f70abf6b0146e0dc3937f4a914cd1851_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f70abf6b0146e0dc3937f4a914cd1851_JaffaCakes118
Size

21.4MB
MD5

f70abf6b0146e0dc3937f4a914cd1851
SHA1

6f81ba06ef1f3dd0d15fb90321bd017967fec4b3
SHA256

da62517a66d2d7f74f47a4278c9e26cb3345f038ab540daf1b0d801eab6f46a0
SHA512

8eaec63784851732d9fc4fb1b7636fac9923cdfd2b7f10fa8a8109a12ddfe304d3e733aaa5b17b7304ccf30551b7ef6c6eadd2efe37be397fe74a20e3d0e5067
SSDEEP

393216:X/bRJ70Au8nIronOTFmZagUENfcn7uvILMbgNiho91PE0yCS1pyEWWhF7RjJH:XzRZ0Uw5TKGnsSMM+oDPm1HWWhlH

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack002/$PLUGINSDIR/AhnRpt.exe	upx

Unsigned PE 19 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Togepi/Togepi/Client.exe
unpack002/$PLUGINSDIR/PackAPI.dll
unpack001/Togepi/Togepi/HShield/AhnUpGS.dll
unpack001/Togepi/Togepi/HShield/AspINet.dll
unpack001/Togepi/Togepi/HShield/Bz32Ex.dll
unpack001/Togepi/Togepi/HShield/HSInst.dll
unpack001/Togepi/Togepi/HShield/V3InetGS.dll
unpack001/Togepi/Togepi/HShield/mspatcha.dll
unpack001/Togepi/Togepi/HShield/psapi.dll
unpack001/Togepi/Togepi/Mss32.dll
unpack001/Togepi/Togepi/Mss32.dln
unpack001/Togepi/Togepi/Novichok.dll
unpack001/Togepi/Togepi/d3d9.dll
unpack001/Togepi/Togepi/dbghelp.dll
unpack001/Togepi/Togepi/dinput8.dll
unpack001/Togepi/Togepi/mod/AlissaAnalyzer.exe
unpack001/Togepi/Togepi/mod/mod_Agnes.dll
unpack001/Togepi/Togepi/mod/mod_Alissa.dll
unpack001/Togepi/Togepi/mod/pakecore.dll

NSIS installer 2 IoCs

installer

resource	yara_rule
static1/unpack001/Togepi/Togepi/HShield/AhnRpt.exe	nsis_installer_1
static1/unpack001/Togepi/Togepi/HShield/AhnRpt.exe	nsis_installer_2

Files

f70abf6b0146e0dc3937f4a914cd1851_JaffaCakes118
.rar
Togepi/Read This First.txt
Togepi/Read This Second.txt
Togepi/Togepi/Client.exe
.exe windows:5 windows x86 arch:x86

380c0793f438c8e8c4bf6ed17c5469c8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

z:\483B_Overseas_EN_101R_20111219\dev\src_code\_Symbol\Client.pdb

Imports

kernel32

lstrcmpA
lstrcmpiA
InterlockedExchangeAdd
InterlockedCompareExchange
GetStartupInfoW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
Sleep
GetSystemInfo
GlobalMemoryStatus
GetCurrentThread
GetModuleHandleW
TerminateProcess
GetComputerNameW
GetLocalTime
CreateFileW
GetCurrentThreadId
FormatMessageA
GetCurrentProcess
CloseHandle
CreateEventA
GetModuleFileNameA
GetExitCodeProcess
ReleaseMutex
SetLastError
GetVersionExA
GetWindowsDirectoryA
ReadFile
GetSystemDirectoryA
GetProcAddress
FreeLibrary
WaitForSingleObject
WideCharToMultiByte
SetFilePointer
WriteFile
CreateFileA
GetFileSize
DeleteFileA
LocalFree
GetModuleHandleA
CreateProcessA
GetProcessHeap
HeapAlloc
HeapFree
LoadLibraryA
GetLastError
QueryPerformanceCounter
QueryPerformanceFrequency
GetTickCount
lstrcpynA
lstrcpyA
lstrlenA
VirtualProtect
InterlockedExchange
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
SetEvent
CreateMutexA
GetCurrentProcessId
IsBadReadPtr

user32

SetCursor
EndDialog
SetWindowTextW
SetDlgItemTextW
GetWindowLongW
SetWindowLongW
EnableWindow
ShowWindow
GetDesktopWindow
wsprintfA
CharUpperBuffA
PeekMessageA
TranslateMessage
CopyRect
OffsetRect
SetWindowPos
DrawTextW
wsprintfW
SendMessageW
GetWindowTextW
DialogBoxParamW
ClientToScreen
GetDlgItem
GetWindowRect
PtInRect
LoadCursorW
DispatchMessageA
LoadStringA

gdi32

SetTextColor
GetObjectW
CreateFontIndirectW
SelectObject

shell32

ShellExecuteW

oasis

?FreeOasisLibrary@oasis@@YAXXZ
?LoadOasisLibrary@oasis@@YAXXZ

mint

?Log@CVirtualMachine@mint@@QAAXPB_WZZ
??0mint_init_desc@mint@@QAE@XZ
?StartUp@MINT@mint@@SAXABUmint_init_desc@2@@Z
?GetInstance@?$TSingleton@VCVirtualMachine@mint@@@esl@@SAAAVCVirtualMachine@mint@@XZ
?LoadMintLibrary@MINT@mint@@SAXXZ
?FreeMintLibrary@MINT@mint@@SAXXZ
?SetRunningMode@CVirtualMachine@mint@@QAEXW4ESide@mint_constant@2@@Z

esl

?Instance@CLogger@esl@@SAAAV12@XZ
?WriteLogV@CLogger@esl@@QAA_NKPB_WZZ
??0CFormatter@esl@@QAE@XZ
??RCFormatter@esl@@QAEAAV01@ABV?$CStringT@_WVunicode_string_trait@esl@@Vunicode_string_implement@2@@1@@Z
??6CFormatter@esl@@QAEAAV01@ABV?$CStringT@_WVunicode_string_trait@esl@@Vunicode_string_implement@2@@1@@Z
?__copy_memory@etc@esl@@YAXPAXPBXI@Z
??0SingletonMgr@esl@@QAE@XZ
?Register@SingletonMgr@esl@@QAEXPAVIAllocator@12@@Z
??0IAllocator@SingletonMgr@esl@@QAE@XZ
??1IAllocator@SingletonMgr@esl@@UAE@XZ
?UnregisterAll@SingletonMgr@esl@@QAEXXZ
?AssertRaiseException@CAssert@esl@@SAXPB_W00K@Z
?GetModuleDirectory@CFileSystem@esl@@QBE?BV?$CStringT@_WVunicode_string_trait@esl@@Vunicode_string_implement@2@@2@XZ
?GetDirectory@CFileSystem@esl@@SA?BV?$CStringT@_WVunicode_string_trait@esl@@Vunicode_string_implement@2@@2@XZ
?SetHandleInformation@win32@esl@@YA_NPAXKK@Z
?CreateMutex@win32@esl@@YAPAXPAUSSecurityAttributes@12@_NPB_W@Z
?GetWindowsType@COSInfo@esl@@QBE?BW4EOS@12@XZ
?WaitForSingleObject@win32@esl@@YAKPAXK@Z
??1SingletonMgr@esl@@QAE@XZ
??0debug_stack_trace@esl@@QAE@XZ
?__debug_out@etc@esl@@YAXPB_WZZ
?WriteToFile@CRuntimeLog@esl@@QAEXPB_W@Z
?g_cRuntimeLogBlock@esl@@3PAEA
?GetInstructionPointer@SEH@esl@@YAKXZ
??1?$CStringT@_WVunicode_string_trait@esl@@Vunicode_string_implement@2@@esl@@QAE@XZ
?GetSafeContent@?$CStringT@_WVunicode_string_trait@esl@@Vunicode_string_implement@2@@esl@@QBEPB_WXZ
?g_bAfterAssertTerminate@@3_NA
?__send_to_clipboard@etc@esl@@YA_NPB_W@Z
?GetSymbolNameAndSourceFileInfo@CDebugEngine@esl@@QAE_N_KPA_WKAAK1K22AA_N@Z
?GetModuleName@CDebugEngine@esl@@QAEK_KPA_WPAPA_WK@Z
?GetMachineType@CDebugEngine@esl@@QAE?BKXZ
?__zero_memory@etc@esl@@YAXPAXI@Z
?IsNT@COSInfo@esl@@QBE?B_NXZ
?GetWindowsServicePackName@COSInfo@esl@@QBEPB_WXZ
?GetWindowsName@COSInfo@esl@@QBEPB_WXZ
?g_cOSBlock@esl@@3PAEA
?GetFaultReason@CDebugEngine@esl@@QAEPB_WPAU_EXCEPTION_POINTERS@@@Z
?Unlock@CDebugEngine@esl@@QAEXXZ
?IsInitialized@CDebugEngine@esl@@QBE_NXZ
?Lock@CDebugEngine@esl@@QAEXXZ
?g_cDebugEngineBlock@esl@@3PAEA
??1CMTokenizerW@esl@@QAE@XZ
?GetInteger@?$CStringT@_WVunicode_string_trait@esl@@Vunicode_string_implement@2@@esl@@QBEJXZ
?CompareNoCase@?$CStringT@_WVunicode_string_trait@esl@@Vunicode_string_implement@2@@esl@@QBEJABV12@@Z
?Mid@?$CStringT@_WVunicode_string_trait@esl@@Vunicode_string_implement@2@@esl@@QBE?BV12@KK@Z
?Left@?$CStringT@_WVunicode_string_trait@esl@@Vunicode_string_implement@2@@esl@@QBE?BV12@K@Z
?Find@?$CStringT@_WVunicode_string_trait@esl@@Vunicode_string_implement@2@@esl@@QBEKABV12@K@Z
??0?$CStringT@_WVunicode_string_trait@esl@@Vunicode_string_implement@2@@esl@@QAE@PB_W@Z
??4?$CStringT@_WVunicode_string_trait@esl@@Vunicode_string_implement@2@@esl@@QAEAAV01@ABV01@@Z
?GetNext@CMTokenizerW@esl@@QAE_NAAV?$CStringT@_WVunicode_string_trait@esl@@Vunicode_string_implement@2@@2@@Z
?AddPunctuator@CMTokenizerW@esl@@QAEX_W@Z
??0?$CStringT@_WVunicode_string_trait@esl@@Vunicode_string_implement@2@@esl@@QAE@XZ
??0CMTokenizerW@esl@@QAE@PB_W_N@Z
?__strcpy@etc@esl@@YAPA_WPA_WKPB_W@Z
?GetLength@?$CStringT@_WVunicode_string_trait@esl@@Vunicode_string_implement@2@@esl@@QBEKXZ
?CreateDirectory@win32@esl@@YA_NPB_WPAUSSecurityAttributes@12@@Z
??Y?$CStringT@_WVunicode_string_trait@esl@@Vunicode_string_implement@2@@esl@@QAEAAV01@PB_W@Z
?SHGetSpecialFolderPath@win32@esl@@YA_NPAUHWND__@@PA_WKH_N@Z
?GetDesktopWindow@win32@esl@@YAPAUHWND__@@XZ
?GetId@CCulturalInformation@esl@@QAE?AW4ECulturalInformationId@esl_constant@2@XZ
?g_cCulturalInformationBlock@esl@@3PAEA
??Y?$CStringT@_WVunicode_string_trait@esl@@Vunicode_string_implement@2@@esl@@QAEAAV01@ABV01@@Z
?MessageBox@win32@esl@@YAHPAUHWND__@@PB_W1I@Z
?Format@?$CStringT@_WVunicode_string_trait@esl@@Vunicode_string_implement@2@@esl@@QAAAAV12@PB_WZZ
?GetLastError@win32@esl@@YAKXZ
?CreateProcess@win32@esl@@YA_NPB_WPA_WPAUSSecurityAttributes@12@2_NKPAX0PAU_WIN32_STARTUPINFOW@@PAU_WIN32_PROCESS_INFORMATION@@@Z
?MoveFile@win32@esl@@YA_NPB_W0@Z
?DeleteFile@win32@esl@@YA_NPB_W@Z
?SetFileAttributes@win32@esl@@YA_NPB_WK@Z
?Sleep@win32@esl@@YAXK@Z
?FindFirstFile@win32@esl@@YAPAXPB_WPAU_WIN32_FIND_DATAW@@@Z
?GetLongPathName@win32@esl@@YAKPB_WPA_WK@Z
?GetModuleFileName@win32@esl@@YAKPAUHINSTANCE__@@PA_WK@Z
?RegCloseKey@win32@esl@@YAJPAUHKEY__@@@Z
?RegEnumValue@win32@esl@@YA_NPAUHKEY__@@KPA_WPAK22PAE2@Z
?RegQueryInfoKey@win32@esl@@YAJPAUHKEY__@@PA_WPAK22222222PAUSFileTime@2@@Z
?RegOpenKeyEx@win32@esl@@YAJPAUHKEY__@@PB_WKKPAPAU3@@Z
?RegDeleteValue@win32@esl@@YAJPAUHKEY__@@PB_W@Z
?RaiseException@SEH@esl@@YAXKW4ERaiseFlag@12@KZZ
?MountAllPackageFilesImmediate@CFileSystem@esl@@QAEXABV?$CStringT@_WVunicode_string_trait@esl@@Vunicode_string_implement@2@@2@0@Z
?g_cFileSystemBlock@esl@@3PAEA
?CleanUp@ESL@esl@@SAXXZ
?GetCurrentThreadId@win32@esl@@YAKXZ
??0?$CStringT@_WVunicode_string_trait@esl@@Vunicode_string_implement@2@@esl@@QAE@ABV01@@Z
?strcmp@unicode_string_trait@esl@@SAJPB_W0@Z
?GetContent@?$CStringT@_WVunicode_string_trait@esl@@Vunicode_string_implement@2@@esl@@QBEPB_WXZ
?SetUnhandledExceptionHandler@CDebugEngine@esl@@QAE_NP6GJPAU_EXCEPTION_POINTERS@@@Z@Z
?assert_set_cleanup@esl@@YAXP6AXXZ@Z
?StartUpForCurrentThread@CSimpleProfiler@esl@@QAE_NXZ
?g_cSimpleProfilerBlock@esl@@3PAEA
??4?$CStringT@_WVunicode_string_trait@esl@@Vunicode_string_implement@2@@esl@@QAEAAV01@PB_W@Z
?ShellExecute@win32@esl@@YAPAUHINSTANCE__@@PAUHWND__@@PB_W111J@Z
?GetCurrentProcessId@win32@esl@@YAKXZ
?CloseHandle@win32@esl@@YA_NPAX@Z
?WriteFile@win32@esl@@YA_NPAXPBXKPAKPAU_OVERLAPPED@@@Z
?CreateFile@win32@esl@@YAPAXPB_WKKPAUSSecurityAttributes@12@KKPAX@Z
?LockResource@win32@esl@@YAPAXPAX@Z
?SizeofResource@win32@esl@@YAKPAUHINSTANCE__@@PAUHRSRC__@@@Z
?LoadResource@win32@esl@@YAPAXPAUHINSTANCE__@@PAUHRSRC__@@@Z
?FindResource@win32@esl@@YAPAUHRSRC__@@PAUHINSTANCE__@@PB_W1@Z
?GetTempPath@win32@esl@@YAKKPA_W@Z
?TerminateProcess@win32@esl@@YA_NPAXI@Z
?GetCurrentProcess@win32@esl@@YAPAXXZ
?Log@CRuntimeLog@esl@@SAXPB_WK0ZZ
?__time@etc@esl@@YAKXZ
?CopyFile@win32@esl@@YA_NPB_W0_N@Z
?GetFileAttributes@win32@esl@@YAKPB_W@Z
?Right@?$CStringT@_WVunicode_string_trait@esl@@Vunicode_string_implement@2@@esl@@QBE?BV12@K@Z
??H?$CStringT@_WVunicode_string_trait@esl@@Vunicode_string_implement@2@@esl@@QBE?BV01@ABV01@@Z
?Restart@CMTokenizerW@esl@@QAEXXZ
?SetString@CMTokenizerW@esl@@QAEXPB_W_N@Z
?Trim@?$CStringT@_WVunicode_string_trait@esl@@Vunicode_string_implement@2@@esl@@QAEAAV12@XZ
?__load_as_string_immediate@etc@esl@@YA?BV?$CStringT@_WVunicode_string_trait@esl@@Vunicode_string_implement@2@@2@ABV32@@Z
??0CMTokenizerW@esl@@QAE@XZ
?CheckExistance@CFile@esl@@SA?B_NABV?$CStringT@_WVunicode_string_trait@esl@@Vunicode_string_implement@2@@2@@Z
??H?$CStringT@_WVunicode_string_trait@esl@@Vunicode_string_implement@2@@esl@@QBE?BV01@PB_W@Z
?GetStartingDirectory@CFileSystem@esl@@QBE?BV?$CStringT@_WVunicode_string_trait@esl@@Vunicode_string_implement@2@@2@XZ
?CleanUp@CNamedTableMgr@esl@@QAEXXZ
?StartUp@CNamedTableMgr@esl@@QAEXABV?$CStringT@_WVunicode_string_trait@esl@@Vunicode_string_implement@2@@2@@Z
?g_cNamedTableMgrBlock@esl@@3PAEA
??1string_vector_w@esl@@QAE@XZ
?FindFileImmediate@CFileSystem@esl@@QAEKABV?$CStringT@_WVunicode_string_trait@esl@@Vunicode_string_implement@2@@2@0_NAAVstring_vector_w@2@@Z
??0string_vector_w@esl@@QAE@XZ
?IsDebuggerPresent@win32@esl@@YA_NXZ
?Start@CRuntimeLog@esl@@QAEXXZ
?StartUp@ESL@esl@@SAXABUesl_init_desc@2@@Z
??0esl_init_desc@esl@@QAE@XZ
?FreeString@CEncoding@esl@@SAXPA_W@Z
?ConvertIntoUnicodeString@CEncoding@esl@@SAPA_WPBDW4ECodePageId@esl_constant@2@@Z
??1CFormatter@esl@@QAE@XZ
??BCFormatter@esl@@QBE?AV?$CStringT@_WVunicode_string_trait@esl@@Vunicode_string_implement@2@@1@XZ
?GetCodePageId@CCulturalInformation@esl@@SA?AW4ECodePageId@esl_constant@2@XZ
?Replace@?$CStringT@_WVunicode_string_trait@esl@@Vunicode_string_implement@2@@esl@@QAEAAV12@ABV12@0@Z
?FreeImmediate@CFileSystem@esl@@QAEXPBE@Z
?LoadImmediate@CFileSystem@esl@@QAEPBEABV?$CStringT@_WVunicode_string_trait@esl@@Vunicode_string_implement@2@@2@AAKPAUfile_desc@2@@Z
?GetLanguageId@CCulturalInformation@esl@@QAE?AW4ELanguageId@esl_constant@2@XZ
?RegQueryValueEx@win32@esl@@YAJPAUHKEY__@@PB_WPAK2PAE2@Z

