0d1f7e5f13c8b55daab9167a5f7c705a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0d1f7e5f13c8b55daab9167a5f7c705a_JaffaCakes118
Size

19.9MB
MD5

0d1f7e5f13c8b55daab9167a5f7c705a
SHA1

12facd088c7ab3451ed72767865b38ad40a00c97
SHA256

9e36fa8798598983826460f26cf136ec459fa1104510c1557a7937e708b48d6d
SHA512

7788ce4eec8e9431abe9d059fcbcf9d3122f2651bbc4c22fab37af4ca383065194054835ca0681e1c9a14ecf131d30360da2a6304f5cfdcdd0f0b235aa7966b3
SSDEEP

393216:hWYw2vPC+50HZW0sa2nNrv1G375ZbODVfXCbxI+9iN1YApCC7SE:hWY3L+H6pquDhSbxIN15XWE

Score

1^/10

Malware Config

Signatures

Files

0d1f7e5f13c8b55daab9167a5f7c705a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c552a31531df962b2298e689961d15c2

Code Sign

0b:d8:a6:92:ce:d9:a1:8c:53:0f:a8:5d:55:72:c0:d4
Certificate

Issuer

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/04/2020, 00:00

Not After

12/06/2023, 12:00

Subject

CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,OU=IT,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2014, 00:00

Not After

22/10/2024, 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0f:a8:49:06:15:d7:00:a0:be:21:76:fd:c5:ec:6d:bd
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

11/02/2011, 12:00

Not After

10/02/2026, 12:00

Subject

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2021, 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

09:eb:8e:00:26:88:42:f0:dc:0c:60:43:a6:d5:61:91
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

02/04/2020, 00:00

Not After

12/06/2023, 12:00

Subject

CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,OU=IT,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/10/2019, 00:00

Not After

17/10/2030, 00:00

Subject

CN=TIMESTAMP-SHA256-2019-10-15,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

6f:9f:72:42:59:52:88:31:20:26:79:49:db:3a:e8:a3:9c:75:cc:00:19:38:8a:e4:ae:e7:7f:5a:ff:87:89:26
Signer

Actual PE Digest

6f:9f:72:42:59:52:88:31:20:26:79:49:db:3a:e8:a3:9c:75:cc:00:19:38:8a:e4:ae:e7:7f:5a:ff:87:89:26

Digest Algorithm

sha256

PE Digest Matches

true

d4:69:ca:74:bb:44:6b:5c:09:b6:0c:46:f8:c2:4d:e5:04:3d:c1:9f
Signer

Actual PE Digest

d4:69:ca:74:bb:44:6b:5c:09:b6:0c:46:f8:c2:4d:e5:04:3d:c1:9f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
GetPrivateProfileStringW
WritePrivateProfileStringW
MoveFileW
MultiByteToWideChar
WideCharToMultiByte
CreateFileW
GetFileSize
GetTickCount
GetModuleFileNameW
GetProcAddress
GetCommandLineW
SetEnvironmentVariableW
WriteFile
GetTempPathW
SetErrorMode
HeapAlloc
HeapFree
GetProcessHeap
GetCurrentProcess
GetCurrentProcessId
ExitProcess
GetVersion
GetWindowsDirectoryW
LoadLibraryW
CopyFileW
GetDiskFreeSpaceW
CreateThread
GlobalLock
GlobalUnlock
lstrcmpiW
lstrlenW
CreateDirectoryW
GetTempFileNameW
RemoveDirectoryW
WaitForSingleObject
GetExitCodeProcess
CreateProcessW
GetSystemDirectoryW
GetModuleHandleA
lstrcmpiA
lstrcpyA
lstrcatW
MoveFileExW
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
VirtualQuery
RtlUnwind
IsProcessorFeaturePresent
lstrcmpW
FormatMessageW
MulDiv
LocalFree
GlobalFree
GlobalAlloc
LoadLibraryExW
GetModuleHandleW
FreeLibrary
Sleep
GetLastError
CloseHandle
SetFileTime
SetFilePointer
SetFileAttributesW
ReadFile
GetShortPathNameW
GetFullPathNameW
GetFileAttributesW
FindNextFileW
FindFirstFileW
FindClose
DeleteFileW
CompareFileTime
SearchPathW
SetCurrentDirectoryW
lstrcpynW
ExpandEnvironmentStringsW

user32

ScreenToClient
GetSysColor
GetWindowLongW
SetClassLongW
LoadCursorW
SystemParametersInfoW
wsprintfA
DispatchMessageW
PeekMessageW
SetDlgItemTextW
GetDlgItemTextW
SetCursor
CharPrevW
MessageBoxIndirectW
GetSystemMetrics
IsWindowEnabled
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
CheckDlgButton
EndDialog
DialogBoxParamW
GetWindowRect
TrackPopupMenu
AppendMenuW
EnableMenuItem
CreatePopupMenu
CharNextA
GetSystemMenu
IsWindowVisible
SetWindowPos
CreateWindowExW
GetClassInfoW
RegisterClassW
CallWindowProcW
GetMessagePos
CharNextW
ExitWindowsEx
SetWindowTextW
CreateDialogParamW
DestroyWindow
PostMessageW
LoadImageW
FindWindowExW
SetWindowLongW
InvalidateRect
ReleaseDC
GetDC
DefWindowProcW
DrawTextW
BeginPaint
EndPaint
GetClientRect
SetForegroundWindow
EnableWindow
GetDlgItem
ShowWindow
IsWindow
PostQuitMessage
SendMessageTimeoutW
SendMessageW
wsprintfW
FillRect
SetTimer

gdi32

SetBkColor
GetDeviceCaps
SetTextColor
SetBkMode
SelectObject
DeleteObject
CreateBrushIndirect
CreateFontIndirectW

shell32

ShellExecuteExW
SHBrowseForFolderW
SHGetPathFromIDListW
SHGetFileInfoW
SHFileOperationW
SHGetSpecialFolderLocation

advapi32

RegQueryValueExW
LookupPrivilegeValueW
AdjustTokenPrivileges
OpenProcessToken
RegSetValueExW
RegCreateKeyExW
SetFileSecurityW
RegCloseKey
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyW
RegEnumValueW
RegOpenKeyExW

comctl32

ImageList_Create
ImageList_Destroy
ImageList_AddMasked
ord17

ole32

OleUninitialize
OleInitialize
CoCreateInstance
CoTaskMemFree

Sections

.text
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 173KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ndata
Size: - Virtual size: 320KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$0/2345DirectUI.dll
.dll windows:5 windows x64 arch:x64

51dcb9e351489e3c75db9c583e4f741e

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1b:09:3b:78:60:96:da:37:bb:a4:51:94:46:c8:96:78
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

75:07:30:67:30:94:f3:8c:a9:f0:7e:06:e5:74:fb:df
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

04/07/2017, 00:00

Not After

22/06/2019, 23:59

Subject

CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,OU=IT,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1b:09:3b:78:60:96:da:37:bb:a4:51:94:46:c8:96:78
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

67:1d:31:6b:f6:0f:35:75:5f:07:23:72:de:ef:8f:e5
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

22/06/2017, 00:00

Not After

22/06/2019, 23:59

Subject

CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,OU=IT,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

65:08:aa:36:91:40:46:7d:8c:6a:e1:41:32:75:59:fa:fa:3a:c2:5d:a5:a8:1e:78:a6:2c:45:35:51:db:fc:5b
Signer

Actual PE Digest

65:08:aa:36:91:40:46:7d:8c:6a:e1:41:32:75:59:fa:fa:3a:c2:5d:a5:a8:1e:78:a6:2c:45:35:51:db:fc:5b

Digest Algorithm

sha256

PE Digest Matches

true

c7:04:68:8e:2d:af:32:1f:11:84:11:7d:e5:cc:9c:a9:c5:9a:b2:47
Signer

Actual PE Digest

c7:04:68:8e:2d:af:32:1f:11:84:11:7d:e5:cc:9c:a9:c5:9a:b2:47

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

E:\RCFL\DirectUI\SVNServer\DirectUI\bin\vs2013\x64\release_unicode\pdb\2345DirectUI.pdb

Imports

kernel32

IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
OutputDebugStringW
InitializeSListHead
InterlockedPopEntrySList
InterlockedPushEntrySList
VirtualAlloc
VirtualFree
lstrlenA
LocalFree
GetProcessHeap
HeapFree
HeapAlloc
GetCurrentThreadId
SetLastError
FlushInstructionCache
ReadFile
FreeLibrary
GetCurrentProcess
SetFilePointer
FreeResource
EncodePointer
DeleteFileW
CopyFileW
CreateEventW
GetTickCount
GetCurrentDirectoryW
WideCharToMultiByte
DisableThreadLibraryCalls
MultiByteToWideChar
SizeofResource
LoadLibraryExW
LoadResource
FindResourceW
IsBadReadPtr
GlobalFree
CreateFileW
WriteFile
DecodePointer
GetLastError
RaiseException
GetModuleFileNameW
InitializeCriticalSectionAndSpinCount
GlobalUnlock
GlobalAlloc
GetModuleHandleW
GlobalLock
MulDiv
ExpandEnvironmentStringsW
lstrcpyW
lstrcatW
lstrcmpiW
lstrlenW
GetFileAttributesW
GetVersionExW
LoadLibraryW
CloseHandle
DeleteCriticalSection
LoadLibraryA
EnterCriticalSection
GetProcAddress
LeaveCriticalSection
InitializeCriticalSection
IsDebuggerPresent

user32

FindWindowW
IsRectEmpty
SetRectEmpty
GetMonitorInfoW
MonitorFromWindow
DrawTextW
UnionRect
GetSysColor
EndPaint
ClientToScreen
IsWindow
PtInRect
LoadCursorW
GetParent
SetForegroundWindow
PostMessageW
IsIconic
GetWindowRect
RemovePropW
UpdateLayeredWindow
DestroyWindow
UnregisterClassW
CopyRect
SetCursor
GetIconInfo
DrawIconEx
MoveWindow
SetWindowTextW
GetDlgCtrlID
UpdateWindow
SendMessageW
CloseWindow
GetDlgItem
GetWindowTextW
BringWindowToTop
InvalidateRect
LockWindowUpdate
GetCapture
SetFocus
GetClientRect
SetParent
IsWindowEnabled
IsZoomed
KillTimer
SetCapture
SetActiveWindow
SetTimer
GetWindowTextLengthW
CharNextW
GetWindow
SystemParametersInfoW
MessageBoxW
CallWindowProcW
EndDeferWindowPos
SetWindowLongPtrW
GetSystemMetrics
BeginDeferWindowPos
ReleaseCapture
EqualRect
GetCursorPos
GetDesktopWindow
DestroyCursor
EnableMenuItem
GetClassNameW
GetClassLongPtrW
IntersectRect
OffsetRect
InflateRect
BeginPaint
DrawTextExW
GetWindowLongPtrW
GetKeyState
GetTopWindow
ScreenToClient
GetSystemMenu
FillRect
DrawFrameControl
LoadStringW
LoadImageW
MonitorFromPoint
CallNextHookEx
WindowFromPoint
TrackPopupMenuEx
RemoveMenu
SetWindowsHookExW
UnhookWindowsHookEx
LoadMenuW
DeferWindowPos
GetDoubleClickTime
DestroyIcon
GetWindowDC
GetMessagePos
EndDialog
GetFocus
DialogBoxParamW
GetAsyncKeyState
IsMenu
GetMenuItemID
GetSubMenu
DeleteMenu
GetMenuStringW
GetMenuItemInfoW
ModifyMenuW
GetClassLongW
SetRect
AppendMenuW
CreatePopupMenu
GetMenuItemCount
GetClassInfoExW
SetPropW
GetDC
GetForegroundWindow
RegisterClassExW
GetWindowLongW
ReleaseDC
InsertMenuW
DestroyMenu
GetWindowThreadProcessId
DefWindowProcW
GetPropW
EnableWindow
IsWindowVisible
CreateWindowExW
SetWindowPos
GetActiveWindow
ShowWindow
RedrawWindow
SetWindowLongW
SetWindowRgn

gdi32

CreateRectRgn
OffsetRgn
CreateCompatibleBitmap
CombineRgn
CreateRectRgnIndirect
PtInRegion
SetRectRgn
SelectClipRgn
CreateBitmap
SetViewportOrgEx
PatBlt
CreateSolidBrush
CreatePen
FillPath
PolyBezierTo
EndPath
ExtCreateRegion
PolyDraw
GetRegionData
CreateFontIndirectW
SetTextColor
WidenPath
CreatePatternBrush
GetViewportOrgEx
GetWindowOrgEx
GetPath
MoveToEx
BeginPath
CreateICW
GetPixel
SetDIBits
ExtTextOutW
SetBkColor
GetCurrentObject
RestoreDC
SetROP2
SaveDC
IntersectClipRect
SetWindowOrgEx
Rectangle
GetClipBox
SetBkMode
CreateDIBSection
BitBlt
GetDeviceCaps
GetDIBits
CreateDCW
RealizePalette
SelectPalette
GetObjectW
GetStockObject
DeleteDC
SelectObject
CreateCompatibleDC
LineTo
DeleteObject

advapi32

RegSetValueExW
RegQueryInfoKeyW
RegDeleteKeyW
RegDeleteValueW
RegOpenKeyExW
RegEnumKeyExW
RegCreateKeyExW
RegCloseKey

shell32

ShellExecuteW

ole32

CoCreateGuid
CoFreeUnusedLibraries
StringFromGUID2
CoInitialize
CoUninitialize
CoTaskMemAlloc
CoTaskMemFree
CoTaskMemRealloc
CoCreateInstance
CLSIDFromString
CreateStreamOnHGlobal
OleUninitialize
OleInitialize

oleaut32

SafeArrayGetUBound
VariantClear
VarBstrCmp
VarUI4FromStr
SysAllocStringLen
VariantCopy
SysStringByteLen
VarBstrCat
SysAllocStringByteLen
SysStringLen
SafeArrayPutElement
SafeArrayGetElement
SafeArrayRedim
SafeArrayCreate
SafeArrayDestroy
SafeArrayGetLBound
SysAllocString
OleTranslateColor
LoadRegTypeLi
SysFreeString
VariantChangeType
VariantInit
LoadTypeLi

msvcp120

?_Xout_of_range@std@@YAXPEBD@Z
?_Xlength_error@std@@YAXPEBD@Z
?_Xbad_alloc@std@@YAXXZ
?_Syserror_map@std@@YAPEBDH@Z
?_Orphan_all@_Container_base12@std@@QEAAXXZ
??0_Container_base12@std@@QEAA@XZ
?_Swap_all@_Container_base12@std@@QEAAXAEAU12@@Z
?_Winerror_map@std@@YAPEBDH@Z

msvcr120

_malloc_crt
_amsg_exit
__CppXcptFilter
__crtCapturePreviousContext
__crtCaptureCurrentContext
__crtTerminateProcess
__crtUnhandledException
__crt_debugger_hook
__CxxFrameHandler3
_onexit
__C_specific_handler
__dllonexit
_calloc_crt
_unlock
_lock
atof
?terminate@@YAXXZ
sprintf_s
strchr
toupper
_wcstoui64
wcstoul
wcschr
_snwprintf_s
atoi
_waccess
vswprintf_s
strstr
_wtoi
_wcsicmp
strncpy_s
fclose
wcscpy_s
fseek
_initterm
wcscat_s
ftell
fwrite
fread
swprintf_s
_wfopen_s
wcsstr
wcsncpy_s
_resetstkoflw
malloc
memcpy_s
_recalloc
calloc
??_V@YAXPEAX@Z
free
??2@YAPEAX_K@Z
??3@YAXPEAX@Z
_purecall
_beginthreadex
memmove
memcpy
_initterm_e
?_type_info_dtor_internal_method@type_info@@QEAAXXZ
__clean_type_info_names_internal
memset
_CxxThrowException
__RTDynamicCast
ceilf
floorf
memcmp

comctl32

ImageList_Destroy
ImageList_GetImageInfo
ImageList_GetImageCount
ImageList_LoadImageW
_TrackMouseEvent
ImageList_GetIcon

msimg32

AlphaBlend

gdiplus

GdipFillRectangleI
GdipCloneImage
GdipGetImageWidth
GdipCreateBitmapFromStream
GdipCreateBitmapFromFile
GdipCreateFromHDC
GdipDrawImageRectI
GdipCreateBitmapFromHBITMAP
GdipCreateLineBrushFromRectWithAngleI
GdipSetStringFormatFlags
GdipGetStringFormatFlags
GdipMeasureString
GdipSetStringFormatLineAlign
GdipSetTextRenderingHint
GdipDeleteFont
GdipSetStringFormatAlign
GdipSetSmoothingMode
GdipBitmapUnlockBits
GdipDrawString
GdipCreateFontFromLogfontW
GdipSetCompositingQuality
GdipSetInterpolationMode
GdipBitmapLockBits
GdipSetStringFormatHotkeyPrefix
GdipCreateStringFormat
GdipSetStringFormatTrimming
GdipDeleteStringFormat
GdipDrawImageI
GdipDeletePen
GdipCreatePen1
GdipDrawRectangleI
GdipFillPolygon
GdipDrawPolygon
GdipCreateHICONFromBitmap
GdipCreateTexture
GdipFillPieI
GdipCloneBitmapAreaI
GdipSetCompositingMode
GdipDisposeImage
GdipAlloc
GdipCreateSolidFill
GdipGetImageGraphicsContext
GdipDeleteGraphics
GdipCreateBitmapFromScan0
GdipDrawImageRectRectI
GdipGetImageHeight
GdipCloneBrush
GdipFree
GdipDeleteBrush
GdipCreateHBITMAPFromBitmap

rpcrt4

UuidFromStringW

Exports

Exports

CloseSkin
FreeSkinFileBytes
GetSkinFileBytes
OpenSkin

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 470KB - Virtual size: 470KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 87KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$0/HaoZip.dll
.dll windows:5 windows x64 arch:x64

a6ba115c8f74ccd80bfbf9d4f86b99aa

Code Sign

0d:70:a1:7d:75:6f:ec:88:85:9a:29:46:be:d7:69:44
Certificate

Issuer

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/05/2019, 00:00

Not After

08/05/2020, 12:00

Subject

CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,OU=IT,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,L=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2014, 00:00

Not After

22/10/2024, 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0f:a8:49:06:15:d7:00:a0:be:21:76:fd:c5:ec:6d:bd
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

11/02/2011, 12:00

Not After

10/02/2026, 12:00

Subject

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2021, 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:40:74:8d:43:58:a1:47:81:d6:a9:c3:07:b3:aa:9c
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2019, 00:00

Not After

08/05/2020, 12:00

Subject

CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,OU=IT,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,L=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/10/2019, 00:00

Not After

17/10/2030, 00:00

Subject

CN=TIMESTAMP-SHA256-2019-10-15,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

98:a0:19:cd:f7:ae:11:f0:cc:31:cc:fc:86:26:cd:05:45:98:0d:44:3b:84:35:9e:88:a0:97:63:c7:de:8f:c7
Signer

Actual PE Digest

98:a0:19:cd:f7:ae:11:f0:cc:31:cc:fc:86:26:cd:05:45:98:0d:44:3b:84:35:9e:88:a0:97:63:c7:de:8f:c7

Digest Algorithm

sha256

PE Digest Matches

true

50:fb:fc:00:a5:d3:9d:c7:ca:bf:e8:5a:80:3a:5e:69:d8:72:cb:e2
Signer

Actual PE Digest

50:fb:fc:00:a5:d3:9d:c7:ca:bf:e8:5a:80:3a:5e:69:d8:72:cb:e2

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\trunk\2345haozip\bin\x64\release\pdb\HaoZip.dll.pdb

Imports

gdiplus

GdipFillRectangleI
GdipMeasureString
GdipCloneBrush
GdipSetTextRenderingHint
GdipSetImageAttributesWrapMode
GdipDrawString
GdipSetCompositingMode
GdipCreateBitmapFromResource
GdipSetSmoothingMode
GdipGetRegionHRgn
GdipSetImageAttributesColorMatrix
GdipSaveGraphics
GdipBitmapUnlockBits
GdipCreateMatrix
GdipGetWorldTransform
GdipTransformPointsI
GdipDeleteStringFormat
GdipCreateRegion
GdipCloneBitmapAreaI
GdipScaleWorldTransform
GdipSetClipRectI
GdipBitmapLockBits
GdipGetClipBoundsI
GdipGetMatrixElements
GdipGetClip
GdipRestoreGraphics
GdipDeleteRegion
GdipTranslateWorldTransform
GdipDeleteMatrix
GdipSetCompositingQuality
GdipSetPixelOffsetMode
GdipSetPageUnit
GdipGetImagePixelFormat
GdipReleaseDC
GdipGetDC
GdipLoadImageFromFile
GdipGetImageThumbnail
GdipGraphicsClear
GdipDeleteFont
GdipCreateBitmapFromScan0
GdipGetImageEncoders
GdipDrawImagePointRectI
GdipSetStringFormatAlign
GdipImageRotateFlip
GdipImageGetFrameDimensionsCount
GdipDrawImageRectRect
GdipGetPropertyItem
GdipDrawImageRectI
GdipCreateBitmapFromHBITMAP
GdipImageSelectActiveFrame
GdipImageGetFrameDimensionsList
GdipImageGetFrameCount
GdipGetImageEncodersSize
GdipGetPropertyItemSize
GdipSaveImageToFile
GdipCreateStringFormat
GdipSetImageAttributesColorKeys
GdipDeleteBrush
GdipDisposeImageAttributes
GdipFree
GdipCreateHBITMAPFromBitmap
GdipDisposeImage
GdipAlloc
GdipCreateBitmapFromStream
GdipCloneImage
GdipCreateSolidFill
GdipGetImageHeight
GdiplusShutdown
GdiplusStartup
GdipDeleteGraphics
GdipCreateFromHDC
GdipCreateBitmapFromFile
GdipCreateFontFromLogfontW
GdipDrawImageRectRectI
GdipCreateImageAttributes
GdipGetImageGraphicsContext
GdipGetImageWidth

imm32

ImmGetConversionStatus
ImmReleaseContext
ImmGetContext
ImmSetConversionStatus
ImmAssociateContextEx
ImmGetDescriptionW

kernel32

CreateFileW
GetFileAttributesExW
CreateMutexW
ReleaseMutex
GetFileSize
FileTimeToLocalFileTime
SystemTimeToFileTime
GetSystemTime
DosDateTimeToFileTime
FileTimeToDosDateTime
SetFileTime
SetEndOfFile
FormatMessageW
ResumeThread
OpenEventW
ResetEvent
LoadLibraryA
GetComputerNameExW
OpenProcess
GetSystemInfo
GetEnvironmentVariableW
QueryDosDeviceW
GetCurrentProcess
lstrcatW
GetFileTime
OpenFileMappingW
UnmapViewOfFile
CreateFileMappingW
MapViewOfFile
CreateDirectoryW
GetFullPathNameW
GetTempPathW
GetSystemDirectoryW
SetFileAttributesW
DeleteFileW
GetCurrentDirectoryW
GetWindowsDirectoryW
SetCurrentDirectoryW
CopyFileW
GetTempFileNameW
GetFileSizeEx
GlobalMemoryStatusEx
DeviceIoControl
WinExec
GlobalSize
FreeResource
SetThreadPriority
OpenThread
WriteProcessMemory
VirtualAllocEx
ReadProcessMemory
VirtualFreeEx
WritePrivateProfileStringW
RtlVirtualUnwind
InterlockedPopEntrySList
InterlockedPushEntrySList
FlushInstructionCache
VirtualAlloc
VirtualFree
LoadLibraryExA
OutputDebugStringW
CreateToolhelp32Snapshot
QueryPerformanceFrequency
CompareFileTime
Process32NextW
Process32FirstW
GetDiskFreeSpaceExW
FindFirstChangeNotificationW
FindCloseChangeNotification
GetOverlappedResult
ReadDirectoryChangesW
GetLocalTime
GetComputerNameW
FindFirstFileW
UpdateResourceW
BeginUpdateResourceW
SetPriorityClass
GetCurrentThread
GetProcessTimes
IsBadWritePtr
IsBadReadPtr
FindClose
FindNextFileW
SetEvent
GetACP
SystemTimeToTzSpecificLocalTime
SwitchToThread
MoveFileW
lstrcpyW
MoveFileExW
GlobalFree
LockResource
GetDriveTypeW
InitializeCriticalSection
Sleep
RemoveDirectoryW
GetLogicalDriveStringsW
GetDiskFreeSpaceW
GetVolumeInformationW
GetShortPathNameW
lstrcpynW
lstrlenW
GetCurrentProcessId
LocalFree
LocalAlloc
GetProcessHeap
HeapAlloc
HeapFree
WaitForMultipleObjects
CreateEventW
GetExitCodeProcess
CreateProcessW
GetPrivateProfileStringW
WaitForSingleObject
ExpandEnvironmentStringsW
GetSystemDefaultLangID
GetFileAttributesW
FileTimeToSystemTime
WriteFile
GetStdHandle
GetVersionExW
LoadLibraryW
SetFilePointer
ReadFile
CompareStringW
CloseHandle
LoadLibraryExW
MulDiv
lstrcmpW
GlobalUnlock
GetTickCount
lstrcmpiW
CreateSemaphoreW
FreeLibrary
GetModuleHandleW
DeleteCriticalSection
GlobalLock
GetProcAddress
EnumResourceLanguagesW
GetCPInfoExW
EnumSystemCodePagesW
DecodePointer
FindResourceW
LoadResource
RaiseException
OpenSemaphoreW
GlobalAlloc
GetLastError
MultiByteToWideChar
GetCurrentThreadId
SetErrorMode
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
GetModuleFileNameW
ReleaseSemaphore
EnterCriticalSection
SetLastError
WideCharToMultiByte
SizeofResource
RtlCaptureContext
GetCommandLineW
GetLongPathNameW
SearchPathW
CreatePipe
TerminateProcess
GetStartupInfoW
EndUpdateResourceW
EnumResourceTypesW
EnumResourceNamesW
FindResourceExW
EncodePointer
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
IsDebuggerPresent
WaitForSingleObjectEx
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlLookupFunctionEntry
IsBadStringPtrW

user32

CreatePopupMenu
GetMenuItemCount
InsertMenuItemW
GetMenuItemInfoW
ShowScrollBar
LoadIconW
AppendMenuW
IsMenu
TrackPopupMenu
DeleteMenu
MonitorFromPoint
DrawIcon
PostQuitMessage
MessageBeep
EnumWindows
IsRectEmpty
GetForegroundWindow
IsZoomed
SetWindowPlacement
GetCursorPos
LoadImageW
PtInRect
IsWindowUnicode
PeekMessageW
GetSubMenu
GetCapture
MsgWaitForMultipleObjects
DispatchMessageA
GetMessageA
GetMenuState
CreateMenu
EnableMenuItem
CheckMenuRadioItem
UpdateWindow
SetRectEmpty
RegisterClipboardFormatW
SetScrollRange
SendDlgItemMessageW
FindWindowW
GetWindowDC
CopyRect
WindowFromPoint
SetScrollPos
GetScrollPos
AdjustWindowRectEx
GetMenu
SetWindowRgn
DrawEdge
IsClipboardFormatAvailable
GetIconInfo
GetDlgItemInt
OffsetRect
DestroyIcon
DrawStateW
KillTimer
SetTimer
DrawFrameControl
DrawIconEx
TrackPopupMenuEx
DestroyMenu
DrawFocusRect
SwitchToThisWindow
DrawTextW
GetPropW
GetClassLongPtrW
SetPropW
EndDialog
GetSystemMenu
SetRect
GetKeyState
IsWindowVisible
MonitorFromWindow
SetActiveWindow
IsDialogMessageW
GetMonitorInfoW
IsWindowEnabled
PostThreadMessageW
BringWindowToTop
SetForegroundWindow
IsIconic
wsprintfW
GetKeyboardLayoutList
ActivateKeyboardLayout
SetDlgItemInt
InflateRect
GetSystemMetrics
GetScrollInfo
GetWindowThreadProcessId
GetSysColorBrush
LoadBitmapW
GetWindowTextW
EndPaint
BeginPaint
ReleaseDC
InvalidateRect
ReleaseCapture
RegisterWindowMessageW
GetParent
GetClassInfoExW
GetKeyboardLayout
FindWindowExW
GetWindowRect
GetDlgCtrlID
MapWindowPoints
SystemParametersInfoW
EnableWindow
GetActiveWindow
LoadStringW
MessageBoxW
DialogBoxParamW
GetMessageW
CreateDialogParamW
DispatchMessageW
TranslateMessage
GetWindowLongW
GetWindowTextLengthW
DefWindowProcW
CallWindowProcW
PostMessageW
GetWindow
GetFocus
DestroyWindow
GetDC
SetWindowPos
SetWindowLongPtrW
FillRect
EqualRect
WaitMessage
MonitorFromRect
MapVirtualKeyExW
GetKeyNameTextW
LoadMenuW
IntersectRect
GetUpdateRect
InsertMenuW
RemovePropW
GetClassLongW
CopyIcon
TrackMouseEvent
UnionRect
SetMenuItemInfoW
UpdateLayeredWindow
GetTopWindow
GetMenuStringW
CheckRadioButton
SetDlgItemTextW
CheckDlgButton
SendMessageTimeoutW
CreateIconIndirect
FrameRect
ExitWindowsEx
OpenClipboard
CloseClipboard
EmptyClipboard
GetClipboardData
SetClipboardData
CreateWindowExW
ScreenToClient
SendMessageW
UnregisterClassW
SetWindowTextW
GetWindowLongPtrW
RegisterClassExW
ShowWindow
IsWindow
InvalidateRgn
RedrawWindow
ClientToScreen
DestroyAcceleratorTable
IsChild
GetSysColor
MoveWindow
CreateAcceleratorTableW
SetFocus
CharNextW
LoadCursorW
GetClassNameW
SetCapture
SetCursor
SetWindowLongW
GetClientRect
GetDlgItem
GetDesktopWindow
GetScrollRange

gdi32

CreateRectRgnIndirect
CreateRectRgn
CombineRgn
SetViewportOrgEx
SetStretchBltMode
GetTextExtentPoint32W
StretchBlt
GetTextExtentPointW
ExtCreatePen
SetBrushOrgEx
SelectClipRgn
SetArcDirection
GetTextMetricsW
SetBkMode
SetTextColor
SetBkColor
ExtTextOutW
CreateFontIndirectW
AngleArc
BitBlt
CreateCompatibleBitmap
SelectObject
CreateCompatibleDC
GetStockObject
GetDeviceCaps
DeleteDC
GetObjectW
DeleteObject
CreatePolygonRgn
SetDCBrushColor
SetROP2
SetDCPenColor
GetBkColor
FillPath
BeginPath
PathToRegion
TextOutW
EndPath
GetBkMode
LineTo
CreatePen
MoveToEx
GetCurrentObject
EnumFontsW
EnumFontFamiliesExW
SetWindowOrgEx
GetClipBox
LPtoDP
SetMapMode
GetMapMode
DPtoLP
CreateDIBSection
GetDIBits
SetPixel
SetGraphicsMode
GetPixel
SetWorldTransform
CreateSolidBrush

comdlg32

ChooseFontW
GetOpenFileNameW
GetSaveFileNameW

advapi32

RegDeleteKeyW
RegEnumKeyExW
RegSetValueExW
RegOpenKeyExW
RegDeleteValueW
RegQueryInfoKeyW
RegCloseKey
RegQueryValueExW
GetUserNameW
RegOpenCurrentUser
SystemFunction036
LookupPrivilegeValueW
AdjustTokenPrivileges
OpenProcessToken
RegCreateKeyExW

shell32

SHBrowseForFolderW
Shell_NotifyIconW
SHFileOperationW
SHChangeNotify
ShellExecuteW
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetMalloc
ShellExecuteExW
SHGetDesktopFolder
SHGetFolderLocation
SHGetFolderPathW
ord644
SHBindToParent
ord645
ord74
ord2
ord4
DragFinish
DragQueryFileW
ord28
FindExecutableW
SHGetSpecialFolderPathW
SHGetFileInfoW
ord190
ord155

ole32

CoTaskMemFree
CoTaskMemAlloc
OleUninitialize
CoGetClassObject
CLSIDFromProgID
CoCreateInstance
CreateStreamOnHGlobal
OleInitialize
CoTaskMemRealloc
CLSIDFromString
OleLockRunning
CoInitialize
CoUninitialize
CoInitializeEx
IIDFromString
CoInitializeSecurity
OleRun
DoDragDrop
RegisterDragDrop
RevokeDragDrop
ReleaseStgMedium
OleDuplicateData
StringFromGUID2

oleaut32

VariantChangeType
LoadRegTypeLi
VariantInit
LoadTypeLi
SysFreeString
OleCreateFontIndirect
SysAllocString
SysStringLen
SysAllocStringLen
GetErrorInfo
VarUI4FromStr
VariantClear

msvcp140

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
?_Xbad_alloc@std@@YAXXZ
?always_noconv@codecvt_base@std@@QEBA_NXZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?get@?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAGXZ
?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z
?_Fiopen@std@@YAPEAU_iobuf@@PEB_WHH@Z
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?ignore@?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV12@_JG@Z
?clear@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEAAXH_N@Z
?wcin@std@@3V?$basic_istream@_WU?$char_traits@_W@std@@@1@A
?getline@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEAD_JD@Z
?cin@std@@3V?$basic_istream@DU?$char_traits@D@std@@@1@A
?_Xout_of_range@std@@YAXPEBD@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAN@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
??Bid@locale@std@@QEAA_KXZ
?widen@?$ctype@_W@std@@QEBA_WD@Z
?_Getcat@?$ctype@_W@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?getloc@ios_base@std@@QEBA?AVlocale@2@XZ
?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV12@XZ
?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEAAXH_N@Z
?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAXXZ
?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAAG_W@Z
?put@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV12@_W@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@_K@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@I@Z
?widen@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEBA_WD@Z
?_Xlength_error@std@@YAXPEBD@Z
?wcerr@std@@3V?$basic_ostream@_WU?$char_traits@_W@std@@@1@A
?id@?$ctype@_W@std@@2V0locale@2@A
?wcout@std@@3V?$basic_ostream@_WU?$char_traits@_W@std@@@1@A
?uncaught_exception@std@@YA_NXZ
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
??0_Lockit@std@@QEAA@H@Z
??1_Lockit@std@@QEAA@XZ

shlwapi

StrStrIW
StrRetToBufW
PathIsRelativeW
StrToIntW
StrStrW
SHDeleteKeyW
AssocQueryStringW
SHAutoComplete
PathRemoveFileSpecW
StrCmpIW

comctl32

PropertySheetW
ImageList_Create
ImageList_Destroy
CreatePropertySheetPageW
DestroyPropertySheetPage
ImageList_GetIcon
ImageList_Remove
ImageList_Add
CreateStatusWindowW
ImageList_GetIconSize
ImageList_ReplaceIcon
ImageList_SetBkColor
ImageList_GetImageCount
ord8
ImageList_LoadImageW
_TrackMouseEvent
ImageList_Draw
InitCommonControlsEx

