrentProcess
SetFileAttributesW
GetFileInformationByHandle
lstrcmpiW
DeviceIoControl
lstrlenW
CopyFileW
CreateDirectoryW
MapViewOfFile
UnmapViewOfFile
CreateFileMappingW
GetLogicalDriveStringsW
OpenProcess
SetUnhandledExceptionFilter
EnterCriticalSection
GetCurrentThreadId
SearchPathW
GetFileAttributesW
GetModuleFileNameW
SetLastError
LocalAlloc
VirtualQuery
FreeLibrary
GetModuleHandleW
WideCharToMultiByte
MultiByteToWideChar
GetCurrentDirectoryW
GetProcAddress
LocalFree
GetLastError
GetProcessId
GetCurrentProcessId
GetFullPathNameW
GetEnvironmentVariableW
HeapAlloc
InterlockedIncrement
InterlockedDecrement
HeapFree
GetProcessHeap
GetSystemDirectoryW
GetLongPathNameW
GetWindowsDirectoryW
ExpandEnvironmentStringsW
GetModuleHandleExW
TlsGetValue
TlsSetValue
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
TlsAlloc
WaitForSingleObjectEx
OpenEventW
CloseHandle
DeleteProcThreadAttributeList
TerminateProcess
CreateFileW
GetFileSizeEx
DecodePointer
InitializeProcThreadAttributeList
TlsFree
EncodePointer
FindFirstFileW
FindNextFileW
FindClose
QueryDosDeviceW

shlwapi

ord154
PathFindFileNameW
StrDupW
PathGetArgsW
SHRegGetValueW
ord152
PathSkipRootW
PathIsUNCW
ord158
ord156
ord157

ole32

StringFromGUID2
CoTaskMemFree
CoTaskMemAlloc
CoUninitialize
CoInitialize

oleaut32

SysFreeString
SysAllocString

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCloseKey
DecryptFileW
EncryptFileW
RegCreateKeyExW
RegSetValueExW
RegEnumKeyW
RegEnumValueW
RegQueryInfoKeyW

iertutil

ord50
ord45
ord58
ord305
ord170

shell32

ShellExecuteExW
SHGetDesktopFolder
SHGetFolderPathW

user32

AllowSetForegroundWindow
GetClassNameW
GetGUIThreadInfo
GetForegroundWindow
GetWindowThreadProcessId
GetPropW

Exports

Exports

AcRedirNotify
AcRedirNotifySetEnabled
AcRedirSetEnabled
IEShims_GetOriginatingThreadId
IEShims_InDllMainContext
IEShims_Initialize
IEShims_SetRedirectRegistryForThread
IEShims_Uninitialize

Sections

.text
Size: 172KB - Virtual size: 171KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/libiconv2.dll
.dll .ps1 windows:4 windows x86 arch:x86 polyglot

5e63e66630a8ecd829ce2cfdcfa121ae

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

AddAtomA
FindAtomA
GetACP
GetAtomNameA
GetModuleFileNameA
GetSystemInfo

msvcrt

_strdup
__dllonexit
_errno
abort
fflush
free
malloc
memcpy
sprintf
strchr
strcmp
strcpy
strlen
strncmp

Exports

Exports

DllGetVersion
_libiconv_version
aliases2_lookup
aliases_lookup
libiconv
libiconv_close
libiconv_open
libiconv_relocate
libiconv_set_relocation_prefix
libiconvctl
libiconvlist
locale_charset

Sections

.text
Size: 945KB - Virtual size: 944KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 656B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 364B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 664B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
$SYSDIR/libnspr3.dll
.dll windows:4 windows x86 arch:x86

9df49647ee0e8f76d75a1bd6930c2668

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wsock32

WSASetLastError
__WSAFDIsSet
recvfrom
sendto
send
WSACleanup
recv
getpeername
shutdown
ord1140
ord1141
ord1142
inet_ntoa
socket
gethostname
bind
getsockname
listen
connect
accept
setsockopt
getsockopt
ntohl
ntohs
ioctlsocket
htonl
htons
getprotobynumber
getprotobyname
gethostbyaddr
select
gethostbyname
WSAStartup
closesocket
WSAGetLastError

winmm

timeGetTime

msvcrt

_initterm
_adjust_fdiv
_stricmp
__p__environ
qsort
_tzname
_timezone
_daylight
_exit
_beginthreadex
_access
strpbrk
_stat
strftime
strncmp
_errno
strerror
_ftol
free
realloc
calloc
malloc
strrchr
strstr
tolower
strtol
strtoul
strchr
memchr
__mb_cur_max
_isctype
_pctype
getenv
sprintf
printf
abort
fputs
fopen
setvbuf
fclose
sscanf
exit
_iob
fprintf
atoi
localtime
mktime
_ftime
_flushall
_strdup
_strcmpi

kernel32

GetLastError
ReadFile
lstrlenA
OpenFileMappingA
OpenSemaphoreA
QueryPerformanceCounter
QueryPerformanceFrequency
UnmapViewOfFile
MapViewOfFile
FormatMessageA
CreateFileMappingA
TerminateProcess
GetExitCodeProcess
GetEnvironmentStrings
FreeEnvironmentStringsA
CreateProcessA
GetTimeZoneInformation
WideCharToMultiByte
SuspendThread
GetProcessAffinityMask
SetThreadAffinityMask
SetLastError
SwitchToFiber
CreateFiber
ConvertThreadToFiber
SetThreadPriority
ResumeThread
GetCurrentProcess
GetCurrentThread
DuplicateHandle
CreateSemaphoreA
CreateEventA
TlsFree
TlsAlloc
GetThreadContext
CancelIo
GetLogicalDriveStringsA
LockFileEx
RemoveDirectoryA
CreateDirectoryA
MoveFileA
GetFileInformationByHandle
GetDriveTypeA
GetFullPathNameA
DeleteFileA
FindNextFileA
FindFirstFileA
FindClose
SetHandleInformation
FlushFileBuffers
CreateFileA
SetFilePointer
WriteFile
WaitForMultipleObjects
GetOverlappedResult
ResetEvent
CreateIoCompletionPort
GetVersionExA
PostQueuedCompletionStatus
WaitForSingleObject
DeleteFiber
GetQueuedCompletionStatus
ReleaseSemaphore
TryEnterCriticalSection
Sleep
GetStdHandle
CreatePipe
CloseHandle
UnlockFileEx
GetVolumeInformationA
InterlockedExchange
GetSystemInfo
FreeLibrary
LoadLibraryA
GetProcAddress
GetModuleHandleA
DebugBreak
TlsGetValue
TlsSetValue
OutputDebugStringA
DeleteCriticalSection
InitializeCriticalSection
SetErrorMode
InterlockedCompareExchange
EnterCriticalSection
LeaveCriticalSection

Exports

Exports

GetExecutionEnvironment
LL_MaxInt
LL_MinInt
LL_Zero
PRP_DestroyNakedCondVar
PRP_NakedBroadcast
PRP_NakedNotify
PRP_NakedWait
PRP_NewNakedCondVar
PRP_TryLock
PR_Abort
PR_Accept
PR_AcceptRead
PR_Access
PR_AddWaitFileDesc
PR_AllocFileDesc
PR_Assert
PR_AtomicAdd
PR_AtomicDecrement
PR_AtomicIncrement
PR_AtomicSet
PR_AttachSharedMemory
PR_AttachThread
PR_AttachThreadGCAble
PR_Available
PR_Available64
PR_Bind
PR_BlockClockInterrupts
PR_CEnterMonitor
PR_CExitMonitor
PR_CNotify
PR_CNotifyAll
PR_CWait
PR_CallOnce
PR_Calloc
PR_CancelWaitFileDesc
PR_CancelWaitGroup
PR_CeilingLog2
PR_ChangeFileDescNativeHandle
PR_Cleanup
PR_ClearInterrupt
PR_ClearThreadGCAble
PR_Close
PR_CloseDir
PR_CloseFileMap
PR_CloseSemaphore
PR_CloseSharedMemory
PR_Connect
PR_CreateAlarm
PR_CreateFileMap
PR_CreateIOLayerStub
PR_CreateMWaitEnumerator
PR_CreateNetAddr
PR_CreatePipe
PR_CreateProcess
PR_CreateProcessDetached
PR_CreateSocketPollFd
PR_CreateStack
PR_CreateThread
PR_CreateThreadGCAble
PR_CreateWaitGroup
PR_Delete
PR_DeleteSemaphore
PR_DeleteSharedMemory
PR_DestroyAlarm
PR_DestroyCondVar
PR_DestroyLock
PR_DestroyMWaitEnumerator
PR_DestroyMonitor
PR_DestroyNetAddr
PR_DestroyPollableEvent
PR_DestroyProcessAttr
PR_DestroyRWLock
PR_DestroySem
PR_DestroySocketPollFd
PR_DestroyStack
PR_DestroyWaitGroup
PR_DetachProcess
PR_DetachSharedMemory
PR_DetachThread
PR_DisableClockInterrupts
PR_EnableClockInterrupts
PR_EnterMonitor
PR_EnumerateHostEnt
PR_EnumerateThreads
PR_EnumerateWaitGroup
PR_ErrorInstallCallback
PR_ErrorInstallTable
PR_ErrorLanguages
PR_ErrorToName
PR_ErrorToString
PR_ExitMonitor
PR_ExplodeTime
PR_ExportFileMapAsString
PR_FD_CLR
PR_FD_ISSET
PR_FD_NCLR
PR_FD_NISSET
PR_FD_NSET
PR_FD_SET
PR_FD_ZERO
PR_FamilyInet
PR_FileDesc2NativeHandle
PR_FindLibrary
PR_FindSymbol
PR_FindSymbolAndLibrary
PR_FloorLog2
PR_FormatTime
PR_FormatTimeUSEnglish
PR_Free
PR_FreeFileDesc
PR_FreeLibraryName
PR_GMTParameters
PR_GetConnectStatus
PR_GetCurrentThread
PR_GetDefaultIOMethods
PR_GetDescType
PR_GetDirectorySeparator
PR_GetDirectorySepartor
PR_GetEnv
PR_GetError
PR_GetErrorString
PR_GetErrorText
PR_GetErrorTextLength
PR_GetFileInfo
PR_GetFileInfo64
PR_GetFileMethods
PR_GetGCRegisters
PR_GetHostByAddr
PR_GetHostByName
PR_GetHostName
PR_GetIPNodeByName
PR_GetIdentitiesLayer
PR_GetInheritedFD
PR_GetInheritedFileMap
PR_GetLayersIdentity
PR_GetLibraryName
PR_GetLibraryPath
PR_GetMonitorEntryCount
PR_GetNameForIdentity
PR_GetOSError
PR_GetOpenFileInfo
PR_GetOpenFileInfo64
PR_GetPageShift
PR_GetPageSize
PR_GetPeerName
PR_GetPipeMethods
PR_GetProtoByName
PR_GetProtoByNumber
PR_GetSP
PR_GetSockName
PR_GetSockOpt
PR_GetSocketOption
PR_GetSpecialFD
PR_GetStackSpaceLeft
PR_GetSystemInfo
PR_GetTCPMethods
PR_GetThreadAffinityMask
PR_GetThreadID
PR_GetThreadPriority
PR_GetThreadPrivate
PR_GetThreadScope
PR_GetThreadState
PR_GetThreadType
PR_GetUDPMethods
PR_GetUniqueIdentity
PR_ImplodeTime
PR_ImportFile
PR_ImportFileMapFromString
PR_ImportTCPSocket
PR_ImportUDPSocket
PR_Init
PR_Initialize
PR_InitializeNetAddr
PR_Initialized
PR_Interrupt
PR_IntervalNow
PR_IntervalToMicroseconds
PR_IntervalToMilliseconds
PR_IntervalToSeconds
PR_IsNetAddrType
PR_JoinThread
PR_KillProcess
PR_Listen
PR_LoadLibrary
PR_LoadStaticLibrary
PR_LocalTimeParameters
PR_Lock
PR_LockFile
PR_LogFlush
PR_LogPrint
PR_Malloc
PR_MemMap
PR_MemUnmap
PR_MicrosecondsToInterval
PR_MillisecondsToInterval
PR_MkDir
PR_NTFast_Accept
PR_NTFast_AcceptRead
PR_NTFast_AcceptRead_WithTimeoutCallback
PR_NTFast_UpdateAcceptContext
PR_NT_CancelIo
PR_NT_UseNonblock
PR_NetAddrSize
PR_NetAddrToString
PR_NewCondVar
PR_NewLock
PR_NewLogModule
PR_NewMonitor
PR_NewNamedMonitor
PR_NewPollableEvent
PR_NewProcessAttr
PR_NewRWLock
PR_NewSem
PR_NewTCPSocket
PR_NewTCPSocketPair
PR_NewThreadPrivateIndex
PR_NewUDPSocket
PR_NormalizeTime
PR_Notify
PR_NotifyAll
PR_NotifyAllCondVar
PR_NotifyCondVar
PR_Now
PR_Open
PR_OpenAnonFileMap
PR_OpenDir
PR_OpenSemaphore
PR_OpenSharedMemory
PR_OpenTCPSocket
PR_OpenUDPSocket
PR_ParseTimeString
PR_Poll
PR_PopIOLayer
PR_PostSem
PR_PostSemaphore
PR_ProcessAttrSetCurrentDirectory
PR_ProcessAttrSetInheritableFD
PR_ProcessAttrSetInheritableFileMap
PR_ProcessAttrSetStdioRedirect
PR_ProcessExit
PR_PushIOLayer
PR_RWLock_Rlock
PR_RWLock_Unlock
PR_RWLock_Wlock
PR_Read
PR_ReadDir
PR_Realloc
PR_Recv
PR_RecvFrom
PR_Rename
PR_ResetAlarm
PR_ResetProcessAttr
PR_ResumeAll
PR_RmDir
PR_ScanStackPointers
PR_SecondsToInterval
PR_Seek
PR_Seek64
PR_Select
PR_Send
PR_SendFile
PR_SendTo
PR_SetAlarm
PR_SetCPUAffinityMask
PR_SetConcurrency
PR_SetError
PR_SetErrorText
PR_SetFDCacheSize
PR_SetFDInheritable
PR_SetIPv6Enable
PR_SetLibraryPath
PR_SetLogBuffering
PR_SetLogFile
PR_SetNetAddr
PR_SetPollableEvent
PR_SetSockOpt
PR_SetSocketOption
PR_SetStdioRedirect
PR_SetThreadAffinityMask
PR_SetThreadDumpProc
PR_SetThreadGCAble
PR_SetThreadPriority
PR_SetThreadPrivate
PR_SetThreadRecycleMode
PR_ShowStatus
PR_Shutdown
PR_Sleep
PR_Socket
PR_StackPop
PR_StackPush
PR_Stat
PR_StringToNetAddr
PR_SuspendAll
PR_Sync
PR_TLockFile
PR_TestAndEnterMonitor
PR_TestAndLock
PR_ThreadScanStackPointers
PR_TicksPerSecond
PR_TransmitFile
PR_USPacificTimeParameters
PR_UnblockClockInterrupts
PR_UnloadLibrary
PR_Unlock
PR_UnlockFile
PR_VersionCheck
PR_Wait
PR_WaitCondVar
PR_WaitForPollableEvent
PR_WaitProcess
PR_WaitRecvReady
PR_WaitSem
PR_WaitSemaphore
PR_Write
PR_Writev
PR_Yield
PR_cnvtf
PR_dtoa
PR_fprintf
PR_htonl
PR_htonll
PR_htons
PR_ntohl
PR_ntohll
PR_ntohs
PR_smprintf
PR_smprintf_free
PR_snprintf
PR_sprintf_append
PR_sscanf
PR_strtod
PR_sxprintf
PR_vfprintf
PR_vsmprintf
PR_vsnprintf
PR_vsprintf_append
PR_vsxprintf
SetExecutionEnvironment
_PR_AddSleepQ
_PR_CreateThread
_PR_DelSleepQ
_PR_GetPrimordialCPU
_PR_NativeCreateThread
libVersionPoint