pleione

?ForceToSetForegroundWindow@CGlobalConsole@pleione@@QAEXXZ
?s_pInstanceBlock@?$TSingleton@VCAccount@pleione@@@esl@@0PAEA
?Dispose@CCSAuthModule@pleione@@SAXXZ
?MsgProc@pleione@@YAJPAUHWND__@@IIJ@Z
?LoadPleioneCoreLibrary@pleione@@YAXXZ
?LoadPleioneInterfaceLibrary@pleione@@YAXXZ
?LoadPleioneWorldLibrary@pleione@@YAXXZ
?FreePleioneWorldLibrary@pleione@@YAXXZ
?FreePleioneInterfaceLibrary@pleione@@YAXXZ
?FreePleioneCoreLibrary@pleione@@YAXXZ
?End@CPleione@pleione@@QAEXXZ
?s_pInstanceBlock@?$TSingleton@VCPleione@pleione@@@esl@@0PAEA
?Run@CPleione@pleione@@QAEHXZ
?PreLoadResources@CPleione@pleione@@QAEXXZ
?CreateLoginController@CAccount@pleione@@QAEXXZ
?CreateTeaserController@CAccount@pleione@@QAEXXZ
?CreateIntroController@CAccount@pleione@@QAEXXZ
?PrepareUIBuilderMode@CPleione@pleione@@QAEXXZ
?CreateUIBuildController@CAccount@pleione@@QAEXXZ
?Create@CGlobalConsole@pleione@@QAE?AW4EDeviceCreateError@pleione_constant@2@PAUrenderer_create@2@@Z
?CreateMainWindow@CGlobalConsole@pleione@@QAE_NPAUrenderer_create@2@ABV?$CStringT@_WVunicode_string_trait@esl@@Vunicode_string_implement@2@@esl@@@Z
?ReadVerticalSync@CGameOptionMgr@pleione@@QAE_NXZ
?ReadShadowQuality@CGameOptionMgr@pleione@@QAE?AW4EShadow@pleione_constant@2@XZ
?ReadWindowMode@CGameOptionMgr@pleione@@QAE_NXZ
?ReadFSAAQuality@CGameOptionMgr@pleione@@QAEKXZ
?ReadFSAA@CGameOptionMgr@pleione@@QAE?AW4EFSAA@pleione_constant@2@XZ
?ReadColorDepth@CGameOptionMgr@pleione@@QAE?AW4EColorDepth@pleione_constant@2@XZ
?ReadResolution@CGameOptionMgr@pleione@@QAE?AW4EResolution@pleione_constant@2@XZ
?IsUIBuilderMode@CPleione@pleione@@QBE_NXZ
?SetBuildNo@CPleione@pleione@@QAEXK@Z
?StartUp@CGlobalConsole@pleione@@QAE_NPAUHINSTANCE__@@0P6GJPAUHWND__@@IIJ@ZKKJ@Z
?StartUp@CPleione@pleione@@QAE_NPAUHINSTANCE__@@0ABV?$CStringT@_WVunicode_string_trait@esl@@Vunicode_string_implement@2@@esl@@11_N2@Z
?CleanUp@CUrlMgr@pleione@@QAEXXZ
?EnableImproveBackgroundLoading@CPleione@pleione@@QAEX_N@Z
?StartUp@CUrlMgr@pleione@@QAEXABV?$CStringT@_WVunicode_string_trait@esl@@Vunicode_string_implement@2@@esl@@@Z
?ReadyCommonAPI@CPleione@pleione@@QAEXXZ
?GetBugReportPage@CUrlMgr@pleione@@QBE?AV?$CStringT@_WVunicode_string_trait@esl@@Vunicode_string_implement@2@@esl@@XZ
?GetSelfDiagnosisPage@CUrlMgr@pleione@@QBE?AV?$CStringT@_WVunicode_string_trait@esl@@Vunicode_string_implement@2@@esl@@XZ
?WriteShadowQuality@CGameOptionMgr@pleione@@QAEXW4EShadow@pleione_constant@2@@Z
?WriteResolution@CGameOptionMgr@pleione@@QAEXW4EResolution@pleione_constant@2@@Z
?WriteFSAAQuality@CGameOptionMgr@pleione@@QAEXK@Z
?WriteFSAA@CGameOptionMgr@pleione@@QAEXW4EFSAA@pleione_constant@2@@Z
?WriteWindowMode@CGameOptionMgr@pleione@@QAEX_N@Z
?WriteColorDepth@CGameOptionMgr@pleione@@QAEXW4EColorDepth@pleione_constant@2@@Z
?ReadDithering@CGameOptionMgr@pleione@@QAE_NXZ
?ReadOutline@CGameOptionMgr@pleione@@QAE_NXZ
?ReadAlphaFog@CGameOptionMgr@pleione@@QAE_NXZ
?ReadWholeEffect@CGameOptionMgr@pleione@@QAE_NXZ

standard

?StartUp@CFeatureMatrix@core@@QAEXXZ
?LoadFromArgument@CFeatureMatrix@core@@QAEXABV?$CStringT@_WVunicode_string_trait@esl@@Vunicode_string_implement@2@@esl@@@Z
?stdapi_IsEnableClientLoadingOptimize@core@@YA_NXZ
?Instance@CLocalizer@core@@SAAAV12@XZ
?StartUp@CLocalizer@core@@QAE_NABV?$CStringT@_WVunicode_string_trait@esl@@Vunicode_string_implement@2@@esl@@@Z
?AddExceptionDir@CLocalizer@core@@QAEXABV?$CStringT@_WVunicode_string_trait@esl@@Vunicode_string_implement@2@@esl@@@Z
?GetLocalText@CLocalizer@core@@QBE?AVCFormatter@esl@@ABV?$CStringT@_WVunicode_string_trait@esl@@Vunicode_string_implement@2@@4@@Z
?GetSeason@CFeatureMatrix@core@@QBE?BKXZ
?GetGeneration@CFeatureMatrix@core@@QBE?BKXZ
?StartUpClient@CLocalizer@core@@QAE_NW4ECulturalInformationId@esl_constant@esl@@@Z
?StartUp@CLocalizer@core@@QAE_NW4ECulturalInformationId@esl_constant@esl@@@Z
?CleanUp@CFeatureMatrix@core@@QAEXXZ
?IsEnable@CFeatureMatrix@core@@QBE_NW4_EGameFeature@2@@Z
?SetDefaultMode@ITEvent@core@@SAXW4EMode@12@@Z
?FreeStandardLibrary@core@@YAXXZ
?LoadStandardLibrary@core@@YAXXZ
?GetInstance@?$TSingleton@VCFeatureMatrix@core@@@esl@@SAAAVCFeatureMatrix@core@@XZ
?GetLocale@CFeatureMatrix@core@@QBE?BW4ECulturalInformationId@esl_constant@esl@@XZ

renderer2

?DXVersion@CD3D@pleione@@QAEAAUSVersion@12@XZ
?IsInitialized@CD3D@pleione@@QAE_NXZ
?ModeEnumerator@CD3D@pleione@@QAEAAVCD3DModeEnumerator@2@XZ
?GetAdapter@CD3DModeEnumerator@pleione@@QAEPAVCD3DAdapter@2@K@Z
?GetDriverVersionLowerPart@CD3DAdapter@pleione@@QBEKXZ
?GetDriverVersionHigherPart@CD3DAdapter@pleione@@QBEKXZ
?GetDeviceId@CD3DAdapter@pleione@@QBEKXZ
?GetVendorId@CD3DAdapter@pleione@@QBEKXZ
?GetRawName@CD3DAdapter@pleione@@QBEPBDXZ
?LoadPleioneRendererLibrary@pleione@@YAXXZ
?FreePleioneRendererLibrary@pleione@@YAXXZ
??0renderer_create@pleione@@QAE@XZ
?LoadFontBitmapImmediate@CRenderer@pleione@@QAE_NW4ECulturalInformationId@esl_constant@esl@@ABV?$CStringT@_WVunicode_string_trait@esl@@Vunicode_string_implement@2@@5@1ABU?$_point@K@5@@Z
?s_pInstanceBlock@?$TSingleton@VCRenderer@pleione@@@esl@@0PAEA
?g_cD3DBlock@pleione@@3PAEA
?StartUp@CD3D@pleione@@QAE_NXZ
?EnableHangul@CRenderer@pleione@@QAEX_N@Z
?SetTextOptionDefaultValueHandler@CRenderer@pleione@@QAEXP6AXAAUtext_option@2@@Z@Z
?EnableDithering@CRenderer@pleione@@QAEX_N@Z
?EnableOutlineRendering@CRenderer@pleione@@QAE_N_N@Z
?EnableAlphaFog@CRenderer@pleione@@QAE_N_N@Z
?EnablePostEffect@CRenderer@pleione@@QAEX_N@Z
?Device@CRenderer@pleione@@QAEAAVCDevice@2@XZ
?Enable@CGlowRenderer@pleione@@QAEX_N@Z

ws2_32

WSAStartup
WSACleanup

exl

??1exl_init_desc@esl@@QAE@XZ
?_get_CEmbeddedBrowserMgr@@YAPAVCEmbeddedBrowserMgr@@XZ
?StartUp@EXL@esl@@SAXABUexl_init_desc@2@@Z
??0exl_init_desc@esl@@QAE@XZ
?SetIgnoreGlobalAdvance@CFreeTypeFont@esl@@QAEX_N@Z
?SetBoldSize@CFreeTypeFont@esl@@QAEXK@Z
?SetEmbolden@CFreeTypeFont@esl@@QAEX_N@Z
?GetFont@CFreeType@esl@@QAEAAVCFreeTypeFont@2@PBDK@Z
?SetFontAscendingBias@CFreeType@esl@@QAE_NPBDKJ@Z
?LoadFontFromMemory@CFreeType@esl@@QAE_NPBDPBEKK_N@Z
?g_cFreeTypeBlock@esl@@3PAEA
?StartUp@CEmbeddedBrowserMgr@@QAEXXZ

msvcp90

?set_new_handler@std@@YAP6AXXZP6AXXZ@Z

msvcr90

exit
_XcptFilter
_exit
_cexit
__wgetmainargs
_amsg_exit
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
?terminate@@YAXXZ
_except_handler4_common
??0exception@std@@QAE@XZ
strncpy_s
_mbspbrk
_strnicmp
_mbsstr
_mbschr
calloc
sprintf
strcat
atol
strncmp
atoi
__CxxFrameHandler
_mbsrchr
strtok
strcmp
strchr
malloc
free
strlen
_vsnprintf
_except_handler3
_wcmdln
strrchr
??_V@YAXPAX@Z
vswprintf_s
swscanf_s
_wtoi
memset
_vsnwprintf
_wcsicmp
wcscpy_s
wcstok_s
wcscmp
??0exception@std@@QAE@ABV01@@Z
_CxxThrowException
memcpy
??2@YAPAXI@Z
??1exception@std@@UAE@XZ
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABQBDH@Z
memmove
_local_unwind4
_initterm_e
_configthreadlocale
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_invoke_watson
_controlfp_s
_ltoa
srand
_initterm
cos
sin
_wcsdup
__CxxFrameHandler3
wcslen
??3@YAXPAX@Z

dbghelp

MiniDumpWriteDump
StackWalk
SymFunctionTableAccess
SymGetModuleBase

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

wininet

HttpOpenRequestA
HttpSendRequestA
InternetOpenA
InternetSetStatusCallback
InternetConnectA
InternetCloseHandle

winmm

timeGetTime

advapi32

RegCloseKey
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegEnumKeyExA
RegQueryInfoKeyA
RegDeleteKeyA
RegEnumValueA
RegQueryValueExA

Exports

Exports

??0?$TSingleton@VCIOCPNetwork@sahara2@@@esl@@QAE@ABV01@@Z
??0?$TSingleton@VCIOCPNetwork@sahara2@@@esl@@QAE@XZ
??1?$TSingleton@VCIOCPNetwork@sahara2@@@esl@@UAE@XZ
??4?$TSingleton@VCIOCPNetwork@sahara2@@@esl@@QAEAAV01@ABV01@@Z
??_7?$TSingleton@VCIOCPNetwork@sahara2@@@esl@@6B@
?GetInstance@?$TSingleton@VCIOCPNetwork@sahara2@@@esl@@SAAAVCIOCPNetwork@sahara2@@XZ
?GetInstancePtr@?$TSingleton@VCIOCPNetwork@sahara2@@@esl@@SAPAVCIOCPNetwork@sahara2@@XZ
?s_count@?$TSingleton@VCIOCPNetwork@sahara2@@@esl@@0KA
?s_pInstanceBlock@?$TSingleton@VCIOCPNetwork@sahara2@@@esl@@0PAEA

Sections

.text
Size: 109KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 324KB - Virtual size: 323KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Togepi/Togepi/HShield/3N.mhe
Togepi/Togepi/HShield/AhnRpt.exe
.exe windows:4 windows x86 arch:x86

15a0f1d644e443ffc57a495d97f7c764

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:1f:15:c8:b8:92:25:b9:bb:ff:e9:23:24:1a:6a:c4
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

06/10/2009, 00:00

Not After

06/10/2010, 23:59

Subject

CN=AhnLab\, Inc.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=AhnLab\, Inc.,L=Yeongdeungpo-gu\ ,ST=SEOUL,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

a6:b8:de:e6:38:35:e6:19:f7:02:11:b6:f8:05:2f:ad:4c:7d:41:6e
Signer

Actual PE Digest

a6:b8:de:e6:38:35:e6:19:f7:02:11:b6:f8:05:2f:ad:4c:7d:41:6e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
CreateFileA
GetFileSize
GetModuleFileNameA
GetTickCount
GetCurrentProcess
CopyFileA
ExitProcess
SetFileTime
GetTempPathA
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetWindowsDirectoryA

user32

ScreenToClient
GetWindowRect
CreateDialogParamA
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
EndDialog
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
ExitWindowsEx
DestroyWindow
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
RegisterClassA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
OpenClipboard
CharNextA
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 40KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/AhnRpt.exe
.exe windows:4 windows x86 arch:x86

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:1f:15:c8:b8:92:25:b9:bb:ff:e9:23:24:1a:6a:c4
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

06/10/2009, 00:00

Not After

06/10/2010, 23:59

Subject

CN=AhnLab\, Inc.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=AhnLab\, Inc.,L=Yeongdeungpo-gu\ ,ST=SEOUL,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

c2:79:bf:d6:68:e7:17:91:ae:50:e9:c1:fb:d3:b5:53:0e:d8:e8:ef
Signer

Actual PE Digest

c2:79:bf:d6:68:e7:17:91:ae:50:e9:c1:fb:d3:b5:53:0e:d8:e8:ef

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 728KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 342KB - Virtual size: 344KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
$PLUGINSDIR/PackAPI.dll
.dll windows:4 windows x86 arch:x86

9e1cb78c23287aaa2e1ad23f5c3cda3f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentProcess
GetProcAddress
GetModuleHandleA
GetVersionExA
lstrcmpA
lstrcmpiA
lstrcpynA
GlobalAlloc
GlobalFree
lstrcpyA
SetEnvironmentVariableA

Exports

Exports

CheckOS
IsWinOrLater
PreUnload
SetEnvStr

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 469B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 189B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Togepi/Togepi/HShield/AhnUpCtl.dll
.dll windows:4 windows x86 arch:x86

8085f207588e60ec09a5ff8065c39ac6

Code Sign

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

04/12/2003, 00:00

Not After

03/12/2008, 23:59

Subject

CN=VeriSign Time Stamping Services Signer,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

38:eb:81:eb:87:d1:bf:6b:d8:94:8a:76:60:e5:7d:f5
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

11/10/2006, 00:00

Not After

11/10/2007, 23:59

Subject

CN=AhnLab Inc.,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Information System Team,O=AhnLab Inc.,L=Yeongdeungpo-gu,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FreeLibrary
GetProcAddress
LoadLibraryA
GetDriveTypeA
GetWindowsDirectoryA
lstrcpynA
lstrcpyA
lstrcmpA
GetSystemDirectoryA
GetModuleHandleA
lstrcatA
lstrlenA
GetCurrentProcess
GetModuleFileNameA
FatalAppExitA
TlsAlloc
TerminateProcess
SetEndOfFile
GetFileAttributesA
SetFileAttributesA
GetUserDefaultLangID
GetDateFormatA
SetLastError
GetTimeFormatA
HeapFree
HeapAlloc
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetLastError
DeleteFileA
MoveFileA
GetCommandLineA
GetVersion
RtlUnwind
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
GetVersionExA
GetCPInfo
GetACP
GetOEMCP
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetLocaleInfoW
GetCurrentThreadId
TlsSetValue
CreateFileA
TlsFree
TlsGetValue
GetCurrentThread
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WriteFile
HeapSize
SetFilePointer
InterlockedDecrement
InterlockedIncrement
GetStringTypeA
GetStringTypeW
Sleep
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
SetStdHandle
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
SetConsoleCtrlHandler
ReadFile
FlushFileBuffers
CloseHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA

user32

wsprintfA

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA
RegOpenKeyA

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Exports

Exports

AhnUpCtl_GetInfo
AhnUpCtl_GetInfo2
AhnUpCtl_GetInstalledAndNeighborsPdList
AhnUpCtl_GetInstalledPdCount
AhnUpCtl_GetInstalledPdList
AhnUpCtl_GetMainFile
AhnUpCtl_GetPdList
AhnUpCtl_GetSection
AhnUpCtl_GetSubPdList
AhnUpCtl_GetText
AhnUpCtl_GetType

Sections

.text
Size: 88KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 992B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Togepi/Togepi/HShield/AhnUpGS.dll
.dll windows:4 windows x86 arch:x86

a1b0afbcdfe2aa38d83436e996e62637

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FileTimeToSystemTime
FileTimeToLocalFileTime
FreeLibrary
GetProcAddress
LoadLibraryA
LocalFree
OutputDebugStringA
LocalAlloc
GetLocalTime
lstrcpyA
lstrcatA
FormatMessageA
GetSystemInfo
GetModuleHandleA
GetVersionExA
GlobalMemoryStatus
GetComputerNameA
GetCurrentProcess
GetCurrentThread
GetDiskFreeSpaceA
GetVolumeInformationA
GetDriveTypeA
TlsAlloc
TlsFree
ReadFile
TlsGetValue
CompareStringW
CompareStringA
GetLocaleInfoW
WaitForSingleObject
SetConsoleCtrlHandler
GetFileSize
DeleteFileA
CopyFileA
CreateFileA
LocalFileTimeToFileTime
SetFileTime
CloseHandle
FindFirstFileA
FindNextFileA
FindClose
SetFileAttributesA
FlushFileBuffers
SetStdHandle
IsBadCodePtr
IsBadReadPtr
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
IsValidCodePage
IsValidLocale
GetStringTypeW
GetStringTypeA
GetTimeZoneInformation
SetFilePointer
GetEnvironmentStringsW
GetEnvironmentStrings
SetEnvironmentVariableA
FreeEnvironmentStringsW
FreeEnvironmentStringsA
SetEndOfFile
Sleep
RemoveDirectoryA
CreateDirectoryA
GetLastError
SetLastError
lstrlenA
lstrcpynA
TlsSetValue
GetModuleFileNameA
GetFileAttributesA
HeapFree
HeapAlloc
RtlUnwind
CreateThread
GetCurrentThreadId
ExitThread
InterlockedDecrement
InterlockedIncrement
RaiseException
GetCommandLineA
GetVersion
GetFullPathNameA
GetCurrentDirectoryA
SetCurrentDirectoryA
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
FatalAppExitA
TerminateProcess
HeapSize
UnhandledExceptionFilter
GetCPInfo
GetACP
GetOEMCP
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
WriteFile
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA

user32

wvsprintfA
wsprintfA
LoadStringA
GetSystemMetrics

advapi32

EqualSid
RegQueryValueExA
RegOpenKeyExA
GetTokenInformation
OpenProcessToken
OpenThreadToken
LookupAccountSidA
AllocateAndInitializeSid
RegCloseKey
FreeSid

v3inetgs

??1V3INetEx@@QAE@XZ
?GetFile@V3INetEx@@QAEKPAUINTERNET_CONNECT_INFO@@PAU__V3INETDATA__@@J@Z
?Close@V3INetEx@@QAEHXZ
?RegisterInterface@V3INetEx@@QAEHPAVAbsInterface@@@Z
?Initialize@V3INetEx@@QAEHXZ
??0V3INetEx@@QAE@XZ

v3hunt

V3Net_GetAt
V3Net_SetDestFullPath
V3Net_CloseHandle
V3Net_GetFileVersion
V3Net_IsFileEqual
V3Net_GetCount
V3Net_CompareFileInfo
V3Net_GetUpdateData2
V3Net_CompareFileInfo2
V3Net_GetFileTime

bz32ex

ord101

ahnupctl

AhnUpCtl_GetText
AhnUpCtl_GetInfo
AhnUpCtl_GetSection

aspinet

AIN_DownloadFile
AIN_OpenSessionIndirect
AIN_CloseSession

Exports

Exports

?DownloadFile@@YAJPBD00PAUUD_STATUS@@JPAXH@Z
?UpdateProgress@@YAHKKJ@Z
AhnUp_ClearPatchURL
AhnUp_DoIt
AhnUp_GetPatchPath
AhnUp_GetPatchURL
AhnUp_SetDefaultPatchURL
AhnUp_SetPatchURL

Sections

.text
Size: 116KB - Virtual size: 113KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Togepi/Togepi/HShield/AspINet.dll
.dll windows:4 windows x86 arch:x86