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

vcruntime140

memset
memcpy
memmove
strchr
strstr
wcsrchr
_CxxThrowException
__C_specific_handler
wcsstr
__std_terminate
_purecall
__std_exception_copy
__std_exception_destroy
__CxxFrameHandler3
wcschr
memcmp
__RTDynamicCast
memchr
__std_type_info_destroy_list

api-ms-win-crt-runtime-l1-1-0

_execute_onexit_table
_register_onexit_function
_endthreadex
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_invalid_parameter_noinfo_noreturn
_invalid_parameter_noinfo
_errno
_crt_atexit
_beginthreadex
_cexit
_initterm
signal
_initterm_e
terminate
_seh_filter_dll

api-ms-win-crt-stdio-l1-1-0

fread
fsetpos
_fseeki64
_get_stream_buffer_pointers
ungetc
setvbuf
fgetpos
fwrite
__stdio_common_vswprintf_s
__acrt_iob_func
__stdio_common_vsprintf
__stdio_common_vswscanf
__stdio_common_vsscanf
feof
_wfopen_s
_isatty
fgetc
__stdio_common_vsprintf_s
fclose
fflush
fputc
__stdio_common_vswprintf
__stdio_common_vsnwprintf_s
_fileno

api-ms-win-crt-heap-l1-1-0

malloc
free
_callnewh
calloc
_recalloc

api-ms-win-crt-string-l1-1-0

_wcsnicmp
_stricmp
tolower
towlower
_wcsupr
_wcsnset
ispunct
iswpunct
iswascii
toupper
wcscpy_s
towupper
_wcsicmp
wcsncpy
strncpy
wcsncpy_s
isalnum
wcsncmp

api-ms-win-crt-time-l1-1-0

_localtime64_s
_time64
_mktime64
_localtime64

api-ms-win-crt-utility-l1-1-0

rand
srand

api-ms-win-crt-filesystem-l1-1-0

_waccess
_splitpath_s
_wchmod
_lock_file
_unlock_file

api-ms-win-crt-convert-l1-1-0

_itow_s
wcstoul
strtol
_wtoi
_itow
_wtof
wcstol

api-ms-win-crt-math-l1-1-0

modf
round
_dtest

msimg32

GradientFill
TransparentBlt

imagehlp

ImageRemoveCertificate
ImageEnumerateCertificates

setupapi

SetupDiGetDeviceInterfaceDetailW
SetupDiEnumDeviceInterfaces
SetupDiDestroyDeviceInfoList
SetupDiGetClassDevsW

Exports

Exports

BatchRenameUtils
BatchTextReplace
ConsoleMain
HaoZipCheck
HaoZipCheckUpdate
HaoZipFix
HaoZipFixDesktopLink
HaoZipInit
HaoZipInstall
HaoZipInstall02
HaoZipInstall03
HaoZipLoaderInitialize
HaoZipMain
HaoZipPreUninstall
HaoZipRecordStatistics
HaoZipRegister
HaoZipUnInit
HaoZipUninstall
HaoZipUpdate
HaoZipUpdateIcons
HaoZipUpdateLang
HaoZipUpdateRegister
HaoZipUpgrade
HaozipCDInstance
Initialize
MD5Utils
ModuleFinitialize
ModuleInitialize
RescueBrotherProducts
RescueHaozip
RescueSelf
SetResFileName
UpdateMain

Sections

.text
Size: 5.1MB - Virtual size: 5.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 67KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 157KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$0/HaoZipCom.dll
.dll windows:5 windows x64 arch:x64

ebaedd08f90f5eb2ca1a9a6388f59cdb

Code Sign

0d:70:a1:7d:75:6f:ec:88:85:9a:29:46:be:d7:69:44
Certificate

Issuer

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/05/2019, 00:00

Not After

08/05/2020, 12:00

Subject

CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,OU=IT,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,L=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2014, 00:00

Not After

22/10/2024, 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0f:a8:49:06:15:d7:00:a0:be:21:76:fd:c5:ec:6d:bd
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

11/02/2011, 12:00

Not After

10/02/2026, 12:00

Subject

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2021, 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:40:74:8d:43:58:a1:47:81:d6:a9:c3:07:b3:aa:9c
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2019, 00:00

Not After

08/05/2020, 12:00

Subject

CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,OU=IT,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,L=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/10/2019, 00:00

Not After

17/10/2030, 00:00

Subject

CN=TIMESTAMP-SHA256-2019-10-15,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

92:d1:83:60:b7:c5:00:f3:f5:0e:37:e2:4a:7e:fb:92:bb:de:3c:3c:99:e1:ea:4b:d9:e9:e3:cf:8c:ac:d3:d4
Signer

Actual PE Digest

92:d1:83:60:b7:c5:00:f3:f5:0e:37:e2:4a:7e:fb:92:bb:de:3c:3c:99:e1:ea:4b:d9:e9:e3:cf:8c:ac:d3:d4

Digest Algorithm

sha256

PE Digest Matches

true

e2:53:5d:0d:07:a0:6d:7c:50:ab:70:7c:34:13:12:f0:d9:3e:89:e8
Signer

Actual PE Digest

e2:53:5d:0d:07:a0:6d:7c:50:ab:70:7c:34:13:12:f0:d9:3e:89:e8

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\trunk\2345haozip\bin\x64\release\pdb\HaoZipCom.pdb

Imports

kernel32

OpenProcess
GetCurrentProcessId
WideCharToMultiByte
WaitForMultipleObjects
WaitForSingleObject
FindFirstFileW
GetLongPathNameW
CreateFileW
GetLastError
OpenFileMappingW
UnmapViewOfFile
CloseHandle
CreateFileMappingW
MapViewOfFile
ReadFile
WriteFile
SetEndOfFile
GetProcAddress
ResumeThread
CreateEventW
SetEvent
ResetEvent
CreateMutexW
ReleaseMutex
TryEnterCriticalSection
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
FindNextFileW
FindClose
RemoveDirectoryW
GetTempPathW
GetFileAttributesW
SetFileAttributesW
DeleteFileW
HeapFree
GetCurrentThreadId
HeapAlloc
GetProcessHeap
LoadLibraryW
FreeLibrary
GetModuleHandleW
GetCurrentProcess
HeapReAlloc
HeapSize
ReadConsoleW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
RtlUnwindEx
RtlPcToFileHeader
RaiseException
InterlockedFlushSList
SetLastError
EncodePointer
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
CreateThread
ExitThread
FreeLibraryAndExitThread
GetModuleHandleExW
ExitProcess
GetModuleFileNameA
MultiByteToWideChar
GetConsoleCP
GetConsoleMode
GetACP
GetStdHandle
GetFileType
CompareStringW
LCMapStringW
GetTimeZoneInformation
GetStringTypeW
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
SetStdHandle
FlushFileBuffers
SetFilePointerEx
WriteConsoleW

user32

wsprintfW
wvsprintfW

shell32

SHFileOperationW

Exports

Exports

GetClientProcessor
GetServerProcessor
TrackLog
WriteLog

Sections

.text
Size: 161KB - Virtual size: 161KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$0/HaoZipEditor.dll
.dll windows:5 windows x64 arch:x64

c5475ed7f90b6678b3fd11fd191f05e6

Code Sign

0d:70:a1:7d:75:6f:ec:88:85:9a:29:46:be:d7:69:44
Certificate

Issuer

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/05/2019, 00:00

Not After

08/05/2020, 12:00

Subject

CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,OU=IT,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,L=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2014, 00:00

Not After

22/10/2024, 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0f:a8:49:06:15:d7:00:a0:be:21:76:fd:c5:ec:6d:bd
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

11/02/2011, 12:00

Not After

10/02/2026, 12:00

Subject

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2021, 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:40:74:8d:43:58:a1:47:81:d6:a9:c3:07:b3:aa:9c
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2019, 00:00

Not After

08/05/2020, 12:00

Subject

CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,OU=IT,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,L=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/10/2019, 00:00

Not After

17/10/2030, 00:00

Subject

CN=TIMESTAMP-SHA256-2019-10-15,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

23:09:bf:13:6b:70:a1:31:04:de:05:ce:99:52:f2:c6:37:01:c0:cd:03:0d:65:b2:a6:62:59:3a:cd:04:51:e1
Signer

Actual PE Digest

23:09:bf:13:6b:70:a1:31:04:de:05:ce:99:52:f2:c6:37:01:c0:cd:03:0d:65:b2:a6:62:59:3a:cd:04:51:e1

Digest Algorithm

sha256

PE Digest Matches

true

73:2a:f3:1b:ec:de:62:68:5e:66:67:74:50:ee:9f:d2:fd:3c:3b:6c
Signer

Actual PE Digest

73:2a:f3:1b:ec:de:62:68:5e:66:67:74:50:ee:9f:d2:fd:3c:3b:6c

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\trunk\2345haozip\bin\x64\release\pdb\HaoZipEditor.pdb

Imports

kernel32

OutputDebugStringW
EncodePointer
HeapAlloc
HeapFree
GetProcessHeap
InitializeSListHead
InterlockedPopEntrySList
InterlockedPushEntrySList
GetCurrentProcess
FlushInstructionCache
GetFileAttributesW
VirtualFree
LoadLibraryExA
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetFilePointer
CreateFileW
FindFirstFileW
LocalFree
FormatMessageW
WideCharToMultiByte
GetACP
LoadLibraryExW
GlobalUnlock
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetTickCount
GetProfileStringW
FreeLibrary
GetModuleHandleW
GetCurrentProcessId
GlobalLock
GetProcAddress
FindResourceW
LoadResource
LoadLibraryW
GlobalFree
GlobalAlloc
LockResource
lstrcatW
WritePrivateProfileStructW
GetPrivateProfileStringW
MultiByteToWideChar
GetLocaleInfoW
GetTempPathW
InitializeCriticalSection
GetModuleFileNameW
GetPrivateProfileIntW
GetLongPathNameW
GetFullPathNameW
WritePrivateProfileStringW
SizeofResource
GetPrivateProfileStructW
lstrcmpiW
GetFileSize
GetCurrentDirectoryW
GetVersionExW
FindClose
lstrcpynW
WriteFile
ReadFile
lstrcmpW
lstrcpyW
lstrlenW
MulDiv
CloseHandle
SetEvent
IsDebuggerPresent
CreateEventW
GetCurrentThreadId
WaitForSingleObject
LeaveCriticalSection
EnterCriticalSection
SetLastError
DeleteCriticalSection
DecodePointer
RaiseException
GetLastError
VirtualAlloc
InitializeCriticalSectionAndSpinCount
GetSystemTimeAsFileTime

user32

GetWindowDC
SetParent
TranslateAcceleratorW
BringWindowToTop
CharNextW
GetMenuStringW
IsRectEmpty
LoadBitmapW
SetMenu
IsWindowEnabled
DrawFocusRect
SetMenuDefaultItem
GetKeyboardLayout
FrameRect
SwitchToThisWindow
wvsprintfW
OffsetRect
LoadStringW
LoadAcceleratorsW
WindowFromPoint
CreatePopupMenu
MessageBeep
EndDialog
ScreenToClient
DeleteMenu
LoadStringA
IsWindowVisible
GetMenu
CheckMenuRadioItem
GetMessagePos
CharLowerW
GetWindowThreadProcessId
DrawFrameControl
SetForegroundWindow
LoadImageW
IsIconic
GetCursorPos
GetMenuItemInfoW
ModifyMenuW
LoadMenuW
MonitorFromPoint
GetFocus
GetCaretPos
MessageBoxW
GetMenuItemCount
SetWindowTextW
GetSubMenu
GetActiveWindow
IsMenu
ClientToScreen
SetMenuItemInfoW
UnhookWindowsHookEx
DestroyMenu
InsertMenuW
SetWindowsHookExW
wsprintfW
AppendMenuW
GetWindowTextW
GetWindowLongW
GetWindowTextLengthW
DeferWindowPos
GetKeyState
PostMessageW
GetWindow
CheckRadioButton
MonitorFromWindow
GetScrollInfo
GetScrollPos
IsWindow
BeginDeferWindowPos
IsDialogMessageW
DestroyIcon
GetScrollRange
GetMonitorInfoW
SetDlgItemTextW
MapWindowPoints
GetDlgItemTextW
IsDlgButtonChecked
LoadIconW
LoadCursorW
EndDeferWindowPos
SetCursor
SetRectEmpty
EnableScrollBar
SetScrollRange
DrawTextW
SetRect
CheckDlgButton
SetScrollPos
RegisterWindowMessageW
UpdateWindow
BeginPaint
EndPaint
EnableWindow
GetMessageW
CreateDialogParamW
DefWindowProcW
GetMessageA
CallWindowProcW
DispatchMessageA
GetWindowRect
DestroyWindow
InflateRect
GetDC
SetWindowPos
SetWindowLongPtrW
FillRect
GetDlgItemInt
SetWindowLongW
GetClassNameW
RemoveMenu
CreateWindowExW
SendMessageW
GetSystemMetrics
GetWindowLongPtrW
RegisterClassExW
ShowWindow
GetCapture
KillTimer
PostQuitMessage
SystemParametersInfoW
EnableMenuItem
SetDlgItemInt
DialogBoxParamW
TrackPopupMenuEx
DispatchMessageW
CopyRect
PeekMessageW
MsgWaitForMultipleObjectsEx
GetSysColor
MoveWindow
SetFocus
TranslateMessage
SetCapture
GetClientRect
GetDlgItem
GetSysColorBrush
DrawEdge
GetClassInfoExW
IsWindowUnicode
GetParent
ReleaseCapture
InvalidateRect
ReleaseDC
UnregisterClassW
PtInRect
CallNextHookEx

gdi32

StartDocW
CombineRgn
CreateBitmap
RestoreDC
GetObjectW
SelectClipRgn
SetViewportOrgEx
Rectangle
OffsetWindowOrgEx
TextOutW
CreatePatternBrush
DeleteEnhMetaFile
EndPage
GetEnhMetaFileHeader
CreateRectRgnIndirect
ResetDCW
PlayEnhMetaFile
EnumFontsW
CloseEnhMetaFile
EndDoc
AbortDoc
PatBlt
CreateDIBSection
StartPage
SaveDC
SetBrushOrgEx
CreateDCW
GetTextMetricsW
FrameRgn
CreatePolygonRgn
GetDeviceCaps
LineTo
SetBkMode
CreatePen
MoveToEx
CreateFontIndirectW
FillRgn
DPtoLP
GetBkColor
BitBlt
CreateCompatibleBitmap
SelectObject
CreateCompatibleDC
GetStockObject
DeleteDC
GetTextExtentPoint32W
SetTextColor
GetTextColor
SetBkColor
DeleteObject
CreateEnhMetaFileW
ExtTextOutW
CreateSolidBrush

winspool.drv

ClosePrinter
OpenPrinterW
GetPrinterW

comdlg32

PageSetupDlgW
GetSaveFileNameW
PrintDlgW
ChooseFontW
ChooseColorW
GetOpenFileNameW

advapi32

RegOpenKeyExW
RegSetValueExW
RegEnumKeyExW
RegCreateKeyExW
RegDeleteKeyW
RegQueryInfoKeyW
RegCloseKey
RegDeleteValueW

shell32

DragAcceptFiles
DragQueryFileW
DragFinish

ole32

CoCreateInstance
CoUninitialize
CoTaskMemFree
CoTaskMemRealloc
CoInitialize
CoTaskMemAlloc

oleaut32

OleTranslateColor
VarUI4FromStr

msvcp140

?_Xlength_error@std@@YAXPEBD@Z
?_Xout_of_range@std@@YAXPEBD@Z

comctl32

InitCommonControlsEx
ImageList_AddMasked
ImageList_Draw
ImageList_GetImageCount
ImageList_Create
CreateStatusWindowW
ImageList_Destroy
ImageList_LoadImageW

vcruntime140

__std_type_info_destroy_list
_CxxThrowException
__std_exception_destroy
__CxxFrameHandler3
memset
__std_terminate
__C_specific_handler
memmove
memcpy
_purecall
wcsstr
__std_exception_copy
memcmp

api-ms-win-crt-heap-l1-1-0

_callnewh
_recalloc
malloc
free

api-ms-win-crt-runtime-l1-1-0

_errno
_invalid_parameter_noinfo_noreturn
_beginthreadex
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_invalid_parameter_noinfo
_cexit
_crt_atexit
_initterm
_initterm_e
_resetstkoflw

api-ms-win-crt-string-l1-1-0

towupper
wcsncpy_s
wcsncpy
wcscpy
wcslen
wcscat_s
wcscpy_s
strncpy_s
wcscmp

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vswprintf_s
__stdio_common_vswprintf

api-ms-win-crt-utility-l1-1-0

labs

Exports

Exports

HaoZip_CloseEditor
HaoZip_GetFormats
HaoZip_GetReadOnly
HaoZip_GetWindowMode
HaoZip_Initialize
HaoZip_SetCodePage
HaoZip_SetConfigDirectory
HaoZip_SetLogoIcon
HaoZip_SetResFileName
HaoZip_ShowEditor
HaoZip_Uninitialize

Sections

.text
Size: 158KB - Virtual size: 157KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 700B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$0/HaoZipFormats.dll
.dll windows:5 windows x64 arch:x64

10fb9bc47212e01289f521b6ad37dbbc

Code Sign

0d:70:a1:7d:75:6f:ec:88:85:9a:29:46:be:d7:69:44
Certificate

Issuer

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/05/2019, 00:00

Not After

08/05/2020, 12:00

Subject

CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,OU=IT,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,L=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2014, 00:00

Not After

22/10/2024, 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0f:a8:49:06:15:d7:00:a0:be:21:76:fd:c5:ec:6d:bd
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

11/02/2011, 12:00

Not After

10/02/2026, 12:00

Subject

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2021, 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:40:74:8d:43:58:a1:47:81:d6:a9:c3:07:b3:aa:9c
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2019, 00:00

Not After

08/05/2020, 12:00

Subject

CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,OU=IT,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,L=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/10/2019, 00:00

Not After

17/10/2030, 00:00

Subject

CN=TIMESTAMP-SHA256-2019-10-15,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

ea:74:bf:81:9a:06:ce:eb:a1:cd:14:4d:18:91:97:20:b3:d0:3e:d0:48:8d:53:86:f9:f5:7c:37:ea:38:09:34
Signer

Actual PE Digest

ea:74:bf:81:9a:06:ce:eb:a1:cd:14:4d:18:91:97:20:b3:d0:3e:d0:48:8d:53:86:f9:f5:7c:37:ea:38:09:34

Digest Algorithm

sha256

PE Digest Matches

true

9d:f4:a3:98:a6:2a:d5:80:e9:9e:d2:a4:95:ee:3a:d3:e1:6c:0e:62
Signer

Actual PE Digest

9d:f4:a3:98:a6:2a:d5:80:e9:9e:d2:a4:95:ee:3a:d3:e1:6c:0e:62

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\trunk\2345haozip\bin\x64\release\pdb\HaoZipFormats.pdb

Imports

kernel32

SetFileTime
SetFilePointer
SetEndOfFile
CloseHandle
GetFileSize
CreateDirectoryW
GetFullPathNameW
lstrlenW
GetTempPathW
GetFileAttributesW
GetSystemDirectoryW
SetFileAttributesW
DeleteFileW
GetCurrentDirectoryW
GetTempFileNameW
MoveFileW
FindNextFileW
FindClose
GetDriveTypeW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
LoadLibraryW
FreeLibrary
GetVersionExW
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
GetTickCount
WaitForMultipleObjects
LocalFileTimeToFileTime
TzSpecificLocalTimeToSystemTime
FileTimeToSystemTime
FileTimeToLocalFileTime
SystemTimeToFileTime
SystemTimeToTzSpecificLocalTime
WriteFile
GetCurrentProcess
SetThreadPriority
CreateEventW
Sleep
SetThreadExecutionState
SetLastError
FormatMessageW
GetStdHandle
SetConsoleMode
GetConsoleMode
ReadConsoleW
WriteConsoleW
GetFileType
FoldStringW
CompareStringW
GetCPInfo
IsDBCSLeadByte
GetDiskFreeSpaceExW
ReleaseSemaphore
GetProcessAffinityMask
WaitForSingleObject
SetEvent
CreateThread
ResetEvent
CreateSemaphoreW
RtlLookupFunctionEntry
ReadFile
WideCharToMultiByte
MultiByteToWideChar
GetACP
GetFileAttributesExW
GetLastError
CreateFileW
GetShortPathNameW
GetLongPathNameW
FindFirstFileW
GetModuleHandleW
GetProcAddress
VirtualAlloc
GetSystemTime
VirtualFree
ResumeThread
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
GetSystemInfo
FileTimeToDosDateTime
DosDateTimeToFileTime
LoadLibraryExW
InitializeSListHead
GetSystemTimeAsFileTime
IsDebuggerPresent
IsProcessorFeaturePresent
RtlCaptureContext

user32

OemToCharA
OemToCharBuffA
CharToOemA
CharLowerW
CharUpperW
MessageBeep

advapi32

IsTextUnicode

msvcp140

?_Xlength_error@std@@YAXPEBD@Z
?_Xout_of_range@std@@YAXPEBD@Z

vcruntime140

_CxxThrowException
__C_specific_handler
wcsrchr
__std_type_info_destroy_list
__CxxFrameHandler3
__std_terminate
wcschr
strchr
_purecall
memmove
memcpy
memcmp
memchr
memset
strrchr
__std_exception_destroy
__std_exception_copy
__RTDynamicCast

api-ms-win-crt-runtime-l1-1-0

exit
_invalid_parameter_noinfo
_errno
_invalid_parameter_noinfo_noreturn
_seh_filter_dll
_beginthreadex
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_atexit
_cexit
_initterm
_initterm_e
terminate
_configure_narrow_argv

api-ms-win-crt-heap-l1-1-0

calloc
realloc
_callnewh
free
malloc

api-ms-win-crt-time-l1-1-0

clock

api-ms-win-crt-string-l1-1-0

strncpy
_strnicmp
strncpy_s
wcspbrk
isdigit
strcmp
wcslen
tolower
towupper
wcsncpy
towlower
isxdigit
strpbrk
strncat
strncmp

api-ms-win-crt-stdio-l1-1-0

putc
_fileno
__stdio_common_vswprintf
__stdio_common_vswprintf_s
fflush
fread
ungetc
__acrt_iob_func
__stdio_common_vsprintf
ftell
fclose
fseek
fwrite

api-ms-win-crt-convert-l1-1-0

atoi

api-ms-win-crt-filesystem-l1-1-0

_fstat64i32

Exports

Exports

CreateArchiveInfoObjects
CreateCodecs
SetCodePage
SetResFileName
SetWorkDirectory

Sections

.text
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 684KB - Virtual size: 684KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 177KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/FileInfo.dll
.dll windows:5 windows x86 arch:x86

b9fef473fad61973ddae6e85d96679d7

Code Sign

0d:70:a1:7d:75:6f:ec:88:85:9a:29:46:be:d7:69:44
Certificate

Issuer

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/05/2019, 00:00

Not After

08/05/2020, 12:00

Subject

CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,OU=IT,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,L=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2014, 00:00

Not After

22/10/2024, 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0f:a8:49:06:15:d7:00:a0:be:21:76:fd:c5:ec:6d:bd
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

11/02/2011, 12:00

Not After

10/02/2026, 12:00

Subject

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2021, 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:40:74:8d:43:58:a1:47:81:d6:a9:c3:07:b3:aa:9c
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2019, 00:00

Not After

08/05/2020, 12:00

Subject

CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,OU=IT,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,L=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/10/2019, 00:00

Not After

17/10/2030, 00:00

Subject

CN=TIMESTAMP-SHA256-2019-10-15,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

1e:c1:28:8e:9c:71:71:88:b7:b6:14:12:d2:92:42:79:f8:97:2e:2a:5e:2c:0d:ad:a3:02:c2:ea:b3:c3:a2:c4
Signer

Actual PE Digest

1e:c1:28:8e:9c:71:71:88:b7:b6:14:12:d2:92:42:79:f8:97:2e:2a:5e:2c:0d:ad:a3:02:c2:ea:b3:c3:a2:c4

Digest Algorithm

sha256

PE Digest Matches

true

f9:3a:eb:4f:f1:3e:1a:d2:cb:dd:f4:4e:2a:00:e5:99:8a:4d:95:36
Signer

Actual PE Digest

f9:3a:eb:4f:f1:3e:1a:d2:cb:dd:f4:4e:2a:00:e5:99:8a:4d:95:36

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

kernel32

GetLastError
DeleteFileW
MoveFileExW
TerminateProcess
WaitForSingleObject
OpenProcess
CreateToolhelp32Snapshot
Process32NextW
Process32FirstW
CloseHandle
GetCurrentProcessId
MultiByteToWideChar
GlobalAlloc
GlobalFree
WideCharToMultiByte
lstrcpyW
SetLastError
GetCurrentProcess
CreateProcessW
GetModuleFileNameW
WriteFile
SetFilePointer
CreateFileW
GetFileSize
FreeLibrary
GetProcAddress
LoadLibraryW
GetVersionExW
LockResource
LoadResource
FindResourceW
GetModuleHandleW
lstrcmpiW
ResumeThread
GetACP
QueryDosDeviceW
FindFirstFileW
FindClose
GetLongPathNameW
GetFileAttributesExW
InterlockedExchange
Sleep
GetTickCount
lstrlenW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
CreateEventW
SetEvent
ResetEvent
HeapFree
GetCurrentThreadId
HeapAlloc
LocalFree
GetProcessHeap
GetLogicalDriveStringsW
ReadFile
SetEndOfFile
CreateDirectoryW
GetFullPathNameW
GetTempPathW
GetWindowsDirectoryW
GetTempFileNameW
InitializeCriticalSectionAndSpinCount
RaiseException
DecodePointer
LoadLibraryExW
GetFileSizeEx
ReleaseMutex
FormatMessageW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
FlushFileBuffers
SetFileAttributesW
GetFileAttributesW
CreateMutexW
lstrcpynW
WriteConsoleW
InterlockedExchangeAdd
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
SwitchToThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
EncodePointer
CompareStringW
LCMapStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
OutputDebugStringW
RtlUnwind
InterlockedFlushSList
CreateThread
ExitThread
FreeLibraryAndExitThread
GetModuleHandleExW
ExitProcess
GetModuleFileNameA
GetStdHandle
GetFileType
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetTimeZoneInformation
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
HeapReAlloc
HeapSize
SetStdHandle

user32

wsprintfW

advapi32

SetTokenInformation
AllocateAndInitializeSid
OpenProcessToken
FreeSid
CreateProcessAsUserW
GetLengthSid
DuplicateTokenEx

Exports

Exports

CheckInstallerInstance
CheckUserID_01
CheckUserID_02
CheckUserID_03
CheckUserID_04
CheckUserID_05
CheckUserID_06
CreateLowIntegrityProcess
DeleteInstallFile
EndSafeCenterConfigRequest
FindProcess
GetSafeCenterCloseReason
GetSafeCenterConfig
GetSpecialBuild
IsSafeCenterExist
IsSafeCenterOpen
IsValidUserID
KillProcess

Sections

.text
Size: 414KB - Virtual size: 414KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/RCWidgetPlugin.dll
.dll windows:5 windows x86 arch:x86

6a0cd984147e6879df05d3206e75c50f

Code Sign

0b:d8:a6:92:ce:d9:a1:8c:53:0f:a8:5d:55:72:c0:d4
Certificate

Issuer

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/04/2020, 00:00

Not After

12/06/2023, 12:00

Subject

CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,OU=IT,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2014, 00:00

Not After

22/10/2024, 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0f:a8:49:06:15:d7:00:a0:be:21:76:fd:c5:ec:6d:bd
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

11/02/2011, 12:00

Not After

10/02/2026, 12:00

Subject

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2021, 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

09:eb:8e:00:26:88:42:f0:dc:0c:60:43:a6:d5:61:91
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

02/04/2020, 00:00

Not After

12/06/2023, 12:00

Subject

CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,OU=IT,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/10/2019, 00:00

Not After

17/10/2030, 00:00

Subject

CN=TIMESTAMP-SHA256-2019-10-15,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

2b:6e:7c:cb:68:d8:ec:22:4f:b2:fd:79:b4:02:d5:81:9f:a6:1d:1c:0e:a6:8b:9b:70:a6:63:cd:73:40:26:f8
Signer

Actual PE Digest

2b:6e:7c:cb:68:d8:ec:22:4f:b2:fd:79:b4:02:d5:81:9f:a6:1d:1c:0e:a6:8b:9b:70:a6:63:cd:73:40:26:f8