Sections

.text
Size: 164KB - Virtual size: 162KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 920B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/libplc3.dll
.dll windows:4 windows x86 arch:x86

9e14f1b9e620d4acf24de63db11056b1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

libnspr3

PR_GetSpecialFD
PR_SetError
PR_Calloc
PR_Malloc
PR_GetOSError
PR_GetError
PR_fprintf
PR_Free

msvcrt

malloc
free
_initterm
_adjust_fdiv

kernel32

DisableThreadLibraryCalls

Exports

Exports

PL_Base64Decode
PL_Base64Encode
PL_CreateOptState
PL_DestroyOptState
PL_FPrintError
PL_GetNextOpt
PL_PrintError
PL_strcasecmp
PL_strcaserstr
PL_strcasestr
PL_strcat
PL_strcatn
PL_strchr
PL_strcmp
PL_strcpy
PL_strdup
PL_strfree
PL_strlen
PL_strncasecmp
PL_strncaserstr
PL_strncasestr
PL_strncat
PL_strnchr
PL_strncmp
PL_strncpy
PL_strncpyz
PL_strndup
PL_strnlen
PL_strnpbrk
PL_strnprbrk
PL_strnrchr
PL_strnrstr
PL_strnstr
PL_strpbrk
PL_strprbrk
PL_strrchr
PL_strrstr
PL_strstr
libVersionPoint

Sections

.text
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 412B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 920B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/libplds3.dll
.dll windows:4 windows x86 arch:x86

7441d7bb045764dd5f2f3c7172579d6b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

RegisterWindowMessageA
GetClassInfoA
RegisterClassA
PostMessageA
DefWindowProcA
CreateWindowExA

libnspr3

PR_NewNamedMonitor
PR_Calloc
PR_DestroyMonitor
PR_Free
PR_CEnterMonitor
PR_CExitMonitor
PR_CWait
PR_GetMonitorEntryCount
PR_GetCurrentThread
PR_ExitMonitor
PR_LogPrint
PR_CNotify
PR_GetError
PR_Wait
PR_NewMonitor
PR_CallOnce
PR_EnterMonitor
PR_Malloc
PR_CeilingLog2
PR_NewLogModule
PR_Notify

msvcrt

malloc
_adjust_fdiv
free
_initterm

Exports

Exports

PL_ArenaAllocate
PL_ArenaFinish
PL_ArenaGrow
PL_ArenaRelease
PL_CompactArenaPool
PL_CompareStrings
PL_CompareValues
PL_CreateEventQueue
PL_CreateMonitoredEventQueue
PL_CreateNativeEventQueue
PL_DequeueEvent
PL_DestroyEvent
PL_DestroyEventQueue
PL_EventAvailable
PL_EventLoop
PL_FinishArenaPool
PL_FreeArenaPool
PL_GetEvent
PL_GetEventOwner
PL_GetEventQueueMonitor
PL_GetEventQueueSelectFD
PL_HandleEvent
PL_HashString
PL_HashTableAdd
PL_HashTableDestroy
PL_HashTableDump
PL_HashTableEnumerateEntries
PL_HashTableLookup
PL_HashTableRawAdd
PL_HashTableRawLookup
PL_HashTableRawRemove
PL_HashTableRemove
PL_InitArenaPool
PL_InitEvent
PL_IsQueueOnCurrentThread
PL_MapEvents
PL_NewHashTable
PL_PostEvent
PL_PostSynchronousEvent
PL_ProcessPendingEvents
PL_RevokeEvents
PL_WaitForEvent
libVersionPoint

Sections

.text
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 180B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 920B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 298B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/msvcr100.dll
.dll windows:5 windows x86 arch:x86

5271d5ce8b44dd47bc92563e27585466

Code Sign

2e:ab:11:dc:50:ff:5c:9d:cb:c0
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

22/08/2007, 22:31

Not After

25/08/2012, 07:00

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:01:cf:3e:00:00:00:00:00:0f
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07/12/2009, 22:40

Not After

07/03/2011, 22:40

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16/09/2006, 01:04

Not After

15/09/2019, 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:05:a2:30:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

25/07/2008, 19:01

Not After

25/07/2013, 19:11

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:85D3-305C-5BCF,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

42:49:74:54:aa:4d:83:7a:e5:5d:a1:1f:f1:e8:b6:0a:d3:24:a0:ae
Signer

Actual PE Digest

42:49:74:54:aa:4d:83:7a:e5:5d:a1:1f:f1:e8:b6:0a:d3:24:a0:ae

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

msvcr100.i386.pdb

Imports

kernel32

EncodePointer
DecodePointer
RaiseException
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleW
GetProcAddress
ExitProcess
WriteFile
GetStdHandle
GetCurrentThreadId
TlsGetValue
GetCommandLineW
GetCommandLineA
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
ExitThread
CloseHandle
GetLastError
ResumeThread
CreateThread
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
GetCurrentThread
FindNextFileA
FindFirstFileExA
FindClose
FindNextFileW
FindFirstFileExW
GetLogicalDrives
GetDiskFreeSpaceA
FileTimeToSystemTime
FileTimeToLocalFileTime
SetErrorMode
Sleep
Beep
GetFileAttributesA
SetFileAttributesA
SetEnvironmentVariableA
GetCurrentDirectoryA
SetCurrentDirectoryA
GetCurrentDirectoryW
SetCurrentDirectoryW
GetFullPathNameA
GetDriveTypeW
GetCurrentProcessId
CreateDirectoryA
MoveFileA
RemoveDirectoryA
GetDriveTypeA
DeleteFileA
GetFileAttributesW
SetEnvironmentVariableW
SetFileAttributesW
GetFullPathNameW
CreateDirectoryW
MoveFileW
RemoveDirectoryW
DeleteFileW
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
LoadLibraryA
FreeLibrary
CreateProcessW
ReadFile
DuplicateHandle
GetCurrentProcess
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetLocalTime
WideCharToMultiByte
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
SetLocalTime
InterlockedPopEntrySList
InterlockedFlushSList
QueryDepthSList
InterlockedPushEntrySList
CreateTimerQueue
CreateTimerQueueTimer
DeleteTimerQueueTimer
SetEvent
CreateEventW
SwitchToThread
SignalObjectAndWait
TryEnterCriticalSection
GetTickCount
VirtualFree
GetVersionExW
SetThreadPriority
VirtualAlloc
GetSystemInfo
GetProcessAffinityMask
VirtualProtect
SetThreadAffinityMask
InitializeSListHead
ReleaseSemaphore
CreateSemaphoreW
WaitForMultipleObjects
GetThreadPriority
LoadLibraryW
SleepEx
OutputDebugStringW
FreeLibraryAndExitThread
GetModuleHandleA
GetThreadTimes
DebugBreak
MultiByteToWideChar
GetStringTypeW
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetTimeFormatA
GetDateFormatA
GetTimeFormatW
GetDateFormatW
RtlUnwind
HeapAlloc
HeapFree
HeapCreate
HeapDestroy
HeapQueryInformation
HeapReAlloc
HeapSize
HeapValidate
HeapCompact
HeapWalk
VirtualQuery
SetHandleCount
GetFileType
GetStartupInfoW
GetFileInformationByHandle
PeekNamedPipe
CreateFileA
CreateFileW
SetFilePointer
GetConsoleCP
GetConsoleMode
FlushFileBuffers
CreatePipe
SetStdHandle
ReadConsoleInputA
SetConsoleMode
PeekConsoleInputA
GetNumberOfConsoleInputEvents
ReadConsoleInputW
WriteConsoleW
ReadConsoleW
SetEndOfFile
GetProcessHeap
InterlockedExchange
LockFile
UnlockFile
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
SetConsoleCtrlHandler
GetLocaleInfoW
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
LCMapStringW
CompareStringW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsProcessorFeaturePresent

Exports

Exports

$I10_OUTPUT
??0?$_SpinWait@$00@details@Concurrency@@QAE@P6AXXZ@Z
??0?$_SpinWait@$0A@@details@Concurrency@@QAE@P6AXXZ@Z
??0SchedulerPolicy@Concurrency@@QAA@IZZ
??0SchedulerPolicy@Concurrency@@QAE@ABV01@@Z
??0SchedulerPolicy@Concurrency@@QAE@XZ
??0_NonReentrantBlockingLock@details@Concurrency@@QAE@XZ
??0_NonReentrantPPLLock@details@Concurrency@@QAE@XZ
??0_ReaderWriterLock@details@Concurrency@@QAE@XZ
??0_ReentrantBlockingLock@details@Concurrency@@QAE@XZ
??0_ReentrantLock@details@Concurrency@@QAE@XZ
??0_ReentrantPPLLock@details@Concurrency@@QAE@XZ
??0_Scoped_lock@_NonReentrantPPLLock@details@Concurrency@@QAE@AAV123@@Z
??0_Scoped_lock@_ReentrantPPLLock@details@Concurrency@@QAE@AAV123@@Z
??0_SpinLock@details@Concurrency@@QAE@ACJ@Z
??0_TaskCollection@details@Concurrency@@QAE@XZ
??0_Timer@details@Concurrency@@IAE@I_N@Z
??0__non_rtti_object@std@@QAE@ABV01@@Z
??0__non_rtti_object@std@@QAE@PBD@Z
??0bad_cast@std@@AAE@PBQBD@Z
??0bad_cast@std@@QAE@ABV01@@Z
??0bad_cast@std@@QAE@PBD@Z
??0bad_target@Concurrency@@QAE@PBD@Z
??0bad_target@Concurrency@@QAE@XZ
??0bad_typeid@std@@QAE@ABV01@@Z
??0bad_typeid@std@@QAE@PBD@Z
??0context_self_unblock@Concurrency@@QAE@PBD@Z
??0context_self_unblock@Concurrency@@QAE@XZ
??0context_unblock_unbalanced@Concurrency@@QAE@PBD@Z
??0context_unblock_unbalanced@Concurrency@@QAE@XZ
??0critical_section@Concurrency@@QAE@XZ
??0default_scheduler_exists@Concurrency@@QAE@PBD@Z
??0default_scheduler_exists@Concurrency@@QAE@XZ
??0event@Concurrency@@QAE@XZ
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@ABQBDH@Z
??0exception@std@@QAE@ABV01@@Z
??0exception@std@@QAE@XZ
??0improper_lock@Concurrency@@QAE@PBD@Z
??0improper_lock@Concurrency@@QAE@XZ
??0improper_scheduler_attach@Concurrency@@QAE@PBD@Z
??0improper_scheduler_attach@Concurrency@@QAE@XZ
??0improper_scheduler_detach@Concurrency@@QAE@PBD@Z
??0improper_scheduler_detach@Concurrency@@QAE@XZ
??0improper_scheduler_reference@Concurrency@@QAE@PBD@Z
??0improper_scheduler_reference@Concurrency@@QAE@XZ
??0invalid_link_target@Concurrency@@QAE@PBD@Z
??0invalid_link_target@Concurrency@@QAE@XZ
??0invalid_multiple_scheduling@Concurrency@@QAE@PBD@Z
??0invalid_multiple_scheduling@Concurrency@@QAE@XZ
??0invalid_operation@Concurrency@@QAE@PBD@Z
??0invalid_operation@Concurrency@@QAE@XZ
??0invalid_oversubscribe_operation@Concurrency@@QAE@PBD@Z
??0invalid_oversubscribe_operation@Concurrency@@QAE@XZ
??0invalid_scheduler_policy_key@Concurrency@@QAE@PBD@Z
??0invalid_scheduler_policy_key@Concurrency@@QAE@XZ
??0invalid_scheduler_policy_thread_specification@Concurrency@@QAE@PBD@Z
??0invalid_scheduler_policy_thread_specification@Concurrency@@QAE@XZ
??0invalid_scheduler_policy_value@Concurrency@@QAE@PBD@Z
??0invalid_scheduler_policy_value@Concurrency@@QAE@XZ
??0message_not_found@Concurrency@@QAE@PBD@Z
??0message_not_found@Concurrency@@QAE@XZ
??0missing_wait@Concurrency@@QAE@PBD@Z
??0missing_wait@Concurrency@@QAE@XZ
??0nested_scheduler_missing_detach@Concurrency@@QAE@PBD@Z
??0nested_scheduler_missing_detach@Concurrency@@QAE@XZ
??0operation_timed_out@Concurrency@@QAE@PBD@Z
??0operation_timed_out@Concurrency@@QAE@XZ
??0reader_writer_lock@Concurrency@@QAE@XZ
??0scheduler_not_attached@Concurrency@@QAE@PBD@Z
??0scheduler_not_attached@Concurrency@@QAE@XZ
??0scheduler_resource_allocation_error@Concurrency@@QAE@J@Z
??0scheduler_resource_allocation_error@Concurrency@@QAE@PBDJ@Z
??0scoped_lock@critical_section@Concurrency@@QAE@AAV12@@Z
??0scoped_lock@reader_writer_lock@Concurrency@@QAE@AAV12@@Z
??0scoped_lock_read@reader_writer_lock@Concurrency@@QAE@AAV12@@Z
??0task_canceled@details@Concurrency@@QAE@PBD@Z
??0task_canceled@details@Concurrency@@QAE@XZ
??0unsupported_os@Concurrency@@QAE@PBD@Z
??0unsupported_os@Concurrency@@QAE@XZ
??1SchedulerPolicy@Concurrency@@QAE@XZ
??1_NonReentrantBlockingLock@details@Concurrency@@QAE@XZ
??1_ReentrantBlockingLock@details@Concurrency@@QAE@XZ
??1_Scoped_lock@_NonReentrantPPLLock@details@Concurrency@@QAE@XZ
??1_Scoped_lock@_ReentrantPPLLock@details@Concurrency@@QAE@XZ
??1_SpinLock@details@Concurrency@@QAE@XZ
??1_TaskCollection@details@Concurrency@@QAE@XZ
??1_Timer@details@Concurrency@@IAE@XZ
??1__non_rtti_object@std@@UAE@XZ
??1bad_cast@std@@UAE@XZ
??1bad_typeid@std@@UAE@XZ
??1critical_section@Concurrency@@QAE@XZ
??1event@Concurrency@@QAE@XZ
??1exception@std@@UAE@XZ
??1reader_writer_lock@Concurrency@@QAE@XZ
??1scoped_lock@critical_section@Concurrency@@QAE@XZ
??1scoped_lock@reader_writer_lock@Concurrency@@QAE@XZ
??1scoped_lock_read@reader_writer_lock@Concurrency@@QAE@XZ
??1type_info@@UAE@XZ
??2@YAPAXI@Z
??2@YAPAXIHPBDH@Z
??3@YAXPAX@Z
??4?$_SpinWait@$00@details@Concurrency@@QAEAAV012@ABV012@@Z
??4?$_SpinWait@$0A@@details@Concurrency@@QAEAAV012@ABV012@@Z
??4SchedulerPolicy@Concurrency@@QAEAAV01@ABV01@@Z
??4__non_rtti_object@std@@QAEAAV01@ABV01@@Z
??4bad_cast@std@@QAEAAV01@ABV01@@Z
??4bad_typeid@std@@QAEAAV01@ABV01@@Z
??4exception@std@@QAEAAV01@ABV01@@Z
??8type_info@@QBE_NABV0@@Z
??9type_info@@QBE_NABV0@@Z
??_7__non_rtti_object@std@@6B@
??_7bad_cast@std@@6B@
??_7bad_typeid@std@@6B@
??_7exception@@6B@
??_7exception@std@@6B@
??_F?$_SpinWait@$00@details@Concurrency@@QAEXXZ
??_F?$_SpinWait@$0A@@details@Concurrency@@QAEXXZ
??_Fbad_cast@std@@QAEXXZ
??_Fbad_typeid@std@@QAEXXZ
??_U@YAPAXI@Z
??_U@YAPAXIHPBDH@Z
??_V@YAXPAX@Z
?Alloc@Concurrency@@YAPAXI@Z
?Block@Context@Concurrency@@SAXXZ
?Create@CurrentScheduler@Concurrency@@SAXABVSchedulerPolicy@2@@Z
?Create@Scheduler@Concurrency@@SAPAV12@ABVSchedulerPolicy@2@@Z
?CreateResourceManager@Concurrency@@YAPAUIResourceManager@1@XZ
?CreateScheduleGroup@CurrentScheduler@Concurrency@@SAPAVScheduleGroup@2@XZ
?CurrentContext@Context@Concurrency@@SAPAV12@XZ
?Detach@CurrentScheduler@Concurrency@@SAXXZ
?DisableTracing@Concurrency@@YAJXZ
?EnableTracing@Concurrency@@YAJXZ
?Free@Concurrency@@YAXPAX@Z
?Get@CurrentScheduler@Concurrency@@SAPAVScheduler@2@XZ
?GetExecutionContextId@Concurrency@@YAIXZ
?GetNumberOfVirtualProcessors@CurrentScheduler@Concurrency@@SAIXZ
?GetOSVersion@Concurrency@@YA?AW4OSVersion@IResourceManager@1@XZ
?GetPolicy@CurrentScheduler@Concurrency@@SA?AVSchedulerPolicy@2@XZ
?GetPolicyValue@SchedulerPolicy@Concurrency@@QBEIW4PolicyElementKey@2@@Z
?GetProcessorCount@Concurrency@@YAIXZ
?GetProcessorNodeCount@Concurrency@@YAIXZ
?GetSchedulerId@Concurrency@@YAIXZ
?GetSharedTimerQueue@details@Concurrency@@YAPAXXZ
?Id@Context@Concurrency@@SAIXZ
?Id@CurrentScheduler@Concurrency@@SAIXZ
?IsCurrentTaskCollectionCanceling@Context@Concurrency@@SA_NXZ
?Log2@details@Concurrency@@YAKI@Z
?Oversubscribe@Context@Concurrency@@SAX_N@Z
?RegisterShutdownEvent@CurrentScheduler@Concurrency@@SAXPAX@Z
?ResetDefaultSchedulerPolicy@Scheduler@Concurrency@@SAXXZ
?ScheduleGroupId@Context@Concurrency@@SAIXZ
?ScheduleTask@CurrentScheduler@Concurrency@@SAXP6AXPAX@Z0@Z
?SetConcurrencyLimits@SchedulerPolicy@Concurrency@@QAEXII@Z
?SetDefaultSchedulerPolicy@Scheduler@Concurrency@@SAXABVSchedulerPolicy@2@@Z
?SetPolicyValue@SchedulerPolicy@Concurrency@@QAEIW4PolicyElementKey@2@I@Z
?VirtualProcessorId@Context@Concurrency@@SAIXZ
?Yield@Context@Concurrency@@SAXXZ
?_Abort@_StructuredTaskCollection@details@Concurrency@@AAEXXZ
?_Acquire@_NonReentrantBlockingLock@details@Concurrency@@QAEXXZ
?_Acquire@_NonReentrantPPLLock@details@Concurrency@@QAEXPAX@Z
?_Acquire@_ReentrantBlockingLock@details@Concurrency@@QAEXXZ
?_Acquire@_ReentrantLock@details@Concurrency@@QAEXXZ
?_Acquire@_ReentrantPPLLock@details@Concurrency@@QAEXPAX@Z
?_AcquireRead@_ReaderWriterLock@details@Concurrency@@QAEXXZ
?_AcquireWrite@_ReaderWriterLock@details@Concurrency@@QAEXXZ
?_Cancel@_StructuredTaskCollection@details@Concurrency@@QAEXXZ
?_Cancel@_TaskCollection@details@Concurrency@@QAEXXZ
?_CheckTaskCollection@_UnrealizedChore@details@Concurrency@@IAEXXZ
?_ConcRT_Assert@details@Concurrency@@YAXPBD0H@Z
?_ConcRT_CoreAssert@details@Concurrency@@YAXPBD0H@Z
?_ConcRT_DumpMessage@details@Concurrency@@YAXPB_WZZ
?_ConcRT_Trace@details@Concurrency@@YAXHPB_WZZ
?_Copy_str@exception@std@@AAEXPBD@Z
?_DoYield@?$_SpinWait@$00@details@Concurrency@@IAEXXZ
?_DoYield@?$_SpinWait@$0A@@details@Concurrency@@IAEXXZ
?_IsCanceling@_StructuredTaskCollection@details@Concurrency@@QAE_NXZ
?_IsCanceling@_TaskCollection@details@Concurrency@@QAE_NXZ
?_Name_base@type_info@@CAPBDPBV1@PAU__type_info_node@@@Z
?_Name_base_internal@type_info@@CAPBDPBV1@PAU__type_info_node@@@Z
?_NumberOfSpins@?$_SpinWait@$00@details@Concurrency@@IAEKXZ
?_NumberOfSpins@?$_SpinWait@$0A@@details@Concurrency@@IAEKXZ
?_Release@_NonReentrantBlockingLock@details@Concurrency@@QAEXXZ
?_Release@_NonReentrantPPLLock@details@Concurrency@@QAEXXZ
?_Release@_ReentrantBlockingLock@details@Concurrency@@QAEXXZ
?_Release@_ReentrantLock@details@Concurrency@@QAEXXZ
?_Release@_ReentrantPPLLock@details@Concurrency@@QAEXXZ
?_ReleaseRead@_ReaderWriterLock@details@Concurrency@@QAEXXZ
?_ReleaseWrite@_ReaderWriterLock@details@Concurrency@@QAEXXZ
?_Reset@?$_SpinWait@$00@details@Concurrency@@IAEXXZ
?_Reset@?$_SpinWait@$0A@@details@Concurrency@@IAEXXZ
?_RunAndWait@_StructuredTaskCollection@details@Concurrency@@QAG?AW4_TaskCollectionStatus@23@PAV_UnrealizedChore@23@@Z
?_RunAndWait@_TaskCollection@details@Concurrency@@QAG?AW4_TaskCollectionStatus@23@PAV_UnrealizedChore@23@@Z
?_Schedule@_StructuredTaskCollection@details@Concurrency@@QAEXPAV_UnrealizedChore@23@@Z
?_Schedule@_TaskCollection@details@Concurrency@@QAEXPAV_UnrealizedChore@23@@Z
?_SetSpinCount@?$_SpinWait@$00@details@Concurrency@@QAEXI@Z
?_SetSpinCount@?$_SpinWait@$0A@@details@Concurrency@@QAEXI@Z
?_ShouldSpinAgain@?$_SpinWait@$00@details@Concurrency@@IAE_NXZ
?_ShouldSpinAgain@?$_SpinWait@$0A@@details@Concurrency@@IAE_NXZ
?_SpinOnce@?$_SpinWait@$00@details@Concurrency@@QAE_NXZ
?_SpinOnce@?$_SpinWait@$0A@@details@Concurrency@@QAE_NXZ
?_SpinYield@Context@Concurrency@@SAXXZ
?_Start@_Timer@details@Concurrency@@IAEXXZ
?_Stop@_Timer@details@Concurrency@@IAEXXZ
?_Tidy@exception@std@@AAEXXZ
?_Trace_ppl_function@Concurrency@@YAXABU_GUID@@EW4ConcRT_EventType@1@@Z
?_TryAcquire@_NonReentrantBlockingLock@details@Concurrency@@QAE_NXZ
?_TryAcquire@_ReentrantBlockingLock@details@Concurrency@@QAE_NXZ
?_TryAcquire@_ReentrantLock@details@Concurrency@@QAE_NXZ
?_TryAcquireWrite@_ReaderWriterLock@details@Concurrency@@QAE_NXZ
?_Type_info_dtor@type_info@@CAXPAV1@@Z
?_Type_info_dtor_internal@type_info@@CAXPAV1@@Z
?_UnderlyingYield@details@Concurrency@@YAXXZ
?_ValidateExecute@@YAHP6GHXZ@Z
?_ValidateRead@@YAHPBXI@Z
?_ValidateWrite@@YAHPAXI@Z
?_Value@_SpinCount@details@Concurrency@@SAIXZ
?__ExceptionPtrAssign@@YAXPAXPBX@Z
?__ExceptionPtrCompare@@YA_NPBX0@Z
?__ExceptionPtrCopy@@YAXPAXPBX@Z
?__ExceptionPtrCopyException@@YAXPAXPBX1@Z
?__ExceptionPtrCreate@@YAXPAX@Z
?__ExceptionPtrCurrentException@@YAXPAX@Z
?__ExceptionPtrDestroy@@YAXPAX@Z
?__ExceptionPtrRethrow@@YAXPBX@Z
?_inconsistency@@YAXXZ
?_invalid_parameter@@YAXPBG00II@Z
?_is_exception_typeof@@YAHABVtype_info@@PAU_EXCEPTION_POINTERS@@@Z
?_name_internal_method@type_info@@QBEPBDPAU__type_info_node@@@Z
?_open@@YAHPBDHH@Z
?_query_new_handler@@YAP6AHI@ZXZ
?_query_new_mode@@YAHXZ
?_set_new_handler@@YAP6AHI@ZH@Z
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
?_set_new_mode@@YAHH@Z
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZH@Z
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
?_sopen@@YAHPBDHHH@Z
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?_wopen@@YAHPB_WHH@Z
?_wsopen@@YAHPB_WHHH@Z
?before@type_info@@QBEHABV1@@Z
?get_error_code@scheduler_resource_allocation_error@Concurrency@@QBEJXZ
?lock@critical_section@Concurrency@@QAEXXZ
?lock@reader_writer_lock@Concurrency@@QAEXXZ
?lock_read@reader_writer_lock@Concurrency@@QAEXXZ
?name@type_info@@QBEPBDPAU__type_info_node@@@Z
?native_handle@critical_section@Concurrency@@QAEAAV12@XZ
?raw_name@type_info@@QBEPBDXZ
?reset@event@Concurrency@@QAEXXZ
?set@event@Concurrency@@QAEXXZ
?set_new_handler@@YAP6AXXZP6AXXZ@Z
?set_terminate@@YAP6AXXZH@Z
?set_terminate@@YAP6AXXZP6AXXZ@Z
?set_unexpected@@YAP6AXXZH@Z
?set_unexpected@@YAP6AXXZP6AXXZ@Z
?swprintf@@YAHPAGIPBGZZ
?swprintf@@YAHPA_WIPB_WZZ
?terminate@@YAXXZ
?try_lock@critical_section@Concurrency@@QAE_NXZ
?try_lock@reader_writer_lock@Concurrency@@QAE_NXZ
?try_lock_read@reader_writer_lock@Concurrency@@QAE_NXZ
?unexpected@@YAXXZ
?unlock@critical_section@Concurrency@@QAEXXZ
?unlock@reader_writer_lock@Concurrency@@QAEXXZ
?vswprintf@@YAHPA_WIPB_WPAD@Z
?wait@Concurrency@@YAXI@Z
?wait@event@Concurrency@@QAEII@Z
?wait_for_multiple@event@Concurrency@@SAIPAPAV12@I_NI@Z
?what@exception@std@@UBEPBDXZ
_CIacos
_CIasin
_CIatan
_CIatan2
_CIcos
_CIcosh
_CIexp
_CIfmod
_CIlog
_CIlog10
_CIpow
_CIsin
_CIsinh
_CIsqrt
_CItan
_CItanh
_CRT_RTC_INIT
_CRT_RTC_INITW
_CreateFrameInfo
_CxxThrowException
_EH_prolog
_FindAndUnlinkFrame
_Getdays
_Getmonths
_Gettnames
_HUGE
_IsExceptionObjectToBeDestroyed
_NLG_Dispatch2
_NLG_Return
_NLG_Return2
_Strftime
_XcptFilter
__AdjustPointer
__BuildCatchObject
__BuildCatchObjectHelper
__CppXcptFilter
__CxxCallUnwindDelDtor
__CxxCallUnwindDtor
__CxxCallUnwindStdDelDtor
__CxxCallUnwindVecDtor
__CxxDetectRethrow
__CxxExceptionFilter
__CxxFrameHandler
__CxxFrameHandler2
__CxxFrameHandler3
__CxxLongjmpUnwind
__CxxQueryExceptionSize
__CxxRegisterExceptionObject
__CxxUnregisterExceptionObject
__DestructExceptionObject
__FrameUnwindFilter
__RTCastToVoid
__RTDynamicCast
__RTtypeid
__STRINGTOLD
__STRINGTOLD_L
__TypeMatch
___fls_getvalue@4
___fls_setvalue@8
___lc_codepage_func
___lc_collate_cp_func
___lc_handle_func
___mb_cur_max_func
___mb_cur_max_l_func
___setlc_active_func
___unguarded_readlc_active_add_func
__argc
__argv
__badioinfo
__clean_type_info_names_internal
__control87_2
__create_locale
__crtCompareStringA
__crtCompareStringW
__crtLCMapStringA
__crtLCMapStringW
__daylight
__dllonexit
__doserrno
__dstbias
__fpecode
__free_locale
__get_current_locale
__get_flsindex
__get_tlsindex
__getmainargs
__initenv
__iob_func
__isascii
__iscsym
__iscsymf
__iswcsym
__iswcsymf
__lconv
__lconv_init
__libm_sse2_acos
__libm_sse2_acosf
__libm_sse2_asin
__libm_sse2_asinf
__libm_sse2_atan
__libm_sse2_atan2
__libm_sse2_atanf
__libm_sse2_cos
__libm_sse2_cosf
__libm_sse2_exp
__libm_sse2_expf
__libm_sse2_log
__libm_sse2_log10
__libm_sse2_log10f
__libm_sse2_logf
__libm_sse2_pow
__libm_sse2_powf
__libm_sse2_sin
__libm_sse2_sinf
__libm_sse2_tan
__libm_sse2_tanf
__mb_cur_max
__p___argc
__p___argv
__p___initenv
__p___mb_cur_max
__p___wargv
__p___winitenv
__p__acmdln
__p__commode
__p__daylight
__p__dstbias
__p__environ
__p__fmode
__p__iob
__p__mbcasemap
__p__mbctype
__p__pctype
__p__pgmptr
__p__pwctype
__p__timezone
__p__tzname
__p__wcmdln
__p__wenviron
__p__wpgmptr
__pctype_func
__pioinfo
__pwctype_func
__pxcptinfoptrs
__report_gsfailure
__set_app_type
__set_flsgetvalue
__setlc_active
__setusermatherr
__strncnt
__swprintf_l
__sys_errlist
__sys_nerr
__threadhandle
__threadid
__timezone
__toascii
__tzname
__unDName
__unDNameEx
__unDNameHelper
__uncaught_exception
__unguarded_readlc_active
__vswprintf_l
__wargv
__wcserror
__wcserror_s
__wcsncnt
__wgetmainargs
__winitenv
_abnormal_termination
_abs64
_access
_access_s
_acmdln
_aligned_free
_aligned_malloc
_aligned_msize
_aligned_offset_malloc
_aligned_offset_realloc
_aligned_offset_recalloc
_aligned_realloc
_aligned_recalloc
_amsg_exit
_assert
_atodbl
_atodbl_l
_atof_l
_atoflt
_atoflt_l
_atoi64
_atoi64_l
_atoi_l
_atol_l
_atoldbl
_atoldbl_l
_beep
_beginthread
_beginthreadex
_byteswap_uint64
_byteswap_ulong
_byteswap_ushort
_c_exit
_cabs
_callnewh
_calloc_crt
_cexit
_cgets
_cgets_s
_cgetws
_cgetws_s
_chdir
_chdrive
_chgsign
_chkesp
_chmod
_chsize
_chsize_s
_clearfp
_close
_commit
_commode
_configthreadlocale
_control87
_controlfp
_controlfp_s
_copysign
_cprintf
_cprintf_l
_cprintf_p