076e4ec6af98f1926de6363188b36815

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcmpA
LocalAlloc
GetVersion
CreateEventA
CloseHandle
SetEvent
WriteFile
SetEndOfFile
SetFilePointer
Sleep
GetFileSize
CreateFileA
WaitForSingleObject
OutputDebugStringA
InitializeCriticalSection
lstrlenA
GetLastError
SetLastError
LeaveCriticalSection
EnterCriticalSection
GetSystemDirectoryA
GetPrivateProfileStringA
GetPrivateProfileIntA
GetCurrentThreadId
GetCurrentProcessId
GetLocalTime
WideCharToMultiByte
GetModuleFileNameA
SetFileAttributesA
CreateDirectoryA
LocalFree
GetFullPathNameA
GetVolumeInformationA
lstrcpynA
FindFirstFileA
DeleteCriticalSection
FindClose

user32

CharUpperA

advapi32

InitializeSecurityDescriptor
RegOpenKeyA
RegQueryValueExA
RegCloseKey
RegOpenKeyExA
SetSecurityDescriptorDacl

wininet

InternetSetStatusCallback
InternetOpenUrlA
InternetReadFile
InternetSetOptionA
HttpQueryInfoA
InternetCloseHandle
InternetOpenA

msvcrt

_purecall
_adjust_fdiv
_initterm
_onexit
__dllonexit
_access
_mbsstr
_mbsrchr
_vsnwprintf
wcslen
_mbsinc
free
malloc
__CxxFrameHandler
??3@YAXPAX@Z
??2@YAPAXI@Z
_mbsicmp
_mbslwr
_vsnprintf

Exports

Exports

AIN_Cancel
AIN_CloseObject
AIN_CloseSession
AIN_DownloadFile
AIN_DownloadFiles
AIN_GetLastError
AIN_GetUserParam
AIN_OpenObject
AIN_OpenSession
AIN_OpenSessionIndirect
AIN_SetUserParam

Sections

.text
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Togepi/Togepi/HShield/BldInfo.ini
Togepi/Togepi/HShield/Bz32Ex.dll
.dll windows:4 windows x86 arch:x86

18a7e7e93efbc40f1a84deb884e477f7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

ungetc
_iob
fclose
fread
fopen
sprintf
strncpy
fwrite
free
exit
strncmp
strstr
signal
remove
fflush
strerror
_errno
fprintf
fgetc
perror
_stat
malloc
_pctype
__mb_cur_max
_isctype
getenv
_initterm
_adjust_fdiv
__dllonexit
_onexit
_isatty
_fileno
_setmode
_fdopen

Exports

Exports

Bz32Ex_FileCompress
Bz32Ex_FileExtract

Sections

.text
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 878B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Togepi/Togepi/HShield/EhSvc.dll
.dll windows:4 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:1f:15:c8:b8:92:25:b9:bb:ff:e9:23:24:1a:6a:c4
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

06/10/2009, 00:00

Not After

06/10/2010, 23:59

Subject

CN=AhnLab\, Inc.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=AhnLab\, Inc.,L=Yeongdeungpo-gu\ ,ST=SEOUL,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

4c:ac:03:bc:75:00:36:b9:b5:c2:22:65:45:f7:d7:ba:f2:32:f4:90
Signer

Actual PE Digest

4c:ac:03:bc:75:00:36:b9:b5:c2:22:65:45:f7:d7:ba:f2:32:f4:90

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Exports

Exports

1
10
12
13
14
15
16
17
18
19
2
20
21
22
23
24
25
26
27
3
4
5
6
7
8
9

Sections

Size: 436KB - Virtual size: 944KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 464KB - Virtual size: 676KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

kntegkbq
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

puotrqej
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Togepi/Togepi/HShield/HSInst.dll
.dll windows:4 windows x86 arch:x86

85f0a53320c617af19fda0768e3dfbbf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WriteFile
HeapFree
HeapAlloc
GetProcessHeap
GetProcAddress
GetVersionExA
MultiByteToWideChar
CompareStringW
CompareStringA
GetLocaleInfoW
GetTimeZoneInformation
FlushFileBuffers
SetStdHandle
GetModuleHandleA
lstrcpynA
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
IsValidCodePage
IsValidLocale
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
UnhandledExceptionFilter
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
GetModuleFileNameA
CreateFileA
SetFilePointer
ReadFile
CloseHandle
lstrcpyA
lstrcmpiA
lstrcmpA
FormatMessageA
SetConsoleCtrlHandler
LocalFree
IsBadWritePtr
VirtualAlloc
LoadLibraryA
lstrlenA
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetEnvironmentStringsW
GetEnvironmentStrings
RtlUnwind
GetCommandLineA
GetVersion
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
GetCurrentThread
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
FatalAppExitA
GetCPInfo
GetACP
GetOEMCP
Sleep
InterlockedDecrement
InterlockedIncrement
TerminateProcess
GetCurrentProcess
HeapReAlloc
HeapSize
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
SetEnvironmentVariableA

user32

GetWindowLongA
SendMessageA
SetWindowLongA
wsprintfA
LoadStringA
CopyImage
LoadImageA
SystemParametersInfoA
GetWindowRect
GetWindowPlacement
InvalidateRect
SetWindowTextA
DestroyWindow
IsWindow
CreateDialogParamA
ShowWindow
GetClientRect
GetSystemMetrics
SetWindowPos
CreateWindowExA

gdi32

BitBlt
GetObjectA
CreateCompatibleDC
DeleteObject
CreateFontA
SetTextColor
SetBkMode
SelectObject
GetStockObject
StretchBlt

oleaut32

OleLoadPicturePath

comctl32

ord17

winmm

timeGetTime

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

Sections

.text
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 92KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Togepi/Togepi/HShield/HSUpChk.log
Togepi/Togepi/HShield/HSUpdate.env
Togepi/Togepi/HShield/HSUpdate.exe
.exe windows:4 windows x86 arch:x86

77298e58656d2c6cb7857f6d71477242

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:1f:15:c8:b8:92:25:b9:bb:ff:e9:23:24:1a:6a:c4
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

06/10/2009, 00:00

Not After

06/10/2010, 23:59

Subject

CN=AhnLab\, Inc.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=AhnLab\, Inc.,L=Yeongdeungpo-gu\ ,ST=SEOUL,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

18:5e:8b:fd:0d:c9:a4:99:90:1e:a0:18:a0:51:49:72:f9:45:65:c7
Signer

Actual PE Digest

18:5e:8b:fd:0d:c9:a4:99:90:1e:a0:18:a0:51:49:72:f9:45:65:c7

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

kernel32

GetVersionExA
GetExitCodeThread
CreateThread
CreateEventA
Sleep
ReadFile
SetFilePointer
CreateFileA
GetModuleFileNameA
GetModuleHandleA
WriteFile
HeapFree
HeapAlloc
GetProcessHeap
GetVersion
GetCommandLineA
GetProcAddress
FreeLibrary
LoadLibraryA
OpenEventA
OutputDebugStringA
LocalAlloc
GetLocalTime
lstrcatA
GlobalMemoryStatus
GetComputerNameA
GetCurrentProcess
GetCurrentThread
GetSystemInfo
GetVolumeInformationA
GetDriveTypeA
FindFirstFileA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
CreateDirectoryA
SetEndOfFile
SetConsoleCtrlHandler
FlushFileBuffers
SetStdHandle
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
GetFileType
GetFullPathNameA
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
CreateMutexA
SetEvent
GetLastError
WaitForSingleObject
CloseHandle
GetTickCount
lstrcpyA
ExitThread
lstrcmpiA
lstrcmpA
FormatMessageA
LocalFree
lstrcpynA
lstrlenA
GetTimeZoneInformation
CompareStringA
CompareStringW
GetDiskFreeSpaceA
SetEnvironmentVariableA
SetCurrentDirectoryA
GetCurrentDirectoryA
RtlUnwind
ExitProcess
TerminateProcess
GetStartupInfoA
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
GetCPInfo
GetACP
GetOEMCP
HeapSize
UnhandledExceptionFilter
FreeEnvironmentStringsA

user32

GetSystemMetrics
wvsprintfA
GetWindowPlacement
GetClientRect
SystemParametersInfoA
CreateWindowExA
ShowWindow
SetWindowPos
GetParent
LoadIconA
LoadCursorA
RegisterClassA
PostQuitMessage
BeginPaint
EndPaint
DefWindowProcA
MessageBoxA
PeekMessageA
TranslateMessage
DispatchMessageA
wsprintfA
SendMessageA
LoadStringA
GetWindowRect

gdi32

GetStockObject

advapi32

EqualSid
FreeSid
LookupAccountSidA
OpenThreadToken
OpenProcessToken
GetTokenInformation
RegEnumValueA
RegDeleteKeyA
RegQueryInfoKeyA
RegEnumKeyExA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
AllocateAndInitializeSid

winmm

timeGetTime

Sections

.text
Size: 84KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Togepi/Togepi/HShield/HShield.dat
Togepi/Togepi/HShield/HsLogMgr.exe
.exe .js windows:4 windows x86 arch:x86 polyglot

0294ac99b287a173e802bd320b8a353a

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:1f:15:c8:b8:92:25:b9:bb:ff:e9:23:24:1a:6a:c4
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

06/10/2009, 00:00

Not After

06/10/2010, 23:59

Subject

CN=AhnLab\, Inc.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=AhnLab\, Inc.,L=Yeongdeungpo-gu\ ,ST=SEOUL,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

71:a6:b2:0e:19:22:a6:a1:9f:ea:3e:0a:6b:10:4c:85:b1:08:01:e7
Signer

Actual PE Digest

71:a6:b2:0e:19:22:a6:a1:9f:ea:3e:0a:6b:10:4c:85:b1:08:01:e7

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord5307
ord5289
ord5714
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord561
ord825
ord815
ord641
ord800
ord818
ord2514
ord2621
ord1134
ord5265
ord4376
ord4853
ord4998
ord4710
ord6052
ord4078
ord1775
ord4407
ord5241
ord2385
ord5163
ord4698
ord4353
ord5280
ord3798
ord4837
ord4441
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5261
ord2446
ord2124
ord5277
ord4627
ord4425
ord3597
ord324
ord4234
ord1146
ord1168
ord567
ord540
ord2863
ord2379
ord755
ord470
ord1200
ord2818
ord6453
ord2486
ord2623
ord860
ord3237
ord3005
ord2135
ord6215
ord4299
ord823
ord4079
ord2725
ord5302
ord5300
ord3346
ord2396
ord5199
ord1089
ord3922
ord5731
ord2512
ord2554
ord4486
ord6375
ord4274
ord6374
ord4673
ord1576

msvcrt

_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
_acmdln
exit
_XcptFilter
_exit
_onexit
__dllonexit
malloc
free
_mbsrchr
atol
__p___argc
__p___argv
strchr
_vsnprintf
_except_handler3
strstr
__CxxFrameHandler
_setmbcp
__getmainargs

kernel32

GetModuleFileNameA
CreateProcessA
GetLastError
WritePrivateProfileStringA
CreateMutexA
CloseHandle
GetSystemDefaultLangID
MultiByteToWideChar
lstrlenA
GetVersionExA
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
GetModuleHandleA
GetStartupInfoA
GetCommandLineA

user32

DrawIcon
GetClientRect
GetSystemMetrics
GetSystemMenu
PostMessageA
GetWindowRect
SendMessageA
PostQuitMessage
IsIconic
EnableWindow
LoadIconA

oleaut32

VariantClear
SysAllocString

Sections

.text
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Togepi/Togepi/HShield/V3Hunt.dll
.dll windows:4 windows x86 arch:x86

194cb1796f8034dcf928114d34af3dca

Code Sign

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

04/12/2003, 00:00

Not After

03/12/2008, 23:59

Subject

CN=VeriSign Time Stamping Services Signer,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

38:eb:81:eb:87:d1:bf:6b:d8:94:8a:76:60:e5:7d:f5
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

11/10/2006, 00:00

Not After

11/10/2007, 23:59

Subject

CN=AhnLab Inc.,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Information System Team,O=AhnLab Inc.,L=Yeongdeungpo-gu,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateFileA
lstrcatA
lstrlenA
GetFileSize
ReadFile
lstrcpyA
GetLastError
lstrcmpiA
SetLastError
WaitNamedPipeA
WriteFile
CopyFileA
SetNamedPipeHandleState
CloseHandle
SetEndOfFile
FreeLibrary
GetProcAddress
LoadLibraryA
CallNamedPipeA
TlsAlloc
TlsFree
LocalFree
TlsSetValue
LocalAlloc
TlsGetValue
lstrcpynA
DeleteFileA
SetFileTime
GetComputerNameA
GetFileTime
FileTimeToSystemTime
GetCurrentProcessId
OutputDebugStringA
LocalFileTimeToFileTime
SystemTimeToFileTime
GetWindowsDirectoryA
GetSystemDirectoryA
GetModuleHandleA
GetCurrentProcess
SetFilePointer
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
GetShortPathNameA
MoveFileExA
CreateDirectoryA
RemoveDirectoryA
FindClose
FindNextFileA
SetFileAttributesA
FindFirstFileA
FormatMessageA
HeapFree
HeapAlloc
GetModuleFileNameA
GetCommandLineA
FileTimeToLocalFileTime
GetDriveTypeA
GetLocalTime
GetFileType
lstrcmpA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
FatalAppExitA
RtlUnwind
TerminateProcess
HeapSize
GetCurrentThreadId
GetCurrentThread
SetHandleCount
GetStdHandle
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetCPInfo
GetACP
GetOEMCP
GetFullPathNameA
GetCurrentDirectoryA
SetCurrentDirectoryA
MultiByteToWideChar
LCMapStringA
LCMapStringW
SetStdHandle
Sleep
InterlockedDecrement
InterlockedIncrement
GetStringTypeA
GetStringTypeW
UnhandledExceptionFilter
FlushFileBuffers
GetTimeZoneInformation
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetVersion
GetEnvironmentVariableA

user32

LoadStringA
IsCharAlphaA
CharLowerA
wsprintfA
CharNextA

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Exports

Exports

V3Net_AddArray
V3Net_CheckFileCRC
V3Net_CloseHandle
V3Net_CompareFileInfo
V3Net_CompareFileInfo2
V3Net_CompareFileVersion2
V3Net_GetAt
V3Net_GetCount
V3Net_GetEngineDate
V3Net_GetFileCRC
V3Net_GetFileTime
V3Net_GetFileVersion
V3Net_GetLastErrorMessage
V3Net_GetUpdateCfg
V3Net_GetUpdateData
V3Net_GetUpdateData2
V3Net_IsFileEqual
V3Net_IsFileEqual2
V3Net_IsFileValid
V3Net_RemoveAt
V3Net_RemoveFileCRC
V3Net_SetAt
V3Net_SetDestFullPath
V3Net_UpdateFromFolder
V3Net_UpdateFromNT
V3Net_WriteFileCRC

Sections

.text
Size: 84KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Togepi/Togepi/HShield/V3InetGS.dll
.dll windows:4 windows x86 arch:x86

832be30bf9c941826763ff0640d5f430

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetEvent
WaitForSingleObject
DeleteFileA
Sleep
LocalFree
OutputDebugStringA
LocalAlloc
lstrcpyA
CloseHandle
CreateEventA
ResetEvent
GetLastError
FormatMessageA
GetModuleFileNameA
lstrlenA
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection

user32

wsprintfA
wvsprintfA

wininet

InternetOpenUrlA
HttpQueryInfoA
InternetOpenA
FtpGetFileA
InternetReadFile
InternetQueryDataAvailable
InternetCloseHandle
InternetConnectA
InternetGetLastResponseInfoA
InternetReadFileExA
InternetSetStatusCallback
FtpOpenFileA

msvcrt

strchr
_stat
_stricmp
_adjust_fdiv
_initterm
__CxxFrameHandler
??2@YAPAXI@Z
malloc
_strdate
_strtime
sprintf
free
fopen
fwrite
_purecall
??3@YAXPAX@Z
strncpy
_except_handler3
fclose

Exports

Exports

??0V3INetEx@@QAE@XZ
??1V3INetEx@@QAE@XZ
??4V3INetEx@@QAEAAV0@ABV0@@Z
?Cancel@V3INetEx@@QAEHXZ
?Close@V3INetEx@@QAEHXZ
?GetFile@V3INetEx@@QAEKPAUINTERNET_CONNECT_INFO@@PAU__V3INETDATA__@@J@Z
?Initialize@V3INetEx@@QAEHXZ
?RegisterInterface@V3INetEx@@QAEHPAVAbsInterface@@@Z
?fnV3INetEx@@YAHXZ
?nV3INetEx@@3HA

Sections

.text
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Togepi/Togepi/HShield/ahnrpt.ini
Togepi/Togepi/HShield/asc/0asc.scd
Togepi/Togepi/HShield/asc/0sccure.scd
Togepi/Togepi/HShield/asc/0sgame.scd
Togepi/Togepi/HShield/asc/0spe3f.scd
Togepi/Togepi/HShield/asc/asc_com.dll
.dll windows:4 windows x86 arch:x86

f78c8b1699433b545368201a890e8f57

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:1f:15:c8:b8:92:25:b9:bb:ff:e9:23:24:1a:6a:c4
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

06/10/2009, 00:00

Not After

06/10/2010, 23:59

Subject

CN=AhnLab\, Inc.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=AhnLab\, Inc.,L=Yeongdeungpo-gu\ ,ST=SEOUL,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

f3:30:16:0a:2b:c8:3c:89:f7:c5:ef:4b:1b:b1:b8:b0:ce:c1:61:d3
Signer

Actual PE Digest

f3:30:16:0a:2b:c8:3c:89:f7:c5:ef:4b:1b:b1:b8:b0:ce:c1:61:d3

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetFullPathNameA
GetFullPathNameW
GetLastError
CreateFileA
GetVersionExA
CloseHandle
ReadFile
WriteFile
SetFilePointer
GetFileSize
SetEndOfFile
GetFileType
DeleteFileA
MoveFileA
SetFileAttributesA
GetFileAttributesA
FindClose
FindFirstFileA
SetFileTime
GetCurrentDirectoryA
SetCurrentDirectoryA
GetCurrentThreadId
GetTempPathA
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
MultiByteToWideChar
WideCharToMultiByte
DisableThreadLibraryCalls

msvcrt

_iob
fopen
_vsnwprintf
_vsnprintf
fwrite
fflush
fprintf
fseek
sprintf
fclose
atoi
_ultoa
memset
_rotl
_rotr
wcscpy
wcsncpy
wcscat
wcsncat
wcscmp
wcsncmp
wcschr
wcsrchr
wcslen
wcsspn
wcspbrk
wcsstr
wcstoul
strcpy
strncpy
strcat
strncat
strcmp
strncmp
strchr
strrchr
strlen
strspn
strcspn
strpbrk
memcpy
memmove
memcmp
strstr
memchr
strtoul
malloc
free
_initterm
_adjust_fdiv
__dllonexit
_onexit
ftell
_wcsnicmp
_strnicmp
_stricmp

Exports

Exports

GetExPluginSpec
GetExportSpec
GetImPluginSpec
GetImportSpec
GetModuleId
GetModuleVersion
MMApplyUpdate
MMFinalize
MMFiniThread
MMGetDate
MMGetVersion
MMInitThread
MMInitialize
MMUpdateModules

Sections

.text
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Togepi/Togepi/HShield/asc/asc_dh.dll
.dll windows:4 windows x86 arch:x86

cb5d8e6d5cb075eeb8e5838726699142

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:1f:15:c8:b8:92:25:b9:bb:ff:e9:23:24:1a:6a:c4
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

06/10/2009, 00:00

Not After

06/10/2010, 23:59

Subject

CN=AhnLab\, Inc.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=AhnLab\, Inc.,L=Yeongdeungpo-gu\ ,ST=SEOUL,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

53:5e:8e:bc:74:a9:dc:ea:55:ff:7a:06:7c:bf:a2:66:1b:c4:b9:0c
Signer

Actual PE Digest

53:5e:8e:bc:74:a9:dc:ea:55:ff:7a:06:7c:bf:a2:66:1b:c4:b9:0c

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_adjust_fdiv
__dllonexit
_onexit
malloc
_initterm
free

kernel32

DisableThreadLibraryCalls

Exports

Exports

GetExPluginSpec
GetExportSpec
GetImPluginSpec
GetImportSpec
GetModuleId
GetModuleVersion
MMApplyUpdate
MMFinalize
MMFiniThread
MMGetDate
MMGetVersion
MMInitThread
MMInitialize
MMUpdateModules

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Togepi/Togepi/HShield/asc/asc_fse.dll
.dll windows:4 windows x86 arch:x86

cb5d8e6d5cb075eeb8e5838726699142

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:1f:15:c8:b8:92:25:b9:bb:ff:e9:23:24:1a:6a:c4
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

06/10/2009, 00:00

Not After

06/10/2010, 23:59

Subject

CN=AhnLab\, Inc.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=AhnLab\, Inc.,L=Yeongdeungpo-gu\ ,ST=SEOUL,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