Digest Algorithm

sha256

PE Digest Matches

true

d7:fe:d3:67:f2:68:ec:9d:a5:82:ee:c7:6c:19:00:4b:c5:71:5b:a9
Signer

Actual PE Digest

d7:fe:d3:67:f2:68:ec:9d:a5:82:ee:c7:6c:19:00:4b:c5:71:5b:a9

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetShortPathNameW
LocalFree
GetCommandLineW
CreateFileW
SetErrorMode
GetModuleFileNameW
ReadFile
lstrcatW
GetFileAttributesW
FindClose
lstrlenW
FindFirstFileW
FreeLibrary
GetProcAddress
LoadLibraryW
FindResourceW
LoadResource
CloseHandle
LockResource
FreeResource
WaitForSingleObject
SizeofResource
GetCurrentProcessId
DeleteCriticalSection
DecodePointer
VirtualQuery
SetThreadContext
GetThreadContext
CreateToolhelp32Snapshot
RaiseException
GetLastError
InitializeCriticalSectionAndSpinCount
Thread32First
Thread32Next
InterlockedCompareExchange
WriteConsoleW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
lstrcpyW
WideCharToMultiByte
GlobalFree
GlobalAlloc
MultiByteToWideChar
lstrcpynW
FlushFileBuffers
SetStdHandle
HeapReAlloc
HeapSize
GetTimeZoneInformation
GetStringTypeW
GetFileType
GetStdHandle
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCPInfo
GetOEMCP
IsValidCodePage
FindNextFileA
FindFirstFileExA
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
FreeLibraryAndExitThread
ExitThread
GetModuleFileNameA
ExitProcess
TlsFree
InterlockedFlushSList
RtlUnwind
LoadLibraryExA
VirtualFree
VirtualAlloc
InterlockedPushEntrySList
InterlockedPopEntrySList
EncodePointer
OutputDebugStringW
FlushInstructionCache
HeapDestroy
HeapCreate
OutputDebugStringA
GetModuleHandleExW
VirtualProtect
TlsGetValue
CreateThread
TlsAlloc
DisableThreadLibraryCalls
GetModuleHandleA
TlsSetValue
MapViewOfFileEx
CreateFileMappingW
UnmapViewOfFile
QueryPerformanceFrequency
GlobalUnlock
GlobalLock
LocalAlloc
CreateWaitableTimerW
SetWaitableTimer
InterlockedIncrement
InterlockedDecrement
lstrcmpW
MulDiv
FormatMessageW
GetFileSizeEx
GlobalMemoryStatusEx
GetLogicalDriveStringsW
LoadLibraryExW
GetTickCount
SetLastError
InterlockedExchange
ReleaseMutex
CreateMutexW
GetTempFileNameW
GetWindowsDirectoryW
DeleteFileW
SetFileAttributesW
GetTempPathW
GetFullPathNameW
CreateDirectoryW
InterlockedExchangeAdd
ResetEvent
SetEvent
CreateEventW
QueryDosDeviceW
GetEnvironmentVariableW
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
OpenThread
SwitchToThread
TerminateThread
Sleep
GetExitCodeThread
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
QueryPerformanceCounter
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
GetVersionExW
lstrcmpiW
GetACP
HeapFree
OpenProcess
HeapAlloc
GetProcessHeap
ExpandEnvironmentStringsW
ResumeThread
WriteFile
SetFilePointer
SetEndOfFile
GetFileSize
GetLongPathNameW
GetFileAttributesExW
SuspendThread

user32

GetWindowLongW
CreateWindowExW
IsWindow
SetFocus
EnableWindow
GetActiveWindow
LoadIconW
CharPrevW
CharNextW
PostMessageW
EndDialog
SetWindowLongW
SendMessageW
GetPropW
RemovePropW
GetForegroundWindow
SetPropW
GetAsyncKeyState
GetFocus
LoadStringW
DestroyAcceleratorTable
CreateAcceleratorTableW
EnumThreadWindows
PostQuitMessage
RegisterWindowMessageW
GetAncestor
EmptyClipboard
SetClipboardData
GetClassInfoExW
CloseClipboard
GetClipboardData
IsClipboardFormatAvailable
GetSysColor
GetIconInfo
DrawIconEx
GetSystemMetrics
GetKeyboardState
GetCaretBlinkTime
ToAscii
UnregisterClassW
CallWindowProcW
DispatchMessageW
TranslateMessage
RegisterClassExW
LoadBitmapW
LoadImageW
SetCaretPos
AttachThreadInput
SetRectEmpty
MsgWaitForMultipleObjects
FillRect
UpdateLayeredWindow
UnionRect
PtInRect
SetRect
GetWindowThreadProcessId
AdjustWindowRectEx
ShowWindowAsync
IsWindowVisible
MessageBoxW
SetWindowRgn
InvalidateRgn
OpenClipboard
IsChild
ValidateRect
SetWindowPos
wsprintfW
GetMessageW
GetWindowTextW
ReleaseDC
SetForegroundWindow
GetParent
SystemParametersInfoW
GetDesktopWindow
GetDlgItem
GetClientRect
GetClassNameW
MapWindowPoints
CopyRect
GetMonitorInfoW
ShowWindow
SetWindowTextW
MonitorFromWindow
GetDC
GetWindowRect
GetWindow
GetWindowTextLengthW
GetCursorPos
IsIconic
GetDCEx
InvalidateRect
IsZoomed
SetCursor
GetWindowDC
LoadCursorW
IntersectRect
IsRectEmpty
ClientToScreen
RedrawWindow
OffsetRect
EnumChildWindows
EqualRect
DefWindowProcW
DialogBoxParamW
KillTimer
GetClassLongW
SetTimer
ReleaseCapture
SetCapture
ScreenToClient
GetKeyState
DestroyWindow
EndPaint
BeginPaint
TrackMouseEvent
SetParent
MoveWindow

gdi32

GetRgnBox
DeleteObject
SetViewportOrgEx
CreateCompatibleDC
SelectObject
GetStockObject
GetDeviceCaps
BitBlt
CreatePolygonRgn
CreateRectRgnIndirect
CreateFontIndirectW
SetGraphicsMode
CreateSolidBrush
SetBkColor
SetTextColor
ExtTextOutW
DeleteDC
GetObjectW
EnumFontsW
PtInRegion
CreateRoundRectRgn
CreateDIBSection
CreateDCW
SetWorldTransform
CreateCompatibleBitmap
GetClipBox
GetDIBits

shell32

ShellExecuteExW
SHGetSpecialFolderPathW
DragFinish
DragQueryFileW
CommandLineToArgvW
SHBrowseForFolderW
SHGetPathFromIDListW
ShellExecuteW
SHGetFolderPathW
ord155
ord190

ole32

OleUninitialize
StringFromGUID2
CLSIDFromProgID
CLSIDFromString
CoGetClassObject
CoTaskMemRealloc
CoTaskMemFree
CoTaskMemAlloc
OleInitialize
CoCreateInstance
OleLockRunning
CreateStreamOnHGlobal

oleaut32

LoadTypeLi
OleCreateFontIndirect
DispCallFunc
VariantInit
SysAllocStringLen
VariantClear
VarUI4FromStr
SysAllocString
VarBstrCmp
SysStringLen
SysFreeString
LoadRegTypeLi

shlwapi

ord12
PathAppendW
StrDupW
PathRemoveFileSpecW
StrToIntA
PathFindFileNameW

comctl32

InitCommonControlsEx
_TrackMouseEvent

msimg32

AlphaBlend

urlmon

CoInternetCreateSecurityManager
CoInternetCreateZoneManager

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

imm32

ImmNotifyIME
ImmAssociateContextEx
ImmGetCompositionStringW
ImmSetCompositionWindow
ImmReleaseContext
ImmGetContext

gdiplus

GdipAddPathLineI
GdipCreateHBITMAPFromBitmap
GdipCreateRegionPath
GdiplusStartup
GdipGetPropertyItemSize
GdipGetImageWidth
GdipImageGetFrameCount
GdipImageGetFrameDimensionsList
GdipBitmapLockBits
GdipImageSelectActiveFrame
GdipFree
GdipDisposeImage
GdipAlloc
GdipCreateBitmapFromStream
GdipGetPropertyItem
GdipBitmapUnlockBits
GdipCloneImage
GdipImageGetFrameDimensionsCount
GdipGetImageHeight
GdipCreateBitmapFromScan0
GdipCreateBitmapFromFile
GdipCloneBitmapAreaI
GdipGetImagePixelFormat
GdipSetStringFormatFlags
GdipCloneRegion
GdipGetFamilyName
GdipDeleteMatrix
GdipDrawImageRectRectI
GdipSetStringFormatAlign
GdipCreatePen1
GdipDeletePen
GdipTranslateWorldTransform
GdipGetFontSize
GdipDeleteFont
GdipDeleteStringFormat
GdipDeleteGraphics
ord1
GdipFillRectangleI
GdipGetImageGraphicsContext
GdipDeleteRegion
GdipMeasureString
GdipCloneBrush
GdipRestoreGraphics
GdipRotateWorldTransform
GdipStringFormatGetGenericTypographic
GdipGetCellAscent
GdipSetTextRenderingHint
GdipCloneStringFormat
GdipGetMatrixElements
GdipGetTextureTransform
GdipCreateTexture
GdipBeginContainer2
GdipFillEllipse
GdipCreateFromHDC
GdipGetClipBoundsI
GdipSetImageAttributesWrapMode
GdipDrawString
GdipDrawPath
GdipSetClipRegion
GdipCreateImageAttributes
GdipDrawArcI
GdipGetSmoothingMode
GdipClosePathFigure
GdipSetClipRectI
GdipScaleWorldTransform
GdipSetPixelOffsetMode
GdipDrawRectangle
GdipDrawLine
GdipSetPenDashStyle
GdipGraphicsClear
GdipMultiplyWorldTransform
GdipGetPathWorldBounds
GdipFillPath
GdipTransformRegion
GdipSetStringFormatTrimming
GdipGetFontStyle
GdipCreateSolidFill
GdipCloneBitmapArea
GdipCombineRegionPath
GdipAddPathEllipseI
GdipSetCompositingMode
GdipSetTextureTransform
GdipSetLineTransform
GdipGetCellDescent
GdipSetInterpolationMode
GdipSetLinePresetBlend
GdipCreateFont
GdipSetStringFormatLineAlign
GdipCreatePath
GdipEndContainer
GdipSetSmoothingMode
GdipCreateMatrix
GdipAddPathBezierI
GdipGetStringFormatAlign
GdipDeletePath
GdipDisposeImageAttributes
GdipCreateMatrix2
GdipDeleteBrush
GdipGetLineSpacing
GdipSetLineWrapMode
GdipCreateLineBrushI
GdipDrawImageRectRect
GdipSaveGraphics
GdipCreateFontFamilyFromName
GdipGetEmHeight
GdipGetStringFormatLineAlign
GdipAddPathString
GdipGetTextRenderingHint
GdipGetFamily
GdipAddPathArcI
GdipSetCompositingQuality
GdipSetImageAttributesColorMatrix
GdipGetLineTransform
GdipDeleteFontFamily
GdipGetBrushType
GdipCombineRegionRegion
GdipAddPathRectangleI
GdipGetInterpolationMode

winmm

timeGetTime

psapi

GetMappedFileNameW

advapi32

RegQueryInfoKeyW
RegDeleteKeyW
RegCreateKeyExW
RegDeleteValueW
RegOpenKeyExW
RegSetValueExW
RegEnumKeyExW
RegCloseKey

Exports

Exports

AddFirewallNetworkRule
BindSoftware
CheckInstall
DeleteFirewallNetworkRule
ExtractDll
GetCheckValue
GetInstDir
GetInstallVersion
Init
NeedChangDlgText
OnRepair
OnSetup
OnSetupPost
OnUninstall
PopInt
PopString
PushInt
PushString
ShowInstall
ShowUnInstall

Sections

.text
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 260KB - Virtual size: 260KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3.7MB - Virtual size: 3.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:6 windows x86 arch:x86

216ff05c01e38b13fee53b7ace6b1894

Code Sign

0b:d8:a6:92:ce:d9:a1:8c:53:0f:a8:5d:55:72:c0:d4
Certificate

Issuer

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/04/2020, 00:00

Not After

12/06/2023, 12:00

Subject

CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,OU=IT,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2014, 00:00

Not After

22/10/2024, 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0f:a8:49:06:15:d7:00:a0:be:21:76:fd:c5:ec:6d:bd
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

11/02/2011, 12:00

Not After

10/02/2026, 12:00

Subject

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2021, 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

09:eb:8e:00:26:88:42:f0:dc:0c:60:43:a6:d5:61:91
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

02/04/2020, 00:00

Not After

12/06/2023, 12:00

Subject

CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,OU=IT,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/10/2019, 00:00

Not After

17/10/2030, 00:00

Subject

CN=TIMESTAMP-SHA256-2019-10-15,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

e2:2a:29:61:3d:2e:db:f3:c1:d8:06:ab:50:62:3e:3c:ce:8a:52:6d:8c:a2:53:79:ce:9c:25:cb:c3:dd:a4:98
Signer

Actual PE Digest

e2:2a:29:61:3d:2e:db:f3:c1:d8:06:ab:50:62:3e:3c:ce:8a:52:6d:8c:a2:53:79:ce:9c:25:cb:c3:dd:a4:98

Digest Algorithm

sha256

PE Digest Matches

true

01:ff:77:6e:f8:da:13:72:ac:88:d1:3e:ed:4e:11:10:e9:9f:01:22
Signer

Actual PE Digest

01:ff:77:6e:f8:da:13:72:ac:88:d1:3e:ed:4e:11:10:e9:9f:01:22

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalSize
GlobalFree
lstrcpynW
lstrcpyW
GetLastError
VirtualAlloc
VirtualFree
VirtualProtect
FreeLibrary
GetModuleHandleW
GetProcAddress
lstrlenW
LoadLibraryW
MultiByteToWideChar
WideCharToMultiByte

user32

wsprintfW

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 926B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 68B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 700B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
2345DirectUI.dll
.dll windows:5 windows x64 arch:x64

51dcb9e351489e3c75db9c583e4f741e

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1b:09:3b:78:60:96:da:37:bb:a4:51:94:46:c8:96:78
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

75:07:30:67:30:94:f3:8c:a9:f0:7e:06:e5:74:fb:df
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

04/07/2017, 00:00

Not After

22/06/2019, 23:59

Subject

CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,OU=IT,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1b:09:3b:78:60:96:da:37:bb:a4:51:94:46:c8:96:78
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

67:1d:31:6b:f6:0f:35:75:5f:07:23:72:de:ef:8f:e5
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

22/06/2017, 00:00

Not After

22/06/2019, 23:59

Subject

CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,OU=IT,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

65:08:aa:36:91:40:46:7d:8c:6a:e1:41:32:75:59:fa:fa:3a:c2:5d:a5:a8:1e:78:a6:2c:45:35:51:db:fc:5b
Signer

Actual PE Digest

65:08:aa:36:91:40:46:7d:8c:6a:e1:41:32:75:59:fa:fa:3a:c2:5d:a5:a8:1e:78:a6:2c:45:35:51:db:fc:5b

Digest Algorithm

sha256

PE Digest Matches

true

c7:04:68:8e:2d:af:32:1f:11:84:11:7d:e5:cc:9c:a9:c5:9a:b2:47
Signer

Actual PE Digest

c7:04:68:8e:2d:af:32:1f:11:84:11:7d:e5:cc:9c:a9:c5:9a:b2:47

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

E:\RCFL\DirectUI\SVNServer\DirectUI\bin\vs2013\x64\release_unicode\pdb\2345DirectUI.pdb

Imports

kernel32

IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
OutputDebugStringW
InitializeSListHead
InterlockedPopEntrySList
InterlockedPushEntrySList
VirtualAlloc
VirtualFree
lstrlenA
LocalFree
GetProcessHeap
HeapFree
HeapAlloc
GetCurrentThreadId
SetLastError
FlushInstructionCache
ReadFile
FreeLibrary
GetCurrentProcess
SetFilePointer
FreeResource
EncodePointer
DeleteFileW
CopyFileW
CreateEventW
GetTickCount
GetCurrentDirectoryW
WideCharToMultiByte
DisableThreadLibraryCalls
MultiByteToWideChar
SizeofResource
LoadLibraryExW
LoadResource
FindResourceW
IsBadReadPtr
GlobalFree
CreateFileW
WriteFile
DecodePointer
GetLastError
RaiseException
GetModuleFileNameW
InitializeCriticalSectionAndSpinCount
GlobalUnlock
GlobalAlloc
GetModuleHandleW
GlobalLock
MulDiv
ExpandEnvironmentStringsW
lstrcpyW
lstrcatW
lstrcmpiW
lstrlenW
GetFileAttributesW
GetVersionExW
LoadLibraryW
CloseHandle
DeleteCriticalSection
LoadLibraryA
EnterCriticalSection
GetProcAddress
LeaveCriticalSection
InitializeCriticalSection
IsDebuggerPresent

user32

FindWindowW
IsRectEmpty
SetRectEmpty
GetMonitorInfoW
MonitorFromWindow
DrawTextW
UnionRect
GetSysColor
EndPaint
ClientToScreen
IsWindow
PtInRect
LoadCursorW
GetParent
SetForegroundWindow
PostMessageW
IsIconic
GetWindowRect
RemovePropW
UpdateLayeredWindow
DestroyWindow
UnregisterClassW
CopyRect
SetCursor
GetIconInfo
DrawIconEx
MoveWindow
SetWindowTextW
GetDlgCtrlID
UpdateWindow
SendMessageW
CloseWindow
GetDlgItem
GetWindowTextW
BringWindowToTop
InvalidateRect
LockWindowUpdate
GetCapture
SetFocus
GetClientRect
SetParent
IsWindowEnabled
IsZoomed
KillTimer
SetCapture
SetActiveWindow
SetTimer
GetWindowTextLengthW
CharNextW
GetWindow
SystemParametersInfoW
MessageBoxW
CallWindowProcW
EndDeferWindowPos
SetWindowLongPtrW
GetSystemMetrics
BeginDeferWindowPos
ReleaseCapture
EqualRect
GetCursorPos
GetDesktopWindow
DestroyCursor
EnableMenuItem
GetClassNameW
GetClassLongPtrW
IntersectRect
OffsetRect
InflateRect
BeginPaint
DrawTextExW
GetWindowLongPtrW
GetKeyState
GetTopWindow
ScreenToClient
GetSystemMenu
FillRect
DrawFrameControl
LoadStringW
LoadImageW
MonitorFromPoint
CallNextHookEx
WindowFromPoint
TrackPopupMenuEx
RemoveMenu
SetWindowsHookExW
UnhookWindowsHookEx
LoadMenuW
DeferWindowPos
GetDoubleClickTime
DestroyIcon
GetWindowDC
GetMessagePos
EndDialog
GetFocus
DialogBoxParamW
GetAsyncKeyState
IsMenu
GetMenuItemID
GetSubMenu
DeleteMenu
GetMenuStringW
GetMenuItemInfoW
ModifyMenuW
GetClassLongW
SetRect
AppendMenuW
CreatePopupMenu
GetMenuItemCount
GetClassInfoExW
SetPropW
GetDC
GetForegroundWindow
RegisterClassExW
GetWindowLongW
ReleaseDC
InsertMenuW
DestroyMenu
GetWindowThreadProcessId
DefWindowProcW
GetPropW
EnableWindow
IsWindowVisible
CreateWindowExW
SetWindowPos
GetActiveWindow
ShowWindow
RedrawWindow
SetWindowLongW
SetWindowRgn

gdi32

CreateRectRgn
OffsetRgn
CreateCompatibleBitmap
CombineRgn
CreateRectRgnIndirect
PtInRegion
SetRectRgn
SelectClipRgn
CreateBitmap
SetViewportOrgEx
PatBlt
CreateSolidBrush
CreatePen
FillPath
PolyBezierTo
EndPath
ExtCreateRegion
PolyDraw
GetRegionData
CreateFontIndirectW
SetTextColor
WidenPath
CreatePatternBrush
GetViewportOrgEx
GetWindowOrgEx
GetPath
MoveToEx
BeginPath
CreateICW
GetPixel
SetDIBits
ExtTextOutW
SetBkColor
GetCurrentObject
RestoreDC
SetROP2
SaveDC
IntersectClipRect
SetWindowOrgEx
Rectangle
GetClipBox
SetBkMode
CreateDIBSection
BitBlt
GetDeviceCaps
GetDIBits
CreateDCW
RealizePalette
SelectPalette
GetObjectW
GetStockObject
DeleteDC
SelectObject
CreateCompatibleDC
LineTo
DeleteObject

advapi32

RegSetValueExW
RegQueryInfoKeyW
RegDeleteKeyW
RegDeleteValueW
RegOpenKeyExW
RegEnumKeyExW
RegCreateKeyExW
RegCloseKey

shell32

ShellExecuteW

ole32

CoCreateGuid
CoFreeUnusedLibraries
StringFromGUID2
CoInitialize
CoUninitialize
CoTaskMemAlloc
CoTaskMemFree
CoTaskMemRealloc
CoCreateInstance
CLSIDFromString
CreateStreamOnHGlobal
OleUninitialize
OleInitialize

oleaut32

SafeArrayGetUBound
VariantClear
VarBstrCmp
VarUI4FromStr
SysAllocStringLen
VariantCopy
SysStringByteLen
VarBstrCat
SysAllocStringByteLen
SysStringLen
SafeArrayPutElement
SafeArrayGetElement
SafeArrayRedim
SafeArrayCreate
SafeArrayDestroy
SafeArrayGetLBound
SysAllocString
OleTranslateColor
LoadRegTypeLi
SysFreeString
VariantChangeType
VariantInit
LoadTypeLi

msvcp120

?_Xout_of_range@std@@YAXPEBD@Z
?_Xlength_error@std@@YAXPEBD@Z
?_Xbad_alloc@std@@YAXXZ
?_Syserror_map@std@@YAPEBDH@Z
?_Orphan_all@_Container_base12@std@@QEAAXXZ
??0_Container_base12@std@@QEAA@XZ
?_Swap_all@_Container_base12@std@@QEAAXAEAU12@@Z
?_Winerror_map@std@@YAPEBDH@Z

msvcr120

_malloc_crt
_amsg_exit
__CppXcptFilter
__crtCapturePreviousContext
__crtCaptureCurrentContext
__crtTerminateProcess
__crtUnhandledException
__crt_debugger_hook
__CxxFrameHandler3
_onexit
__C_specific_handler
__dllonexit
_calloc_crt
_unlock
_lock
atof
?terminate@@YAXXZ
sprintf_s
strchr
toupper
_wcstoui64
wcstoul
wcschr
_snwprintf_s
atoi
_waccess
vswprintf_s
strstr
_wtoi
_wcsicmp
strncpy_s
fclose
wcscpy_s
fseek
_initterm
wcscat_s
ftell
fwrite
fread
swprintf_s
_wfopen_s
wcsstr
wcsncpy_s
_resetstkoflw
malloc
memcpy_s
_recalloc
calloc
??_V@YAXPEAX@Z
free
??2@YAPEAX_K@Z
??3@YAXPEAX@Z
_purecall
_beginthreadex
memmove
memcpy
_initterm_e
?_type_info_dtor_internal_method@type_info@@QEAAXXZ
__clean_type_info_names_internal
memset
_CxxThrowException
__RTDynamicCast
ceilf
floorf
memcmp

comctl32

ImageList_Destroy
ImageList_GetImageInfo
ImageList_GetImageCount
ImageList_LoadImageW
_TrackMouseEvent
ImageList_GetIcon

msimg32

AlphaBlend

gdiplus

GdipFillRectangleI
GdipCloneImage
GdipGetImageWidth
GdipCreateBitmapFromStream
GdipCreateBitmapFromFile
GdipCreateFromHDC
GdipDrawImageRectI
GdipCreateBitmapFromHBITMAP
GdipCreateLineBrushFromRectWithAngleI
GdipSetStringFormatFlags
GdipGetStringFormatFlags
GdipMeasureString
GdipSetStringFormatLineAlign
GdipSetTextRenderingHint
GdipDeleteFont
GdipSetStringFormatAlign
GdipSetSmoothingMode
GdipBitmapUnlockBits
GdipDrawString
GdipCreateFontFromLogfontW
GdipSetCompositingQuality
GdipSetInterpolationMode
GdipBitmapLockBits
GdipSetStringFormatHotkeyPrefix
GdipCreateStringFormat
GdipSetStringFormatTrimming
GdipDeleteStringFormat
GdipDrawImageI
GdipDeletePen
GdipCreatePen1
GdipDrawRectangleI
GdipFillPolygon
GdipDrawPolygon
GdipCreateHICONFromBitmap
GdipCreateTexture
GdipFillPieI
GdipCloneBitmapAreaI
GdipSetCompositingMode
GdipDisposeImage
GdipAlloc
GdipCreateSolidFill
GdipGetImageGraphicsContext
GdipDeleteGraphics
GdipCreateBitmapFromScan0
GdipDrawImageRectRectI
GdipGetImageHeight
GdipCloneBrush
GdipFree
GdipDeleteBrush
GdipCreateHBITMAPFromBitmap

rpcrt4

UuidFromStringW

Exports

Exports

CloseSkin
FreeSkinFileBytes
GetSkinFileBytes
OpenSkin

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 470KB - Virtual size: 470KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 87KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
7zNew.data
.7z
Benchmark.data
HaoZip.chm
.chm
HaoZip.dll
.dll windows:5 windows x64 arch:x64

a6ba115c8f74ccd80bfbf9d4f86b99aa

Code Sign

0d:70:a1:7d:75:6f:ec:88:85:9a:29:46:be:d7:69:44
Certificate

Issuer

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/05/2019, 00:00

Not After

08/05/2020, 12:00

Subject

CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,OU=IT,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,L=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2014, 00:00

Not After

22/10/2024, 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0f:a8:49:06:15:d7:00:a0:be:21:76:fd:c5:ec:6d:bd
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

11/02/2011, 12:00

Not After

10/02/2026, 12:00

Subject

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2021, 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:40:74:8d:43:58:a1:47:81:d6:a9:c3:07:b3:aa:9c
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2019, 00:00

Not After

08/05/2020, 12:00

Subject

CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,OU=IT,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,L=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/10/2019, 00:00

Not After

17/10/2030, 00:00

Subject

CN=TIMESTAMP-SHA256-2019-10-15,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

98:a0:19:cd:f7:ae:11:f0:cc:31:cc:fc:86:26:cd:05:45:98:0d:44:3b:84:35:9e:88:a0:97:63:c7:de:8f:c7
Signer

Actual PE Digest

98:a0:19:cd:f7:ae:11:f0:cc:31:cc:fc:86:26:cd:05:45:98:0d:44:3b:84:35:9e:88:a0:97:63:c7:de:8f:c7

Digest Algorithm

sha256

PE Digest Matches

true

50:fb:fc:00:a5:d3:9d:c7:ca:bf:e8:5a:80:3a:5e:69:d8:72:cb:e2
Signer

Actual PE Digest

50:fb:fc:00:a5:d3:9d:c7:ca:bf:e8:5a:80:3a:5e:69:d8:72:cb:e2

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\trunk\2345haozip\bin\x64\release\pdb\HaoZip.dll.pdb

Imports

gdiplus

GdipFillRectangleI
GdipMeasureString
GdipCloneBrush
GdipSetTextRenderingHint
GdipSetImageAttributesWrapMode
GdipDrawString
GdipSetCompositingMode
GdipCreateBitmapFromResource
GdipSetSmoothingMode
GdipGetRegionHRgn
GdipSetImageAttributesColorMatrix
GdipSaveGraphics
GdipBitmapUnlockBits
GdipCreateMatrix
GdipGetWorldTransform
GdipTransformPointsI
GdipDeleteStringFormat
GdipCreateRegion
GdipCloneBitmapAreaI
GdipScaleWorldTransform
GdipSetClipRectI
GdipBitmapLockBits
GdipGetClipBoundsI
GdipGetMatrixElements
GdipGetClip
GdipRestoreGraphics
GdipDeleteRegion
GdipTranslateWorldTransform
GdipDeleteMatrix
GdipSetCompositingQuality
GdipSetPixelOffsetMode
GdipSetPageUnit
GdipGetImagePixelFormat
GdipReleaseDC
GdipGetDC
GdipLoadImageFromFile
GdipGetImageThumbnail
GdipGraphicsClear
GdipDeleteFont
GdipCreateBitmapFromScan0
GdipGetImageEncoders
GdipDrawImagePointRectI
GdipSetStringFormatAlign
GdipImageRotateFlip
GdipImageGetFrameDimensionsCount
GdipDrawImageRectRect
GdipGetPropertyItem
GdipDrawImageRectI
GdipCreateBitmapFromHBITMAP
GdipImageSelectActiveFrame
GdipImageGetFrameDimensionsList
GdipImageGetFrameCount
GdipGetImageEncodersSize
GdipGetPropertyItemSize
GdipSaveImageToFile
GdipCreateStringFormat
GdipSetImageAttributesColorKeys
GdipDeleteBrush
GdipDisposeImageAttributes
GdipFree
GdipCreateHBITMAPFromBitmap
GdipDisposeImage
GdipAlloc
GdipCreateBitmapFromStream
GdipCloneImage
GdipCreateSolidFill
GdipGetImageHeight
GdiplusShutdown
GdiplusStartup
GdipDeleteGraphics
GdipCreateFromHDC
GdipCreateBitmapFromFile
GdipCreateFontFromLogfontW
GdipDrawImageRectRectI
GdipCreateImageAttributes
GdipGetImageGraphicsContext
GdipGetImageWidth

imm32

ImmGetConversionStatus
ImmReleaseContext
ImmGetContext
ImmSetConversionStatus
ImmAssociateContextEx
ImmGetDescriptionW

kernel32

CreateFileW
GetFileAttributesExW
CreateMutexW
ReleaseMutex
GetFileSize
FileTimeToLocalFileTime
SystemTimeToFileTime
GetSystemTime
DosDateTimeToFileTime
FileTimeToDosDateTime
SetFileTime
SetEndOfFile
FormatMessageW
ResumeThread
OpenEventW
ResetEvent
LoadLibraryA
GetComputerNameExW
OpenProcess
GetSystemInfo
GetEnvironmentVariableW
QueryDosDeviceW
GetCurrentProcess
lstrcatW
GetFileTime
OpenFileMappingW
UnmapViewOfFile
CreateFileMappingW
MapViewOfFile
CreateDirectoryW
GetFullPathNameW
GetTempPathW
GetSystemDirectoryW
SetFileAttributesW
DeleteFileW
GetCurrentDirectoryW
GetWindowsDirectoryW
SetCurrentDirectoryW
CopyFileW
GetTempFileNameW
GetFileSizeEx
GlobalMemoryStatusEx
DeviceIoControl
WinExec
GlobalSize
FreeResource
SetThreadPriority
OpenThread
WriteProcessMemory
VirtualAllocEx
ReadProcessMemory
VirtualFreeEx
WritePrivateProfileStringW
RtlVirtualUnwind
InterlockedPopEntrySList
InterlockedPushEntrySList
FlushInstructionCache
VirtualAlloc
VirtualFree
LoadLibraryExA
OutputDebugStringW
CreateToolhelp32Snapshot
QueryPerformanceFrequency
CompareFileTime
Process32NextW
Process32FirstW
GetDiskFreeSpaceExW
FindFirstChangeNotificationW
FindCloseChangeNotification
GetOverlappedResult
ReadDirectoryChangesW
GetLocalTime
GetComputerNameW
FindFirstFileW
UpdateResourceW
BeginUpdateResourceW
SetPriorityClass
GetCurrentThread
GetProcessTimes
IsBadWritePtr
IsBadReadPtr
FindClose
FindNextFileW
SetEvent
GetACP
SystemTimeToTzSpecificLocalTime
SwitchToThread
MoveFileW
lstrcpyW
MoveFileExW
GlobalFree
LockResource
GetDriveTypeW
InitializeCriticalSection
Sleep
RemoveDirectoryW
GetLogicalDriveStringsW
GetDiskFreeSpaceW
GetVolumeInformationW
GetShortPathNameW
lstrcpynW
lstrlenW
GetCurrentProcessId
LocalFree
LocalAlloc
GetProcessHeap
HeapAlloc
HeapFree
WaitForMultipleObjects
CreateEventW
GetExitCodeProcess
CreateProcessW
GetPrivateProfileStringW
WaitForSingleObject
ExpandEnvironmentStringsW
GetSystemDefaultLangID
GetFileAttributesW
FileTimeToSystemTime
WriteFile
GetStdHandle
GetVersionExW
LoadLibraryW
SetFilePointer
ReadFile
CompareStringW
CloseHandle
LoadLibraryExW
MulDiv
lstrcmpW
GlobalUnlock
GetTickCount
lstrcmpiW
CreateSemaphoreW
FreeLibrary
GetModuleHandleW
DeleteCriticalSection
GlobalLock
GetProcAddress
EnumResourceLanguagesW
GetCPInfoExW
EnumSystemCodePagesW
DecodePointer
FindResourceW
LoadResource
RaiseException
OpenSemaphoreW
GlobalAlloc
GetLastError
MultiByteToWideChar
GetCurrentThreadId
SetErrorMode
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
GetModuleFileNameW
ReleaseSemaphore
EnterCriticalSection
SetLastError
WideCharToMultiByte
SizeofResource
RtlCaptureContext
GetCommandLineW
GetLongPathNameW
SearchPathW
CreatePipe
TerminateProcess
GetStartupInfoW
EndUpdateResourceW
EnumResourceTypesW
EnumResourceNamesW
FindResourceExW
EncodePointer
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
IsDebuggerPresent
WaitForSingleObjectEx
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlLookupFunctionEntry
IsBadStringPtrW

user32

CreatePopupMenu
GetMenuItemCount
InsertMenuItemW
GetMenuItemInfoW
ShowScrollBar
LoadIconW
AppendMenuW
IsMenu
TrackPopupMenu
DeleteMenu
MonitorFromPoint
DrawIcon
PostQuitMessage
MessageBeep
EnumWindows
IsRectEmpty
GetForegroundWindow
IsZoomed
SetWindowPlacement
GetCursorPos
LoadImageW
PtInRect
IsWindowUnicode
PeekMessageW
GetSubMenu
GetCapture
MsgWaitForMultipleObjects
DispatchMessageA
GetMessageA
GetMenuState
CreateMenu
EnableMenuItem
CheckMenuRadioItem
UpdateWindow
SetRectEmpty
RegisterClipboardFormatW
SetScrollRange
SendDlgItemMessageW
FindWindowW
GetWindowDC
CopyRect
WindowFromPoint
SetScrollPos
GetScrollPos
AdjustWindowRectEx
GetMenu
SetWindowRgn
DrawEdge
IsClipboardFormatAvailable
GetIconInfo
GetDlgItemInt
OffsetRect
DestroyIcon
DrawStateW
KillTimer
SetTimer
DrawFrameControl
DrawIconEx
TrackPopupMenuEx
DestroyMenu
DrawFocusRect
SwitchToThisWindow
DrawTextW
GetPropW
GetClassLongPtrW
SetPropW
EndDialog
GetSystemMenu
SetRect
GetKeyState
IsWindowVisible
MonitorFromWindow
SetActiveWindow
IsDialogMessageW
GetMonitorInfoW
IsWindowEnabled
PostThreadMessageW
BringWindowToTop
SetForegroundWindow
IsIconic
wsprintfW
GetKeyboardLayoutList
ActivateKeyboardLayout
SetDlgItemInt
InflateRect
GetSystemMetrics
GetScrollInfo
GetWindowThreadProcessId
GetSysColorBrush
LoadBitmapW
GetWindowTextW
EndPaint
BeginPaint
ReleaseDC
InvalidateRect
ReleaseCapture
RegisterWindowMessageW
GetParent
GetClassInfoExW
GetKeyboardLayout
FindWindowExW
GetWindowRect
GetDlgCtrlID
MapWindowPoints
SystemParametersInfoW
EnableWindow
GetActiveWindow
LoadStringW
MessageBoxW
DialogBoxParamW
GetMessageW
CreateDialogParamW
DispatchMessageW
TranslateMessage
GetWindowLongW
GetWindowTextLengthW
DefWindowProcW
CallWindowProcW
PostMessageW
GetWindow
GetFocus
DestroyWindow
GetDC
SetWindowPos
SetWindowLongPtrW
FillRect
EqualRect
WaitMessage
MonitorFromRect
MapVirtualKeyExW
GetKeyNameTextW
LoadMenuW
IntersectRect
GetUpdateRect
InsertMenuW
RemovePropW
GetClassLongW
CopyIcon
TrackMouseEvent
UnionRect
SetMenuItemInfoW
UpdateLayeredWindow
GetTopWindow
GetMenuStringW
CheckRadioButton
SetDlgItemTextW
CheckDlgButton
SendMessageTimeoutW
CreateIconIndirect
FrameRect
ExitWindowsEx
OpenClipboard
CloseClipboard
EmptyClipboard
GetClipboardData
SetClipboardData
CreateWindowExW
ScreenToClient
SendMessageW
UnregisterClassW
SetWindowTextW
GetWindowLongPtrW
RegisterClassExW
ShowWindow
IsWindow
InvalidateRgn
RedrawWindow
ClientToScreen
DestroyAcceleratorTable
IsChild
GetSysColor
MoveWindow
CreateAcceleratorTableW
SetFocus
CharNextW
LoadCursorW
GetClassNameW
SetCapture
SetCursor
SetWindowLongW
GetClientRect
GetDlgItem
GetDesktopWindow
GetScrollRange

gdi32

CreateRectRgnIndirect
CreateRectRgn
CombineRgn
SetViewportOrgEx
SetStretchBltMode
GetTextExtentPoint32W
StretchBlt
GetTextExtentPointW
ExtCreatePen
SetBrushOrgEx
SelectClipRgn
SetArcDirection
GetTextMetricsW
SetBkMode
SetTextColor
SetBkColor
ExtTextOutW
CreateFontIndirectW
AngleArc
BitBlt
CreateCompatibleBitmap
SelectObject
CreateCompatibleDC
GetStockObject
GetDeviceCaps
DeleteDC
GetObjectW
DeleteObject
CreatePolygonRgn
SetDCBrushColor
SetROP2
SetDCPenColor
GetBkColor
FillPath
BeginPath
PathToRegion
TextOutW
EndPath
GetBkMode
LineTo
CreatePen
MoveToEx
GetCurrentObject
EnumFontsW
EnumFontFamiliesExW
SetWindowOrgEx
GetClipBox
LPtoDP
SetMapMode
GetMapMode
DPtoLP
CreateDIBSection
GetDIBits
SetPixel
SetGraphicsMode
GetPixel
SetWorldTransform
CreateSolidBrush

comdlg32

ChooseFontW
GetOpenFileNameW
GetSaveFileNameW

advapi32

RegDeleteKeyW
RegEnumKeyExW
RegSetValueExW
RegOpenKeyExW
RegDeleteValueW
RegQueryInfoKeyW
RegCloseKey
RegQueryValueExW
GetUserNameW
RegOpenCurrentUser
SystemFunction036
LookupPrivilegeValueW
AdjustTokenPrivileges
OpenProcessToken
RegCreateKeyExW

shell32

SHBrowseForFolderW
Shell_NotifyIconW
SHFileOperationW
SHChangeNotify
ShellExecuteW
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetMalloc
ShellExecuteExW
SHGetDesktopFolder
SHGetFolderLocation
SHGetFolderPathW
ord644
SHBindToParent
ord645
ord74
ord2
ord4
DragFinish
DragQueryFileW
ord28
FindExecutableW
SHGetSpecialFolderPathW
SHGetFileInfoW
ord190
ord155

ole32

CoTaskMemFree
CoTaskMemAlloc
OleUninitialize
CoGetClassObject
CLSIDFromProgID
CoCreateInstance
CreateStreamOnHGlobal
OleInitialize
CoTaskMemRealloc
CLSIDFromString
OleLockRunning
CoInitialize
CoUninitialize
CoInitializeEx
IIDFromString
CoInitializeSecurity
OleRun
DoDragDrop
RegisterDragDrop
RevokeDragDrop
ReleaseStgMedium
OleDuplicateData
StringFromGUID2

oleaut32

VariantChangeType
LoadRegTypeLi
VariantInit
LoadTypeLi
SysFreeString
OleCreateFontIndirect
SysAllocString
SysStringLen
SysAllocStringLen
GetErrorInfo
VarUI4FromStr
VariantClear

msvcp140

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
?_Xbad_alloc@std@@YAXXZ
?always_noconv@codecvt_base@std@@QEBA_NXZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?get@?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAGXZ
?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z
?_Fiopen@std@@YAPEAU_iobuf@@PEB_WHH@Z
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?ignore@?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV12@_JG@Z
?clear@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEAAXH_N@Z
?wcin@std@@3V?$basic_istream@_WU?$char_traits@_W@std@@@1@A
?getline@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEAD_JD@Z
?cin@std@@3V?$basic_istream@DU?$char_traits@D@std@@@1@A
?_Xout_of_range@std@@YAXPEBD@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAN@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
??Bid@locale@std@@QEAA_KXZ
?widen@?$ctype@_W@std@@QEBA_WD@Z
?_Getcat@?$ctype@_W@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?getloc@ios_base@std@@QEBA?AVlocale@2@XZ
?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV12@XZ
?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEAAXH_N@Z
?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAXXZ
?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAAG_W@Z
?put@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV12@_W@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@_K@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@I@Z
?widen@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEBA_WD@Z
?_Xlength_error@std@@YAXPEBD@Z
?wcerr@std@@3V?$basic_ostream@_WU?$char_traits@_W@std@@@1@A
?id@?$ctype@_W@std@@2V0locale@2@A
?wcout@std@@3V?$basic_ostream@_WU?$char_traits@_W@std@@@1@A
?uncaught_exception@std@@YA_NXZ
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
??0_Lockit@std@@QEAA@H@Z
??1_Lockit@std@@QEAA@XZ

shlwapi

StrStrIW
StrRetToBufW
PathIsRelativeW
StrToIntW
StrStrW
SHDeleteKeyW
AssocQueryStringW
SHAutoComplete
PathRemoveFileSpecW
StrCmpIW

comctl32

PropertySheetW
ImageList_Create
ImageList_Destroy
CreatePropertySheetPageW
DestroyPropertySheetPage
ImageList_GetIcon
ImageList_Remove
ImageList_Add
CreateStatusWindowW
ImageList_GetIconSize
ImageList_ReplaceIcon
ImageList_SetBkColor
ImageList_GetImageCount
ord8
ImageList_LoadImageW
_TrackMouseEvent
ImageList_Draw
InitCommonControlsEx