Sections

.text
Size: 705KB - Virtual size: 705KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/msvcr100d.dll
.dll windows:5 windows x86 arch:x86

0dc7b0e0b0a7b26ca080f7c56e8c0b34

Code Sign

2e:ab:11:dc:50:ff:5c:9d:cb:c0
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

22/08/2007, 22:31

Not After

25/08/2012, 07:00

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:01:cf:3e:00:00:00:00:00:0f
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07/12/2009, 22:40

Not After

07/03/2011, 22:40

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16/09/2006, 01:04

Not After

15/09/2019, 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:05:a2:30:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

25/07/2008, 19:01

Not After

25/07/2013, 19:11

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:85D3-305C-5BCF,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

33:f2:82:a0:bd:59:45:d7:87:18:ae:eb:e4:51:cb:22:3b:b9:e5:81
Signer

Actual PE Digest

33:f2:82:a0:bd:59:45:d7:87:18:ae:eb:e4:51:cb:22:3b:b9:e5:81

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

msvcr100d.i386.pdb

Imports

kernel32

EncodePointer
DecodePointer
RaiseException
GetModuleFileNameA
GetModuleFileNameW
InterlockedIncrement
InterlockedDecrement
GetModuleHandleW
GetProcAddress
ExitProcess
WriteFile
GetStdHandle
GetCurrentThreadId
TlsGetValue
GetCommandLineW
GetCommandLineA
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ResumeThread
GetLastError
CreateThread
ExitThread
CloseHandle
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThread
FindNextFileA
FindFirstFileExA
FindClose
FindNextFileW
FindFirstFileExW
GetLogicalDrives
GetDiskFreeSpaceA
FileTimeToSystemTime
FileTimeToLocalFileTime
SetErrorMode
Sleep
Beep
GetFileAttributesA
SetFileAttributesA
SetEnvironmentVariableA
GetCurrentDirectoryA
SetCurrentDirectoryA
GetCurrentDirectoryW
SetCurrentDirectoryW
GetFullPathNameA
GetDriveTypeW
GetCurrentProcessId
CreateDirectoryA
MoveFileA
RemoveDirectoryA
GetDriveTypeA
DeleteFileA
GetFileAttributesW
SetEnvironmentVariableW
SetFileAttributesW
GetFullPathNameW
CreateDirectoryW
MoveFileW
RemoveDirectoryW
DeleteFileW
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
LoadLibraryA
FreeLibrary
CreateProcessW
ReadFile
DuplicateHandle
GetCurrentProcess
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetLocalTime
WideCharToMultiByte
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
SetLocalTime
InterlockedPopEntrySList
InterlockedFlushSList
InterlockedPushEntrySList
QueryDepthSList
CreateTimerQueue
CreateTimerQueueTimer
DeleteTimerQueueTimer
CreateEventW
SetEvent
SwitchToThread
SignalObjectAndWait
TryEnterCriticalSection
GetProcessAffinityMask
SetThreadAffinityMask
VirtualAlloc
SetThreadPriority
GetVersionExW
GetSystemInfo
GetTickCount
VirtualProtect
VirtualFree
InitializeSListHead
CreateSemaphoreW
WaitForMultipleObjects
ReleaseSemaphore
GetThreadPriority
LoadLibraryW
SleepEx
OutputDebugStringW
DebugBreak
GetModuleHandleA
FreeLibraryAndExitThread
GetThreadTimes
MultiByteToWideChar
GetStringTypeW
GetACP
GetOEMCP
GetCPInfo
IsValidCodePage
GetTimeFormatA
GetDateFormatA
GetTimeFormatW
GetDateFormatW
RtlUnwind
HeapCreate
HeapDestroy
HeapFree
HeapValidate
HeapCompact
HeapWalk
HeapAlloc
VirtualQuery
SetHandleCount
GetFileType
GetStartupInfoW
GetFileInformationByHandle
PeekNamedPipe
CreateFileA
CreateFileW
SetFilePointer
GetConsoleCP
GetConsoleMode
FlushFileBuffers
CreatePipe
SetStdHandle
ReadConsoleInputA
SetConsoleMode
PeekConsoleInputA
GetNumberOfConsoleInputEvents
ReadConsoleInputW
WriteConsoleW
ReadConsoleW
SetEndOfFile
GetProcessHeap
InterlockedExchange
LockFile
UnlockFile
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
IsBadReadPtr
SetConsoleCtrlHandler
GetLocaleInfoW
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
OutputDebugStringA
LCMapStringW
CompareStringW
GetLocaleInfoA
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
IsProcessorFeaturePresent
HeapReAlloc
HeapSize
HeapQueryInformation