3e:08:bd:66:30:49:ce:a1:4c:8b:fa:4d:90:93:63:cf:21:3a:95:10
Signer

Actual PE Digest

3e:08:bd:66:30:49:ce:a1:4c:8b:fa:4d:90:93:63:cf:21:3a:95:10

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_adjust_fdiv
__dllonexit
_onexit
malloc
_initterm
free

kernel32

DisableThreadLibraryCalls

Exports

Exports

GetExPluginSpec
GetExportSpec
GetImPluginSpec
GetImportSpec
GetModuleId
GetModuleVersion
MMApplyUpdate
MMFinalize
MMFiniThread
MMGetDate
MMGetVersion
MMInitThread
MMInitialize
MMUpdateModules

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 184B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 238B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Togepi/Togepi/HShield/asc/asc_intg.dll
.dll windows:4 windows x86 arch:x86

b5e0f5b4411a147e546ecdf14970f820

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:1f:15:c8:b8:92:25:b9:bb:ff:e9:23:24:1a:6a:c4
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

06/10/2009, 00:00

Not After

06/10/2010, 23:59

Subject

CN=AhnLab\, Inc.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=AhnLab\, Inc.,L=Yeongdeungpo-gu\ ,ST=SEOUL,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

dc:6f:12:e9:b9:5b:d0:a9:93:86:2f:8c:b2:ca:7d:c1:92:fc:03:72
Signer

Actual PE Digest

dc:6f:12:e9:b9:5b:d0:a9:93:86:2f:8c:b2:ca:7d:c1:92:fc:03:72

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetWindowsDirectoryA
GetSystemDirectoryA
DisableThreadLibraryCalls

msvcrt

free
_adjust_fdiv
__dllonexit
_onexit
malloc
_initterm

Exports

Exports

GetExPluginSpec
GetExportSpec
GetImPluginSpec
GetImportSpec
GetModuleId
GetModuleVersion
MMApplyUpdate
MMFinalize
MMFiniThread
MMGetDate
MMGetVersion
MMInitThread
MMInitialize
MMUpdateModules

Sections

.text
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Togepi/Togepi/HShield/asc/asc_mmgr.dll
.dll windows:4 windows x86 arch:x86

a1b8f0ae05a5a4bfbf206fb6898f7a7b

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:1f:15:c8:b8:92:25:b9:bb:ff:e9:23:24:1a:6a:c4
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

06/10/2009, 00:00

Not After

06/10/2010, 23:59

Subject

CN=AhnLab\, Inc.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=AhnLab\, Inc.,L=Yeongdeungpo-gu\ ,ST=SEOUL,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

fd:c4:dc:12:b7:73:0f:61:18:c8:b0:72:e1:44:37:52:ae:67:21:d6
Signer

Actual PE Digest

fd:c4:dc:12:b7:73:0f:61:18:c8:b0:72:e1:44:37:52:ae:67:21:d6

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentThreadId
GetTempPathA
MoveFileA
DeleteFileA
LoadLibraryA
FreeLibrary
GetProcAddress
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
MultiByteToWideChar
WideCharToMultiByte
GetFullPathNameA
GetFullPathNameW
GetLastError
CreateFileA
GetVersionExA
CloseHandle
ReadFile
WriteFile
SetFilePointer
GetFileSize
SetEndOfFile
GetFileType
SetFileAttributesA
GetFileAttributesA
FindClose
FindFirstFileA
SetFileTime
GetCurrentDirectoryA
SetCurrentDirectoryA
DisableThreadLibraryCalls

msvcrt

fwrite
fflush
fprintf
fseek
sprintf
fopen
fclose
ftell
strcpy
strncpy
strcat
strncat
strcmp
strncmp
strchr
strrchr
strlen
strspn
strcspn
strpbrk
memset
memcpy
memmove
memcmp
strstr
memchr
strtoul
malloc
free
_rotl
_rotr
_vsnprintf
wcscpy
wcsncpy
wcscat
wcsncat
wcscmp
wcsncmp
wcschr
wcsrchr
wcslen
wcsspn
wcspbrk
wcsstr
wcstoul
_initterm
_adjust_fdiv
__dllonexit
_onexit
_iob
_strnicmp
_stricmp
_wcsnicmp

Exports

Exports

GetExPluginSpec
GetExportSpec
GetImPluginSpec
GetImportSpec
GetModuleId
GetModuleVersion
MMApplyUpdate
MMFinalize
MMFiniThread
MMGetDate
MMGetVersion
MMInitThread
MMInitialize
MMUpdateModules

Sections

.text
Size: 76KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Togepi/Togepi/HShield/asc/asc_unp.dll
.dll windows:4 windows x86 arch:x86

cb5d8e6d5cb075eeb8e5838726699142

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:1f:15:c8:b8:92:25:b9:bb:ff:e9:23:24:1a:6a:c4
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

06/10/2009, 00:00

Not After

06/10/2010, 23:59

Subject

CN=AhnLab\, Inc.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=AhnLab\, Inc.,L=Yeongdeungpo-gu\ ,ST=SEOUL,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

b8:94:71:06:ca:10:a1:5d:bd:d6:9e:25:8a:43:bd:c1:66:55:f0:b5
Signer

Actual PE Digest

b8:94:71:06:ca:10:a1:5d:bd:d6:9e:25:8a:43:bd:c1:66:55:f0:b5

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_adjust_fdiv
__dllonexit
_onexit
malloc
_initterm
free

kernel32

DisableThreadLibraryCalls

Exports

Exports

GetExPluginSpec
GetExportSpec
GetImPluginSpec
GetImportSpec
GetModuleId
GetModuleVersion
MMApplyUpdate
MMFinalize
MMFiniThread
MMGetDate
MMGetVersion
MMInitThread
MMInitialize
MMUpdateModules

Sections

.text
Size: 284KB - Virtual size: 281KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Togepi/Togepi/HShield/asc/fse_base.dll
.dll windows:4 windows x86 arch:x86

cb5d8e6d5cb075eeb8e5838726699142

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:1f:15:c8:b8:92:25:b9:bb:ff:e9:23:24:1a:6a:c4
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

06/10/2009, 00:00

Not After

06/10/2010, 23:59

Subject

CN=AhnLab\, Inc.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=AhnLab\, Inc.,L=Yeongdeungpo-gu\ ,ST=SEOUL,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

49:e7:62:c3:fb:dc:c0:f2:b5:66:cd:cc:48:68:55:5e:c5:e3:35:4c
Signer

Actual PE Digest

49:e7:62:c3:fb:dc:c0:f2:b5:66:cd:cc:48:68:55:5e:c5:e3:35:4c

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_adjust_fdiv
__dllonexit
_onexit
malloc
_initterm
free

kernel32

DisableThreadLibraryCalls

Exports

Exports

GetExPluginSpec
GetExportSpec
GetImPluginSpec
GetImportSpec
GetModuleId
GetModuleVersion
MMApplyUpdate
MMFinalize
MMFiniThread
MMGetDate
MMGetVersion
MMInitThread
MMInitialize
MMUpdateModules

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 264B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 490B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Togepi/Togepi/HShield/asc/fse_fact.dll
.dll windows:4 windows x86 arch:x86

cb5d8e6d5cb075eeb8e5838726699142

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:1f:15:c8:b8:92:25:b9:bb:ff:e9:23:24:1a:6a:c4
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

06/10/2009, 00:00

Not After

06/10/2010, 23:59

Subject

CN=AhnLab\, Inc.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=AhnLab\, Inc.,L=Yeongdeungpo-gu\ ,ST=SEOUL,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

03:9a:ec:59:43:ed:0b:3c:45:86:74:b7:1f:1e:0d:8a:ba:3c:69:46
Signer

Actual PE Digest

03:9a:ec:59:43:ed:0b:3c:45:86:74:b7:1f:1e:0d:8a:ba:3c:69:46

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_adjust_fdiv
__dllonexit
_onexit
malloc
_initterm
free

kernel32

DisableThreadLibraryCalls

Exports

Exports

GetExPluginSpec
GetExportSpec
GetImPluginSpec
GetImportSpec
GetModuleId
GetModuleVersion
MMApplyUpdate
MMFinalize
MMFiniThread
MMGetDate
MMGetVersion
MMInitThread
MMInitialize
MMUpdateModules

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 284B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 440B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Togepi/Togepi/HShield/asc/fse_pe.dll
.dll windows:4 windows x86 arch:x86

cb5d8e6d5cb075eeb8e5838726699142

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:1f:15:c8:b8:92:25:b9:bb:ff:e9:23:24:1a:6a:c4
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

06/10/2009, 00:00

Not After

06/10/2010, 23:59

Subject

CN=AhnLab\, Inc.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=AhnLab\, Inc.,L=Yeongdeungpo-gu\ ,ST=SEOUL,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

e0:87:e8:4a:11:5f:c3:a4:4b:d6:d5:5e:9a:cf:e0:22:d3:db:c5:bd
Signer

Actual PE Digest

e0:87:e8:4a:11:5f:c3:a4:4b:d6:d5:5e:9a:cf:e0:22:d3:db:c5:bd

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_adjust_fdiv
__dllonexit
_onexit
malloc
_initterm
free

kernel32

DisableThreadLibraryCalls

Exports

Exports

GetExPluginSpec
GetExportSpec
GetImPluginSpec
GetImportSpec
GetModuleId
GetModuleVersion
MMApplyUpdate
MMFinalize
MMFiniThread
MMGetDate
MMGetVersion
MMInitThread
MMInitialize
MMUpdateModules

Sections

.text
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Togepi/Togepi/HShield/asc/gfs_base.dll
.dll windows:4 windows x86 arch:x86

cb5d8e6d5cb075eeb8e5838726699142

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:1f:15:c8:b8:92:25:b9:bb:ff:e9:23:24:1a:6a:c4
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

06/10/2009, 00:00

Not After

06/10/2010, 23:59

Subject

CN=AhnLab\, Inc.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=AhnLab\, Inc.,L=Yeongdeungpo-gu\ ,ST=SEOUL,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

ca:f5:c2:f4:81:93:89:82:63:c1:a0:4c:5f:c9:0c:74:54:e9:14:d6
Signer

Actual PE Digest

ca:f5:c2:f4:81:93:89:82:63:c1:a0:4c:5f:c9:0c:74:54:e9:14:d6

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_adjust_fdiv
__dllonexit
_onexit
malloc
_initterm
free

kernel32

DisableThreadLibraryCalls

Exports

Exports

GetExPluginSpec
GetExportSpec
GetImPluginSpec
GetImportSpec
GetModuleId
GetModuleVersion
MMApplyUpdate
MMFinalize
MMFiniThread
MMGetDate
MMGetVersion
MMInitThread
MMInitialize
MMUpdateModules

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 164B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 354B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Togepi/Togepi/HShield/asc/gfs_fact.dll
.dll windows:4 windows x86 arch:x86

cb5d8e6d5cb075eeb8e5838726699142

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:1f:15:c8:b8:92:25:b9:bb:ff:e9:23:24:1a:6a:c4
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

06/10/2009, 00:00

Not After

06/10/2010, 23:59

Subject

CN=AhnLab\, Inc.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=AhnLab\, Inc.,L=Yeongdeungpo-gu\ ,ST=SEOUL,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

35:e2:7a:ed:27:53:5c:b5:eb:11:a7:ce:69:d0:62:b6:12:45:f8:b2
Signer

Actual PE Digest

35:e2:7a:ed:27:53:5c:b5:eb:11:a7:ce:69:d0:62:b6:12:45:f8:b2

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_adjust_fdiv
__dllonexit
_onexit
malloc
_initterm
free

kernel32

DisableThreadLibraryCalls

Exports

Exports

GetExPluginSpec
GetExportSpec
GetImPluginSpec
GetImportSpec
GetModuleId
GetModuleVersion
MMApplyUpdate
MMFinalize
MMFiniThread
MMGetDate
MMGetVersion
MMInitThread
MMInitialize
MMUpdateModules

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 208B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 278B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Togepi/Togepi/HShield/asc/gfs_file.dll
.dll windows:4 windows x86 arch:x86

cb5d8e6d5cb075eeb8e5838726699142

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:1f:15:c8:b8:92:25:b9:bb:ff:e9:23:24:1a:6a:c4
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

06/10/2009, 00:00

Not After

06/10/2010, 23:59

Subject

CN=AhnLab\, Inc.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=AhnLab\, Inc.,L=Yeongdeungpo-gu\ ,ST=SEOUL,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:dc:f8:b4:9a:21:04:98:36:04:26:8c:a5:b6:af:8b:a5:a8:bf:2f
Signer

Actual PE Digest

05:dc:f8:b4:9a:21:04:98:36:04:26:8c:a5:b6:af:8b:a5:a8:bf:2f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_adjust_fdiv
__dllonexit
_onexit
malloc
_initterm
free

kernel32

DisableThreadLibraryCalls

Exports

Exports

GetExPluginSpec
GetExportSpec
GetImPluginSpec
GetImportSpec
GetModuleId
GetModuleVersion
MMApplyUpdate
MMFinalize
MMFiniThread
MMGetDate
MMGetVersion
MMInitThread
MMInitialize
MMUpdateModules

Sections

.text
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 476B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 712B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Togepi/Togepi/HShield/asc/gfs_mem.dll
.dll windows:4 windows x86 arch:x86

cb5d8e6d5cb075eeb8e5838726699142

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:1f:15:c8:b8:92:25:b9:bb:ff:e9:23:24:1a:6a:c4
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

06/10/2009, 00:00

Not After

06/10/2010, 23:59

Subject

CN=AhnLab\, Inc.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=AhnLab\, Inc.,L=Yeongdeungpo-gu\ ,ST=SEOUL,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

af:ab:71:b2:81:34:10:88:1e:3c:b2:41:66:e4:f5:f3:2f:9c:ab:96
Signer

Actual PE Digest

af:ab:71:b2:81:34:10:88:1e:3c:b2:41:66:e4:f5:f3:2f:9c:ab:96

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_adjust_fdiv
__dllonexit
_onexit
malloc
_initterm
free

kernel32

DisableThreadLibraryCalls

Exports

Exports

GetExPluginSpec
GetExportSpec
GetImPluginSpec
GetImportSpec
GetModuleId
GetModuleVersion
MMApplyUpdate
MMFinalize
MMFiniThread
MMGetDate
MMGetVersion
MMInitThread
MMInitialize
MMUpdateModules

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 372B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 466B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Togepi/Togepi/HShield/asc/gfs_os.dll
.dll windows:4 windows x86 arch:x86

dbbb50b7b721edff6799c133c95c2e3b

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:1f:15:c8:b8:92:25:b9:bb:ff:e9:23:24:1a:6a:c4
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

06/10/2009, 00:00

Not After

06/10/2010, 23:59

Subject

CN=AhnLab\, Inc.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=AhnLab\, Inc.,L=Yeongdeungpo-gu\ ,ST=SEOUL,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

9e:7a:94:4a:3d:5e:da:d9:8f:cd:da:4f:d2:71:47:d2:88:08:a4:b3
Signer

Actual PE Digest

9e:7a:94:4a:3d:5e:da:d9:8f:cd:da:4f:d2:71:47:d2:88:08:a4:b3

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FindFirstFileA
FindClose
GetLastError
FindNextFileA
CreateDirectoryA
RemoveDirectoryA
GetCurrentDirectoryA
DisableThreadLibraryCalls

msvcrt

_initterm
malloc
_adjust_fdiv
__dllonexit
_onexit
_tempnam
free

Exports

Exports

GetExPluginSpec
GetExportSpec
GetImPluginSpec
GetImportSpec
GetModuleId
GetModuleVersion
MMApplyUpdate
MMFinalize
MMFiniThread
MMGetDate
MMGetVersion
MMInitThread
MMInitialize
MMUpdateModules

Sections

.text
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 452B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 796B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Togepi/Togepi/HShield/asc/gfs_proc.dll
.dll windows:4 windows x86 arch:x86

d68e5b4a4692f3ff26bef4b34e9364b3

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:1f:15:c8:b8:92:25:b9:bb:ff:e9:23:24:1a:6a:c4
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

06/10/2009, 00:00

Not After

06/10/2010, 23:59

Subject

CN=AhnLab\, Inc.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=AhnLab\, Inc.,L=Yeongdeungpo-gu\ ,ST=SEOUL,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

c1:d2:e9:4c:7d:c0:fc:e1:cb:c8:33:7b:97:70:70:e4:d3:c7:ca:83
Signer

Actual PE Digest

c1:d2:e9:4c:7d:c0:fc:e1:cb:c8:33:7b:97:70:70:e4:d3:c7:ca:83

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetLastError
OpenProcess
LocalFree
FormatMessageA
CloseHandle
ReadProcessMemory
WriteProcessMemory
DisableThreadLibraryCalls

msvcrt

_initterm
_adjust_fdiv
__dllonexit
_onexit
free
malloc

Exports

Exports

GetExPluginSpec
GetExportSpec
GetImPluginSpec
GetImportSpec
GetModuleId
GetModuleVersion
MMApplyUpdate
MMFinalize
MMFiniThread
MMGetDate
MMGetVersion
MMInitThread
MMInitialize
MMUpdateModules

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 224B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 374B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Togepi/Togepi/HShield/asc/gfs_util.dll
.dll windows:4 windows x86 arch:x86

cb5d8e6d5cb075eeb8e5838726699142

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:1f:15:c8:b8:92:25:b9:bb:ff:e9:23:24:1a:6a:c4
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

06/10/2009, 00:00

Not After

06/10/2010, 23:59

Subject

CN=AhnLab\, Inc.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=AhnLab\, Inc.,L=Yeongdeungpo-gu\ ,ST=SEOUL,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

b9:5a:f0:09:0e:69:d7:a1:90:76:a7:1e:49:dd:e5:d8:0b:e9:8f:03
Signer

Actual PE Digest

b9:5a:f0:09:0e:69:d7:a1:90:76:a7:1e:49:dd:e5:d8:0b:e9:8f:03

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_adjust_fdiv
__dllonexit
_onexit
malloc
_initterm
free

kernel32

DisableThreadLibraryCalls

Exports

Exports

GetExPluginSpec
GetExportSpec
GetImPluginSpec
GetImportSpec
GetModuleId
GetModuleVersion
MMApplyUpdate
MMFinalize
MMFiniThread
MMGetDate
MMGetVersion
MMInitThread
MMInitialize
MMUpdateModules

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 432B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 612B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Togepi/Togepi/HShield/asc/moduler.scd
Togepi/Togepi/HShield/asc/option.scd
Togepi/Togepi/HShield/hshield.log
Togepi/Togepi/HShield/hsupdate.jpg
.jpg
Togepi/Togepi/HShield/mspatcha.dll
.dll windows:5 windows x86 arch:x86

c4b92bed908721391735f18934804327

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

RtlUnwind
SetLastError
GetLastError
UnmapViewOfFile
GetFileSize
GetFileTime
DeleteFileA
CloseHandle
CreateFileA
DeleteFileW
CreateFileW
MultiByteToWideChar
MapViewOfFile
CreateFileMappingA
SetFileTime
SetEndOfFile
SetFilePointer
FlushViewOfFile
VirtualAlloc
VirtualFree

Exports

Exports

ApplyPatchToFileA
ApplyPatchToFileByHandles
ApplyPatchToFileByHandlesEx
ApplyPatchToFileExA
ApplyPatchToFileExW
ApplyPatchToFileW
GetFilePatchSignatureA
GetFilePatchSignatureByHandle
GetFilePatchSignatureW
TestApplyPatchToFileA
TestApplyPatchToFileByHandles
TestApplyPatchToFileW

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 386B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Togepi/Togepi/HShield/psapi.dll
.dll windows:5 windows x86 arch:x86

a06529690d58edd08ef4703a44d5e7db

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

psapi.pdb

Imports

ntdll

RtlUnwind
wcslen
wcschr
_stricmp
atoi
NtClose
NtStopProfile
_snprintf
DbgPrint
RtlUnicodeToOemN
RtlAdjustPrivilege
RtlMultiByteToUnicodeN
NtAllocateVirtualMemory
NtCreateProfile
NtSetIntervalProfile
NtStartProfile
NtWriteFile
NtSetInformationProcess
NtQueryInformationProcess
NtQueryVirtualMemory
NtQuerySystemInformation
RtlNtStatusToDosError

kernel32

GetSystemInfo
LoadLibraryA
InterlockedExchange
FreeLibrary
GetProcAddress
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetLastError
DisableThreadLibraryCalls
OpenFileMappingA
MapViewOfFile
UnmapViewOfFile
CreateFileA
CloseHandle
GetProcessHeap
SetLastError
LocalFree
LocalAlloc
MultiByteToWideChar
WideCharToMultiByte
ReadProcessMemory
RaiseException
SetProcessWorkingSetSize
GetProcessWorkingSetSize
lstrcpyA
lstrlenA
HeapFree
HeapAlloc