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

vcruntime140

memset
memcpy
memmove
strchr
strstr
wcsrchr
_CxxThrowException
__C_specific_handler
wcsstr
__std_terminate
_purecall
__std_exception_copy
__std_exception_destroy
__CxxFrameHandler3
wcschr
memcmp
__RTDynamicCast
memchr
__std_type_info_destroy_list

api-ms-win-crt-runtime-l1-1-0

_execute_onexit_table
_register_onexit_function
_endthreadex
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_invalid_parameter_noinfo_noreturn
_invalid_parameter_noinfo
_errno
_crt_atexit
_beginthreadex
_cexit
_initterm
signal
_initterm_e
terminate
_seh_filter_dll

api-ms-win-crt-stdio-l1-1-0

fread
fsetpos
_fseeki64
_get_stream_buffer_pointers
ungetc
setvbuf
fgetpos
fwrite
__stdio_common_vswprintf_s
__acrt_iob_func
__stdio_common_vsprintf
__stdio_common_vswscanf
__stdio_common_vsscanf
feof
_wfopen_s
_isatty
fgetc
__stdio_common_vsprintf_s
fclose
fflush
fputc
__stdio_common_vswprintf
__stdio_common_vsnwprintf_s
_fileno

api-ms-win-crt-heap-l1-1-0

malloc
free
_callnewh
calloc
_recalloc

api-ms-win-crt-string-l1-1-0

_wcsnicmp
_stricmp
tolower
towlower
_wcsupr
_wcsnset
ispunct
iswpunct
iswascii
toupper
wcscpy_s
towupper
_wcsicmp
wcsncpy
strncpy
wcsncpy_s
isalnum
wcsncmp

api-ms-win-crt-time-l1-1-0

_localtime64_s
_time64
_mktime64
_localtime64

api-ms-win-crt-utility-l1-1-0

rand
srand

api-ms-win-crt-filesystem-l1-1-0

_waccess
_splitpath_s
_wchmod
_lock_file
_unlock_file

api-ms-win-crt-convert-l1-1-0

_itow_s
wcstoul
strtol
_wtoi
_itow
_wtof
wcstol

api-ms-win-crt-math-l1-1-0

modf
round
_dtest

msimg32

GradientFill
TransparentBlt

imagehlp

ImageRemoveCertificate
ImageEnumerateCertificates

setupapi

SetupDiGetDeviceInterfaceDetailW
SetupDiEnumDeviceInterfaces
SetupDiDestroyDeviceInfoList
SetupDiGetClassDevsW

Exports

Exports

BatchRenameUtils
BatchTextReplace
ConsoleMain
HaoZipCheck
HaoZipCheckUpdate
HaoZipFix
HaoZipFixDesktopLink
HaoZipInit
HaoZipInstall
HaoZipInstall02
HaoZipInstall03
HaoZipLoaderInitialize
HaoZipMain
HaoZipPreUninstall
HaoZipRecordStatistics
HaoZipRegister
HaoZipUnInit
HaoZipUninstall
HaoZipUpdate
HaoZipUpdateIcons
HaoZipUpdateLang
HaoZipUpdateRegister
HaoZipUpgrade
HaozipCDInstance
Initialize
MD5Utils
ModuleFinitialize
ModuleInitialize
RescueBrotherProducts
RescueHaozip
RescueSelf
SetResFileName
UpdateMain

Sections

.text
Size: 5.1MB - Virtual size: 5.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 67KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 157KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HaoZip.exe
.exe windows:5 windows x64 arch:x64

35baf739d2ab81c840c40df3c77aaddd

Code Sign

0d:70:a1:7d:75:6f:ec:88:85:9a:29:46:be:d7:69:44
Certificate

Issuer

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/05/2019, 00:00

Not After

08/05/2020, 12:00

Subject

CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,OU=IT,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,L=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2014, 00:00

Not After

22/10/2024, 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0f:a8:49:06:15:d7:00:a0:be:21:76:fd:c5:ec:6d:bd
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

11/02/2011, 12:00

Not After

10/02/2026, 12:00

Subject

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2021, 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:40:74:8d:43:58:a1:47:81:d6:a9:c3:07:b3:aa:9c
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2019, 00:00

Not After

08/05/2020, 12:00

Subject

CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,OU=IT,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,L=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/10/2019, 00:00

Not After

17/10/2030, 00:00

Subject

CN=TIMESTAMP-SHA256-2019-10-15,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

bb:8a:29:93:2a:31:28:48:44:7d:8e:91:8b:dc:e2:b7:9e:2c:72:cd:96:cb:f6:c2:1e:b7:85:e0:46:f5:14:b5
Signer

Actual PE Digest

bb:8a:29:93:2a:31:28:48:44:7d:8e:91:8b:dc:e2:b7:9e:2c:72:cd:96:cb:f6:c2:1e:b7:85:e0:46:f5:14:b5

Digest Algorithm

sha256

PE Digest Matches

true

8c:55:0f:1b:3d:9e:ea:f5:91:79:bc:a1:1a:52:a4:8b:24:76:7f:0f
Signer

Actual PE Digest

8c:55:0f:1b:3d:9e:ea:f5:91:79:bc:a1:1a:52:a4:8b:24:76:7f:0f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\trunk\2345haozip\bin\x64\release\pdb\HaoZip.pdb

Imports

kernel32

GetFileAttributesW
LoadLibraryW
GetCurrentThreadId
GetModuleHandleW
ExpandEnvironmentStringsW
InitializeCriticalSectionAndSpinCount
WaitForSingleObject
GetPrivateProfileStringW
GetLastError
CloseHandle
HeapFree
HeapAlloc
GetProcessHeap
GetVersionExW
GetLogicalDriveStringsW
FindResourceW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetModuleFileNameW
LoadLibraryA
lstrlenW
lstrcatW
lstrcpyW
lstrcmpiW
CreateMutexW
ReleaseMutex
Sleep
OpenProcess
LocalFree
LockResource
GetSystemInfo
LoadResource
GetCurrentProcessId
LoadLibraryExW
FindFirstFileW
GetLongPathNameW
CreateFileW
GetFileAttributesExW
GetEnvironmentVariableW
FindNextFileW
FindClose
FreeLibrary
WriteFile
SetFilePointer
SetEndOfFile
DeleteFileW
GetFileSizeEx
WaitForMultipleObjects
GetFileSize
QueryDosDeviceW
GetCurrentProcess
FileTimeToSystemTime
GetACP
MultiByteToWideChar
WideCharToMultiByte
SetFileTime
GetFileTime
CreateDirectoryW
GetFullPathNameW
RemoveDirectoryW
GetTempPathW
SetFileAttributesW
GetCurrentDirectoryW
SetEvent
GetTickCount
FormatMessageW
ResumeThread
CreateEventW
ResetEvent
SetLastError
GlobalMemoryStatusEx
DeviceIoControl
RaiseException
DecodePointer
RtlVirtualUnwind
SwitchToThread
WriteConsoleW
FlushFileBuffers
SetFilePointerEx
GetConsoleMode
GetConsoleCP
HeapReAlloc
HeapSize
ReadFile
GetProcAddress
SetStdHandle
WaitForSingleObjectEx
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
IsValidCodePage
RtlCaptureContext
RtlLookupFunctionEntry
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
OutputDebugStringW
RtlUnwindEx
RtlPcToFileHeader
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
CreateThread
ExitThread
FreeLibraryAndExitThread
GetModuleHandleExW
ExitProcess
GetStdHandle
GetStringTypeW
GetFileType
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetTimeZoneInformation
FindFirstFileExW

user32

SetWindowsHookExW
UnhookWindowsHookEx
MessageBoxW
SetDlgItemTextW

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetFolderPathW

ole32

CoTaskMemFree

Sections

.text
Size: 726KB - Virtual size: 726KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 274KB - Virtual size: 273KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 143KB - Virtual size: 143KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HaoZipC.exe
.exe windows:5 windows x64 arch:x64

518b9dcffefcea71a2b5d7cfebe1800b

Code Sign

0d:70:a1:7d:75:6f:ec:88:85:9a:29:46:be:d7:69:44
Certificate

Issuer

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/05/2019, 00:00

Not After

08/05/2020, 12:00

Subject

CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,OU=IT,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,L=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2014, 00:00

Not After

22/10/2024, 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0f:a8:49:06:15:d7:00:a0:be:21:76:fd:c5:ec:6d:bd
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

11/02/2011, 12:00

Not After

10/02/2026, 12:00

Subject

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2021, 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:40:74:8d:43:58:a1:47:81:d6:a9:c3:07:b3:aa:9c
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2019, 00:00

Not After

08/05/2020, 12:00

Subject

CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,OU=IT,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,L=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/10/2019, 00:00

Not After

17/10/2030, 00:00

Subject

CN=TIMESTAMP-SHA256-2019-10-15,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

db:4f:a2:b9:5e:0f:e2:93:7d:84:65:74:ee:cf:36:78:a8:54:2f:06:e6:bf:7b:75:9a:0c:e8:5a:a6:85:39:8d
Signer

Actual PE Digest

db:4f:a2:b9:5e:0f:e2:93:7d:84:65:74:ee:cf:36:78:a8:54:2f:06:e6:bf:7b:75:9a:0c:e8:5a:a6:85:39:8d

Digest Algorithm

sha256

PE Digest Matches

true

02:1f:56:1b:c6:ab:75:c2:6f:36:a4:bf:c4:49:71:2c:29:a8:77:2f
Signer

Actual PE Digest

02:1f:56:1b:c6:ab:75:c2:6f:36:a4:bf:c4:49:71:2c:29:a8:77:2f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\trunk\2345haozip\bin\x64\release\pdb\HaoZipC.pdb

Imports

kernel32

WaitForSingleObject
GetPrivateProfileStringW
GetLastError
CloseHandle
FreeLibrary
HeapFree
HeapAlloc
GetProcessHeap
GetVersionExW
ReadFile
SetFilePointer
MultiByteToWideChar
WideCharToMultiByte
GetModuleFileNameW
LoadLibraryA
GetModuleHandleW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetCurrentThreadId
OpenProcess
LocalFree
FindResourceW
lstrcmpiW
GetCurrentProcessId
FindFirstFileW
CreateFileW
GetFileAttributesExW
GetEnvironmentVariableW
FindClose
GetFileSize
ExpandEnvironmentStringsW
SystemTimeToFileTime
GetSystemTime
WriteFile
SetFileTime
SetEndOfFile
FormatMessageW
SetEvent
ResetEvent
lstrlenW
lstrcatW
lstrcpyW
DeleteFileW
GetFileSizeEx
GetCurrentProcess
CreateDirectoryW
GetFullPathNameW
SetFileAttributesW
MoveFileExW
GetTempFileNameW
MoveFileW
CreateMutexW
ReleaseMutex
GetStdHandle
RtlVirtualUnwind
GetSystemTimeAsFileTime
QueryPerformanceCounter
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlLookupFunctionEntry
RtlCaptureContext
InitializeSListHead
LoadLibraryW
GetFileAttributesW
GetProcAddress

user32

LoadStringW

shell32

SHGetPathFromIDListW
SHGetSpecialFolderLocation

ole32

CoTaskMemFree

msvcp140

?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAXXZ
?ignore@?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV12@_JG@Z
?get@?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAGXZ
?clear@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEAAXH_N@Z
?wcin@std@@3V?$basic_istream@_WU?$char_traits@_W@std@@@1@A
?getline@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEAD_JD@Z
?cin@std@@3V?$basic_istream@DU?$char_traits@D@std@@@1@A
?_Xout_of_range@std@@YAXPEBD@Z
?id@?$ctype@_W@std@@2V0locale@2@A
??Bid@locale@std@@QEAA_KXZ
?widen@?$ctype@_W@std@@QEBA_WD@Z
?_Getcat@?$ctype@_W@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAAG_W@Z
?put@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV12@_W@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@_K@Z
?widen@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEBA_WD@Z
?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEAAXH_N@Z
?getloc@ios_base@std@@QEBA?AVlocale@2@XZ
?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV12@XZ
??1_Lockit@std@@QEAA@XZ
??0_Lockit@std@@QEAA@H@Z
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?uncaught_exception@std@@YA_NXZ
?wcout@std@@3V?$basic_ostream@_WU?$char_traits@_W@std@@@1@A
?_Xlength_error@std@@YAXPEBD@Z
?wcerr@std@@3V?$basic_ostream@_WU?$char_traits@_W@std@@@1@A

vcruntime140

wcschr
wcsstr
memset
_CxxThrowException
__std_terminate
__C_specific_handler
__CxxFrameHandler3
__std_exception_destroy
memmove
memcpy
__std_exception_copy
_purecall

api-ms-win-crt-string-l1-1-0

_wcsicmp
_stricmp
wcslen
towupper
wcsncpy
strlen
towlower

api-ms-win-crt-runtime-l1-1-0

terminate
_invalid_parameter_noinfo_noreturn
_c_exit
__p___wargv
__p___argc
_exit
exit
_register_thread_local_exe_atexit_callback
_initterm_e
_register_onexit_function
_crt_atexit
_cexit
_seh_filter_exe
_set_app_type
_configure_wide_argv
_initialize_onexit_table
_initialize_wide_environment
_get_initial_wide_environment
_initterm

api-ms-win-crt-stdio-l1-1-0

_set_fmode
__stdio_common_vfwprintf
__acrt_iob_func
__p__commode
__stdio_common_vswprintf

api-ms-win-crt-heap-l1-1-0

_set_new_mode
malloc
free
_callnewh

api-ms-win-crt-filesystem-l1-1-0

_splitpath_s

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

Sections

.text
Size: 213KB - Virtual size: 212KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HaoZipCom.dll
.dll windows:5 windows x64 arch:x64

ebaedd08f90f5eb2ca1a9a6388f59cdb

Code Sign

0d:70:a1:7d:75:6f:ec:88:85:9a:29:46:be:d7:69:44
Certificate

Issuer

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/05/2019, 00:00

Not After

08/05/2020, 12:00

Subject

CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,OU=IT,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,L=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2014, 00:00

Not After

22/10/2024, 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0f:a8:49:06:15:d7:00:a0:be:21:76:fd:c5:ec:6d:bd
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

11/02/2011, 12:00

Not After

10/02/2026, 12:00

Subject

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2021, 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:40:74:8d:43:58:a1:47:81:d6:a9:c3:07:b3:aa:9c
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2019, 00:00

Not After

08/05/2020, 12:00

Subject

CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,OU=IT,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,L=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/10/2019, 00:00

Not After

17/10/2030, 00:00

Subject

CN=TIMESTAMP-SHA256-2019-10-15,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

92:d1:83:60:b7:c5:00:f3:f5:0e:37:e2:4a:7e:fb:92:bb:de:3c:3c:99:e1:ea:4b:d9:e9:e3:cf:8c:ac:d3:d4
Signer

Actual PE Digest

92:d1:83:60:b7:c5:00:f3:f5:0e:37:e2:4a:7e:fb:92:bb:de:3c:3c:99:e1:ea:4b:d9:e9:e3:cf:8c:ac:d3:d4

Digest Algorithm

sha256

PE Digest Matches

true

e2:53:5d:0d:07:a0:6d:7c:50:ab:70:7c:34:13:12:f0:d9:3e:89:e8
Signer

Actual PE Digest

e2:53:5d:0d:07:a0:6d:7c:50:ab:70:7c:34:13:12:f0:d9:3e:89:e8

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\trunk\2345haozip\bin\x64\release\pdb\HaoZipCom.pdb

Imports

kernel32

OpenProcess
GetCurrentProcessId
WideCharToMultiByte
WaitForMultipleObjects
WaitForSingleObject
FindFirstFileW
GetLongPathNameW
CreateFileW
GetLastError
OpenFileMappingW
UnmapViewOfFile
CloseHandle
CreateFileMappingW
MapViewOfFile
ReadFile
WriteFile
SetEndOfFile
GetProcAddress
ResumeThread
CreateEventW
SetEvent
ResetEvent
CreateMutexW
ReleaseMutex
TryEnterCriticalSection
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
FindNextFileW
FindClose
RemoveDirectoryW
GetTempPathW
GetFileAttributesW
SetFileAttributesW
DeleteFileW
HeapFree
GetCurrentThreadId
HeapAlloc
GetProcessHeap
LoadLibraryW
FreeLibrary
GetModuleHandleW
GetCurrentProcess
HeapReAlloc
HeapSize
ReadConsoleW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
RtlUnwindEx
RtlPcToFileHeader
RaiseException
InterlockedFlushSList
SetLastError
EncodePointer
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
CreateThread
ExitThread
FreeLibraryAndExitThread
GetModuleHandleExW
ExitProcess
GetModuleFileNameA
MultiByteToWideChar
GetConsoleCP
GetConsoleMode
GetACP
GetStdHandle
GetFileType
CompareStringW
LCMapStringW
GetTimeZoneInformation
GetStringTypeW
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
SetStdHandle
FlushFileBuffers
SetFilePointerEx
WriteConsoleW

user32

wsprintfW
wvsprintfW

shell32

SHFileOperationW

Exports

Exports

GetClientProcessor
GetServerProcessor
TrackLog
WriteLog

Sections

.text
Size: 161KB - Virtual size: 161KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HaoZipEditor.dll
.dll windows:5 windows x64 arch:x64

c5475ed7f90b6678b3fd11fd191f05e6

Code Sign

0d:70:a1:7d:75:6f:ec:88:85:9a:29:46:be:d7:69:44
Certificate

Issuer

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/05/2019, 00:00

Not After

08/05/2020, 12:00

Subject

CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,OU=IT,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,L=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2014, 00:00

Not After

22/10/2024, 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0f:a8:49:06:15:d7:00:a0:be:21:76:fd:c5:ec:6d:bd
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

11/02/2011, 12:00

Not After

10/02/2026, 12:00

Subject

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2021, 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:40:74:8d:43:58:a1:47:81:d6:a9:c3:07:b3:aa:9c
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2019, 00:00

Not After

08/05/2020, 12:00

Subject

CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,OU=IT,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,L=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/10/2019, 00:00

Not After

17/10/2030, 00:00

Subject

CN=TIMESTAMP-SHA256-2019-10-15,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

23:09:bf:13:6b:70:a1:31:04:de:05:ce:99:52:f2:c6:37:01:c0:cd:03:0d:65:b2:a6:62:59:3a:cd:04:51:e1
Signer

Actual PE Digest

23:09:bf:13:6b:70:a1:31:04:de:05:ce:99:52:f2:c6:37:01:c0:cd:03:0d:65:b2:a6:62:59:3a:cd:04:51:e1

Digest Algorithm

sha256

PE Digest Matches

true

73:2a:f3:1b:ec:de:62:68:5e:66:67:74:50:ee:9f:d2:fd:3c:3b:6c
Signer

Actual PE Digest

73:2a:f3:1b:ec:de:62:68:5e:66:67:74:50:ee:9f:d2:fd:3c:3b:6c

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\trunk\2345haozip\bin\x64\release\pdb\HaoZipEditor.pdb

Imports

kernel32

OutputDebugStringW
EncodePointer
HeapAlloc
HeapFree
GetProcessHeap
InitializeSListHead
InterlockedPopEntrySList
InterlockedPushEntrySList
GetCurrentProcess
FlushInstructionCache
GetFileAttributesW
VirtualFree
LoadLibraryExA
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetFilePointer
CreateFileW
FindFirstFileW
LocalFree
FormatMessageW
WideCharToMultiByte
GetACP
LoadLibraryExW
GlobalUnlock
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetTickCount
GetProfileStringW
FreeLibrary
GetModuleHandleW
GetCurrentProcessId
GlobalLock
GetProcAddress
FindResourceW
LoadResource
LoadLibraryW
GlobalFree
GlobalAlloc
LockResource
lstrcatW
WritePrivateProfileStructW
GetPrivateProfileStringW
MultiByteToWideChar
GetLocaleInfoW
GetTempPathW
InitializeCriticalSection
GetModuleFileNameW
GetPrivateProfileIntW
GetLongPathNameW
GetFullPathNameW
WritePrivateProfileStringW
SizeofResource
GetPrivateProfileStructW
lstrcmpiW
GetFileSize
GetCurrentDirectoryW
GetVersionExW
FindClose
lstrcpynW
WriteFile
ReadFile
lstrcmpW
lstrcpyW
lstrlenW
MulDiv
CloseHandle
SetEvent
IsDebuggerPresent
CreateEventW
GetCurrentThreadId
WaitForSingleObject
LeaveCriticalSection
EnterCriticalSection
SetLastError
DeleteCriticalSection
DecodePointer
RaiseException
GetLastError
VirtualAlloc
InitializeCriticalSectionAndSpinCount
GetSystemTimeAsFileTime

user32

GetWindowDC
SetParent
TranslateAcceleratorW
BringWindowToTop
CharNextW
GetMenuStringW
IsRectEmpty
LoadBitmapW
SetMenu
IsWindowEnabled
DrawFocusRect
SetMenuDefaultItem
GetKeyboardLayout
FrameRect
SwitchToThisWindow
wvsprintfW
OffsetRect
LoadStringW
LoadAcceleratorsW
WindowFromPoint
CreatePopupMenu
MessageBeep
EndDialog
ScreenToClient
DeleteMenu
LoadStringA
IsWindowVisible
GetMenu
CheckMenuRadioItem
GetMessagePos
CharLowerW
GetWindowThreadProcessId
DrawFrameControl
SetForegroundWindow
LoadImageW
IsIconic
GetCursorPos
GetMenuItemInfoW
ModifyMenuW
LoadMenuW
MonitorFromPoint
GetFocus
GetCaretPos
MessageBoxW
GetMenuItemCount
SetWindowTextW
GetSubMenu
GetActiveWindow
IsMenu
ClientToScreen
SetMenuItemInfoW
UnhookWindowsHookEx
DestroyMenu
InsertMenuW
SetWindowsHookExW
wsprintfW
AppendMenuW
GetWindowTextW
GetWindowLongW
GetWindowTextLengthW
DeferWindowPos
GetKeyState
PostMessageW
GetWindow
CheckRadioButton
MonitorFromWindow
GetScrollInfo
GetScrollPos
IsWindow
BeginDeferWindowPos
IsDialogMessageW
DestroyIcon
GetScrollRange
GetMonitorInfoW
SetDlgItemTextW
MapWindowPoints
GetDlgItemTextW
IsDlgButtonChecked
LoadIconW
LoadCursorW
EndDeferWindowPos
SetCursor
SetRectEmpty
EnableScrollBar
SetScrollRange
DrawTextW
SetRect
CheckDlgButton
SetScrollPos
RegisterWindowMessageW
UpdateWindow
BeginPaint
EndPaint
EnableWindow
GetMessageW
CreateDialogParamW
DefWindowProcW
GetMessageA
CallWindowProcW
DispatchMessageA
GetWindowRect
DestroyWindow
InflateRect
GetDC
SetWindowPos
SetWindowLongPtrW
FillRect
GetDlgItemInt
SetWindowLongW
GetClassNameW
RemoveMenu
CreateWindowExW
SendMessageW
GetSystemMetrics
GetWindowLongPtrW
RegisterClassExW
ShowWindow
GetCapture
KillTimer
PostQuitMessage
SystemParametersInfoW
EnableMenuItem
SetDlgItemInt
DialogBoxParamW
TrackPopupMenuEx
DispatchMessageW
CopyRect
PeekMessageW
MsgWaitForMultipleObjectsEx
GetSysColor
MoveWindow
SetFocus
TranslateMessage
SetCapture
GetClientRect
GetDlgItem
GetSysColorBrush
DrawEdge
GetClassInfoExW
IsWindowUnicode
GetParent
ReleaseCapture
InvalidateRect
ReleaseDC
UnregisterClassW
PtInRect
CallNextHookEx

gdi32

StartDocW
CombineRgn
CreateBitmap
RestoreDC
GetObjectW
SelectClipRgn
SetViewportOrgEx
Rectangle
OffsetWindowOrgEx
TextOutW
CreatePatternBrush
DeleteEnhMetaFile
EndPage
GetEnhMetaFileHeader
CreateRectRgnIndirect
ResetDCW
PlayEnhMetaFile
EnumFontsW
CloseEnhMetaFile
EndDoc
AbortDoc
PatBlt
CreateDIBSection
StartPage
SaveDC
SetBrushOrgEx
CreateDCW
GetTextMetricsW
FrameRgn
CreatePolygonRgn
GetDeviceCaps
LineTo
SetBkMode
CreatePen
MoveToEx
CreateFontIndirectW
FillRgn
DPtoLP
GetBkColor
BitBlt
CreateCompatibleBitmap
SelectObject
CreateCompatibleDC
GetStockObject
DeleteDC
GetTextExtentPoint32W
SetTextColor
GetTextColor
SetBkColor
DeleteObject
CreateEnhMetaFileW
ExtTextOutW
CreateSolidBrush

winspool.drv

ClosePrinter
OpenPrinterW
GetPrinterW

comdlg32

PageSetupDlgW
GetSaveFileNameW
PrintDlgW
ChooseFontW
ChooseColorW
GetOpenFileNameW

advapi32

RegOpenKeyExW
RegSetValueExW
RegEnumKeyExW
RegCreateKeyExW
RegDeleteKeyW
RegQueryInfoKeyW
RegCloseKey
RegDeleteValueW

shell32

DragAcceptFiles
DragQueryFileW
DragFinish

ole32

CoCreateInstance
CoUninitialize
CoTaskMemFree
CoTaskMemRealloc
CoInitialize
CoTaskMemAlloc

oleaut32

OleTranslateColor
VarUI4FromStr

msvcp140

?_Xlength_error@std@@YAXPEBD@Z
?_Xout_of_range@std@@YAXPEBD@Z

comctl32

InitCommonControlsEx
ImageList_AddMasked
ImageList_Draw
ImageList_GetImageCount
ImageList_Create
CreateStatusWindowW
ImageList_Destroy
ImageList_LoadImageW

vcruntime140

__std_type_info_destroy_list
_CxxThrowException
__std_exception_destroy
__CxxFrameHandler3
memset
__std_terminate
__C_specific_handler
memmove
memcpy
_purecall
wcsstr
__std_exception_copy
memcmp

api-ms-win-crt-heap-l1-1-0

_callnewh
_recalloc
malloc
free

api-ms-win-crt-runtime-l1-1-0

_errno
_invalid_parameter_noinfo_noreturn
_beginthreadex
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_invalid_parameter_noinfo
_cexit
_crt_atexit
_initterm
_initterm_e
_resetstkoflw

api-ms-win-crt-string-l1-1-0

towupper
wcsncpy_s
wcsncpy
wcscpy
wcslen
wcscat_s
wcscpy_s
strncpy_s
wcscmp

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vswprintf_s
__stdio_common_vswprintf

api-ms-win-crt-utility-l1-1-0

labs

Exports

Exports

HaoZip_CloseEditor
HaoZip_GetFormats
HaoZip_GetReadOnly
HaoZip_GetWindowMode
HaoZip_Initialize
HaoZip_SetCodePage
HaoZip_SetConfigDirectory
HaoZip_SetLogoIcon
HaoZip_SetResFileName
HaoZip_ShowEditor
HaoZip_Uninitialize

Sections

.text
Size: 158KB - Virtual size: 157KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 700B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HaoZipFormats.dll
.dll windows:5 windows x64 arch:x64

10fb9bc47212e01289f521b6ad37dbbc

Code Sign

0d:70:a1:7d:75:6f:ec:88:85:9a:29:46:be:d7:69:44
Certificate

Issuer

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/05/2019, 00:00

Not After

08/05/2020, 12:00

Subject

CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,OU=IT,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,L=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2014, 00:00

Not After

22/10/2024, 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0f:a8:49:06:15:d7:00:a0:be:21:76:fd:c5:ec:6d:bd
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

11/02/2011, 12:00

Not After

10/02/2026, 12:00

Subject

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2021, 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:40:74:8d:43:58:a1:47:81:d6:a9:c3:07:b3:aa:9c
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2019, 00:00

Not After

08/05/2020, 12:00

Subject

CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,OU=IT,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,L=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/10/2019, 00:00

Not After

17/10/2030, 00:00

Subject

CN=TIMESTAMP-SHA256-2019-10-15,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

ea:74:bf:81:9a:06:ce:eb:a1:cd:14:4d:18:91:97:20:b3:d0:3e:d0:48:8d:53:86:f9:f5:7c:37:ea:38:09:34
Signer

Actual PE Digest

ea:74:bf:81:9a:06:ce:eb:a1:cd:14:4d:18:91:97:20:b3:d0:3e:d0:48:8d:53:86:f9:f5:7c:37:ea:38:09:34

Digest Algorithm

sha256

PE Digest Matches

true

9d:f4:a3:98:a6:2a:d5:80:e9:9e:d2:a4:95:ee:3a:d3:e1:6c:0e:62
Signer

Actual PE Digest

9d:f4:a3:98:a6:2a:d5:80:e9:9e:d2:a4:95:ee:3a:d3:e1:6c:0e:62

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\trunk\2345haozip\bin\x64\release\pdb\HaoZipFormats.pdb

Imports

kernel32

SetFileTime
SetFilePointer
SetEndOfFile
CloseHandle
GetFileSize
CreateDirectoryW
GetFullPathNameW
lstrlenW
GetTempPathW
GetFileAttributesW
GetSystemDirectoryW
SetFileAttributesW
DeleteFileW
GetCurrentDirectoryW
GetTempFileNameW
MoveFileW
FindNextFileW
FindClose
GetDriveTypeW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
LoadLibraryW
FreeLibrary
GetVersionExW
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
GetTickCount
WaitForMultipleObjects
LocalFileTimeToFileTime
TzSpecificLocalTimeToSystemTime
FileTimeToSystemTime
FileTimeToLocalFileTime
SystemTimeToFileTime
SystemTimeToTzSpecificLocalTime
WriteFile
GetCurrentProcess
SetThreadPriority
CreateEventW
Sleep
SetThreadExecutionState
SetLastError
FormatMessageW
GetStdHandle
SetConsoleMode
GetConsoleMode
ReadConsoleW
WriteConsoleW
GetFileType
FoldStringW
CompareStringW
GetCPInfo
IsDBCSLeadByte
GetDiskFreeSpaceExW
ReleaseSemaphore
GetProcessAffinityMask
WaitForSingleObject
SetEvent
CreateThread
ResetEvent
CreateSemaphoreW
RtlLookupFunctionEntry
ReadFile
WideCharToMultiByte
MultiByteToWideChar
GetACP
GetFileAttributesExW
GetLastError
CreateFileW
GetShortPathNameW
GetLongPathNameW
FindFirstFileW
GetModuleHandleW
GetProcAddress
VirtualAlloc
GetSystemTime
VirtualFree
ResumeThread
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
GetSystemInfo
FileTimeToDosDateTime
DosDateTimeToFileTime
LoadLibraryExW
InitializeSListHead
GetSystemTimeAsFileTime
IsDebuggerPresent
IsProcessorFeaturePresent
RtlCaptureContext

user32

OemToCharA
OemToCharBuffA
CharToOemA
CharLowerW
CharUpperW
MessageBeep

advapi32

IsTextUnicode

msvcp140

?_Xlength_error@std@@YAXPEBD@Z
?_Xout_of_range@std@@YAXPEBD@Z

vcruntime140

_CxxThrowException
__C_specific_handler
wcsrchr
__std_type_info_destroy_list
__CxxFrameHandler3
__std_terminate
wcschr
strchr
_purecall
memmove
memcpy
memcmp
memchr
memset
strrchr
__std_exception_destroy
__std_exception_copy
__RTDynamicCast

api-ms-win-crt-runtime-l1-1-0

exit
_invalid_parameter_noinfo
_errno
_invalid_parameter_noinfo_noreturn
_seh_filter_dll
_beginthreadex
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_atexit
_cexit
_initterm
_initterm_e
terminate
_configure_narrow_argv

api-ms-win-crt-heap-l1-1-0

calloc
realloc
_callnewh
free
malloc

api-ms-win-crt-time-l1-1-0

clock

api-ms-win-crt-string-l1-1-0

strncpy
_strnicmp
strncpy_s
wcspbrk
isdigit
strcmp
wcslen
tolower
towupper
wcsncpy
towlower
isxdigit
strpbrk
strncat
strncmp

api-ms-win-crt-stdio-l1-1-0

putc
_fileno
__stdio_common_vswprintf
__stdio_common_vswprintf_s
fflush
fread
ungetc
__acrt_iob_func
__stdio_common_vsprintf
ftell
fclose
fseek
fwrite

api-ms-win-crt-convert-l1-1-0

atoi

api-ms-win-crt-filesystem-l1-1-0

_fstat64i32

Exports

Exports

CreateArchiveInfoObjects
CreateCodecs
SetCodePage
SetResFileName
SetWorkDirectory