Exports

Exports

$I10_OUTPUT
??0?$_SpinWait@$00@details@Concurrency@@QAE@P6AXXZ@Z
??0?$_SpinWait@$0A@@details@Concurrency@@QAE@P6AXXZ@Z
??0SchedulerPolicy@Concurrency@@QAA@IZZ
??0SchedulerPolicy@Concurrency@@QAE@ABV01@@Z
??0SchedulerPolicy@Concurrency@@QAE@XZ
??0_NonReentrantBlockingLock@details@Concurrency@@QAE@XZ
??0_NonReentrantPPLLock@details@Concurrency@@QAE@XZ
??0_ReaderWriterLock@details@Concurrency@@QAE@XZ
??0_ReentrantBlockingLock@details@Concurrency@@QAE@XZ
??0_ReentrantLock@details@Concurrency@@QAE@XZ
??0_ReentrantPPLLock@details@Concurrency@@QAE@XZ
??0_Scoped_lock@_NonReentrantPPLLock@details@Concurrency@@QAE@AAV123@@Z
??0_Scoped_lock@_ReentrantPPLLock@details@Concurrency@@QAE@AAV123@@Z
??0_SpinLock@details@Concurrency@@QAE@ACJ@Z
??0_TaskCollection@details@Concurrency@@QAE@XZ
??0_Timer@details@Concurrency@@IAE@I_N@Z
??0__non_rtti_object@std@@QAE@ABV01@@Z
??0__non_rtti_object@std@@QAE@PBD@Z
??0bad_cast@std@@AAE@PBQBD@Z
??0bad_cast@std@@QAE@ABV01@@Z
??0bad_cast@std@@QAE@PBD@Z
??0bad_target@Concurrency@@QAE@PBD@Z
??0bad_target@Concurrency@@QAE@XZ
??0bad_typeid@std@@QAE@ABV01@@Z
??0bad_typeid@std@@QAE@PBD@Z
??0context_self_unblock@Concurrency@@QAE@PBD@Z
??0context_self_unblock@Concurrency@@QAE@XZ
??0context_unblock_unbalanced@Concurrency@@QAE@PBD@Z
??0context_unblock_unbalanced@Concurrency@@QAE@XZ
??0critical_section@Concurrency@@QAE@XZ
??0default_scheduler_exists@Concurrency@@QAE@PBD@Z
??0default_scheduler_exists@Concurrency@@QAE@XZ
??0event@Concurrency@@QAE@XZ
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@ABQBDH@Z
??0exception@std@@QAE@ABV01@@Z
??0exception@std@@QAE@XZ
??0improper_lock@Concurrency@@QAE@PBD@Z
??0improper_lock@Concurrency@@QAE@XZ
??0improper_scheduler_attach@Concurrency@@QAE@PBD@Z
??0improper_scheduler_attach@Concurrency@@QAE@XZ
??0improper_scheduler_detach@Concurrency@@QAE@PBD@Z
??0improper_scheduler_detach@Concurrency@@QAE@XZ
??0improper_scheduler_reference@Concurrency@@QAE@PBD@Z
??0improper_scheduler_reference@Concurrency@@QAE@XZ
??0invalid_link_target@Concurrency@@QAE@PBD@Z
??0invalid_link_target@Concurrency@@QAE@XZ
??0invalid_multiple_scheduling@Concurrency@@QAE@PBD@Z
??0invalid_multiple_scheduling@Concurrency@@QAE@XZ
??0invalid_operation@Concurrency@@QAE@PBD@Z
??0invalid_operation@Concurrency@@QAE@XZ
??0invalid_oversubscribe_operation@Concurrency@@QAE@PBD@Z
??0invalid_oversubscribe_operation@Concurrency@@QAE@XZ
??0invalid_scheduler_policy_key@Concurrency@@QAE@PBD@Z
??0invalid_scheduler_policy_key@Concurrency@@QAE@XZ
??0invalid_scheduler_policy_thread_specification@Concurrency@@QAE@PBD@Z
??0invalid_scheduler_policy_thread_specification@Concurrency@@QAE@XZ
??0invalid_scheduler_policy_value@Concurrency@@QAE@PBD@Z
??0invalid_scheduler_policy_value@Concurrency@@QAE@XZ
??0message_not_found@Concurrency@@QAE@PBD@Z
??0message_not_found@Concurrency@@QAE@XZ
??0missing_wait@Concurrency@@QAE@PBD@Z
??0missing_wait@Concurrency@@QAE@XZ
??0nested_scheduler_missing_detach@Concurrency@@QAE@PBD@Z
??0nested_scheduler_missing_detach@Concurrency@@QAE@XZ
??0operation_timed_out@Concurrency@@QAE@PBD@Z
??0operation_timed_out@Concurrency@@QAE@XZ
??0reader_writer_lock@Concurrency@@QAE@XZ
??0scheduler_not_attached@Concurrency@@QAE@PBD@Z
??0scheduler_not_attached@Concurrency@@QAE@XZ
??0scheduler_resource_allocation_error@Concurrency@@QAE@J@Z
??0scheduler_resource_allocation_error@Concurrency@@QAE@PBDJ@Z
??0scoped_lock@critical_section@Concurrency@@QAE@AAV12@@Z
??0scoped_lock@reader_writer_lock@Concurrency@@QAE@AAV12@@Z
??0scoped_lock_read@reader_writer_lock@Concurrency@@QAE@AAV12@@Z
??0task_canceled@details@Concurrency@@QAE@PBD@Z
??0task_canceled@details@Concurrency@@QAE@XZ
??0unsupported_os@Concurrency@@QAE@PBD@Z
??0unsupported_os@Concurrency@@QAE@XZ
??1SchedulerPolicy@Concurrency@@QAE@XZ
??1_NonReentrantBlockingLock@details@Concurrency@@QAE@XZ
??1_ReentrantBlockingLock@details@Concurrency@@QAE@XZ
??1_Scoped_lock@_NonReentrantPPLLock@details@Concurrency@@QAE@XZ
??1_Scoped_lock@_ReentrantPPLLock@details@Concurrency@@QAE@XZ
??1_SpinLock@details@Concurrency@@QAE@XZ
??1_TaskCollection@details@Concurrency@@QAE@XZ
??1_Timer@details@Concurrency@@IAE@XZ
??1__non_rtti_object@std@@UAE@XZ
??1bad_cast@std@@UAE@XZ
??1bad_typeid@std@@UAE@XZ
??1critical_section@Concurrency@@QAE@XZ
??1event@Concurrency@@QAE@XZ
??1exception@std@@UAE@XZ
??1reader_writer_lock@Concurrency@@QAE@XZ
??1scoped_lock@critical_section@Concurrency@@QAE@XZ
??1scoped_lock@reader_writer_lock@Concurrency@@QAE@XZ
??1scoped_lock_read@reader_writer_lock@Concurrency@@QAE@XZ
??1type_info@@UAE@XZ
??2@YAPAXI@Z
??2@YAPAXIHPBDH@Z
??3@YAXPAX@Z
??4?$_SpinWait@$00@details@Concurrency@@QAEAAV012@ABV012@@Z
??4?$_SpinWait@$0A@@details@Concurrency@@QAEAAV012@ABV012@@Z
??4SchedulerPolicy@Concurrency@@QAEAAV01@ABV01@@Z
??4__non_rtti_object@std@@QAEAAV01@ABV01@@Z
??4bad_cast@std@@QAEAAV01@ABV01@@Z
??4bad_typeid@std@@QAEAAV01@ABV01@@Z
??4exception@std@@QAEAAV01@ABV01@@Z
??8type_info@@QBE_NABV0@@Z
??9type_info@@QBE_NABV0@@Z
??_7__non_rtti_object@std@@6B@
??_7bad_cast@std@@6B@
??_7bad_typeid@std@@6B@
??_7exception@@6B@
??_7exception@std@@6B@
??_F?$_SpinWait@$00@details@Concurrency@@QAEXXZ
??_F?$_SpinWait@$0A@@details@Concurrency@@QAEXXZ
??_Fbad_cast@std@@QAEXXZ
??_Fbad_typeid@std@@QAEXXZ
??_U@YAPAXI@Z
??_U@YAPAXIHPBDH@Z
??_V@YAXPAX@Z
?Alloc@Concurrency@@YAPAXI@Z
?Block@Context@Concurrency@@SAXXZ
?Create@CurrentScheduler@Concurrency@@SAXABVSchedulerPolicy@2@@Z
?Create@Scheduler@Concurrency@@SAPAV12@ABVSchedulerPolicy@2@@Z
?CreateResourceManager@Concurrency@@YAPAUIResourceManager@1@XZ
?CreateScheduleGroup@CurrentScheduler@Concurrency@@SAPAVScheduleGroup@2@XZ
?CurrentContext@Context@Concurrency@@SAPAV12@XZ
?Detach@CurrentScheduler@Concurrency@@SAXXZ
?DisableTracing@Concurrency@@YAJXZ
?EnableTracing@Concurrency@@YAJXZ
?Free@Concurrency@@YAXPAX@Z
?Get@CurrentScheduler@Concurrency@@SAPAVScheduler@2@XZ
?GetExecutionContextId@Concurrency@@YAIXZ
?GetNumberOfVirtualProcessors@CurrentScheduler@Concurrency@@SAIXZ
?GetOSVersion@Concurrency@@YA?AW4OSVersion@IResourceManager@1@XZ
?GetPolicy@CurrentScheduler@Concurrency@@SA?AVSchedulerPolicy@2@XZ
?GetPolicyValue@SchedulerPolicy@Concurrency@@QBEIW4PolicyElementKey@2@@Z
?GetProcessorCount@Concurrency@@YAIXZ
?GetProcessorNodeCount@Concurrency@@YAIXZ
?GetSchedulerId@Concurrency@@YAIXZ
?GetSharedTimerQueue@details@Concurrency@@YAPAXXZ
?Id@Context@Concurrency@@SAIXZ
?Id@CurrentScheduler@Concurrency@@SAIXZ
?IsCurrentTaskCollectionCanceling@Context@Concurrency@@SA_NXZ
?Log2@details@Concurrency@@YAKI@Z
?Oversubscribe@Context@Concurrency@@SAX_N@Z
?RegisterShutdownEvent@CurrentScheduler@Concurrency@@SAXPAX@Z
?ResetDefaultSchedulerPolicy@Scheduler@Concurrency@@SAXXZ
?ScheduleGroupId@Context@Concurrency@@SAIXZ
?ScheduleTask@CurrentScheduler@Concurrency@@SAXP6AXPAX@Z0@Z
?SetConcurrencyLimits@SchedulerPolicy@Concurrency@@QAEXII@Z
?SetDefaultSchedulerPolicy@Scheduler@Concurrency@@SAXABVSchedulerPolicy@2@@Z
?SetPolicyValue@SchedulerPolicy@Concurrency@@QAEIW4PolicyElementKey@2@I@Z
?VirtualProcessorId@Context@Concurrency@@SAIXZ
?Yield@Context@Concurrency@@SAXXZ
?_Abort@_StructuredTaskCollection@details@Concurrency@@AAEXXZ
?_Acquire@_NonReentrantBlockingLock@details@Concurrency@@QAEXXZ
?_Acquire@_NonReentrantPPLLock@details@Concurrency@@QAEXPAX@Z
?_Acquire@_ReentrantBlockingLock@details@Concurrency@@QAEXXZ
?_Acquire@_ReentrantLock@details@Concurrency@@QAEXXZ
?_Acquire@_ReentrantPPLLock@details@Concurrency@@QAEXPAX@Z
?_AcquireRead@_ReaderWriterLock@details@Concurrency@@QAEXXZ
?_AcquireWrite@_ReaderWriterLock@details@Concurrency@@QAEXXZ
?_Cancel@_StructuredTaskCollection@details@Concurrency@@QAEXXZ
?_Cancel@_TaskCollection@details@Concurrency@@QAEXXZ
?_CheckTaskCollection@_UnrealizedChore@details@Concurrency@@IAEXXZ
?_ConcRT_Assert@details@Concurrency@@YAXPBD0H@Z
?_ConcRT_CoreAssert@details@Concurrency@@YAXPBD0H@Z
?_ConcRT_DumpMessage@details@Concurrency@@YAXPB_WZZ
?_ConcRT_Trace@details@Concurrency@@YAXHPB_WZZ
?_Copy_str@exception@std@@AAEXPBD@Z
?_CrtDbgReportW@@YAHHPBGH00ZZ
?_DoYield@?$_SpinWait@$00@details@Concurrency@@IAEXXZ
?_DoYield@?$_SpinWait@$0A@@details@Concurrency@@IAEXXZ
?_IsCanceling@_StructuredTaskCollection@details@Concurrency@@QAE_NXZ
?_IsCanceling@_TaskCollection@details@Concurrency@@QAE_NXZ
?_Name_base@type_info@@CAPBDPBV1@PAU__type_info_node@@@Z
?_Name_base_internal@type_info@@CAPBDPBV1@PAU__type_info_node@@@Z
?_NumberOfSpins@?$_SpinWait@$00@details@Concurrency@@IAEKXZ
?_NumberOfSpins@?$_SpinWait@$0A@@details@Concurrency@@IAEKXZ
?_Release@_NonReentrantBlockingLock@details@Concurrency@@QAEXXZ
?_Release@_NonReentrantPPLLock@details@Concurrency@@QAEXXZ
?_Release@_ReentrantBlockingLock@details@Concurrency@@QAEXXZ
?_Release@_ReentrantLock@details@Concurrency@@QAEXXZ
?_Release@_ReentrantPPLLock@details@Concurrency@@QAEXXZ
?_ReleaseRead@_ReaderWriterLock@details@Concurrency@@QAEXXZ
?_ReleaseWrite@_ReaderWriterLock@details@Concurrency@@QAEXXZ
?_Reset@?$_SpinWait@$00@details@Concurrency@@IAEXXZ
?_Reset@?$_SpinWait@$0A@@details@Concurrency@@IAEXXZ
?_RunAndWait@_StructuredTaskCollection@details@Concurrency@@QAG?AW4_TaskCollectionStatus@23@PAV_UnrealizedChore@23@@Z
?_RunAndWait@_TaskCollection@details@Concurrency@@QAG?AW4_TaskCollectionStatus@23@PAV_UnrealizedChore@23@@Z
?_Schedule@_StructuredTaskCollection@details@Concurrency@@QAEXPAV_UnrealizedChore@23@@Z
?_Schedule@_TaskCollection@details@Concurrency@@QAEXPAV_UnrealizedChore@23@@Z
?_SetSpinCount@?$_SpinWait@$00@details@Concurrency@@QAEXI@Z
?_SetSpinCount@?$_SpinWait@$0A@@details@Concurrency@@QAEXI@Z
?_ShouldSpinAgain@?$_SpinWait@$00@details@Concurrency@@IAE_NXZ
?_ShouldSpinAgain@?$_SpinWait@$0A@@details@Concurrency@@IAE_NXZ
?_SpinOnce@?$_SpinWait@$00@details@Concurrency@@QAE_NXZ
?_SpinOnce@?$_SpinWait@$0A@@details@Concurrency@@QAE_NXZ
?_SpinYield@Context@Concurrency@@SAXXZ
?_Start@_Timer@details@Concurrency@@IAEXXZ
?_Stop@_Timer@details@Concurrency@@IAEXXZ
?_Tidy@exception@std@@AAEXXZ
?_Trace_ppl_function@Concurrency@@YAXABU_GUID@@EW4ConcRT_EventType@1@@Z
?_TryAcquire@_NonReentrantBlockingLock@details@Concurrency@@QAE_NXZ
?_TryAcquire@_ReentrantBlockingLock@details@Concurrency@@QAE_NXZ
?_TryAcquire@_ReentrantLock@details@Concurrency@@QAE_NXZ
?_TryAcquireWrite@_ReaderWriterLock@details@Concurrency@@QAE_NXZ
?_Type_info_dtor@type_info@@CAXPAV1@@Z
?_Type_info_dtor_internal@type_info@@CAXPAV1@@Z
?_UnderlyingYield@details@Concurrency@@YAXXZ
?_ValidateExecute@@YAHP6GHXZ@Z
?_ValidateRead@@YAHPBXI@Z
?_ValidateWrite@@YAHPAXI@Z
?_Value@_SpinCount@details@Concurrency@@SAIXZ
?__ExceptionPtrAssign@@YAXPAXPBX@Z
?__ExceptionPtrCompare@@YA_NPBX0@Z
?__ExceptionPtrCopy@@YAXPAXPBX@Z
?__ExceptionPtrCopyException@@YAXPAXPBX1@Z
?__ExceptionPtrCreate@@YAXPAX@Z
?__ExceptionPtrCurrentException@@YAXPAX@Z
?__ExceptionPtrDestroy@@YAXPAX@Z
?__ExceptionPtrRethrow@@YAXPBX@Z
?_inconsistency@@YAXXZ
?_invalid_parameter@@YAXPBG00II@Z
?_is_exception_typeof@@YAHABVtype_info@@PAU_EXCEPTION_POINTERS@@@Z
?_name_internal_method@type_info@@QBEPBDPAU__type_info_node@@@Z
?_open@@YAHPBDHH@Z
?_query_new_handler@@YAP6AHI@ZXZ
?_query_new_mode@@YAHXZ
?_set_new_handler@@YAP6AHI@ZH@Z
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
?_set_new_mode@@YAHH@Z
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZH@Z
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
?_sopen@@YAHPBDHHH@Z
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?_wopen@@YAHPB_WHH@Z
?_wsopen@@YAHPB_WHHH@Z
?before@type_info@@QBEHABV1@@Z
?commonFlags@?1??_control87@@9@9
?get_error_code@scheduler_resource_allocation_error@Concurrency@@QBEJXZ
?lock@critical_section@Concurrency@@QAEXXZ
?lock@reader_writer_lock@Concurrency@@QAEXXZ
?lock_read@reader_writer_lock@Concurrency@@QAEXXZ
?name@type_info@@QBEPBDPAU__type_info_node@@@Z
?native_handle@critical_section@Concurrency@@QAEAAV12@XZ
?raw_name@type_info@@QBEPBDXZ
?reset@event@Concurrency@@QAEXXZ
?set@event@Concurrency@@QAEXXZ
?set_new_handler@@YAP6AXXZP6AXXZ@Z
?set_terminate@@YAP6AXXZH@Z
?set_terminate@@YAP6AXXZP6AXXZ@Z
?set_unexpected@@YAP6AXXZH@Z
?set_unexpected@@YAP6AXXZP6AXXZ@Z
?swprintf@@YAHPAGIPBGZZ
?swprintf@@YAHPA_WIPB_WZZ
?terminate@@YAXXZ
?try_lock@critical_section@Concurrency@@QAE_NXZ
?try_lock@reader_writer_lock@Concurrency@@QAE_NXZ
?try_lock_read@reader_writer_lock@Concurrency@@QAE_NXZ
?unexpected@@YAXXZ
?unlock@critical_section@Concurrency@@QAEXXZ
?unlock@reader_writer_lock@Concurrency@@QAEXXZ
?vswprintf@@YAHPA_WIPB_WPAD@Z
?wait@Concurrency@@YAXI@Z
?wait@event@Concurrency@@QAEII@Z
?wait_for_multiple@event@Concurrency@@SAIPAPAV12@I_NI@Z
?what@exception@std@@UBEPBDXZ
_CIacos
_CIasin
_CIatan
_CIatan2
_CIcos
_CIcosh
_CIexp
_CIfmod
_CIlog
_CIlog10
_CIpow
_CIsin
_CIsinh
_CIsqrt
_CItan
_CItanh
_CRT_RTC_INIT
_CRT_RTC_INITW
_CreateFrameInfo
_CrtCheckMemory
_CrtDbgBreak
_CrtDbgReport
_CrtDbgReportW
_CrtDoForAllClientObjects
_CrtDumpMemoryLeaks
_CrtGetAllocHook
_CrtGetCheckCount
_CrtGetDumpClient
_CrtGetReportHook
_CrtIsMemoryBlock
_CrtIsValidHeapPointer
_CrtIsValidPointer
_CrtMemCheckpoint
_CrtMemDifference
_CrtMemDumpAllObjectsSince
_CrtMemDumpStatistics
_CrtReportBlockType
_CrtSetAllocHook
_CrtSetBreakAlloc
_CrtSetCheckCount
_CrtSetDbgBlockType
_CrtSetDbgFlag
_CrtSetDebugFillThreshold
_CrtSetDumpClient
_CrtSetReportFile
_CrtSetReportHook
_CrtSetReportHook2
_CrtSetReportHookW2
_CrtSetReportMode
_CxxThrowException
_EH_prolog
_FindAndUnlinkFrame
_Getdays
_Getmonths
_Gettnames
_HUGE
_IsExceptionObjectToBeDestroyed
_NLG_Dispatch2
_NLG_Return
_NLG_Return2
_Strftime
_VCrtDbgReportA
_VCrtDbgReportW
_XcptFilter
__AdjustPointer
__BuildCatchObject
__BuildCatchObjectHelper
__CppXcptFilter
__CxxCallUnwindDelDtor
__CxxCallUnwindDtor
__CxxCallUnwindStdDelDtor
__CxxCallUnwindVecDtor
__CxxDetectRethrow
__CxxExceptionFilter
__CxxFrameHandler
__CxxFrameHandler2
__CxxFrameHandler3
__CxxLongjmpUnwind
__CxxQueryExceptionSize
__CxxRegisterExceptionObject
__CxxUnregisterExceptionObject
__DestructExceptionObject
__FrameUnwindFilter
__RTCastToVoid
__RTDynamicCast
__RTtypeid
__STRINGTOLD
__STRINGTOLD_L
__TypeMatch
___fls_getvalue@4
___fls_setvalue@8
___lc_codepage_func
___lc_collate_cp_func
___lc_handle_func
___mb_cur_max_func
___mb_cur_max_l_func
___setlc_active_func
___unguarded_readlc_active_add_func
__argc
__argv
__badioinfo
__clean_type_info_names_internal
__control87_2
__create_locale
__crtCompareStringA
__crtCompareStringW
__crtLCMapStringA
__crtLCMapStringW
__daylight
__dllonexit
__doserrno
__dstbias
__fpecode
__free_locale
__get_current_locale
__get_flsindex
__get_tlsindex
__getmainargs
__initenv
__iob_func
__isascii
__iscsym
__iscsymf
__iswcsym
__iswcsymf
__lconv
__lconv_init
__libm_sse2_acos
__libm_sse2_acosf
__libm_sse2_asin
__libm_sse2_asinf
__libm_sse2_atan
__libm_sse2_atan2
__libm_sse2_atanf
__libm_sse2_cos
__libm_sse2_cosf
__libm_sse2_exp
__libm_sse2_expf
__libm_sse2_log
__libm_sse2_log10
__libm_sse2_log10f
__libm_sse2_logf
__libm_sse2_pow
__libm_sse2_powf
__libm_sse2_sin
__libm_sse2_sinf
__libm_sse2_tan
__libm_sse2_tanf
__mb_cur_max
__p___argc
__p___argv
__p___initenv
__p___mb_cur_max
__p___wargv
__p___winitenv
__p__acmdln
__p__commode
__p__crtAssertBusy
__p__crtBreakAlloc
__p__crtDbgFlag
__p__daylight
__p__dstbias
__p__environ
__p__fmode
__p__iob
__p__mbcasemap
__p__mbctype
__p__pctype
__p__pgmptr
__p__pwctype
__p__timezone
__p__tzname
__p__wcmdln
__p__wenviron
__p__wpgmptr
__pctype_func
__pioinfo
__pwctype_func
__pxcptinfoptrs
__report_gsfailure
__set_app_type
__set_flsgetvalue
__setlc_active
__setusermatherr
__strncnt
__swprintf_l
__sys_errlist
__sys_nerr
__threadhandle
__threadid
__timezone
__toascii
__tzname
__unDName
__unDNameEx
__unDNameHelper
__uncaught_exception
__unguarded_readlc_active
__vswprintf_l
__wargv
__wcserror
__wcserror_s
__wcsncnt
__wgetmainargs
__winitenv
_abnormal_termination
_abs64
_access
_access_s
_acmdln
_aligned_free
_aligned_free_dbg
_aligned_malloc
_aligned_malloc_dbg
_aligned_msize
_aligned_msize_dbg
_aligned_offset_malloc
_aligned_offset_malloc_dbg
_aligned_offset_realloc
_aligned_offset_realloc_dbg
_aligned_offset_recalloc
_aligned_offset_recalloc_dbg
_aligned_realloc
_aligned_realloc_dbg
_aligned_recalloc
_aligned_recalloc_dbg
_amsg_exit
_assert