Exports

Exports

EmptyWorkingSet
EnumDeviceDrivers
EnumPageFilesA
EnumPageFilesW
EnumProcessModules
EnumProcesses
GetDeviceDriverBaseNameA
GetDeviceDriverBaseNameW
GetDeviceDriverFileNameA
GetDeviceDriverFileNameW
GetMappedFileNameA
GetMappedFileNameW
GetModuleBaseNameA
GetModuleBaseNameW
GetModuleFileNameExA
GetModuleFileNameExW
GetModuleInformation
GetPerformanceInfo
GetProcessImageFileNameA
GetProcessImageFileNameW
GetProcessMemoryInfo
GetWsChanges
InitializeProcessForWsWatch
QueryWorkingSet
QueryWorkingSetEx

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 992B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Togepi/Togepi/HShield/v3pro32s.dll
.dll windows:4 windows x86 arch:x86

f6212c14d2f4bf17609a97c72a08d24f

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:1f:15:c8:b8:92:25:b9:bb:ff:e9:23:24:1a:6a:c4
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

06/10/2009, 00:00

Not After

06/10/2010, 23:59

Subject

CN=AhnLab\, Inc.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=AhnLab\, Inc.,L=Yeongdeungpo-gu\ ,ST=SEOUL,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

ec:b7:db:34:20:c3:c0:4d:fd:a0:6a:bf:b5:ab:d0:c8:f8:32:b1:1d
Signer

Actual PE Digest

ec:b7:db:34:20:c3:c0:4d:fd:a0:6a:bf:b5:ab:d0:c8:f8:32:b1:1d

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FindClose
FindNextFileA
FindFirstFileA
GetTempPathA
CloseHandle
FlushFileBuffers
WriteFile
ReadFile
CreateFileA
SetEnvironmentVariableA
GetEnvironmentVariableA
GetLastError
CopyFileA
GetCurrentProcess
GetCurrentThread
GetVersion
GetVersionExA
MoveFileA
InitializeCriticalSection
DeleteCriticalSection
GetCurrentProcessId
LeaveCriticalSection
LoadLibraryA
FreeLibrary
GetProcAddress
GetFullPathNameA
GetFullPathNameW
SetFilePointer
GetFileSize
SetEndOfFile
GetFileType
GetFileAttributesA
SetFileTime
GetCurrentDirectoryA
SetCurrentDirectoryA
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
GetCurrentThreadId
MultiByteToWideChar
WideCharToMultiByte
GetModuleFileNameA
DeleteFileA
SetFileAttributesA
EnterCriticalSection

advapi32

OpenProcessToken
OpenThreadToken
GetTokenInformation
AllocateAndInitializeSid
EqualSid
FreeSid

msvcrt

sprintf
toupper
strrchr
malloc
free
strtoul
localtime
time
fclose
fwrite
fflush
fprintf
fseek
fopen
_iob
ftell
strncpy
strncat
strncmp
strchr
strspn
strcspn
strpbrk
memmove
strstr
memchr
wcscpy
wcsncpy
wcscat
wcsncat
wcscmp
wcsncmp
wcschr
wcsrchr
wcslen
wcsspn
wcspbrk
wcsstr
wcstoul
_vsnprintf
_initterm
_adjust_fdiv
__dllonexit
_onexit
_strnicmp
_stricmp
_wcsnicmp

Exports

Exports

AhnBootInformation
AhnCheckBootSector
AhnCheckDefaultExtensions
AhnCheckFile
AhnCheckMemory
AhnCheckProcess
AhnGetBootRepairStatus
AhnGetDefaultExtensions
AhnGetEngineDate
AhnGetEngineDateString
AhnGetEngineDateValue
AhnGetExtRepairStatus
AhnGetRepairStatus
AhnGetVersion
AhnGetVirusFileCureData
AhnGetVirusName
AhnGetVirusName32
AhnGetVirusNameStr
AhnGetVirusNameStr32
AhnInitVaccineEngine
AhnRepairBootSector
AhnRepairFile
AhnRepairMemory
AhnSetDefaultOption
AhnSetExtensions
PV3CALGetInfoAddr
V3CALGetInfo
V3CALGetShowInfo
V3CALGetTotalInfoCount
_AhnGetFileEntry

Sections

.text
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Togepi/Togepi/JAP.ini
Togepi/Togepi/JAP.log
Togepi/Togepi/MNG.ini
Togepi/Togepi/Mss32.dll
.dll windows:5 windows x86 arch:x86

f0071a6501ffa37786244e3fa6f73235

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

psapi

GetModuleInformation

shlwapi

PathRemoveFileSpecW
PathAppendW
PathRemoveFileSpecA
PathAppendA

kernel32

SetUnhandledExceptionFilter
SetEndOfFile
CreateFileW
GetModuleHandleW
LoadLibraryW
GetProcAddress
GetCurrentProcess
GetModuleHandleA
SetThreadPriority
GetCurrentThread
SuspendThread
Sleep
CreateRemoteThreadEx
CreateThread
VirtualProtect
GetModuleFileNameA
GetModuleFileNameW
DeleteFileA
LoadLibraryA
GetStringTypeW
LCMapStringW
GetSystemTimeAsFileTime
ExitProcess
DecodePointer
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
GetLastError
HeapReAlloc
HeapFree
GetLocalTime
GetCurrentThreadId
GetCommandLineA
IsProcessorFeaturePresent
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
EncodePointer
UnhandledExceptionFilter
GetProcessHeap
IsDebuggerPresent
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
WriteFile
GetStdHandle
SetHandleCount
GetFileType
GetStartupInfoW
HeapCreate
HeapDestroy
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
CloseHandle
RtlUnwind
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
MultiByteToWideChar
ReadFile
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
HeapSize
FlushFileBuffers
SetFilePointer
WriteConsoleW
SetStdHandle
CreateFileA

user32

MessageBoxA

Exports

Exports

AIL_debug_printf
AIL_sprintf
DLSClose
DLSCompactMemory
DLSGetInfo
DLSLoadFile
DLSLoadMemFile
DLSMSSOpen
DLSSetAttribute
DLSUnloadAll
DLSUnloadFile
RIB_alloc_provider_handle
RIB_enumerate_interface
RIB_error
RIB_find_file_provider
RIB_free_provider_handle
RIB_free_provider_library
RIB_load_provider_library
RIB_register_interface
RIB_request_interface
RIB_request_interface_entry
RIB_type_string
RIB_unregister_interface
_AIL_3D_distance_factor@4
_AIL_3D_doppler_factor@4
_AIL_3D_orientation@28
_AIL_3D_position@16
_AIL_3D_provider_attribute@12
_AIL_3D_rolloff_factor@4
_AIL_3D_room_type@4
_AIL_3D_sample_attribute@12
_AIL_3D_sample_cone@16
_AIL_3D_sample_distances@12
_AIL_3D_sample_effects_level@4
_AIL_3D_sample_exclusion@4
_AIL_3D_sample_length@4
_AIL_3D_sample_loop_count@4
_AIL_3D_sample_obstruction@4
_AIL_3D_sample_occlusion@4
_AIL_3D_sample_offset@4
_AIL_3D_sample_playback_rate@4
_AIL_3D_sample_status@4
_AIL_3D_sample_volume@4
_AIL_3D_speaker_type@4
_AIL_3D_user_data@8
_AIL_3D_velocity@16
_AIL_DLS_close@8
_AIL_DLS_compact@4
_AIL_DLS_get_info@12
_AIL_DLS_get_reverb_levels@12
_AIL_DLS_load_file@12
_AIL_DLS_load_memory@12
_AIL_DLS_open@28
_AIL_DLS_set_reverb_levels@12
_AIL_DLS_unload@8
_AIL_HWND@0
_AIL_MIDI_handle_reacquire@4
_AIL_MIDI_handle_release@4
_AIL_MIDI_to_XMI@20
_AIL_MMX_available@0
_AIL_WAV_file_write@20
_AIL_WAV_info@8
_AIL_XMIDI_master_volume@4
_AIL_active_3D_sample_count@4
_AIL_active_sample_count@4
_AIL_active_sequence_count@4
_AIL_allocate_3D_sample_handle@4
_AIL_allocate_file_sample@12
_AIL_allocate_sample_handle@4
_AIL_allocate_sequence_handle@4
_AIL_auto_service_stream@8
_AIL_auto_update_3D_position@8
_AIL_background@0
_AIL_branch_index@8
_AIL_channel_notes@8
_AIL_close_3D_listener@4
_AIL_close_3D_object@4
_AIL_close_3D_provider@4
_AIL_close_XMIDI_driver@4
_AIL_close_digital_driver@4
_AIL_close_filter@4
_AIL_close_input@4
_AIL_close_stream@4
_AIL_compress_ADPCM@12
_AIL_compress_ASI@20
_AIL_compress_DLS@20
_AIL_controller_value@12
_AIL_create_wave_synthesizer@16
_AIL_decompress_ADPCM@12
_AIL_decompress_ASI@24
_AIL_delay@4
_AIL_destroy_wave_synthesizer@4
_AIL_digital_CPU_percent@4
_AIL_digital_configuration@16
_AIL_digital_handle_reacquire@4
_AIL_digital_handle_release@4
_AIL_digital_latency@4
_AIL_digital_master_reverb@16
_AIL_digital_master_reverb_levels@12
_AIL_digital_master_volume_level@4
_AIL_end_3D_sample@4
_AIL_end_sample@4
_AIL_end_sequence@4
_AIL_enumerate_3D_provider_attributes@12
_AIL_enumerate_3D_providers@12
_AIL_enumerate_3D_sample_attributes@12
_AIL_enumerate_filter_attributes@12
_AIL_enumerate_filter_sample_attributes@12
_AIL_enumerate_filters@12
_AIL_extract_DLS@28
_AIL_file_error@0
_AIL_file_read@8
_AIL_file_size@4
_AIL_file_type@8
_AIL_file_write@12
_AIL_filter_DLS_attribute@12
_AIL_filter_DLS_with_XMI@24
_AIL_filter_attribute@12
_AIL_filter_sample_attribute@12
_AIL_filter_stream_attribute@12
_AIL_find_DLS@24
_AIL_get_DirectSound_info@12
_AIL_get_input_info@4
_AIL_get_preference@4
_AIL_get_timer_highest_delay@0
_AIL_init_sample@4
_AIL_init_sequence@12
_AIL_last_error@0
_AIL_list_DLS@20
_AIL_list_MIDI@20
_AIL_load_sample_buffer@16
_AIL_lock@0
_AIL_lock_channel@4
_AIL_lock_mutex@0
_AIL_map_sequence_channel@12
_AIL_mem_alloc_lock@4
_AIL_mem_free_lock@4
_AIL_mem_use_free@4
_AIL_mem_use_malloc@4
_AIL_merge_DLS_with_XMI@16
_AIL_midiOutClose@4
_AIL_midiOutOpen@12
_AIL_minimum_sample_buffer_size@12
_AIL_ms_count@0
_AIL_open_3D_listener@4
_AIL_open_3D_object@4
_AIL_open_3D_provider@4
_AIL_open_XMIDI_driver@4
_AIL_open_digital_driver@16
_AIL_open_filter@8
_AIL_open_input@4
_AIL_open_stream@12
_AIL_pause_stream@8
_AIL_primary_digital_driver@4
_AIL_process_digital_audio@24
_AIL_quick_copy@4
_AIL_quick_halt@4
_AIL_quick_handles@12
_AIL_quick_load@4
_AIL_quick_load_and_play@12
_AIL_quick_load_mem@8
_AIL_quick_ms_length@4
_AIL_quick_ms_position@4
_AIL_quick_play@8
_AIL_quick_set_low_pass_cut_off@8
_AIL_quick_set_ms_position@8
_AIL_quick_set_reverb_levels@12
_AIL_quick_set_speed@8
_AIL_quick_set_volume@12
_AIL_quick_shutdown@0
_AIL_quick_startup@20
_AIL_quick_status@4
_AIL_quick_type@4
_AIL_quick_unload@4
_AIL_redbook_close@4
_AIL_redbook_eject@4
_AIL_redbook_id@4
_AIL_redbook_open@4
_AIL_redbook_open_drive@4
_AIL_redbook_pause@4
_AIL_redbook_play@12
_AIL_redbook_position@4
_AIL_redbook_resume@4
_AIL_redbook_retract@4
_AIL_redbook_set_volume_level@8
_AIL_redbook_status@4
_AIL_redbook_stop@4
_AIL_redbook_track@4
_AIL_redbook_track_info@16
_AIL_redbook_tracks@4
_AIL_redbook_volume_level@4
_AIL_register_3D_EOS_callback@8
_AIL_register_EOB_callback@8
_AIL_register_EOF_callback@8
_AIL_register_EOS_callback@8
_AIL_register_ICA_array@8
_AIL_register_SOB_callback@8
_AIL_register_beat_callback@8
_AIL_register_event_callback@8
_AIL_register_prefix_callback@8
_AIL_register_sequence_callback@8
_AIL_register_stream_callback@8
_AIL_register_timbre_callback@8
_AIL_register_timer@4
_AIL_register_trigger_callback@8
_AIL_release_3D_sample_handle@4
_AIL_release_all_timers@0
_AIL_release_channel@8
_AIL_release_sample_handle@4
_AIL_release_sequence_handle@4
_AIL_release_timer_handle@4
_AIL_request_EOB_ASI_reset@8
_AIL_resume_3D_sample@4
_AIL_resume_sample@4
_AIL_resume_sequence@4
_AIL_sample_buffer_info@20
_AIL_sample_buffer_ready@4
_AIL_sample_granularity@4
_AIL_sample_loop_count@4
_AIL_sample_low_pass_cut_off@4
_AIL_sample_ms_position@12
_AIL_sample_playback_rate@4
_AIL_sample_position@4
_AIL_sample_reverb_levels@12
_AIL_sample_status@4
_AIL_sample_user_data@8
_AIL_sample_volume_levels@12
_AIL_sample_volume_pan@12
_AIL_send_channel_voice_message@20
_AIL_send_sysex_message@8
_AIL_sequence_loop_count@4
_AIL_sequence_ms_position@12
_AIL_sequence_position@12
_AIL_sequence_status@4
_AIL_sequence_tempo@4
_AIL_sequence_user_data@8
_AIL_sequence_volume@4
_AIL_serve@0
_AIL_service_stream@8
_AIL_set_3D_distance_factor@8
_AIL_set_3D_doppler_factor@8
_AIL_set_3D_orientation@28
_AIL_set_3D_position@16
_AIL_set_3D_provider_preference@12
_AIL_set_3D_rolloff_factor@8
_AIL_set_3D_room_type@8
_AIL_set_3D_sample_cone@16
_AIL_set_3D_sample_distances@12
_AIL_set_3D_sample_effects_level@8
_AIL_set_3D_sample_exclusion@8
_AIL_set_3D_sample_file@8
_AIL_set_3D_sample_info@8
_AIL_set_3D_sample_loop_block@12
_AIL_set_3D_sample_loop_count@8
_AIL_set_3D_sample_obstruction@8
_AIL_set_3D_sample_occlusion@8
_AIL_set_3D_sample_offset@8
_AIL_set_3D_sample_playback_rate@8
_AIL_set_3D_sample_preference@12
_AIL_set_3D_sample_volume@8
_AIL_set_3D_speaker_type@8
_AIL_set_3D_user_data@12
_AIL_set_3D_velocity@20
_AIL_set_3D_velocity_vector@16
_AIL_set_DLS_processor@12
_AIL_set_DirectSound_HWND@8
_AIL_set_XMIDI_master_volume@8
_AIL_set_digital_driver_processor@12
_AIL_set_digital_master_reverb@16
_AIL_set_digital_master_reverb_levels@12
_AIL_set_digital_master_room_type@8
_AIL_set_digital_master_volume_level@8
_AIL_set_error@4
_AIL_set_file_async_callbacks@20
_AIL_set_file_callbacks@16
_AIL_set_filter_DLS_preference@12
_AIL_set_filter_preference@12
_AIL_set_filter_sample_preference@12
_AIL_set_filter_stream_preference@12
_AIL_set_input_state@8
_AIL_set_named_sample_file@20
_AIL_set_preference@8
_AIL_set_redist_directory@4
_AIL_set_sample_address@12
_AIL_set_sample_adpcm_block_size@8
_AIL_set_sample_file@12
_AIL_set_sample_loop_block@12
_AIL_set_sample_loop_count@8
_AIL_set_sample_low_pass_cut_off@8
_AIL_set_sample_ms_position@8
_AIL_set_sample_playback_rate@8
_AIL_set_sample_position@8
_AIL_set_sample_processor@12
_AIL_set_sample_reverb_levels@12
_AIL_set_sample_type@12
_AIL_set_sample_user_data@12
_AIL_set_sample_volume_levels@12
_AIL_set_sample_volume_pan@12
_AIL_set_sequence_loop_count@8
_AIL_set_sequence_ms_position@8
_AIL_set_sequence_tempo@12
_AIL_set_sequence_user_data@12
_AIL_set_sequence_volume@12
_AIL_set_stream_loop_block@12
_AIL_set_stream_loop_count@8
_AIL_set_stream_low_pass_cut_off@8
_AIL_set_stream_ms_position@8
_AIL_set_stream_playback_rate@8
_AIL_set_stream_position@8
_AIL_set_stream_processor@12
_AIL_set_stream_reverb_levels@12
_AIL_set_stream_user_data@12
_AIL_set_stream_volume_levels@12
_AIL_set_stream_volume_pan@12
_AIL_set_timer_divisor@8
_AIL_set_timer_frequency@8
_AIL_set_timer_period@8
_AIL_set_timer_user@8
_AIL_shutdown@0
_AIL_size_processed_digital_audio@16
_AIL_start_3D_sample@4
_AIL_start_all_timers@0
_AIL_start_sample@4
_AIL_start_sequence@4
_AIL_start_stream@4
_AIL_start_timer@4
_AIL_startup@0
_AIL_stop_3D_sample@4
_AIL_stop_all_timers@0
_AIL_stop_sample@4
_AIL_stop_sequence@4
_AIL_stop_timer@4
_AIL_stream_info@20
_AIL_stream_loop_count@4
_AIL_stream_low_pass_cut_off@4
_AIL_stream_ms_position@12
_AIL_stream_playback_rate@4
_AIL_stream_position@4
_AIL_stream_reverb_levels@12
_AIL_stream_status@4
_AIL_stream_user_data@8
_AIL_stream_volume_levels@12
_AIL_stream_volume_pan@12
_AIL_true_sequence_channel@8
_AIL_unlock@0
_AIL_unlock_mutex@0
_AIL_update_3D_position@8
_AIL_us_count@0
_AIL_waveOutClose@4
_AIL_waveOutOpen@16
_DLSMSSGetCPU@4
_DllMain@12
_MIX_RIB_MAIN@8
_RIB_enumerate_providers@12
_RIB_find_file_dec_provider@20
_RIB_find_files_provider@20
_RIB_find_provider@12
_RIB_load_application_providers@4
_RIB_load_static_provider_library@8
_RIB_provider_system_data@8
_RIB_provider_user_data@8
_RIB_set_provider_system_data@12
_RIB_set_provider_user_data@12
stream_background

Sections

.text
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 59KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Togepi/Togepi/Mss32.dln
.dll windows:4 windows x86 arch:x86

62b02fe9d5a80ea14b371927fee52f1d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\codes\_Library\Miles6.6d\output\release\mss32.pdb