Sections

.text
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 684KB - Virtual size: 684KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 177KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HaoZipLoader.exe
.exe windows:5 windows x64 arch:x64

5555353eeb1cd8cd11609fbf0b6271af

Code Sign

0d:70:a1:7d:75:6f:ec:88:85:9a:29:46:be:d7:69:44
Certificate

Issuer

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/05/2019, 00:00

Not After

08/05/2020, 12:00

Subject

CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,OU=IT,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,L=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2014, 00:00

Not After

22/10/2024, 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0f:a8:49:06:15:d7:00:a0:be:21:76:fd:c5:ec:6d:bd
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

11/02/2011, 12:00

Not After

10/02/2026, 12:00

Subject

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2021, 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:40:74:8d:43:58:a1:47:81:d6:a9:c3:07:b3:aa:9c
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2019, 00:00

Not After

08/05/2020, 12:00

Subject

CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,OU=IT,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,L=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/10/2019, 00:00

Not After

17/10/2030, 00:00

Subject

CN=TIMESTAMP-SHA256-2019-10-15,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

ad:3b:59:de:64:ef:2d:a0:be:ee:1e:03:9b:70:3f:0d:dd:39:72:da:b2:65:c7:8d:a8:f4:fa:51:82:7c:66:73
Signer

Actual PE Digest

ad:3b:59:de:64:ef:2d:a0:be:ee:1e:03:9b:70:3f:0d:dd:39:72:da:b2:65:c7:8d:a8:f4:fa:51:82:7c:66:73

Digest Algorithm

sha256

PE Digest Matches

true

e7:e1:9a:e0:1b:58:ee:11:4b:09:46:5a:78:3a:94:5a:de:db:b5:ad
Signer

Actual PE Digest

e7:e1:9a:e0:1b:58:ee:11:4b:09:46:5a:78:3a:94:5a:de:db:b5:ad

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\trunk\2345haozip\bin\x64\release\pdb\HaoZipLoader.pdb

Imports

kernel32

ExpandEnvironmentStringsW
WaitForSingleObject
GetPrivateProfileStringW
GetLastError
CreateProcessW
GetExitCodeProcess
GetFileAttributesW
HeapFree
HeapAlloc
GetProcessHeap
GetVersionExW
GetModuleHandleW
LoadLibraryExW
FindFirstFileW
GetLongPathNameW
CreateFileW
GetFileAttributesExW
GetCurrentThreadId
OpenProcess
LocalFree
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
lstrcmpiW
GetCurrentProcessId
GetEnvironmentVariableW
LoadLibraryA
FindNextFileW
FindClose
ReadFile
WriteFile
SetFilePointer
LoadLibraryW
GetFileSize
CreateDirectoryW
GetFullPathNameW
lstrlenW
RemoveDirectoryW
GetTempPathW
SetFileAttributesW
DeleteFileW
MoveFileExW
CopyFileW
GetTempFileNameW
MoveFileW
GetCurrentProcess
MultiByteToWideChar
WideCharToMultiByte
lstrcatW
lstrcpyW
GetFileSizeEx
CreateMutexW
ReleaseMutex
FormatMessageW
RtlVirtualUnwind
RtlLookupFunctionEntry
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
CloseHandle
GetSystemDefaultLangID
FreeLibrary
GetProcAddress
SetEndOfFile
GetModuleFileNameW
GetStartupInfoW
RtlCaptureContext

user32

LoadStringW
MessageBoxW

advapi32

GetUserNameW

shell32

SHGetPathFromIDListW
SHGetSpecialFolderLocation

ole32

CoTaskMemFree

msvcp140

?_Xout_of_range@std@@YAXPEBD@Z
?_Xlength_error@std@@YAXPEBD@Z

vcruntime140

memset
__std_exception_copy
__std_exception_destroy
_CxxThrowException
wcschr
_purecall
__C_specific_handler
__CxxFrameHandler3
memmove
memcpy
__std_terminate
wcsstr

api-ms-win-crt-string-l1-1-0

wcsncpy
towlower
_wcsicmp
wcslen
towupper
_stricmp

api-ms-win-crt-runtime-l1-1-0

terminate
_seh_filter_exe
_crt_atexit
_invalid_parameter_noinfo_noreturn
_configure_wide_argv
_initialize_wide_environment
_get_wide_winmain_command_line
_initterm
_initterm_e
exit
_exit
_register_onexit_function
_cexit
_c_exit
_register_thread_local_exe_atexit_callback
_set_app_type
_initialize_onexit_table

api-ms-win-crt-stdio-l1-1-0

_set_fmode
__p__commode
__stdio_common_vswprintf

api-ms-win-crt-heap-l1-1-0

malloc
free
_set_new_mode
_callnewh
calloc

api-ms-win-crt-filesystem-l1-1-0

_splitpath_s

api-ms-win-crt-convert-l1-1-0

_wtoi

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

Sections

.text
Size: 176KB - Virtual size: 175KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 220B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HaoZipMd5.exe
.exe windows:5 windows x64 arch:x64

e47841deaa8aed3b12e3014863aa7010

Code Sign

0d:70:a1:7d:75:6f:ec:88:85:9a:29:46:be:d7:69:44
Certificate

Issuer

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/05/2019, 00:00

Not After

08/05/2020, 12:00

Subject

CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,OU=IT,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,L=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2014, 00:00

Not After

22/10/2024, 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0f:a8:49:06:15:d7:00:a0:be:21:76:fd:c5:ec:6d:bd
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

11/02/2011, 12:00

Not After

10/02/2026, 12:00

Subject

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2021, 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:40:74:8d:43:58:a1:47:81:d6:a9:c3:07:b3:aa:9c
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2019, 00:00

Not After

08/05/2020, 12:00

Subject

CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,OU=IT,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,L=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/10/2019, 00:00

Not After

17/10/2030, 00:00

Subject

CN=TIMESTAMP-SHA256-2019-10-15,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

b1:92:4e:0a:8a:f7:7d:dc:56:db:4e:33:e0:6c:d8:28:bf:c9:18:84:4b:42:3b:8f:a8:fd:31:2a:1f:57:1f:38
Signer

Actual PE Digest

b1:92:4e:0a:8a:f7:7d:dc:56:db:4e:33:e0:6c:d8:28:bf:c9:18:84:4b:42:3b:8f:a8:fd:31:2a:1f:57:1f:38

Digest Algorithm

sha256

PE Digest Matches

true

88:ca:e1:f6:32:fa:f3:bb:10:03:80:2f:a3:d7:23:6d:41:e7:eb:0f
Signer

Actual PE Digest

88:ca:e1:f6:32:fa:f3:bb:10:03:80:2f:a3:d7:23:6d:41:e7:eb:0f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\trunk\2345haozip\bin\x64\release\pdb\HaoZipMd5.pdb

Imports

kernel32

HeapFree
LoadLibraryW
HeapAlloc
GetProcAddress
GetProcessHeap
FreeLibrary
GetFileAttributesW
GetVersionExW
CreateFileW
GetFileAttributesExW
GetCurrentThreadId
OpenProcess
LocalFree
GetModuleHandleW
lstrcmpiW
GetCurrentProcessId
GetModuleFileNameW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetEnvironmentVariableW
LoadLibraryA
ReadFile
WriteFile
SetFilePointer
SetEndOfFile
GetLastError
CreateDirectoryW
GetFullPathNameW
lstrlenW
DeleteFileW
GetCurrentDirectoryW
GetCurrentProcess
lstrcatW
lstrcpyW
GetFileSizeEx
CreateMutexW
ReleaseMutex
FormatMessageW
RtlVirtualUnwind
RtlLookupFunctionEntry
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetPrivateProfileStringW
WaitForSingleObject
CloseHandle
GetFileSize
ExpandEnvironmentStringsW
RtlCaptureContext

user32

GetDesktopWindow
LoadIconW

shell32

SHGetPathFromIDListW
SHGetSpecialFolderLocation

ole32

CoTaskMemFree

msvcp140

?_Xout_of_range@std@@YAXPEBD@Z
?_Xlength_error@std@@YAXPEBD@Z

vcruntime140

__std_exception_copy
__std_exception_destroy
_CxxThrowException
memset
__CxxFrameHandler3
memcpy
__std_terminate
__C_specific_handler
wcschr
wcsstr
_purecall
memmove

api-ms-win-crt-runtime-l1-1-0

_set_app_type
_seh_filter_exe
_configure_wide_argv
_initialize_wide_environment
_get_wide_winmain_command_line
_initterm
exit
_exit
_cexit
_c_exit
_register_thread_local_exe_atexit_callback
terminate
_invalid_parameter_noinfo_noreturn
_crt_atexit
_initterm_e
_initialize_onexit_table
_register_onexit_function

api-ms-win-crt-string-l1-1-0

towupper
towlower
_wcsicmp
_stricmp
wcsncpy

api-ms-win-crt-heap-l1-1-0

free
_set_new_mode
malloc
_callnewh

api-ms-win-crt-filesystem-l1-1-0

_splitpath_s

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vswprintf
__p__commode
_set_fmode

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

Sections

.text
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 208B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HaoZipRename.exe
.exe windows:5 windows x64 arch:x64

e47841deaa8aed3b12e3014863aa7010

Code Sign

0d:70:a1:7d:75:6f:ec:88:85:9a:29:46:be:d7:69:44
Certificate

Issuer

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/05/2019, 00:00

Not After

08/05/2020, 12:00

Subject

CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,OU=IT,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,L=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2014, 00:00

Not After

22/10/2024, 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0f:a8:49:06:15:d7:00:a0:be:21:76:fd:c5:ec:6d:bd
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

11/02/2011, 12:00

Not After

10/02/2026, 12:00

Subject

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2021, 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:40:74:8d:43:58:a1:47:81:d6:a9:c3:07:b3:aa:9c
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2019, 00:00

Not After

08/05/2020, 12:00

Subject

CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,OU=IT,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,L=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/10/2019, 00:00

Not After

17/10/2030, 00:00

Subject

CN=TIMESTAMP-SHA256-2019-10-15,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

8b:65:4b:7c:d1:9c:02:cf:2a:63:41:8a:f2:bf:96:d4:63:16:5f:df:d6:95:a1:71:ea:ec:8f:e6:94:a0:36:38
Signer

Actual PE Digest

8b:65:4b:7c:d1:9c:02:cf:2a:63:41:8a:f2:bf:96:d4:63:16:5f:df:d6:95:a1:71:ea:ec:8f:e6:94:a0:36:38

Digest Algorithm

sha256

PE Digest Matches

true

78:64:be:c7:ca:f7:98:ab:c2:1c:80:f7:0d:7c:d1:40:5d:09:75:28
Signer

Actual PE Digest

78:64:be:c7:ca:f7:98:ab:c2:1c:80:f7:0d:7c:d1:40:5d:09:75:28

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\trunk\2345haozip\bin\x64\release\pdb\HaoZipRename.pdb

Imports

kernel32

HeapFree
LoadLibraryW
HeapAlloc
GetProcAddress
GetProcessHeap
FreeLibrary
GetFileAttributesW
GetVersionExW
CreateFileW
GetFileAttributesExW
GetCurrentThreadId
OpenProcess
LocalFree
GetModuleHandleW
lstrcmpiW
GetCurrentProcessId
GetModuleFileNameW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetEnvironmentVariableW
LoadLibraryA
ReadFile
WriteFile
SetFilePointer
SetEndOfFile
GetLastError
CreateDirectoryW
GetFullPathNameW
lstrlenW
DeleteFileW
GetCurrentDirectoryW
GetCurrentProcess
lstrcatW
lstrcpyW
GetFileSizeEx
CreateMutexW
ReleaseMutex
FormatMessageW
RtlVirtualUnwind
RtlLookupFunctionEntry
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetPrivateProfileStringW
WaitForSingleObject
CloseHandle
GetFileSize
ExpandEnvironmentStringsW
RtlCaptureContext

user32

GetDesktopWindow
LoadIconW

shell32

SHGetPathFromIDListW
SHGetSpecialFolderLocation

ole32

CoTaskMemFree

msvcp140

?_Xout_of_range@std@@YAXPEBD@Z
?_Xlength_error@std@@YAXPEBD@Z

vcruntime140

__std_exception_copy
__std_exception_destroy
_CxxThrowException
memset
__CxxFrameHandler3
memcpy
__std_terminate
__C_specific_handler
wcschr
wcsstr
_purecall
memmove

api-ms-win-crt-runtime-l1-1-0

_set_app_type
_seh_filter_exe
_configure_wide_argv
_initialize_wide_environment
_get_wide_winmain_command_line
_initterm
exit
_exit
_cexit
_c_exit
_register_thread_local_exe_atexit_callback
terminate
_invalid_parameter_noinfo_noreturn
_crt_atexit
_initterm_e
_initialize_onexit_table
_register_onexit_function

api-ms-win-crt-string-l1-1-0

towupper
towlower
_wcsicmp
_stricmp
wcsncpy

api-ms-win-crt-heap-l1-1-0

free
_set_new_mode
malloc
_callnewh

api-ms-win-crt-filesystem-l1-1-0

_splitpath_s

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vswprintf
__p__commode
_set_fmode

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

Sections

.text
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 208B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HaoZipReplace.exe
.exe windows:5 windows x64 arch:x64

e47841deaa8aed3b12e3014863aa7010

Code Sign

0d:70:a1:7d:75:6f:ec:88:85:9a:29:46:be:d7:69:44
Certificate

Issuer

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/05/2019, 00:00

Not After

08/05/2020, 12:00

Subject

CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,OU=IT,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,L=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2014, 00:00

Not After

22/10/2024, 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0f:a8:49:06:15:d7:00:a0:be:21:76:fd:c5:ec:6d:bd
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

11/02/2011, 12:00

Not After

10/02/2026, 12:00

Subject

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2021, 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:40:74:8d:43:58:a1:47:81:d6:a9:c3:07:b3:aa:9c
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2019, 00:00

Not After

08/05/2020, 12:00

Subject

CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,OU=IT,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,L=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/10/2019, 00:00

Not After

17/10/2030, 00:00

Subject

CN=TIMESTAMP-SHA256-2019-10-15,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

73:4d:ad:3e:07:9b:1a:9c:8b:78:f5:ab:ae:57:a9:4d:c9:9b:0d:df:d6:f4:19:f9:97:e2:51:6d:01:6c:fc:9d
Signer

Actual PE Digest

73:4d:ad:3e:07:9b:1a:9c:8b:78:f5:ab:ae:57:a9:4d:c9:9b:0d:df:d6:f4:19:f9:97:e2:51:6d:01:6c:fc:9d

Digest Algorithm

sha256

PE Digest Matches

true

4e:7c:4c:f9:83:3c:74:59:1b:e8:93:f7:35:a2:d9:75:54:92:a3:99
Signer

Actual PE Digest

4e:7c:4c:f9:83:3c:74:59:1b:e8:93:f7:35:a2:d9:75:54:92:a3:99

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\trunk\2345haozip\bin\x64\release\pdb\HaoZipReplace.pdb

Imports

kernel32

HeapFree
LoadLibraryW
HeapAlloc
GetProcAddress
GetProcessHeap
FreeLibrary
GetFileAttributesW
GetVersionExW
CreateFileW
GetFileAttributesExW
GetCurrentThreadId
OpenProcess
LocalFree
GetModuleHandleW
lstrcmpiW
GetCurrentProcessId
GetModuleFileNameW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetEnvironmentVariableW
LoadLibraryA
ReadFile
WriteFile
SetFilePointer
SetEndOfFile
GetLastError
CreateDirectoryW
GetFullPathNameW
lstrlenW
DeleteFileW
GetCurrentDirectoryW
GetCurrentProcess
lstrcatW
lstrcpyW
GetFileSizeEx
CreateMutexW
ReleaseMutex
FormatMessageW
RtlVirtualUnwind
RtlLookupFunctionEntry
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetPrivateProfileStringW
WaitForSingleObject
CloseHandle
GetFileSize
ExpandEnvironmentStringsW
RtlCaptureContext

user32

GetDesktopWindow
LoadIconW

shell32

SHGetPathFromIDListW
SHGetSpecialFolderLocation

ole32

CoTaskMemFree

msvcp140

?_Xout_of_range@std@@YAXPEBD@Z
?_Xlength_error@std@@YAXPEBD@Z

vcruntime140

__std_exception_copy
__std_exception_destroy
_CxxThrowException
memset
__CxxFrameHandler3
memcpy
__std_terminate
__C_specific_handler
wcschr
wcsstr
_purecall
memmove

api-ms-win-crt-runtime-l1-1-0

_set_app_type
_seh_filter_exe
_configure_wide_argv
_initialize_wide_environment
_get_wide_winmain_command_line
_initterm
exit
_exit
_cexit
_c_exit
_register_thread_local_exe_atexit_callback
terminate
_invalid_parameter_noinfo_noreturn
_crt_atexit
_initterm_e
_initialize_onexit_table
_register_onexit_function

api-ms-win-crt-string-l1-1-0

towupper
towlower
_wcsicmp
_stricmp
wcsncpy

api-ms-win-crt-heap-l1-1-0

free
_set_new_mode
malloc
_callnewh

api-ms-win-crt-filesystem-l1-1-0

_splitpath_s

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vswprintf
__p__commode
_set_fmode

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

Sections

.text
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 208B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HaoZipTool.exe
.exe windows:5 windows x86 arch:x86

df931f0c02387d9034e4fc0d4155b463

Code Sign

0d:70:a1:7d:75:6f:ec:88:85:9a:29:46:be:d7:69:44
Certificate

Issuer

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/05/2019, 00:00

Not After

08/05/2020, 12:00

Subject

CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,OU=IT,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,L=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2014, 00:00

Not After

22/10/2024, 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0f:a8:49:06:15:d7:00:a0:be:21:76:fd:c5:ec:6d:bd
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

11/02/2011, 12:00

Not After

10/02/2026, 12:00

Subject

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2021, 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:40:74:8d:43:58:a1:47:81:d6:a9:c3:07:b3:aa:9c
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2019, 00:00

Not After

08/05/2020, 12:00

Subject

CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,OU=IT,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,L=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/10/2019, 00:00

Not After

17/10/2030, 00:00

Subject

CN=TIMESTAMP-SHA256-2019-10-15,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

ea:df:75:d6:c7:2d:37:f3:6d:82:e7:cd:c4:c3:8e:be:bf:dc:4b:18:1b:2d:25:93:f9:23:fb:8e:98:8c:33:75
Signer

Actual PE Digest

ea:df:75:d6:c7:2d:37:f3:6d:82:e7:cd:c4:c3:8e:be:bf:dc:4b:18:1b:2d:25:93:f9:23:fb:8e:98:8c:33:75

Digest Algorithm

sha256

PE Digest Matches

true

3e:41:a5:db:35:70:fc:3d:5f:40:7f:c9:71:d7:d6:a2:b2:6b:65:cc
Signer

Actual PE Digest

3e:41:a5:db:35:70:fc:3d:5f:40:7f:c9:71:d7:d6:a2:b2:6b:65:cc

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\trunk\2345haozip\bin\Win32\release\pdb\HaoZipTool.pdb

Imports

imm32

ImmDisableIME

kernel32

InitializeCriticalSectionAndSpinCount
WaitForSingleObject
GetLastError
CloseHandle
GetFileAttributesW
GetCurrentProcessId
HeapFree
HeapAlloc
GetProcessHeap
GetCurrentProcess
GetVersionExW
GetModuleHandleW
GetTickCount
GetLogicalDriveStringsW
FileTimeToSystemTime
FindResourceW
CreateMutexW
ReleaseMutex
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetACP
MultiByteToWideChar
WideCharToMultiByte
ReadFile
WriteFile
SetFileTime
SetFilePointer
SetEndOfFile
CreateFileW
GetFileSize
GetFileTime
FindFirstFileW
GetLongPathNameW
GetFileAttributesExW
GetCurrentThreadId
OpenProcess
LocalFree
LockResource
GetSystemInfo
LoadResource
lstrcmpiW
GetModuleFileNameW
LoadLibraryExW
GetEnvironmentVariableW
FindNextFileW
FindClose
FreeLibrary
DeleteFileW
CreateDirectoryW
GetFullPathNameW
lstrlenW
GetTempPathW
SetFileAttributesW
GetCurrentDirectoryW
CopyFileW
GetTempFileNameW
QueryDosDeviceW
GetFileSizeEx
InterlockedExchange
SetLastError
InterlockedExchangeAdd
WaitForMultipleObjects
SetEvent
RaiseException
DecodePointer
ResumeThread
CreateEventW
ResetEvent
FormatMessageW
GlobalMemoryStatusEx
DeviceIoControl
WriteConsoleW
SwitchToThread
SetFilePointerEx
GetConsoleMode
GetConsoleCP
FlushFileBuffers
HeapReAlloc
HeapSize
SetStdHandle
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
IsValidCodePage
FindFirstFileExW
GetTimeZoneInformation
GetFileType
GetProcAddress
LoadLibraryW
lstrcpynW
Sleep
ExpandEnvironmentStringsW
GetStringTypeW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
ExitProcess
GetStdHandle
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
OutputDebugStringW
RtlUnwind
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree

user32

GetActiveWindow

advapi32

GetUserNameW

shell32

SHGetSpecialFolderLocation
ShellExecuteExW
SHGetFolderPathW
SHGetPathFromIDListW

ole32

CoTaskMemFree

Sections

.text
Size: 677KB - Virtual size: 677KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 163KB - Virtual size: 162KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HaoZipUpdate.exe
.exe windows:5 windows x64 arch:x64

02b82c87ff6aceb68970eeef53b54f91

Code Sign

0d:70:a1:7d:75:6f:ec:88:85:9a:29:46:be:d7:69:44
Certificate

Issuer

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/05/2019, 00:00

Not After

08/05/2020, 12:00

Subject

CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,OU=IT,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,L=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2014, 00:00

Not After

22/10/2024, 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0f:a8:49:06:15:d7:00:a0:be:21:76:fd:c5:ec:6d:bd
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

11/02/2011, 12:00

Not After

10/02/2026, 12:00

Subject

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2021, 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:40:74:8d:43:58:a1:47:81:d6:a9:c3:07:b3:aa:9c
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2019, 00:00

Not After

08/05/2020, 12:00

Subject

CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,OU=IT,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,L=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/10/2019, 00:00

Not After

17/10/2030, 00:00

Subject

CN=TIMESTAMP-SHA256-2019-10-15,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

4d:2a:05:1f:8a:37:79:03:4a:73:01:d3:12:f5:c2:a3:6a:a5:80:42:00:68:eb:a5:86:fc:a8:4b:27:75:f3:40
Signer

Actual PE Digest

4d:2a:05:1f:8a:37:79:03:4a:73:01:d3:12:f5:c2:a3:6a:a5:80:42:00:68:eb:a5:86:fc:a8:4b:27:75:f3:40

Digest Algorithm

sha256

PE Digest Matches

true

d2:6c:d7:b8:d0:13:21:48:93:d7:f8:d5:31:5b:10:90:e1:ae:cb:b9
Signer

Actual PE Digest

d2:6c:d7:b8:d0:13:21:48:93:d7:f8:d5:31:5b:10:90:e1:ae:cb:b9

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\trunk\2345haozip\bin\x64\release\pdb\HaoZipUpdate.pdb

Imports

kernel32

GetFileAttributesW
LoadLibraryW
ExpandEnvironmentStringsW
InitializeCriticalSectionAndSpinCount
WaitForSingleObject
GetPrivateProfileStringW
GetLastError
CloseHandle
HeapFree
HeapAlloc
GetProcessHeap
GetVersionExW
GetModuleHandleW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetModuleFileNameW
LoadLibraryA
GetCurrentThreadId
OpenProcess
LocalFree
lstrcmpiW
GetCurrentProcessId
LoadLibraryExW
CreateFileW
GetFileAttributesExW
GetEnvironmentVariableW
FindNextFileW
FindClose
FreeLibrary
lstrcatW
lstrcpyW
ReadFile
WriteFile
SetFilePointer
SetEndOfFile
DeleteFileW
GetFileSizeEx
GetCurrentProcess
GetACP
MultiByteToWideChar
WideCharToMultiByte
GetFileSize
CreateDirectoryW
GetFullPathNameW
CreateMutexW
ReleaseMutex
FormatMessageW
RtlVirtualUnwind
WriteConsoleW
FlushFileBuffers
SetFilePointerEx
lstrlenW
GetProcAddress
GetConsoleMode
GetConsoleCP
HeapReAlloc
HeapSize
SetStdHandle
FreeEnvironmentStringsW
RtlCaptureContext
RtlLookupFunctionEntry
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
RtlUnwindEx
RtlPcToFileHeader
RaiseException
SetLastError
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
ExitProcess
GetModuleHandleExW
GetStdHandle
GetStringTypeW
GetFileType
LCMapStringW
FindFirstFileExW
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListW

ole32

CoTaskMemFree

Sections

.text
Size: 160KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Haozip_2345Upgrade.dll
.dll windows:5 windows x86 arch:x86

5044a269077c755861808001dc7ed647

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1b:09:3b:78:60:96:da:37:bb:a4:51:94:46:c8:96:78
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

75:07:30:67:30:94:f3:8c:a9:f0:7e:06:e5:74:fb:df
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

04/07/2017, 00:00

Not After

22/06/2019, 23:59

Subject

CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,OU=IT,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1b:09:3b:78:60:96:da:37:bb:a4:51:94:46:c8:96:78
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

67:1d:31:6b:f6:0f:35:75:5f:07:23:72:de:ef:8f:e5
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

22/06/2017, 00:00

Not After

22/06/2019, 23:59

Subject

CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,OU=IT,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

ed:d0:c2:ce:f5:c9:ff:59:b4:c7:92:e6:e7:aa:46:1b:f8:71:cc:c6:77:b5:9b:9e:c3:25:7c:e0:8c:b5:13:40
Signer

Actual PE Digest

ed:d0:c2:ce:f5:c9:ff:59:b4:c7:92:e6:e7:aa:46:1b:f8:71:cc:c6:77:b5:9b:9e:c3:25:7c:e0:8c:b5:13:40

Digest Algorithm

sha256

PE Digest Matches

true

59:5c:ba:c1:45:b7:f0:36:5a:94:84:0b:bd:29:0c:70:f4:23:0b:94
Signer

Actual PE Digest

59:5c:ba:c1:45:b7:f0:36:5a:94:84:0b:bd:29:0c:70:f4:23:0b:94

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\trunk\CommonPlatform\UpgradeProgram\bin\Win32\Release\pdb\Haozip_2345Upgrade_Dll.pdb

Imports

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

kernel32

InitializeCriticalSectionAndSpinCount
GetModuleFileNameW
RaiseException
GetLastError
DecodePointer
DeleteCriticalSection
EndUpdateResourceW
GetTempPathW
BeginUpdateResourceW
UpdateResourceW
WideCharToMultiByte
GetACP
MultiByteToWideChar
GetModuleHandleW
GetFileAttributesW
ExpandEnvironmentStringsW
FindFirstFileW
GetLongPathNameW
GetFileAttributesExW
GetCurrentProcessId
GetFileSize
SetFilePointer
SetEndOfFile
SetFileTime
WriteFile
ReadFile
GetFileTime
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
CreateProcessW
WaitForSingleObject
WaitForMultipleObjects
LocalFree
ResumeThread
CreateMutexW
ReleaseMutex
GetCurrentProcess
OpenProcess
QueryDosDeviceW
GetVersionExW
lstrlenW
lstrcmpiW
GetFileSizeEx
GetCommandLineW
GetFullPathNameW
GetTempFileNameW
CreateDirectoryW
GetSystemDirectoryW
CopyFileW
GetCurrentDirectoryW
MoveFileW
GetWindowsDirectoryW
SetFileAttributesW
FindClose
FindNextFileW
FileTimeToSystemTime
FindResourceW
LoadResource
LockResource
GetSystemInfo
HeapAlloc
HeapFree
GetProcessHeap
GetCurrentThreadId
SetEvent
ResetEvent
CreateEventW
InterlockedExchangeAdd
GetTickCount
FormatMessageW
InterlockedExchange
SetEnvironmentVariableA
GetLogicalDriveStringsW
DeviceIoControl
GlobalMemoryStatusEx
GetEnvironmentVariableW
LoadLibraryExW
SystemTimeToTzSpecificLocalTime
GetPrivateProfileStringW
LocalAlloc
FlushFileBuffers
OutputDebugStringW
CloseHandle
GetProcAddress
CreateFileW
Sleep
LoadLibraryW
MoveFileExW
FreeLibrary
SetStdHandle
WriteConsoleW
ReadConsoleW
DeleteFileW
SetLastError
SetFilePointerEx
GetConsoleMode
GetConsoleCP
HeapReAlloc
GetTimeZoneInformation
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetModuleFileNameA
GetFileType
GetStdHandle
GetOEMCP
IsValidCodePage
HeapSize
GetModuleHandleExW
ExitProcess
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
EncodePointer
GetStringTypeW
GetSystemTimeAsFileTime
GetCommandLineA
IsDebuggerPresent
IsProcessorFeaturePresent
CreateThread
ExitThread
RtlUnwind
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW

advapi32

QueryServiceConfigW
OpenServiceW
OpenSCManagerW
CloseServiceHandle
GetUserNameW
SystemFunction036

shell32

SHGetSpecialFolderPathW
ord680

imagehlp

ImageEnumerateCertificates
ImageRemoveCertificate

netapi32

NetLocalGroupGetMembers

Exports

Exports

StartUpgrade

Sections

.text
Size: 832KB - Virtual size: 832KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 155KB - Virtual size: 155KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Haozip_2345Upgrade.exe
.exe windows:5 windows x86 arch:x86

5b32795396d07af5723cd50317670808

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1b:09:3b:78:60:96:da:37:bb:a4:51:94:46:c8:96:78
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

75:07:30:67:30:94:f3:8c:a9:f0:7e:06:e5:74:fb:df
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

04/07/2017, 00:00

Not After

22/06/2019, 23:59

Subject

CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,OU=IT,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1b:09:3b:78:60:96:da:37:bb:a4:51:94:46:c8:96:78
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

67:1d:31:6b:f6:0f:35:75:5f:07:23:72:de:ef:8f:e5
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

22/06/2017, 00:00

Not After

22/06/2019, 23:59

Subject

CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,OU=IT,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

d3:1f:5e:35:c3:46:b4:db:c6:7c:ee:c3:7f:39:1f:a4:d1:fe:bc:82:6f:79:2a:2c:68:99:2f:e2:bc:18:e8:1f
Signer

Actual PE Digest

d3:1f:5e:35:c3:46:b4:db:c6:7c:ee:c3:7f:39:1f:a4:d1:fe:bc:82:6f:79:2a:2c:68:99:2f:e2:bc:18:e8:1f

Digest Algorithm

sha256

PE Digest Matches

true

4c:00:ea:d5:a6:8a:51:b0:41:f6:12:9f:b3:56:c3:cc:45:f8:2c:a1
Signer

Actual PE Digest

4c:00:ea:d5:a6:8a:51:b0:41:f6:12:9f:b3:56:c3:cc:45:f8:2c:a1

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\trunk\CommonPlatform\UpgradeProgram\bin\Win32\Release\pdb\Haozip_2345Upgrade_Exe.pdb

Imports

kernel32

FreeLibrary
LoadLibraryW
GetModuleFileNameW
GetProcAddress
GetModuleHandleW
GetFileAttributesW
CreateMutexW
WaitForSingleObject
Sleep
GetLastError
ReleaseMutex
CloseHandle
CreateFileW
GetFileAttributesExW
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
GetVersionExW
lstrlenW
GetFileSizeEx
SetFilePointer
SetEndOfFile
WriteFile
ReadFile
DeleteFileW
HeapAlloc
HeapFree
GetProcessHeap
GetCurrentThreadId
LocalFree
GetFullPathNameW
CreateDirectoryW
GetFileSize
FormatMessageW
EncodePointer
DecodePointer
GetCommandLineW
IsDebuggerPresent
IsProcessorFeaturePresent
GetSystemTimeAsFileTime
RaiseException
RtlUnwind
ExitProcess
GetModuleHandleExW
MultiByteToWideChar
WideCharToMultiByte
HeapSize
SetLastError
GetStdHandle
GetFileType
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetStringTypeW
LoadLibraryExW
HeapReAlloc
LCMapStringW
OutputDebugStringW
GetConsoleCP
GetConsoleMode
SetFilePointerEx
SetStdHandle
WriteConsoleW
FlushFileBuffers

Sections

.text
Size: 119KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Protect/HaozipMiniPage.exe
.exe windows:5 windows x86 arch:x86

bc962d253bdd8cd0033547ae9e6cbe87

Code Sign

0d:70:a1:7d:75:6f:ec:88:85:9a:29:46:be:d7:69:44
Certificate

Issuer

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/05/2019, 00:00

Not After

08/05/2020, 12:00

Subject

CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,OU=IT,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,L=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2014, 00:00