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/nsldapssl32v41.dll
.dll windows:4 windows x86 arch:x86

5fc0e93802d42dae2fb0bd1fa8bba2ac

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wsock32

recv
WSAStartup
closesocket
socket
getsockopt
__WSAFDIsSet
select
WSAGetLastError
send
connect
inet_ntoa
htons
gethostbyname
ioctlsocket
WSACleanup

libplc3

PL_strcasecmp
PL_strlen
PL_strdup
PL_strfree
PL_strcpy
PL_strrchr

libplds3

PL_ArenaGrow
PL_HashTableLookup
PL_ArenaAllocate
PL_FinishArenaPool
PL_InitArenaPool
PL_ArenaRelease

libnspr3

PR_MemMap
PR_Writev
PR_MemUnmap
PR_Send
PR_GMTParameters
PR_CloseFileMap
PR_Recv
PR_AtomicDecrement
PR_AtomicIncrement
PR_IntervalNow
PR_IntervalToSeconds
PR_Accept
PR_htons
PR_PopIOLayer
PR_htonl
PR_GetSystemInfo
PR_ntohl
PR_NewMonitor
PR_GetDefaultIOMethods
PR_GetUniqueIdentity
PR_CreateIOLayerStub
PR_PushIOLayer
PR_GetSocketOption
PR_Sleep
PR_EnterMonitor
PR_ExitMonitor
PR_ntohs
PR_GetIdentitiesLayer
PR_NewThreadPrivateIndex
PR_ExplodeTime
PR_LocalTimeParameters
PR_GetCurrentThread
PR_Unlock
PR_Lock
PR_DestroyLock
PR_NewLock
PR_CallOnce
PR_Malloc
PR_Realloc
PR_SetNetAddr
PR_OpenTCPSocket
PR_SetSocketOption
PR_Connect
PR_StringToNetAddr
PR_GetIPNodeByName
PR_EnumerateHostEnt
PR_MillisecondsToInterval
PR_Poll
PR_Write
PR_Read
PR_GetOSError
PR_InitializeNetAddr
PR_GetHostByAddr
PR_GetHostByName
PR_ImplodeTime
PR_Cleanup
PR_Notify
PR_Wait
LL_Zero
PR_GetThreadScope
PR_CreateThread
PR_JoinThread
PR_FormatTime
PR_CreateFileMap
PR_NotifyCondVar
PR_WaitCondVar
PR_NewCondVar
PR_sprintf_append
LL_MinInt
PR_smprintf
PR_LoadLibrary
PR_FindSymbol
PR_GetOpenFileInfo
PR_SetThreadPrivate
PR_Now
PR_DestroyMonitor
PR_GetThreadPrivate
PR_Free
PR_Close
PR_Calloc
PR_SetError
PR_Init
PR_SetConcurrency
PR_GetError
PR_NotifyAllCondVar
PR_NotifyAll
PR_UnloadLibrary
PR_DestroyCondVar

msvcrt

_getpid
memcpy
_unlink
ctime
fflush
fputs
_lseek
sprintf
_open
_read
_close
_stat
_strdup
_strcmpi
_write
_adjust_fdiv
_initterm
__p___mb_cur_max
__p__pctype
abort
remove
_findfirst
_findnext
_findclose
strncmp
strcat
tolower
strcpy
getenv
memcmp
strlen
strcmp
strstr
memset
memmove
_iob
qsort
_isctype
__mb_cur_max
_pctype
perror
strncpy
_ftol
difftime
_strnicmp
toupper
fgets
rewind
strerror
_errno
strrchr
atoi
fopen
fseek
fclose
ftell
fread
strchr
strtok
time
free
realloc
calloc
malloc

kernel32

GetTickCount
SetEnvironmentVariableA
GetSystemDirectoryA
GlobalMemoryStatus
GetLogicalDrives
GetComputerNameA
GetCurrentProcess
GetVolumeInformationA
GetDiskFreeSpaceA
QueryPerformanceCounter
GetLastError
OpenProcess
CloseHandle
GetCurrentThreadId
GetCurrentProcessId
GetModuleHandleA
CreateFileMappingA
MapViewOfFile
ReleaseSemaphore
CreateSemaphoreA
WaitForSingleObject

user32

EndDialog
GetDesktopWindow
DialogBoxParamA
GetDlgItem
GetDlgItemTextA
EnableWindow
SendDlgItemMessageA
GetClientRect
GetWindowRect
ClientToScreen
MoveWindow
SetDlgItemTextA
MessageBoxA