Imports

user32

SetTimer
KillTimer
wsprintfA
GetTopWindow
GetForegroundWindow
MessageBoxA
GetWindowLongA
GetActiveWindow
IsWindow
GetWindowThreadProcessId
GetWindow

kernel32

HeapFree
GetTimeZoneInformation
WideCharToMultiByte
TerminateProcess
ExitProcess
RtlUnwind
GetVersionExA
GetCommandLineA
GetSystemTimeAsFileTime
SetHandleCount
GetStdHandle
WaitForSingleObject
SetEvent
GetWindowsDirectoryA
Sleep
CreateEventA
GetSystemDirectoryA
SetThreadPriority
RaiseException
DisableThreadLibraryCalls
WaitForMultipleObjects
GetModuleFileNameA
GetModuleHandleA
CreateMutexA
ReleaseMutex
CloseHandle
GetCurrentProcessId
SuspendThread
ResumeThread
CreateThread
SetErrorMode
FreeLibrary
FindFirstFileA
GetProcAddress
FindClose
LoadLibraryA
FindNextFileA
CreateDirectoryA
CreateFileA
SetFilePointer
ReadFile
OpenFile
GetTempPathA
GetCurrentProcess
QueryPerformanceCounter
GetTickCount
GetCurrentThread
GetProfileStringA
QueryPerformanceFrequency
OutputDebugStringA
DuplicateHandle
lstrcatA
WriteFile
GlobalAlloc
GlobalFree
VirtualQuery
GetSystemInfo
VirtualProtect
GetLocaleInfoA
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetStringTypeW
GetStringTypeA
LCMapStringW
MultiByteToWideChar
LCMapStringA
GetFileType
HeapSize
SetEndOfFile
GetCurrentThreadId
GetCPInfo
GetOEMCP
GetACP
FlushFileBuffers
SetStdHandle
HeapReAlloc
VirtualAlloc
HeapAlloc
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
VirtualFree
HeapCreate
HeapDestroy
GetStartupInfoA
GetLastError

winmm

waveOutClose
waveOutWrite
waveOutReset
waveOutGetDevCapsA
waveOutUnprepareHeader
waveOutOpen
waveOutGetID
waveOutPrepareHeader
waveInClose
waveInPrepareHeader
waveInOpen
waveInAddBuffer
waveInReset
waveInUnprepareHeader
waveInStart
midiOutLongMsg
midiOutClose
midiOutShortMsg
midiOutOpen
midiOutReset
midiOutPrepareHeader
midiOutUnprepareHeader
mciSendCommandA
mixerSetControlDetails
mixerGetControlDetailsA
mixerGetNumDevs
auxGetDevCapsA
mixerClose
mixerGetLineInfoA
auxSetVolume
mixerGetLineControlsA
auxGetNumDevs
mixerOpen
auxGetVolume
timeGetTime

Exports

Exports

AIL_debug_printf
AIL_sprintf
DLSClose
DLSCompactMemory
DLSGetInfo
DLSLoadFile
DLSLoadMemFile
DLSMSSOpen
DLSSetAttribute
DLSUnloadAll
DLSUnloadFile
RIB_alloc_provider_handle
RIB_enumerate_interface
RIB_error
RIB_find_file_provider
RIB_free_provider_handle
RIB_free_provider_library
RIB_load_provider_library
RIB_register_interface
RIB_request_interface
RIB_request_interface_entry
RIB_type_string
RIB_unregister_interface
_AIL_3D_distance_factor@4
_AIL_3D_doppler_factor@4
_AIL_3D_orientation@28
_AIL_3D_position@16
_AIL_3D_provider_attribute@12
_AIL_3D_rolloff_factor@4
_AIL_3D_room_type@4
_AIL_3D_sample_attribute@12
_AIL_3D_sample_cone@16
_AIL_3D_sample_distances@12
_AIL_3D_sample_effects_level@4
_AIL_3D_sample_exclusion@4
_AIL_3D_sample_length@4
_AIL_3D_sample_loop_count@4
_AIL_3D_sample_obstruction@4
_AIL_3D_sample_occlusion@4
_AIL_3D_sample_offset@4
_AIL_3D_sample_playback_rate@4
_AIL_3D_sample_status@4
_AIL_3D_sample_volume@4
_AIL_3D_speaker_type@4
_AIL_3D_user_data@8
_AIL_3D_velocity@16
_AIL_DLS_close@8
_AIL_DLS_compact@4
_AIL_DLS_get_info@12
_AIL_DLS_get_reverb_levels@12
_AIL_DLS_load_file@12
_AIL_DLS_load_memory@12
_AIL_DLS_open@28
_AIL_DLS_set_reverb_levels@12
_AIL_DLS_unload@8
_AIL_HWND@0
_AIL_MIDI_handle_reacquire@4
_AIL_MIDI_handle_release@4
_AIL_MIDI_to_XMI@20
_AIL_MMX_available@0
_AIL_WAV_file_write@20
_AIL_WAV_info@8
_AIL_XMIDI_master_volume@4
_AIL_active_3D_sample_count@4
_AIL_active_sample_count@4
_AIL_active_sequence_count@4
_AIL_allocate_3D_sample_handle@4
_AIL_allocate_file_sample@12
_AIL_allocate_sample_handle@4
_AIL_allocate_sequence_handle@4
_AIL_auto_service_stream@8
_AIL_auto_update_3D_position@8
_AIL_background@0
_AIL_branch_index@8
_AIL_channel_notes@8
_AIL_close_3D_listener@4
_AIL_close_3D_object@4
_AIL_close_3D_provider@4
_AIL_close_XMIDI_driver@4
_AIL_close_digital_driver@4
_AIL_close_filter@4
_AIL_close_input@4
_AIL_close_stream@4
_AIL_compress_ADPCM@12
_AIL_compress_ASI@20
_AIL_compress_DLS@20
_AIL_controller_value@12
_AIL_create_wave_synthesizer@16
_AIL_decompress_ADPCM@12
_AIL_decompress_ASI@24
_AIL_delay@4
_AIL_destroy_wave_synthesizer@4
_AIL_digital_CPU_percent@4
_AIL_digital_configuration@16
_AIL_digital_handle_reacquire@4
_AIL_digital_handle_release@4
_AIL_digital_latency@4
_AIL_digital_master_reverb@16
_AIL_digital_master_reverb_levels@12
_AIL_digital_master_volume_level@4
_AIL_end_3D_sample@4
_AIL_end_sample@4
_AIL_end_sequence@4
_AIL_enumerate_3D_provider_attributes@12
_AIL_enumerate_3D_providers@12
_AIL_enumerate_3D_sample_attributes@12
_AIL_enumerate_filter_attributes@12
_AIL_enumerate_filter_sample_attributes@12
_AIL_enumerate_filters@12
_AIL_extract_DLS@28
_AIL_file_error@0
_AIL_file_read@8
_AIL_file_size@4
_AIL_file_type@8
_AIL_file_write@12
_AIL_filter_DLS_attribute@12
_AIL_filter_DLS_with_XMI@24
_AIL_filter_attribute@12
_AIL_filter_sample_attribute@12
_AIL_filter_stream_attribute@12
_AIL_find_DLS@24
_AIL_get_DirectSound_info@12
_AIL_get_input_info@4
_AIL_get_preference@4
_AIL_get_timer_highest_delay@0
_AIL_init_sample@4
_AIL_init_sequence@12
_AIL_last_error@0
_AIL_list_DLS@20
_AIL_list_MIDI@20
_AIL_load_sample_buffer@16
_AIL_lock@0
_AIL_lock_channel@4
_AIL_lock_mutex@0
_AIL_map_sequence_channel@12
_AIL_mem_alloc_lock@4
_AIL_mem_free_lock@4
_AIL_mem_use_free@4
_AIL_mem_use_malloc@4
_AIL_merge_DLS_with_XMI@16
_AIL_midiOutClose@4
_AIL_midiOutOpen@12
_AIL_minimum_sample_buffer_size@12
_AIL_ms_count@0
_AIL_open_3D_listener@4
_AIL_open_3D_object@4
_AIL_open_3D_provider@4
_AIL_open_XMIDI_driver@4
_AIL_open_digital_driver@16
_AIL_open_filter@8
_AIL_open_input@4
_AIL_open_stream@12
_AIL_pause_stream@8
_AIL_primary_digital_driver@4
_AIL_process_digital_audio@24
_AIL_quick_copy@4
_AIL_quick_halt@4
_AIL_quick_handles@12
_AIL_quick_load@4
_AIL_quick_load_and_play@12
_AIL_quick_load_mem@8
_AIL_quick_ms_length@4
_AIL_quick_ms_position@4
_AIL_quick_play@8
_AIL_quick_set_low_pass_cut_off@8
_AIL_quick_set_ms_position@8
_AIL_quick_set_reverb_levels@12
_AIL_quick_set_speed@8
_AIL_quick_set_volume@12
_AIL_quick_shutdown@0
_AIL_quick_startup@20
_AIL_quick_status@4
_AIL_quick_type@4
_AIL_quick_unload@4
_AIL_redbook_close@4
_AIL_redbook_eject@4
_AIL_redbook_id@4
_AIL_redbook_open@4
_AIL_redbook_open_drive@4
_AIL_redbook_pause@4
_AIL_redbook_play@12
_AIL_redbook_position@4
_AIL_redbook_resume@4
_AIL_redbook_retract@4
_AIL_redbook_set_volume_level@8
_AIL_redbook_status@4
_AIL_redbook_stop@4
_AIL_redbook_track@4
_AIL_redbook_track_info@16
_AIL_redbook_tracks@4
_AIL_redbook_volume_level@4
_AIL_register_3D_EOS_callback@8
_AIL_register_EOB_callback@8
_AIL_register_EOF_callback@8
_AIL_register_EOS_callback@8
_AIL_register_ICA_array@8
_AIL_register_SOB_callback@8
_AIL_register_beat_callback@8
_AIL_register_event_callback@8
_AIL_register_prefix_callback@8
_AIL_register_sequence_callback@8
_AIL_register_stream_callback@8
_AIL_register_timbre_callback@8
_AIL_register_timer@4
_AIL_register_trigger_callback@8
_AIL_release_3D_sample_handle@4
_AIL_release_all_timers@0
_AIL_release_channel@8
_AIL_release_sample_handle@4
_AIL_release_sequence_handle@4
_AIL_release_timer_handle@4
_AIL_request_EOB_ASI_reset@8
_AIL_resume_3D_sample@4
_AIL_resume_sample@4
_AIL_resume_sequence@4
_AIL_sample_buffer_info@20
_AIL_sample_buffer_ready@4
_AIL_sample_granularity@4
_AIL_sample_loop_count@4
_AIL_sample_low_pass_cut_off@4
_AIL_sample_ms_position@12
_AIL_sample_playback_rate@4
_AIL_sample_position@4
_AIL_sample_reverb_levels@12
_AIL_sample_status@4
_AIL_sample_user_data@8
_AIL_sample_volume_levels@12
_AIL_sample_volume_pan@12
_AIL_send_channel_voice_message@20
_AIL_send_sysex_message@8
_AIL_sequence_loop_count@4
_AIL_sequence_ms_position@12
_AIL_sequence_position@12
_AIL_sequence_status@4
_AIL_sequence_tempo@4
_AIL_sequence_user_data@8
_AIL_sequence_volume@4
_AIL_serve@0
_AIL_service_stream@8
_AIL_set_3D_distance_factor@8
_AIL_set_3D_doppler_factor@8
_AIL_set_3D_orientation@28
_AIL_set_3D_position@16
_AIL_set_3D_provider_preference@12
_AIL_set_3D_rolloff_factor@8
_AIL_set_3D_room_type@8
_AIL_set_3D_sample_cone@16
_AIL_set_3D_sample_distances@12
_AIL_set_3D_sample_effects_level@8
_AIL_set_3D_sample_exclusion@8
_AIL_set_3D_sample_file@8
_AIL_set_3D_sample_info@8
_AIL_set_3D_sample_loop_block@12
_AIL_set_3D_sample_loop_count@8
_AIL_set_3D_sample_obstruction@8
_AIL_set_3D_sample_occlusion@8
_AIL_set_3D_sample_offset@8
_AIL_set_3D_sample_playback_rate@8
_AIL_set_3D_sample_preference@12
_AIL_set_3D_sample_volume@8
_AIL_set_3D_speaker_type@8
_AIL_set_3D_user_data@12
_AIL_set_3D_velocity@20
_AIL_set_3D_velocity_vector@16
_AIL_set_DLS_processor@12
_AIL_set_DirectSound_HWND@8
_AIL_set_XMIDI_master_volume@8
_AIL_set_digital_driver_processor@12
_AIL_set_digital_master_reverb@16
_AIL_set_digital_master_reverb_levels@12
_AIL_set_digital_master_room_type@8
_AIL_set_digital_master_volume_level@8
_AIL_set_error@4
_AIL_set_file_async_callbacks@20
_AIL_set_file_callbacks@16
_AIL_set_filter_DLS_preference@12
_AIL_set_filter_preference@12
_AIL_set_filter_sample_preference@12
_AIL_set_filter_stream_preference@12
_AIL_set_input_state@8
_AIL_set_named_sample_file@20
_AIL_set_preference@8
_AIL_set_redist_directory@4
_AIL_set_sample_address@12
_AIL_set_sample_adpcm_block_size@8
_AIL_set_sample_file@12
_AIL_set_sample_loop_block@12
_AIL_set_sample_loop_count@8
_AIL_set_sample_low_pass_cut_off@8
_AIL_set_sample_ms_position@8
_AIL_set_sample_playback_rate@8
_AIL_set_sample_position@8
_AIL_set_sample_processor@12
_AIL_set_sample_reverb_levels@12
_AIL_set_sample_type@12
_AIL_set_sample_user_data@12
_AIL_set_sample_volume_levels@12
_AIL_set_sample_volume_pan@12
_AIL_set_sequence_loop_count@8
_AIL_set_sequence_ms_position@8
_AIL_set_sequence_tempo@12
_AIL_set_sequence_user_data@12
_AIL_set_sequence_volume@12
_AIL_set_stream_loop_block@12
_AIL_set_stream_loop_count@8
_AIL_set_stream_low_pass_cut_off@8
_AIL_set_stream_ms_position@8
_AIL_set_stream_playback_rate@8
_AIL_set_stream_position@8
_AIL_set_stream_processor@12
_AIL_set_stream_reverb_levels@12
_AIL_set_stream_user_data@12
_AIL_set_stream_volume_levels@12
_AIL_set_stream_volume_pan@12
_AIL_set_timer_divisor@8
_AIL_set_timer_frequency@8
_AIL_set_timer_period@8
_AIL_set_timer_user@8
_AIL_shutdown@0
_AIL_size_processed_digital_audio@16
_AIL_start_3D_sample@4
_AIL_start_all_timers@0
_AIL_start_sample@4
_AIL_start_sequence@4
_AIL_start_stream@4
_AIL_start_timer@4
_AIL_startup@0
_AIL_stop_3D_sample@4
_AIL_stop_all_timers@0
_AIL_stop_sample@4
_AIL_stop_sequence@4
_AIL_stop_timer@4
_AIL_stream_info@20
_AIL_stream_loop_count@4
_AIL_stream_low_pass_cut_off@4
_AIL_stream_ms_position@12
_AIL_stream_playback_rate@4
_AIL_stream_position@4
_AIL_stream_reverb_levels@12
_AIL_stream_status@4
_AIL_stream_user_data@8
_AIL_stream_volume_levels@12
_AIL_stream_volume_pan@12
_AIL_true_sequence_channel@8
_AIL_unlock@0
_AIL_unlock_mutex@0
_AIL_update_3D_position@8
_AIL_us_count@0
_AIL_waveOutClose@4
_AIL_waveOutOpen@16
_DLSMSSGetCPU@4
_DllMain@12
_MIX_RIB_MAIN@8
_RIB_enumerate_providers@12
_RIB_find_file_dec_provider@20
_RIB_find_files_provider@20
_RIB_find_provider@12
_RIB_load_application_providers@4
_RIB_load_static_provider_library@8
_RIB_provider_system_data@8
_RIB_provider_user_data@8
_RIB_set_provider_system_data@12
_RIB_set_provider_user_data@12
stream_background

Sections

.text
Size: 234KB - Virtual size: 234KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

MSSMIXER
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Togepi/Togepi/Novichok.dll
.dll windows:5 windows x86 arch:x86

b4cb8e6e16e2ffc2bd52131e5ae7a525

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FreeLibrary
LoadResource
GlobalLock
GlobalAlloc
LoadLibraryW
SizeofResource
GetLastError
SetLastError
GetProcAddress
GlobalFree
LockResource
GetNativeSystemInfo
GetCurrentProcess
GetModuleHandleExW
GetModuleHandleW
IsBadReadPtr
OpenProcess
FindResourceW
GetSystemInfo
IsDebuggerPresent
GetCurrentProcessId
DisableThreadLibraryCalls
OutputDebugStringA
CloseHandle
CreateThread
LocalAlloc
InterlockedExchange
HeapReAlloc
GetStringTypeW
Sleep
GetCurrentThread
MultiByteToWideChar
LCMapStringW
HeapSize
EnterCriticalSection
LeaveCriticalSection
IsProcessorFeaturePresent
RtlUnwind
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
HeapDestroy
HeapCreate
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetModuleFileNameA
DeleteCriticalSection
GetStartupInfoW
GetFileType
InitializeCriticalSectionAndSpinCount
VirtualQuery
VirtualProtect
VirtualAlloc
InterlockedCompareExchange
GetCurrentThreadId
ResumeThread
FlushInstructionCache
SetThreadContext
GetThreadContext
SuspendThread
DecodePointer
EncodePointer
GetCommandLineA
RaiseException
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
HeapAlloc
HeapFree
WriteFile
GetStdHandle
GetModuleFileNameW
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
ExitProcess
SetHandleCount
LoadLibraryA

user32

SetWindowPos
DialogBoxParamW
KillTimer
FillRect
SetTimer
SetWindowLongW
EndDialog
GetWindowLongW

gdi32

GetStockObject

ole32

CreateStreamOnHGlobal

gdiplus

GdipDeleteGraphics
GdipCreateBitmapFromStream
GdipDrawImageI
GdipCreateLineBrushFromRectI
GdipFree
GdipDeleteBrush
GdiplusShutdown
GdipAlloc
GdipDisposeImage
GdipCreateFromHDC
GdipFillRectangleI
GdipCloneImage
GdiplusStartup

psapi

GetModuleBaseNameW

imagehlp

ImageNtHeader

Sections

.text
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Togepi/Togepi/d3d9.dll
.dll windows:4 windows x86 arch:x86

2d4902774367c9031d7000dbecb09ebf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winmm

PlaySoundA
timeGetTime

user32

LoadStringA
LoadImageA
OffsetRect
wsprintfA
DrawTextA
InflateRect

ws2_32

ntohl
closesocket
recv
ioctlsocket
send
htonl
connect
htons
socket
WSAStartup
gethostbyname
inet_addr
WSACleanup

kernel32

UnhandledExceptionFilter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
lstrlenA
WideCharToMultiByte
MultiByteToWideChar
SystemTimeToFileTime
GetLocalTime
HeapFree
CloseHandle
ReadFile
HeapAlloc
GetProcessHeap
GetFileSize
CreateFileA
FreeLibrary
SetEvent
CreateThread
CreateEventA
GetCurrentProcess
GetModuleHandleA
VirtualProtect
Sleep
lstrcpyA
GetLocaleInfoA
SetLastError
GetLastError
lstrcatA
GetSystemDirectoryA
Module32Next
VirtualQuery
lstrcmpiA
GetModuleFileNameA
Module32First
CreateToolhelp32Snapshot
GetCurrentProcessId
IsBadReadPtr
GetSystemInfo
SetFilePointer
WaitForSingleObject
SetLocalTime
FileTimeToSystemTime
GetProcAddress
LoadLibraryA
lstrcmpA
GetPrivateProfileSectionA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileSectionNamesA
GetStringTypeA
GetStringTypeW
EnumSystemLocalesA
FlushInstructionCache
IsValidLocale
IsValidCodePage
IsBadCodePtr
GetACP
GetOEMCP
SetStdHandle
GetLocaleInfoW
SetEndOfFile
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetTickCount
GetTimeZoneInformation
HeapSize
TerminateProcess
QueryPerformanceCounter
InterlockedDecrement
InterlockedIncrement
InterlockedExchange
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetUserDefaultLCID
GetStringTypeExA
LCMapStringA
LCMapStringW
InterlockedCompareExchange
RtlUnwind
RaiseException
ExitProcess
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCommandLineA
GetVersionExA
GetCPInfo
VirtualAlloc
HeapDestroy
HeapCreate
VirtualFree
HeapReAlloc
IsBadWritePtr
TlsAlloc
TlsFree
TlsSetValue
TlsGetValue
SetUnhandledExceptionFilter
WriteFile
FlushFileBuffers

gdi32

SetMapMode
BitBlt
TextOutA
SetBkMode
CreatePen
GetStockObject
RoundRect
CreateCompatibleDC
CreateFontA
SetTextColor
SetBkColor
SetTextAlign
GetTextExtentPoint32A
SelectObject
ExtTextOutA
DeleteDC
DeleteObject
CreateDIBSection

imagehlp

MakeSureDirectoryPathExists

Exports

Exports

CheckFullscreen
D3DPERF_BeginEvent
D3DPERF_EndEvent
D3DPERF_GetStatus
D3DPERF_QueryRepeatFrame
D3DPERF_SetMarker
D3DPERF_SetOptions
D3DPERF_SetRegion
DebugSetLevel
DebugSetMute
Direct3DCreate9
Direct3DShaderValidatorCreate9
PSGPError
PSGPSampleTexture