Not After

22/10/2024, 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0f:a8:49:06:15:d7:00:a0:be:21:76:fd:c5:ec:6d:bd
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

11/02/2011, 12:00

Not After

10/02/2026, 12:00

Subject

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2021, 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:40:74:8d:43:58:a1:47:81:d6:a9:c3:07:b3:aa:9c
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2019, 00:00

Not After

08/05/2020, 12:00

Subject

CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,OU=IT,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,L=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/10/2019, 00:00

Not After

17/10/2030, 00:00

Subject

CN=TIMESTAMP-SHA256-2019-10-15,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

d1:3e:3a:b1:c0:64:b6:5e:f4:09:58:7b:29:7d:f0:80:77:d8:73:61:f4:43:a9:9f:c5:1a:b1:07:87:06:62:fa
Signer

Actual PE Digest

d1:3e:3a:b1:c0:64:b6:5e:f4:09:58:7b:29:7d:f0:80:77:d8:73:61:f4:43:a9:9f:c5:1a:b1:07:87:06:62:fa

Digest Algorithm

sha256

PE Digest Matches

true

3e:55:33:16:56:c8:91:5a:86:64:19:d2:9a:9a:1b:e4:99:ff:94:f6
Signer

Actual PE Digest

3e:55:33:16:56:c8:91:5a:86:64:19:d2:9a:9a:1b:e4:99:ff:94:f6

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

F:\Codes\CommonPlatform\RCMiniPage\bin\Win32\Release\pdb\2345MiniPage.pdb

Imports

kernel32

LoadLibraryW
GetModuleFileNameW
CreateFileW
GetTempPathW
GetProcAddress
GetLocalTime
GetCurrentThreadId
CloseHandle
GetCurrentProcessId
LoadLibraryExW
GetModuleHandleW
GetFileAttributesW
GetCommandLineW
FreeLibrary
SetUnhandledExceptionFilter
MoveFileExW
InitializeCriticalSectionAndSpinCount
RaiseException
GetLastError
MoveFileW
DecodePointer
lstrcatW
DeleteCriticalSection
DeleteFileW
LocalFree
CreateProcessW
lstrcmpiW
FindFirstFileW
FileTimeToSystemTime
FindClose
CreateMutexW
WaitForSingleObject
Sleep
ReleaseMutex
MapViewOfFile
UnmapViewOfFile
CreateFileMappingW
OpenFileMappingW
GetEnvironmentVariableW
ExpandEnvironmentStringsW
GetLongPathNameW
GetFileAttributesExW
GetExitCodeProcess
WaitForMultipleObjects
HeapAlloc
HeapFree
GetProcessHeap
OpenProcess
GetVersionExW
QueryDosDeviceW
GetFileSize
SetFilePointer
SetEndOfFile
GetCurrentProcess
WriteFile
ReadFile
GetFileTime
FindResourceW
LoadResource
LockResource
GetSystemInfo
GetFullPathNameW
GetTempFileNameW
CreateDirectoryW
lstrlenW
GetCurrentDirectoryW
GetWindowsDirectoryW
SetFileAttributesW
FindNextFileW
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetFileSizeEx
WideCharToMultiByte
GetACP
MultiByteToWideChar
SetEnvironmentVariableA
GetLogicalDriveStringsW
SetEvent
FormatMessageW
GlobalMemoryStatusEx
ResumeThread
ResetEvent
CreateEventW
InterlockedExchangeAdd
InterlockedExchange
SetLastError
DeviceIoControl
FlushFileBuffers
SetFilePointerEx
GetConsoleMode
GetConsoleCP
OutputDebugStringW
HeapReAlloc
GetTimeZoneInformation
GetOEMCP
IsValidCodePage
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetTickCount
SetStdHandle
WriteConsoleW
ReadConsoleW
SetFileTime
QueryPerformanceCounter
GetFileType
GetStdHandle
HeapSize
GetModuleHandleExW
ExitProcess
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
EncodePointer
GetStringTypeW
GetSystemTimeAsFileTime
IsDebuggerPresent
IsProcessorFeaturePresent
CreateThread
ExitThread
RtlUnwind
GetCPInfo
UnhandledExceptionFilter
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW

user32

PostMessageW
IsWindow
MessageBoxW
wsprintfW
SendMessageTimeoutW

shell32

CommandLineToArgvW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetFolderPathW

ole32

CoTaskMemFree

shlwapi

PathRemoveFileSpecW

Sections

.text
Size: 896KB - Virtual size: 895KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 161KB - Virtual size: 161KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Protect/HaozipSvc.dll
.dll windows:5 windows x86 arch:x86

8478654478093ae6d1ba93886e476d58

Code Sign

42:1a:f2:94:09:84:19:1f:52:0a:4b:c6:24:26:a7:4b
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

07/06/2005, 08:09

Not After

30/05/2020, 10:48

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

62:5c:4d:90:8c:d5:42:fb:ab:2e:a5:73:3f:f1:54:19
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

27/04/2011, 00:00

Not After

30/05/2020, 10:48

Subject

CN=COMODO Time Stamping CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

2b:73:db:74:63:11:4c:5a:5b:32:4a:f2:30:57:72:49
Certificate

Issuer

CN=COMODO Time Stamping CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

02/05/2019, 00:00

Not After

30/05/2020, 10:48

Subject

CN=Sectigo SHA-1 Time Stamping Signer,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

0d:70:a1:7d:75:6f:ec:88:85:9a:29:46:be:d7:69:44
Certificate

Issuer

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/05/2019, 00:00

Not After

08/05/2020, 12:00

Subject

CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,OU=IT,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,L=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0f:a8:49:06:15:d7:00:a0:be:21:76:fd:c5:ec:6d:bd
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

11/02/2011, 12:00

Not After

10/02/2026, 12:00

Subject

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:40:74:8d:43:58:a1:47:81:d6:a9:c3:07:b3:aa:9c
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2019, 00:00

Not After

08/05/2020, 12:00

Subject

CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,OU=IT,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,L=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:1a:35:72:30:15:82:63:30:d0:13:71:7e:82:41:08
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

02/05/2019, 00:00

Not After

01/08/2030, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #1,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

bb:36:e8:e2:b7:bb:c0:3a:df:4b:0b:14:bf:4c:a8:92:33:6c:b4:7d:c0:8c:1d:50:d7:d7:a6:dd:b7:fc:39:1e
Signer

Actual PE Digest

bb:36:e8:e2:b7:bb:c0:3a:df:4b:0b:14:bf:4c:a8:92:33:6c:b4:7d:c0:8c:1d:50:d7:d7:a6:dd:b7:fc:39:1e

Digest Algorithm

sha256

PE Digest Matches

true

3c:5e:7c:96:22:86:73:13:24:7b:1d:b3:38:83:68:ad:9a:e1:16:b3
Signer

Actual PE Digest

3c:5e:7c:96:22:86:73:13:24:7b:1d:b3:38:83:68:ad:9a:e1:16:b3

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

F:\Codes\CommonPlatform\ServiceProgram\Release\HaozipSvc_dll.pdb

Imports

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

kernel32

GlobalMemoryStatusEx
WTSGetActiveConsoleSessionId
FileTimeToLocalFileTime
LocalFree
GetSystemInfo
FreeLibrary
GetModuleHandleW
LoadLibraryW
GetProcAddress
EndUpdateResourceW
CreateFileW
BeginUpdateResourceW
UpdateResourceW
CreateTimerQueue
DeleteTimerQueueEx
SetEvent
CreateEventW
GetLogicalDriveStringsW
lstrlenW
QueryDosDeviceW
lstrcmpiW
lstrcatW
WaitForSingleObject
ResetEvent
SetFileAttributesW
MoveFileW
GetVersionExW
GetModuleHandleA
GetEnvironmentVariableW
ExpandEnvironmentStringsW
GetExitCodeProcess
WaitForMultipleObjects
GetCurrentProcessId
HeapAlloc
HeapFree
GetProcessHeap
GetCurrentThreadId
OpenEventW
GetACP
CreateMutexW
OpenMutexW
ReleaseMutex
GetLongPathNameW
GetFileAttributesExW
GetCurrentProcess
ResumeThread
LocalAlloc
OpenThread
GetExitCodeThread
SuspendThread
SwitchToThread
FindResourceW
LoadResource
LockResource
GetFileSize
SetFilePointer
SetEndOfFile
SetFileTime
WriteFile
ReadFile
GetFileTime
FindNextFileW
LoadLibraryExW
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
GetFullPathNameW
GetTempFileNameW
CreateDirectoryW
CopyFileW
GetFileAttributesW
GetTempPathW
GetCurrentDirectoryW
RemoveDirectoryW
GetWindowsDirectoryW
DeleteFileW
InterlockedExchangeAdd
InitializeCriticalSectionAndSpinCount
DeviceIoControl
RaiseException
DecodePointer
InterlockedExchange
FormatMessageW
SetLastError
GetFileSizeEx
OutputDebugStringW
SetEnvironmentVariableA
ReadConsoleW
GetLocalTime
FindClose
GetComputerNameExW
GetLastError
WritePrivateProfileStringW
MultiByteToWideChar
GetModuleFileNameW
FileTimeToSystemTime
WideCharToMultiByte
GetProcessTimes
GetPrivateProfileStringW
GetTickCount
SystemTimeToTzSpecificLocalTime
FindFirstFileW
DeleteTimerQueueTimer
CloseHandle
CreateTimerQueueTimer
Sleep
OpenProcess
MoveFileExW
MapViewOfFile
UnmapViewOfFile
CreateFileMappingW
TerminateThread
FlushFileBuffers
WriteConsoleW
SetStdHandle
SetFilePointerEx
UnregisterWaitEx
QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
ReleaseSemaphore
VirtualProtect
VirtualFree
VirtualAlloc
FreeLibraryAndExitThread
GetThreadTimes
HeapReAlloc
GetTimeZoneInformation
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetModuleFileNameA
GetFileType
GetConsoleMode
GetConsoleCP
GetStdHandle
GetOEMCP
IsValidCodePage
HeapSize
GetModuleHandleExW
ExitProcess
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
ChangeTimerQueueTimer
GetLogicalProcessorInformation
GetThreadPriority
SetThreadPriority
SignalObjectAndWait
WaitForSingleObjectEx
CreateSemaphoreW
GetStartupInfoW
TlsFree
DuplicateHandle
GetCurrentThread
EncodePointer
GetSystemTimeAsFileTime
GetStringTypeW
IsDebuggerPresent
IsProcessorFeaturePresent
GetCommandLineA
CreateThread
ExitThread
RtlUnwind
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue

advapi32

InitializeSecurityDescriptor
OpenProcessToken
SetServiceStatus
RegisterServiceCtrlHandlerExW
StartServiceCtrlDispatcherW
SetSecurityDescriptorDacl
SystemFunction036
RegCloseKey
QueryServiceConfigW
ConvertSidToStringSidW
RegOpenKeyExW
RevertToSelf
ImpersonateLoggedOnUser
LookupAccountNameW
RegQueryValueExW
OpenServiceW
GetUserNameW
OpenSCManagerW
CloseServiceHandle

shell32

SHGetFolderPathW
SHGetSpecialFolderPathW

ole32

CoInitializeEx
CoInitializeSecurity

sensapi

IsNetworkAlive

netapi32

NetLocalGroupGetMembers

wininet

HttpSendRequestA
HttpAddRequestHeadersA
InternetOpenA
HttpOpenRequestA
InternetReadFile
InternetCrackUrlA
InternetConnectA
HttpQueryInfoA
InternetCloseHandle
InternetGetConnectedState

wtsapi32

WTSQueryUserToken

imagehlp

ImageEnumerateCertificates
ImageRemoveCertificate

shlwapi

PathRemoveFileSpecW

rpcrt4

RpcServerListen
RpcServerRegisterIfEx
RpcServerUseProtseqEpW
NdrAsyncServerCall
NdrServerCall2

ws2_32

connect
WSAStartup
inet_addr
WSAGetLastError
htons
shutdown
recv
closesocket
socket
send

Exports

Exports

UpdateMain

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 208KB - Virtual size: 208KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Protect/HaozipSvc.exe
.exe windows:5 windows x86 arch:x86

52da86a3fc191a012b3e8d728d678f5e

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1b:09:3b:78:60:96:da:37:bb:a4:51:94:46:c8:96:78
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

75:07:30:67:30:94:f3:8c:a9:f0:7e:06:e5:74:fb:df
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

04/07/2017, 00:00

Not After

22/06/2019, 23:59

Subject

CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,OU=IT,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1b:09:3b:78:60:96:da:37:bb:a4:51:94:46:c8:96:78
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

67:1d:31:6b:f6:0f:35:75:5f:07:23:72:de:ef:8f:e5
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

22/06/2017, 00:00

Not After

22/06/2019, 23:59

Subject

CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,OU=IT,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

d4:cd:1e:6a:70:a9:26:5b:a5:4d:73:26:f3:69:45:f6:12:f7:79:c2:cd:f4:73:3d:e6:ac:f7:eb:f0:58:3b:05
Signer

Actual PE Digest

d4:cd:1e:6a:70:a9:26:5b:a5:4d:73:26:f3:69:45:f6:12:f7:79:c2:cd:f4:73:3d:e6:ac:f7:eb:f0:58:3b:05

Digest Algorithm

sha256

PE Digest Matches

true

bf:67:58:32:b3:9f:cd:4a:ea:38:1a:29:cd:22:95:e4:3a:8f:bd:74
Signer

Actual PE Digest

bf:67:58:32:b3:9f:cd:4a:ea:38:1a:29:cd:22:95:e4:3a:8f:bd:74

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeLibrary
GetPrivateProfileStringW
LoadLibraryW
GetModuleFileNameW
GetLastError
GetProcAddress
GetModuleHandleW
GetFileAttributesW
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
GetVersionExW
GetFileSizeEx
CloseHandle
SetFilePointer
SetEndOfFile
WriteFile
ReadFile
DeleteFileW
CreateFileW
GetFileAttributesExW
CreateMutexW
WaitForSingleObject
Sleep
ReleaseMutex
CreateDirectoryW
GetFileSize
FormatMessageW
LocalFree
HeapAlloc
HeapFree
GetProcessHeap
GetCurrentThreadId
WriteConsoleW
SetStdHandle
EncodePointer
DecodePointer
GetCommandLineW
IsDebuggerPresent
IsProcessorFeaturePresent
GetSystemTimeAsFileTime
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
SetLastError
MultiByteToWideChar
ExitProcess
GetModuleHandleExW
WideCharToMultiByte
HeapSize
RaiseException
GetStdHandle
GetFileType
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStringTypeW
LCMapStringW
RtlUnwind
LoadLibraryExW
HeapReAlloc
GetConsoleCP
GetConsoleMode
SetFilePointerEx
OutputDebugStringW
FlushFileBuffers

Exports

Exports

CheckFile

Sections

.text
Size: 128KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Protect/Helper_Haozip.exe
.exe windows:5 windows x86 arch:x86

301a19d9517f0e5686fd6e8990c23296

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0d:70:a1:7d:75:6f:ec:88:85:9a:29:46:be:d7:69:44
Certificate

Issuer

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/05/2019, 00:00

Not After

08/05/2020, 12:00

Subject

CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,OU=IT,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,L=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0f:a8:49:06:15:d7:00:a0:be:21:76:fd:c5:ec:6d:bd
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

11/02/2011, 12:00

Not After

10/02/2026, 12:00

Subject

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:40:74:8d:43:58:a1:47:81:d6:a9:c3:07:b3:aa:9c
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2019, 00:00

Not After

08/05/2020, 12:00

Subject

CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,OU=IT,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,L=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

83:72:e8:78:6d:c1:f5:99:b8:b6:48:d8:e4:22:03:8e:4f:72:0b:64:28:9e:0e:ad:93:12:2e:cb:15:5d:c6:0a
Signer

Actual PE Digest

83:72:e8:78:6d:c1:f5:99:b8:b6:48:d8:e4:22:03:8e:4f:72:0b:64:28:9e:0e:ad:93:12:2e:cb:15:5d:c6:0a

Digest Algorithm

sha256

PE Digest Matches

true

ba:b7:05:63:e2:36:4d:9b:1b:96:78:d1:ef:2a:a2:1c:27:0b:bd:f1
Signer

Actual PE Digest

ba:b7:05:63:e2:36:4d:9b:1b:96:78:d1:ef:2a:a2:1c:27:0b:bd:f1

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

F:\Codes\CommonPlatform\Helper2345\bin\Win32\Release\pdb\Helper_2345.pdb

Imports

kernel32

LoadLibraryW
GetModuleFileNameW
GetProcAddress
LocalFree
CreateProcessW
lstrcmpiW
CloseHandle
GetCurrentProcessId
FindFirstFileW
FileTimeToSystemTime
FindClose
GetModuleHandleW
GetFileAttributesW
ExpandEnvironmentStringsW
CreateMutexW
WaitForSingleObject
Sleep
GetLastError
ReleaseMutex
CreateFileW
GetLongPathNameW
GetFileAttributesExW
HeapAlloc
HeapFree
GetProcessHeap
OpenProcess
GetVersionExW
GetCurrentThreadId
GetCurrentProcess
QueryDosDeviceW
GetFileSize
SetFilePointer
SetEndOfFile
SetFileTime
WriteFile
ReadFile
GetFileTime
WideCharToMultiByte
GetACP
MultiByteToWideChar
FindNextFileW
FreeLibrary
FindResourceW
LoadResource
LockResource
GetSystemInfo
DeleteFileW
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
lstrlenW
GetFileSizeEx
GetFullPathNameW
GetTempFileNameW
MoveFileExW
CreateDirectoryW
GetTempPathW
GetCurrentDirectoryW
MoveFileW
RemoveDirectoryW
GetWindowsDirectoryW
SetFileAttributesW
GetLogicalDriveStringsW
SetEnvironmentVariableA
GetEnvironmentVariableW
SetEvent
GetTickCount
WaitForMultipleObjects
GetExitCodeProcess
FormatMessageW
GlobalMemoryStatusEx
LoadLibraryExW
InitializeCriticalSectionAndSpinCount
ResumeThread
ResetEvent
CreateEventW
RaiseException
DecodePointer
InterlockedExchangeAdd
InterlockedExchange
SetLastError
DeviceIoControl
FlushFileBuffers
OutputDebugStringW
GetCommandLineW
SetStdHandle
WriteConsoleW
ReadConsoleW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
HeapReAlloc
GetTimeZoneInformation
GetOEMCP
IsValidCodePage
FreeEnvironmentStringsW
EncodePointer
GetStringTypeW
IsDebuggerPresent
IsProcessorFeaturePresent
GetSystemTimeAsFileTime
CreateThread
ExitThread
RtlUnwind
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
ExitProcess
GetModuleHandleExW
HeapSize
GetStdHandle
GetFileType
QueryPerformanceCounter
GetEnvironmentStringsW

shell32

SHGetSpecialFolderPathW
SHGetFolderPathW
CommandLineToArgvW

Sections

.text
Size: 896KB - Virtual size: 896KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 160KB - Virtual size: 159KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Protect/ServiceManager.exe
.exe windows:5 windows x86 arch:x86

f90594adaaf63b4c071ea8caf1b8882a

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1b:09:3b:78:60:96:da:37:bb:a4:51:94:46:c8:96:78
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

75:07:30:67:30:94:f3:8c:a9:f0:7e:06:e5:74:fb:df
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

04/07/2017, 00:00

Not After

22/06/2019, 23:59

Subject

CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,OU=IT,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1b:09:3b:78:60:96:da:37:bb:a4:51:94:46:c8:96:78
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

67:1d:31:6b:f6:0f:35:75:5f:07:23:72:de:ef:8f:e5
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

22/06/2017, 00:00

Not After

22/06/2019, 23:59

Subject

CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,OU=IT,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

54:58:f2:aa:d7:41:d6:44:bc:84:a9:7b:a0:96:52:e6
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

02/01/2017, 00:00

Not After

01/04/2028, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

06:b2:8b:e9:84:ac:39:fe:44:b3:0d:3d:2e:79:07:06:d6:d9:cb:bc:9e:18:24:9d:58:e0:a0:ad:24:09:e9:94
Signer

Actual PE Digest

06:b2:8b:e9:84:ac:39:fe:44:b3:0d:3d:2e:79:07:06:d6:d9:cb:bc:9e:18:24:9d:58:e0:a0:ad:24:09:e9:94

Digest Algorithm

sha256

PE Digest Matches

true

a9:88:0d:34:bd:42:9d:2e:40:16:0e:8a:2b:9d:6d:95:25:b2:a0:f4
Signer

Actual PE Digest

a9:88:0d:34:bd:42:9d:2e:40:16:0e:8a:2b:9d:6d:95:25:b2:a0:f4

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesW
GetProcAddress
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
GetVersionExW
GetFileSizeEx
SetFilePointer
SetEndOfFile
WriteFile
ReadFile
DeleteFileW
CreateFileW
GetFileAttributesExW
LoadLibraryW
GetModuleHandleW
WaitForSingleObject
ReleaseMutex
CreateDirectoryW
GetFileSize
FormatMessageW
LocalFree
HeapAlloc
HeapFree
GetProcessHeap
GetCurrentThreadId
GetModuleFileNameW
GetCurrentProcessId
CloseHandle
CreateToolhelp32Snapshot
Process32NextW
Process32FirstW
GetLastError
TerminateProcess
OpenProcess
GetCurrentProcess
Sleep
CreateMutexW
GetTickCount
SetStdHandle
FlushFileBuffers
EncodePointer
DecodePointer
ExitProcess
GetModuleHandleExW
MultiByteToWideChar
WideCharToMultiByte
GetCommandLineW
IsDebuggerPresent
IsProcessorFeaturePresent
GetSystemTimeAsFileTime
RaiseException
RtlUnwind
HeapSize
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
SetLastError
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetStdHandle
LoadLibraryExW
GetFileType
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStringTypeW
HeapReAlloc
LCMapStringW
OutputDebugStringW
GetConsoleCP
GetConsoleMode
SetFilePointerEx
WriteConsoleW

advapi32

LookupPrivilegeValueW
OpenProcessToken
ControlService
QueryServiceStatusEx
StartServiceW
ChangeServiceConfig2W
OpenServiceW
OpenSCManagerW
DeleteService
CloseServiceHandle
CreateServiceW
AdjustTokenPrivileges

Sections

.text
Size: 119KB - Virtual size: 119KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Protect/Tool_Uninstall.exe
.exe windows:5 windows x86 arch:x86

e05a72d416d18dddb745b70f2a38d123

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1b:09:3b:78:60:96:da:37:bb:a4:51:94:46:c8:96:78
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

75:07:30:67:30:94:f3:8c:a9:f0:7e:06:e5:74:fb:df
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

04/07/2017, 00:00

Not After

22/06/2019, 23:59

Subject

CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,OU=IT,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1b:09:3b:78:60:96:da:37:bb:a4:51:94:46:c8:96:78
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

67:1d:31:6b:f6:0f:35:75:5f:07:23:72:de:ef:8f:e5
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

22/06/2017, 00:00

Not After

22/06/2019, 23:59

Subject

CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,OU=IT,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

54:58:f2:aa:d7:41:d6:44:bc:84:a9:7b:a0:96:52:e6
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

02/01/2017, 00:00

Not After

01/04/2028, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

99:01:d5:ce:0a:7a:9a:89:41:ae:2d:f8:62:b2:a4:b5:56:c1:de:11:dd:84:1b:ac:3b:97:c4:ad:d1:c4:60:27
Signer

Actual PE Digest

99:01:d5:ce:0a:7a:9a:89:41:ae:2d:f8:62:b2:a4:b5:56:c1:de:11:dd:84:1b:ac:3b:97:c4:ad:d1:c4:60:27

Digest Algorithm

sha256

PE Digest Matches

true

4d:cd:36:26:c6:c3:ec:46:d8:2e:a4:ab:6e:ba:6f:98:06:e3:49:25
Signer

Actual PE Digest

4d:cd:36:26:c6:c3:ec:46:d8:2e:a4:ab:6e:ba:6f:98:06:e3:49:25

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\trunk\CommonPlatform\UninstallTool\bin\Win32\Release\Tool_Uninstall.pdb

Imports

kernel32

GetCommandLineW
LocalFree
CreateMutexW
WaitForSingleObject
Sleep
GetLastError
CloseHandle
GetProcAddress
GetCurrentProcessId
FindResourceW
LoadResource
GetModuleHandleW
GetVersionExW
LockResource
lstrcmpiW
GetCurrentProcess
OpenProcess
GetModuleFileNameW
QueryDosDeviceW
TerminateProcess
GetEnvironmentVariableW
FindFirstFileW
CreateFileW
GetLongPathNameW
HeapAlloc
HeapFree
GetProcessHeap
GetCurrentThreadId
LoadLibraryW
WideCharToMultiByte
GetACP
MultiByteToWideChar
FindClose
FindNextFileW
GetLogicalDriveStringsW
LoadLibraryExW
GetFullPathNameW
GetFileAttributesW
lstrlenW
RemoveDirectoryW
DeleteFileW
SetFileAttributesW
WriteFile
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
FlushFileBuffers
EncodePointer
DecodePointer
IsDebuggerPresent
IsProcessorFeaturePresent
GetSystemTimeAsFileTime
RaiseException
RtlUnwind
ExitProcess
GetModuleHandleExW
HeapSize
SetLastError
GetStdHandle
GetFileType
GetStartupInfoW
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
IsValidCodePage
GetOEMCP
GetCPInfo
GetStringTypeW
HeapReAlloc
LCMapStringW
OutputDebugStringW
GetConsoleCP
GetConsoleMode
SetFilePointerEx
SetStdHandle
WriteConsoleW

shell32

CommandLineToArgvW

Sections

.text
Size: 111KB - Virtual size: 110KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Protect/coral_extract.dll
.dll windows:4 windows x86 arch:x86

27078d36f37371b0a00fb89ab0cc3581

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1b:09:3b:78:60:96:da:37:bb:a4:51:94:46:c8:96:78
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

48:4a:9b:11:5b:01:09:69:1e:2d:e4:1e:77:a4:4f:84
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

04/07/2017, 00:00

Not After

22/06/2019, 23:59

Subject

CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,OU=IT,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1b:09:3b:78:60:96:da:37:bb:a4:51:94:46:c8:96:78
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1b:a6:23:e4:b0:f0:92:9b:62:02:10:e4:50:e4:0a:1e
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

22/06/2017, 00:00

Not After

22/06/2019, 23:59

Subject

CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,OU=IT,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

54:58:f2:aa:d7:41:d6:44:bc:84:a9:7b:a0:96:52:e6
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

02/01/2017, 00:00

Not After

01/04/2028, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

10:59:b3:25:b1:49:34:f1:9c:33:83:5f:44:1c:b2:23:c2:a4:e3:d0:aa:16:d1:d9:19:ec:06:f7:9d:5f:5b:be
Signer

Actual PE Digest

10:59:b3:25:b1:49:34:f1:9c:33:83:5f:44:1c:b2:23:c2:a4:e3:d0:aa:16:d1:d9:19:ec:06:f7:9d:5f:5b:be

Digest Algorithm

sha256

PE Digest Matches

true

ff:2d:ce:b1:52:96:51:96:4b:0a:18:78:fc:25:27:3e:35:07:fd:1b
Signer

Actual PE Digest

ff:2d:ce:b1:52:96:51:96:4b:0a:18:78:fc:25:27:3e:35:07:fd:1b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\rczip.dev\trunk\bin\Win32\release\pdb\Extract7z.pdb

Imports

kernel32

GetProcAddress
VirtualAlloc
GetModuleHandleW
VirtualFree
InterlockedExchangeAdd
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
GetVersionExW
GetLastError
ReadFile
CreateFileW
SetFilePointer
CloseHandle
LoadLibraryW
FreeLibrary
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
RaiseException
RtlUnwind
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
Sleep
HeapSize
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapDestroy
HeapCreate
GetSystemTimeAsFileTime
HeapReAlloc
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetConsoleCP
GetConsoleMode
FlushFileBuffers
LoadLibraryA
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
CreateFileA
GetFileAttributesW
FormatMessageW
LocalFree
FindFirstFileW
FindClose
FindNextFileW
DeleteFileW
CreateDirectoryW
GetFileSize
GetFullPathNameW
SetFileTime
GetTempFileNameW
SetFileAttributesW
MoveFileW
lstrlenW
SetEndOfFile
FindResourceW
WaitForMultipleObjects
CreateEventW
ResetEvent
WaitForSingleObject
SetEvent
CreateThread
ExitThread
ResumeThread

user32

LoadStringW

Exports

Exports

ExtractArchive

Sections

.text
Size: 261KB - Virtual size: 261KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Protect/courgette.dll
.dll windows:5 windows x64 arch:x64

475e75829327708ff456f606de0f7baf

Code Sign

0d:70:a1:7d:75:6f:ec:88:85:9a:29:46:be:d7:69:44
Certificate

Issuer

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/05/2019, 00:00

Not After

08/05/2020, 12:00

Subject

CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,OU=IT,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,L=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2014, 00:00

Not After

22/10/2024, 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0f:a8:49:06:15:d7:00:a0:be:21:76:fd:c5:ec:6d:bd
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

11/02/2011, 12:00

Not After

10/02/2026, 12:00

Subject

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2021, 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:40:74:8d:43:58:a1:47:81:d6:a9:c3:07:b3:aa:9c
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2019, 00:00

Not After

08/05/2020, 12:00

Subject

CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,OU=IT,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,L=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/10/2019, 00:00

Not After

17/10/2030, 00:00

Subject

CN=TIMESTAMP-SHA256-2019-10-15,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

16:a9:2a:ea:5c:01:16:66:ba:20:dc:c9:bc:03:22:e0:dc:fd:1f:c6:22:ff:02:45:8b:cf:e5:57:fa:c9:8d:fd
Signer

Actual PE Digest

16:a9:2a:ea:5c:01:16:66:ba:20:dc:c9:bc:03:22:e0:dc:fd:1f:c6:22:ff:02:45:8b:cf:e5:57:fa:c9:8d:fd

Digest Algorithm

sha256

PE Digest Matches

true

da:d1:06:ff:c5:bf:a9:a4:4a:d0:69:8b:f2:10:92:2d:60:60:8b:bc
Signer

Actual PE Digest

da:d1:06:ff:c5:bf:a9:a4:4a:d0:69:8b:f2:10:92:2d:60:60:8b:bc

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\workspace\V68_45\src\out\official_release\./courgette_dll.dll.pdb

Imports

kernel32

CloseHandle
CreateFileMappingW
CreateFileW
DecodePointer
DeleteCriticalSection
DeleteFileW
EncodePointer
EnterCriticalSection
EnumSystemLocalesW
ExitProcess
FindClose
FindFirstFileExW
FindFirstFileW
FindNextFileW
FlushFileBuffers
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetConsoleCP
GetConsoleMode
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetEnvironmentStringsW
GetEnvironmentVariableW
GetFileAttributesExW
GetFileAttributesW
GetFileSizeEx
GetFileType
GetLastError
GetLocalTime
GetLocaleInfoW
GetLongPathNameW
GetModuleFileNameW
GetModuleHandleExW
GetModuleHandleW
GetNativeSystemInfo
GetOEMCP
GetProcAddress
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemInfo
GetSystemTimeAsFileTime
GetTempPathW
GetTickCount
GetUserDefaultLCID
GetVersionExW
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HeapSetInformation
HeapSize
InitializeCriticalSectionAndSpinCount
InitializeSListHead
InterlockedFlushSList
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
IsValidLocale
LCMapStringW
LeaveCriticalSection
LoadLibraryExA
LoadLibraryExW
MapViewOfFile
MultiByteToWideChar
OutputDebugStringA
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReadConsoleW
ReadFile
RemoveDirectoryW
RtlCaptureContext
RtlCaptureStackBackTrace
RtlLookupFunctionEntry
RtlPcToFileHeader
RtlUnwind
RtlUnwindEx
RtlVirtualUnwind
SetEndOfFile
SetEnvironmentVariableW
SetFileAttributesW
SetFilePointerEx
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
Sleep
SwitchToThread
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
TryEnterCriticalSection
UnhandledExceptionFilter
UnmapViewOfFile
VirtualProtect
VirtualQuery
WideCharToMultiByte
WriteConsoleW
WriteFile

shlwapi

PathMatchSpecW

winmm

timeGetTime

advapi32

RegCloseKey
RegOpenKeyExW
RegQueryValueExW
SystemFunction036

Exports

Exports

FileApplyPatch
FolderApplyPatch
GetHandleVerifier

Sections

.text
Size: 393KB - Virtual size: 393KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 97KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.00cfg
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 512B - Virtual size: 384B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
RarNew.data
.rar
TarNew.data
ZipNew.data
msvcp120.dll
.dll windows:6 windows x64 arch:x64

d0a59246eab41d54812cd63c2326e1f1

Code Sign

33:00:00:00:2b:39:32:48:c1:b2:c9:48:f3:00:00:00:00:00:2b
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/09/2012, 21:12

Not After

04/12/2013, 21:12

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:C0F4-3086-DEF8,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:00:b0:11:af:0a:8b:d0:3b:9f:dd:00:01:00:00:00:b0
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

24/01/2013, 22:33

Not After

24/04/2014, 22:33

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31/08/2010, 22:19

Not After

31/08/2020, 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:1a:77:bb:74:b3:07:d1:16:b8:00:00:00:00:00:1a
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

24/09/2013, 17:41

Not After

24/12/2014, 17:41

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

2c:d2:5e:13:d8:f6:da:52:bc:55:c5:11:d6:b5:3f:74:3a:98:10:43:b0:e8:b1:47:01:ff:4f:db:e9:8a:61:9b
Signer

Actual PE Digest

2c:d2:5e:13:d8:f6:da:52:bc:55:c5:11:d6:b5:3f:74:3a:98:10:43:b0:e8:b1:47:01:ff:4f:db:e9:8a:61:9b