Exports

Exports

NSSRWLock_Destroy
NSSRWLock_HaveWriteLock
NSSRWLock_LockRead
NSSRWLock_LockWrite
NSSRWLock_New
NSSRWLock_UnlockRead
NSSRWLock_UnlockWrite
PK11_FreeSlot
PK11_GetInternalKeySlot
PK11_GetTokenName
PR_Cleanup
SVRCORE_CreateFilePinObj
SVRCORE_CreateStdPinObj
SVRCORE_RegisterPinObj
ber_alloc
ber_alloc_t
ber_bvdup
ber_bvecfree
ber_bvfree
ber_dup
ber_err_print
ber_first_element
ber_flatten
ber_flush
ber_free
ber_get_bitstringa
ber_get_boolean
ber_get_int
ber_get_next
ber_get_next_buffer
ber_get_null
ber_get_option
ber_get_stringa
ber_get_stringal
ber_get_stringb
ber_get_tag
ber_init
ber_init_w_nullchar
ber_next_element
ber_peek_tag
ber_printf
ber_put_bitstring
ber_put_boolean
ber_put_enum
ber_put_int
ber_put_null
ber_put_ostring
ber_put_seq
ber_put_set
ber_put_string
ber_read
ber_reset
ber_scanf
ber_set_option
ber_skip_tag
ber_sockbuf_alloc
ber_sockbuf_free
ber_sockbuf_get_option
ber_sockbuf_set_option
ber_special_alloc
ber_special_free
ber_start_seq
ber_start_set
ber_write
dbopen
der_alloc
ldap_abandon
ldap_abandon_ext
ldap_add
ldap_add_ext
ldap_add_ext_s
ldap_add_s
ldap_ber_free
ldap_bind
ldap_bind_s
ldap_build_filter
ldap_cache_flush
ldap_charray_add
ldap_charray_dup
ldap_charray_free
ldap_charray_inlist
ldap_charray_merge
ldap_charray_position
ldap_compare
ldap_compare_ext
ldap_compare_ext_s
ldap_compare_s
ldap_control_free
ldap_controls_free
ldap_count_entries
ldap_count_messages
ldap_count_references
ldap_count_values
ldap_count_values_len
ldap_create_filter
ldap_create_persistentsearch_control
ldap_create_proxyauth_control
ldap_create_sort_control
ldap_create_sort_keylist
ldap_create_virtuallist_control
ldap_delete
ldap_delete_ext
ldap_delete_ext_s
ldap_delete_s
ldap_dn2ufn
ldap_entry2html
ldap_entry2html_search
ldap_entry2text
ldap_entry2text_search
ldap_err2string
ldap_explode_dn
ldap_explode_dns
ldap_explode_rdn
ldap_extended_operation
ldap_extended_operation_s
ldap_first_attribute
ldap_first_disptmpl
ldap_first_entry
ldap_first_message
ldap_first_reference
ldap_first_searchobj
ldap_first_tmplcol
ldap_first_tmplrow
ldap_free_friendlymap
ldap_free_searchprefs
ldap_free_sort_keylist
ldap_free_templates
ldap_free_urldesc
ldap_friendly_name
ldap_get_dn
ldap_get_entry_controls
ldap_get_lang_values
ldap_get_lang_values_len
ldap_get_lderrno
ldap_get_option
ldap_get_values
ldap_get_values_len
ldap_getfilter_free
ldap_getfirstfilter
ldap_getnextfilter
ldap_init
ldap_init_getfilter
ldap_init_getfilter_buf
ldap_init_searchprefs
ldap_init_searchprefs_buf
ldap_init_templates
ldap_init_templates_buf
ldap_is_dns_dn
ldap_is_ldap_url
ldap_keysort_entries
ldap_memcache_destroy
ldap_memcache_flush
ldap_memcache_get
ldap_memcache_init
ldap_memcache_set
ldap_memcache_update
ldap_memfree
ldap_modify
ldap_modify_ext
ldap_modify_ext_s
ldap_modify_s
ldap_modrdn
ldap_modrdn2
ldap_modrdn2_s
ldap_modrdn_s
ldap_mods_free
ldap_msgfree
ldap_msgid
ldap_msgtype
ldap_multisort_entries
ldap_name2template
ldap_next_attribute
ldap_next_disptmpl
ldap_next_entry
ldap_next_message
ldap_next_reference
ldap_next_searchobj
ldap_next_tmplcol
ldap_next_tmplrow
ldap_oc2template
ldap_open
ldap_parse_entrychange_control
ldap_parse_extended_result
ldap_parse_reference
ldap_parse_result
ldap_parse_sasl_bind_result
ldap_parse_sort_control
ldap_parse_virtuallist_control
ldap_perror
ldap_rename
ldap_rename_s
ldap_result
ldap_result2error
ldap_sasl_bind
ldap_sasl_bind_s
ldap_search
ldap_search_ext
ldap_search_ext_s
ldap_search_s
ldap_search_st
ldap_set_filter_additions
ldap_set_lderrno
ldap_set_option
ldap_set_rebind_proc
ldap_setfilteraffixes
ldap_simple_bind
ldap_simple_bind_s
ldap_sort_entries
ldap_sort_strcasecmp
ldap_sort_values
ldap_str2charray
ldap_tmplattrs
ldap_tmplerr2string
ldap_ufn_search_c
ldap_ufn_search_ct
ldap_ufn_search_s
ldap_ufn_setfilter
ldap_ufn_setprefix
ldap_ufn_timeout
ldap_unbind
ldap_unbind_ext
ldap_unbind_s
ldap_url_parse
ldap_url_search
ldap_url_search_s
ldap_url_search_st
ldap_utf8characters
ldap_utf8copy
ldap_utf8getcc
ldap_utf8isalnum
ldap_utf8isalpha
ldap_utf8isdigit
ldap_utf8isspace
ldap_utf8isxdigit
ldap_utf8len
ldap_utf8next
ldap_utf8prev
ldap_utf8strtok_r
ldap_vals2html
ldap_vals2text
ldap_value_free
ldap_value_free_len
ldap_version
ldap_x_hostlist_first
ldap_x_hostlist_next
ldap_x_hostlist_statusfree
ldapssl_advclientauth_init
ldapssl_client_init
ldapssl_clientauth_init
ldapssl_enable_clientauth
ldapssl_err2string
ldapssl_init
ldapssl_install_routines
ldapssl_pkcs_init
mktemp
nssRWLock_AtomicCreate
prldap_get_session_info
prldap_get_socket_info
prldap_init
prldap_install_routines
prldap_set_session_info
prldap_set_socket_info
sec_port_ucs2_utf8_conversion_function
sec_port_ucs4_utf8_conversion_function

Sections

.text
Size: 628KB - Virtual size: 624KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 124KB - Virtual size: 143KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/pkiapi.dll
.dll windows:5 windows x86 arch:x86

253da893b56b0e7de74c964d9b1a384e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\worksource\营业执照电子副本\客户端源码\PSICAAtv\Release\pkiapi.pdb

Imports

kernel32

HeapFree
IsProcessorFeaturePresent
GetStringTypeW
LCMapStringW
CompareStringW
CreateFileW
GetProcessHeap
SetEnvironmentVariableA
OpenEventA
FileTimeToLocalFileTime
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
QueryPerformanceCounter
HeapDestroy
HeapCreate
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStartupInfoW
SetHandleCount
GetTimeZoneInformation
IsValidCodePage
GetConsoleMode
GetConsoleCP
OutputDebugStringW
WriteConsoleW
GetStdHandle
GetFileType
SetStdHandle
ExitThread
CreateThread
ExitProcess
VirtualQuery
VirtualAlloc
RaiseException
RtlUnwind
IsBadReadPtr
HeapValidate
GetSystemTimeAsFileTime
EncodePointer
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
DecodePointer
InitializeCriticalSectionAndSpinCount
Sleep
SearchPathA
GetTickCount
GetTempPathA
GetFileAttributesExA
GetFileSizeEx
GetTempFileNameA
GetFileTime
GetFileAttributesA
FindResourceExW
GetFullPathNameA
GetVolumeInformationA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
HeapQueryInformation
WriteFile
DuplicateHandle
GetHandleInformation
GetNumberFormatA
lstrcmpiA
lstrcpyA
DeleteFileA
GetCurrentDirectoryA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
GetOEMCP
GetCPInfo
GetProfileIntA
VirtualProtect
InterlockedIncrement
GetACP
GlobalFlags
GetCurrentProcessId
FileTimeToSystemTime
GetAtomNameA
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
SetEvent
WaitForSingleObject
InterlockedDecrement
GetModuleFileNameW
ReleaseActCtx
CreateActCtxW
SetErrorMode
InterlockedExchange
GetModuleHandleW
lstrcmpA
GetCurrentThread
GetLocaleInfoA
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetModuleFileNameA
CompareStringA
LoadLibraryW
ActivateActCtx
DeactivateActCtx
GetVersionExA
lstrcmpW
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
ResumeThread
SetThreadPriority
SizeofResource
FindResourceW
MulDiv
lstrlenW
CopyFileA
GlobalSize
GlobalAlloc
FormatMessageA
LocalFree
lstrlenA
GlobalLock
GlobalUnlock
GlobalFree
LockResource
FindResourceA
LoadResource
FreeResource
SetLastError
WideCharToMultiByte
MultiByteToWideChar
HeapSize
HeapReAlloc
SetFilePointer
HeapAlloc
FindNextFileA
FindClose
FindFirstFileA
GetCommandLineA
OutputDebugStringA
LoadLibraryA
FreeLibrary
CloseHandle
GetModuleHandleA
GetProcAddress
GetLastError
CreateDirectoryA
ReadFile
GetWindowsDirectoryA
GetCurrentProcess
GetFileSize
GetSystemInfo
CreateFileA

libiconv2

ord7
ord6
ord5

msimg32

TransparentBlt
AlphaBlend

comctl32

ImageList_GetIconSize

shlwapi

PathIsUNCA
PathRemoveFileSpecW
PathFindFileNameA
PathFindExtensionA
PathStripToRootA

oleacc

CreateStdAccessibleObject
LresultFromObject
AccessibleObjectFromWindow

gdiplus

GdiplusShutdown
GdipCreateFromHDC
GdipDeleteGraphics
GdipSetInterpolationMode
GdipDrawImageRectI
GdipDisposeImage
GdipFree
GdipCloneImage
GdipAlloc
GdipCreateBitmapFromHBITMAP
GdiplusStartup
GdipGetImageGraphicsContext
GdipDrawImageI
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipGetImagePalette
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipCreateBitmapFromStream
GdipCreateBitmapFromStreamICM

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundA

user32

SetClipboardData
CloseClipboard
EmptyClipboard
RegisterClipboardFormatA
PtInRect
CopyIcon
IsRectEmpty
CharUpperBuffA
DefFrameProcA
TranslateMDISysAccel
DefMDIChildProcA
IsClipboardFormatAvailable
GetDoubleClickTime
DestroyCursor
SetRect
InflateRect
IntersectRect
UnionRect
SubtractRect
ReuseDDElParam
TranslateAcceleratorA
LoadAcceleratorsA
LoadAcceleratorsW
SetLayeredWindowAttributes
EnumDisplayMonitors
UnpackDDElParam
GetClipboardFormatNameA
SystemParametersInfoA
DestroyMenu
ReleaseCapture
SetCursor
SetRectEmpty
GetAsyncKeyState
GetSystemMetrics
RealChildWindowFromPoint
GetWindowThreadProcessId
UnregisterClassA
LoadMenuW
LoadMenuA
ModifyMenuA
InsertMenuItemA
GetMenuItemInfoA
GetMenuDefaultItem
SetMenuDefaultItem
EnableMenuItem
DeleteMenu
CreatePopupMenu
CreateMenu
GrayStringA
DrawTextExA
DrawTextA
DrawFocusRect
DrawFrameControl
DrawEdge
DrawStateA
DrawIcon
InvertRect
FrameRect
FillRect
GetSysColorBrush
GetCursorPos
GetMessageA
TranslateMessage
PostQuitMessage
MapVirtualKeyA
GetKeyNameTextA
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
CheckDlgButton
RegisterWindowMessageA
MessageBoxA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
SendDlgItemMessageA
MonitorFromWindow
GetMonitorInfoA
GetSysColor
PeekMessageA
DispatchMessageA
AdjustWindowRectEx
EqualRect
DeferWindowPos
BeginDeferWindowPos
CopyRect
EndDeferWindowPos
ScrollWindow
GetScrollInfo
SetScrollInfo
WinHelpA
TrackPopupMenu
SetWindowPlacement
GetWindowPlacement
GetKeyState
GetDlgCtrlID
SetWindowsHookExA
CallNextHookEx
GetClassLongA
LoadImageW
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
SetMenu
GetMenu
GetMessageTime
GetMessagePos
SetWindowLongA
SetWindowPos
GetWindowTextLengthA
GetWindowTextA
SetFocus
LoadIconW
LoadIconA
LoadCursorW
LoadCursorA
PostThreadMessageA
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
NotifyWinEvent
GetForegroundWindow
SetForegroundWindow
HideCaret
OpenClipboard
WindowFromPoint
SetParent
GetParent
IsChild
GetLastActivePopup
GetWindow
GetTopWindow
ShowScrollBar
GetNextDlgTabItem
GetNextDlgGroupItem
SetCapture
GetCapture
KillTimer
SetTimer
EnableScrollBar
RedrawWindow
LockWindowUpdate
ShowOwnedPopups
IsWindowVisible
ValidateRect
InvalidateRect
GetUpdateRect
UpdateWindow
ReleaseDC
GetWindowDC
GetDC
EndPaint
BeginPaint
ScreenToClient
ClientToScreen
MapWindowPoints
GetClientRect
GetWindowRect
BringWindowToTop
GetWindowRgn
SetWindowRgn
IsZoomed
IsIconic
GetSystemMenu
DrawMenuBar
TabbedTextOutA
PostMessageA
SendMessageA
MapDialogRect
GetMenuCheckMarkDimensions
LoadBitmapW
SetMenuItemBitmaps
GetFocus
RemoveMenu
IsMenu
WaitMessage
OffsetRect
UpdateLayeredWindow
MonitorFromPoint
MapVirtualKeyExA
GetMenuItemCount
GetSubMenu
GetMenuState
GetMenuStringA
AppendMenuA
InsertMenuA
GetMenuItemID
EndDialog
GetDesktopWindow
GetActiveWindow
SetActiveWindow
IsWindow
EnableWindow
CreateDialogIndirectParamA
DestroyWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
SetClassLongA
IsCharLowerA
SetCursorPos
GetKeyboardState
GetKeyboardLayout
ToAsciiEx
CopyAcceleratorTableA
CreateAcceleratorTableA
DestroyAcceleratorTable
CharUpperA
DrawIconEx
CopyImage
GetIconInfo
MessageBeep
LoadImageA
GetClassNameA
DestroyIcon
CheckMenuItem

gdi32

ExtTextOutA
SetTextColor
SetBkColor
GetObjectA
GetStockObject
GetObjectType
CreatePen
CreateSolidBrush
CreateHatchBrush
CreatePatternBrush
CreateFontIndirectA
CreateCompatibleBitmap
CreatePalette
GetPaletteEntries
SetPaletteEntries
GetNearestPaletteIndex
CreateRectRgn
CreateRectRgnIndirect
CreateEllipticRgn
CreatePolygonRgn
CreateRoundRectRgn
SetRectRgn
CombineRgn
OffsetRgn
CreateDCA
GetViewportOrgEx
GetTextColor
GetViewportExtEx
GetWindowOrgEx
GetWindowExtEx
DPtoLP
LPtoDP
FillRgn
FrameRgn
PtVisible
RectVisible
Polyline
Ellipse
Polygon
Rectangle
PatBlt
BitBlt
StretchBlt
GetPixel
SetPixel
ExtFloodFill
TextOutA
GetTextExtentPoint32A
GetTextFaceA
GetTextMetricsA
CreateBitmap
Escape
GetBoundsRect
SetPixelV
DeleteObject
DeleteDC
SaveDC
RestoreDC
SelectPalette
SetBkMode
SetPolyFillMode
SetROP2
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
SelectClipRgn
ExcludeClipRect
IntersectClipRect
MoveToEx
LineTo
SetTextAlign
GetLayout
SetLayout
ExtSelectClipRgn
EnumFontFamiliesA
GetTextCharsetInfo
CreateDIBitmap
GetSystemPaletteEntries
EnumFontFamiliesExA
CreateDIBSection
SetDIBColorTable
GetRgnBox
GetDeviceCaps
GetBkColor
RealizePalette
SelectObject
CreateCompatibleDC
PtInRegion
CopyMetaFileA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

comdlg32

GetFileTitleA

advapi32

SetThreadToken
RegEnumKeyExA
RegEnumValueA
RegDeleteValueA
RegSetValueExA
RegDeleteKeyA
RegQueryValueA
RegCreateKeyExA
RegEnumKeyA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RevertToSelf
OpenThreadToken

shell32

SHBrowseForFolderA
ShellExecuteA
SHGetPathFromIDListA
SHGetFileInfoA
SHGetSpecialFolderLocation
SHGetDesktopFolder
DragQueryFileA
DragFinish
SHAppBarMessage

ole32

OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleLockRunning
RegisterDragDrop
RevokeDragDrop
OleGetClipboard
DoDragDrop
CreateStreamOnHGlobal
CoInitialize
CoUninitialize
CoInitializeEx
CoCreateInstance
CoCreateGuid
ReleaseStgMedium
CoTaskMemAlloc
StringFromCLSID
OleDuplicateData
CoTaskMemFree
CoLockObjectExternal

oleaut32

SysAllocStringLen
VariantInit
SysStringLen
VarBstrFromDate
SysAllocString
VariantChangeType
VariantClear
SysFreeString
VariantTimeToSystemTime
SystemTimeToVariantTime