Sections

.text
Size: 286KB - Virtual size: 288KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 47KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Togepi/Togepi/d3d9.ini
Togepi/Togepi/data/code/interface.english.txt
Togepi/Togepi/data/db/aircraftdesc.xml
Togepi/Togepi/data/db/charactercondition.xml
Togepi/Togepi/data/db/cutscene/c3/cutscene_c3g10_halfgod_transform.xml
Togepi/Togepi/data/db/cutscene/cutscene_darknight_change.xml
Togepi/Togepi/data/db/cutscene/cutscene_elvenmissile_fire.xml
Togepi/Togepi/data/db/cutscene/cutscene_elvenmissile_ice.xml
Togepi/Togepi/data/db/cutscene/cutscene_elvenmissile_light.xml
Togepi/Togepi/data/db/cutscene/cutscene_giant_fullswing.xml
Togepi/Togepi/data/db/cutscene/cutscene_paladin_change.xml
Togepi/Togepi/data/db/cutscene/cutscene_waterfall.xml
Togepi/Togepi/data/db/dissolution.xml
Togepi/Togepi/data/db/dungeon_ruin.xml
Togepi/Togepi/data/db/dungeondb.xml
Togepi/Togepi/data/db/dungeondb2.xml
Togepi/Togepi/data/db/fieldmap/iria_c_map_main_field_aviation.raw
Togepi/Togepi/data/db/fieldmap/iria_nn_map_main_field_aviation.raw
Togepi/Togepi/data/db/fieldmap/iria_nw_map_main_field_aviation.raw
Togepi/Togepi/data/db/fieldmap/iria_se_map_main_field_aviation.raw
Togepi/Togepi/data/db/fieldmap/iria_sw_map_main_field_aviation.raw
Togepi/Togepi/data/db/fieldmap/taillteann_abb_neagh_aviation.raw
Togepi/Togepi/data/db/fieldmap/taillteann_main_field_aviation.raw
Togepi/Togepi/data/db/fieldmap/taillteann_sliab_cuilin_aviation.raw
Togepi/Togepi/data/db/layout/systemmenu.xml
Togepi/Togepi/data/db/minimapinfo.xml
Togepi/Togepi/data/db/production.xml
Togepi/Togepi/data/db/propdb.xml
Togepi/Togepi/data/db/skill/skillinfo.xml
Togepi/Togepi/data/db/undergroundmaze.xml
Togepi/Togepi/data/gfx/char/giant/female/mentle/giant_female_dummy_01.pmg
Togepi/Togepi/data/gfx/char/giant/male/mentle/giant_male_dummy_01.pmg
Togepi/Togepi/data/gfx/char/human/anim/emotion/uni_natural_emotion_skill_fail_short.ani
Togepi/Togepi/data/gfx/char/human/anim/emotion/uni_natural_emotion_skill_fail_short.mov
Togepi/Togepi/data/gfx/char/human/anim/emotion/uni_natural_emotion_skill_success.ani
Togepi/Togepi/data/gfx/char/human/anim/emotion/uni_natural_emotion_skill_success.mov
Togepi/Togepi/data/gfx/char/human/anim/uni_natural_gathering_eggs.ani
Togepi/Togepi/data/gfx/char/human/female/mantle/female_dummy_01.pmg
Togepi/Togepi/data/gfx/char/human/male/mantle/male_dummy_01.pmg
Togepi/Togepi/data/gfx/char/human/tool/tool_lroad_01.xml
.xml
Togepi/Togepi/data/gfx/char/human/tool/tool_lroad_02.xml
.xml
Togepi/Togepi/data/gfx/char/human/tool/tool_lroad_03.xml
.xml
Togepi/Togepi/data/gfx/char/monster/mesh/mimic/mimic01_mesh.pmg
Togepi/Togepi/data/gfx/char/monster/mesh/mimic/mimic02_mesh.pmg
Togepi/Togepi/data/gfx/char/monster/mesh/mimic/mimic03_mesh.pmg
Togepi/Togepi/data/gfx/char/monster/mesh/mimic/mimic04_mesh.pmg
Togepi/Togepi/data/gfx/char/monster/mesh/mimic/mimic05_mesh.pmg
Togepi/Togepi/data/gfx/char/monster/mesh/mimic/mimic06_mesh.pmg
Togepi/Togepi/data/gfx/font/alphanumeric.ttf
Togepi/Togepi/data/gfx/fx/effect/fx_c2_ruins.xml
.xml
Togepi/Togepi/data/gfx/fx/posteffect/blur.xml
Togepi/Togepi/data/gfx/gui/blacksmith.dds
Togepi/Togepi/data/gfx/gui/font_outline_eng.dds
Togepi/Togepi/data/gfx/gui/login_renewal/00_center_logo/2010_c4_logo.dds
Togepi/Togepi/data/gfx/gui/login_screen/intro_nexon_logo_256x256.dds
Togepi/Togepi/data/gfx/gui/login_screen/login_title_c4g15_us.dds
Togepi/Togepi/data/gfx/gui/map_jpg/minimap_belfast_human_eng.jpg
.jpg
Togepi/Togepi/data/gfx/gui/map_jpg/minimap_iria_connous_eng.jpg
.jpg
Togepi/Togepi/data/gfx/gui/map_jpg/minimap_iria_connous_g15_eng.jpg
.jpg
Togepi/Togepi/data/gfx/gui/map_jpg/minimap_iria_connous_underworld.jpg
.jpg
Togepi/Togepi/data/gfx/gui/map_jpg/minimap_iria_courcle_eng.jpg
.jpg
Togepi/Togepi/data/gfx/gui/map_jpg/minimap_iria_nw_tunnel_n_eng.jpg
.jpg
Togepi/Togepi/data/gfx/gui/map_jpg/minimap_iria_nw_tunnel_s_eng.jpg
.jpg
Togepi/Togepi/data/gfx/gui/map_jpg/minimap_iria_rano_eng.jpg
.jpg
Togepi/Togepi/data/gfx/gui/map_jpg/minimap_taillteann_abb_neagh_eng_rep.jpg
.jpg
Togepi/Togepi/data/gfx/gui/map_jpg/minimap_taillteann_eng_rep.jpg
.jpg
Togepi/Togepi/data/gfx/gui/map_jpg/minimap_taillteann_sliab_cuilin_eng_rep.jpg
.jpg
Togepi/Togepi/data/gfx/gui/map_jpg/minimap_tara_eng_rep.jpg
.jpg
Togepi/Togepi/data/gfx/gui/map_jpg/minimap_tara_n_field_eng_rep.jpg
.jpg
Togepi/Togepi/data/gfx/gui/tailoring.dds
Togepi/Togepi/data/gfx/gui/tailoring_2.dds
Togepi/Togepi/data/gfx/image/copyright_usa.raw
Togepi/Togepi/data/gfx/image/item_mythril_ingot.dds
Togepi/Togepi/data/gfx/image/item_mythril_metalplate.dds
Togepi/Togepi/data/gfx/image/item_mythril_metalsolder.dds
Togepi/Togepi/data/gfx/image/item_mythril_mineral_fragment.dds
Togepi/Togepi/data/gfx/image/item_mythril_mineral_small.dds
Togepi/Togepi/data/gfx/image/item_unknown_mineral_small.dds
Togepi/Togepi/data/gfx/scene/avon/dungeon/dg_avon_stage_fog_01.xml
Togepi/Togepi/data/gfx/scene/productionprop/scene_prop_mushroom_01_after.pmg
Togepi/Togepi/data/gfx/scene/productionprop/scene_prop_mushroom_01_before.pmg
Togepi/Togepi/data/gfx/scene/productionprop/scene_prop_mushroom_02_after.pmg
Togepi/Togepi/data/gfx/scene/productionprop/scene_prop_mushroom_02_before.pmg
Togepi/Togepi/data/gfx/scene/productionprop/scene_prop_mushroom_03_after.pmg
Togepi/Togepi/data/gfx/scene/productionprop/scene_prop_mushroom_03_before.pmg
Togepi/Togepi/data/gfx/style/systemmenu.style.xml
Togepi/Togepi/data/local/code/interface.english.txt
Togepi/Togepi/data/local/xml/itemdb.english.txt
Togepi/Togepi/data/local/xml/propdb.english.txt
Togepi/Togepi/data/local/xml/race.english.txt
Togepi/Togepi/data/locale/usa/filter/blockchat.txt
Togepi/Togepi/data/xml/itemdb.english.txt
Togepi/Togepi/data/xml/propdb.english.txt
Togepi/Togepi/data/xml/race.english.txt
Togepi/Togepi/dbghelp.dl_
.dll windows:6 windows x86 arch:x86

e246e1939eedffac25310343ba57d266

Code Sign

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

2e:ab:11:dc:50:ff:5c:9d:cb:c0
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

22/08/2007, 22:31

Not After

25/08/2012, 07:00

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:0f:78:4d:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/08/2007, 00:23

Not After

23/02/2009, 00:33

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

61:47:52:ba:00:00:00:00:00:04
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16/09/2006, 01:53

Not After

16/09/2011, 02:03

Subject

CN=Microsoft Timestamping Service,OU=nCipher DSE ESN:D8A9-CFCC-579C,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

61:49:7c:ed:00:00:00:00:00:05
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16/09/2006, 01:55

Not After

16/09/2011, 02:05

Subject

CN=Microsoft Timestamping Service,OU=nCipher DSE ESN:10D8-5847-CBF8,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16/09/2006, 01:04

Not After

15/09/2019, 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

25:7a:0c:3c:b9:23:1c:61:d7:80:36:4d:77:e2:82:ca:a6:a6:63:b9
Signer

Actual PE Digest

25:7a:0c:3c:b9:23:1c:61:d7:80:36:4d:77:e2:82:ca:a6:a6:63:b9

Digest Algorithm

sha1

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

dbghelp.pdb

Imports

msvcrt

_isatty
_write
_lseeki64
??3@YAXPAX@Z
_fileno
_read
__pioinfo
__badioinfo
ferror
wctomb
_snprintf
isleadbyte
mbtowc
_onexit
_lock
__dllonexit
_unlock
_ismbblead
_amsg_exit
_initterm
_XcptFilter
memmove
_iob
__mb_cur_max
strchr
_vsnwprintf
_errno
__CxxFrameHandler
iswspace
calloc
_itoa
_wcsdup
towlower
tolower
_wcslwr
time
_wctime
_ltoa
_wcsnicmp
_purecall
ctime
malloc
strncmp
isspace
_stricmp
_strlwr
free
wcsrchr
strstr
memcpy
_wcsicmp
qsort
wcschr
wcsstr
wcsncmp
iswxdigit
memset
??2@YAPAXI@Z
iswprint
atol
fclose
__unDName
iswdigit
_CxxThrowException
bsearch
_wfsopen
fread
fseek
wcstol
_wfullpath
_wgetenv
_get_osfhandle
_chsize
_close
_open_osfhandle
ftell
_memicmp
_mbscmp
??1type_info@@UAE@XZ
_wsopen

kernel32

HeapAlloc
MapViewOfFileEx
GetCurrentDirectoryW
InitializeCriticalSectionAndSpinCount
GetFileType
DeviceIoControl
SetFileAttributesW
CreateFileMappingW
InterlockedIncrement
InterlockedDecrement
LocalFree
FormatMessageW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetTickCount
QueryPerformanceCounter
RtlUnwind
InterlockedExchange
GetThreadSelectorEntry
CreateThread
TerminateThread
VirtualQueryEx
GetPriorityClass
GetThreadPriority
GetThreadTimes
GetThreadContext
ResumeThread
SuspendThread
GetCurrentThreadId
GetSystemTimeAsFileTime
Sleep
GetVersion
GetSystemInfo
LoadLibraryA
InterlockedCompareExchange
DelayLoadFailureHook
ReadProcessMemory
GetProcessHeap
GetFileAttributesA
SetErrorMode
WriteFile
OutputDebugStringA
VirtualFree
OpenProcess
GetCurrentProcessId
GetModuleHandleA
CreateFileMappingA
MapViewOfFile
DuplicateHandle
VirtualAlloc
VirtualProtect
CreateDirectoryA
UnmapViewOfFile
GetCurrentProcess
SetFilePointer
IsDBCSLeadByte
HeapFree
HeapReAlloc
GetVersionExA
InitializeCriticalSection
HeapCreate
FindClose
LocalAlloc
SetLastError
LeaveCriticalSection
EnterCriticalSection
CloseHandle
ReadFile
GetFileSize
CreateFileA
GetLastError
TlsSetValue
TlsGetValue
TlsAlloc
TlsFree
DeleteCriticalSection
HeapDestroy
FreeLibrary
FlushViewOfFile

Exports

Exports

DbgHelpCreateUserDump
DbgHelpCreateUserDumpW
EnumDirTree
EnumDirTreeW
EnumerateLoadedModules
EnumerateLoadedModules64
EnumerateLoadedModulesEx
EnumerateLoadedModulesExW
EnumerateLoadedModulesW64
ExtensionApiVersion
FindDebugInfoFile
FindDebugInfoFileEx
FindDebugInfoFileExW
FindExecutableImage
FindExecutableImageEx
FindExecutableImageExW
FindFileInPath
FindFileInSearchPath
GetTimestampForLoadedLibrary
ImageDirectoryEntryToData
ImageDirectoryEntryToDataEx
ImageNtHeader
ImageRvaToSection
ImageRvaToVa
ImagehlpApiVersion
ImagehlpApiVersionEx
MakeSureDirectoryPathExists
MapDebugInformation
MiniDumpReadDumpStream
MiniDumpWriteDump
SearchTreeForFile
SearchTreeForFileW
StackWalk
StackWalk64
SymAddSourceStream
SymAddSourceStreamA
SymAddSourceStreamW
SymAddSymbol
SymAddSymbolW
SymCleanup
SymDeleteSymbol
SymDeleteSymbolW
SymEnumLines
SymEnumLinesW
SymEnumProcesses
SymEnumSourceFileTokens
SymEnumSourceFiles
SymEnumSourceFilesW
SymEnumSourceLines
SymEnumSourceLinesW
SymEnumSym
SymEnumSymbols
SymEnumSymbolsForAddr
SymEnumSymbolsForAddrW
SymEnumSymbolsW
SymEnumTypes
SymEnumTypesByName
SymEnumTypesByNameW
SymEnumTypesW
SymEnumerateModules
SymEnumerateModules64
SymEnumerateModulesW64
SymEnumerateSymbols
SymEnumerateSymbols64
SymEnumerateSymbolsW
SymEnumerateSymbolsW64
SymFindDebugInfoFile
SymFindDebugInfoFileW
SymFindExecutableImage
SymFindExecutableImageW
SymFindFileInPath
SymFindFileInPathW
SymFromAddr
SymFromAddrW
SymFromIndex
SymFromIndexW
SymFromName
SymFromNameW
SymFromToken
SymFromTokenW
SymFunctionTableAccess
SymFunctionTableAccess64
SymGetFileLineOffsets64
SymGetHomeDirectory
SymGetHomeDirectoryW
SymGetLineFromAddr
SymGetLineFromAddr64
SymGetLineFromAddrW64
SymGetLineFromName
SymGetLineFromName64
SymGetLineFromNameW64
SymGetLineNext
SymGetLineNext64
SymGetLineNextW64
SymGetLinePrev
SymGetLinePrev64
SymGetLinePrevW64
SymGetModuleBase
SymGetModuleBase64
SymGetModuleInfo
SymGetModuleInfo64
SymGetModuleInfoW
SymGetModuleInfoW64
SymGetOmapBlockBase
SymGetOmaps
SymGetOptions
SymGetScope
SymGetScopeW
SymGetSearchPath
SymGetSearchPathW
SymGetSourceFile
SymGetSourceFileFromToken
SymGetSourceFileFromTokenW
SymGetSourceFileToken
SymGetSourceFileTokenW
SymGetSourceFileW
SymGetSourceVarFromToken
SymGetSourceVarFromTokenW
SymGetSymFromAddr
SymGetSymFromAddr64
SymGetSymFromName
SymGetSymFromName64
SymGetSymNext
SymGetSymNext64
SymGetSymPrev
SymGetSymPrev64
SymGetSymbolFile
SymGetSymbolFileW
SymGetTypeFromName
SymGetTypeFromNameW
SymGetTypeInfo
SymGetTypeInfoEx
SymGetUnwindInfo
SymInitialize
SymInitializeW
SymLoadModule
SymLoadModule64
SymLoadModuleEx
SymLoadModuleExW
SymMatchFileName
SymMatchFileNameW
SymMatchString
SymMatchStringA
SymMatchStringW
SymNext
SymNextW
SymPrev
SymPrevW
SymRefreshModuleList
SymRegisterCallback
SymRegisterCallback64
SymRegisterCallbackW64
SymRegisterFunctionEntryCallback
SymRegisterFunctionEntryCallback64
SymSearch
SymSearchW
SymSetContext
SymSetHomeDirectory
SymSetHomeDirectoryW
SymSetOptions
SymSetParentWindow
SymSetScopeFromAddr
SymSetScopeFromIndex
SymSetSearchPath
SymSetSearchPathW
SymSrvDeltaName
SymSrvDeltaNameW
SymSrvGetFileIndexInfo
SymSrvGetFileIndexInfoW
SymSrvGetFileIndexString
SymSrvGetFileIndexStringW
SymSrvGetFileIndexes
SymSrvGetFileIndexesW
SymSrvGetSupplement
SymSrvGetSupplementW
SymSrvIsStore
SymSrvIsStoreW
SymSrvStoreFile
SymSrvStoreFileW
SymSrvStoreSupplement
SymSrvStoreSupplementW
SymUnDName
SymUnDName64
SymUnloadModule
SymUnloadModule64
UnDecorateSymbolName
UnDecorateSymbolNameW
UnmapDebugInformation
WinDbgExtensionDllInit
block
chksym
dbghelp
dh
fptr
homedir
itoldyouso
lmi
lminfo
omap
srcfiles
stack_force_ebp
stackdbg
sym
symsrv
vc7fpo

Sections

.text
Size: 965KB - Virtual size: 965KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Togepi/Togepi/dbghelp.dll
.dll windows:4 windows x86 arch:x86

42424c0131f9673fdd2055fb066ff1bd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

gdi32

CreateCompatibleDC
CreateDIBSection
DeleteDC
DeleteObject
GetObjectA
SelectObject

kernel32

CloseHandle
CreateRemoteThread
CreateSemaphoreA
CreateThread
DeleteCriticalSection
DeleteFileA
DisableThreadLibraryCalls
EnterCriticalSection
FindResourceA
FreeLibrary
GetCurrentProcess
GetCurrentThreadId
GetFileAttributesA
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetPrivateProfileStringA
GetProcAddress
GetVersionExA
InitializeCriticalSection
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
LeaveCriticalSection
LoadLibraryA
LoadResource
LockResource
ReleaseSemaphore
SetLastError
SizeofResource
Sleep
SuspendThread
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
VirtualProtect
VirtualQuery
WaitForSingleObject

msvcrt

_chdir
_strdup
_write
__dllonexit
_errno
_findclose
_findfirst
_findnext
_fullpath
_iob
_strdate
_strtime
_vsnwprintf
_winmajor
abort
atoi
calloc
fclose
fflush
fopen
fprintf
fputc
fputs
free
fwrite
localeconv
malloc
memchr
memcpy
memmove
realloc
setvbuf
sprintf
strcat
strcmp
strcpy
strerror
strlen
strrchr
strtol
vfprintf
wcslen

psapi

GetModuleInformation

user32

CreateWindowExA
DefWindowProcA
DestroyWindow
GetDC
GetDesktopWindow
GetWindowRect
LoadCursorA
RegisterClassA
ReleaseDC
SetWindowPos
ShowWindow
UpdateLayeredWindow