Digest Algorithm

sha256

PE Digest Matches

true

7d:d0:9c:b4:f1:4b:8e:60:64:b3:b2:c8:cb:56:08:06:80:d6:f4:83
Signer

Actual PE Digest

7d:d0:9c:b4:f1:4b:8e:60:64:b3:b2:c8:cb:56:08:06:80:d6:f4:83

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

msvcp120.amd64.pdb

Imports

msvcr120

??0bad_cast@std@@QEAA@AEBV01@@Z
??1bad_cast@std@@UEAA@XZ
?what@exception@std@@UEBAPEBDXZ
_CxxThrowException
__CxxFrameHandler3
fclose
fflush
fgetc
fgetpos
fsetpos
_fseeki64
fwrite
setvbuf
ungetc
_lock_file
_unlock_file
memcpy_s
_fsopen
fseek
_wfsopen
?__ExceptionPtrDestroy@@YAXPEAX@Z
?__ExceptionPtrCopy@@YAXPEAXPEBX@Z
?__ExceptionPtrRethrow@@YAXPEBX@Z
?Alloc@Concurrency@@YAPEAX_K@Z
?Free@Concurrency@@YAXPEAX@Z
?_ScheduleTask@_CurrentScheduler@details@Concurrency@@SAXP6AXPEAX@Z0@Z
??0invalid_operation@Concurrency@@QEAA@PEBD@Z
??0critical_section@Concurrency@@QEAA@XZ
??1critical_section@Concurrency@@QEAA@XZ
??0event@Concurrency@@QEAA@XZ
??1event@Concurrency@@QEAA@XZ
?wait@event@Concurrency@@QEAA_KI@Z
?set@event@Concurrency@@QEAAXXZ
ldexp
sprintf_s
strcspn
wcslen
_Strftime
_Wcsftime
strcmp
setlocale
_malloc_crt
_realloc_crt
?_set_new_handler@@YAP6AH_K@ZP6AH0@Z@Z
fgetwc
fputwc
ungetwc
__uncaught_exception
_errno
memcmp
_wcsdup
___lc_locale_name_func
___lc_collate_cp_func
__crtCompareStringA
__crtLCMapStringA
___lc_codepage_func
_ismbblead
remove
rename
_wremove
strcpy_s
wcscpy_s
_wgetcwd
_wchdir
_wmkdir
_wrmdir
_W_Gettnames
_getcwd
_chdir
_mkdir
_rmdir
__crtIsPackagedApp
__crtCreateSymbolicLinkW
__crtGetFileInformationByHandleEx
__crtSetFileInformationByHandle
_calloc_crt
??0_Condition_variable@details@Concurrency@@QEAA@XZ
??1_Condition_variable@details@Concurrency@@QEAA@XZ
?wait@_Condition_variable@details@Concurrency@@QEAAXAEAVcritical_section@3@@Z
?wait_for@_Condition_variable@details@Concurrency@@QEAA_NAEAVcritical_section@3@I@Z
?notify_one@_Condition_variable@details@Concurrency@@QEAAXXZ
?notify_all@_Condition_variable@details@Concurrency@@QEAAXXZ
__crtSleep
_beginthreadex
_endthreadex
?lock@critical_section@Concurrency@@QEAAXXZ
?try_lock@critical_section@Concurrency@@QEAA_NXZ
?try_lock_for@critical_section@Concurrency@@QEAA_NI@Z
?unlock@critical_section@Concurrency@@QEAAXXZ
?terminate@@YAXXZ
__crtFlsAlloc
__crtFlsFree
__crtFlsGetValue
__crtFlsSetValue
calloc
??0operation_timed_out@Concurrency@@QEAA@XZ
?ScheduleTask@CurrentScheduler@Concurrency@@SAXP6AXPEAX@Z0@Z
??0invalid_link_target@Concurrency@@QEAA@PEBD@Z
??0message_not_found@Concurrency@@QEAA@XZ
?_Trace_agents@Concurrency@@YAXW4Agents_EventType@1@_JZZ
??0bad_target@Concurrency@@QEAA@XZ
??1_Scoped_lock@_ReentrantPPLLock@details@Concurrency@@QEAA@XZ
??0_Scoped_lock@_ReentrantPPLLock@details@Concurrency@@QEAA@AEAV123@@Z
??0_ReentrantPPLLock@details@Concurrency@@QEAA@XZ
??1_Scoped_lock@_NonReentrantPPLLock@details@Concurrency@@QEAA@XZ
??0_Scoped_lock@_NonReentrantPPLLock@details@Concurrency@@QEAA@AEAV123@@Z
??0_NonReentrantPPLLock@details@Concurrency@@QEAA@XZ
?_Yield@_Context@details@Concurrency@@SAXXZ
?_UnderlyingYield@details@Concurrency@@YAXXZ
?_SpinOnce@?$_SpinWait@$00@details@Concurrency@@QEAA_NXZ
?GetNumberOfVirtualProcessors@CurrentScheduler@Concurrency@@SAIXZ
?IsCurrentTaskCollectionCanceling@Context@Concurrency@@SA_NXZ
??1_SpinLock@details@Concurrency@@QEAA@XZ
??0_SpinLock@details@Concurrency@@QEAA@AECJ@Z
?Log2@details@Concurrency@@YAK_K@Z
_lock
_unlock
__pctype_func
isupper
__crtGetLocaleInfoEx
islower
__crtLCMapStringW
isspace
tolower
memchr
sqrt
isdigit
isxdigit
isalnum
__crtCompareStringW
__C_specific_handler
__dllonexit
_onexit
__CppXcptFilter
_amsg_exit
_initterm
_initterm_e
__crt_debugger_hook
__crtUnhandledException
__crtTerminateProcess
__crtCapturePreviousContext
?_type_info_dtor_internal_method@type_info@@QEAAXXZ
__clean_type_info_names_internal
_W_Getmonths
_W_Getdays
_Gettnames
_Getmonths
_Getdays
localeconv
??0bad_cast@std@@QEAA@PEBD@Z
??_V@YAXPEAX@Z
??1exception@std@@UEAA@XZ
??0exception@std@@QEAA@AEBV01@@Z
??0exception@std@@QEAA@AEBQEBDH@Z
??0exception@std@@QEAA@AEBQEBD@Z
??0exception@std@@QEAA@XZ
memmove
strlen
memcpy
malloc
free
___mb_cur_max_func
_purecall
rand_s
fputs
fputc
__iob_func
abort
logf
log
__crtInitializeCriticalSectionEx
??3@YAXPEAX@Z
??2@YAPEAX_K@Z
memset
_wrename

kernel32

GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
IsDebuggerPresent
GetStringTypeW
GetSystemTimeAsFileTime
GetExitCodeThread
GetCurrentThreadId
GetCurrentThread
GetCurrentProcess
WaitForSingleObject
DuplicateHandle
AreFileApisANSI
CreateHardLinkW
CopyFileW
GetLastError
CloseHandle
GetFileInformationByHandle
GetFileAttributesExW
GetDiskFreeSpaceExW
FindNextFileW
FindFirstFileExW
FindClose
CreateFileW
WideCharToMultiByte
MultiByteToWideChar
DecodePointer
EncodePointer
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
DisableThreadLibraryCalls

Exports

Exports

??$_Getvals@_W@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IEAAX_WAEBV_Locinfo@1@@Z
??$_Getvals@_W@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IEAAX_WAEBV_Locinfo@1@@Z
??$_Getvals@_W@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IEAAX_WAEBV_Locinfo@1@@Z
??0?$_Yarn@D@std@@QEAA@AEBV01@@Z
??0?$_Yarn@D@std@@QEAA@PEBD@Z
??0?$_Yarn@D@std@@QEAA@XZ
??0?$_Yarn@_W@std@@QEAA@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??0?$basic_ios@GU?$char_traits@G@std@@@std@@IEAA@XZ
??0?$basic_ios@GU?$char_traits@G@std@@@std@@QEAA@PEAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IEAA@XZ
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@IEAA@$$QEAV01@@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??0?$basic_iostream@GU?$char_traits@G@std@@@std@@IEAA@$$QEAV01@@Z
??0?$basic_iostream@GU?$char_traits@G@std@@@std@@QEAA@PEAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@IEAA@$$QEAV01@@Z
??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@IEAA@$$QEAV01@@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N1@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@W4_Uninitialized@1@@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@IEAA@$$QEAV01@@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@QEAA@PEAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N1@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@QEAA@PEAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@QEAA@W4_Uninitialized@1@@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@IEAA@$$QEAV01@@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N1@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAA@W4_Uninitialized@1@@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@IEAA@$$QEAV01@@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@W4_Uninitialized@1@_N@Z
??0?$basic_ostream@GU?$char_traits@G@std@@@std@@IEAA@$$QEAV01@@Z
??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAA@PEAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N@Z
??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAA@W4_Uninitialized@1@_N@Z
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@IEAA@$$QEAV01@@Z
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAA@W4_Uninitialized@1@_N@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@AEBV01@@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@W4_Uninitialized@1@@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAA@AEBV01@@Z
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAA@W4_Uninitialized@1@@Z
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAA@XZ
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAA@AEBV01@@Z
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAA@W4_Uninitialized@1@@Z
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAA@XZ
??0?$codecvt@DDH@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$codecvt@DDH@std@@QEAA@_K@Z
??0?$codecvt@GDH@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$codecvt@GDH@std@@QEAA@_K@Z
??0?$codecvt@_WDH@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$codecvt@_WDH@std@@QEAA@_K@Z
??0?$ctype@D@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$ctype@D@std@@QEAA@PEBF_N_K@Z
??0?$ctype@G@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$ctype@G@std@@QEAA@_K@Z
??0?$ctype@_W@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$ctype@_W@std@@QEAA@_K@Z
??0?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAA@_K@Z
??0?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAA@_K@Z
??0?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAA@_K@Z
??0?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAA@_K@Z
??0?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAA@_K@Z
??0?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAA@_K@Z
??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IEAA@PEBD_K@Z
??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAA@_K@Z
??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IEAA@PEBD_K@Z
??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAA@_K@Z
??0?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IEAA@PEBD_K@Z
??0?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAA@_K@Z
??0?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAA@_K@Z
??0?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IEAA@PEBD_K@Z
??0?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAA@_K@Z
??0?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IEAA@PEBD_K@Z
??0?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAA@_K@Z
??0Init@ios_base@std@@QEAA@XZ
??0_Concurrent_queue_base_v4@details@Concurrency@@IEAA@_K@Z
??0_Concurrent_queue_iterator_base_v4@details@Concurrency@@IEAA@AEBV_Concurrent_queue_base_v4@12@@Z
??0_Container_base12@std@@QEAA@AEBU01@@Z
??0_Container_base12@std@@QEAA@XZ
??0_Facet_base@std@@QEAA@AEBV01@@Z
??0_Facet_base@std@@QEAA@XZ
??0_Init_locks@std@@QEAA@XZ
??0_Locimp@locale@std@@AEAA@AEBV012@@Z
??0_Locimp@locale@std@@AEAA@_N@Z
??0_Locinfo@std@@QEAA@HPEBD@Z
??0_Locinfo@std@@QEAA@PEBD@Z
??0_Lockit@std@@QEAA@H@Z
??0_Lockit@std@@QEAA@XZ
??0_Pad@std@@QEAA@AEBV01@@Z
??0_Pad@std@@QEAA@XZ
??0_Runtime_object@details@Concurrency@@QEAA@H@Z
??0_Runtime_object@details@Concurrency@@QEAA@XZ
??0_Timevec@std@@QEAA@AEBV01@@Z
??0_Timevec@std@@QEAA@PEAX@Z
??0_UShinit@std@@QEAA@XZ
??0_Winit@std@@QEAA@XZ
??0agent@Concurrency@@QEAA@AEAVScheduleGroup@1@@Z
??0agent@Concurrency@@QEAA@AEAVScheduler@1@@Z
??0agent@Concurrency@@QEAA@XZ
??0codecvt_base@std@@QEAA@_K@Z
??0ctype_base@std@@QEAA@_K@Z
??0facet@locale@std@@IEAA@_K@Z
??0id@locale@std@@QEAA@_K@Z
??0ios_base@std@@IEAA@XZ
??0time_base@std@@QEAA@_K@Z
??1?$_Yarn@D@std@@QEAA@XZ
??1?$_Yarn@_W@std@@QEAA@XZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_ios@GU?$char_traits@G@std@@@std@@UEAA@XZ
??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_iostream@GU?$char_traits@G@std@@@std@@UEAA@XZ
??1?$basic_iostream@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_istream@GU?$char_traits@G@std@@@std@@UEAA@XZ
??1?$basic_istream@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_ostream@GU?$char_traits@G@std@@@std@@UEAA@XZ
??1?$basic_ostream@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_streambuf@GU?$char_traits@G@std@@@std@@UEAA@XZ
??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
??1?$codecvt@DDH@std@@MEAA@XZ
??1?$codecvt@GDH@std@@MEAA@XZ
??1?$codecvt@_WDH@std@@MEAA@XZ
??1?$ctype@D@std@@MEAA@XZ
??1?$ctype@G@std@@MEAA@XZ
??1?$ctype@_W@std@@MEAA@XZ
??1?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MEAA@XZ
??1?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MEAA@XZ
??1?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MEAA@XZ
??1?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MEAA@XZ
??1?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MEAA@XZ
??1?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MEAA@XZ
??1?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MEAA@XZ
??1?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MEAA@XZ
??1?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MEAA@XZ
??1?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MEAA@XZ
??1?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MEAA@XZ
??1?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MEAA@XZ
??1Init@ios_base@std@@QEAA@XZ
??1_Concurrent_queue_base_v4@details@Concurrency@@MEAA@XZ
??1_Concurrent_queue_iterator_base_v4@details@Concurrency@@IEAA@XZ
??1_Concurrent_vector_base_v4@details@Concurrency@@IEAA@XZ
??1_Container_base12@std@@QEAA@XZ
??1_Facet_base@std@@UEAA@XZ
??1_Init_locks@std@@QEAA@XZ
??1_Locimp@locale@std@@MEAA@XZ
??1_Locinfo@std@@QEAA@XZ
??1_Lockit@std@@QEAA@XZ
??1_Pad@std@@QEAA@XZ
??1_Timevec@std@@QEAA@XZ
??1_UShinit@std@@QEAA@XZ
??1_Winit@std@@QEAA@XZ
??1agent@Concurrency@@UEAA@XZ
??1codecvt_base@std@@UEAA@XZ
??1ctype_base@std@@UEAA@XZ
??1facet@locale@std@@MEAA@XZ
??1ios_base@std@@UEAA@XZ
??1time_base@std@@UEAA@XZ
??4?$_Iosb@H@std@@QEAAAEAV01@AEBV01@@Z
??4?$_Yarn@D@std@@QEAAAEAV01@AEBV01@@Z
??4?$_Yarn@D@std@@QEAAAEAV01@PEBD@Z
??4?$_Yarn@_W@std@@QEAAAEAV01@PEB_W@Z
??4?$basic_iostream@DU?$char_traits@D@std@@@std@@IEAAAEAV01@$$QEAV01@@Z
??4?$basic_iostream@GU?$char_traits@G@std@@@std@@IEAAAEAV01@$$QEAV01@@Z
??4?$basic_iostream@_WU?$char_traits@_W@std@@@std@@IEAAAEAV01@$$QEAV01@@Z
??4?$basic_istream@DU?$char_traits@D@std@@@std@@IEAAAEAV01@$$QEAV01@@Z
??4?$basic_istream@GU?$char_traits@G@std@@@std@@IEAAAEAV01@$$QEAV01@@Z
??4?$basic_istream@_WU?$char_traits@_W@std@@@std@@IEAAAEAV01@$$QEAV01@@Z
??4?$basic_ostream@DU?$char_traits@D@std@@@std@@IEAAAEAV01@$$QEAV01@@Z
??4?$basic_ostream@GU?$char_traits@G@std@@@std@@IEAAAEAV01@$$QEAV01@@Z
??4?$basic_ostream@_WU?$char_traits@_W@std@@@std@@IEAAAEAV01@$$QEAV01@@Z
??4?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAAEAV01@AEBV01@@Z
??4?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAAAEAV01@AEBV01@@Z
??4?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAAEAV01@AEBV01@@Z
??4Init@ios_base@std@@QEAAAEAV012@AEBV012@@Z
??4_Container_base0@std@@QEAAAEAU01@AEBU01@@Z
??4_Container_base12@std@@QEAAAEAU01@AEBU01@@Z
??4_Facet_base@std@@QEAAAEAV01@AEBV01@@Z
??4_Init_locks@std@@QEAAAEAV01@AEBV01@@Z
??4_Pad@std@@QEAAAEAV01@AEBV01@@Z
??4_Timevec@std@@QEAAAEAV01@AEBV01@@Z
??4_UShinit@std@@QEAAAEAV01@AEBV01@@Z
??4_Winit@std@@QEAAAEAV01@AEBV01@@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAF@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAG@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAH@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAI@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAJ@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAK@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAM@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAN@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAO@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAPEAX@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEA_J@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEA_K@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEA_N@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV?$basic_ios@DU?$char_traits@D@std@@@1@AEAV21@@Z@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEAF@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEAG@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEAH@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEAI@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEAJ@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEAK@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEAM@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEAN@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEAO@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEAPEAX@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEA_J@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEA_K@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEA_N@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@P6AAEAV?$basic_ios@GU?$char_traits@G@std@@@1@AEAV21@@Z@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@PEAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAF@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAG@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAH@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAI@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAJ@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAK@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAM@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAN@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAO@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAPEAX@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEA_J@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEA_K@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEA_N@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAV?$basic_ios@_WU?$char_traits@_W@std@@@1@AEAV21@@Z@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@F@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@G@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@I@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@M@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@O@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV?$basic_ios@DU?$char_traits@D@std@@@1@AEAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@PEBX@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_N@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@F@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@G@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@H@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@I@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@J@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@K@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@M@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@N@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@O@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@P6AAEAV?$basic_ios@GU?$char_traits@G@std@@@1@AEAV21@@Z@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@PEAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@PEBX@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@_J@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@_K@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@_N@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@F@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@G@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@H@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@I@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@J@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@K@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@M@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@N@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@O@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAV?$basic_ios@_WU?$char_traits@_W@std@@@1@AEAV21@@Z@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@PEBX@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@_J@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@_K@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@_N@Z
??7ios_base@std@@QEBA_NXZ
??Bid@locale@std@@QEAA_KXZ
??Bios_base@std@@QEBA_NXZ
??_7?$basic_ios@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_ios@GU?$char_traits@G@std@@@std@@6B@
??_7?$basic_ios@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$basic_iostream@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_iostream@GU?$char_traits@G@std@@@std@@6B@
??_7?$basic_iostream@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$basic_istream@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_istream@GU?$char_traits@G@std@@@std@@6B@
??_7?$basic_istream@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$basic_ostream@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_ostream@GU?$char_traits@G@std@@@std@@6B@
??_7?$basic_ostream@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$basic_streambuf@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_streambuf@GU?$char_traits@G@std@@@std@@6B@
??_7?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$codecvt@DDH@std@@6B@
??_7?$codecvt@GDH@std@@6B@
??_7?$codecvt@_WDH@std@@6B@
??_7?$ctype@D@std@@6B@
??_7?$ctype@G@std@@6B@
??_7?$ctype@_W@std@@6B@
??_7?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@
??_7?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@
??_7?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@
??_7?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@
??_7?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@
??_7?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@
??_7?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@
??_7?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@
??_7?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@
??_7?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@
??_7?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@
??_7?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@
??_7_Facet_base@std@@6B@
??_7_Locimp@locale@std@@6B@
??_7_Pad@std@@6B@
??_7codecvt_base@std@@6B@
??_7ctype_base@std@@6B@
??_7facet@locale@std@@6B@
??_7ios_base@std@@6B@
??_7time_base@std@@6B@
??_8?$basic_iostream@DU?$char_traits@D@std@@@std@@7B?$basic_istream@DU?$char_traits@D@std@@@1@@
??_8?$basic_iostream@DU?$char_traits@D@std@@@std@@7B?$basic_ostream@DU?$char_traits@D@std@@@1@@
??_8?$basic_iostream@GU?$char_traits@G@std@@@std@@7B?$basic_istream@GU?$char_traits@G@std@@@1@@
??_8?$basic_iostream@GU?$char_traits@G@std@@@std@@7B?$basic_ostream@GU?$char_traits@G@std@@@1@@
??_8?$basic_iostream@_WU?$char_traits@_W@std@@@std@@7B?$basic_istream@_WU?$char_traits@_W@std@@@1@@
??_8?$basic_iostream@_WU?$char_traits@_W@std@@@std@@7B?$basic_ostream@_WU?$char_traits@_W@std@@@1@@
??_8?$basic_istream@DU?$char_traits@D@std@@@std@@7B@
??_8?$basic_istream@GU?$char_traits@G@std@@@std@@7B@
??_8?$basic_istream@_WU?$char_traits@_W@std@@@std@@7B@
??_8?$basic_ostream@DU?$char_traits@D@std@@@std@@7B@
??_8?$basic_ostream@GU?$char_traits@G@std@@@std@@7B@
??_8?$basic_ostream@_WU?$char_traits@_W@std@@@std@@7B@
??_D?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
??_D?$basic_iostream@GU?$char_traits@G@std@@@std@@QEAAXXZ
??_D?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QEAAXXZ
??_D?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAXXZ
??_D?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAXXZ
??_D?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAXXZ
??_D?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
??_D?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAXXZ
??_D?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAXXZ
??_F?$codecvt@DDH@std@@QEAAXXZ
??_F?$codecvt@GDH@std@@QEAAXXZ
??_F?$codecvt@_WDH@std@@QEAAXXZ
??_F?$ctype@D@std@@QEAAXXZ
??_F?$ctype@G@std@@QEAAXXZ
??_F?$ctype@_W@std@@QEAAXXZ
??_F?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAAXXZ
??_F?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAAXXZ
??_F?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAAXXZ
??_F?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAAXXZ
??_F?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAAXXZ
??_F?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAAXXZ
??_F?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAAXXZ
??_F?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAAXXZ
??_F?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAAXXZ
??_F?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAAXXZ
??_F?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAAXXZ
??_F?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAAXXZ
??_F_Locinfo@std@@QEAAXXZ
??_F_Timevec@std@@QEAAXXZ
??_Fcodecvt_base@std@@QEAAXXZ
??_Fctype_base@std@@QEAAXXZ
??_Ffacet@locale@std@@QEAAXXZ
??_Fid@locale@std@@QEAAXXZ
??_Ftime_base@std@@QEAAXXZ
?GetNextAsyncId@platform@details@Concurrency@@YAIXZ
?NFS_Allocate@details@Concurrency@@YAPEAX_K0PEAX@Z
?NFS_Free@details@Concurrency@@YAXPEAX@Z
?NFS_GetLineSize@details@Concurrency@@YA_KXZ
?_10@placeholders@std@@3V?$_Ph@$09@2@A
?_11@placeholders@std@@3V?$_Ph@$0L@@2@A
?_12@placeholders@std@@3V?$_Ph@$0M@@2@A
?_13@placeholders@std@@3V?$_Ph@$0N@@2@A
?_14@placeholders@std@@3V?$_Ph@$0O@@2@A
?_15@placeholders@std@@3V?$_Ph@$0P@@2@A
?_16@placeholders@std@@3V?$_Ph@$0BA@@2@A
?_17@placeholders@std@@3V?$_Ph@$0BB@@2@A
?_18@placeholders@std@@3V?$_Ph@$0BC@@2@A
?_19@placeholders@std@@3V?$_Ph@$0BD@@2@A
?_1@placeholders@std@@3V?$_Ph@$00@2@A
?_20@placeholders@std@@3V?$_Ph@$0BE@@2@A
?_2@placeholders@std@@3V?$_Ph@$01@2@A
?_3@placeholders@std@@3V?$_Ph@$02@2@A
?_4@placeholders@std@@3V?$_Ph@$03@2@A
?_5@placeholders@std@@3V?$_Ph@$04@2@A
?_6@placeholders@std@@3V?$_Ph@$05@2@A
?_7@placeholders@std@@3V?$_Ph@$06@2@A
?_8@placeholders@std@@3V?$_Ph@$07@2@A
?_9@placeholders@std@@3V?$_Ph@$08@2@A
?_Addcats@_Locinfo@std@@QEAAAEAV12@HPEBD@Z
?_Addfac@_Locimp@locale@std@@AEAAXPEAVfacet@23@_K@Z
?_Addstd@ios_base@std@@SAXPEAV12@@Z
?_Advance@_Concurrent_queue_iterator_base_v4@details@Concurrency@@IEAAXXZ
?_Assign@_Concurrent_queue_iterator_base_v4@details@Concurrency@@IEAAXAEBV123@@Z
?_Atexit@@YAXP6AXXZ@Z
?_BADOFF@std@@3_JB
?_Byte_reverse_table@details@Concurrency@@3QBEB
?_C_str@?$_Yarn@D@std@@QEBAPEBDXZ
?_C_str@?$_Yarn@_W@std@@QEBAPEB_WXZ
?_Callfns@ios_base@std@@AEAAXW4event@12@@Z
?_Clocptr@_Locimp@locale@std@@0PEAV123@EA
?_Close_dir@sys@tr2@std@@YAXPEAX@Z
?_Copy_file@sys@tr2@std@@YAHPEBD0_N@Z
?_Copy_file@sys@tr2@std@@YAHPEB_W0_N@Z
?_Current_get@sys@tr2@std@@YAPEADAEAY0BAE@D@Z
?_Current_get@sys@tr2@std@@YAPEA_WAEAY0BAE@_W@Z
?_Current_set@sys@tr2@std@@YA_NPEBD@Z
?_Current_set@sys@tr2@std@@YA_NPEB_W@Z
?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ
?_Donarrow@?$ctype@G@std@@IEBADGD@Z
?_Donarrow@?$ctype@_W@std@@IEBAD_WD@Z
?_Dowiden@?$ctype@G@std@@IEBAGD@Z
?_Dowiden@?$ctype@_W@std@@IEBA_WD@Z
?_Empty@?$_Yarn@D@std@@QEBA_NXZ
?_Empty@?$_Yarn@_W@std@@QEBA_NXZ
?_Equivalent@sys@tr2@std@@YAHPEBD0@Z
?_Equivalent@sys@tr2@std@@YAHPEB_W0@Z
?_Ffmt@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@AEBAPEADPEADDH@Z
?_Ffmt@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@AEBAPEADPEADDH@Z
?_Ffmt@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@AEBAPEADPEADDH@Z
?_File_size@sys@tr2@std@@YA_KPEBD@Z
?_File_size@sys@tr2@std@@YA_KPEB_W@Z
?_Findarr@ios_base@std@@AEAAAEAU_Iosarray@12@H@Z
?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z
?_Fiopen@std@@YAPEAU_iobuf@@PEBGHH@Z
?_Fiopen@std@@YAPEAU_iobuf@@PEB_WHH@Z
?_Fput@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@AEBA?AV?$ostreambuf_iterator@DU?$char_traits@D@std@@@2@V32@AEAVios_base@2@DPEBD_K333@Z
?_Fput@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@AEBA?AV?$ostreambuf_iterator@GU?$char_traits@G@std@@@2@V32@AEAVios_base@2@GPEBD_K333@Z
?_Fput@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@AEBA?AV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@2@V32@AEAVios_base@2@_WPEBD_K444@Z
?_Future_error_map@std@@YAPEBDH@Z
?_GetCombinableSize@details@Concurrency@@YA_KXZ
?_Getcat@?$codecvt@DDH@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$codecvt@GDH@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$codecvt@_WDH@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$ctype@D@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$ctype@G@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$ctype@_W@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@facet@locale@std@@SA_KPEAPEBV123@PEBV23@@Z
?_Getcoll@_Locinfo@std@@QEBA?AU_Collvec@@XZ
?_Getctype@_Locinfo@std@@QEBA?AU_Ctypevec@@XZ
?_Getcvt@_Locinfo@std@@QEBA?AU_Cvtvec@@XZ
?_Getdateorder@_Locinfo@std@@QEBAHXZ
?_Getdays@_Locinfo@std@@QEBAPEBDXZ
?_Getfalse@_Locinfo@std@@QEBAPEBDXZ
?_Getffld@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@AEBAHPEADAEAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@1AEAVios_base@2@PEAH@Z
?_Getffld@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@AEBAHPEADAEAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@1AEAVios_base@2@PEAH@Z
?_Getffld@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@AEBAHPEADAEAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@1AEAVios_base@2@PEAH@Z
?_Getffldx@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@AEBAHPEADAEAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@1AEAVios_base@2@PEAH@Z
?_Getffldx@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@AEBAHPEADAEAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@1AEAVios_base@2@PEAH@Z
?_Getffldx@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@AEBAHPEADAEAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@1AEAVios_base@2@PEAH@Z
?_Getfmt@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IEBA?AV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@V32@0AEAVios_base@2@AEAHPEAUtm@@PEBD@Z
?_Getfmt@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IEBA?AV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@V32@0AEAVios_base@2@AEAHPEAUtm@@PEBD@Z
?_Getfmt@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IEBA?AV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@V32@0AEAVios_base@2@AEAHPEAUtm@@PEBD@Z
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?_Getifld@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@AEBAHPEADAEAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@1HAEBVlocale@2@@Z
?_Getifld@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@AEBAHPEADAEAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@1HAEBVlocale@2@@Z
?_Getifld@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@AEBAHPEADAEAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@1HAEBVlocale@2@@Z
?_Getint@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@AEBAHAEAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@0HHAEAHAEBV?$ctype@D@2@@Z
?_Getint@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@AEBAHAEAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@0HHAEAHAEBV?$ctype@G@2@@Z
?_Getint@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@AEBAHAEAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@0HHAEAHAEBV?$ctype@_W@2@@Z

Sections

.text
Size: 336KB - Virtual size: 335KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 255KB - Virtual size: 255KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
msvcr120.dll
.dll windows:6 windows x64 arch:x64

8f18e22935ef8b336e246ee763fbec97

Code Sign

33:00:00:00:2b:39:32:48:c1:b2:c9:48:f3:00:00:00:00:00:2b
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/09/2012, 21:12

Not After

04/12/2013, 21:12

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:C0F4-3086-DEF8,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:00:b0:11:af:0a:8b:d0:3b:9f:dd:00:01:00:00:00:b0
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

24/01/2013, 22:33

Not After

24/04/2014, 22:33

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31/08/2010, 22:19

Not After

31/08/2020, 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:1a:77:bb:74:b3:07:d1:16:b8:00:00:00:00:00:1a
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

24/09/2013, 17:41

Not After

24/12/2014, 17:41

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

15:e0:66:18:5e:b7:4b:fa:b1:34:44:37:97:5b:34:90:6d:28:cd:b9:a6:50:cb:46:b6:fd:f2:79:01:22:e1:86
Signer

Actual PE Digest

15:e0:66:18:5e:b7:4b:fa:b1:34:44:37:97:5b:34:90:6d:28:cd:b9:a6:50:cb:46:b6:fd:f2:79:01:22:e1:86

Digest Algorithm

sha256

PE Digest Matches

true

81:46:2b:e1:eb:25:cd:19:c0:fc:7e:ef:fc:aa:78:2b:f7:34:ff:86
Signer

Actual PE Digest

81:46:2b:e1:eb:25:cd:19:c0:fc:7e:ef:fc:aa:78:2b:f7:34:ff:86

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

msvcr120.amd64.pdb

Imports

kernel32

EncodePointer
DecodePointer
RtlPcToFileHeader
RaiseException
GetLastError
ExitProcess
GetModuleHandleW
GetModuleHandleExW
GetProcAddress
AreFileApisANSI
MultiByteToWideChar
WideCharToMultiByte
GetCommandLineA
GetCommandLineW
GetCurrentThreadId
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetModuleFileNameA
SetLastError
GetCurrentThread
GetModuleFileNameW
GetStdHandle
WriteFile
FindClose
FindFirstFileExA
FindNextFileA
FindFirstFileExW
FindNextFileW
CloseHandle
CreateThread
ExitThread
ResumeThread
LoadLibraryExW
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GetDiskFreeSpaceA
GetLogicalDrives
SetErrorMode
Beep
Sleep
GetFullPathNameA
GetCurrentProcessId
GetFileAttributesExW
SetFileAttributesW
GetFullPathNameW
CreateDirectoryW
MoveFileExW
RemoveDirectoryW
GetDriveTypeW
DeleteFileW
SetEnvironmentVariableA
SetCurrentDirectoryA
GetCurrentDirectoryA
SetCurrentDirectoryW
GetCurrentDirectoryW
SetEnvironmentVariableW
WaitForSingleObject
GetExitCodeProcess
CreateProcessA
FreeLibrary
LoadLibraryExA
CreateProcessW
ReadFile
GetTempPathA
GetTempPathW
DuplicateHandle
GetCurrentProcess
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetLocalTime
LocalFileTimeToFileTime
SetFileTime
SystemTimeToFileTime
SetLocalTime
InterlockedPopEntrySList
InterlockedFlushSList
QueryDepthSList
InterlockedPushEntrySList
CreateTimerQueue
SetEvent
WaitForSingleObjectEx
UnregisterWait
TlsGetValue
SignalObjectAndWait
TlsSetValue
SetThreadPriority
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetNumaHighestNodeNumber
RegisterWaitForSingleObject
GetLogicalProcessorInformation
RtlCaptureStackBackTrace
GetThreadPriority
GetProcessAffinityMask
SetThreadAffinityMask
TlsAlloc
DeleteTimerQueueTimer
TlsFree
SwitchToThread
TryEnterCriticalSection
SetProcessAffinityMask
VirtualFree
GetVersionExW
VirtualAlloc
VirtualProtect
InitializeSListHead
ReleaseSemaphore
UnregisterWaitEx
IsProcessorFeaturePresent
LoadLibraryW
OutputDebugStringW
FreeLibraryAndExitThread
GetModuleHandleA
GetThreadTimes
CreateEventW
GetStringTypeW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
RtlLookupFunctionEntry
RtlUnwindEx
HeapFree
HeapAlloc
GetProcessHeap
HeapReAlloc
HeapSize
HeapQueryInformation
HeapValidate
HeapCompact
HeapWalk
GetSystemInfo
VirtualQuery
GetFileType
GetStartupInfoW
FileTimeToLocalFileTime
GetFileInformationByHandle
PeekNamedPipe
CreateFileW
GetConsoleMode
ReadConsoleW
GetConsoleCP
SetFilePointerEx
FlushFileBuffers
CreatePipe
SetStdHandle
GetNumberOfConsoleInputEvents
PeekConsoleInputA
ReadConsoleInputA
SetConsoleMode
ReadConsoleInputW
WriteConsoleW
SetEndOfFile
LockFileEx
UnlockFileEx
IsDebuggerPresent
RtlCaptureContext
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
TerminateProcess
GetTickCount
CreateSemaphoreW
SetConsoleCtrlHandler
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
OutputDebugStringA