Exports

Exports

??4Cpkiapidllmfc@@QAEAAV0@ABV0@@Z
GenKeyFrompasswd
pkiBase64Decode
pkiBase64Encode
pkiCheckCert
pkiCloseApplication
pkiCloseDevice
pkiDeleteLabel
pkiEnd
pkiExportCert
pkiFormat
pkiGenCertRequest
pkiGenRsaKeyInDevice
pkiGenerateRandom
pkiGetCRLInfo
pkiGetCertInfo
pkiGetContainerNameList
pkiGetContainerType
pkiGetDevSerialNumber
pkiGetPublicKey
pkiGetRsaKeyPairDer
pkiGetSignature
pkiGetSignatureForPKCS7
pkiGetXMLCertInfo
pkiHashData
pkiHashDataEx
pkiImportCert
pkiInit
pkiInitEx
pkiLogin
pkiLoginEx
pkiLogout
pkiOpenEnvelope
pkiOpenEnvelopeForPKCS7
pkiPBKCryptData
pkiPrivKeyDecrypt
pkiPubKeyEncrypt
pkiPubKeyEncryptByCert
pkiRWKCryptData
pkiReadLabel
pkiReadLabelList
pkiSealEnvelope
pkiSealEnvelopeEx
pkiSealEnvelopeForPKCS7
pkiSetPin
pkiSignData
pkiSymmCryptData
pkiUnlock
pkiUpdatePrivKey
pkiUpdatePrivKeyEx
pkiVerifyData
pkiVerifySignature
pkiVerifySignatureEx
pkiVerifySignatureForPKCS7
pkiWriteLabel

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 382KB - Virtual size: 381KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 71KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 226KB - Virtual size: 226KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/sysntfy.dll
.dll windows:6 windows x86 arch:x86

3f63c420cf314bb0308bd1f14650431a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

sysntfy.pdb

Imports

msvcrt

memcpy
memset
_XcptFilter
malloc
free
_initterm
_amsg_exit
_except_handler4_common
__isascii
isupper
_tolower

api-ms-win-core-errorhandling-l1-1-0

UnhandledExceptionFilter
GetLastError
SetUnhandledExceptionFilter

api-ms-win-core-heap-l1-1-0

HeapAlloc
HeapCreate
HeapDestroy
HeapFree

api-ms-win-core-interlocked-l1-1-0

InterlockedCompareExchange
InterlockedExchange

api-ms-win-core-libraryloader-l1-1-0

FreeLibrary
LoadLibraryExA
DisableThreadLibraryCalls
GetProcAddress

api-ms-win-core-misc-l1-1-0

Sleep

api-ms-win-core-processthreads-l1-1-0

GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
TerminateProcess

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-sysinfo-l1-1-0

GetSystemTimeAsFileTime
GetTickCount

ntdll

EtwGetTraceEnableLevel
EtwGetTraceLoggerHandle
EtwRegisterTraceGuidsW
EtwUnregisterTraceGuids
RtlLeaveCriticalSection
RtlEnterCriticalSection
RtlDeleteCriticalSection
RtlInitializeCriticalSection
NtClose
NtQueryInformationToken
NtOpenProcessToken
NtOpenProcess
EtwTraceMessage
EtwGetTraceEnableFlags

api-ms-win-core-delayload-l1-1-0

DelayLoadFailureHook

Exports

Exports

SysNotifyStartServer
SysNotifyStopServer

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 906B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/whharddll.dll
.dll windows:5 windows x86 arch:x86

b55dc4f0432ccb025eec1c087ded3994

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
GetSystemTime
GetLastError
HeapFree
HeapAlloc
HeapReAlloc
GetSystemTimeAsFileTime
RaiseException
EncodePointer
DecodePointer
CreateDirectoryA
DeleteFileA
GetCurrentThreadId
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapCreate
HeapDestroy
IsProcessorFeaturePresent
GetProcAddress
GetModuleHandleW
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
Sleep
HeapSize
SetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
CloseHandle
MultiByteToWideChar
ReadFile
RtlUnwind
SetHandleCount
GetStartupInfoW
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
LoadLibraryW
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
SetFilePointer
WriteConsoleW
FlushFileBuffers
CreateFileA
LCMapStringW
GetStringTypeW
CreateFileW
SetEndOfFile
GetProcessHeap
RemoveDirectoryA

advapi32

RegSetValueExA
RegEnumKeyExA
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExA
RegCloseKey

Exports

Exports

WHCA_EnumCerstoreName
WHCA_EnumKeyContainerName
WHCA_ExportPrivateKey
WHCA_Format
WHCA_ImportPrivateKey
WHCA_LockDevice
WHCA_Login
WHCA_Logout
WHCA_SetPin
WHCA_UnLock
WH_AsymmetricDecrypt
WH_AsymmetricEncrypt
WH_AsymmetricSignData
WH_AsymmetricVerifySign
WH_CreateContainer
WH_DestroyContainer
WH_DestroyKey
WH_Digest
WH_ExportPrivateKey
WH_ExportPublicKey
WH_ExportSymmetricKey
WH_FindContainerAndKeypair
WH_GenAsymmetricKey
WH_GenRandom
WH_GenSymmetricKey
WH_GetKeyProperty
WH_GetSupportedAlgId
WH_ImportPrivateKey
WH_ImportPublicKey
WH_ImportSymmetricKey
WH_SymmetricEncrypt
WH_SymmetryDecrypt

Sections

.text
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
C:/Config/Client.conf
C:/Config/Client.conf.bak
C:/Config/OCSP.conf
C:/cryptosoft/Config/CRLDATA.crl
C:/cryptosoft/Config/phwin.xml
C:/cryptosoft/Config/regwin.xml
C:/cryptosoft/Config/vssver.scc
C:/driverfile/usbccid.cat
C:/driverfile/usbccid.inf
C:/driverfile/usbccid.sys
.sys windows:5 windows x86 arch:x86

f39b03ee1f9cd5628c4512b5c20bceb3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

usbccid.pdb

Imports

ntoskrnl.exe

KeTickCount
KeBugCheckEx
RtlUnicodeStringToAnsiString
RtlFreeAnsiString
IoCreateDevice
IoOpenDeviceRegistryKey
IoAttachDeviceToDeviceStack
KeDelayExecutionThread
ExAllocatePoolWithTag
ExFreePoolWithTag
IofCompleteRequest
_except_handler3
RtlInitUnicodeString
ZwQueryValueKey
IoInitializeRemoveLockEx
ZwClose
KeSetEvent
ExFreePool
IoAcquireCancelSpinLock
IoFreeIrp
IoReleaseRemoveLockEx
IoCancelIrp
KeWaitForSingleObject
IofCallDriver
IoAllocateIrp
KeInitializeEvent
IoAcquireRemoveLockEx
_allmul
IoBuildDeviceIoControlRequest
InterlockedDecrement
InterlockedIncrement
ExfInterlockedInsertTailList
ExfInterlockedRemoveHeadList
KeInitializeSpinLock
IoFreeWorkItem
IoQueueWorkItem
InterlockedCompareExchange
IoAllocateWorkItem
KeResetEvent
KeClearEvent
IoRegisterDeviceInterface
PoStartNextPowerIrp
PoSetPowerState
PoCallDriver
PoRequestPowerIrp
IoSetDeviceInterfaceState
IoDeleteDevice
IoDetachDevice
RtlFreeUnicodeString
IoReleaseRemoveLockAndWaitEx
InterlockedExchange
IoReleaseCancelSpinLock

hal

KfReleaseSpinLock
KfAcquireSpinLock

smclib.sys

SmartcardT1Request
SmartcardT0Request
SmartcardT0Reply
SmartcardUpdateCardCapabilities
SmartcardDeviceControl
SmartcardT1Reply
SmartcardInitialize
SmartcardExit

usbd.sys

USBD_ParseConfigurationDescriptorEx
USBD_CreateConfigurationRequestEx
USBD_ParseDescriptors

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PAGEABLE
Size: 512B - Virtual size: 416B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

INIT
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
uninst.exe
.exe windows:4 windows x86 arch:x86

7fa974366048f9c551ef45714595665e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
GetWindowsDirectoryA
SetFileTime
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
CreateFileA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetTempPathA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 40KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

2017f2acbdaa42ab3e4adeb8b4c37e7b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
GetLastError
lstrcpyA
lstrcpynA
FreeLibrary
lstrcatA
GetProcAddress
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
VirtualAlloc
VirtualProtect

user32

wsprintfA

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 520B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/processwork.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

CloseProcess
ExistsProcess
KillProcess
QuitProcess

Sections

CODE
Size: 200KB - Virtual size: 200KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 147B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 47B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7fa974366048f9c551ef45714595665e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 23KB - Virtual size: 23KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 151KB

.ndata Size: - Virtual size: 40KB

.rsrc Size: 3KB - Virtual size: 2KB

2017f2acbdaa42ab3e4adeb8b4c37e7b

Headers

File Characteristics

Imports

kernel32

user32

ole32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 7KB

.rdata Size: 1024B - Virtual size: 784B

.data Size: 512B - Virtual size: 100B

.reloc Size: 1024B - Virtual size: 520B

Headers

File Characteristics

Exports

Exports

Sections

CODE Size: 200KB - Virtual size: 200KB

DATA Size: 4KB - Virtual size: 4KB

BSS Size: - Virtual size: 2KB

.idata Size: 6KB - Virtual size: 5KB

.edata Size: 512B - Virtual size: 147B

.rdata Size: 512B - Virtual size: 47B

.reloc Size: 13KB - Virtual size: 12KB

.rsrc Size: 5KB - Virtual size: 5KB

2f37bd2cfc60f22d94e4856bdefb22d6

Code Sign

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate

Extended Key Usages

Key Usages

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88Certificate

Extended Key Usages

Key Usages

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40Certificate

6a:0b:99:4f:c0:00:1b:ab:11:da:3a:a1:b6:df:ec:88Certificate

Extended Key Usages

Key Usages

61:10:c3:52:00:00:00:00:00:03Certificate

Extended Key Usages

Key Usages

d6:ac:c4:be:67:64:23:a2:b1:30:b7:8a:4b:62:7f:c4:57:d9:89:97Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

advapi32

kernel32

gdi32

user32

ntdll

shell32

setupapi

wintrust

.text
Size: 23KB - Virtual size: 23KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 151KB

.ndata
Size: - Virtual size: 40KB

.rsrc
Size: 3KB - Virtual size: 2KB

.text
Size: 7KB - Virtual size: 7KB

.rdata
Size: 1024B - Virtual size: 784B

.data
Size: 512B - Virtual size: 100B

.reloc
Size: 1024B - Virtual size: 520B

CODE
Size: 200KB - Virtual size: 200KB

DATA
Size: 4KB - Virtual size: 4KB

BSS
Size: - Virtual size: 2KB

.idata
Size: 6KB - Virtual size: 5KB

.edata
Size: 512B - Virtual size: 147B

.rdata
Size: 512B - Virtual size: 47B

.reloc
Size: 13KB - Virtual size: 12KB

.rsrc
Size: 5KB - Virtual size: 5KB

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88
Certificate

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

6a:0b:99:4f:c0:00:1b:ab:11:da:3a:a1:b6:df:ec:88
Certificate

61:10:c3:52:00:00:00:00:00:03
Certificate

d6:ac:c4:be:67:64:23:a2:b1:30:b7:8a:4b:62:7f:c4:57:d9:89:97
Signer

.text
Size: 394KB - Virtual size: 393KB

.data
Size: 3KB - Virtual size: 12KB

Shared
Size: 512B - Virtual size: 8B

.rsrc
Size: 103KB - Virtual size: 102KB

.text
Size: 27KB - Virtual size: 27KB

.rdata
Size: 10KB - Virtual size: 9KB

.data
Size: 3KB - Virtual size: 6KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 3KB - Virtual size: 2KB

.text
Size: 727KB - Virtual size: 726KB

.rdata
Size: 261KB - Virtual size: 261KB

.data
Size: 18KB - Virtual size: 40KB

MyData
Size: 5KB - Virtual size: 4KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 36KB - Virtual size: 36KB

.text
Size: 341KB - Virtual size: 340KB

.rdata
Size: 50KB - Virtual size: 50KB

.data
Size: 10KB - Virtual size: 26KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 19KB - Virtual size: 18KB