Exports

Exports

DbgHelpCreateUserDump
DbgHelpCreateUserDumpW
DllMain@12
EnumDirTree
EnumDirTreeW
EnumerateLoadedModules
EnumerateLoadedModules64
EnumerateLoadedModulesEx
EnumerateLoadedModulesExW
EnumerateLoadedModulesW64
ExtensionApiVersion
FindDebugInfoFile
FindDebugInfoFileEx
FindDebugInfoFileExW
FindExecutableImage
FindExecutableImageEx
FindExecutableImageExW
FindFileInPath
FindFileInSearchPath
GetTimestampForLoadedLibrary
ImageDirectoryEntryToData
ImageDirectoryEntryToDataEx
ImageNtHeader
ImageRvaToSection
ImageRvaToVa
ImagehlpApiVersion
ImagehlpApiVersionEx
MakeSureDirectoryPathExists
MapDebugInformation
MiniDumpReadDumpStream
MiniDumpWriteDump
SearchTreeForFile
SearchTreeForFileW
StackWalk
StackWalk64
SymAddSourceStream
SymAddSourceStreamA
SymAddSourceStreamW
SymAddSymbol
SymAddSymbolW
SymCleanup
SymDeleteSymbol
SymDeleteSymbolW
SymEnumLines
SymEnumLinesW
SymEnumProcesses
SymEnumSourceFileTokens
SymEnumSourceFiles
SymEnumSourceFilesW
SymEnumSourceLines
SymEnumSourceLinesW
SymEnumSym
SymEnumSymbols
SymEnumSymbolsForAddr
SymEnumSymbolsForAddrW
SymEnumSymbolsW
SymEnumTypes
SymEnumTypesByName
SymEnumTypesByNameW
SymEnumTypesW
SymEnumerateModules
SymEnumerateModules64
SymEnumerateModulesW64
SymEnumerateSymbols
SymEnumerateSymbols64
SymEnumerateSymbolsW
SymEnumerateSymbolsW64
SymFindDebugInfoFile
SymFindDebugInfoFileW
SymFindExecutableImage
SymFindExecutableImageW
SymFindFileInPath
SymFindFileInPathW
SymFromAddr
SymFromAddrW
SymFromIndex
SymFromIndexW
SymFromName
SymFromNameW
SymFromToken
SymFromTokenW
SymFunctionTableAccess
SymFunctionTableAccess64
SymGetFileLineOffsets64
SymGetHomeDirectory
SymGetHomeDirectoryW
SymGetLineFromAddr
SymGetLineFromAddr64
SymGetLineFromAddrW64
SymGetLineFromName
SymGetLineFromName64
SymGetLineFromNameW64
SymGetLineNext
SymGetLineNext64
SymGetLineNextW64
SymGetLinePrev
SymGetLinePrev64
SymGetLinePrevW64
SymGetModuleBase
SymGetModuleBase64
SymGetModuleInfo
SymGetModuleInfo64
SymGetModuleInfoW
SymGetModuleInfoW64
SymGetOmapBlockBase
SymGetOmaps
SymGetOptions
SymGetScope
SymGetScopeW
SymGetSearchPath
SymGetSearchPathW
SymGetSourceFile
SymGetSourceFileFromToken
SymGetSourceFileFromTokenW
SymGetSourceFileToken
SymGetSourceFileTokenW
SymGetSourceFileW
SymGetSourceVarFromToken
SymGetSourceVarFromTokenW
SymGetSymFromAddr
SymGetSymFromAddr64
SymGetSymFromName
SymGetSymFromName64
SymGetSymNext
SymGetSymNext64
SymGetSymPrev
SymGetSymPrev64
SymGetSymbolFile
SymGetSymbolFileW
SymGetTypeFromName
SymGetTypeFromNameW
SymGetTypeInfo
SymGetTypeInfoEx
SymGetUnwindInfo
SymInitialize
SymInitializeW
SymLoadModule
SymLoadModule64
SymLoadModuleEx
SymLoadModuleExW
SymMatchFileName
SymMatchFileNameW
SymMatchString
SymMatchStringA
SymMatchStringW
SymNext
SymNextW
SymPrev
SymPrevW
SymRefreshModuleList
SymRegisterCallback
SymRegisterCallback64
SymRegisterCallbackW64
SymRegisterFunctionEntryCallback
SymRegisterFunctionEntryCallback64
SymSearch
SymSearchW
SymSetContext
SymSetHomeDirectory
SymSetHomeDirectoryW
SymSetOptions
SymSetParentWindow
SymSetScopeFromAddr
SymSetScopeFromIndex
SymSetSearchPath
SymSetSearchPathW
SymSrvDeltaName
SymSrvDeltaNameW
SymSrvGetFileIndexInfo
SymSrvGetFileIndexInfoW
SymSrvGetFileIndexString
SymSrvGetFileIndexStringW
SymSrvGetFileIndexes
SymSrvGetFileIndexesW
SymSrvGetSupplement
SymSrvGetSupplementW
SymSrvIsStore
SymSrvIsStoreW
SymSrvStoreFile
SymSrvStoreFileW
SymSrvStoreSupplement
SymSrvStoreSupplementW
SymUnDName
SymUnDName64
SymUnloadModule
SymUnloadModule64
UnDecorateSymbolName
UnDecorateSymbolNameW
UnmapDebugInformation
WinDbgExtensionDllInit
_DllMain@12
block
chksym
dbghelp
dh
fptr
homedir
itoldyouso
lmi
lminfo
omap
srcfiles
stack_force_ebp
stackdbg
sym
symsrv
vc7fpo

Sections

.text
Size: 223KB - Virtual size: 223KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.eh_fram
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Togepi/Togepi/dinput8.dll
.dll regsvr32 windows:5 windows x86 arch:x86

2f3dcb79856dbdb91b95f50d59419418

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\ProgramCode\mabipake\bin\release(dinput8)\dinput8.pdb

Imports

kernel32

lstrlenA
FreeLibrary
GetProcAddress
DisableThreadLibraryCalls
GetPrivateProfileStringA
LoadLibraryA
GetModuleFileNameA
GetModuleHandleA
DeleteFileA
IsBadWritePtr
IsBadReadPtr
GetPrivateProfileIntA
WideCharToMultiByte
MultiByteToWideChar
GetSystemDirectoryA
lstrcatA
GetTickCount
GetLocalTime
GetLastError
HeapFree
HeapAlloc
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EnterCriticalSection
LeaveCriticalSection
GetCurrentThreadId
GetCommandLineA
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
RtlUnwind
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
CloseHandle
HeapCreate
HeapDestroy
VirtualFree
VirtualAlloc
HeapReAlloc
Sleep
ExitProcess
WriteFile
RaiseException
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
CreateFileA
InitializeCriticalSectionAndSpinCount
SetStdHandle
GetConsoleCP
GetConsoleMode
FlushFileBuffers
HeapSize
SetFilePointer
ReadFile
SetEndOfFile
GetProcessHeap
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW

user32

wsprintfA

Exports

Exports

DirectInput8Create
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
Recv
Send
WriteLog

Sections

.text
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 89KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Togepi/Togepi/mabinogi.ini
Togepi/Togepi/mng.log
Togepi/Togepi/mng_startuplog.txt
Togepi/Togepi/mod/AlissaAnalyzer.exe
.exe windows:4 windows x86 arch:x86

b4d12db660a85116bf8bc375b90c7c14

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

oleaut32

SysFreeString
SysReAllocStringLen
SysAllocStringLen
SafeArrayPtrOfIndex
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayCreate
VariantChangeType
VariantCopy
VariantClear
VariantInit

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegFlushKey
RegCloseKey

user32

GetKeyboardType
DestroyWindow
LoadStringA
MessageBoxA
CharNextA
CreateWindowExA
WindowFromPoint
WaitMessage
UpdateWindow
UnregisterClassA
UnhookWindowsHookEx
TranslateMessage
TranslateMDISysAccel
TrackPopupMenu
SystemParametersInfoA
ShowWindow
ShowScrollBar
ShowOwnedPopups
SetWindowsHookExA
SetWindowTextA
SetWindowPos
SetWindowPlacement
SetWindowLongW
SetWindowLongA
SetTimer
SetScrollRange
SetScrollPos
SetScrollInfo
SetRect
SetPropA
SetParent
SetMenuItemInfoA
SetMenu
SetForegroundWindow
SetFocus
SetCursor
SetClipboardData
SetClassLongA
SetCapture
SetActiveWindow
SendMessageW
SendMessageA
ScrollWindow
ScreenToClient
RemovePropA
RemoveMenu
ReleaseDC
ReleaseCapture
RegisterWindowMessageA
RegisterClipboardFormatA
RegisterClassA
RedrawWindow
PtInRect
PostQuitMessage
PostMessageA
PeekMessageW
PeekMessageA
OpenClipboard
OffsetRect
OemToCharA
MessageBoxA
MessageBeep
MapWindowPoints
MapVirtualKeyA
LoadStringA
LoadKeyboardLayoutA
LoadIconA
LoadCursorA
LoadBitmapA
KillTimer
IsZoomed
IsWindowVisible
IsWindowUnicode
IsWindowEnabled
IsWindow
IsRectEmpty
IsIconic
IsDialogMessageW
IsDialogMessageA
IsChild
InvalidateRect
IntersectRect
InsertMenuItemA
InsertMenuA
InflateRect
GetWindowThreadProcessId
GetWindowTextA
GetWindowRect
GetWindowPlacement
GetWindowLongW
GetWindowLongA
GetWindowDC
GetTopWindow
GetSystemMetrics
GetSystemMenu
GetSysColorBrush
GetSysColor
GetSubMenu
GetScrollRange
GetScrollPos
GetScrollInfo
GetPropA
GetParent
GetWindow
GetMessagePos
GetMenuStringA
GetMenuState
GetMenuItemInfoA
GetMenuItemID
GetMenuItemCount
GetMenu
GetLastActivePopup
GetKeyboardState
GetKeyboardLayoutNameA
GetKeyboardLayoutList
GetKeyboardLayout
GetKeyState
GetKeyNameTextA
GetIconInfo
GetForegroundWindow
GetFocus
GetDesktopWindow
GetDCEx
GetDC
GetCursorPos
GetCursor
GetClipboardData
GetClientRect
GetClassNameA
GetClassLongA
GetClassInfoA
GetCapture
GetActiveWindow
FrameRect
FindWindowA
FillRect
EqualRect
EnumWindows
EnumThreadWindows
EnumClipboardFormats
EnumChildWindows
EndPaint
EnableWindow
EnableScrollBar
EnableMenuItem
EmptyClipboard
DrawTextA
DrawMenuBar
DrawIconEx
DrawIcon
DrawFrameControl
DrawFocusRect
DrawEdge
DispatchMessageW
DispatchMessageA
DestroyWindow
DestroyMenu
DestroyIcon
DestroyCursor
DeleteMenu
DefWindowProcA
DefMDIChildProcA
DefFrameProcA
CreatePopupMenu
CreateMenu
CreateIcon
CloseClipboard
ClientToScreen
ChildWindowFromPoint
CheckMenuItem
CallWindowProcA
CallNextHookEx
BeginPaint
CharNextA
CharLowerBuffA
CharLowerA
CharToOemA
AdjustWindowRectEx
ActivateKeyboardLayout

kernel32

GetACP
Sleep
VirtualFree
VirtualAlloc
GetCurrentThreadId
InterlockedDecrement
InterlockedIncrement
VirtualQuery
WideCharToMultiByte
MultiByteToWideChar
lstrlenA
lstrcpynA
LoadLibraryExA
GetThreadLocale
GetStartupInfoA
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
GetLocaleInfoA
GetCommandLineA
FreeLibrary
FindFirstFileA
FindClose
ExitProcess
CompareStringA
WriteFile
UnhandledExceptionFilter
RtlUnwind
RaiseException
GetStdHandle
TlsSetValue
TlsGetValue
LocalAlloc
GetModuleHandleA
lstrcpyA
lstrcmpA
WritePrivateProfileStringA
WriteFile
WaitForSingleObject
VirtualQuery
VirtualAlloc
SizeofResource
SetThreadLocale
SetFilePointer
SetEvent
SetErrorMode
SetEndOfFile
ResetEvent
ReadFile
MulDiv
LockResource
LoadResource
LoadLibraryA
LeaveCriticalSection
InitializeCriticalSection
GlobalUnlock
GlobalLock
GlobalFree
GlobalFindAtomA
GlobalDeleteAtom
GlobalAlloc
GlobalAddAtomA
GetVersionExA
GetVersion
GetTickCount
GetThreadLocale
GetStdHandle
GetProcAddress
GetPrivateProfileStringA
GetModuleHandleA
GetModuleFileNameA
GetLocaleInfoA
GetLocalTime
GetLastError
GetFullPathNameA
GetDiskFreeSpaceA
GetDateFormatA
GetCurrentThreadId
GetCurrentProcessId
GetCPInfo
FreeResource
InterlockedExchange
FreeLibrary
FormatMessageA
FindResourceA
EnumCalendarInfoA
EnterCriticalSection
DeleteCriticalSection
CreateThread
CreateFileA
CreateEventA
CompareStringA
CloseHandle
Sleep

gdi32

UnrealizeObject
StretchBlt
SetWindowOrgEx
SetWinMetaFileBits
SetViewportOrgEx
SetTextColor
SetStretchBltMode
SetROP2
SetPixel
SetEnhMetaFileBits
SetDIBColorTable
SetBrushOrgEx
SetBkMode
SetBkColor
SelectPalette
SelectObject
SelectClipRgn
SaveDC
RestoreDC
Rectangle
RectVisible
RealizePalette
Polyline
PlayEnhMetaFile
PatBlt
MoveToEx
MaskBlt
LineTo
IntersectClipRect
GetWindowOrgEx
GetWinMetaFileBits
GetTextMetricsA
GetTextExtentPoint32A
GetSystemPaletteEntries
GetStockObject
GetRgnBox
GetPixel
GetPaletteEntries
GetObjectA
GetEnhMetaFilePaletteEntries
GetEnhMetaFileHeader
GetEnhMetaFileBits
GetDeviceCaps
GetDIBits
GetDIBColorTable
GetDCOrgEx
GetCurrentPositionEx
GetClipBox
GetBrushOrgEx
GetBitmapBits
ExtTextOutA
ExcludeClipRect
DeleteObject
DeleteEnhMetaFile
DeleteDC
CreateSolidBrush
CreatePenIndirect
CreatePalette
CreateHalftonePalette
CreateFontIndirectA
CreateDIBitmap
CreateDIBSection
CreateCompatibleDC
CreateCompatibleBitmap
CreateBrushIndirect
CreateBitmap
CopyEnhMetaFileA
BitBlt

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

ole32

CoTaskMemAlloc
CoCreateInstance
CoUninitialize
CoInitialize

comctl32

_TrackMouseEvent
ImageList_SetIconSize
ImageList_GetIconSize
ImageList_Write
ImageList_Read
ImageList_GetDragImage
ImageList_DragShowNolock
ImageList_DragMove
ImageList_DragLeave
ImageList_DragEnter
ImageList_EndDrag
ImageList_BeginDrag
ImageList_Remove
ImageList_DrawEx
ImageList_Draw
ImageList_GetBkColor
ImageList_SetBkColor
ImageList_Add
ImageList_SetImageCount
ImageList_GetImageCount
ImageList_Destroy
ImageList_Create
InitCommonControls

Sections

.text
Size: 508KB - Virtual size: 508KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 19KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 56B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Togepi/Togepi/mod/AlissaAnalyzer.ini
Togepi/Togepi/mod/mod.txt
Togepi/Togepi/mod/mod_Agnes.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

Initialize
RecvHook
SendHook
Terminate

Sections

CODE
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 133B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Togepi/Togepi/mod/mod_Alissa.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

Initialize
RecvHook
SendHook
Terminate

Sections

CODE
Size: 378KB - Virtual size: 377KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 134B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Togepi/Togepi/mod/pakecore.dll
.dll windows:5 windows x86 arch:x86

06c7e9d31701f979f973f1ce878e5c93

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FreeLibrary
InitializeCriticalSection
LeaveCriticalSection
GetProcAddress
EnterCriticalSection
DisableThreadLibraryCalls
LoadLibraryA
GetModuleFileNameA
GetModuleHandleA
DeleteCriticalSection
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
FlushFileBuffers
GetFileInformationByHandle
GetLastError
GetFileSize
ReadFile
WriteFile
GetSystemInfo
CloseHandle
SetFilePointer
SetEndOfFile
GetFileType
CreateFileA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
InterlockedExchangeAdd
Sleep
InterlockedIncrement
InterlockedDecrement
GetLocaleInfoA
WideCharToMultiByte
MultiByteToWideChar
GetStringTypeW
LCMapStringW
LCMapStringA
GetCPInfo
GetStringTypeA
HeapFree
HeapAlloc
GetCurrentThreadId
GetCommandLineA
SetHandleCount
GetStdHandle
GetStartupInfoA
SetStdHandle
RaiseException
RtlUnwind
HeapReAlloc
HeapCreate
HeapDestroy
VirtualFree
VirtualAlloc
GetModuleHandleW
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetConsoleCP
GetConsoleMode
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
HeapSize
GetACP
GetOEMCP
IsValidCodePage

shlwapi

PathAppendA
PathRemoveFileSpecA

Exports

Exports

Initialize
RecvHook
SendHook
Terminate

Sections

.text
Size: 186KB - Virtual size: 186KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

STLPORT_
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Togepi/Togepi/mod/src/AlissaAnalyzer/AlissaAnalyzer.dpr
Togepi/Togepi/mod/src/AlissaAnalyzer/MabiPacketUtil.pas
Togepi/Togepi/mod/src/AlissaAnalyzer/Packet.dfm
Togepi/Togepi/mod/src/AlissaAnalyzer/Packet.pas
Togepi/Togepi/mod/src/AlissaAnalyzer/main.dfm
Togepi/Togepi/mod/src/AlissaAnalyzer/main.pas
.js
Togepi/Togepi/mod/src/AlissaAnalyzer/setting.dfm
Togepi/Togepi/mod/src/AlissaAnalyzer/setting.pas
Togepi/Togepi/mod/src/mod_Alissa/Alissa.dfm
Togepi/Togepi/mod/src/mod_Alissa/Alissa.pas
Togepi/Togepi/mod/src/mod_Alissa/MabiPacketUtil.pas
Togepi/Togepi/mod/src/mod_Alissa/mod_Alissa.dof
Togepi/Togepi/mod/src/mod_Alissa/mod_Alissa.dpr

Sharing

General

Malware Config

Signatures

Files

380c0793f438c8e8c4bf6ed17c5469c8

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

shell32

oasis

mint

esl

pleione

standard

renderer2

ws2_32

exl

msvcp90

msvcr90

dbghelp

version

wininet

winmm

advapi32

Exports

Exports

Sections

.text Size: 109KB - Virtual size: 108KB

.rdata Size: 39KB - Virtual size: 39KB

.data Size: 1KB - Virtual size: 43KB

.rsrc Size: 324KB - Virtual size: 323KB

15a0f1d644e443ffc57a495d97f7c764

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate

Extended Key Usages

Key Usages

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate

Extended Key Usages

Key Usages

6d:1f:15:c8:b8:92:25:b9:bb:ff:e9:23:24:1a:6a:c4Certificate

Extended Key Usages

Key Usages

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5cCertificate

Extended Key Usages

Key Usages

61:0c:12:06:00:00:00:00:00:1bCertificate

Key Usages

a6:b8:de:e6:38:35:e6:19:f7:02:11:b6:f8:05:2f:ad:4c:7d:41:6eSigner

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 23KB - Virtual size: 22KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 107KB

.ndata Size: - Virtual size: 40KB

.rsrc Size: 64KB - Virtual size: 64KB

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate

Extended Key Usages

Key Usages

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate

Extended Key Usages

Key Usages

6d:1f:15:c8:b8:92:25:b9:bb:ff:e9:23:24:1a:6a:c4Certificate

.text
Size: 109KB - Virtual size: 108KB

.rdata
Size: 39KB - Virtual size: 39KB

.data
Size: 1KB - Virtual size: 43KB

.rsrc
Size: 324KB - Virtual size: 323KB

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

6d:1f:15:c8:b8:92:25:b9:bb:ff:e9:23:24:1a:6a:c4
Certificate

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

61:0c:12:06:00:00:00:00:00:1b
Certificate

a6:b8:de:e6:38:35:e6:19:f7:02:11:b6:f8:05:2f:ad:4c:7d:41:6e
Signer

.text
Size: 23KB - Virtual size: 22KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 107KB

.ndata
Size: - Virtual size: 40KB

.rsrc
Size: 64KB - Virtual size: 64KB

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

6d:1f:15:c8:b8:92:25:b9:bb:ff:e9:23:24:1a:6a:c4
Certificate

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

61:0c:12:06:00:00:00:00:00:1b
Certificate

c2:79:bf:d6:68:e7:17:91:ae:50:e9:c1:fb:d3:b5:53:0e:d8:e8:ef
Signer

UPX0
Size: - Virtual size: 728KB

UPX1
Size: 342KB - Virtual size: 344KB

.rsrc
Size: 17KB - Virtual size: 20KB

.text
Size: 4KB - Virtual size: 1KB

.rdata
Size: 4KB - Virtual size: 469B

.data
Size: 4KB - Virtual size: 189B

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 216B

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88
Certificate

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

38:eb:81:eb:87:d1:bf:6b:d8:94:8a:76:60:e5:7d:f5
Certificate

.text
Size: 88KB - Virtual size: 85KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 32KB - Virtual size: 36KB

.rsrc
Size: 4KB - Virtual size: 992B

.reloc
Size: 8KB - Virtual size: 6KB