Exports

Exports

$I10_OUTPUT
??0?$_SpinWait@$00@details@Concurrency@@QEAA@P6AXXZ@Z
??0?$_SpinWait@$0A@@details@Concurrency@@QEAA@P6AXXZ@Z
??0SchedulerPolicy@Concurrency@@QEAA@AEBV01@@Z
??0SchedulerPolicy@Concurrency@@QEAA@XZ
??0SchedulerPolicy@Concurrency@@QEAA@_KZZ
??0_Cancellation_beacon@details@Concurrency@@QEAA@XZ
??0_Condition_variable@details@Concurrency@@QEAA@XZ
??0_Context@details@Concurrency@@QEAA@PEAVContext@2@@Z
??0_Interruption_exception@details@Concurrency@@QEAA@PEBD@Z
??0_Interruption_exception@details@Concurrency@@QEAA@XZ
??0_NonReentrantBlockingLock@details@Concurrency@@QEAA@XZ
??0_NonReentrantPPLLock@details@Concurrency@@QEAA@XZ
??0_ReaderWriterLock@details@Concurrency@@QEAA@XZ
??0_ReentrantBlockingLock@details@Concurrency@@QEAA@XZ
??0_ReentrantLock@details@Concurrency@@QEAA@XZ
??0_ReentrantPPLLock@details@Concurrency@@QEAA@XZ
??0_Scheduler@details@Concurrency@@QEAA@PEAVScheduler@2@@Z
??0_Scoped_lock@_NonReentrantPPLLock@details@Concurrency@@QEAA@AEAV123@@Z
??0_Scoped_lock@_ReentrantPPLLock@details@Concurrency@@QEAA@AEAV123@@Z
??0_SpinLock@details@Concurrency@@QEAA@AECJ@Z
??0_StructuredTaskCollection@details@Concurrency@@QEAA@PEAV_CancellationTokenState@12@@Z
??0_TaskCollection@details@Concurrency@@QEAA@PEAV_CancellationTokenState@12@@Z
??0_TaskCollection@details@Concurrency@@QEAA@XZ
??0_Timer@details@Concurrency@@IEAA@I_N@Z
??0__non_rtti_object@std@@QEAA@AEBV01@@Z
??0__non_rtti_object@std@@QEAA@PEBD@Z
??0bad_cast@std@@AEAA@PEBQEBD@Z
??0bad_cast@std@@QEAA@AEBV01@@Z
??0bad_cast@std@@QEAA@PEBD@Z
??0bad_target@Concurrency@@QEAA@PEBD@Z
??0bad_target@Concurrency@@QEAA@XZ
??0bad_typeid@std@@QEAA@AEBV01@@Z
??0bad_typeid@std@@QEAA@PEBD@Z
??0context_self_unblock@Concurrency@@QEAA@PEBD@Z
??0context_self_unblock@Concurrency@@QEAA@XZ
??0context_unblock_unbalanced@Concurrency@@QEAA@PEBD@Z
??0context_unblock_unbalanced@Concurrency@@QEAA@XZ
??0critical_section@Concurrency@@QEAA@XZ
??0default_scheduler_exists@Concurrency@@QEAA@PEBD@Z
??0default_scheduler_exists@Concurrency@@QEAA@XZ
??0event@Concurrency@@QEAA@XZ
??0exception@std@@QEAA@AEBQEBD@Z
??0exception@std@@QEAA@AEBQEBDH@Z
??0exception@std@@QEAA@AEBV01@@Z
??0exception@std@@QEAA@XZ
??0improper_lock@Concurrency@@QEAA@PEBD@Z
??0improper_lock@Concurrency@@QEAA@XZ
??0improper_scheduler_attach@Concurrency@@QEAA@PEBD@Z
??0improper_scheduler_attach@Concurrency@@QEAA@XZ
??0improper_scheduler_detach@Concurrency@@QEAA@PEBD@Z
??0improper_scheduler_detach@Concurrency@@QEAA@XZ
??0improper_scheduler_reference@Concurrency@@QEAA@PEBD@Z
??0improper_scheduler_reference@Concurrency@@QEAA@XZ
??0invalid_link_target@Concurrency@@QEAA@PEBD@Z
??0invalid_link_target@Concurrency@@QEAA@XZ
??0invalid_multiple_scheduling@Concurrency@@QEAA@PEBD@Z
??0invalid_multiple_scheduling@Concurrency@@QEAA@XZ
??0invalid_operation@Concurrency@@QEAA@PEBD@Z
??0invalid_operation@Concurrency@@QEAA@XZ
??0invalid_oversubscribe_operation@Concurrency@@QEAA@PEBD@Z
??0invalid_oversubscribe_operation@Concurrency@@QEAA@XZ
??0invalid_scheduler_policy_key@Concurrency@@QEAA@PEBD@Z
??0invalid_scheduler_policy_key@Concurrency@@QEAA@XZ
??0invalid_scheduler_policy_thread_specification@Concurrency@@QEAA@PEBD@Z
??0invalid_scheduler_policy_thread_specification@Concurrency@@QEAA@XZ
??0invalid_scheduler_policy_value@Concurrency@@QEAA@PEBD@Z
??0invalid_scheduler_policy_value@Concurrency@@QEAA@XZ
??0message_not_found@Concurrency@@QEAA@PEBD@Z
??0message_not_found@Concurrency@@QEAA@XZ
??0missing_wait@Concurrency@@QEAA@PEBD@Z
??0missing_wait@Concurrency@@QEAA@XZ
??0nested_scheduler_missing_detach@Concurrency@@QEAA@PEBD@Z
??0nested_scheduler_missing_detach@Concurrency@@QEAA@XZ
??0operation_timed_out@Concurrency@@QEAA@PEBD@Z
??0operation_timed_out@Concurrency@@QEAA@XZ
??0reader_writer_lock@Concurrency@@QEAA@XZ
??0scheduler_not_attached@Concurrency@@QEAA@PEBD@Z
??0scheduler_not_attached@Concurrency@@QEAA@XZ
??0scheduler_resource_allocation_error@Concurrency@@QEAA@J@Z
??0scheduler_resource_allocation_error@Concurrency@@QEAA@PEBDJ@Z
??0scheduler_worker_creation_error@Concurrency@@QEAA@J@Z
??0scheduler_worker_creation_error@Concurrency@@QEAA@PEBDJ@Z
??0scoped_lock@critical_section@Concurrency@@QEAA@AEAV12@@Z
??0scoped_lock@reader_writer_lock@Concurrency@@QEAA@AEAV12@@Z
??0scoped_lock_read@reader_writer_lock@Concurrency@@QEAA@AEAV12@@Z
??0task_canceled@Concurrency@@QEAA@PEBD@Z
??0task_canceled@Concurrency@@QEAA@XZ
??0unsupported_os@Concurrency@@QEAA@PEBD@Z
??0unsupported_os@Concurrency@@QEAA@XZ
??1SchedulerPolicy@Concurrency@@QEAA@XZ
??1_Cancellation_beacon@details@Concurrency@@QEAA@XZ
??1_Condition_variable@details@Concurrency@@QEAA@XZ
??1_NonReentrantBlockingLock@details@Concurrency@@QEAA@XZ
??1_ReentrantBlockingLock@details@Concurrency@@QEAA@XZ
??1_Scoped_lock@_NonReentrantPPLLock@details@Concurrency@@QEAA@XZ
??1_Scoped_lock@_ReentrantPPLLock@details@Concurrency@@QEAA@XZ
??1_SpinLock@details@Concurrency@@QEAA@XZ
??1_StructuredTaskCollection@details@Concurrency@@QEAA@XZ
??1_TaskCollection@details@Concurrency@@QEAA@XZ
??1_Timer@details@Concurrency@@MEAA@XZ
??1__non_rtti_object@std@@UEAA@XZ
??1bad_cast@std@@UEAA@XZ
??1bad_typeid@std@@UEAA@XZ
??1critical_section@Concurrency@@QEAA@XZ
??1event@Concurrency@@QEAA@XZ
??1exception@std@@UEAA@XZ
??1reader_writer_lock@Concurrency@@QEAA@XZ
??1scoped_lock@critical_section@Concurrency@@QEAA@XZ
??1scoped_lock@reader_writer_lock@Concurrency@@QEAA@XZ
??1scoped_lock_read@reader_writer_lock@Concurrency@@QEAA@XZ
??1type_info@@UEAA@XZ
??2@YAPEAX_K@Z
??2@YAPEAX_KHPEBDH@Z
??3@YAXPEAX@Z
??3@YAXPEAXHPEBDH@Z
??4?$_SpinWait@$00@details@Concurrency@@QEAAAEAV012@AEBV012@@Z
??4?$_SpinWait@$0A@@details@Concurrency@@QEAAAEAV012@AEBV012@@Z
??4SchedulerPolicy@Concurrency@@QEAAAEAV01@AEBV01@@Z
??4__non_rtti_object@std@@QEAAAEAV01@AEBV01@@Z
??4bad_cast@std@@QEAAAEAV01@AEBV01@@Z
??4bad_typeid@std@@QEAAAEAV01@AEBV01@@Z
??4exception@std@@QEAAAEAV01@AEBV01@@Z
??8type_info@@QEBA_NAEBV0@@Z
??9type_info@@QEBA_NAEBV0@@Z
??_7__non_rtti_object@std@@6B@
??_7bad_cast@std@@6B@
??_7bad_typeid@std@@6B@
??_7exception@std@@6B@
??_F?$_SpinWait@$00@details@Concurrency@@QEAAXXZ
??_F?$_SpinWait@$0A@@details@Concurrency@@QEAAXXZ
??_F_Context@details@Concurrency@@QEAAXXZ
??_F_Scheduler@details@Concurrency@@QEAAXXZ
??_Fbad_cast@std@@QEAAXXZ
??_Fbad_typeid@std@@QEAAXXZ
??_U@YAPEAX_K@Z
??_U@YAPEAX_KHPEBDH@Z
??_V@YAXPEAX@Z
??_V@YAXPEAXHPEBDH@Z
?Alloc@Concurrency@@YAPEAX_K@Z
?Block@Context@Concurrency@@SAXXZ
?CaptureCallstack@platform@details@Concurrency@@YA_KPEAPEAX_K1@Z
?Create@CurrentScheduler@Concurrency@@SAXAEBVSchedulerPolicy@2@@Z
?Create@Scheduler@Concurrency@@SAPEAV12@AEBVSchedulerPolicy@2@@Z
?CreateResourceManager@Concurrency@@YAPEAUIResourceManager@1@XZ
?CreateScheduleGroup@CurrentScheduler@Concurrency@@SAPEAVScheduleGroup@2@AEAVlocation@2@@Z
?CreateScheduleGroup@CurrentScheduler@Concurrency@@SAPEAVScheduleGroup@2@XZ
?CurrentContext@Context@Concurrency@@SAPEAV12@XZ
?Detach@CurrentScheduler@Concurrency@@SAXXZ
?DisableTracing@Concurrency@@YAJXZ
?EnableTracing@Concurrency@@YAJXZ
?Free@Concurrency@@YAXPEAX@Z
?Get@CurrentScheduler@Concurrency@@SAPEAVScheduler@2@XZ
?GetCurrentThreadId@platform@details@Concurrency@@YAJXZ
?GetExecutionContextId@Concurrency@@YAIXZ
?GetNumberOfVirtualProcessors@CurrentScheduler@Concurrency@@SAIXZ
?GetOSVersion@Concurrency@@YA?AW4OSVersion@IResourceManager@1@XZ
?GetPolicy@CurrentScheduler@Concurrency@@SA?AVSchedulerPolicy@2@XZ
?GetPolicyValue@SchedulerPolicy@Concurrency@@QEBAIW4PolicyElementKey@2@@Z
?GetProcessorCount@Concurrency@@YAIXZ
?GetProcessorNodeCount@Concurrency@@YAIXZ
?GetSchedulerId@Concurrency@@YAIXZ
?GetSharedTimerQueue@details@Concurrency@@YAPEAXXZ
?Id@Context@Concurrency@@SAIXZ
?Id@CurrentScheduler@Concurrency@@SAIXZ
?IsAvailableLocation@CurrentScheduler@Concurrency@@SA_NAEBVlocation@2@@Z
?IsCurrentTaskCollectionCanceling@Context@Concurrency@@SA_NXZ
?Log2@details@Concurrency@@YAK_K@Z
?Oversubscribe@Context@Concurrency@@SAX_N@Z
?RegisterShutdownEvent@CurrentScheduler@Concurrency@@SAXPEAX@Z
?ResetDefaultSchedulerPolicy@Scheduler@Concurrency@@SAXXZ
?ScheduleGroupId@Context@Concurrency@@SAIXZ
?ScheduleTask@CurrentScheduler@Concurrency@@SAXP6AXPEAX@Z0@Z
?ScheduleTask@CurrentScheduler@Concurrency@@SAXP6AXPEAX@Z0AEAVlocation@2@@Z
?SetConcurrencyLimits@SchedulerPolicy@Concurrency@@QEAAXII@Z
?SetDefaultSchedulerPolicy@Scheduler@Concurrency@@SAXAEBVSchedulerPolicy@2@@Z
?SetPolicyValue@SchedulerPolicy@Concurrency@@QEAAIW4PolicyElementKey@2@I@Z
?VirtualProcessorId@Context@Concurrency@@SAIXZ
?Yield@Context@Concurrency@@SAXXZ
?_Abort@_StructuredTaskCollection@details@Concurrency@@AEAAXXZ
?_Acquire@_NonReentrantBlockingLock@details@Concurrency@@QEAAXXZ
?_Acquire@_NonReentrantPPLLock@details@Concurrency@@QEAAXPEAX@Z
?_Acquire@_ReentrantBlockingLock@details@Concurrency@@QEAAXXZ
?_Acquire@_ReentrantLock@details@Concurrency@@QEAAXXZ
?_Acquire@_ReentrantPPLLock@details@Concurrency@@QEAAXPEAX@Z
?_AcquireRead@_ReaderWriterLock@details@Concurrency@@QEAAXXZ
?_AcquireWrite@_ReaderWriterLock@details@Concurrency@@QEAAXXZ
?_Cancel@_StructuredTaskCollection@details@Concurrency@@QEAAXXZ
?_Cancel@_TaskCollection@details@Concurrency@@QEAAXXZ
?_CheckTaskCollection@_UnrealizedChore@details@Concurrency@@IEAAXXZ
?_CleanupToken@_StructuredTaskCollection@details@Concurrency@@AEAAXXZ
?_ConcRT_CoreAssert@details@Concurrency@@YAXPEBD0H@Z
?_ConcRT_Trace@details@Concurrency@@YAXHPEB_WZZ
?_Confirm_cancel@_Cancellation_beacon@details@Concurrency@@QEAA_NXZ
?_Copy_str@exception@std@@AEAAXPEBD@Z
?_CurrentContext@_Context@details@Concurrency@@SA?AV123@XZ
?_Current_node@location@Concurrency@@SA?AV12@XZ
?_Destroy@_AsyncTaskCollection@details@Concurrency@@EEAAXXZ
?_DoYield@?$_SpinWait@$00@details@Concurrency@@IEAAXXZ
?_DoYield@?$_SpinWait@$0A@@details@Concurrency@@IEAAXXZ
?_Get@_CurrentScheduler@details@Concurrency@@SA?AV_Scheduler@23@XZ
?_GetConcRTTraceInfo@Concurrency@@YAPEBU_CONCRT_TRACE_INFO@details@1@XZ
?_GetConcurrency@details@Concurrency@@YAIXZ
?_GetCurrentInlineDepth@_StackGuard@details@Concurrency@@CAAEA_KXZ
?_GetNumberOfVirtualProcessors@_CurrentScheduler@details@Concurrency@@SAIXZ
?_GetScheduler@_Scheduler@details@Concurrency@@QEAAPEAVScheduler@3@XZ
?_Id@_CurrentScheduler@details@Concurrency@@SAIXZ
?_IsCanceling@_StructuredTaskCollection@details@Concurrency@@QEAA_NXZ
?_IsCanceling@_TaskCollection@details@Concurrency@@QEAA_NXZ
?_IsSynchronouslyBlocked@_Context@details@Concurrency@@QEBA_NXZ
?_Name_base@type_info@@CAPEBDPEBV1@PEAU__type_info_node@@@Z
?_Name_base_internal@type_info@@CAPEBDPEBV1@PEAU__type_info_node@@@Z
?_NewCollection@_AsyncTaskCollection@details@Concurrency@@SAPEAV123@PEAV_CancellationTokenState@23@@Z
?_NumberOfSpins@?$_SpinWait@$00@details@Concurrency@@IEAAKXZ
?_NumberOfSpins@?$_SpinWait@$0A@@details@Concurrency@@IEAAKXZ
?_Oversubscribe@_Context@details@Concurrency@@SAX_N@Z
?_Reference@_Scheduler@details@Concurrency@@QEAAIXZ
?_Release@_NonReentrantBlockingLock@details@Concurrency@@QEAAXXZ
?_Release@_NonReentrantPPLLock@details@Concurrency@@QEAAXXZ
?_Release@_ReentrantBlockingLock@details@Concurrency@@QEAAXXZ
?_Release@_ReentrantLock@details@Concurrency@@QEAAXXZ
?_Release@_ReentrantPPLLock@details@Concurrency@@QEAAXXZ
?_Release@_Scheduler@details@Concurrency@@QEAAIXZ
?_ReleaseRead@_ReaderWriterLock@details@Concurrency@@QEAAXXZ
?_ReleaseWrite@_ReaderWriterLock@details@Concurrency@@QEAAXXZ
?_ReportUnobservedException@details@Concurrency@@YAXXZ
?_Reset@?$_SpinWait@$00@details@Concurrency@@IEAAXXZ
?_Reset@?$_SpinWait@$0A@@details@Concurrency@@IEAAXXZ
?_RunAndWait@_StructuredTaskCollection@details@Concurrency@@QEAA?AW4_TaskCollectionStatus@23@PEAV_UnrealizedChore@23@@Z
?_RunAndWait@_TaskCollection@details@Concurrency@@QEAA?AW4_TaskCollectionStatus@23@PEAV_UnrealizedChore@23@@Z
?_Schedule@_StructuredTaskCollection@details@Concurrency@@QEAAXPEAV_UnrealizedChore@23@@Z
?_Schedule@_StructuredTaskCollection@details@Concurrency@@QEAAXPEAV_UnrealizedChore@23@PEAVlocation@3@@Z
?_Schedule@_TaskCollection@details@Concurrency@@QEAAXPEAV_UnrealizedChore@23@@Z
?_Schedule@_TaskCollection@details@Concurrency@@QEAAXPEAV_UnrealizedChore@23@PEAVlocation@3@@Z
?_ScheduleTask@_CurrentScheduler@details@Concurrency@@SAXP6AXPEAX@Z0@Z
?_SetSpinCount@?$_SpinWait@$00@details@Concurrency@@QEAAXI@Z
?_SetSpinCount@?$_SpinWait@$0A@@details@Concurrency@@QEAAXI@Z
?_SetUnobservedExceptionHandler@details@Concurrency@@YAXP6AXXZ@Z
?_ShouldSpinAgain@?$_SpinWait@$00@details@Concurrency@@IEAA_NXZ
?_ShouldSpinAgain@?$_SpinWait@$0A@@details@Concurrency@@IEAA_NXZ
?_SpinOnce@?$_SpinWait@$00@details@Concurrency@@QEAA_NXZ
?_SpinOnce@?$_SpinWait@$0A@@details@Concurrency@@QEAA_NXZ
?_SpinYield@Context@Concurrency@@SAXXZ
?_Start@_Timer@details@Concurrency@@IEAAXXZ
?_Stop@_Timer@details@Concurrency@@IEAAXXZ
?_Tidy@exception@std@@AEAAXXZ
?_Trace_agents@Concurrency@@YAXW4Agents_EventType@1@_JZZ
?_Trace_ppl_function@Concurrency@@YAXAEBU_GUID@@EW4ConcRT_EventType@1@@Z
?_TryAcquire@_NonReentrantBlockingLock@details@Concurrency@@QEAA_NXZ
?_TryAcquire@_ReentrantBlockingLock@details@Concurrency@@QEAA_NXZ
?_TryAcquire@_ReentrantLock@details@Concurrency@@QEAA_NXZ
?_TryAcquireWrite@_ReaderWriterLock@details@Concurrency@@QEAA_NXZ
?_Type_info_dtor@type_info@@CAXPEAV1@@Z
?_Type_info_dtor_internal@type_info@@CAXPEAV1@@Z
?_UnderlyingYield@details@Concurrency@@YAXXZ
?_ValidateExecute@@YAHP6A_JXZ@Z
?_ValidateRead@@YAHPEBXI@Z
?_ValidateWrite@@YAHPEAXI@Z
?_Value@_SpinCount@details@Concurrency@@SAIXZ
?_Yield@_Context@details@Concurrency@@SAXXZ
?__ExceptionPtrAssign@@YAXPEAXPEBX@Z
?__ExceptionPtrCompare@@YA_NPEBX0@Z
?__ExceptionPtrCopy@@YAXPEAXPEBX@Z
?__ExceptionPtrCopyException@@YAXPEAXPEBX1@Z
?__ExceptionPtrCreate@@YAXPEAX@Z
?__ExceptionPtrCurrentException@@YAXPEAX@Z
?__ExceptionPtrDestroy@@YAXPEAX@Z
?__ExceptionPtrRethrow@@YAXPEBX@Z
?__ExceptionPtrSwap@@YAXPEAX0@Z
?__ExceptionPtrToBool@@YA_NPEBX@Z
?_inconsistency@@YAXXZ
?_invalid_parameter@@YAXPEBG00I_K@Z
?_is_exception_typeof@@YAHAEBVtype_info@@PEAU_EXCEPTION_POINTERS@@@Z
?_name_internal_method@type_info@@QEBAPEBDPEAU__type_info_node@@@Z
?_open@@YAHPEBDHH@Z
?_query_new_handler@@YAP6AH_K@ZXZ
?_query_new_mode@@YAHXZ
?_set_new_handler@@YAP6AH_K@ZH@Z
?_set_new_handler@@YAP6AH_K@ZP6AH0@Z@Z
?_set_new_mode@@YAHH@Z
?_set_se_translator@@YAP6AXIPEAU_EXCEPTION_POINTERS@@@ZH@Z
?_set_se_translator@@YAP6AXIPEAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
?_sopen@@YAHPEBDHHH@Z
?_type_info_dtor_internal_method@type_info@@QEAAXXZ
?_wopen@@YAHPEB_WHH@Z
?_wsopen@@YAHPEB_WHHH@Z
?before@type_info@@QEBA_NAEBV1@@Z
?current@location@Concurrency@@SA?AV12@XZ
?from_numa_node@location@Concurrency@@SA?AV12@G@Z
?get_error_code@scheduler_resource_allocation_error@Concurrency@@QEBAJXZ
?lock@critical_section@Concurrency@@QEAAXXZ
?lock@reader_writer_lock@Concurrency@@QEAAXXZ
?lock_read@reader_writer_lock@Concurrency@@QEAAXXZ
?name@type_info@@QEBAPEBDPEAU__type_info_node@@@Z
?native_handle@critical_section@Concurrency@@QEAAAEAV12@XZ
?notify_all@_Condition_variable@details@Concurrency@@QEAAXXZ
?notify_one@_Condition_variable@details@Concurrency@@QEAAXXZ
?raw_name@type_info@@QEBAPEBDXZ
?reset@event@Concurrency@@QEAAXXZ
?set@event@Concurrency@@QEAAXXZ
?set_new_handler@@YAP6AXXZP6AXXZ@Z
?set_task_execution_resources@Concurrency@@YAXGPEAU_GROUP_AFFINITY@@@Z
?set_task_execution_resources@Concurrency@@YAX_K@Z
?set_terminate@@YAP6AXXZH@Z
?set_terminate@@YAP6AXXZP6AXXZ@Z
?set_unexpected@@YAP6AXXZH@Z
?set_unexpected@@YAP6AXXZP6AXXZ@Z
?terminate@@YAXXZ
?try_lock@critical_section@Concurrency@@QEAA_NXZ
?try_lock@reader_writer_lock@Concurrency@@QEAA_NXZ
?try_lock_for@critical_section@Concurrency@@QEAA_NI@Z
?try_lock_read@reader_writer_lock@Concurrency@@QEAA_NXZ
?unexpected@@YAXXZ
?unlock@critical_section@Concurrency@@QEAAXXZ
?unlock@reader_writer_lock@Concurrency@@QEAAXXZ
?wait@Concurrency@@YAXI@Z
?wait@_Condition_variable@details@Concurrency@@QEAAXAEAVcritical_section@3@@Z
?wait@event@Concurrency@@QEAA_KI@Z
?wait_for@_Condition_variable@details@Concurrency@@QEAA_NAEAVcritical_section@3@I@Z
?wait_for_multiple@event@Concurrency@@SA_KPEAPEAV12@_K_NI@Z
?what@exception@std@@UEBAPEBDXZ
_CRT_RTC_INIT
_CRT_RTC_INITW
_Cbuild
_CreateFrameInfo
_CxxThrowException
_FCbuild
_FindAndUnlinkFrame
_GetImageBase
_GetThrowImageBase
_Getdays
_Getmonths
_Gettnames
_HUGE
_IsExceptionObjectToBeDestroyed
_LCbuild
_SetImageBase
_SetThrowImageBase
_SetWinRTOutOfMemoryExceptionCallback
_Strftime
_W_Getdays
_W_Getmonths
_W_Gettnames
_Wcsftime
_XcptFilter
__AdjustPointer
__BuildCatchObject
__BuildCatchObjectHelper
__C_specific_handler
__CppXcptFilter
__CxxDetectRethrow
__CxxExceptionFilter
__CxxFrameHandler
__CxxFrameHandler2
__CxxFrameHandler3
__CxxQueryExceptionSize
__CxxRegisterExceptionObject
__CxxUnregisterExceptionObject
__DestructExceptionObject
__FrameUnwindFilter
__GetPlatformExceptionInfo
__NLG_Dispatch2
__NLG_Return2
__RTCastToVoid
__RTDynamicCast
__RTtypeid
__STRINGTOLD
__STRINGTOLD_L
__TypeMatch
___lc_codepage_func
___lc_collate_cp_func
___lc_locale_name_func
___mb_cur_max_func
___mb_cur_max_l_func
___setlc_active_func
___unguarded_readlc_active_add_func
__argc
__argv
__badioinfo
__clean_type_info_names_internal
__create_locale
__crtCaptureCurrentContext
__crtCapturePreviousContext
__crtCompareStringA
__crtCompareStringEx
__crtCompareStringW
__crtCreateEventExW
__crtCreateSemaphoreExW
__crtCreateSymbolicLinkW
__crtEnumSystemLocalesEx
__crtFlsAlloc
__crtFlsFree
__crtFlsGetValue
__crtFlsSetValue
__crtGetDateFormatEx
__crtGetFileInformationByHandleEx
__crtGetLocaleInfoEx
__crtGetShowWindowMode
__crtGetTickCount64
__crtGetTimeFormatEx
__crtGetUserDefaultLocaleName
__crtInitializeCriticalSectionEx
__crtIsPackagedApp
__crtIsValidLocaleName
__crtLCMapStringA
__crtLCMapStringEx
__crtLCMapStringW
__crtSetFileInformationByHandle
__crtSetThreadStackGuarantee
__crtSetUnhandledExceptionFilter
__crtSleep
__crtTerminateProcess
__crtUnhandledException
__crt_debugger_hook
__daylight
__dllonexit
__doserrno
__dstbias
__fpecode
__free_locale
__get_current_locale
__get_flsindex
__get_tlsindex
__getmainargs
__initenv
__iob_func
__isascii
__iscsym
__iscsymf
__iswcsym
__iswcsymf
__lconv
__lconv_init
__mb_cur_max
__p___argc
__p___argv
__p___initenv
__p___mb_cur_max
__p___wargv
__p___winitenv
__p__acmdln
__p__commode
__p__daylight
__p__dstbias
__p__environ
__p__fmode
__p__iob
__p__mbcasemap
__p__mbctype
__p__pctype
__p__pgmptr
__p__pwctype
__p__timezone
__p__tzname
__p__wcmdln
__p__wenviron
__p__wpgmptr
__pctype_func
__pioinfo
__pwctype_func
__pxcptinfoptrs
__report_gsfailure
__set_app_type
__setlc_active
__setusermatherr
__strncnt
__swprintf_l
__sys_errlist
__sys_nerr
__threadhandle
__threadid
__timezone
__toascii
__tzname
__unDName
__unDNameEx
__unDNameHelper
__uncaught_exception
__unguarded_readlc_active
__vswprintf_l
__wargv
__wcserror
__wcserror_s
__wcsncnt
__wgetmainargs
__winitenv
_abs64
_access
_access_s
_acmdln
_aligned_free
_aligned_malloc
_aligned_msize
_aligned_offset_malloc
_aligned_offset_realloc
_aligned_offset_recalloc
_aligned_realloc
_aligned_recalloc
_amsg_exit
_assert

Sections

.text
Size: 666KB - Virtual size: 665KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 206KB - Virtual size: 206KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c552a31531df962b2298e689961d15c2

Code Sign

0b:d8:a6:92:ce:d9:a1:8c:53:0f:a8:5d:55:72:c0:d4Certificate

Extended Key Usages

Key Usages

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66Certificate

Extended Key Usages

Key Usages

0f:a8:49:06:15:d7:00:a0:be:21:76:fd:c5:ec:6d:bdCertificate

Extended Key Usages

Key Usages

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1bCertificate

Extended Key Usages

Key Usages

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08Certificate

Extended Key Usages

Key Usages

09:eb:8e:00:26:88:42:f0:dc:0c:60:43:a6:d5:61:91Certificate

Extended Key Usages

Key Usages

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6dCertificate

Extended Key Usages

Key Usages

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate

Extended Key Usages

Key Usages

6f:9f:72:42:59:52:88:31:20:26:79:49:db:3a:e8:a3:9c:75:cc:00:19:38:8a:e4:ae:e7:7f:5a:ff:87:89:26Signer

d4:69:ca:74:bb:44:6b:5c:09:b6:0c:46:f8:c2:4d:e5:04:3d:c1:9fSigner

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

Sections

.text Size: 43KB - Virtual size: 43KB

.rdata Size: 7KB - Virtual size: 7KB

.data Size: 512B - Virtual size: 173KB

.CRT Size: 512B - Virtual size: 4B

.ndata Size: - Virtual size: 320KB

.rsrc Size: 17KB - Virtual size: 17KB

51dcb9e351489e3c75db9c583e4f741e

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate

Extended Key Usages

Key Usages

1b:09:3b:78:60:96:da:37:bb:a4:51:94:46:c8:96:78Certificate

Key Usages

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate

Extended Key Usages

Key Usages

75:07:30:67:30:94:f3:8c:a9:f0:7e:06:e5:74:fb:dfCertificate

Extended Key Usages

Key Usages

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7Certificate

Extended Key Usages

Key Usages

1b:09:3b:78:60:96:da:37:bb:a4:51:94:46:c8:96:78Certificate

Key Usages

67:1d:31:6b:f6:0f:35:75:5f:07:23:72:de:ef:8f:e5Certificate

Extended Key Usages

Key Usages

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2aCertificate

Extended Key Usages

Key Usages

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12Certificate

Extended Key Usages

Key Usages

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12Certificate

Extended Key Usages

0b:d8:a6:92:ce:d9:a1:8c:53:0f:a8:5d:55:72:c0:d4
Certificate

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

0f:a8:49:06:15:d7:00:a0:be:21:76:fd:c5:ec:6d:bd
Certificate

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

09:eb:8e:00:26:88:42:f0:dc:0c:60:43:a6:d5:61:91
Certificate

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

6f:9f:72:42:59:52:88:31:20:26:79:49:db:3a:e8:a3:9c:75:cc:00:19:38:8a:e4:ae:e7:7f:5a:ff:87:89:26
Signer

d4:69:ca:74:bb:44:6b:5c:09:b6:0c:46:f8:c2:4d:e5:04:3d:c1:9f
Signer

.text
Size: 43KB - Virtual size: 43KB

.rdata
Size: 7KB - Virtual size: 7KB

.data
Size: 512B - Virtual size: 173KB

.CRT
Size: 512B - Virtual size: 4B

.ndata
Size: - Virtual size: 320KB

.rsrc
Size: 17KB - Virtual size: 17KB

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

1b:09:3b:78:60:96:da:37:bb:a4:51:94:46:c8:96:78
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

75:07:30:67:30:94:f3:8c:a9:f0:7e:06:e5:74:fb:df
Certificate

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

1b:09:3b:78:60:96:da:37:bb:a4:51:94:46:c8:96:78
Certificate

67:1d:31:6b:f6:0f:35:75:5f:07:23:72:de:ef:8f:e5
Certificate

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

65:08:aa:36:91:40:46:7d:8c:6a:e1:41:32:75:59:fa:fa:3a:c2:5d:a5:a8:1e:78:a6:2c:45:35:51:db:fc:5b
Signer

c7:04:68:8e:2d:af:32:1f:11:84:11:7d:e5:cc:9c:a9:c5:9a:b2:47
Signer

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 470KB - Virtual size: 470KB

.data
Size: 87KB - Virtual size: 100KB

.pdata
Size: 69KB - Virtual size: 68KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 32KB - Virtual size: 32KB

0d:70:a1:7d:75:6f:ec:88:85:9a:29:46:be:d7:69:44
Certificate

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

0f:a8:49:06:15:d7:00:a0:be:21:76:fd:c5:ec:6d:bd
Certificate

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

01:40:74:8d:43:58:a1:47:81:d6:a9:c3:07:b3:aa:9c
Certificate

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

98:a0:19:cd:f7:ae:11:f0:cc:31:cc:fc:86:26:cd:05:45:98:0d:44:3b:84:35:9e:88:a0:97:63:c7:de:8f:c7
Signer

50:fb:fc:00:a5:d3:9d:c7:ca:bf:e8:5a:80:3a:5e:69:d8:72:cb:e2
Signer